@stytch/react 20.0.0-next.5 → 20.0.0-next.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (312) hide show
  1. package/CHANGELOG.md +6 -0
  2. package/dist/cjs/StytchSSRProxy-Bz6LNYdq.js.map +1 -1
  3. package/dist/cjs/adminPortal/index.cjs +2 -2
  4. package/dist/cjs/b2b/index.cjs +10 -7
  5. package/dist/cjs/b2b/index.cjs.map +1 -1
  6. package/dist/cjs/b2b/index.headless.cjs +456 -496
  7. package/dist/cjs/b2b/index.headless.cjs.map +1 -1
  8. package/dist/cjs/{idpHelpers-Bj_7pbfW.js → idpHelpers-UZaYQqT8.js} +111 -129
  9. package/dist/cjs/{idpHelpers-Bj_7pbfW.js.map → idpHelpers-UZaYQqT8.js.map} +1 -1
  10. package/dist/cjs/{index-BIjXBvf_.js → index-MDH3lelI.js} +2 -2
  11. package/dist/cjs/{index-BIjXBvf_.js.map → index-MDH3lelI.js.map} +1 -1
  12. package/dist/cjs/index.cjs +18 -14
  13. package/dist/cjs/index.cjs.map +1 -1
  14. package/dist/cjs/index.headless.cjs +401 -448
  15. package/dist/cjs/index.headless.cjs.map +1 -1
  16. package/dist/cjs/{passwordManagerDisableAutofillProps-DV31RTL_.js → passwordManagerDisableAutofillProps-BzR1GTDj.js} +42 -33
  17. package/dist/cjs/passwordManagerDisableAutofillProps-BzR1GTDj.js.map +1 -0
  18. package/dist/cjs/{shadcn-aVU6Lm9q.js → shadcn-BNtf3uZr.js} +7 -6
  19. package/dist/cjs/shadcn-BNtf3uZr.js.map +1 -0
  20. package/dist/cjs-dev/adminPortal/index.cjs +2 -2
  21. package/dist/cjs-dev/b2b/index.cjs +10 -7
  22. package/dist/cjs-dev/b2b/index.cjs.map +1 -1
  23. package/dist/cjs-dev/b2b/index.headless.cjs +468 -508
  24. package/dist/cjs-dev/b2b/index.headless.cjs.map +1 -1
  25. package/dist/cjs-dev/dev-DaCGDI6V.js.map +1 -1
  26. package/dist/cjs-dev/{idpHelpers-DOYYSxsX.js → idpHelpers-CVk39K69.js} +111 -129
  27. package/dist/cjs-dev/{idpHelpers-DOYYSxsX.js.map → idpHelpers-CVk39K69.js.map} +1 -1
  28. package/dist/cjs-dev/{index-rquGmIlv.js → index-BDTK8QN0.js} +2 -2
  29. package/dist/cjs-dev/{index-rquGmIlv.js.map → index-BDTK8QN0.js.map} +1 -1
  30. package/dist/cjs-dev/index.cjs +18 -14
  31. package/dist/cjs-dev/index.cjs.map +1 -1
  32. package/dist/cjs-dev/index.headless.cjs +405 -452
  33. package/dist/cjs-dev/index.headless.cjs.map +1 -1
  34. package/dist/cjs-dev/{passwordManagerDisableAutofillProps-CgiK2M_U.js → passwordManagerDisableAutofillProps--FLcEDiY.js} +42 -33
  35. package/dist/cjs-dev/passwordManagerDisableAutofillProps--FLcEDiY.js.map +1 -0
  36. package/dist/cjs-dev/{shadcn-DMk6ZSoD.js → shadcn-CvmoCuzj.js} +9 -8
  37. package/dist/cjs-dev/shadcn-CvmoCuzj.js.map +1 -0
  38. package/dist/esm/_virtual/index3.mjs +3 -5
  39. package/dist/esm/_virtual/index3.mjs.map +1 -1
  40. package/dist/esm/_virtual/index4.mjs +5 -3
  41. package/dist/esm/_virtual/index4.mjs.map +1 -1
  42. package/dist/esm/node_modules/@lingui/react/dist/index.mjs +14 -13
  43. package/dist/esm/node_modules/@lingui/react/dist/index.mjs.map +1 -1
  44. package/dist/esm/node_modules/@lingui/react/dist/shared/{react.31c3b5fa.mjs → react.8970326b.mjs} +32 -23
  45. package/dist/esm/node_modules/@lingui/react/dist/shared/react.8970326b.mjs.map +1 -0
  46. package/dist/esm/packages/core/src/DFPProtectedAuthProvider.mjs +39 -43
  47. package/dist/esm/packages/core/src/DFPProtectedAuthProvider.mjs.map +1 -1
  48. package/dist/esm/packages/core/src/EventLogger.mjs.map +1 -1
  49. package/dist/esm/packages/core/src/HeadlessClients/HeadlessCryptoWalletClient.mjs.map +1 -1
  50. package/dist/esm/packages/core/src/HeadlessClients/HeadlessIDPClient.mjs +15 -18
  51. package/dist/esm/packages/core/src/HeadlessClients/HeadlessIDPClient.mjs.map +1 -1
  52. package/dist/esm/packages/core/src/HeadlessClients/HeadlessImpersonationClient.mjs.map +1 -1
  53. package/dist/esm/packages/core/src/HeadlessClients/HeadlessMagicLinkClient.mjs.map +1 -1
  54. package/dist/esm/packages/core/src/HeadlessClients/HeadlessOAuthClient.mjs +58 -77
  55. package/dist/esm/packages/core/src/HeadlessClients/HeadlessOAuthClient.mjs.map +1 -1
  56. package/dist/esm/packages/core/src/HeadlessClients/HeadlessOTPClient.mjs +100 -103
  57. package/dist/esm/packages/core/src/HeadlessClients/HeadlessOTPClient.mjs.map +1 -1
  58. package/dist/esm/packages/core/src/HeadlessClients/HeadlessPasswordClient.mjs.map +1 -1
  59. package/dist/esm/packages/core/src/HeadlessClients/HeadlessRBACClient.mjs +6 -8
  60. package/dist/esm/packages/core/src/HeadlessClients/HeadlessRBACClient.mjs.map +1 -1
  61. package/dist/esm/packages/core/src/HeadlessClients/HeadlessSessionClient.mjs +77 -82
  62. package/dist/esm/packages/core/src/HeadlessClients/HeadlessSessionClient.mjs.map +1 -1
  63. package/dist/esm/packages/core/src/HeadlessClients/HeadlessTOTPClient.mjs.map +1 -1
  64. package/dist/esm/packages/core/src/HeadlessClients/HeadlessUserClient.mjs +111 -125
  65. package/dist/esm/packages/core/src/HeadlessClients/HeadlessUserClient.mjs.map +1 -1
  66. package/dist/esm/packages/core/src/HeadlessClients/HeadlessWebAuthnClient.mjs +10 -11
  67. package/dist/esm/packages/core/src/HeadlessClients/HeadlessWebAuthnClient.mjs.map +1 -1
  68. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BDiscoveryClient.mjs.map +1 -1
  69. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.mjs +16 -19
  70. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.mjs.map +1 -1
  71. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BImpersonationClient.mjs.map +1 -1
  72. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.mjs.map +1 -1
  73. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BOAuthClient.mjs.map +1 -1
  74. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BOTPsClient.mjs.map +1 -1
  75. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BOrganizationClient.mjs +142 -153
  76. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BOrganizationClient.mjs.map +1 -1
  77. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.mjs.map +1 -1
  78. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BRBACClient.mjs +7 -9
  79. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BRBACClient.mjs.map +1 -1
  80. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BRecoveryCodesClient.mjs.map +1 -1
  81. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BSCIMClient.mjs.map +1 -1
  82. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BSSOClient.mjs +67 -70
  83. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BSSOClient.mjs.map +1 -1
  84. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BSelfClient.mjs +81 -93
  85. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BSelfClient.mjs.map +1 -1
  86. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BSessionClient.mjs +67 -73
  87. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BSessionClient.mjs.map +1 -1
  88. package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BTOTPsClient.mjs.map +1 -1
  89. package/dist/esm/packages/core/src/NetworkClient.mjs.map +1 -1
  90. package/dist/esm/packages/core/src/SearchManager.mjs.map +1 -1
  91. package/dist/esm/packages/core/src/SessionManager.mjs +28 -31
  92. package/dist/esm/packages/core/src/SessionManager.mjs.map +1 -1
  93. package/dist/esm/packages/core/src/StateChangeClient.mjs +5 -6
  94. package/dist/esm/packages/core/src/StateChangeClient.mjs.map +1 -1
  95. package/dist/esm/packages/core/src/public/SDKErrors.mjs.map +1 -1
  96. package/dist/esm/packages/core/src/rbac.mjs.map +1 -1
  97. package/dist/esm/packages/core/src/rpc/FrameClient.mjs.map +1 -1
  98. package/dist/esm/packages/web/src/BootstrapDataManager.mjs.map +1 -1
  99. package/dist/esm/packages/web/src/CaptchaProvider.mjs +10 -11
  100. package/dist/esm/packages/web/src/CaptchaProvider.mjs.map +1 -1
  101. package/dist/esm/packages/web/src/ClientsideServicesProvider.mjs +4 -8
  102. package/dist/esm/packages/web/src/ClientsideServicesProvider.mjs.map +1 -1
  103. package/dist/esm/packages/web/src/HeadlessOAuthClient.mjs +24 -24
  104. package/dist/esm/packages/web/src/HeadlessOAuthClient.mjs.map +1 -1
  105. package/dist/esm/packages/web/src/NetworkClient.mjs +4 -5
  106. package/dist/esm/packages/web/src/NetworkClient.mjs.map +1 -1
  107. package/dist/esm/packages/web/src/PKCEManager.mjs.map +1 -1
  108. package/dist/esm/packages/web/src/StytchClient.mjs.map +1 -1
  109. package/dist/esm/packages/web/src/SubscriptionService.mjs +8 -10
  110. package/dist/esm/packages/web/src/SubscriptionService.mjs.map +1 -1
  111. package/dist/esm/packages/web/src/adminPortal/utils/theme.mjs +1 -1
  112. package/dist/esm/packages/web/src/b2b/HeadlessB2BOAuthClient.mjs +48 -48
  113. package/dist/esm/packages/web/src/b2b/HeadlessB2BOAuthClient.mjs.map +1 -1
  114. package/dist/esm/packages/web/src/b2b/StytchB2BClient.mjs.map +1 -1
  115. package/dist/esm/packages/web/src/b2b/oneTap/B2BOneTapProvider.mjs +27 -30
  116. package/dist/esm/packages/web/src/b2b/oneTap/B2BOneTapProvider.mjs.map +1 -1
  117. package/dist/esm/packages/web/src/oneTap/GoogleOneTapClient.mjs.map +1 -1
  118. package/dist/esm/packages/web/src/oneTap/OneTapProvider.mjs +12 -14
  119. package/dist/esm/packages/web/src/oneTap/OneTapProvider.mjs.map +1 -1
  120. package/dist/esm/packages/web/src/ui/b2b/App.mjs +3 -1
  121. package/dist/esm/packages/web/src/ui/b2b/App.mjs.map +1 -1
  122. package/dist/esm/packages/web/src/ui/b2b/InternalAppContainer.mjs +1 -1
  123. package/dist/esm/packages/web/src/ui/b2b/InternalAppContainer.mjs.map +1 -1
  124. package/dist/esm/packages/web/src/ui/b2b/screens/SMSOTPEnrollScreen.mjs.map +1 -1
  125. package/dist/esm/packages/web/src/ui/b2c/AppContainer.mjs +1 -1
  126. package/dist/esm/packages/web/src/ui/b2c/AppContainer.mjs.map +1 -1
  127. package/dist/esm/packages/web/src/ui/b2c/IDPContainer.mjs +3 -1
  128. package/dist/esm/packages/web/src/ui/b2c/IDPContainer.mjs.map +1 -1
  129. package/dist/esm/packages/web/src/ui/b2c/PasskeyRegistrationContainer.mjs +1 -1
  130. package/dist/esm/packages/web/src/ui/b2c/PasskeyRegistrationContainer.mjs.map +1 -1
  131. package/dist/esm/packages/web/src/ui/b2c/ResetPasswordContainer.mjs +1 -1
  132. package/dist/esm/packages/web/src/ui/b2c/ResetPasswordContainer.mjs.map +1 -1
  133. package/dist/esm/packages/web/src/ui/b2c/components/GoogleOneTap.mjs +4 -2
  134. package/dist/esm/packages/web/src/ui/b2c/components/GoogleOneTap.mjs.map +1 -1
  135. package/dist/esm/packages/web/src/ui/b2c/screens/Main/index.mjs +2 -1
  136. package/dist/esm/packages/web/src/ui/b2c/screens/Main/index.mjs.map +1 -1
  137. package/dist/esm/packages/web/src/ui/components/PresentationConfig.mjs +2 -1
  138. package/dist/esm/packages/web/src/ui/components/PresentationConfig.mjs.map +1 -1
  139. package/dist/esm/packages/web/src/ui/components/mixins/Root.module.css.mjs +1 -1
  140. package/dist/esm/packages/web/src/ui/components/molecules/MainContainer.module.css.mjs +1 -1
  141. package/dist/esm/packages/web/src/ui/hooks/usePromptPasskey.mjs +3 -3
  142. package/dist/esm/packages/web/src/ui/hooks/usePromptPasskey.mjs.map +1 -1
  143. package/dist/esm/packages/web/src/ui/react/bindings/createB2BComponent.mjs +2 -2
  144. package/dist/esm/packages/web/src/ui/react/bindings/createB2BComponent.mjs.map +1 -1
  145. package/dist/esm/packages/web/src/ui/react/bindings/createB2CComponent.mjs +2 -2
  146. package/dist/esm/packages/web/src/ui/react/bindings/createB2CComponent.mjs.map +1 -1
  147. package/dist/esm/packages/web/src/utils/crypto.mjs +1 -1
  148. package/dist/esm-dev/_virtual/index.mjs +3 -5
  149. package/dist/esm-dev/_virtual/index.mjs.map +1 -1
  150. package/dist/esm-dev/_virtual/index2.mjs +5 -3
  151. package/dist/esm-dev/_virtual/index2.mjs.map +1 -1
  152. package/dist/esm-dev/_virtual/index3.mjs +5 -3
  153. package/dist/esm-dev/_virtual/index3.mjs.map +1 -1
  154. package/dist/esm-dev/_virtual/index4.mjs +3 -5
  155. package/dist/esm-dev/_virtual/index4.mjs.map +1 -1
  156. package/dist/esm-dev/node_modules/@lingui/react/dist/index.mjs +14 -13
  157. package/dist/esm-dev/node_modules/@lingui/react/dist/index.mjs.map +1 -1
  158. package/dist/esm-dev/node_modules/@lingui/react/dist/shared/{react.31c3b5fa.mjs → react.8970326b.mjs} +32 -23
  159. package/dist/esm-dev/node_modules/@lingui/react/dist/shared/react.8970326b.mjs.map +1 -0
  160. package/dist/esm-dev/node_modules/swr/core/dist/index.mjs +1 -1
  161. package/dist/esm-dev/node_modules/swr/infinite/dist/index.mjs +1 -1
  162. package/dist/esm-dev/packages/core/src/DFPProtectedAuthProvider.mjs +39 -43
  163. package/dist/esm-dev/packages/core/src/DFPProtectedAuthProvider.mjs.map +1 -1
  164. package/dist/esm-dev/packages/core/src/EventLogger.mjs.map +1 -1
  165. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessCryptoWalletClient.mjs.map +1 -1
  166. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessIDPClient.mjs +15 -18
  167. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessIDPClient.mjs.map +1 -1
  168. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessImpersonationClient.mjs.map +1 -1
  169. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessMagicLinkClient.mjs.map +1 -1
  170. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessOAuthClient.mjs +58 -77
  171. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessOAuthClient.mjs.map +1 -1
  172. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessOTPClient.mjs +100 -103
  173. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessOTPClient.mjs.map +1 -1
  174. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessPasswordClient.mjs.map +1 -1
  175. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessRBACClient.mjs +6 -8
  176. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessRBACClient.mjs.map +1 -1
  177. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessSessionClient.mjs +77 -82
  178. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessSessionClient.mjs.map +1 -1
  179. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessTOTPClient.mjs.map +1 -1
  180. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessUserClient.mjs +114 -128
  181. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessUserClient.mjs.map +1 -1
  182. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessWebAuthnClient.mjs +10 -11
  183. package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessWebAuthnClient.mjs.map +1 -1
  184. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BDiscoveryClient.mjs.map +1 -1
  185. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.mjs +16 -19
  186. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.mjs.map +1 -1
  187. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BImpersonationClient.mjs.map +1 -1
  188. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.mjs.map +1 -1
  189. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BOAuthClient.mjs.map +1 -1
  190. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BOTPsClient.mjs.map +1 -1
  191. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BOrganizationClient.mjs +144 -155
  192. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BOrganizationClient.mjs.map +1 -1
  193. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.mjs.map +1 -1
  194. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BRBACClient.mjs +7 -9
  195. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BRBACClient.mjs.map +1 -1
  196. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BRecoveryCodesClient.mjs.map +1 -1
  197. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BSCIMClient.mjs.map +1 -1
  198. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BSSOClient.mjs +67 -70
  199. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BSSOClient.mjs.map +1 -1
  200. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BSelfClient.mjs +88 -100
  201. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BSelfClient.mjs.map +1 -1
  202. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BSessionClient.mjs +70 -76
  203. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BSessionClient.mjs.map +1 -1
  204. package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BTOTPsClient.mjs.map +1 -1
  205. package/dist/esm-dev/packages/core/src/NetworkClient.mjs.map +1 -1
  206. package/dist/esm-dev/packages/core/src/SearchManager.mjs.map +1 -1
  207. package/dist/esm-dev/packages/core/src/SessionManager.mjs +28 -31
  208. package/dist/esm-dev/packages/core/src/SessionManager.mjs.map +1 -1
