@stytch/vanilla-js 6.0.4 → 6.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/dist/cjs/{StytchSSRProxy-CCeaM1wX.js → StytchSSRProxy-uT0ZmdOT.js} +11 -12
- package/dist/cjs/{StytchSSRProxy-CCeaM1wX.js.map → StytchSSRProxy-uT0ZmdOT.js.map} +1 -1
- package/dist/cjs/adminPortal/index.cjs +4 -4
- package/dist/cjs/adminPortal/index.cjs.map +1 -1
- package/dist/cjs/b2b/index.cjs +4 -4
- package/dist/cjs/b2b/index.headless.cjs +1 -1
- package/dist/cjs/{index-DQfLs1N5.js → index-Co6H7mej.js} +2 -2
- package/dist/cjs/{index-DQfLs1N5.js.map → index-Co6H7mej.js.map} +1 -1
- package/dist/cjs/index.cjs +3 -3
- package/dist/cjs/index.headless.cjs +1 -1
- package/dist/cjs/{shadcn-BmPw6Q7O.js → shadcn-DNo-Z1LB.js} +3 -3
- package/dist/cjs/{shadcn-BmPw6Q7O.js.map → shadcn-DNo-Z1LB.js.map} +1 -1
- package/dist/cjs/{uniqueId-DLJHPADm.js → uniqueId-D9puNTGE.js} +6 -6
- package/dist/cjs/uniqueId-D9puNTGE.js.map +1 -0
- package/dist/cjs-dev/{StytchSSRProxy--FBPk-_j.js → StytchSSRProxy-Dz4qX2tJ.js} +11 -12
- package/dist/cjs-dev/{StytchSSRProxy--FBPk-_j.js.map → StytchSSRProxy-Dz4qX2tJ.js.map} +1 -1
- package/dist/cjs-dev/adminPortal/index.cjs +4 -4
- package/dist/cjs-dev/adminPortal/index.cjs.map +1 -1
- package/dist/cjs-dev/b2b/index.cjs +4 -4
- package/dist/cjs-dev/b2b/index.headless.cjs +1 -1
- package/dist/cjs-dev/{index-Cnof-8Qb.js → index-BqBnZFEu.js} +2 -2
- package/dist/cjs-dev/{index-Cnof-8Qb.js.map → index-BqBnZFEu.js.map} +1 -1
- package/dist/cjs-dev/index.cjs +3 -3
- package/dist/cjs-dev/index.headless.cjs +1 -1
- package/dist/cjs-dev/{shadcn-Dqlb9O22.js → shadcn-JZgM-5AS.js} +4 -4
- package/dist/cjs-dev/{shadcn-Dqlb9O22.js.map → shadcn-JZgM-5AS.js.map} +1 -1
- package/dist/cjs-dev/{uniqueId-fcAegx4U.js → uniqueId-WccE1cND.js} +6 -6
- package/dist/cjs-dev/uniqueId-WccE1cND.js.map +1 -0
- package/dist/esm/_virtual/index3.mjs +3 -5
- package/dist/esm/_virtual/index3.mjs.map +1 -1
- package/dist/esm/_virtual/index4.mjs +5 -3
- package/dist/esm/_virtual/index4.mjs.map +1 -1
- package/dist/esm/_virtual/index9.mjs +2 -2
- package/dist/esm/_virtual/moo.mjs +2 -2
- package/dist/esm/b2b/index.headless.mjs +1 -1
- package/dist/esm/b2b/index.mjs +3 -3
- package/dist/esm/b2c/stytchPasskeyRegistration.mjs +2 -2
- package/dist/esm/b2c/stytchPasskeyRegistration.mjs.map +1 -1
- package/dist/esm/b2c/stytchResetPassword.mjs +2 -2
- package/dist/esm/b2c/stytchResetPassword.mjs.map +1 -1
- package/dist/esm/index.headless.mjs +1 -1
- package/dist/esm/index.mjs +5 -5
- package/dist/esm/node_modules/@emotion/memoize/dist/emotion-memoize.esm.mjs +2 -2
- package/dist/esm/node_modules/@emotion/memoize/dist/emotion-memoize.esm.mjs.map +1 -1
- package/dist/esm/node_modules/@emotion/react/dist/emotion-element-f0de968e.browser.esm.mjs +5 -5
- package/dist/esm/node_modules/@emotion/react/dist/emotion-element-f0de968e.browser.esm.mjs.map +1 -1
- package/dist/esm/node_modules/@emotion/styled/base/dist/emotion-styled-base.browser.esm.mjs +2 -2
- package/dist/esm/node_modules/@emotion/styled/base/dist/emotion-styled-base.browser.esm.mjs.map +1 -1
- package/dist/esm/node_modules/@messageformat/parser/lib/lexer.mjs +5 -5
- package/dist/esm/node_modules/@messageformat/parser/lib/lexer.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/icons-material/esm/CheckCircle.mjs +2 -2
- package/dist/esm/node_modules/@mui/icons-material/esm/CheckCircle.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Accordion/Accordion.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Accordion/Accordion.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/AccordionDetails/AccordionDetails.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/AccordionDetails/AccordionDetails.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/AccordionSummary/AccordionSummary.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/AccordionSummary/AccordionSummary.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Alert/Alert.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/Alert/Alert.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Autocomplete/Autocomplete.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/Autocomplete/Autocomplete.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Backdrop/Backdrop.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Backdrop/Backdrop.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Button/Button.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/Button/Button.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/ButtonBase/ButtonBase.mjs +4 -4
- package/dist/esm/node_modules/@mui/material/ButtonBase/ButtonBase.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/ButtonBase/buttonBaseClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/Checkbox/Checkbox.mjs +9 -9
- package/dist/esm/node_modules/@mui/material/Checkbox/Checkbox.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Chip/Chip.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Chip/Chip.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Chip/chipClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/CircularProgress/CircularProgress.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/CircularProgress/CircularProgress.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Collapse/Collapse.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/Collapse/Collapse.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Dialog/Dialog.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/Dialog/Dialog.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Dialog/dialogClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/DialogActions/DialogActions.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/DialogActions/DialogActions.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/DialogContent/DialogContent.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/DialogContent/DialogContent.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/DialogTitle/DialogTitle.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/DialogTitle/DialogTitle.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/DialogTitle/dialogTitleClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/Divider/Divider.mjs +7 -7
- package/dist/esm/node_modules/@mui/material/Divider/Divider.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Divider/dividerClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/Fade/Fade.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/Fade/Fade.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/FilledInput/FilledInput.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/FilledInput/FilledInput.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/FilledInput/filledInputClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/FormControl/FormControl.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/FormControl/FormControl.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/FormControlLabel/FormControlLabel.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/FormControlLabel/FormControlLabel.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/FormControlLabel/formControlLabelClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/FormGroup/FormGroup.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/FormGroup/FormGroup.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/FormHelperText/FormHelperText.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/FormHelperText/FormHelperText.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/FormHelperText/formHelperTextClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/FormLabel/FormLabel.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/FormLabel/FormLabel.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/IconButton/IconButton.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/IconButton/IconButton.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/IconButton/iconButtonClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/Input/Input.mjs +6 -6
- package/dist/esm/node_modules/@mui/material/Input/Input.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Input/inputClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/InputBase/InputBase.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/InputBase/InputBase.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/InputLabel/InputLabel.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/InputLabel/InputLabel.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/List/List.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/List/List.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/ListSubheader/ListSubheader.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/ListSubheader/ListSubheader.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Menu/Menu.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Menu/Menu.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/MenuItem/MenuItem.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/MenuItem/MenuItem.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/MenuItem/menuItemClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/Modal/Modal.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/Modal/Modal.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Modal/useModal.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Modal/useModal.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/NativeSelect/NativeSelectInput.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/NativeSelect/NativeSelectInput.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/NativeSelect/nativeSelectClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/OutlinedInput/NotchedOutline.mjs +4 -4
- package/dist/esm/node_modules/@mui/material/OutlinedInput/NotchedOutline.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/OutlinedInput/OutlinedInput.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/OutlinedInput/OutlinedInput.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/OutlinedInput/outlinedInputClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/Paper/Paper.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/Paper/Paper.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Popover/Popover.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Popover/Popover.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Popper/BasePopper.mjs +8 -8