  209. package/dist/esm-dev/packages/core/src/StateChangeClient.mjs +5 -6
  210. package/dist/esm-dev/packages/core/src/StateChangeClient.mjs.map +1 -1
  211. package/dist/esm-dev/packages/core/src/public/SDKErrors.mjs.map +1 -1
  212. package/dist/esm-dev/packages/core/src/rbac.mjs.map +1 -1
  213. package/dist/esm-dev/packages/core/src/rpc/FrameClient.mjs.map +1 -1
  214. package/dist/esm-dev/packages/web/src/BootstrapDataManager.mjs.map +1 -1
  215. package/dist/esm-dev/packages/web/src/CaptchaProvider.mjs +10 -11
  216. package/dist/esm-dev/packages/web/src/CaptchaProvider.mjs.map +1 -1
  217. package/dist/esm-dev/packages/web/src/ClientsideServicesProvider.mjs +4 -8
  218. package/dist/esm-dev/packages/web/src/ClientsideServicesProvider.mjs.map +1 -1
  219. package/dist/esm-dev/packages/web/src/HeadlessOAuthClient.mjs +24 -24
  220. package/dist/esm-dev/packages/web/src/HeadlessOAuthClient.mjs.map +1 -1
  221. package/dist/esm-dev/packages/web/src/NetworkClient.mjs +4 -5
  222. package/dist/esm-dev/packages/web/src/NetworkClient.mjs.map +1 -1
  223. package/dist/esm-dev/packages/web/src/PKCEManager.mjs.map +1 -1
  224. package/dist/esm-dev/packages/web/src/StytchClient.mjs.map +1 -1
  225. package/dist/esm-dev/packages/web/src/SubscriptionService.mjs +8 -10
  226. package/dist/esm-dev/packages/web/src/SubscriptionService.mjs.map +1 -1
  227. package/dist/esm-dev/packages/web/src/adminPortal/memberManagement/AuthManagementSection.mjs +1 -1
  228. package/dist/esm-dev/packages/web/src/adminPortal/memberManagement/useMemberActivation.mjs +1 -1
  229. package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMConnectionDangerZoneSection.mjs +1 -1
  230. package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMConnectionTokenRotationSection.mjs +1 -1
  231. package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMNewConnectionScreen.mjs +1 -1
  232. package/dist/esm-dev/packages/web/src/adminPortal/sso/SSONewConnectionScreen.mjs +1 -1
  233. package/dist/esm-dev/packages/web/src/adminPortal/utils/theme.mjs +1 -1
  234. package/dist/esm-dev/packages/web/src/adminPortal/utils/useMutateMember.mjs +1 -1
  235. package/dist/esm-dev/packages/web/src/adminPortal/utils/useMutateOrganization.mjs +1 -1
  236. package/dist/esm-dev/packages/web/src/adminPortal/utils/useMutateScimConnection.mjs +1 -1
  237. package/dist/esm-dev/packages/web/src/adminPortal/utils/useMutateSsoConnection.mjs +1 -1
  238. package/dist/esm-dev/packages/web/src/adminPortal/utils/useRevalidateConnectionList.mjs +1 -1
  239. package/dist/esm-dev/packages/web/src/b2b/HeadlessB2BOAuthClient.mjs +48 -48
  240. package/dist/esm-dev/packages/web/src/b2b/HeadlessB2BOAuthClient.mjs.map +1 -1
  241. package/dist/esm-dev/packages/web/src/b2b/StytchB2BClient.mjs.map +1 -1
  242. package/dist/esm-dev/packages/web/src/b2b/oneTap/B2BOneTapProvider.mjs +27 -30
  243. package/dist/esm-dev/packages/web/src/b2b/oneTap/B2BOneTapProvider.mjs.map +1 -1
  244. package/dist/esm-dev/packages/web/src/oneTap/GoogleOneTapClient.mjs.map +1 -1
  245. package/dist/esm-dev/packages/web/src/oneTap/OneTapProvider.mjs +12 -14
  246. package/dist/esm-dev/packages/web/src/oneTap/OneTapProvider.mjs.map +1 -1
  247. package/dist/esm-dev/packages/web/src/ui/b2b/App.mjs +3 -1
  248. package/dist/esm-dev/packages/web/src/ui/b2b/App.mjs.map +1 -1
  249. package/dist/esm-dev/packages/web/src/ui/b2b/Container.mjs +1 -1
  250. package/dist/esm-dev/packages/web/src/ui/b2b/InternalAppContainer.mjs +1 -1
  251. package/dist/esm-dev/packages/web/src/ui/b2b/InternalAppContainer.mjs.map +1 -1
  252. package/dist/esm-dev/packages/web/src/ui/b2b/components/OrganizationRow.mjs +1 -1
  253. package/dist/esm-dev/packages/web/src/ui/b2b/screens/SMSOTPEnrollScreen.mjs.map +1 -1
  254. package/dist/esm-dev/packages/web/src/ui/b2c/AppContainer.mjs +1 -1
  255. package/dist/esm-dev/packages/web/src/ui/b2c/AppContainer.mjs.map +1 -1
  256. package/dist/esm-dev/packages/web/src/ui/b2c/IDPContainer.mjs +3 -1
  257. package/dist/esm-dev/packages/web/src/ui/b2c/IDPContainer.mjs.map +1 -1
  258. package/dist/esm-dev/packages/web/src/ui/b2c/PasskeyRegistrationContainer.mjs +1 -1
  259. package/dist/esm-dev/packages/web/src/ui/b2c/PasskeyRegistrationContainer.mjs.map +1 -1
  260. package/dist/esm-dev/packages/web/src/ui/b2c/ResetPasswordContainer.mjs +1 -1
  261. package/dist/esm-dev/packages/web/src/ui/b2c/ResetPasswordContainer.mjs.map +1 -1
  262. package/dist/esm-dev/packages/web/src/ui/b2c/components/GoogleOneTap.mjs +5 -3
  263. package/dist/esm-dev/packages/web/src/ui/b2c/components/GoogleOneTap.mjs.map +1 -1
  264. package/dist/esm-dev/packages/web/src/ui/b2c/screens/Main/LoginForm/index.mjs +1 -1
  265. package/dist/esm-dev/packages/web/src/ui/b2c/screens/Main/index.mjs +2 -1
  266. package/dist/esm-dev/packages/web/src/ui/b2c/screens/Main/index.mjs.map +1 -1
  267. package/dist/esm-dev/packages/web/src/ui/b2c/screens/Passkey/EditableRow.mjs +1 -1
  268. package/dist/esm-dev/packages/web/src/ui/components/PresentationConfig.mjs +2 -1
  269. package/dist/esm-dev/packages/web/src/ui/components/PresentationConfig.mjs.map +1 -1
  270. package/dist/esm-dev/packages/web/src/ui/components/atoms/AnimatedContainer.mjs +1 -1
  271. package/dist/esm-dev/packages/web/src/ui/components/atoms/Button.mjs +1 -1
  272. package/dist/esm-dev/packages/web/src/ui/components/atoms/CodeContainer.mjs +1 -1
  273. package/dist/esm-dev/packages/web/src/ui/components/atoms/Column.mjs +1 -1
  274. package/dist/esm-dev/packages/web/src/ui/components/atoms/Typography.mjs +1 -1
  275. package/dist/esm-dev/packages/web/src/ui/components/atoms/VerticalTransition.mjs +1 -1
  276. package/dist/esm-dev/packages/web/src/ui/components/atoms/VisuallyHidden.mjs +1 -1
  277. package/dist/esm-dev/packages/web/src/ui/components/mixins/Root.module.css.mjs +1 -1
  278. package/dist/esm-dev/packages/web/src/ui/components/molecules/Badge.mjs +1 -1
  279. package/dist/esm-dev/packages/web/src/ui/components/molecules/Input.mjs +1 -1
  280. package/dist/esm-dev/packages/web/src/ui/components/molecules/MainContainer.mjs +1 -1
  281. package/dist/esm-dev/packages/web/src/ui/components/molecules/MainContainer.module.css.mjs +1 -1
  282. package/dist/esm-dev/packages/web/src/ui/components/molecules/OtpInput.mjs +1 -1
  283. package/dist/esm-dev/packages/web/src/ui/components/molecules/PasswordStrengthCheck.mjs +1 -1
  284. package/dist/esm-dev/packages/web/src/ui/components/organisms/IDPConsentManifest.mjs +1 -1
  285. package/dist/esm-dev/packages/web/src/ui/components/organisms/OneTapError.mjs +2 -2
  286. package/dist/esm-dev/packages/web/src/ui/components/organisms/OneTapError.mjs.map +1 -1
  287. package/dist/esm-dev/packages/web/src/ui/hooks/usePromptPasskey.mjs +3 -3
  288. package/dist/esm-dev/packages/web/src/ui/hooks/usePromptPasskey.mjs.map +1 -1
  289. package/dist/esm-dev/packages/web/src/ui/react/bindings/createB2BComponent.mjs +2 -2
  290. package/dist/esm-dev/packages/web/src/ui/react/bindings/createB2BComponent.mjs.map +1 -1
  291. package/dist/esm-dev/packages/web/src/ui/react/bindings/createB2CComponent.mjs +2 -2
  292. package/dist/esm-dev/packages/web/src/ui/react/bindings/createB2CComponent.mjs.map +1 -1
  293. package/dist/esm-dev/packages/web/src/utils/crypto.mjs +1 -1
  294. package/dist/types/{PresentationConfig-B2jX85oV.d.ts → PresentationConfig-CdAymT0c.d.ts} +5 -0
  295. package/dist/types/{StytchB2BClient-D16e_lp1.d.ts → StytchB2BClient-DYF9xGAB.d.ts} +1 -1
  296. package/dist/types/{StytchClient-BwQdJzdj.d.ts → StytchClient-IyY7-cpI.d.ts} +1 -1
  297. package/dist/types/adminPortal/index.d.ts +3 -3
  298. package/dist/types/b2b/index.d.ts +7 -7
  299. package/dist/types/b2b/index.headless.d.ts +2 -2
  300. package/dist/types/compat.d.ts +1 -1
  301. package/dist/types/{createAuthUrlHandler-R1kNNQD_.d.ts → createAuthUrlHandler-CFZ0DGWC.d.ts} +6 -2
  302. package/dist/types/index.d.ts +7 -7
  303. package/dist/types/index.headless.d.ts +2 -2
  304. package/dist/types/{shadcn-CGdmyIUF.d.ts → shadcn-USiNERNw.d.ts} +4 -4
  305. package/messages/en.po +3 -3
  306. package/package.json +1 -1
  307. package/dist/cjs/passwordManagerDisableAutofillProps-DV31RTL_.js.map +0 -1
  308. package/dist/cjs/shadcn-aVU6Lm9q.js.map +0 -1
  309. package/dist/cjs-dev/passwordManagerDisableAutofillProps-CgiK2M_U.js.map +0 -1
  310. package/dist/cjs-dev/shadcn-DMk6ZSoD.js.map +0 -1
  311. package/dist/esm/node_modules/@lingui/react/dist/shared/react.31c3b5fa.mjs.map +0 -1
  312. package/dist/esm-dev/node_modules/@lingui/react/dist/shared/react.31c3b5fa.mjs.map +0 -1
package/dist/esm/packages/core/src/HeadlessClients/HeadlessWebAuthnClient.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HeadlessWebAuthnClient.mjs","sources":["../../../../../../../core/src/HeadlessClients/HeadlessWebAuthnClient.ts"],"sourcesContent":["import * as webauthnJson from '@github/webauthn-json';\nimport {\n IHeadlessWebAuthnClient,\n StytchProjectConfigurationInput,\n WebAuthnAuthenticateResponse,\n WebAuthnAuthenticateStartOptions,\n WebAuthnAuthenticateStartResponse,\n WebAuthnRegisterResponse,\n WebAuthnRegisterStartOptions,\n WebAuthnRegisterStartResponse,\n WebAuthnUpdateOptions,\n WebAuthnUpdateResponse,\n} from '../public';\n\nimport { IConsumerSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '..';\nimport { logger, omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\nexport class HeadlessWebAuthnClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessWebAuthnClient<TProjectConfiguration>\n{\n register: (options: WebAuthnRegisterStartOptions) => Promise<WebAuthnRegisterResponse<TProjectConfiguration>>;\n\n authenticate: (\n options: WebAuthnAuthenticateStartOptions,\n ) => Promise<WebAuthnAuthenticateResponse<TProjectConfiguration> | null>;\n\n constructor(\n public _networkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.register = this._subscriptionService.withUpdateSession(\n async (options?: WebAuthnRegisterStartOptions): Promise<WebAuthnRegisterResponse<TProjectConfiguration>> => {\n if (options) {\n validateInDev('stytch.webauthn.register', options, {\n domain: 'optionalString',\n authenticator_type: 'optionalString',\n is_passkey: 'optionalBoolean',\n session_duration_minutes: 'number',\n override_id: 'optionalString',\n override_name: 'optionalString',\n override_display_name: 'optionalString',\n use_base64_url_encoding: 'optionalBoolean',\n });\n }\n\n const startResp = await this._networkClient.fetchSDK<WebAuthnRegisterStartResponse>({\n url: '/webauthn/register/start',\n method: 'POST',\n body: {\n domain: options?.domain ?? window.location.hostname,\n authenticator_type: options?.authenticator_type ?? undefined,\n return_passkey_credential_options: options?.is_passkey,\n override_id: options?.override_id,\n override_name: options?.override_name,\n override_display_name: options?.override_display_name,\n user_agent: navigator.userAgent,\n use_base64_url_encoding: options?.use_base64_url_encoding,\n },\n });\n\n const publicKeyCredentialCreationOptions = startResp.public_key_credential_creation_options;\n const publicKey = JSON.parse(publicKeyCredentialCreationOptions);\n\n const credential = await webauthnJson.create({\n publicKey: publicKey,\n });\n\n const resp = await this._networkClient.fetchSDK<WithUser<WebAuthnRegisterResponse<TProjectConfiguration>>>({\n url: '/webauthn/register',\n method: 'POST',\n body: {\n public_key_credential: JSON.stringify(credential),\n session_duration_minutes: options?.session_duration_minutes,\n },\n });\n\n return omitUser(resp);\n },\n );\n\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (\n options: WebAuthnAuthenticateStartOptions,\n ): Promise<WebAuthnAuthenticateResponse<TProjectConfiguration> | null> => {\n validateInDev('stytch.webauthn.authenticate', options, {\n domain: 'optionalString',\n session_duration_minutes: 'number',\n is_passkey: 'optionalBoolean',\n signal: 'optionalObject',\n conditional_mediation: 'optionalBoolean',\n disable_input_check: 'optionalBoolean',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n if (options.conditional_mediation) {\n if (!(await this.browserSupportsAutofill())) {\n logger.error('Browser does not support WebAuthn autofill');\n return null;\n }\n\n if (!options.disable_input_check && !this.checkEligibleInputs()) {\n return null;\n }\n }\n\n const isLoggedIn = !!this._subscriptionService.getSession();\n\n const endpoint = isLoggedIn ? '/webauthn/authenticate/start/secondary' : '/webauthn/authenticate/start/primary';\n\n const startResp = await this._networkClient.fetchSDK<WebAuthnAuthenticateStartResponse>({\n url: endpoint,\n method: 'POST',\n body: {\n domain: options.domain ?? window.location.hostname,\n return_passkey_credential_options: options?.is_passkey,\n },\n });\n\n const publicKeyCredentialRequestOptions = startResp.public_key_credential_request_options;\n const abortController = new AbortController();\n const credReqOptions = {\n publicKey: JSON.parse(publicKeyCredentialRequestOptions),\n signal: options.signal ?? abortController.signal,\n };\n const conditionalMediationCredReqOption = {\n ...credReqOptions,\n mediation: 'conditional' as CredentialMediationRequirement,\n };\n const credential = await webauthnJson.get(\n options.conditional_mediation ? conditionalMediationCredReqOption : credReqOptions,\n );\n\n const authenticationData = await this._networkClient.retriableFetchSDK<\n WithUser<WebAuthnAuthenticateResponse<TProjectConfiguration>>\n >({\n url: '/webauthn/authenticate',\n method: 'POST',\n body: {\n public_key_credential: JSON.stringify(credential),\n session_duration_minutes: options.session_duration_minutes,\n dfp_telemetry_id,\n captcha_token,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(authenticationData);\n },\n );\n }\n\n async update(options: WebAuthnUpdateOptions): Promise<WebAuthnUpdateResponse> {\n validateInDev('stytch.webauthn.update', options, {\n webauthn_registration_id: 'string',\n name: 'string',\n });\n\n const url = '/webauthn/update/' + options.webauthn_registration_id;\n return await this._networkClient.fetchSDK<WebAuthnUpdateResponse>({\n url: url,\n method: 'PUT',\n body: {\n name: options.name,\n },\n });\n }\n\n async browserSupportsAutofill(): Promise<boolean> {\n return (await window.PublicKeyCredential?.isConditionalMediationAvailable?.