- package/dist/esm/node_modules/@mui/material/Popper/BasePopper.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Portal/Portal.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/Portal/Portal.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Radio/Radio.mjs +7 -7
- package/dist/esm/node_modules/@mui/material/Radio/Radio.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Select/Select.mjs +6 -6
- package/dist/esm/node_modules/@mui/material/Select/Select.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Select/SelectInput.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Select/SelectInput.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Snackbar/Snackbar.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/Snackbar/Snackbar.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/SnackbarContent/SnackbarContent.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/SnackbarContent/SnackbarContent.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/SvgIcon/SvgIcon.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/SvgIcon/SvgIcon.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Switch/Switch.mjs +6 -6
- package/dist/esm/node_modules/@mui/material/Switch/Switch.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Table/Table.mjs +8 -8
- package/dist/esm/node_modules/@mui/material/Table/Table.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/TableBody/TableBody.mjs +8 -8
- package/dist/esm/node_modules/@mui/material/TableBody/TableBody.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/TableCell/TableCell.mjs +6 -6
- package/dist/esm/node_modules/@mui/material/TableCell/TableCell.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/TableCell/tableCellClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/TableContainer/TableContainer.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/TableContainer/TableContainer.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/TableHead/TableHead.mjs +6 -6
- package/dist/esm/node_modules/@mui/material/TableHead/TableHead.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/TablePagination/TablePagination.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/TablePagination/TablePagination.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/TableRow/TableRow.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/TableRow/TableRow.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/TableRow/tableRowClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/TextField/TextField.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/TextareaAutosize/TextareaAutosize.mjs +4 -4
- package/dist/esm/node_modules/@mui/material/TextareaAutosize/TextareaAutosize.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Toolbar/Toolbar.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/Toolbar/Toolbar.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Tooltip/Tooltip.mjs +4 -4
- package/dist/esm/node_modules/@mui/material/Tooltip/Tooltip.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Tooltip/tooltipClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/Typography/Typography.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/Typography/Typography.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/Typography/typographyClasses.mjs +1 -1
- package/dist/esm/node_modules/@mui/material/internal/SwitchBase.mjs +3 -3
- package/dist/esm/node_modules/@mui/material/internal/SwitchBase.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/internal/svg-icons/ReportProblemOutlined.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/internal/svg-icons/ReportProblemOutlined.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/styles/createThemeWithVars.mjs +5 -5
- package/dist/esm/node_modules/@mui/material/styles/createThemeWithVars.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/material/styles/createTypography.mjs +2 -2
- package/dist/esm/node_modules/@mui/material/styles/createTypography.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/private-theming/ThemeProvider/ThemeProvider.mjs +2 -2
- package/dist/esm/node_modules/@mui/private-theming/ThemeProvider/ThemeProvider.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/private-theming/useTheme/useTheme.mjs +2 -2
- package/dist/esm/node_modules/@mui/private-theming/useTheme/useTheme.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/styled-engine/GlobalStyles/GlobalStyles.mjs +4 -4
- package/dist/esm/node_modules/@mui/styled-engine/GlobalStyles/GlobalStyles.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/styled-engine/index.mjs +2 -2
- package/dist/esm/node_modules/@mui/styled-engine/index.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/DefaultPropsProvider/DefaultPropsProvider.mjs +3 -3
- package/dist/esm/node_modules/@mui/system/esm/DefaultPropsProvider/DefaultPropsProvider.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/GlobalStyles/GlobalStyles.mjs +4 -4
- package/dist/esm/node_modules/@mui/system/esm/GlobalStyles/GlobalStyles.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/RtlProvider/index.mjs +1 -1
- package/dist/esm/node_modules/@mui/system/esm/ThemeProvider/ThemeProvider.mjs +4 -4
- package/dist/esm/node_modules/@mui/system/esm/ThemeProvider/ThemeProvider.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/breakpoints/breakpoints.mjs +5 -5
- package/dist/esm/node_modules/@mui/system/esm/breakpoints/breakpoints.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/createTheme/applyStyles.mjs +2 -2
- package/dist/esm/node_modules/@mui/system/esm/createTheme/applyStyles.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/createTheme/createTheme.mjs +2 -2
- package/dist/esm/node_modules/@mui/system/esm/createTheme/createTheme.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/cssVars/createCssVarsProvider.mjs +7 -7
- package/dist/esm/node_modules/@mui/system/esm/cssVars/createCssVarsProvider.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/cssVars/createGetCssVar.mjs +2 -2
- package/dist/esm/node_modules/@mui/system/esm/cssVars/createGetCssVar.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/cssVars/localStorageManager.mjs +2 -2
- package/dist/esm/node_modules/@mui/system/esm/cssVars/localStorageManager.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/cssVars/useCurrentColorScheme.mjs +4 -4
- package/dist/esm/node_modules/@mui/system/esm/cssVars/useCurrentColorScheme.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/merge/merge.mjs +2 -2
- package/dist/esm/node_modules/@mui/system/esm/merge/merge.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/style/style.mjs +5 -5
- package/dist/esm/node_modules/@mui/system/esm/style/style.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/styleFunctionSx/extendSxProp.mjs +2 -2
- package/dist/esm/node_modules/@mui/system/esm/styleFunctionSx/extendSxProp.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/useTheme/useTheme.mjs +5 -5
- package/dist/esm/node_modules/@mui/system/esm/useTheme/useTheme.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/useThemeProps/getThemeProps.mjs +2 -2
- package/dist/esm/node_modules/@mui/system/esm/useThemeProps/getThemeProps.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/system/esm/useThemeWithoutDefault/useThemeWithoutDefault.mjs +4 -4
- package/dist/esm/node_modules/@mui/system/esm/useThemeWithoutDefault/useThemeWithoutDefault.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/utils/esm/debounce/debounce.mjs +2 -2
- package/dist/esm/node_modules/@mui/utils/esm/debounce/debounce.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/utils/esm/isHostComponent/isHostComponent.mjs +2 -2
- package/dist/esm/node_modules/@mui/utils/esm/isHostComponent/isHostComponent.mjs.map +1 -1
- package/dist/esm/node_modules/@mui/utils/esm/useId/useId.mjs +2 -2
- package/dist/esm/node_modules/@mui/utils/esm/useId/useId.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/dom-utils/instanceOf.mjs +2 -2
- package/dist/esm/node_modules/@popperjs/core/lib/dom-utils/instanceOf.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/applyStyles.mjs +6 -6
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/applyStyles.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/arrow.mjs +6 -6
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/arrow.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/computeStyles.mjs +4 -4
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/computeStyles.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/flip.mjs +4 -4
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/flip.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/hide.mjs +4 -4
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/hide.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/offset.mjs +4 -4
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/offset.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/popperOffsets.mjs +4 -4
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/popperOffsets.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/preventOverflow.mjs +4 -4
- package/dist/esm/node_modules/@popperjs/core/lib/modifiers/preventOverflow.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/utils/getOppositePlacement.mjs +2 -2
- package/dist/esm/node_modules/@popperjs/core/lib/utils/getOppositePlacement.mjs.map +1 -1
- package/dist/esm/node_modules/@popperjs/core/lib/utils/math.mjs +2 -2
- package/dist/esm/node_modules/@popperjs/core/lib/utils/math.mjs.map +1 -1
- package/dist/esm/node_modules/@radix-ui/react-slot/dist/index.mjs +2 -2
- package/dist/esm/node_modules/@radix-ui/react-slot/dist/index.mjs.map +1 -1
- package/dist/esm/node_modules/@radix-ui/react-tabs/dist/index.mjs +1 -1
- package/dist/esm/node_modules/chroma-js/index.mjs +1 -1
- package/dist/esm/node_modules/chroma-js/src/generator/average.mjs +14 -14
- package/dist/esm/node_modules/chroma-js/src/generator/average.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/generator/bezier.mjs +4 -4
- package/dist/esm/node_modules/chroma-js/src/generator/bezier.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/generator/cubehelix.mjs +4 -4