()) ?? false;\n }\n\n private checkEligibleInputs = (): boolean => {\n // Check for an <input> with \"webauthn\" in its `autocomplete` attribute\n const eligibleInputs = document.querySelectorAll(\"input[autocomplete*='webauthn']\");\n // WebAuthn autofill requires at least one valid input\n if (eligibleInputs.length < 1) {\n logger.error('No <input> with `\"webauthn\"` in its `autocomplete` attribute was detected');\n return false;\n }\n return true;\n };\n}\n"],"names":["HeadlessWebAuthnClient","register","authenticate","constructor","_networkClient","_subscriptionService","dfpProtectedAuth","checkEligibleInputs","eligibleInputs","document","querySelectorAll","length","logger","error","withUpdateSession","options","startResp","fetchSDK","url","method","body","domain","window","location","hostname","authenticator_type","undefined","return_passkey_credential_options","is_passkey","override_id","override_name","override_display_name","user_agent","navigator","userAgent","use_base64_url_encoding","publicKeyCredentialCreationOptions","public_key_credential_creation_options","publicKey","JSON","parse","credential","webauthnJson","resp","public_key_credential","stringify","session_duration_minutes","omitUser","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","conditional_mediation","browserSupportsAutofill","disable_input_check","isLoggedIn","getSession","endpoint","publicKeyCredentialRequestOptions","public_key_credential_request_options","abortController","AbortController","credReqOptions","signal","conditionalMediationCredReqOption","mediation","authenticationData","retriableFetchSDK","retryCallback","retryWithCaptchaAndDFP","update","webauthn_registration_id","name","PublicKeyCredential","isConditionalMediationAvailable"],"mappings":";;;;AAkBO,MAAMA,sBAAAA,CAAAA;;;;IAGXC,QAAAA;IAEAC,YAAAA;IAIAC,WAAAA,CACSC,cAA8B,EAC7BC,oBAAyE,EACzEC,gBAA2C,CACnD;aAHOF,cAAAA,GAAAA,cAAAA;aACCC,oBAAAA,GAAAA,oBAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;aA+IFC,mBAAAA,GAAsB,IAAA;;YAE5B,MAAMC,cAAAA,GAAiBC,QAAAA,CAASC,gBAAgB,CAAC,iCAAA,CAAA;;YAEjD,IAAIF,cAAAA,CAAeG,MAAM,GAAG,CAAA,EAAG;AAC7BC,gBAAAA,MAAAA,CAAOC,KAAK,CAAC,2EAAA,CAAA;gBACb,OAAO,KAAA;AACT,YAAA;YACA,OAAO,IAAA;AACT,QAAA,CAAA;QAtJE,IAAI,CAACZ,QAAQ,GAAG,IAAI,CAACI,oBAAoB,CAACS,iBAAiB,CACzD,OAAOC,OAAAA,GAAAA;AAcL,YAAA,MAAMC,YAAY,MAAM,IAAI,CAACZ,cAAc,CAACa,QAAQ,CAAgC;gBAClFC,GAAAA,EAAK,0BAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;AACJC,oBAAAA,MAAAA,EAAQN,OAAAA,EAASM,MAAAA,IAAUC,MAAAA,CAAOC,QAAQ,CAACC,QAAQ;AACnDC,oBAAAA,kBAAAA,EAAoBV,SAASU,kBAAAA,IAAsBC,SAAAA;AACnDC,oBAAAA,iCAAAA,EAAmCZ,OAAAA,EAASa,UAAAA;AAC5CC,oBAAAA,WAAAA,EAAad,OAAAA,EAASc,WAAAA;AACtBC,oBAAAA,aAAAA,EAAef,OAAAA,EAASe,aAAAA;AACxBC,oBAAAA,qBAAAA,EAAuBhB,OAAAA,EAASgB,qBAAAA;AAChCC,oBAAAA,UAAAA,EAAYC,UAAUC,SAAS;AAC/BC,oBAAAA,uBAAAA,EAAyBpB,OAAAA,EAASoB;AACpC;AACF,aAAA,CAAA;YAEA,MAAMC,kCAAAA,GAAqCpB,UAAUqB,sCAAsC;YAC3F,MAAMC,SAAAA,GAAYC,IAAAA,CAAKC,KAAK,CAACJ,kCAAAA,CAAAA;AAE7B,YAAA,MAAMK,UAAAA,GAAa,MAAMC,MAAmB,CAAC;gBAC3CJ,SAAAA,EAAWA;AACb,aAAA,CAAA;AAEA,YAAA,MAAMK,OAAO,MAAM,IAAI,CAACvC,cAAc,CAACa,QAAQ,CAA4D;gBACzGC,GAAAA,EAAK,oBAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;oBACJwB,qBAAAA,EAAuBL,IAAAA,CAAKM,SAAS,CAACJ,UAAAA,CAAAA;AACtCK,oBAAAA,wBAAAA,EAA0B/B,OAAAA,EAAS+B;AACrC;AACF,aAAA,CAAA;AAEA,YAAA,OAAOC,QAAAA,CAASJ,IAAAA,CAAAA;AAClB,QAAA,CAAA,CAAA;QAGF,IAAI,CAACzC,YAAY,GAAG,IAAI,CAACG,oBAAoB,CAACS,iBAAiB,CAC7D,OACEC,OAAAA,GAAAA;YAUA,MAAM,EAAEiC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAAC3C,gBAAgB,CAAC4C,2BAA2B,EAAA;YAEnG,IAAInC,OAAAA,CAAQoC,qBAAqB,EAAE;AACjC,gBAAA,IAAI,CAAE,MAAM,IAAI,CAACC,uBAAuB,EAAA,EAAK;AAC3CxC,oBAAAA,MAAAA,CAAOC,KAAK,CAAC,4CAAA,CAAA;oBACb,OAAO,IAAA;AACT,gBAAA;gBAEA,IAAI,CAACE,QAAQsC,mBAAmB,IAAI,CAAC,IAAI,CAAC9C,mBAAmB,EAAA,EAAI;oBAC/D,OAAO,IAAA;AACT,gBAAA;AACF,YAAA;AAEA,YAAA,MAAM+C,aAAa,CAAC,CAAC,IAAI,CAACjD,oBAAoB,CAACkD,UAAU,EAAA;YAEzD,MAAMC,QAAAA,GAAWF,aAAa,wCAAA,GAA2C,sCAAA;AAEzE,YAAA,MAAMtC,YAAY,MAAM,IAAI,CAACZ,cAAc,CAACa,QAAQ,CAAoC;gBACtFC,GAAAA,EAAKsC,QAAAA;gBACLrC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;AACJC,oBAAAA,MAAAA,EAAQN,QAAQM,MAAM,IAAIC,MAAAA,CAAOC,QAAQ,CAACC,QAAQ;AAClDG,oBAAAA,iCAAAA,EAAmCZ,OAAAA,EAASa;AAC9C;AACF,aAAA,CAAA;YAEA,MAAM6B,iCAAAA,GAAoCzC,UAAU0C,qCAAqC;AACzF,YAAA,MAAMC,kBAAkB,IAAIC,eAAAA,EAAAA;AAC5B,YAAA,MAAMC,cAAAA,GAAiB;gBACrBvB,SAAAA,EAAWC,IAAAA,CAAKC,KAAK,CAACiB,iCAAAA,CAAAA;AACtBK,gBAAAA,MAAAA,EAAQ/C,OAAAA,CAAQ+C,MAAM,IAAIH,eAAAA,CAAgBG;AAC5C,aAAA;AACA,YAAA,MAAMC,iCAAAA,GAAoC;AACxC,gBAAA,GAAGF,cAAc;gBACjBG,SAAAA,EAAW;AACb,aAAA;YACA,MAAMvB,UAAAA,GAAa,MAAMC,GAAgB,CACvC3B,OAAAA,CAAQoC,qBAAqB,GAAGY,iCAAAA,GAAoCF,cAAAA,CAAAA;AAGtE,YAAA,MAAMI,qBAAqB,MAAM,IAAI,CAAC7D,cAAc,CAAC8D,iBAAiB,CAEpE;gBACAhD,GAAAA,EAAK,wBAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;oBACJwB,qBAAAA,EAAuBL,IAAAA,CAAKM,SAAS,CAACJ,UAAAA,CAAAA;AACtCK,oBAAAA,wBAAAA,EAA0B/B,QAAQ+B,wBAAwB;AAC1DE,oBAAAA,gBAAAA;AACAC,oBAAAA;AACF,iBAAA;AACAkB,gBAAAA,aAAAA,EAAe,IAAI,CAAC7D,gBAAgB,CAAC8D;AACvC,aAAA,CAAA;AAEA,YAAA,OAAOrB,QAAAA,CAASkB,kBAAAA,CAAAA;AAClB,QAAA,CAAA,CAAA;AAEJ,IAAA;IAEA,MAAMI,MAAAA,CAAOtD,OAA8B,EAAmC;QAM5E,MAAMG,GAAAA,GAAM,mBAAA,GAAsBH,OAAAA,CAAQuD,wBAAwB;AAClE,QAAA,OAAO,MAAM,IAAI,CAAClE,cAAc,CAACa,QAAQ,CAAyB;YAChEC,GAAAA,EAAKA,GAAAA;YACLC,MAAAA,EAAQ,KAAA;YACRC,IAAAA,EAAM;AACJmD,gBAAAA,IAAAA,EAAMxD,QAAQwD;AAChB;AACF,SAAA,CAAA;AACF,IAAA;AAEA,IAAA,MAAMnB,uBAAAA,GAA4C;AAChD,QAAA,OAAO,MAAO9B,MAAAA,CAAOkD,mBAAmB,EAAEC,+BAAAA,IAAAA,IAAwC,KAAA;AACpF,IAAA;IAEQlE,mBAAAA;AAUV;;;;"}
1
+ {"version":3,"file":"HeadlessWebAuthnClient.mjs","sources":["../../../../../../../core/src/HeadlessClients/HeadlessWebAuthnClient.ts"],"sourcesContent":["import * as webauthnJson from '@github/webauthn-json';\nimport {\n IHeadlessWebAuthnClient,\n StytchProjectConfigurationInput,\n WebAuthnAuthenticateResponse,\n WebAuthnAuthenticateStartOptions,\n WebAuthnAuthenticateStartResponse,\n WebAuthnRegisterResponse,\n WebAuthnRegisterStartOptions,\n WebAuthnRegisterStartResponse,\n WebAuthnUpdateOptions,\n WebAuthnUpdateResponse,\n} from '../public';\n\nimport { IConsumerSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '..';\nimport { logger, omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\nexport class HeadlessWebAuthnClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessWebAuthnClient<TProjectConfiguration>\n{\n register: (options: WebAuthnRegisterStartOptions) => Promise<WebAuthnRegisterResponse<TProjectConfiguration>>;\n\n authenticate: (\n options: WebAuthnAuthenticateStartOptions,\n ) => Promise<WebAuthnAuthenticateResponse<TProjectConfiguration> | null>;\n\n constructor(\n public _networkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.register = this._subscriptionService.withUpdateSession(\n async (options?: WebAuthnRegisterStartOptions): Promise<WebAuthnRegisterResponse<TProjectConfiguration>> => {\n if (options) {\n validateInDev('stytch.webauthn.register', options, {\n domain: 'optionalString',\n authenticator_type: 'optionalString',\n is_passkey: 'optionalBoolean',\n session_duration_minutes: 'number',\n override_id: 'optionalString',\n override_name: 'optionalString',\n override_display_name: 'optionalString',\n use_base64_url_encoding: 'optionalBoolean',\n });\n }\n\n const startResp = await this._networkClient.fetchSDK<WebAuthnRegisterStartResponse>({\n url: '/webauthn/register/start',\n method: 'POST',\n body: {\n domain: options?.domain ?? window.location.hostname,\n authenticator_type: options?.authenticator_type ?? undefined,\n return_passkey_credential_options: options?.is_passkey,\n override_id: options?.override_id,\n override_name: options?.override_name,\n override_display_name: options?.override_display_name,\n user_agent: navigator.userAgent,\n use_base64_url_encoding: options?.use_base64_url_encoding,\n },\n });\n\n const publicKeyCredentialCreationOptions = startResp.public_key_credential_creation_options;\n const publicKey = JSON.parse(publicKeyCredentialCreationOptions);\n\n const credential = await webauthnJson.create({\n publicKey: publicKey,\n });\n\n const resp = await this._networkClient.fetchSDK<WithUser<WebAuthnRegisterResponse<TProjectConfiguration>>>({\n url: '/webauthn/register',\n method: 'POST',\n body: {\n public_key_credential: JSON.stringify(credential),\n session_duration_minutes: options?.session_duration_minutes,\n },\n });\n\n return omitUser(resp);\n },\n );\n\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (\n options: WebAuthnAuthenticateStartOptions,\n ): Promise<WebAuthnAuthenticateResponse<TProjectConfiguration> | null> => {\n validateInDev('stytch.webauthn.authenticate', options, {\n domain: 'optionalString',\n session_duration_minutes: 'number',\n is_passkey: 'optionalBoolean',\n signal: 'optionalObject',\n conditional_mediation: 'optionalBoolean',\n disable_input_check: 'optionalBoolean',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n if (options.conditional_mediation) {\n if (!(await this.browserSupportsAutofill())) {\n logger.error('Browser does not support WebAuthn autofill');\n return null;\n }\n\n if (!options.disable_input_check && !this.checkEligibleInputs()) {\n return null;\n }\n }\n\n const isLoggedIn = !!this._subscriptionService.getSession();\n\n const endpoint = isLoggedIn ? '/webauthn/authenticate/start/secondary' : '/webauthn/authenticate/start/primary';\n\n const startResp = await this._networkClient.fetchSDK<WebAuthnAuthenticateStartResponse>({\n url: endpoint,\n method: 'POST',\n body: {\n domain: options.domain ?? window.location.hostname,\n return_passkey_credential_options: options?.is_passkey,\n },\n });\n\n const publicKeyCredentialRequestOptions = startResp.public_key_credential_request_options;\n const abortController = new AbortController();\n const credReqOptions = {\n publicKey: JSON.parse(publicKeyCredentialRequestOptions),\n signal: options.signal ?? abortController.signal,\n };\n const conditionalMediationCredReqOption = {\n ...credReqOptions,\n mediation: 'conditional' as CredentialMediationRequirement,\n };\n const credential = await webauthnJson.get(\n options.conditional_mediation ? conditionalMediationCredReqOption : credReqOptions,\n );\n\n const authenticationData = await this._networkClient.retriableFetchSDK<\n WithUser<WebAuthnAuthenticateResponse<TProjectConfiguration>>\n >({\n url: '/webauthn/authenticate',\n method: 'POST',\n body: {\n public_key_credential: JSON.stringify(credential),\n session_duration_minutes: options.session_duration_minutes,\n dfp_telemetry_id,\n captcha_token,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(authenticationData);\n },\n );\n }\n\n async update(options: WebAuthnUpdateOptions): Promise<WebAuthnUpdateResponse> {\n validateInDev('stytch.webauthn.update', options, {\n webauthn_registration_id: 'string',\n name: 'string',\n });\n\n const url = '/webauthn/update/' + options.webauthn_registration_id;\n return await this._networkClient.fetchSDK<WebAuthnUpdateResponse>({\n url: url,\n method: 'PUT',\n body: {\n name: options.name,\n },\n });\n }\n\n async browserSupportsAutofill(): Promise<boolean> {\n return (await window.PublicKeyCredential?.isConditionalMediationAvailable?.()) ?? false;\n }\n\n private checkEligibleInputs = (): boolean => {\n // Check for an <input> with \"webauthn\" in its `autocomplete` attribute\n const eligibleInputs = document.querySelectorAll(\"input[autocomplete*='webauthn']\");\n // WebAuthn autofill requires at least one valid input\n if (eligibleInputs.length < 1) {\n logger.error('No <input> with `\"webauthn\"` in its `autocomplete` attribute was detected');\n return false;\n }\n return true;\n };\n}\n"],"names":["HeadlessWebAuthnClient","register","authenticate","_networkClient","_subscriptionService","dfpProtectedAuth","withUpdateSession","options","startResp","fetchSDK","url","method","body","domain","window","location","hostname","authenticator_type","undefined","return_passkey_credential_options","is_passkey","override_id","override_name","override_display_name","user_agent","navigator","userAgent","use_base64_url_encoding","publicKeyCredentialCreationOptions","public_key_credential_creation_options","publicKey","JSON","parse","credential","webauthnJson","resp","public_key_credential","stringify","session_duration_minutes","omitUser","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","conditional_mediation","browserSupportsAutofill","logger","error","disable_input_check","checkEligibleInputs","isLoggedIn","getSession","endpoint","publicKeyCredentialRequestOptions","public_key_credential_request_options","abortController","AbortController","credReqOptions","signal","conditionalMediationCredReqOption","mediation","authenticationData","retriableFetchSDK","retryCallback","retryWithCaptchaAndDFP","update","webauthn_registration_id","name","PublicKeyCredential","isConditionalMediationAvailable","eligibleInputs","document","querySelectorAll","length"],"mappings":";;;;AAkBO,MAAMA,sBAAAA,CAAAA;;;;IAGXC,QAAAA;IAEAC,YAAAA;IAIA,WAAA,CACSC,cAA8B,EAC7BC,oBAAyE,EACzEC,gBAA2C,CACnD;aAHOF,cAAAA,GAAAA,cAAAA;aACCC,oBAAAA,GAAAA,oBAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAER,IAAI,CAACJ,QAAQ,GAAG,IAAI,CAACG,oBAAoB,CAACE,iBAAiB,CACzD,OAAOC,OAAAA,GAAAA;AAcL,YAAA,MAAMC,YAAY,MAAM,IAAI,CAACL,cAAc,CAACM,QAAQ,CAAgC;gBAClFC,GAAAA,EAAK,0BAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;AACJC,oBAAAA,MAAAA,EAAQN,OAAAA,EAASM,MAAAA,IAAUC,MAAAA,CAAOC,QAAQ,CAACC,QAAQ;AACnDC,oBAAAA,kBAAAA,EAAoBV,SAASU,kBAAAA,IAAsBC,SAAAA;AACnDC,oBAAAA,iCAAAA,EAAmCZ,OAAAA,EAASa,UAAAA;AAC5CC,oBAAAA,WAAAA,EAAad,OAAAA,EAASc,WAAAA;AACtBC,oBAAAA,aAAAA,EAAef,OAAAA,EAASe,aAAAA;AACxBC,oBAAAA,qBAAAA,EAAuBhB,OAAAA,EAASgB,qBAAAA;AAChCC,oBAAAA,UAAAA,EAAYC,UAAUC,SAAS;AAC/BC,oBAAAA,uBAAAA,EAAyBpB,OAAAA,EAASoB;AACpC;AACF,aAAA,CAAA;YAEA,MAAMC,kCAAAA,GAAqCpB,UAAUqB,sCAAsC;YAC3F,MAAMC,SAAAA,GAAYC,IAAAA,CAAKC,KAAK,CAACJ,kCAAAA,CAAAA;AAE7B,YAAA,MAAMK,UAAAA,GAAa,MAAMC,MAAmB,CAAC;gBAC3CJ,SAAAA,EAAWA;AACb,aAAA,CAAA;AAEA,YAAA,MAAMK,OAAO,MAAM,IAAI,CAAChC,cAAc,CAACM,QAAQ,CAA4D;gBACzGC,GAAAA,EAAK,oBAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;oBACJwB,qBAAAA,EAAuBL,IAAAA,CAAKM,SAAS,CAACJ,UAAAA,CAAAA;AACtCK,oBAAAA,wBAAAA,EAA0B/B,OAAAA,EAAS+B;AACrC;AACF,aAAA,CAAA;AAEA,YAAA,OAAOC,QAAAA,CAASJ,IAAAA,CAAAA;AAClB,QAAA,CAAA,CAAA;QAGF,IAAI,CAACjC,YAAY,GAAG,IAAI,CAACE,oBAAoB,CAACE,iBAAiB,CAC7D,OACEC,OAAAA,GAAAA;YAUA,MAAM,EAAEiC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACpC,gBAAgB,CAACqC,2BAA2B,EAAA;YAEnG,IAAInC,OAAAA,CAAQoC,qBAAqB,EAAE;AACjC,gBAAA,IAAI,CAAE,MAAM,IAAI,CAACC,uBAAuB,EAAA,EAAK;AAC3CC,oBAAAA,MAAAA,CAAOC,KAAK,CAAC,4CAAA,CAAA;oBACb,OAAO,IAAA;AACT,gBAAA;gBAEA,IAAI,CAACvC,QAAQwC,mBAAmB,IAAI,CAAC,IAAI,CAACC,mBAAmB,EAAA,EAAI;oBAC/D,OAAO,IAAA;AACT,gBAAA;AACF,YAAA;AAEA,YAAA,MAAMC,aAAa,CAAC,CAAC,IAAI,CAAC7C,oBAAoB,CAAC8C,UAAU,EAAA;YAEzD,MAAMC,QAAAA,GAAWF,aAAa,wCAAA,GAA2C,sCAAA;AAEzE,YAAA,MAAMzC,YAAY,MAAM,IAAI,CAACL,cAAc,CAACM,QAAQ,CAAoC;gBACtFC,GAAAA,EAAKyC,QAAAA;gBACLxC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;AACJC,oBAAAA,MAAAA,EAAQN,QAAQM,MAAM,IAAIC,MAAAA,CAAOC,QAAQ,CAACC,QAAQ;AAClDG,oBAAAA,iCAAAA,EAAmCZ,OAAAA,EAASa;AAC9C;AACF,aAAA,CAAA;YAEA,MAAMgC,iCAAAA,GAAoC5C,UAAU6C,qCAAqC;AACzF,YAAA,MAAMC,kBAAkB,IAAIC,eAAAA,EAAAA;AAC5B,YAAA,MAAMC,cAAAA,GAAiB;gBACrB1B,SAAAA,EAAWC,IAAAA,CAAKC,KAAK,CAACoB,iCAAAA,CAAAA;AACtBK,gBAAAA,MAAAA,EAAQlD,OAAAA,CAAQkD,MAAM,IAAIH,eAAAA,CAAgBG;AAC5C,aAAA;AACA,YAAA,MAAMC,iCAAAA,GAAoC;AACxC,gBAAA,GAAGF,cAAc;gBACjBG,SAAAA,EAAW;AACb,aAAA;YACA,MAAM1B,UAAAA,GAAa,MAAMC,GAAgB,CACvC3B,OAAAA,CAAQoC,qBAAqB,GAAGe,iCAAAA,GAAoCF,cAAAA,CAAAA;AAGtE,YAAA,MAAMI,qBAAqB,MAAM,IAAI,CAACzD,cAAc,CAAC0D,iBAAiB,CAEpE;gBACAnD,GAAAA,EAAK,wBAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;oBACJwB,qBAAAA,EAAuBL,IAAAA,CAAKM,SAAS,CAACJ,UAAAA,CAAAA;AACtCK,oBAAAA,wBAAAA,EAA0B/B,QAAQ+B,wBAAwB;AAC1DE,oBAAAA,gBAAAA;AACAC,oBAAAA;AACF,iBAAA;AACAqB,gBAAAA,aAAAA,EAAe,IAAI,CAACzD,gBAAgB,CAAC0D;AACvC,aAAA,CAAA;AAEA,YAAA,OAAOxB,QAAAA,CAASqB,kBAAAA,CAAAA;AAClB,QAAA,CAAA,CAAA;AAEJ,IAAA;IAEA,MAAMI,MAAAA,CAAOzD,OAA8B,EAAmC;QAM5E,MAAMG,GAAAA,GAAM,mBAAA,GAAsBH,OAAAA,CAAQ0D,wBAAwB;AAClE,QAAA,OAAO,MAAM,IAAI,CAAC9D,cAAc,CAACM,QAAQ,CAAyB;YAChEC,GAAAA,EAAKA,GAAAA;YACLC,MAAAA,EAAQ,KAAA;YACRC,IAAAA,EAAM;AACJsD,gBAAAA,IAAAA,EAAM3D,QAAQ2D;AAChB;AACF,SAAA,CAAA;AACF,IAAA;AAEA,IAAA,MAAMtB,uBAAAA,GAA4C;AAChD,QAAA,OAAO,MAAO9B,MAAAA,CAAOqD,mBAAmB,EAAEC,+BAAAA,IAAAA,IAAwC,KAAA;AACpF,IAAA;IAEQpB,mBAAAA,GAAsB,IAAA;;QAE5B,MAAMqB,cAAAA,GAAiBC,QAAAA,CAASC,gBAAgB,CAAC,iCAAA,CAAA;;QAEjD,IAAIF,cAAAA,CAAeG,MAAM,GAAG,CAAA,EAAG;AAC7B3B,YAAAA,MAAAA,CAAOC,KAAK,CAAC,2EAAA,CAAA;YACb,OAAO,KAAA;AACT,QAAA;QACA,OAAO,IAAA;KACT;AACF;;;;"}