- package/dist/esm/node_modules/chroma-js/src/generator/cubehelix.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/generator/random.mjs +4 -4
- package/dist/esm/node_modules/chroma-js/src/generator/random.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/generator/scale.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/generator/scale.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/hcg.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/hcg.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/hsi.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/hsi.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/hsl.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/hsl.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/hsv.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/hsv.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/lab.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/lab.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/lch.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/lch.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/lrgb.mjs +4 -6
- package/dist/esm/node_modules/chroma-js/src/interpolator/lrgb.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/num.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/num.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/oklab.mjs +0 -2
- package/dist/esm/node_modules/chroma-js/src/interpolator/oklab.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/oklch.mjs +2 -4
- package/dist/esm/node_modules/chroma-js/src/interpolator/oklch.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/interpolator/rgb.mjs +2 -4
- package/dist/esm/node_modules/chroma-js/src/interpolator/rgb.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/css/css2rgb.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/css/css2rgb.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/css/rgb2css.mjs +4 -4
- package/dist/esm/node_modules/chroma-js/src/io/css/rgb2css.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hcg/hcg2rgb.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/io/hcg/hcg2rgb.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hcg/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/hcg/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hex/rgb2hex.mjs +5 -5
- package/dist/esm/node_modules/chroma-js/src/io/hex/rgb2hex.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsi/hsi2rgb.mjs +4 -4
- package/dist/esm/node_modules/chroma-js/src/io/hsi/hsi2rgb.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsi/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/hsi/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsi/rgb2hsi.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/hsi/rgb2hsi.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsl/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/hsl/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsl/rgb2hsl.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/io/hsl/rgb2hsl.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsv/hsv2rgb.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/io/hsv/hsv2rgb.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsv/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/hsv/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/hsv/rgb2hsv.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/hsv/rgb2hsv.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/lab/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/lab/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/lch/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/lch/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/lch/lab2lch.mjs +4 -4
- package/dist/esm/node_modules/chroma-js/src/io/lch/lab2lch.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/lch/lch2lab.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/io/lch/lch2lab.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/num/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/num/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/oklab/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/oklab/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/io/rgb/index.mjs +3 -3
- package/dist/esm/node_modules/chroma-js/src/io/rgb/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/ops/luminance.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/ops/luminance.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/utils/analyze.mjs +5 -5
- package/dist/esm/node_modules/chroma-js/src/utils/analyze.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/utils/delta-e.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/utils/delta-e.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/utils/index.mjs +6 -6
- package/dist/esm/node_modules/chroma-js/src/utils/index.mjs.map +1 -1
- package/dist/esm/node_modules/chroma-js/src/utils/limit.mjs +2 -2
- package/dist/esm/node_modules/chroma-js/src/utils/limit.mjs.map +1 -1
- package/dist/esm/node_modules/input-otp/dist/index.mjs +1 -1
- package/dist/esm/node_modules/lodash.merge/index.mjs +2 -2
- package/dist/esm/node_modules/lodash.merge/index.mjs.map +1 -1
- package/dist/esm/node_modules/preact/dist/preact.module.mjs +2 -2
- package/dist/esm/node_modules/preact/dist/preact.module.mjs.map +1 -1
- package/dist/esm/node_modules/preact/hooks/dist/hooks.module.mjs +2 -2
- package/dist/esm/node_modules/preact/hooks/dist/hooks.module.mjs.map +1 -1
- package/dist/esm/node_modules/react-is/index.mjs +5 -5
- package/dist/esm/node_modules/react-transition-group/esm/Transition.mjs +7 -7
- package/dist/esm/node_modules/react-transition-group/esm/Transition.mjs.map +1 -1
- package/dist/esm/node_modules/stylis/src/Serializer.mjs +4 -4
- package/dist/esm/node_modules/stylis/src/Serializer.mjs.map +1 -1
- package/dist/esm/node_modules/stylis/src/Utility.mjs +2 -2
- package/dist/esm/node_modules/stylis/src/Utility.mjs.map +1 -1
- package/dist/esm/node_modules/swr/_internal/dist/index.mjs +1 -1
- package/dist/esm/node_modules/swr/core/dist/index.mjs +1 -1
- package/dist/esm/packages/core/src/HeadlessClients/HeadlessCryptoWalletClient.mjs +2 -2
- package/dist/esm/packages/core/src/HeadlessClients/HeadlessCryptoWalletClient.mjs.map +1 -1
- package/dist/esm/packages/core/src/HeadlessClients/HeadlessMagicLinkClient.mjs +2 -2
- package/dist/esm/packages/core/src/HeadlessClients/HeadlessMagicLinkClient.mjs.map +1 -1
- package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.mjs +2 -2
- package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.mjs.map +1 -1
- package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.mjs +2 -2
- package/dist/esm/packages/core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.mjs.map +1 -1
- package/dist/esm/packages/web/messages/adminPortal/en.json.mjs +2 -2
- package/dist/esm/packages/web/messages/b2b/en.json.mjs +2 -2
- package/dist/esm/packages/web/messages/en.json.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/components/Autocomplete.mjs +6 -6
- package/dist/esm/packages/web/src/adminPortal/components/Autocomplete.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/components/Checkbox.mjs +1 -1
- package/dist/esm/packages/web/src/adminPortal/components/IconButtonMenu.mjs +5 -5
- package/dist/esm/packages/web/src/adminPortal/components/IconButtonMenu.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/components/Modal.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/components/SettingsContainer.mjs +3 -3
- package/dist/esm/packages/web/src/adminPortal/components/SettingsContainer.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/components/Switch.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/components/Switch.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/memberManagement/AdminPortalMemberManagementContainer.mjs +7 -7
- package/dist/esm/packages/web/src/adminPortal/memberManagement/AdminPortalMemberManagementContainer.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/memberManagement/DangerZoneSection.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/memberManagement/DangerZoneSection.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/memberManagement/MemberListScreen.mjs +1 -1
- package/dist/esm/packages/web/src/adminPortal/scim/AdminPortalSCIMContainer.mjs +7 -7
- package/dist/esm/packages/web/src/adminPortal/scim/AdminPortalSCIMContainer.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/scim/SCIMConnectionDetailsSection.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/scim/SCIMConnectionDetailsSection.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/scim/SCIMConnectionRoleAssignmentsSection.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/scim/SCIMConnectionRoleAssignmentsSection.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/scim/SCIMNewConnectionScreen.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/scim/SCIMNewConnectionScreen.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/settings/AdminPortalOrgSettingsContainer.mjs +7 -7
- package/dist/esm/packages/web/src/adminPortal/settings/AdminPortalOrgSettingsContainer.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/settings/OrgSettingsAuthenticationSettingsSection.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/settings/OrgSettingsAuthenticationSettingsSection.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/Button.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/shared/components/Button.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/Checkbox.mjs +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/EmbeddedTable.mjs +5 -5
- package/dist/esm/packages/web/src/adminPortal/shared/components/EmbeddedTable.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/InfoIcon.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/shared/components/InfoIcon.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/PaginatedTable.mjs +2 -2
- package/dist/esm/packages/web/src/adminPortal/shared/components/Radio.mjs +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/SearchBar.mjs +3 -3
- package/dist/esm/packages/web/src/adminPortal/shared/components/SearchBar.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/Table.mjs +5 -5