package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BDiscoveryClient.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HeadlessB2BDiscoveryClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BDiscoveryClient.ts"],"sourcesContent":["import {\n B2BDiscoveryIntermediateSessionsExchangeOptions,\n B2BDiscoveryIntermediateSessionsExchangeResponse,\n B2BDiscoveryOrganizationsCreateOptions,\n B2BDiscoveryOrganizationsCreateResponse,\n B2BDiscoveryOrganizationsResponse,\n IHeadlessB2BDiscoveryClient,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { INetworkClient } from '../..';\nimport { IB2BSubscriptionService } from '../..';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BDiscoveryClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BDiscoveryClient<TProjectConfiguration>\n{\n organizations: {\n list: () => Promise<B2BDiscoveryOrganizationsResponse>;\n create: (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ) => Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>;\n };\n\n intermediateSessions: {\n exchange: (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ) => Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.organizations = {\n list: async () =>\n this._networkClient.fetchSDK<B2BDiscoveryOrganizationsResponse>({\n url: '/b2b/discovery/organizations',\n body: {\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n method: 'POST',\n }),\n create: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ): Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.organizations.create', data, {\n session_duration_minutes: 'number',\n organization_name: 'optionalString',\n organization_slug: 'optionalString',\n organization_logo_url: 'optionalString',\n sso_jit_provisioning: 'optionalString',\n email_allowed_domains: 'optionalStringArray',\n email_invites: 'optionalString',\n auth_methods: 'optionalString',\n allowed_auth_methods: 'optionalStringArray',\n mfa_policy: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n };\n\n return this._networkClient.fetchSDK<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/organizations/create',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n\n this.intermediateSessions = {\n exchange: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ): Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.intermediateSessions.exchange', data, {\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.fetchSDK<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/intermediate_sessions/exchange',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n }\n}\n"],"names":["HeadlessB2BDiscoveryClient","organizations","intermediateSessions","constructor","_subscriptionService","_networkClient","list","fetchSDK","url","body","intermediate_session_token","getIntermediateSessionToken","undefined","method","create","withUpdateSession","data","requestBody","exchange"],"mappings":"AAaO,MAAMA,0BAAAA,CAAAA;;;IAGXC,aAAAA;IAOAC,oBAAAA;AAMAC,IAAAA,WAAAA,CACE,cAAsC,EAC9BC,oBAAoE,CAC5E;aAFQC,cAAAA,GAAAA,cAAAA;aACAD,oBAAAA,GAAAA,oBAAAA;QAER,IAAI,CAACH,aAAa,GAAG;AACnBK,YAAAA,IAAAA,EAAM,UACJ,IAAI,CAACD,cAAc,CAACE,QAAQ,CAAoC;oBAC9DC,GAAAA,EAAK,8BAAA;oBACLC,IAAAA,EAAM;AACJC,wBAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAACN,oBAAoB,CAACO,2BAA2B,EAAA,IAAOC;AACjG,qBAAA;oBACAC,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACFC,YAAAA,MAAAA,EAAQ,IAAI,CAACV,oBAAoB,CAACW,iBAAiB,CACjD,OACEC,IAAAA,GAAAA;AAeA,gBAAA,MAAMC,WAAAA,GAAc;AAClB,oBAAA,GAAGD,IAAI;AACPN,oBAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAACN,oBAAoB,CAACO,2BAA2B,EAAA,IAAOC;AACjG,iBAAA;AAEA,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACE,QAAQ,CAAiE;oBAClGC,GAAAA,EAAK,qCAAA;oBACLC,IAAAA,EAAMQ,WAAAA;oBACNJ,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;AAEJ,SAAA;QAEA,IAAI,CAACX,oBAAoB,GAAG;AAC1BgB,YAAAA,QAAAA,EAAU,IAAI,CAACd,oBAAoB,CAACW,iBAAiB,CACnD,OACEC,IAAAA,GAAAA;AAQA,gBAAA,MAAMC,WAAAA,GAAc;AAClB,oBAAA,GAAGD,IAAI;AACPN,oBAAAA,0BAAAA,EAA4B,IAAI,CAACN,oBAAoB,CAACO,2BAA2B,EAAA,IAAMC;AACzF,iBAAA;AACA,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACE,QAAQ,CAA0E;oBAC3GC,GAAAA,EAAK,+CAAA;oBACLC,IAAAA,EAAMQ,WAAAA;oBACNJ,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;AAEJ,SAAA;AACF,IAAA;AACF;;;;"}
1
+ {"version":3,"file":"HeadlessB2BDiscoveryClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BDiscoveryClient.ts"],"sourcesContent":["import {\n B2BDiscoveryIntermediateSessionsExchangeOptions,\n B2BDiscoveryIntermediateSessionsExchangeResponse,\n B2BDiscoveryOrganizationsCreateOptions,\n B2BDiscoveryOrganizationsCreateResponse,\n B2BDiscoveryOrganizationsResponse,\n IHeadlessB2BDiscoveryClient,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { INetworkClient } from '../..';\nimport { IB2BSubscriptionService } from '../..';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BDiscoveryClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BDiscoveryClient<TProjectConfiguration>\n{\n organizations: {\n list: () => Promise<B2BDiscoveryOrganizationsResponse>;\n create: (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ) => Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>;\n };\n\n intermediateSessions: {\n exchange: (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ) => Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.organizations = {\n list: async () =>\n this._networkClient.fetchSDK<B2BDiscoveryOrganizationsResponse>({\n url: '/b2b/discovery/organizations',\n body: {\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n method: 'POST',\n }),\n create: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ): Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.organizations.create', data, {\n session_duration_minutes: 'number',\n organization_name: 'optionalString',\n organization_slug: 'optionalString',\n organization_logo_url: 'optionalString',\n sso_jit_provisioning: 'optionalString',\n email_allowed_domains: 'optionalStringArray',\n email_invites: 'optionalString',\n auth_methods: 'optionalString',\n allowed_auth_methods: 'optionalStringArray',\n mfa_policy: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n };\n\n return this._networkClient.fetchSDK<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/organizations/create',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n\n this.intermediateSessions = {\n exchange: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ): Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.intermediateSessions.exchange', data, {\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.fetchSDK<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/intermediate_sessions/exchange',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n }\n}\n"],"names":["HeadlessB2BDiscoveryClient","organizations","intermediateSessions","_subscriptionService","_networkClient","list","fetchSDK","url","body","intermediate_session_token","getIntermediateSessionToken","undefined","method","create","withUpdateSession","data","requestBody","exchange"],"mappings":"AAaO,MAAMA,0BAAAA,CAAAA;;;IAGXC,aAAAA;IAOAC,oBAAAA;AAMA,IAAA,WAAA,CACE,cAAsC,EAC9BC,oBAAoE,CAC5E;aAFQC,cAAAA,GAAAA,cAAAA;aACAD,oBAAAA,GAAAA,oBAAAA;QAER,IAAI,CAACF,aAAa,GAAG;AACnBI,YAAAA,IAAAA,EAAM,UACJ,IAAI,CAACD,cAAc,CAACE,QAAQ,CAAoC;oBAC9DC,GAAAA,EAAK,8BAAA;oBACLC,IAAAA,EAAM;AACJC,wBAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAACN,oBAAoB,CAACO,2BAA2B,EAAA,IAAOC;AACjG,qBAAA;oBACAC,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACFC,YAAAA,MAAAA,EAAQ,IAAI,CAACV,oBAAoB,CAACW,iBAAiB,CACjD,OACEC,IAAAA,GAAAA;AAeA,gBAAA,MAAMC,WAAAA,GAAc;AAClB,oBAAA,GAAGD,IAAI;AACPN,oBAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAACN,oBAAoB,CAACO,2BAA2B,EAAA,IAAOC;AACjG,iBAAA;AAEA,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACE,QAAQ,CAAiE;oBAClGC,GAAAA,EAAK,qCAAA;oBACLC,IAAAA,EAAMQ,WAAAA;oBACNJ,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;AAEJ,SAAA;QAEA,IAAI,CAACV,oBAAoB,GAAG;AAC1Be,YAAAA,QAAAA,EAAU,IAAI,CAACd,oBAAoB,CAACW,iBAAiB,CACnD,OACEC,IAAAA,GAAAA;AAQA,gBAAA,MAAMC,WAAAA,GAAc;AAClB,oBAAA,GAAGD,IAAI;AACPN,oBAAAA,0BAAAA,EAA4B,IAAI,CAACN,oBAAoB,CAACO,2BAA2B,EAAA,IAAMC;AACzF,iBAAA;AACA,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACE,QAAQ,CAA0E;oBAC3GC,GAAAA,EAAK,+CAAA;oBACLC,IAAAA,EAAMQ,WAAAA;oBACNJ,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;AAEJ,SAAA;AACF,IAAA;AACF;;;;"}
package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.mjs CHANGED
@@ -2,7 +2,8 @@ class HeadlessB2BIDPClient {
2
2
  _networkClient;
3
3
  constructor(_networkClient){
4
4
  this._networkClient = _networkClient;
5
- this./**
5
+ }
6
+ /**
6
7
  * Initiates a request for authorization of a Connected App to access a Member's account.
7
8
  *
8
9
  * Call this endpoint using the query parameters from an OAuth Authorization request. This endpoint validates various fields (scope, client_id, redirect_uri, prompt, etc...) are correct and returns relevant information for rendering an OAuth Consent Screen.
@@ -14,11 +15,11 @@ class HeadlessB2BIDPClient {
14
15
  * scope: 'openid email profile',
15
16
  * });
16
17
  */ oauthAuthorizeStart = async (data)=>this._networkClient.fetchSDK({
17
- url: '/idp/b2b/oauth/authorize/start',
18
- method: 'POST',
19
- body: data
20
- });
21
- this./**
18
+ url: '/idp/b2b/oauth/authorize/start',
19
+ method: 'POST',
20
+ body: data
21
+ });
22
+ /**
22
23
  * Completes a request for authorization of a Connected App to access a Member's account.
23
24
  *
24
25
  * Call this endpoint using the query parameters from an OAuth Authorization request, after previously validating those parameters using the Preflight Check API. Note that this endpoint takes in a few additional parameters the preflight check does not- state, nonce, and code_challenge.
@@ -39,19 +40,15 @@ class HeadlessB2BIDPClient {
39
40
  * scope: 'openid email profile',
40
41
  * });
41
42
  */ oauthAuthorizeSubmit = async (data)=>this._networkClient.fetchSDK({
42
- url: '/idp/b2b/oauth/authorize/submit',
43
- method: 'POST',
44
- body: data
45
- });
46
- this.oauthLogoutStart = async (data)=>this._networkClient.fetchSDK({
47
- url: `/b2b/oauth/logout/start`,
48
- method: 'POST',
49
- body: data
50
- });
51
- }
52
- oauthAuthorizeStart;
53
- oauthAuthorizeSubmit;
54
- oauthLogoutStart;
43
+ url: '/idp/b2b/oauth/authorize/submit',
44
+ method: 'POST',
45
+ body: data
46
+ });
47
+ oauthLogoutStart = async (data)=>this._networkClient.fetchSDK({
48
+ url: `/b2b/oauth/logout/start`,
49
+ method: 'POST',
50
+ body: data
51
+ });
55
52
  }
56
53
 
57
54
  export { HeadlessB2BIDPClient };
package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HeadlessB2BIDPClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.ts"],"sourcesContent":["import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BOAuthAuthorizeStartOptions,\n B2BOAuthAuthorizeStartResponse,\n B2BOAuthAuthorizeSubmitOptions,\n B2BOAuthAuthorizeSubmitResponse,\n IHeadlessB2BIDPClient,\n B2BOAuthLogoutStartOptions,\n B2BOAuthLogoutStartResponse,\n} from '../../public/b2b/idp';\n\nexport class HeadlessB2BIDPClient implements IHeadlessB2BIDPClient {\n constructor(private _networkClient: INetworkClient) {}\n\n /**\n * Initiates a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request. This endpoint validates various fields (scope, client_id, redirect_uri, prompt, etc...) are correct and returns relevant information for rendering an OAuth Consent Screen.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeStart({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeStart = async (data: B2BOAuthAuthorizeStartOptions): Promise<B2BOAuthAuthorizeStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeStartResponse>({\n url: '/idp/b2b/oauth/authorize/start',\n method: 'POST',\n body: data,\n });\n\n /**\n * Completes a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request, after previously validating those parameters using the Preflight Check API. Note that this endpoint takes in a few additional parameters the preflight check does not- state, nonce, and code_challenge.\n *\n * If the authorization was successful, the redirect_uri will contain a valid authorization_code embedded as a query parameter. If the authorization was unsuccessful, the redirect_uri will contain an OAuth2.1 error_code. In both cases, redirect the Member to the location for the response to be consumed by the Connected App.\n *\n * Exactly one of the following must be provided to identify the Member granting authorization:\n * organization_id + member_id\n * session_token\n * session_jwt\n *\n * If a session_token or session_jwt is passed, the OAuth Authorization will be linked to the Member's session for tracking purposes. One of these fields must be used if the Connected App intends to complete the Exchange Access Token flow.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeSubmit({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeSubmit = async (data: B2BOAuthAuthorizeSubmitOptions): Promise<B2BOAuthAuthorizeSubmitResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeSubmitResponse>({\n url: '/idp/b2b/oauth/authorize/submit',\n method: 'POST',\n body: data,\n });\n\n oauthLogoutStart = async (data: B2BOAuthLogoutStartOptions): Promise<B2BOAuthLogoutStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthLogoutStartResponse>({\n url: `/b2b/oauth/logout/start`,\n method: 'POST',\n body: data,\n });\n}\n"],"names":["HeadlessB2BIDPClient","constructor","_networkClient","oauthAuthorizeStart","data","fetchSDK","url","method","body","oauthAuthorizeSubmit","oauthLogoutStart"],"mappings":"AAWO,MAAMA,oBAAAA,CAAAA;;IACXC,WAAAA,CAAoBC,cAA8B,CAAE;aAAhCA,cAAAA,GAAAA,cAAAA;AAEpB,QAAA,IAAA;;;;;;;;;;;MAYAC,mBAAAA,GAAsB,OAAOC,IAAAA,GAC3B,IAAI,CAACF,cAAc,CAACG,QAAQ,CAAiC;gBAC3DC,GAAAA,EAAK,gCAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAMJ;AACR,aAAA,CAAA;AAEF,QAAA,IAAA;;;;;;;;;;;;;;;;;;;;MAqBAK,oBAAAA,GAAuB,OAAOL,IAAAA,GAC5B,IAAI,CAACF,cAAc,CAACG,QAAQ,CAAkC;gBAC5DC,GAAAA,EAAK,iCAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAMJ;AACR,aAAA,CAAA;AAEFM,QAAAA,IAAAA,CAAAA,gBAAAA,GAAmB,OAAON,IAAAA,GACxB,IAAI,CAACF,cAAc,CAACG,QAAQ,CAA8B;gBACxDC,GAAAA,EAAK,CAAC,uBAAuB,CAAC;gBAC9BC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAMJ;AACR,aAAA,CAAA;AAtDmD,IAAA;IAcrDD,mBAAAA;IA4BAM,oBAAAA;IAOAC,gBAAAA;AAMF;;;;"}
1
+ {"version":3,"file":"HeadlessB2BIDPClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.ts"],"sourcesContent":["import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BOAuthAuthorizeStartOptions,\n B2BOAuthAuthorizeStartResponse,\n B2BOAuthAuthorizeSubmitOptions,\n B2BOAuthAuthorizeSubmitResponse,\n IHeadlessB2BIDPClient,\n B2BOAuthLogoutStartOptions,\n B2BOAuthLogoutStartResponse,\n} from '../../public/b2b/idp';\n\nexport class HeadlessB2BIDPClient implements IHeadlessB2BIDPClient {\n constructor(private _networkClient: INetworkClient) {}\n\n /**\n * Initiates a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request. This endpoint validates various fields (scope, client_id, redirect_uri, prompt, etc...) are correct and returns relevant information for rendering an OAuth Consent Screen.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeStart({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeStart = async (data: B2BOAuthAuthorizeStartOptions): Promise<B2BOAuthAuthorizeStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeStartResponse>({\n url: '/idp/b2b/oauth/authorize/start',\n method: 'POST',\n body: data,\n });\n\n /**\n * Completes a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request, after previously validating those parameters using the Preflight Check API. Note that this endpoint takes in a few additional parameters the preflight check does not- state, nonce, and code_challenge.\n *\n * If the authorization was successful, the redirect_uri will contain a valid authorization_code embedded as a query parameter. If the authorization was unsuccessful, the redirect_uri will contain an OAuth2.1 error_code. In both cases, redirect the Member to the location for the response to be consumed by the Connected App.\n *\n * Exactly one of the following must be provided to identify the Member granting authorization:\n * organization_id + member_id\n * session_token\n * session_jwt\n *\n * If a session_token or session_jwt is passed, the OAuth Authorization will be linked to the Member's session for tracking purposes. One of these fields must be used if the Connected App intends to complete the Exchange Access Token flow.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeSubmit({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeSubmit = async (data: B2BOAuthAuthorizeSubmitOptions): Promise<B2BOAuthAuthorizeSubmitResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeSubmitResponse>({\n url: '/idp/b2b/oauth/authorize/submit',\n method: 'POST',\n body: data,\n });\n\n oauthLogoutStart = async (data: B2BOAuthLogoutStartOptions): Promise<B2BOAuthLogoutStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthLogoutStartResponse>({\n url: `/b2b/oauth/logout/start`,\n method: 'POST',\n body: data,\n });\n}\n"],"names":["HeadlessB2BIDPClient","_networkClient","oauthAuthorizeStart","data","fetchSDK","url","method","body","oauthAuthorizeSubmit","oauthLogoutStart"],"mappings":"AAWO,MAAMA,oBAAAA,CAAAA;;IACX,WAAA,CAAoBC,cAA8B,CAAE;aAAhCA,cAAAA,GAAAA,cAAAA;AAAiC,IAAA;AAErD;;;;;;;;;;;MAYAC,mBAAAA,GAAsB,OAAOC,IAAAA,GAC3B,IAAI,CAACF,cAAc,CAACG,QAAQ,CAAiC;YAC3DC,GAAAA,EAAK,gCAAA;YACLC,MAAAA,EAAQ,MAAA;YACRC,IAAAA,EAAMJ;SACR,CAAA;AAEF;;;;;;;;;;;;;;;;;;;;MAqBAK,oBAAAA,GAAuB,OAAOL,IAAAA,GAC5B,IAAI,CAACF,cAAc,CAACG,QAAQ,CAAkC;YAC5DC,GAAAA,EAAK,iCAAA;YACLC,MAAAA,EAAQ,MAAA;YACRC,IAAAA,EAAMJ;SACR,CAAA;AAEFM,IAAAA,gBAAAA,GAAmB,OAAON,IAAAA,GACxB,IAAI,CAACF,cAAc,CAACG,QAAQ,CAA8B;YACxDC,GAAAA,EAAK,CAAC,uBAAuB,CAAC;YAC9BC,MAAAA,EAAQ,MAAA;YACRC,IAAAA,EAAMJ;SACR,CAAA;AACJ;;;;"}
package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BImpersonationClient.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HeadlessB2BImpersonationClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BImpersonationClient.ts"],"sourcesContent":["import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BImpersonationAuthenticateOptions,\n B2BImpersonationAuthenticateResponse,\n IHeadlessB2BImpersonationClient,\n} from '../../public/b2b/impersonation';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\n\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BImpersonationClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BImpersonationClient<TProjectConfiguration>\n{\n authenticate: (\n data: B2BImpersonationAuthenticateOptions,\n ) => Promise<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (data: B2BImpersonationAuthenticateOptions) => {\n validateInDev('stytch.impersonation.authenticate', data, {\n impersonation_token: 'string',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/impersonation/authenticate',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n}\n"],"names":["HeadlessB2BImpersonationClient","authenticate","constructor","_networkClient","_subscriptionService","dfpProtectedAuth","withUpdateSession","data","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","retriableFetchSDK","url","body","method","retryCallback","retryWithCaptchaAndDFP"],"mappings":"AAUO,MAAMA,8BAAAA,CAAAA;;;;IAGXC,YAAAA;IAIAC,WAAAA,CACUC,cAA8B,EAC9BC,oBAAoE,EACpEC,gBAA2C,CACnD;aAHQF,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAER,IAAI,CAACJ,YAAY,GAAG,IAAI,CAACG,oBAAoB,CAACE,iBAAiB,CAC7D,OAAOC,IAAAA,GAAAA;YAIL,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AAEnG,YAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAA8D;gBACxGC,GAAAA,EAAK,iCAAA;gBACLC,IAAAA,EAAM;AACJ,oBAAA,GAAGN,IAAI;AACPC,oBAAAA,gBAAAA;AACAC,oBAAAA;AACF,iBAAA;gBACAK,MAAAA,EAAQ,MAAA;AACRC,gBAAAA,aAAAA,EAAe,IAAI,CAACV,gBAAgB,CAACW;AACvC,aAAA,CAAA;AACF,QAAA,CAAA,CAAA;AAEJ,IAAA;AACF;;;;"}
1
+ {"version":3,"file":"HeadlessB2BImpersonationClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BImpersonationClient.ts"],"sourcesContent":["import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BImpersonationAuthenticateOptions,\n B2BImpersonationAuthenticateResponse,\n IHeadlessB2BImpersonationClient,\n} from '../../public/b2b/impersonation';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\n\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BImpersonationClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BImpersonationClient<TProjectConfiguration>\n{\n authenticate: (\n data: B2BImpersonationAuthenticateOptions,\n ) => Promise<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (data: B2BImpersonationAuthenticateOptions) => {\n validateInDev('stytch.impersonation.authenticate', data, {\n impersonation_token: 'string',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/impersonation/authenticate',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n}\n"],"names":["HeadlessB2BImpersonationClient","authenticate","_networkClient","_subscriptionService","dfpProtectedAuth","withUpdateSession","data","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","retriableFetchSDK","url","body","method","retryCallback","retryWithCaptchaAndDFP"],"mappings":"AAUO,MAAMA,8BAAAA,CAAAA;;;;IAGXC,YAAAA;IAIA,WAAA,CACUC,cAA8B,EAC9BC,oBAAoE,EACpEC,gBAA2C,CACnD;aAHQF,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAER,IAAI,CAACH,YAAY,GAAG,IAAI,CAACE,oBAAoB,CAACE,iBAAiB,CAC7D,OAAOC,IAAAA,GAAAA;YAIL,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AAEnG,YAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAA8D;gBACxGC,GAAAA,EAAK,iCAAA;gBACLC,IAAAA,EAAM;AACJ,oBAAA,GAAGN,IAAI;AACPC,oBAAAA,gBAAAA;AACAC,oBAAAA;AACF,iBAAA;gBACAK,MAAAA,EAAQ,MAAA;AACRC,gBAAAA,aAAAA,EAAe,IAAI,CAACV,gBAAgB,CAACW;AACvC,aAAA,CAAA;AACF,QAAA,CAAA,CAAA;AAEJ,IAAA;AACF;;;;"}
package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HeadlessB2BMagicLinkClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.ts"],"sourcesContent":["import { DisabledDFPProtectedAuthProvider, IDFPProtectedAuthProvider } from '../../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../../NetworkClient';\nimport { IPKCEManager } from '../../PKCEManager';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport {\n B2BMagicLinksInviteOptions,\n B2BMagicLinksInviteResponse,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport {\n B2BMagicLinkLoginOrSignupOptions,\n B2BMagicLinkLoginOrSignupResponse,\n B2BMagicLinksAuthenticateOptions,\n B2BMagicLinksAuthenticateResponse,\n B2BMagicLinksDiscoveryAuthenticateOptions,\n B2BMagicLinksDiscoveryAuthenticateResponse,\n B2BMagicLinksEmailDiscoverySendOptions,\n B2BMagicLinksEmailDiscoverySendResponse,\n IHeadlessB2BMagicLinksClient,\n} from '../../public/b2b/magicLinks';\n\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForEmailMagicLinks: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForEmailMagicLinks: false,\n});\n\nexport class HeadlessB2BMagicLinksClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BMagicLinksClient<TProjectConfiguration>\n{\n email: {\n invite: (data: B2BMagicLinksInviteOptions) => Promise<B2BMagicLinksInviteResponse>;\n loginOrSignup: (data: B2BMagicLinkLoginOrSignupOptions) => Promise<ResponseCommon>;\n discovery: {\n send: (data: B2BMagicLinksEmailDiscoverySendOptions) => Promise<B2BMagicLinksEmailDiscoverySendResponse>;\n };\n };\n\n authenticate: (\n data: B2BMagicLinksAuthenticateOptions,\n ) => Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ) => Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _passwordResetPKCEManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider = DisabledDFPProtectedAuthProvider(),\n ) {\n this.email = {\n invite: async (data: B2BMagicLinksInviteOptions): Promise<B2BMagicLinksInviteResponse> => {\n validateInDev('stytch.magicLinks.email.invite', data, {\n email_address: 'string',\n invite_redirect_url: 'optionalString',\n invite_template_id: 'optionalString',\n name: 'optionalString',\n locale: 'optionalString',\n roles: 'optionalStringArray',\n invite_expiration_minutes: 'optionalNumber',\n });\n\n return this._networkClient.fetchSDK<B2BMagicLinksInviteResponse>({\n url: '/b2b/magic_links/email/invite',\n body: data,\n method: 'POST',\n });\n },\n loginOrSignup: async (data: B2BMagicLinkLoginOrSignupOptions): Promise<ResponseCommon> => {\n validateInDev('stytch.magicLinks.email.loginOrSignup', data, {\n email_address: 'string',\n organization_id: 'string',\n login_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n signup_redirect_url: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n };\n return this._networkClient.fetchSDK<B2BMagicLinkLoginOrSignupResponse>({\n url: '/b2b/magic_links/email/login_or_signup',\n body: requestBody,\n method: 'POST',\n });\n },\n discovery: {\n send: async (\n data: B2BMagicLinksEmailDiscoverySendOptions,\n ): Promise<B2BMagicLinksEmailDiscoverySendResponse> => {\n validateInDev('stytch.magicLinks.email.discovery.send', data, {\n email_address: 'string',\n discovery_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BMagicLinksEmailDiscoverySendResponse>({\n url: '/b2b/magic_links/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n },\n };\n\n this.authenticate = this._subscriptionService.withUpdateSession(async (data: B2BMagicLinksAuthenticateOptions) => {\n validateInDev('stytch.magicLinks.authenticate', data, {\n magic_links_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n // When a user resets their password with PKCE turned on, they create a pkPair in the 'passwords' namespace.\n // However, when the user gets the reset password email, they have the option to log in without a password.\n // This redirects them to the magic link authenticate flow, which automatically looks for the pkce code_verifier\n // in the 'magic_links' namespace, breaking the flow. Unfortunately we won't know for sure in the eml authenticate call\n // whether or not the user is coming from a password reset flow. To handle this, we have to try to authenticate with\n // both the 'passwords' and 'magic_links' code_verifiers.\n const passwordResetPKPair = await this._passwordResetPKCEManager.getPKPair();\n\n let resp: B2BMagicLinksAuthenticateResponse<TProjectConfiguration> | null = null;\n\n if (passwordResetPKPair?.code_verifier) {\n try {\n resp = await this.handlePKCEForAuthenticate(this._passwordResetPKCEManager, data);\n } catch (e) {\n if ((e as Error).message.includes('pkce')) {\n // If pkce-related error, fall back to magic links code_verifier\n // eslint-disable-next-line no-console\n console.log(\n 'Authenticate with passwords pkce namespace failed. Falling back to authenticate with magic_links namespace.',\n );\n } else {\n throw e;\n }\n }\n }\n\n if (!resp) {\n resp = await this.handlePKCEForAuthenticate(this._pkceManager, data);\n }\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ): Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.magicLinks.discovery.authenticate', data, {\n discovery_magic_links_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/magic_links/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n if (!pkceRequiredForEmailMagicLinks) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n private async handlePKCEForAuthenticate(\n pkceManager: IPKCEManager,\n data: B2BMagicLinksAuthenticateOptions,\n ): Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>> {\n const pkPair = await pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/magic_links/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n pkceManager.clearPKPair();\n\n return resp;\n }\n}\n"],"names":["DefaultDynamicConfig","Promise","resolve","pkceRequiredForEmailMagicLinks","HeadlessB2BMagicLinksClient","email","authenticate","discovery","constructor","_config","dfpProtectedAuth","DisabledDFPProtectedAuthProvider","_networkClient","_subscriptionService","_pkceManager","_passwordResetPKCEManager","invite","data","fetchSDK","url","body","method","loginOrSignup","pkce_code_challenge","getCodeChallenge","requestBody","send","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","retriableFetchSDK","retryCallback","retryWithCaptchaAndDFP","withUpdateSession","passwordResetPKPair","getPKPair","resp","code_verifier","handlePKCEForAuthenticate","e","message","includes","console","log","pkPair","pkce_code_verifier","clearPKPair","undefined","keyPair","code_challenge","startPKCETransaction","pkceManager","intermediate_session_token","getIntermediateSessionToken"],"mappings":";;AA4BA,MAAMA,oBAAAA,GAAuBC,OAAAA,CAAQC,OAAO,CAAC;IAC3CC,8BAAAA,EAAgC;AAClC,CAAA,CAAA;AAEO,MAAMC,2BAAAA,CAAAA;;;;;;;IAGXC,KAAAA;IAQAC,YAAAA;IAIAC,SAAAA;AAMAC,IAAAA,WAAAA,CACE,cAAsC,EACtC,oBAA4E,EAC5E,YAAkC,EAClC,yBAA+C,EAC/C,OAAQC,GAAyBT,oBAAoB,EACrD,gBAAQU,GAA8CC,kCAAkC,CACxF;aANQC,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,YAAAA,GAAAA,YAAAA;aACAC,yBAAAA,GAAAA,yBAAAA;aACAN,OAAAA,GAAAA,OAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAER,IAAI,CAACL,KAAK,GAAG;AACXW,YAAAA,MAAAA,EAAQ,OAAOC,IAAAA,GAAAA;AAWb,gBAAA,OAAO,IAAI,CAACL,cAAc,CAACM,QAAQ,CAA8B;oBAC/DC,GAAAA,EAAK,+BAAA;oBACLC,IAAAA,EAAMH,IAAAA;oBACNI,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;AACAC,YAAAA,aAAAA,EAAe,OAAOL,IAAAA,GAAAA;AAapB,gBAAA,MAAMM,mBAAAA,GAAsB,MAAM,IAAI,CAACC,gBAAgB,EAAA;AACvD,gBAAA,MAAMC,WAAAA,GAAc;AAClB,oBAAA,GAAGR,IAAI;AACPM,oBAAAA;AACF,iBAAA;AACA,gBAAA,OAAO,IAAI,CAACX,cAAc,CAACM,QAAQ,CAAoC;oBACrEC,GAAAA,EAAK,wCAAA;oBACLC,IAAAA,EAAMK,WAAAA;oBACNJ,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;YACAd,SAAAA,EAAW;AACTmB,gBAAAA,IAAAA,EAAM,OACJT,IAAAA,GAAAA;oBAUA,MAAM,EAAEU,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAAClB,gBAAgB,CAACmB,2BAA2B,EAAA;AACnG,oBAAA,MAAMN,mBAAAA,GAAsB,MAAM,IAAI,CAACC,gBAAgB,EAAA;AACvD,oBAAA,MAAMC,WAAAA,GAAc;AAClB,wBAAA,GAAGR,IAAI;AACPM,wBAAAA,mBAAAA;AACAI,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;AACA,oBAAA,OAAO,IAAI,CAAChB,cAAc,CAACkB,iBAAiB,CAA0C;wBACpFX,GAAAA,EAAK,uCAAA;wBACLC,IAAAA,EAAMK,WAAAA;wBACNJ,MAAAA,EAAQ,MAAA;AACRU,wBAAAA,aAAAA,EAAe,IAAI,CAACrB,gBAAgB,CAACsB;AACvC,qBAAA,CAAA;AACF,gBAAA;AACF;AACF,SAAA;QAEA,IAAI,CAAC1B,YAAY,GAAG,IAAI,CAACO,oBAAoB,CAACoB,iBAAiB,CAAC,OAAOhB,IAAAA,GAAAA;;;;;;;AAarE,YAAA,MAAMiB,sBAAsB,MAAM,IAAI,CAACnB,yBAAyB,CAACoB,SAAS,EAAA;AAE1E,YAAA,IAAIC,IAAAA,GAAwE,IAAA;AAE5E,YAAA,IAAIF,qBAAqBG,aAAAA,EAAe;gBACtC,IAAI;oBACFD,IAAAA,GAAO,MAAM,IAAI,CAACE,yBAAyB,CAAC,IAAI,CAACvB,yBAAyB,EAAEE,IAAAA,CAAAA;AAC9E,gBAAA,CAAA,CAAE,OAAOsB,CAAAA,EAAG;AACV,oBAAA,IAAI,CAACA,CAAYC,OAAO,CAACC,QAAQ,CAAC,MAAA,CAAA,EAAS;;;AAGzCC,wBAAAA,OAAAA,CAAQC,GAAG,CACT,6GAAA,CAAA;qBAEJ,MAAO;wBACL,MAAMJ,CAAAA;AACR,oBAAA;AACF,gBAAA;AACF,YAAA;AAEA,YAAA,IAAI,CAACH,IAAAA,EAAM;gBACTA,IAAAA,GAAO,MAAM,IAAI,CAACE,yBAAyB,CAAC,IAAI,CAACxB,YAAY,EAAEG,IAAAA,CAAAA;AACjE,YAAA;YAEA,OAAOmB,IAAAA;AACT,QAAA,CAAA,CAAA;QAEA,IAAI,CAAC7B,SAAS,GAAG;AACfD,YAAAA,YAAAA,EAAc,IAAI,CAACO,oBAAoB,CAACoB,iBAAiB,CACvD,OACEhB,IAAAA,GAAAA;AAMA,gBAAA,MAAM2B,SAAS,MAAM,IAAI,CAAC9B,YAAY,CAACqB,SAAS,EAAA;gBAEhD,MAAM,EAAER,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAAClB,gBAAgB,CAACmB,2BAA2B,EAAA;AAEnG,gBAAA,MAAMJ,WAAAA,GAAc;AAClBoB,oBAAAA,kBAAAA,EAAoBD,MAAAA,EAAQP,aAAAA;AAC5BV,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACA,oBAAA,GAAGX;AACL,iBAAA;AACA,gBAAA,MAAMmB,OAAO,MAAM,IAAI,CAACxB,cAAc,CAACkB,iBAAiB,CAEtD;oBACAX,GAAAA,EAAK,yCAAA;oBACLC,IAAAA,EAAMK,WAAAA;oBACNJ,MAAAA,EAAQ,MAAA;AACRU,oBAAAA,aAAAA,EAAe,IAAI,CAACrB,gBAAgB,CAACsB;AACvC,iBAAA,CAAA;gBAEA,IAAI,CAAClB,YAAY,CAACgC,WAAW,EAAA;gBAE7B,OAAOV,IAAAA;AACT,YAAA,CAAA;AAEJ,SAAA;AACF,IAAA;AAEA,IAAA,MAAcZ,gBAAAA,GAAgD;AAC5D,QAAA,MAAM,EAAErB,8BAA8B,EAAE,GAAG,MAAM,IAAI,CAACM,OAAO;AAC7D,QAAA,IAAI,CAACN,8BAAAA,EAAgC;YACnC,OAAO4C,SAAAA;AACT,QAAA;AACA,QAAA,IAAIC,UAAU,MAAM,IAAI,CAAClC,YAAY,CAACqB,SAAS,EAAA;AAC/C,QAAA,IAAIa,OAAAA,EAAS;AACX,YAAA,OAAOA,QAAQC,cAAc;AAC/B,QAAA;AACAD,QAAAA,OAAAA,GAAU,MAAM,IAAI,CAAClC,YAAY,CAACoC,oBAAoB,EAAA;AACtD,QAAA,OAAOF,QAAQC,cAAc;AAC/B,IAAA;AAEA,IAAA,MAAcX,yBAAAA,CACZa,WAAyB,EACzBlC,IAAsC,EAC6B;QACnE,MAAM2B,MAAAA,GAAS,MAAMO,WAAAA,CAAYhB,SAAS,EAAA;QAE1C,MAAM,EAAER,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAAClB,gBAAgB,CAACmB,2BAA2B,EAAA;AAEnG,QAAA,MAAMJ,WAAAA,GAAc;AAClBoB,YAAAA,kBAAAA,EAAoBD,MAAAA,EAAQP,aAAAA;AAC5BV,YAAAA,gBAAAA;AACAC,YAAAA,aAAAA;AACAwB,YAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAACvC,oBAAoB,CAACwC,2BAA2B,EAAA,IAAON,SAAAA;AAC/F,YAAA,GAAG9B;AACL,SAAA;AACA,QAAA,MAAMmB,OAAO,MAAM,IAAI,CAACxB,cAAc,CAACkB,iBAAiB,CAA2D;YACjHX,GAAAA,EAAK,+BAAA;YACLC,IAAAA,EAAMK,WAAAA;YACNJ,MAAAA,EAAQ,MAAA;AACRU,YAAAA,aAAAA,EAAe,IAAI,CAACrB,gBAAgB,CAACsB;AACvC,SAAA,CAAA;AAEAmB,QAAAA,WAAAA,CAAYL,WAAW,EAAA;QAEvB,OAAOV,IAAAA;AACT,IAAA;AACF;;;;"}
1