- package/dist/esm/packages/web/src/adminPortal/shared/components/Toast.mjs +9 -9
- package/dist/esm/packages/web/src/adminPortal/shared/components/Toast.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/shared/components/Tooltip.mjs +1 -1
- package/dist/esm/packages/web/src/adminPortal/sso/AppDetails.mjs +10 -10
- package/dist/esm/packages/web/src/adminPortal/sso/AppDetails.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/sso/CreateApplication.mjs +10 -10
- package/dist/esm/packages/web/src/adminPortal/sso/CreateApplication.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/sso/DetailedAttributeMappingTable.mjs +4 -4
- package/dist/esm/packages/web/src/adminPortal/sso/DetailedAttributeMappingTable.mjs.map +1 -1
- package/dist/esm/packages/web/src/adminPortal/sso/IdpSelect.mjs +1 -1
- package/dist/esm/packages/web/src/adminPortal/utils/theme.mjs +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/AmazonBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/AmazonBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/AppleBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/AppleBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/BinanceBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/BinanceBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/BitbucketBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/BitbucketBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/CoinbaseBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/CoinbaseBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/DiscordBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/DiscordBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/FacebookBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/FacebookBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/FigmaBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/FigmaBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/GithubBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/GithubBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/GitlabBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/GitlabBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/GmailBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/GmailBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/GoogleBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/GoogleBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/LinkedinBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/LinkedinBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/MetamaskBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/MetamaskBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/MicrosoftBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/MicrosoftBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/OutlookBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/OutlookBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/PhantomBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/PhantomBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/SalesforceBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/SalesforceBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/SlackBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/SlackBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/SnapchatBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/SnapchatBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/TiktokBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/TiktokBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/TwitchBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/TwitchBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/XTwitterBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/XTwitterBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-black/YahooBlack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-black/YahooBlack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-color/Github.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-color/Github.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-color/Gmail.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-color/Gmail.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-color/Google.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-color/Google.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-color/Microsoft.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-color/Microsoft.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-color/Outlook.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-color/Outlook.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-color/Slack.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-color/Slack.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo-color/Yahoo.mjs +2 -2
- package/dist/esm/packages/web/src/assets/logo-color/Yahoo.mjs.map +1 -1
- package/dist/esm/packages/web/src/assets/logo.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/b2b/B2BProducts.mjs +1 -1
- package/dist/esm/packages/web/src/ui/b2b/Container.mjs +2 -2
- package/dist/esm/packages/web/src/ui/b2b/Container.mjs.map +1 -1
- package/dist/esm/packages/web/src/ui/b2b/components/OrganizationRow.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/b2b/reducer/mfa.mjs +1 -1
- package/dist/esm/packages/web/src/ui/b2b/screens/MFAEnrollmentSelectionScreen.mjs +1 -1
- package/dist/esm/packages/web/src/ui/b2b/screens/RecoveryCodeEntryScreen.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/b2b/screens/RecoveryCodeSaveScreen.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/b2b/screens/TOTPEnrollManualScreen.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/b2c/Container.mjs +2 -2
- package/dist/esm/packages/web/src/ui/b2c/Container.mjs.map +1 -1
- package/dist/esm/packages/web/src/ui/b2c/Products.mjs +1 -1
- package/dist/esm/packages/web/src/ui/b2c/components/GoogleOneTap.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/b2c/screens/Crypto/Error.mjs +2 -2
- package/dist/esm/packages/web/src/ui/b2c/screens/Crypto/Error.mjs.map +1 -1
- package/dist/esm/packages/web/src/ui/b2c/screens/Main/LoginForm/index.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/b2c/screens/Passkey/EditableRow.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/AnimatedContainer.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/Button.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/CircularProgress.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/CodeContainer.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/Column.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/LoadingBar.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/Logo.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/Toast.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/Typography.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/VerticalTransition.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/VisuallyHidden.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/atoms/Watermark.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/mixins/Root.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/mixins/i18n.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/mixins/inputBase.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/Badge.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/Divider.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/Input.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/LastUsed.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/Loading.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/MainContainer.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/OTPEntry.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/PasswordError.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/PasswordStrengthCheck.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/molecules/PhoneInput.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/organisms/IDPConsent.mjs +3 -3
- package/dist/esm/packages/web/src/ui/components/organisms/IDPConsent.mjs.map +1 -1
- package/dist/esm/packages/web/src/ui/components/organisms/IDPConsentManifest.module.css.mjs +3 -3
- package/dist/esm/packages/web/src/utils/createAuthUrlHandler.mjs +10 -11
- package/dist/esm/packages/web/src/utils/createAuthUrlHandler.mjs.map +1 -1
- package/dist/esm/packages/web/src/utils/crypto.mjs +1 -1
- package/dist/esm-dev/_virtual/index11.mjs +2 -2
- package/dist/esm-dev/_virtual/index12.mjs +2 -2
- package/dist/esm-dev/_virtual/moo.mjs +2 -2
- package/dist/esm-dev/_virtual/react-is.development.mjs +2 -2
- package/dist/esm-dev/_virtual/react-is.development2.mjs +2 -2
- package/dist/esm-dev/b2b/index.headless.mjs +1 -1
- package/dist/esm-dev/b2b/index.mjs +3 -3
- package/dist/esm-dev/b2c/stytchPasskeyRegistration.mjs +2 -2
- package/dist/esm-dev/b2c/stytchPasskeyRegistration.mjs.map +1 -1
- package/dist/esm-dev/b2c/stytchResetPassword.mjs +2 -2
- package/dist/esm-dev/b2c/stytchResetPassword.mjs.map +1 -1
- package/dist/esm-dev/index.headless.mjs +1 -1
- package/dist/esm-dev/index.mjs +5 -5
- package/dist/esm-dev/node_modules/@emotion/memoize/dist/emotion-memoize.esm.mjs +2 -2
- package/dist/esm-dev/node_modules/@emotion/memoize/dist/emotion-memoize.esm.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@emotion/react/dist/emotion-element-489459f2.browser.development.esm.mjs +6 -6
- package/dist/esm-dev/node_modules/@emotion/react/dist/emotion-element-489459f2.browser.development.esm.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@emotion/react/dist/emotion-react.browser.development.esm.mjs +7 -7
- package/dist/esm-dev/node_modules/@emotion/react/dist/emotion-react.browser.development.esm.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@emotion/serialize/dist/emotion-serialize.development.esm.mjs +5 -5
- package/dist/esm-dev/node_modules/@emotion/serialize/dist/emotion-serialize.development.esm.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@emotion/styled/base/dist/emotion-styled-base.browser.development.esm.mjs +2 -2
- package/dist/esm-dev/node_modules/@emotion/styled/base/dist/emotion-styled-base.browser.development.esm.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@emotion/utils/dist/emotion-utils.browser.esm.mjs +2 -2
- package/dist/esm-dev/node_modules/@emotion/utils/dist/emotion-utils.browser.esm.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@messageformat/parser/lib/lexer.mjs +5 -5
- package/dist/esm-dev/node_modules/@messageformat/parser/lib/lexer.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/icons-material/esm/CheckCircle.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/icons-material/esm/CheckCircle.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Accordion/Accordion.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/Accordion/Accordion.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/AccordionDetails/AccordionDetails.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/AccordionDetails/AccordionDetails.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/AccordionSummary/AccordionSummary.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/AccordionSummary/AccordionSummary.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Alert/Alert.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/material/Alert/Alert.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Autocomplete/Autocomplete.mjs +7 -7
- package/dist/esm-dev/node_modules/@mui/material/Autocomplete/Autocomplete.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Backdrop/Backdrop.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/Backdrop/Backdrop.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Button/Button.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/material/Button/Button.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/ButtonBase/ButtonBase.mjs +4 -4
- package/dist/esm-dev/node_modules/@mui/material/ButtonBase/ButtonBase.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/ButtonBase/buttonBaseClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Checkbox/Checkbox.mjs +10 -10
- package/dist/esm-dev/node_modules/@mui/material/Checkbox/Checkbox.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Chip/Chip.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/Chip/Chip.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Chip/chipClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/CircularProgress/CircularProgress.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/CircularProgress/CircularProgress.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Collapse/Collapse.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/Collapse/Collapse.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Dialog/Dialog.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/Dialog/Dialog.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Dialog/dialogClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/DialogActions/DialogActions.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/DialogActions/DialogActions.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/DialogContent/DialogContent.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/DialogContent/DialogContent.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/DialogTitle/DialogTitle.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/DialogTitle/DialogTitle.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/DialogTitle/dialogTitleClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Divider/Divider.mjs +8 -8
- package/dist/esm-dev/node_modules/@mui/material/Divider/Divider.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Divider/dividerClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Fade/Fade.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/Fade/Fade.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FilledInput/FilledInput.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/FilledInput/FilledInput.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FilledInput/filledInputClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FormControl/FormControl.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/FormControl/FormControl.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FormControlLabel/FormControlLabel.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/material/FormControlLabel/FormControlLabel.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FormControlLabel/formControlLabelClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FormGroup/FormGroup.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/FormGroup/FormGroup.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FormHelperText/FormHelperText.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/material/FormHelperText/FormHelperText.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FormHelperText/formHelperTextClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/FormLabel/FormLabel.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/FormLabel/FormLabel.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/IconButton/IconButton.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/IconButton/IconButton.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/IconButton/iconButtonClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Input/Input.mjs +7 -7
- package/dist/esm-dev/node_modules/@mui/material/Input/Input.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Input/inputClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/InputBase/InputBase.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/InputBase/InputBase.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/InputLabel/InputLabel.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/InputLabel/InputLabel.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/List/List.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/List/List.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/ListSubheader/ListSubheader.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/ListSubheader/ListSubheader.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Menu/Menu.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/Menu/Menu.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/MenuItem/MenuItem.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/material/MenuItem/MenuItem.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/MenuItem/menuItemClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Modal/Modal.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/material/Modal/Modal.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Modal/useModal.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/Modal/useModal.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/NativeSelect/NativeSelectInput.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/NativeSelect/NativeSelectInput.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/NativeSelect/nativeSelectClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/OutlinedInput/NotchedOutline.mjs +4 -4
- package/dist/esm-dev/node_modules/@mui/material/OutlinedInput/NotchedOutline.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/OutlinedInput/OutlinedInput.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/OutlinedInput/OutlinedInput.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/OutlinedInput/outlinedInputClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Paper/Paper.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/Paper/Paper.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Popover/Popover.mjs +4 -4
- package/dist/esm-dev/node_modules/@mui/material/Popover/Popover.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Popper/BasePopper.mjs +11 -11
- package/dist/esm-dev/node_modules/@mui/material/Popper/BasePopper.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Portal/Portal.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/Portal/Portal.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Radio/Radio.mjs +8 -8
- package/dist/esm-dev/node_modules/@mui/material/Radio/Radio.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Select/Select.mjs +7 -7
- package/dist/esm-dev/node_modules/@mui/material/Select/Select.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Select/SelectInput.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/Select/SelectInput.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Snackbar/Snackbar.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/Snackbar/Snackbar.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/SnackbarContent/SnackbarContent.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/SnackbarContent/SnackbarContent.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/SvgIcon/SvgIcon.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/SvgIcon/SvgIcon.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Switch/Switch.mjs +7 -7
- package/dist/esm-dev/node_modules/@mui/material/Switch/Switch.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Table/Table.mjs +9 -9
- package/dist/esm-dev/node_modules/@mui/material/Table/Table.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TableBody/TableBody.mjs +8 -8
- package/dist/esm-dev/node_modules/@mui/material/TableBody/TableBody.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TableCell/TableCell.mjs +7 -7
- package/dist/esm-dev/node_modules/@mui/material/TableCell/TableCell.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TableCell/tableCellClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TableContainer/TableContainer.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/TableContainer/TableContainer.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TableHead/TableHead.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/material/TableHead/TableHead.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TablePagination/TablePagination.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/TablePagination/TablePagination.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TableRow/TableRow.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/material/TableRow/TableRow.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TableRow/tableRowClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TextField/TextField.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/TextareaAutosize/TextareaAutosize.mjs +4 -4