+ {"version":3,"file":"HeadlessB2BMagicLinkClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.ts"],"sourcesContent":["import { DisabledDFPProtectedAuthProvider, IDFPProtectedAuthProvider } from '../../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../../NetworkClient';\nimport { IPKCEManager } from '../../PKCEManager';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport {\n B2BMagicLinksInviteOptions,\n B2BMagicLinksInviteResponse,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport {\n B2BMagicLinkLoginOrSignupOptions,\n B2BMagicLinkLoginOrSignupResponse,\n B2BMagicLinksAuthenticateOptions,\n B2BMagicLinksAuthenticateResponse,\n B2BMagicLinksDiscoveryAuthenticateOptions,\n B2BMagicLinksDiscoveryAuthenticateResponse,\n B2BMagicLinksEmailDiscoverySendOptions,\n B2BMagicLinksEmailDiscoverySendResponse,\n IHeadlessB2BMagicLinksClient,\n} from '../../public/b2b/magicLinks';\n\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForEmailMagicLinks: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForEmailMagicLinks: false,\n});\n\nexport class HeadlessB2BMagicLinksClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BMagicLinksClient<TProjectConfiguration>\n{\n email: {\n invite: (data: B2BMagicLinksInviteOptions) => Promise<B2BMagicLinksInviteResponse>;\n loginOrSignup: (data: B2BMagicLinkLoginOrSignupOptions) => Promise<ResponseCommon>;\n discovery: {\n send: (data: B2BMagicLinksEmailDiscoverySendOptions) => Promise<B2BMagicLinksEmailDiscoverySendResponse>;\n };\n };\n\n authenticate: (\n data: B2BMagicLinksAuthenticateOptions,\n ) => Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ) => Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _passwordResetPKCEManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider = DisabledDFPProtectedAuthProvider(),\n ) {\n this.email = {\n invite: async (data: B2BMagicLinksInviteOptions): Promise<B2BMagicLinksInviteResponse> => {\n validateInDev('stytch.magicLinks.email.invite', data, {\n email_address: 'string',\n invite_redirect_url: 'optionalString',\n invite_template_id: 'optionalString',\n name: 'optionalString',\n locale: 'optionalString',\n roles: 'optionalStringArray',\n invite_expiration_minutes: 'optionalNumber',\n });\n\n return this._networkClient.fetchSDK<B2BMagicLinksInviteResponse>({\n url: '/b2b/magic_links/email/invite',\n body: data,\n method: 'POST',\n });\n },\n loginOrSignup: async (data: B2BMagicLinkLoginOrSignupOptions): Promise<ResponseCommon> => {\n validateInDev('stytch.magicLinks.email.loginOrSignup', data, {\n email_address: 'string',\n organization_id: 'string',\n login_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n signup_redirect_url: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n };\n return this._networkClient.fetchSDK<B2BMagicLinkLoginOrSignupResponse>({\n url: '/b2b/magic_links/email/login_or_signup',\n body: requestBody,\n method: 'POST',\n });\n },\n discovery: {\n send: async (\n data: B2BMagicLinksEmailDiscoverySendOptions,\n ): Promise<B2BMagicLinksEmailDiscoverySendResponse> => {\n validateInDev('stytch.magicLinks.email.discovery.send', data, {\n email_address: 'string',\n discovery_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BMagicLinksEmailDiscoverySendResponse>({\n url: '/b2b/magic_links/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n },\n };\n\n this.authenticate = this._subscriptionService.withUpdateSession(async (data: B2BMagicLinksAuthenticateOptions) => {\n validateInDev('stytch.magicLinks.authenticate', data, {\n magic_links_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n // When a user resets their password with PKCE turned on, they create a pkPair in the 'passwords' namespace.\n // However, when the user gets the reset password email, they have the option to log in without a password.\n // This redirects them to the magic link authenticate flow, which automatically looks for the pkce code_verifier\n // in the 'magic_links' namespace, breaking the flow. Unfortunately we won't know for sure in the eml authenticate call\n // whether or not the user is coming from a password reset flow. To handle this, we have to try to authenticate with\n // both the 'passwords' and 'magic_links' code_verifiers.\n const passwordResetPKPair = await this._passwordResetPKCEManager.getPKPair();\n\n let resp: B2BMagicLinksAuthenticateResponse<TProjectConfiguration> | null = null;\n\n if (passwordResetPKPair?.code_verifier) {\n try {\n resp = await this.handlePKCEForAuthenticate(this._passwordResetPKCEManager, data);\n } catch (e) {\n if ((e as Error).message.includes('pkce')) {\n // If pkce-related error, fall back to magic links code_verifier\n // eslint-disable-next-line no-console\n console.log(\n 'Authenticate with passwords pkce namespace failed. Falling back to authenticate with magic_links namespace.',\n );\n } else {\n throw e;\n }\n }\n }\n\n if (!resp) {\n resp = await this.handlePKCEForAuthenticate(this._pkceManager, data);\n }\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ): Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.magicLinks.discovery.authenticate', data, {\n discovery_magic_links_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/magic_links/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n if (!pkceRequiredForEmailMagicLinks) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n private async handlePKCEForAuthenticate(\n pkceManager: IPKCEManager,\n data: B2BMagicLinksAuthenticateOptions,\n ): Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>> {\n const pkPair = await pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/magic_links/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n pkceManager.clearPKPair();\n\n return resp;\n }\n}\n"],"names":["DefaultDynamicConfig","Promise","resolve","pkceRequiredForEmailMagicLinks","HeadlessB2BMagicLinksClient","email","authenticate","discovery","_config","dfpProtectedAuth","DisabledDFPProtectedAuthProvider","_networkClient","_subscriptionService","_pkceManager","_passwordResetPKCEManager","invite","data","fetchSDK","url","body","method","loginOrSignup","pkce_code_challenge","getCodeChallenge","requestBody","send","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","retriableFetchSDK","retryCallback","retryWithCaptchaAndDFP","withUpdateSession","passwordResetPKPair","getPKPair","resp","code_verifier","handlePKCEForAuthenticate","e","message","includes","console","log","pkPair","pkce_code_verifier","clearPKPair","undefined","keyPair","code_challenge","startPKCETransaction","pkceManager","intermediate_session_token","getIntermediateSessionToken"],"mappings":";;AA4BA,MAAMA,oBAAAA,GAAuBC,OAAAA,CAAQC,OAAO,CAAC;IAC3CC,8BAAAA,EAAgC;AAClC,CAAA,CAAA;AAEO,MAAMC,2BAAAA,CAAAA;;;;;;;IAGXC,KAAAA;IAQAC,YAAAA;IAIAC,SAAAA;AAMA,IAAA,WAAA,CACE,cAAsC,EACtC,oBAA4E,EAC5E,YAAkC,EAClC,yBAA+C,EAC/C,OAAQC,GAAyBR,oBAAoB,EACrD,gBAAQS,GAA8CC,kCAAkC,CACxF;aANQC,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,YAAAA,GAAAA,YAAAA;aACAC,yBAAAA,GAAAA,yBAAAA;aACAN,OAAAA,GAAAA,OAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAER,IAAI,CAACJ,KAAK,GAAG;AACXU,YAAAA,MAAAA,EAAQ,OAAOC,IAAAA,GAAAA;AAWb,gBAAA,OAAO,IAAI,CAACL,cAAc,CAACM,QAAQ,CAA8B;oBAC/DC,GAAAA,EAAK,+BAAA;oBACLC,IAAAA,EAAMH,IAAAA;oBACNI,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;AACAC,YAAAA,aAAAA,EAAe,OAAOL,IAAAA,GAAAA;AAapB,gBAAA,MAAMM,mBAAAA,GAAsB,MAAM,IAAI,CAACC,gBAAgB,EAAA;AACvD,gBAAA,MAAMC,WAAAA,GAAc;AAClB,oBAAA,GAAGR,IAAI;AACPM,oBAAAA;AACF,iBAAA;AACA,gBAAA,OAAO,IAAI,CAACX,cAAc,CAACM,QAAQ,CAAoC;oBACrEC,GAAAA,EAAK,wCAAA;oBACLC,IAAAA,EAAMK,WAAAA;oBACNJ,MAAAA,EAAQ;AACV,iBAAA,CAAA;AACF,YAAA,CAAA;YACAb,SAAAA,EAAW;AACTkB,gBAAAA,IAAAA,EAAM,OACJT,IAAAA,GAAAA;oBAUA,MAAM,EAAEU,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAAClB,gBAAgB,CAACmB,2BAA2B,EAAA;AACnG,oBAAA,MAAMN,mBAAAA,GAAsB,MAAM,IAAI,CAACC,gBAAgB,EAAA;AACvD,oBAAA,MAAMC,WAAAA,GAAc;AAClB,wBAAA,GAAGR,IAAI;AACPM,wBAAAA,mBAAAA;AACAI,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;AACA,oBAAA,OAAO,IAAI,CAAChB,cAAc,CAACkB,iBAAiB,CAA0C;wBACpFX,GAAAA,EAAK,uCAAA;wBACLC,IAAAA,EAAMK,WAAAA;wBACNJ,MAAAA,EAAQ,MAAA;AACRU,wBAAAA,aAAAA,EAAe,IAAI,CAACrB,gBAAgB,CAACsB;AACvC,qBAAA,CAAA;AACF,gBAAA;AACF;AACF,SAAA;QAEA,IAAI,CAACzB,YAAY,GAAG,IAAI,CAACM,oBAAoB,CAACoB,iBAAiB,CAAC,OAAOhB,IAAAA,GAAAA;;;;;;;AAarE,YAAA,MAAMiB,sBAAsB,MAAM,IAAI,CAACnB,yBAAyB,CAACoB,SAAS,EAAA;AAE1E,YAAA,IAAIC,IAAAA,GAAwE,IAAA;AAE5E,YAAA,IAAIF,qBAAqBG,aAAAA,EAAe;gBACtC,IAAI;oBACFD,IAAAA,GAAO,MAAM,IAAI,CAACE,yBAAyB,CAAC,IAAI,CAACvB,yBAAyB,EAAEE,IAAAA,CAAAA;AAC9E,gBAAA,CAAA,CAAE,OAAOsB,CAAAA,EAAG;AACV,oBAAA,IAAI,CAACA,CAAYC,OAAO,CAACC,QAAQ,CAAC,MAAA,CAAA,EAAS;;;AAGzCC,wBAAAA,OAAAA,CAAQC,GAAG,CACT,6GAAA,CAAA;qBAEJ,MAAO;wBACL,MAAMJ,CAAAA;AACR,oBAAA;AACF,gBAAA;AACF,YAAA;AAEA,YAAA,IAAI,CAACH,IAAAA,EAAM;gBACTA,IAAAA,GAAO,MAAM,IAAI,CAACE,yBAAyB,CAAC,IAAI,CAACxB,YAAY,EAAEG,IAAAA,CAAAA;AACjE,YAAA;YAEA,OAAOmB,IAAAA;AACT,QAAA,CAAA,CAAA;QAEA,IAAI,CAAC5B,SAAS,GAAG;AACfD,YAAAA,YAAAA,EAAc,IAAI,CAACM,oBAAoB,CAACoB,iBAAiB,CACvD,OACEhB,IAAAA,GAAAA;AAMA,gBAAA,MAAM2B,SAAS,MAAM,IAAI,CAAC9B,YAAY,CAACqB,SAAS,EAAA;gBAEhD,MAAM,EAAER,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAAClB,gBAAgB,CAACmB,2BAA2B,EAAA;AAEnG,gBAAA,MAAMJ,WAAAA,GAAc;AAClBoB,oBAAAA,kBAAAA,EAAoBD,MAAAA,EAAQP,aAAAA;AAC5BV,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACA,oBAAA,GAAGX;AACL,iBAAA;AACA,gBAAA,MAAMmB,OAAO,MAAM,IAAI,CAACxB,cAAc,CAACkB,iBAAiB,CAEtD;oBACAX,GAAAA,EAAK,yCAAA;oBACLC,IAAAA,EAAMK,WAAAA;oBACNJ,MAAAA,EAAQ,MAAA;AACRU,oBAAAA,aAAAA,EAAe,IAAI,CAACrB,gBAAgB,CAACsB;AACvC,iBAAA,CAAA;gBAEA,IAAI,CAAClB,YAAY,CAACgC,WAAW,EAAA;gBAE7B,OAAOV,IAAAA;AACT,YAAA,CAAA;AAEJ,SAAA;AACF,IAAA;AAEA,IAAA,MAAcZ,gBAAAA,GAAgD;AAC5D,QAAA,MAAM,EAAEpB,8BAA8B,EAAE,GAAG,MAAM,IAAI,CAACK,OAAO;AAC7D,QAAA,IAAI,CAACL,8BAAAA,EAAgC;YACnC,OAAO2C,SAAAA;AACT,QAAA;AACA,QAAA,IAAIC,UAAU,MAAM,IAAI,CAAClC,YAAY,CAACqB,SAAS,EAAA;AAC/C,QAAA,IAAIa,OAAAA,EAAS;AACX,YAAA,OAAOA,QAAQC,cAAc;AAC/B,QAAA;AACAD,QAAAA,OAAAA,GAAU,MAAM,IAAI,CAAClC,YAAY,CAACoC,oBAAoB,EAAA;AACtD,QAAA,OAAOF,QAAQC,cAAc;AAC/B,IAAA;AAEA,IAAA,MAAcX,yBAAAA,CACZa,WAAyB,EACzBlC,IAAsC,EAC6B;QACnE,MAAM2B,MAAAA,GAAS,MAAMO,WAAAA,CAAYhB,SAAS,EAAA;QAE1C,MAAM,EAAER,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAAClB,gBAAgB,CAACmB,2BAA2B,EAAA;AAEnG,QAAA,MAAMJ,WAAAA,GAAc;AAClBoB,YAAAA,kBAAAA,EAAoBD,MAAAA,EAAQP,aAAAA;AAC5BV,YAAAA,gBAAAA;AACAC,YAAAA,aAAAA;AACAwB,YAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAACvC,oBAAoB,CAACwC,2BAA2B,EAAA,IAAON,SAAAA;AAC/F,YAAA,GAAG9B;AACL,SAAA;AACA,QAAA,MAAMmB,OAAO,MAAM,IAAI,CAACxB,cAAc,CAACkB,iBAAiB,CAA2D;YACjHX,GAAAA,EAAK,+BAAA;YACLC,IAAAA,EAAMK,WAAAA;YACNJ,MAAAA,EAAQ,MAAA;AACRU,YAAAA,aAAAA,EAAe,IAAI,CAACrB,gBAAgB,CAACsB;AACvC,SAAA,CAAA;AAEAmB,QAAAA,WAAAA,CAAYL,WAAW,EAAA;QAEvB,OAAOV,IAAAA;AACT,IAAA;AACF;;;;"}
package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BOAuthClient.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HeadlessB2BOAuthClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BOAuthClient.ts"],"sourcesContent":["import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient, IPKCEManager } from '../..';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport {\n B2BOAuthAuthenticateOptions,\n B2BOAuthAuthenticateResponse,\n B2BOAuthDiscoveryAuthenticateResponse,\n B2BOAuthDiscoveryStartOptions,\n IHeadlessB2BOAuthClient,\n OAuthDiscoveryAuthenticateOptions,\n OAuthStartOptions,\n} from '../../public/b2b/oauth';\nimport { B2BOAuthProviders } from '../../public/b2b/ui';\nimport { isTestPublicToken, logger } from '../../utils';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n cnameDomain: null | string;\n pkceRequiredForOAuth: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport class HeadlessB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOAuthClient<TProjectConfiguration>\n{\n authenticate: (options: B2BOAuthAuthenticateOptions) => Promise<B2BOAuthAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: OAuthDiscoveryAuthenticateOptions,\n ) => Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n google: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n microsoft: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n hubspot: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n slack: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n github: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n protected _pkceManager: IPKCEManager,\n protected _dynamicConfig: DynamicConfig,\n protected _config: Config,\n protected dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(async (options: B2BOAuthAuthenticateOptions) => {\n validateInDev('stytch.oauth.authenticate', options, {\n oauth_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const keyPair = await this._pkceManager.getPKPair();\n\n if (!keyPair) {\n logger.warn(\n 'No code verifier found in local storage for OAuth flow.\\n' +\n 'Consider using stytch.oauth.$provider.start() to add PKCE to your OAuth flows for added security.\\n' +\n 'See https://stytch.com/docs/oauth#guides_pkce for more information.',\n );\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const resp = await this._networkClient.retriableFetchSDK<B2BOAuthAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/oauth/authenticate',\n method: 'POST',\n body: {\n pkce_code_verifier: keyPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...options,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: OAuthDiscoveryAuthenticateOptions,\n ): Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.oauth.discovery.authenticate', data, {\n discovery_oauth_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/oauth/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n\n this.google = {\n start: this.startOAuthFlow(B2BOAuthProviders.Google),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Google),\n },\n };\n\n this.microsoft = {\n start: this.startOAuthFlow(B2BOAuthProviders.Microsoft),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Microsoft),\n },\n };\n\n this.hubspot = {\n start: this.startOAuthFlow(B2BOAuthProviders.HubSpot),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.HubSpot),\n },\n };\n\n this.slack = {\n start: this.startOAuthFlow(B2BOAuthProviders.Slack),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Slack),\n },\n };\n\n this.github = {\n start: this.startOAuthFlow(B2BOAuthProviders.GitHub),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.GitHub),\n },\n };\n }\n\n protected async getBaseApiUrl() {\n const { cnameDomain } = await this._dynamicConfig;\n if (cnameDomain) {\n // The API returns cname domains without a protocol - assume HTTPS\n return `https://${cnameDomain}`;\n }\n // Our TestAPIURL and LiveAPIURL should have the HTTPS protocol already attached\n // Don't add it twice!\n if (isTestPublicToken(this._config.publicToken)) {\n return this._config.testAPIURL;\n }\n return this._config.liveAPIURL;\n }\n\n protected startOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: OAuthStartOptions): Promise<void> => {\n const {\n organization_id,\n organization_slug,\n login_redirect_url,\n signup_redirect_url,\n custom_scopes,\n provider_params,\n } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (organization_id && organization_id != '') {\n startUrl.searchParams.set('organization_id', organization_id);\n }\n\n if (organization_slug && organization_slug != '') {\n startUrl.searchParams.set('slug', organization_slug);\n }\n\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (login_redirect_url) startUrl.searchParams.set('login_redirect_url', login_redirect_url);\n if (signup_redirect_url) startUrl.searchParams.set('signup_redirect_url', signup_redirect_url);\n\n this.navigate(startUrl);\n };\n }\n\n protected startDiscoveryOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: B2BOAuthDiscoveryStartOptions): Promise<void> => {\n const { discovery_redirect_url, custom_scopes, provider_params } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/discovery/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (discovery_redirect_url) {\n startUrl.searchParams.set('discovery_redirect_url', discovery_redirect_url);\n }\n\n this.navigate(startUrl);\n };\n }\n\n // Public so it can be mocked in tests\n navigate(url: URL) {\n window.location.href = url.toString();\n }\n}\n"],"names":["HeadlessB2BOAuthClient","authenticate","discovery","google","microsoft","hubspot","slack","github","constructor","_dynamicConfig","_config","dfpProtectedAuth","_networkClient","_subscriptionService","_pkceManager","withUpdateSession","options","keyPair","getPKPair","logger","warn","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","resp","retriableFetchSDK","url","method","body","pkce_code_verifier","code_verifier","intermediate_session_token","getIntermediateSessionToken","undefined","retryCallback","retryWithCaptchaAndDFP","clearPKPair","data","pkPair","requestBody","start","startOAuthFlow","B2BOAuthProviders","Google","startDiscoveryOAuthFlow","Microsoft","HubSpot","Slack","GitHub","getBaseApiUrl","cnameDomain","isTestPublicToken","publicToken","testAPIURL","liveAPIURL","providerType","organization_id","organization_slug","login_redirect_url","signup_redirect_url","custom_scopes","provider_params","pkceRequiredForOAuth","baseURL","startUrl","URL","searchParams","set","join","key","startPKCETransaction","code_challenge","navigate","discovery_redirect_url","window","location","href","toString"],"mappings":";;;;+BAyBO,MAAMA,sBAAAA,CAAAA;;;;;;;IAGXC,YAAAA;IAEAC,SAAAA;IAMAC,MAAAA;IAOAC,SAAAA;IAOAC,OAAAA;IAOAC,KAAAA;IAOAC,MAAAA;AAOAC,IAAAA,WAAAA,CACE,cAAwC,EACxC,oBAA8E,EAC9E,YAAoC,EAC1BC,cAA6B,EAC7BC,OAAe,EACfC,gBAA2C,CACrD;aANUC,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,YAAAA,GAAAA,YAAAA;aACAL,cAAAA,GAAAA,cAAAA;aACAC,OAAAA,GAAAA,OAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAEV,IAAI,CAACV,YAAY,GAAG,IAAI,CAACY,oBAAoB,CAACE,iBAAiB,CAAC,OAAOC,OAAAA,GAAAA;AAOrE,YAAA,MAAMC,UAAU,MAAM,IAAI,CAACH,YAAY,CAACI,SAAS,EAAA;AAEjD,YAAA,IAAI,CAACD,OAAAA,EAAS;gBACZE,MAAAA,CAAOC,IAAI,CACT,2DAAA,GACE,qGAAA,GACA,qEAAA,CAAA;AAEN,YAAA;YAEA,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACX,gBAAgB,CAACY,2BAA2B,EAAA;AACnG,YAAA,MAAMC,OAAO,MAAM,IAAI,CAACZ,cAAc,CAACa,iBAAiB,CAAsD;gBAC5GC,GAAAA,EAAK,yBAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;AACJC,oBAAAA,kBAAAA,EAAoBZ,OAAAA,EAASa,aAAAA;AAC7BT,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACAS,oBAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAAClB,oBAAoB,CAACmB,2BAA2B,EAAA,IAAOC,SAAAA;AAC/F,oBAAA,GAAGjB;AACL,iBAAA;AACAkB,gBAAAA,aAAAA,EAAe,IAAI,CAACvB,gBAAgB,CAACwB;AACvC,aAAA,CAAA;YAEA,IAAI,CAACrB,YAAY,CAACsB,WAAW,EAAA;YAE7B,OAAOZ,IAAAA;AACT,QAAA,CAAA,CAAA;QAEA,IAAI,CAACtB,SAAS,GAAG;AACfD,YAAAA,YAAAA,EAAc,IAAI,CAACY,oBAAoB,CAACE,iBAAiB,CACvD,OACEsB,IAAAA,GAAAA;AAMA,gBAAA,MAAMC,SAAS,MAAM,IAAI,CAACxB,YAAY,CAACI,SAAS,EAAA;gBAEhD,MAAM,EAAEG,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACX,gBAAgB,CAACY,2BAA2B,EAAA;AAEnG,gBAAA,MAAMgB,WAAAA,GAAc;AAClBV,oBAAAA,kBAAAA,EAAoBS,MAAAA,EAAQR,aAAAA;AAC5BT,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACA,oBAAA,GAAGe;AACL,iBAAA;AACA,gBAAA,MAAMb,OAAO,MAAM,IAAI,CAACZ,cAAc,CAACa,iBAAiB,CAEtD;oBACAC,GAAAA,EAAK,mCAAA;oBACLE,IAAAA,EAAMW,WAAAA;oBACNZ,MAAAA,EAAQ,MAAA;AACRO,oBAAAA,aAAAA,EAAe,IAAI,CAACvB,gBAAgB,CAACwB;AACvC,iBAAA,CAAA;gBAEA,IAAI,CAACrB,YAAY,CAACsB,WAAW,EAAA;gBAE7B,OAAOZ,IAAAA;AACT,YAAA,CAAA;AAEJ,SAAA;QAEA,IAAI,CAACrB,MAAM,GAAG;AACZqC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBC,MAAM,CAAA;YACnDzC,SAAAA,EAAW;AACTsC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBC,MAAM;AAC9D;AACF,SAAA;QAEA,IAAI,CAACvC,SAAS,GAAG;AACfoC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBG,SAAS,CAAA;YACtD3C,SAAAA,EAAW;AACTsC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBG,SAAS;AACjE;AACF,SAAA;QAEA,IAAI,CAACxC,OAAO,GAAG;AACbmC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBI,OAAO,CAAA;YACpD5C,SAAAA,EAAW;AACTsC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBI,OAAO;AAC/D;AACF,SAAA;QAEA,IAAI,CAACxC,KAAK,GAAG;AACXkC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBK,KAAK,CAAA;YAClD7C,SAAAA,EAAW;AACTsC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBK,KAAK;AAC7D;AACF,SAAA;QAEA,IAAI,CAACxC,MAAM,GAAG;AACZiC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBM,MAAM,CAAA;YACnD9C,SAAAA,EAAW;AACTsC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBM,MAAM;AAC9D;AACF,SAAA;AACF,IAAA;AAEA,IAAA,MAAgBC,aAAAA,GAAgB;AAC9B,QAAA,MAAM,EAAEC,WAAW,EAAE,GAAG,MAAM,IAAI,CAACzC,cAAc;AACjD,QAAA,IAAIyC,WAAAA,EAAa;;YAEf,OAAO,CAAC,QAAQ,EAAEA,WAAAA,CAAAA,CAAa;AACjC,QAAA;;;AAGA,QAAA,IAAIC,kBAAkB,IAAI,CAACzC,OAAO,CAAC0C,WAAW,CAAA,EAAG;AAC/C,YAAA,OAAO,IAAI,CAAC1C,OAAO,CAAC2C,UAAU;AAChC,QAAA;AACA,QAAA,OAAO,IAAI,CAAC3C,OAAO,CAAC4C,UAAU;AAChC,IAAA;AAEUb,IAAAA,cAAAA,CAAec,YAA+B,EAAE;AACxD,QAAA,OAAO,OAAOvC,OAAAA,GAAAA;AACZ,YAAA,MAAM,EACJwC,eAAe,EACfC,iBAAiB,EACjBC,kBAAkB,EAClBC,mBAAmB,EACnBC,aAAa,EACbC,eAAe,EAChB,GAAG7C,OAAAA;AACJ,YAAA,MAAM,EAAE8C,oBAAoB,EAAE,GAAG,MAAM,IAAI,CAACrD,cAAc;AAC1D,YAAA,MAAMsD,OAAAA,GAAU,MAAM,IAAI,CAACd,aAAa,EAAA;YAExC,MAAMe,QAAAA,GAAW,IAAIC,GAAAA,CAAI,CAAA,EAAGF,QAAQ,qBAAqB,EAAER,YAAAA,CAAa,MAAM,CAAC,CAAA;YAC/ES,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,gBAAgB,IAAI,CAACzD,OAAO,CAAC0C,WAAW,CAAA;YAClE,IAAII,eAAAA,IAAmBA,mBAAmB,EAAA,EAAI;AAC5CQ,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,iBAAA,EAAmBX,eAAAA,CAAAA;AAC/C,YAAA;YAEA,IAAIC,iBAAAA,IAAqBA,qBAAqB,EAAA,EAAI;AAChDO,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,MAAA,EAAQV,iBAAAA,CAAAA;AACpC,YAAA;AAEA,YAAA,IAAIG,aAAAA,EAAe;AAQjBI,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,eAAA,EAAiBP,aAAAA,CAAcQ,IAAI,CAAC,GAAA,CAAA,CAAA;AAChE,YAAA;AACA,YAAA,IAAIP,eAAAA,EAAiB;gBAQnB,IAAK,MAAMQ,OAAOR,eAAAA,CAAiB;oBACjCG,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,cAAcE,GAAAA,EAAKR,eAAe,CAACQ,GAAAA,CAAI,CAAA;AACnE,gBAAA;AACF,YAAA;AAEA,YAAA,IAAIP,oBAAAA,EAAsB;AACxB,gBAAA,MAAM7C,UAAU,MAAM,IAAI,CAACH,YAAY,CAACwD,oBAAoB,EAAA;AAC5DN,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,qBAAA,EAAuBlD,QAAQsD,cAAc,CAAA;aACzE,MAAO;gBACL,IAAI,CAACzD,YAAY,CAACsB,WAAW,EAAA;AAC/B,YAAA;AAEA,YAAA,IAAIsB,oBAAoBM,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,oBAAA,EAAsBT,kBAAAA,CAAAA;AACxE,YAAA,IAAIC,qBAAqBK,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,qBAAA,EAAuBR,mBAAAA,CAAAA;YAE1E,IAAI,CAACa,QAAQ,CAACR,QAAAA,CAAAA;AAChB,QAAA,CAAA;AACF,IAAA;AAEUpB,IAAAA,uBAAAA,CAAwBW,YAA+B,EAAE;AACjE,QAAA,OAAO,OAAOvC,OAAAA,GAAAA;AACZ,YAAA,MAAM,EAAEyD,sBAAsB,EAAEb,aAAa,EAAEC,eAAe,EAAE,GAAG7C,OAAAA;AACnE,YAAA,MAAM,EAAE8C,oBAAoB,EAAE,GAAG,MAAM,IAAI,CAACrD,cAAc;AAC1D,YAAA,MAAMsD,OAAAA,GAAU,MAAM,IAAI,CAACd,aAAa,EAAA;YAExC,MAAMe,QAAAA,GAAW,IAAIC,GAAAA,CAAI,CAAA,EAAGF,QAAQ,qBAAqB,EAAER,YAAAA,CAAa,gBAAgB,CAAC,CAAA;YACzFS,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,gBAAgB,IAAI,CAACzD,OAAO,CAAC0C,WAAW,CAAA;AAClE,YAAA,IAAIQ,aAAAA,EAAe;AAQjBI,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,eAAA,EAAiBP,aAAAA,CAAcQ,IAAI,CAAC,GAAA,CAAA,CAAA;AAChE,YAAA;AACA,YAAA,IAAIP,eAAAA,EAAiB;gBAQnB,IAAK,MAAMQ,OAAOR,eAAAA,CAAiB;oBACjCG,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,cAAcE,GAAAA,EAAKR,eAAe,CAACQ,GAAAA,CAAI,CAAA;AACnE,gBAAA;AACF,YAAA;AAEA,YAAA,IAAIP,oBAAAA,EAAsB;AACxB,gBAAA,MAAM7C,UAAU,MAAM,IAAI,CAACH,YAAY,CAACwD,oBAAoB,EAAA;AAC5DN,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,qBAAA,EAAuBlD,QAAQsD,cAAc,CAAA;aACzE,MAAO;gBACL,IAAI,CAACzD,YAAY,CAACsB,WAAW,EAAA;AAC/B,YAAA;AAEA,YAAA,IAAIqC,sBAAAA,EAAwB;AAC1BT,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,wBAAA,EAA0BM,sBAAAA,CAAAA;AACtD,YAAA;YAEA,IAAI,CAACD,QAAQ,CAACR,QAAAA,CAAAA;AAChB,QAAA,CAAA;AACF,IAAA;;AAGAQ,IAAAA,QAAAA,CAAS9C,GAAQ,EAAE;AACjBgD,QAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,GAAGlD,IAAImD,QAAQ,EAAA;AACrC,IAAA;AACF;;;;"}
1
+ {"version":3,"file":"HeadlessB2BOAuthClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BOAuthClient.ts"],"sourcesContent":["import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient, IPKCEManager } from '../..';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport {\n B2BOAuthAuthenticateOptions,\n B2BOAuthAuthenticateResponse,\n B2BOAuthDiscoveryAuthenticateResponse,\n B2BOAuthDiscoveryStartOptions,\n IHeadlessB2BOAuthClient,\n OAuthDiscoveryAuthenticateOptions,\n OAuthStartOptions,\n} from '../../public/b2b/oauth';\nimport { B2BOAuthProviders } from '../../public/b2b/ui';\nimport { isTestPublicToken, logger } from '../../utils';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n cnameDomain: null | string;\n pkceRequiredForOAuth: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport class HeadlessB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOAuthClient<TProjectConfiguration>\n{\n authenticate: (options: B2BOAuthAuthenticateOptions) => Promise<B2BOAuthAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: OAuthDiscoveryAuthenticateOptions,\n ) => Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n google: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n microsoft: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n hubspot: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n slack: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n github: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n protected _pkceManager: IPKCEManager,\n protected _dynamicConfig: DynamicConfig,\n protected _config: Config,\n protected dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(async (options: B2BOAuthAuthenticateOptions) => {\n validateInDev('stytch.oauth.authenticate', options, {\n oauth_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const keyPair = await this._pkceManager.getPKPair();\n\n if (!keyPair) {\n logger.warn(\n 'No code verifier found in local storage for OAuth flow.\\n' +\n 'Consider using stytch.oauth.$provider.start() to add PKCE to your OAuth flows for added security.\\n' +\n 'See https://stytch.com/docs/oauth#guides_pkce for more information.',\n );\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const resp = await this._networkClient.retriableFetchSDK<B2BOAuthAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/oauth/authenticate',\n method: 'POST',\n body: {\n pkce_code_verifier: keyPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...options,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: OAuthDiscoveryAuthenticateOptions,\n ): Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.oauth.discovery.authenticate', data, {\n discovery_oauth_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/oauth/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n\n this.google = {\n start: this.startOAuthFlow(B2BOAuthProviders.Google),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Google),\n },\n };\n\n this.microsoft = {\n start: this.startOAuthFlow(B2BOAuthProviders.Microsoft),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Microsoft),\n },\n };\n\n this.hubspot = {\n start: this.startOAuthFlow(B2BOAuthProviders.HubSpot),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.HubSpot),\n },\n };\n\n this.slack = {\n start: this.startOAuthFlow(B2BOAuthProviders.Slack),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Slack),\n },\n };\n\n this.github = {\n start: this.startOAuthFlow(B2BOAuthProviders.GitHub),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.GitHub),\n },\n };\n }\n\n protected async getBaseApiUrl() {\n const { cnameDomain } = await this._dynamicConfig;\n if (cnameDomain) {\n // The API returns cname domains without a protocol - assume HTTPS\n return `https://${cnameDomain}`;\n }\n // Our TestAPIURL and LiveAPIURL should have the HTTPS protocol already attached\n // Don't add it twice!\n if (isTestPublicToken(this._config.publicToken)) {\n return this._config.testAPIURL;\n }\n return this._config.liveAPIURL;\n }\n\n protected startOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: OAuthStartOptions): Promise<void> => {\n const {\n organization_id,\n organization_slug,\n login_redirect_url,\n signup_redirect_url,\n custom_scopes,\n provider_params,\n } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (organization_id && organization_id != '') {\n startUrl.searchParams.set('organization_id', organization_id);\n }\n\n if (organization_slug && organization_slug != '') {\n startUrl.searchParams.set('slug', organization_slug);\n }\n\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (login_redirect_url) startUrl.searchParams.set('login_redirect_url', login_redirect_url);\n if (signup_redirect_url) startUrl.searchParams.set('signup_redirect_url', signup_redirect_url);\n\n this.navigate(startUrl);\n };\n }\n\n protected startDiscoveryOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: B2BOAuthDiscoveryStartOptions): Promise<void> => {\n const { discovery_redirect_url, custom_scopes, provider_params } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/discovery/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (discovery_redirect_url) {\n startUrl.searchParams.set('discovery_redirect_url', discovery_redirect_url);\n }\n\n this.navigate(startUrl);\n };\n }\n\n // Public so it can be mocked in tests\n navigate(url: URL) {\n window.location.href = url.toString();\n }\n}\n"],"names":["HeadlessB2BOAuthClient","authenticate","discovery","google","microsoft","hubspot","slack","github","_dynamicConfig","_config","dfpProtectedAuth","_networkClient","_subscriptionService","_pkceManager","withUpdateSession","options","keyPair","getPKPair","logger","warn","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","resp","retriableFetchSDK","url","method","body","pkce_code_verifier","code_verifier","intermediate_session_token","getIntermediateSessionToken","undefined","retryCallback","retryWithCaptchaAndDFP","clearPKPair","data","pkPair","requestBody","start","startOAuthFlow","B2BOAuthProviders","Google","startDiscoveryOAuthFlow","Microsoft","HubSpot","Slack","GitHub","getBaseApiUrl","cnameDomain","isTestPublicToken","publicToken","testAPIURL","liveAPIURL","providerType","organization_id","organization_slug","login_redirect_url","signup_redirect_url","custom_scopes","provider_params","pkceRequiredForOAuth","baseURL","startUrl","URL","searchParams","set","join","key","startPKCETransaction","code_challenge","navigate","discovery_redirect_url","window","location","href","toString"],"mappings":";;;;+BAyBO,MAAMA,sBAAAA,CAAAA;;;;;;;IAGXC,YAAAA;IAEAC,SAAAA;IAMAC,MAAAA;IAOAC,SAAAA;IAOAC,OAAAA;IAOAC,KAAAA;IAOAC,MAAAA;AAOA,IAAA,WAAA,CACE,cAAwC,EACxC,oBAA8E,EAC9E,YAAoC,EAC1BC,cAA6B,EAC7BC,OAAe,EACfC,gBAA2C,CACrD;aANUC,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,YAAAA,GAAAA,YAAAA;aACAL,cAAAA,GAAAA,cAAAA;aACAC,OAAAA,GAAAA,OAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAEV,IAAI,CAACT,YAAY,GAAG,IAAI,CAACW,oBAAoB,CAACE,iBAAiB,CAAC,OAAOC,OAAAA,GAAAA;AAOrE,YAAA,MAAMC,UAAU,MAAM,IAAI,CAACH,YAAY,CAACI,SAAS,EAAA;AAEjD,YAAA,IAAI,CAACD,OAAAA,EAAS;gBACZE,MAAAA,CAAOC,IAAI,CACT,2DAAA,GACE,qGAAA,GACA,qEAAA,CAAA;AAEN,YAAA;YAEA,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACX,gBAAgB,CAACY,2BAA2B,EAAA;AACnG,YAAA,MAAMC,OAAO,MAAM,IAAI,CAACZ,cAAc,CAACa,iBAAiB,CAAsD;gBAC5GC,GAAAA,EAAK,yBAAA;gBACLC,MAAAA,EAAQ,MAAA;gBACRC,IAAAA,EAAM;AACJC,oBAAAA,kBAAAA,EAAoBZ,OAAAA,EAASa,aAAAA;AAC7BT,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACAS,oBAAAA,0BAAAA,EAA4B,MAAO,IAAI,CAAClB,oBAAoB,CAACmB,2BAA2B,EAAA,IAAOC,SAAAA;AAC/F,oBAAA,GAAGjB;AACL,iBAAA;AACAkB,gBAAAA,aAAAA,EAAe,IAAI,CAACvB,gBAAgB,CAACwB;AACvC,aAAA,CAAA;YAEA,IAAI,CAACrB,YAAY,CAACsB,WAAW,EAAA;YAE7B,OAAOZ,IAAAA;AACT,QAAA,CAAA,CAAA;QAEA,IAAI,CAACrB,SAAS,GAAG;AACfD,YAAAA,YAAAA,EAAc,IAAI,CAACW,oBAAoB,CAACE,iBAAiB,CACvD,OACEsB,IAAAA,GAAAA;AAMA,gBAAA,MAAMC,SAAS,MAAM,IAAI,CAACxB,YAAY,CAACI,SAAS,EAAA;gBAEhD,MAAM,EAAEG,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACX,gBAAgB,CAACY,2BAA2B,EAAA;AAEnG,gBAAA,MAAMgB,WAAAA,GAAc;AAClBV,oBAAAA,kBAAAA,EAAoBS,MAAAA,EAAQR,aAAAA;AAC5BT,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACA,oBAAA,GAAGe;AACL,iBAAA;AACA,gBAAA,MAAMb,OAAO,MAAM,IAAI,CAACZ,cAAc,CAACa,iBAAiB,CAEtD;oBACAC,GAAAA,EAAK,mCAAA;oBACLE,IAAAA,EAAMW,WAAAA;oBACNZ,MAAAA,EAAQ,MAAA;AACRO,oBAAAA,aAAAA,EAAe,IAAI,CAACvB,gBAAgB,CAACwB;AACvC,iBAAA,CAAA;gBAEA,IAAI,CAACrB,YAAY,CAACsB,WAAW,EAAA;gBAE7B,OAAOZ,IAAAA;AACT,YAAA,CAAA;AAEJ,SAAA;QAEA,IAAI,CAACpB,MAAM,GAAG;AACZoC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBC,MAAM,CAAA;YACnDxC,SAAAA,EAAW;AACTqC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBC,MAAM;AAC9D;AACF,SAAA;QAEA,IAAI,CAACtC,SAAS,GAAG;AACfmC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBG,SAAS,CAAA;YACtD1C,SAAAA,EAAW;AACTqC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBG,SAAS;AACjE;AACF,SAAA;QAEA,IAAI,CAACvC,OAAO,GAAG;AACbkC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBI,OAAO,CAAA;YACpD3C,SAAAA,EAAW;AACTqC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBI,OAAO;AAC/D;AACF,SAAA;QAEA,IAAI,CAACvC,KAAK,GAAG;AACXiC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBK,KAAK,CAAA;YAClD5C,SAAAA,EAAW;AACTqC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBK,KAAK;AAC7D;AACF,SAAA;QAEA,IAAI,CAACvC,MAAM,GAAG;AACZgC,YAAAA,KAAAA,EAAO,IAAI,CAACC,cAAc,CAACC,kBAAkBM,MAAM,CAAA;YACnD7C,SAAAA,EAAW;AACTqC,gBAAAA,KAAAA,EAAO,IAAI,CAACI,uBAAuB,CAACF,kBAAkBM,MAAM;AAC9D;AACF,SAAA;AACF,IAAA;AAEA,IAAA,MAAgBC,aAAAA,GAAgB;AAC9B,QAAA,MAAM,EAAEC,WAAW,EAAE,GAAG,MAAM,IAAI,CAACzC,cAAc;AACjD,QAAA,IAAIyC,WAAAA,EAAa;;YAEf,OAAO,CAAC,QAAQ,EAAEA,WAAAA,CAAAA,CAAa;AACjC,QAAA;;;AAGA,QAAA,IAAIC,kBAAkB,IAAI,CAACzC,OAAO,CAAC0C,WAAW,CAAA,EAAG;AAC/C,YAAA,OAAO,IAAI,CAAC1C,OAAO,CAAC2C,UAAU;AAChC,QAAA;AACA,QAAA,OAAO,IAAI,CAAC3C,OAAO,CAAC4C,UAAU;AAChC,IAAA;AAEUb,IAAAA,cAAAA,CAAec,YAA+B,EAAE;AACxD,QAAA,OAAO,OAAOvC,OAAAA,GAAAA;AACZ,YAAA,MAAM,EACJwC,eAAe,EACfC,iBAAiB,EACjBC,kBAAkB,EAClBC,mBAAmB,EACnBC,aAAa,EACbC,eAAe,EAChB,GAAG7C,OAAAA;AACJ,YAAA,MAAM,EAAE8C,oBAAoB,EAAE,GAAG,MAAM,IAAI,CAACrD,cAAc;AAC1D,YAAA,MAAMsD,OAAAA,GAAU,MAAM,IAAI,CAACd,aAAa,EAAA;YAExC,MAAMe,QAAAA,GAAW,IAAIC,GAAAA,CAAI,CAAA,EAAGF,QAAQ,qBAAqB,EAAER,YAAAA,CAAa,MAAM,CAAC,CAAA;YAC/ES,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,gBAAgB,IAAI,CAACzD,OAAO,CAAC0C,WAAW,CAAA;YAClE,IAAII,eAAAA,IAAmBA,mBAAmB,EAAA,EAAI;AAC5CQ,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,iBAAA,EAAmBX,eAAAA,CAAAA;AAC/C,YAAA;YAEA,IAAIC,iBAAAA,IAAqBA,qBAAqB,EAAA,EAAI;AAChDO,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,MAAA,EAAQV,iBAAAA,CAAAA;AACpC,YAAA;AAEA,YAAA,IAAIG,aAAAA,EAAe;AAQjBI,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,eAAA,EAAiBP,aAAAA,CAAcQ,IAAI,CAAC,GAAA,CAAA,CAAA;AAChE,YAAA;AACA,YAAA,IAAIP,eAAAA,EAAiB;gBAQnB,IAAK,MAAMQ,OAAOR,eAAAA,CAAiB;oBACjCG,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,cAAcE,GAAAA,EAAKR,eAAe,CAACQ,GAAAA,CAAI,CAAA;AACnE,gBAAA;AACF,YAAA;AAEA,YAAA,IAAIP,oBAAAA,EAAsB;AACxB,gBAAA,MAAM7C,UAAU,MAAM,IAAI,CAACH,YAAY,CAACwD,oBAAoB,EAAA;AAC5DN,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,qBAAA,EAAuBlD,QAAQsD,cAAc,CAAA;aACzE,MAAO;gBACL,IAAI,CAACzD,YAAY,CAACsB,WAAW,EAAA;AAC/B,YAAA;AAEA,YAAA,IAAIsB,oBAAoBM,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,oBAAA,EAAsBT,kBAAAA,CAAAA;AACxE,YAAA,IAAIC,qBAAqBK,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,qBAAA,EAAuBR,mBAAAA,CAAAA;YAE1E,IAAI,CAACa,QAAQ,CAACR,QAAAA,CAAAA;AAChB,QAAA,CAAA;AACF,IAAA;AAEUpB,IAAAA,uBAAAA,CAAwBW,YAA+B,EAAE;AACjE,QAAA,OAAO,OAAOvC,OAAAA,GAAAA;AACZ,YAAA,MAAM,EAAEyD,sBAAsB,EAAEb,aAAa,EAAEC,eAAe,EAAE,GAAG7C,OAAAA;AACnE,YAAA,MAAM,EAAE8C,oBAAoB,EAAE,GAAG,MAAM,IAAI,CAACrD,cAAc;AAC1D,YAAA,MAAMsD,OAAAA,GAAU,MAAM,IAAI,CAACd,aAAa,EAAA;YAExC,MAAMe,QAAAA,GAAW,IAAIC,GAAAA,CAAI,CAAA,EAAGF,QAAQ,qBAAqB,EAAER,YAAAA,CAAa,gBAAgB,CAAC,CAAA;YACzFS,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,gBAAgB,IAAI,CAACzD,OAAO,CAAC0C,WAAW,CAAA;AAClE,YAAA,IAAIQ,aAAAA,EAAe;AAQjBI,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,eAAA,EAAiBP,aAAAA,CAAcQ,IAAI,CAAC,GAAA,CAAA,CAAA;AAChE,YAAA;AACA,YAAA,IAAIP,eAAAA,EAAiB;gBAQnB,IAAK,MAAMQ,OAAOR,eAAAA,CAAiB;oBACjCG,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,cAAcE,GAAAA,EAAKR,eAAe,CAACQ,GAAAA,CAAI,CAAA;AACnE,gBAAA;AACF,YAAA;AAEA,YAAA,IAAIP,oBAAAA,EAAsB;AACxB,gBAAA,MAAM7C,UAAU,MAAM,IAAI,CAACH,YAAY,CAACwD,oBAAoB,EAAA;AAC5DN,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,qBAAA,EAAuBlD,QAAQsD,cAAc,CAAA;aACzE,MAAO;gBACL,IAAI,CAACzD,YAAY,CAACsB,WAAW,EAAA;AAC/B,YAAA;AAEA,YAAA,IAAIqC,sBAAAA,EAAwB;AAC1BT,gBAAAA,QAAAA,CAASE,YAAY,CAACC,GAAG,CAAC,wBAAA,EAA0BM,sBAAAA,CAAAA;AACtD,YAAA;YAEA,IAAI,CAACD,QAAQ,CAACR,QAAAA,CAAAA;AAChB,QAAA,CAAA;AACF,IAAA;;AAGAQ,IAAAA,QAAAA,CAAS9C,GAAQ,EAAE;AACjBgD,QAAAA,MAAAA,CAAOC,QAAQ,CAACC,IAAI,GAAGlD,IAAImD,QAAQ,EAAA;AACrC,IAAA;AACF;;;;"}