- package/dist/esm-dev/node_modules/@mui/material/TextareaAutosize/TextareaAutosize.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Toolbar/Toolbar.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/Toolbar/Toolbar.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Tooltip/Tooltip.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/material/Tooltip/Tooltip.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Tooltip/tooltipClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Typography/Typography.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/material/Typography/Typography.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/Typography/typographyClasses.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/material/internal/SwitchBase.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/material/internal/SwitchBase.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/internal/svg-icons/ReportProblemOutlined.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/internal/svg-icons/ReportProblemOutlined.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/styles/createThemeWithVars.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/material/styles/createThemeWithVars.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/material/styles/createTypography.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/material/styles/createTypography.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/private-theming/ThemeProvider/ThemeProvider.mjs +4 -4
- package/dist/esm-dev/node_modules/@mui/private-theming/ThemeProvider/ThemeProvider.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/private-theming/useTheme/useTheme.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/private-theming/useTheme/useTheme.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/styled-engine/GlobalStyles/GlobalStyles.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/styled-engine/GlobalStyles/GlobalStyles.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/styled-engine/index.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/styled-engine/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/DefaultPropsProvider/DefaultPropsProvider.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/system/esm/DefaultPropsProvider/DefaultPropsProvider.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/GlobalStyles/GlobalStyles.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/system/esm/GlobalStyles/GlobalStyles.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/RtlProvider/index.mjs +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/ThemeProvider/ThemeProvider.mjs +6 -6
- package/dist/esm-dev/node_modules/@mui/system/esm/ThemeProvider/ThemeProvider.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/breakpoints/breakpoints.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/system/esm/breakpoints/breakpoints.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/createTheme/applyStyles.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/system/esm/createTheme/applyStyles.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/createTheme/createTheme.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/system/esm/createTheme/createTheme.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/cssVars/createGetCssVar.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/system/esm/cssVars/createGetCssVar.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/cssVars/localStorageManager.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/system/esm/cssVars/localStorageManager.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/cssVars/useCurrentColorScheme.mjs +4 -4
- package/dist/esm-dev/node_modules/@mui/system/esm/cssVars/useCurrentColorScheme.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/merge/merge.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/system/esm/merge/merge.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/style/style.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/system/esm/style/style.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/styleFunctionSx/extendSxProp.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/system/esm/styleFunctionSx/extendSxProp.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/useTheme/useTheme.mjs +5 -5
- package/dist/esm-dev/node_modules/@mui/system/esm/useTheme/useTheme.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/useThemeProps/getThemeProps.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/system/esm/useThemeProps/getThemeProps.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/system/esm/useThemeWithoutDefault/useThemeWithoutDefault.mjs +4 -4
- package/dist/esm-dev/node_modules/@mui/system/esm/useThemeWithoutDefault/useThemeWithoutDefault.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/utils/esm/debounce/debounce.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/utils/esm/debounce/debounce.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/utils/esm/elementAcceptingRef/elementAcceptingRef.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/utils/esm/elementAcceptingRef/elementAcceptingRef.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/utils/esm/elementTypeAcceptingRef/elementTypeAcceptingRef.mjs +3 -3
- package/dist/esm-dev/node_modules/@mui/utils/esm/elementTypeAcceptingRef/elementTypeAcceptingRef.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/utils/esm/isHostComponent/isHostComponent.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/utils/esm/isHostComponent/isHostComponent.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@mui/utils/esm/useId/useId.mjs +2 -2
- package/dist/esm-dev/node_modules/@mui/utils/esm/useId/useId.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/dom-utils/instanceOf.mjs +2 -2
- package/dist/esm-dev/node_modules/@popperjs/core/lib/dom-utils/instanceOf.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/applyStyles.mjs +6 -6
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/applyStyles.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/arrow.mjs +6 -6
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/arrow.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/computeStyles.mjs +4 -4
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/computeStyles.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/flip.mjs +4 -4
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/flip.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/hide.mjs +4 -4
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/hide.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/offset.mjs +4 -4
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/offset.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/popperOffsets.mjs +4 -4
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/popperOffsets.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/preventOverflow.mjs +4 -4
- package/dist/esm-dev/node_modules/@popperjs/core/lib/modifiers/preventOverflow.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/utils/getOppositePlacement.mjs +2 -2
- package/dist/esm-dev/node_modules/@popperjs/core/lib/utils/getOppositePlacement.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@popperjs/core/lib/utils/math.mjs +2 -2
- package/dist/esm-dev/node_modules/@popperjs/core/lib/utils/math.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@radix-ui/react-slot/dist/index.mjs +2 -2
- package/dist/esm-dev/node_modules/@radix-ui/react-slot/dist/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/@radix-ui/react-tabs/dist/index.mjs +1 -1
- package/dist/esm-dev/node_modules/chroma-js/index.mjs +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/generator/average.mjs +14 -14
- package/dist/esm-dev/node_modules/chroma-js/src/generator/average.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/generator/bezier.mjs +4 -4
- package/dist/esm-dev/node_modules/chroma-js/src/generator/bezier.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/generator/cubehelix.mjs +4 -4
- package/dist/esm-dev/node_modules/chroma-js/src/generator/cubehelix.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/generator/random.mjs +4 -4
- package/dist/esm-dev/node_modules/chroma-js/src/generator/random.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/generator/scale.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/generator/scale.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hcg.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hcg.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hsi.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hsi.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hsl.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hsl.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hsv.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/hsv.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/lab.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/lab.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/lch.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/lch.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/lrgb.mjs +4 -6
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/lrgb.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/num.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/num.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/oklab.mjs +0 -2
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/oklab.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/oklch.mjs +2 -4
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/oklch.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/rgb.mjs +2 -4
- package/dist/esm-dev/node_modules/chroma-js/src/interpolator/rgb.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/css/css2rgb.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/css/css2rgb.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/css/rgb2css.mjs +4 -4
- package/dist/esm-dev/node_modules/chroma-js/src/io/css/rgb2css.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hcg/hcg2rgb.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/io/hcg/hcg2rgb.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hcg/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/hcg/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hex/rgb2hex.mjs +5 -5