package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BOTPsClient.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HeadlessB2BOTPsClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BOTPsClient.ts"],"sourcesContent":["import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BOTPsEmailLoginOrSignupOptions,\n B2BOTPsEmailLoginOrSignupResponse,\n B2BOTPsEmailAuthenticateOptions,\n B2BOTPsEmailAuthenticateResponse,\n B2BSMSAuthenticateOptions,\n B2BSMSAuthenticateResponse,\n B2BSMSSendOptions,\n B2BSMSSendResponse,\n IHeadlessB2BOTPsClient,\n B2BDiscoveryOTPEmailSendOptions,\n B2BDiscoveryOTPEmailSendResponse,\n B2BDiscoveryOTPEmailAuthenticateOptions,\n B2BDiscoveryOTPEmailAuthenticateResponse,\n} from '../../public/b2b/otps';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\n\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BOTPsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOTPsClient<TProjectConfiguration>\n{\n sms: {\n send: (data: B2BSMSSendOptions) => Promise<B2BSMSSendResponse>;\n authenticate: (data: B2BSMSAuthenticateOptions) => Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>>;\n };\n\n email: {\n loginOrSignup: (data: B2BOTPsEmailLoginOrSignupOptions) => Promise<B2BOTPsEmailLoginOrSignupResponse>;\n authenticate: (\n data: B2BOTPsEmailAuthenticateOptions,\n ) => Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>;\n discovery: {\n send: (data: B2BDiscoveryOTPEmailSendOptions) => Promise<B2BDiscoveryOTPEmailSendResponse>;\n authenticate: (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ) => Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>>;\n };\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.sms = {\n send: async (data: B2BSMSSendOptions): Promise<B2BSMSSendResponse> => {\n validateInDev('stytch.otps.sms.send', data, {\n organization_id: 'string',\n member_id: 'string',\n mfa_phone_number: 'optionalString',\n locale: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BSMSSendResponse>({\n url: '/b2b/otps/sms/send',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (data: B2BSMSAuthenticateOptions): Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.sms.authenticate', data, {\n session_duration_minutes: 'number',\n organization_id: 'string',\n member_id: 'string',\n code: 'string',\n set_mfa_enrollment: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.retriableFetchSDK<B2BSMSAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/sms/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n };\n\n this.email = {\n loginOrSignup: async (data: B2BOTPsEmailLoginOrSignupOptions): Promise<B2BOTPsEmailLoginOrSignupResponse> => {\n validateInDev('stytch.otps.email.loginOrSignup', data, {\n organization_id: 'string',\n email_address: 'string',\n login_template_id: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailLoginOrSignupResponse>({\n url: '/b2b/otps/email/login_or_signup',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BOTPsEmailAuthenticateOptions,\n ): Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.authenticate', data, {\n code: 'string',\n email_address: 'string',\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/email/authenticate',\n body: {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n discovery: {\n send: async (data: B2BDiscoveryOTPEmailSendOptions): Promise<B2BDiscoveryOTPEmailSendResponse> => {\n validateInDev('stytch.otps.email.discovery.send', data, {\n email_address: 'string',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BDiscoveryOTPEmailSendResponse>({\n url: '/b2b/otps/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ): Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.discovery.authenticate', data, {\n code: 'string',\n email_address: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n\n return this._networkClient.retriableFetchSDK<\n B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/otps/email/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n },\n };\n }\n}\n"],"names":["HeadlessB2BOTPsClient","sms","email","constructor","_networkClient","_subscriptionService","dfpProtectedAuth","send","data","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","retriableFetchSDK","url","body","intermediate_session_token","getIntermediateSessionToken","undefined","method","retryCallback","retryWithCaptchaAndDFP","authenticate","withUpdateSession","requestBody","loginOrSignup","discovery"],"mappings":"AAoBO,MAAMA,qBAAAA,CAAAA;;;;IAGXC,GAAAA;IAKAC,KAAAA;IAaAC,WAAAA,CACUC,cAA8B,EAC9BC,oBAAoE,EACpEC,gBAA2C,CACnD;aAHQF,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAER,IAAI,CAACL,GAAG,GAAG;AACTM,YAAAA,IAAAA,EAAM,OAAOC,IAAAA,GAAAA;gBAOX,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAAqB;oBAC/DC,GAAAA,EAAK,oBAAA;oBACLC,IAAAA,EAAM;AACJ,wBAAA,GAAGN,IAAI;AACPC,wBAAAA,gBAAAA;AACAC,wBAAAA,aAAAA;AACAK,wBAAAA,0BAAAA,EAA4B,IAAI,CAACV,oBAAoB,CAACW,2BAA2B,EAAA,IAAMC;AACzF,qBAAA;oBACAC,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA;AACAC,YAAAA,YAAAA,EAAc,IAAI,CAAChB,oBAAoB,CAACiB,iBAAiB,CACvD,OAAOd,IAAAA,GAAAA;gBAQL,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,MAAMY,WAAAA,GAAc;AAClB,oBAAA,GAAGf,IAAI;AACPC,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACAK,oBAAAA,0BAAAA,EAA4B,IAAI,CAACV,oBAAoB,CAACW,2BAA2B,EAAA,IAAMC;AACzF,iBAAA;AACA,gBAAA,OAAO,IAAI,CAACb,cAAc,CAACQ,iBAAiB,CAAoD;oBAC9FC,GAAAA,EAAK,4BAAA;oBACLC,IAAAA,EAAMS,WAAAA;oBACNL,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA;AAEJ,SAAA;QAEA,IAAI,CAAClB,KAAK,GAAG;AACXsB,YAAAA,aAAAA,EAAe,OAAOhB,IAAAA,GAAAA;gBAWpB,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAAoC;oBAC9EC,GAAAA,EAAK,iCAAA;oBACLC,IAAAA,EAAM;AACJ,wBAAA,GAAGN,IAAI;AACPC,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;oBACAQ,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA;AACAC,YAAAA,YAAAA,EAAc,IAAI,CAAChB,oBAAoB,CAACiB,iBAAiB,CACvD,OACEd,IAAAA,GAAAA;gBAUA,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAA0D;oBACpGC,GAAAA,EAAK,8BAAA;oBACLC,IAAAA,EAAM;AACJ,wBAAA,GAAGN,IAAI;AACPO,wBAAAA,0BAAAA,EAA4B,IAAI,CAACV,oBAAoB,CAACW,2BAA2B,EAAA,IAAMC,SAAAA;AACvFR,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;oBACAQ,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA,CAAA;YAEFK,SAAAA,EAAW;AACTlB,gBAAAA,IAAAA,EAAM,OAAOC,IAAAA,GAAAA;oBAQX,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,oBAAA,MAAMY,WAAAA,GAAc;AAClB,wBAAA,GAAGf,IAAI;AACPC,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;AACA,oBAAA,OAAO,IAAI,CAACN,cAAc,CAACQ,iBAAiB,CAAmC;wBAC7EC,GAAAA,EAAK,gCAAA;wBACLC,IAAAA,EAAMS,WAAAA;wBACNL,MAAAA,EAAQ,MAAA;AACRC,wBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,qBAAA,CAAA;AACF,gBAAA,CAAA;AACAC,gBAAAA,YAAAA,EAAc,IAAI,CAAChB,oBAAoB,CAACiB,iBAAiB,CACvD,OACEd,IAAAA,GAAAA;oBAOA,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,oBAAA,MAAMY,WAAAA,GAAc;AAClBd,wBAAAA,gBAAAA;AACAC,wBAAAA,aAAAA;AACA,wBAAA,GAAGF;AACL,qBAAA;AAEA,oBAAA,OAAO,IAAI,CAACJ,cAAc,CAACQ,iBAAiB,CAE1C;wBACAC,GAAAA,EAAK,wCAAA;wBACLC,IAAAA,EAAMS,WAAAA;wBACNL,MAAAA,EAAQ,MAAA;AACRC,wBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,qBAAA,CAAA;AACF,gBAAA,CAAA;AAEJ;AACF,SAAA;AACF,IAAA;AACF;;;;"}
1
+ {"version":3,"file":"HeadlessB2BOTPsClient.mjs","sources":["../../../../../../../../core/src/HeadlessClients/b2b/HeadlessB2BOTPsClient.ts"],"sourcesContent":["import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BOTPsEmailLoginOrSignupOptions,\n B2BOTPsEmailLoginOrSignupResponse,\n B2BOTPsEmailAuthenticateOptions,\n B2BOTPsEmailAuthenticateResponse,\n B2BSMSAuthenticateOptions,\n B2BSMSAuthenticateResponse,\n B2BSMSSendOptions,\n B2BSMSSendResponse,\n IHeadlessB2BOTPsClient,\n B2BDiscoveryOTPEmailSendOptions,\n B2BDiscoveryOTPEmailSendResponse,\n B2BDiscoveryOTPEmailAuthenticateOptions,\n B2BDiscoveryOTPEmailAuthenticateResponse,\n} from '../../public/b2b/otps';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\n\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BOTPsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOTPsClient<TProjectConfiguration>\n{\n sms: {\n send: (data: B2BSMSSendOptions) => Promise<B2BSMSSendResponse>;\n authenticate: (data: B2BSMSAuthenticateOptions) => Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>>;\n };\n\n email: {\n loginOrSignup: (data: B2BOTPsEmailLoginOrSignupOptions) => Promise<B2BOTPsEmailLoginOrSignupResponse>;\n authenticate: (\n data: B2BOTPsEmailAuthenticateOptions,\n ) => Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>;\n discovery: {\n send: (data: B2BDiscoveryOTPEmailSendOptions) => Promise<B2BDiscoveryOTPEmailSendResponse>;\n authenticate: (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ) => Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>>;\n };\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.sms = {\n send: async (data: B2BSMSSendOptions): Promise<B2BSMSSendResponse> => {\n validateInDev('stytch.otps.sms.send', data, {\n organization_id: 'string',\n member_id: 'string',\n mfa_phone_number: 'optionalString',\n locale: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BSMSSendResponse>({\n url: '/b2b/otps/sms/send',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (data: B2BSMSAuthenticateOptions): Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.sms.authenticate', data, {\n session_duration_minutes: 'number',\n organization_id: 'string',\n member_id: 'string',\n code: 'string',\n set_mfa_enrollment: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.retriableFetchSDK<B2BSMSAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/sms/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n };\n\n this.email = {\n loginOrSignup: async (data: B2BOTPsEmailLoginOrSignupOptions): Promise<B2BOTPsEmailLoginOrSignupResponse> => {\n validateInDev('stytch.otps.email.loginOrSignup', data, {\n organization_id: 'string',\n email_address: 'string',\n login_template_id: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailLoginOrSignupResponse>({\n url: '/b2b/otps/email/login_or_signup',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BOTPsEmailAuthenticateOptions,\n ): Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.authenticate', data, {\n code: 'string',\n email_address: 'string',\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/email/authenticate',\n body: {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n discovery: {\n send: async (data: B2BDiscoveryOTPEmailSendOptions): Promise<B2BDiscoveryOTPEmailSendResponse> => {\n validateInDev('stytch.otps.email.discovery.send', data, {\n email_address: 'string',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BDiscoveryOTPEmailSendResponse>({\n url: '/b2b/otps/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ): Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.discovery.authenticate', data, {\n code: 'string',\n email_address: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n\n return this._networkClient.retriableFetchSDK<\n B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/otps/email/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n },\n };\n }\n}\n"],"names":["HeadlessB2BOTPsClient","sms","email","_networkClient","_subscriptionService","dfpProtectedAuth","send","data","dfp_telemetry_id","captcha_token","getDFPTelemetryIDAndCaptcha","retriableFetchSDK","url","body","intermediate_session_token","getIntermediateSessionToken","undefined","method","retryCallback","retryWithCaptchaAndDFP","authenticate","withUpdateSession","requestBody","loginOrSignup","discovery"],"mappings":"AAoBO,MAAMA,qBAAAA,CAAAA;;;;IAGXC,GAAAA;IAKAC,KAAAA;IAaA,WAAA,CACUC,cAA8B,EAC9BC,oBAAoE,EACpEC,gBAA2C,CACnD;aAHQF,cAAAA,GAAAA,cAAAA;aACAC,oBAAAA,GAAAA,oBAAAA;aACAC,gBAAAA,GAAAA,gBAAAA;QAER,IAAI,CAACJ,GAAG,GAAG;AACTK,YAAAA,IAAAA,EAAM,OAAOC,IAAAA,GAAAA;gBAOX,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAAqB;oBAC/DC,GAAAA,EAAK,oBAAA;oBACLC,IAAAA,EAAM;AACJ,wBAAA,GAAGN,IAAI;AACPC,wBAAAA,gBAAAA;AACAC,wBAAAA,aAAAA;AACAK,wBAAAA,0BAAAA,EAA4B,IAAI,CAACV,oBAAoB,CAACW,2BAA2B,EAAA,IAAMC;AACzF,qBAAA;oBACAC,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA;AACAC,YAAAA,YAAAA,EAAc,IAAI,CAAChB,oBAAoB,CAACiB,iBAAiB,CACvD,OAAOd,IAAAA,GAAAA;gBAQL,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,MAAMY,WAAAA,GAAc;AAClB,oBAAA,GAAGf,IAAI;AACPC,oBAAAA,gBAAAA;AACAC,oBAAAA,aAAAA;AACAK,oBAAAA,0BAAAA,EAA4B,IAAI,CAACV,oBAAoB,CAACW,2BAA2B,EAAA,IAAMC;AACzF,iBAAA;AACA,gBAAA,OAAO,IAAI,CAACb,cAAc,CAACQ,iBAAiB,CAAoD;oBAC9FC,GAAAA,EAAK,4BAAA;oBACLC,IAAAA,EAAMS,WAAAA;oBACNL,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA;AAEJ,SAAA;QAEA,IAAI,CAACjB,KAAK,GAAG;AACXqB,YAAAA,aAAAA,EAAe,OAAOhB,IAAAA,GAAAA;gBAWpB,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAAoC;oBAC9EC,GAAAA,EAAK,iCAAA;oBACLC,IAAAA,EAAM;AACJ,wBAAA,GAAGN,IAAI;AACPC,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;oBACAQ,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA;AACAC,YAAAA,YAAAA,EAAc,IAAI,CAAChB,oBAAoB,CAACiB,iBAAiB,CACvD,OACEd,IAAAA,GAAAA;gBAUA,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,gBAAA,OAAO,IAAI,CAACP,cAAc,CAACQ,iBAAiB,CAA0D;oBACpGC,GAAAA,EAAK,8BAAA;oBACLC,IAAAA,EAAM;AACJ,wBAAA,GAAGN,IAAI;AACPO,wBAAAA,0BAAAA,EAA4B,IAAI,CAACV,oBAAoB,CAACW,2BAA2B,EAAA,IAAMC,SAAAA;AACvFR,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;oBACAQ,MAAAA,EAAQ,MAAA;AACRC,oBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,iBAAA,CAAA;AACF,YAAA,CAAA,CAAA;YAEFK,SAAAA,EAAW;AACTlB,gBAAAA,IAAAA,EAAM,OAAOC,IAAAA,GAAAA;oBAQX,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,oBAAA,MAAMY,WAAAA,GAAc;AAClB,wBAAA,GAAGf,IAAI;AACPC,wBAAAA,gBAAAA;AACAC,wBAAAA;AACF,qBAAA;AACA,oBAAA,OAAO,IAAI,CAACN,cAAc,CAACQ,iBAAiB,CAAmC;wBAC7EC,GAAAA,EAAK,gCAAA;wBACLC,IAAAA,EAAMS,WAAAA;wBACNL,MAAAA,EAAQ,MAAA;AACRC,wBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,qBAAA,CAAA;AACF,gBAAA,CAAA;AACAC,gBAAAA,YAAAA,EAAc,IAAI,CAAChB,oBAAoB,CAACiB,iBAAiB,CACvD,OACEd,IAAAA,GAAAA;oBAOA,MAAM,EAAEC,gBAAgB,EAAEC,aAAa,EAAE,GAAG,MAAM,IAAI,CAACJ,gBAAgB,CAACK,2BAA2B,EAAA;AACnG,oBAAA,MAAMY,WAAAA,GAAc;AAClBd,wBAAAA,gBAAAA;AACAC,wBAAAA,aAAAA;AACA,wBAAA,GAAGF;AACL,qBAAA;AAEA,oBAAA,OAAO,IAAI,CAACJ,cAAc,CAACQ,iBAAiB,CAE1C;wBACAC,GAAAA,EAAK,wCAAA;wBACLC,IAAAA,EAAMS,WAAAA;wBACNL,MAAAA,EAAQ,MAAA;AACRC,wBAAAA,aAAAA,EAAe,IAAI,CAACb,gBAAgB,CAACc;AACvC,qBAAA,CAAA;AACF,gBAAA,CAAA;AAEJ;AACF,SAAA;AACF,IAAA;AACF;;;;"}