- package/dist/esm-dev/node_modules/chroma-js/src/io/hex/rgb2hex.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsi/hsi2rgb.mjs +4 -4
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsi/hsi2rgb.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsi/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsi/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsi/rgb2hsi.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsi/rgb2hsi.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsl/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsl/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsl/rgb2hsl.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsl/rgb2hsl.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsv/hsv2rgb.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsv/hsv2rgb.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsv/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsv/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsv/rgb2hsv.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/hsv/rgb2hsv.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/lab/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/lab/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/lch/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/lch/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/lch/lab2lch.mjs +4 -4
- package/dist/esm-dev/node_modules/chroma-js/src/io/lch/lab2lch.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/lch/lch2lab.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/io/lch/lch2lab.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/num/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/num/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/oklab/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/oklab/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/io/rgb/index.mjs +3 -3
- package/dist/esm-dev/node_modules/chroma-js/src/io/rgb/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/ops/luminance.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/ops/luminance.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/utils/analyze.mjs +5 -5
- package/dist/esm-dev/node_modules/chroma-js/src/utils/analyze.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/utils/delta-e.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/utils/delta-e.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/utils/index.mjs +6 -6
- package/dist/esm-dev/node_modules/chroma-js/src/utils/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/chroma-js/src/utils/limit.mjs +2 -2
- package/dist/esm-dev/node_modules/chroma-js/src/utils/limit.mjs.map +1 -1
- package/dist/esm-dev/node_modules/input-otp/dist/index.mjs +1 -1
- package/dist/esm-dev/node_modules/lodash.merge/index.mjs +2 -2
- package/dist/esm-dev/node_modules/lodash.merge/index.mjs.map +1 -1
- package/dist/esm-dev/node_modules/preact/dist/preact.module.mjs +2 -2
- package/dist/esm-dev/node_modules/preact/dist/preact.module.mjs.map +1 -1
- package/dist/esm-dev/node_modules/preact/hooks/dist/hooks.module.mjs +2 -2
- package/dist/esm-dev/node_modules/preact/hooks/dist/hooks.module.mjs.map +1 -1
- package/dist/esm-dev/node_modules/prop-types/node_modules/react-is/cjs/react-is.development.mjs +5 -5
- package/dist/esm-dev/node_modules/prop-types/node_modules/react-is/index.mjs +5 -5
- package/dist/esm-dev/node_modules/react-is/cjs/react-is.development.mjs +5 -5
- package/dist/esm-dev/node_modules/react-is/index.mjs +5 -5
- package/dist/esm-dev/node_modules/react-transition-group/esm/Transition.mjs +7 -7
- package/dist/esm-dev/node_modules/react-transition-group/esm/Transition.mjs.map +1 -1
- package/dist/esm-dev/node_modules/stylis/src/Serializer.mjs +4 -4
- package/dist/esm-dev/node_modules/stylis/src/Serializer.mjs.map +1 -1
- package/dist/esm-dev/node_modules/stylis/src/Utility.mjs +2 -2
- package/dist/esm-dev/node_modules/stylis/src/Utility.mjs.map +1 -1
- package/dist/esm-dev/node_modules/swr/_internal/dist/index.mjs +1 -1
- package/dist/esm-dev/node_modules/swr/core/dist/index.mjs +1 -1
- package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessCryptoWalletClient.mjs +2 -2
- package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessCryptoWalletClient.mjs.map +1 -1
- package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessMagicLinkClient.mjs +2 -2
- package/dist/esm-dev/packages/core/src/HeadlessClients/HeadlessMagicLinkClient.mjs.map +1 -1
- package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.mjs +2 -2
- package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.mjs.map +1 -1
- package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.mjs +2 -2
- package/dist/esm-dev/packages/core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.mjs.map +1 -1
- package/dist/esm-dev/packages/web/messages/adminPortal/en.json.mjs +2 -2
- package/dist/esm-dev/packages/web/messages/b2b/en.json.mjs +2 -2
- package/dist/esm-dev/packages/web/messages/en.json.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/components/Autocomplete.mjs +6 -6
- package/dist/esm-dev/packages/web/src/adminPortal/components/Autocomplete.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/components/Checkbox.mjs +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/components/IconButtonMenu.mjs +5 -5
- package/dist/esm-dev/packages/web/src/adminPortal/components/IconButtonMenu.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/components/Modal.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/components/SettingsContainer.mjs +3 -3
- package/dist/esm-dev/packages/web/src/adminPortal/components/SettingsContainer.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/components/Switch.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/components/Switch.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/memberManagement/AdminPortalMemberManagementContainer.mjs +7 -7
- package/dist/esm-dev/packages/web/src/adminPortal/memberManagement/AdminPortalMemberManagementContainer.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/memberManagement/DangerZoneSection.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/memberManagement/DangerZoneSection.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/memberManagement/MemberListScreen.mjs +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/scim/AdminPortalSCIMContainer.mjs +7 -7
- package/dist/esm-dev/packages/web/src/adminPortal/scim/AdminPortalSCIMContainer.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMConnectionDetailsSection.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMConnectionDetailsSection.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMConnectionRoleAssignmentsSection.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMConnectionRoleAssignmentsSection.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMNewConnectionScreen.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/scim/SCIMNewConnectionScreen.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/settings/AdminPortalOrgSettingsContainer.mjs +7 -7
- package/dist/esm-dev/packages/web/src/adminPortal/settings/AdminPortalOrgSettingsContainer.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/settings/OrgSettingsAuthenticationSettingsSection.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/settings/OrgSettingsAuthenticationSettingsSection.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Button.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Button.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Checkbox.mjs +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/EmbeddedTable.mjs +5 -5
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/EmbeddedTable.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/InfoIcon.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/InfoIcon.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/PaginatedTable.mjs +2 -2
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Radio.mjs +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/SearchBar.mjs +3 -3
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/SearchBar.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Table.mjs +5 -5
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Toast.mjs +9 -9
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Toast.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/shared/components/Tooltip.mjs +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/sso/AppDetails.mjs +10 -10
- package/dist/esm-dev/packages/web/src/adminPortal/sso/AppDetails.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/sso/CreateApplication.mjs +10 -10
- package/dist/esm-dev/packages/web/src/adminPortal/sso/CreateApplication.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/sso/DetailedAttributeMappingTable.mjs +4 -4
- package/dist/esm-dev/packages/web/src/adminPortal/sso/DetailedAttributeMappingTable.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/adminPortal/sso/IdpSelect.mjs +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/AmazonBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/AmazonBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/AppleBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/AppleBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/BinanceBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/BinanceBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/BitbucketBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/BitbucketBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/CoinbaseBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/CoinbaseBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/DiscordBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/DiscordBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/FacebookBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/FacebookBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/FigmaBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/FigmaBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/GithubBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/GithubBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/GitlabBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/GitlabBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/GmailBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/GmailBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/GoogleBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/GoogleBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/LinkedinBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/LinkedinBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/MetamaskBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/MetamaskBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/MicrosoftBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/MicrosoftBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/OutlookBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/OutlookBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/PhantomBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/PhantomBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/SalesforceBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/SalesforceBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/SlackBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/SlackBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/SnapchatBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/SnapchatBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/TiktokBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/TiktokBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/TwitchBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/TwitchBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/XTwitterBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/XTwitterBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-black/YahooBlack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-black/YahooBlack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-color/Github.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-color/Github.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-color/Gmail.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-color/Gmail.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-color/Google.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-color/Google.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-color/Microsoft.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-color/Microsoft.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-color/Outlook.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-color/Outlook.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-color/Slack.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-color/Slack.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo-color/Yahoo.mjs +2 -2
- package/dist/esm-dev/packages/web/src/assets/logo-color/Yahoo.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/assets/logo.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/b2b/B2BProducts.mjs +1 -1
- package/dist/esm-dev/packages/web/src/ui/b2b/Container.mjs +2 -2
- package/dist/esm-dev/packages/web/src/ui/b2b/Container.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/ui/b2b/components/OrganizationRow.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/b2b/reducer/mfa.mjs +1 -1
- package/dist/esm-dev/packages/web/src/ui/b2b/screens/MFAEnrollmentSelectionScreen.mjs +1 -1
- package/dist/esm-dev/packages/web/src/ui/b2b/screens/RecoveryCodeEntryScreen.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/b2b/screens/RecoveryCodeSaveScreen.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/b2b/screens/TOTPEnrollManualScreen.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/b2c/Container.mjs +2 -2
- package/dist/esm-dev/packages/web/src/ui/b2c/Container.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/ui/b2c/Products.mjs +1 -1
- package/dist/esm-dev/packages/web/src/ui/b2c/components/GoogleOneTap.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/b2c/screens/Crypto/Error.mjs +2 -2
- package/dist/esm-dev/packages/web/src/ui/b2c/screens/Crypto/Error.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/ui/b2c/screens/Main/LoginForm/index.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/b2c/screens/Passkey/EditableRow.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/AnimatedContainer.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/Button.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/CircularProgress.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/CodeContainer.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/Column.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/LoadingBar.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/Logo.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/Toast.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/Typography.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/VerticalTransition.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/VisuallyHidden.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/atoms/Watermark.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/mixins/Root.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/mixins/i18n.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/mixins/inputBase.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/Badge.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/Divider.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/Input.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/LastUsed.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/Loading.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/MainContainer.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/OTPEntry.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/PasswordError.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/PasswordStrengthCheck.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/molecules/PhoneInput.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/organisms/IDPConsent.mjs +3 -3
- package/dist/esm-dev/packages/web/src/ui/components/organisms/IDPConsent.mjs.map +1 -1
- package/dist/esm-dev/packages/web/src/ui/components/organisms/IDPConsentManifest.module.css.mjs +3 -3
- package/dist/esm-dev/packages/web/src/utils/createAuthUrlHandler.mjs +10 -11
- package/dist/esm-dev/packages/web/src/utils/createAuthUrlHandler.mjs.map +1 -1
- package/dist/iife/b2b/index.headless.js +1 -1
- package/dist/iife/b2b/index.headless.js.map +1 -1
- package/dist/iife/b2b/index.js +1 -1
- package/dist/iife/b2b/index.js.map +1 -1
- package/dist/iife/index.headless.js +1 -1
- package/dist/iife/index.headless.js.map +1 -1
- package/dist/iife/index.js +1 -1
- package/dist/iife/index.js.map +1 -1
- package/dist/types/{DFPProtectedAuthProvider-D2s8yaW8.d.ts → DFPProtectedAuthProvider-Cg2QSi2l.d.ts} +2 -2
- package/dist/types/{GoogleOneTapClient-CA3sO8UE.d.ts → GoogleOneTapClient-wRV3UqOo.d.ts} +3 -3
- package/dist/types/{PresentationConfig-BLZOnns3.d.ts → PresentationConfig-CxQiKzO8.d.ts} +1 -1
- package/dist/types/{StytchB2BClient-CHfOQilD.d.ts → StytchB2BClient-BxoZQ3m8.d.ts} +2 -2
- package/dist/types/{StytchClient-CwoxMSwZ.d.ts → StytchClient-CMzVKb4K.d.ts} +2 -2
- package/dist/types/adminPortal/index.d.ts +5 -5
- package/dist/types/b2b/index.d.ts +9 -9
- package/dist/types/b2b/index.headless.d.ts +5 -5
- package/dist/types/compat.d.ts +2 -2
- package/dist/types/{idpHelpers-MvSDIjyR.d.ts → idpHelpers-CxSGKrN9.d.ts} +1 -1
- package/dist/types/index.d.ts +9 -9
- package/dist/types/index.headless.d.ts +5 -5
- package/dist/types/{themes-BQJDPtzw.d.ts → themes-sEz9GUNs.d.ts} +6 -6
- package/package.json +1 -1
- package/dist/cjs/uniqueId-DLJHPADm.js.map +0 -1
- package/dist/cjs-dev/uniqueId-fcAegx4U.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.headless.js","sources":["../../../../core/src/constants.ts","../../../../core/src/public/b2b/ui.ts","../../../../core/src/public/SDKErrors.ts","../../../../core/src/public/ui.ts","../../../../core/src/NetworkClient.ts","../../../../../node_modules/uuid/dist/esm-browser/rng.js","../../../../../node_modules/uuid/dist/esm-browser/stringify.js","../../../../../node_modules/uuid/dist/esm-browser/regex.js","../../../../../node_modules/uuid/dist/esm-browser/v4.js","../../../../../node_modules/uuid/dist/esm-browser/validate.js","../../../../core/src/utils/getHttpsUrl.ts","../../../../core/src/utils/logger.ts","../../../../core/src/utils/checks.ts","../../../../core/src/utils/loadESModule.ts","../../../../core/src/DFPProtectedAuthProvider.ts","../../../../core/src/ErrorMarshaller.ts","../../../../core/src/EventLogger.ts","../../../../core/src/utils/dev.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BDiscoveryClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BImpersonationClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BOAuthClient.ts","../../../../core/src/utils/index.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BOrganizationClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BOTPsClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.ts","../../../../core/src/rbac.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BRBACClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BRecoveryCodesClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSCIMClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSelfClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSessionClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSSOClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BTOTPsClient.ts","../../../../core/src/HeadlessClients/HeadlessCryptoWalletClient.ts","../../../../core/src/HeadlessClients/HeadlessMagicLinkClient.ts","../../../../core/src/HeadlessClients/HeadlessPasswordClient.ts","../../../../core/src/rpc/FrameClient.ts","../../../../core/src/SearchManager.ts","../../../../core/src/SessionManager.ts","../../../../core/src/shouldTryRefresh.ts","../../../../core/src/StateChangeClient.ts","../../../../web/src/ui/react/bindings/StytchSSRProxy.ts","../../../../web/src/ui/react/utils/errors.ts","../../../../web/src/BootstrapDataManager.ts","../../../../web/src/CaptchaProvider.ts","../../../../web/src/ClientsideServicesProvider.ts","../../../../web/src/NetworkClient.ts","../../../../web/src/PKCEManager.ts","../../../../../node_modules/js-cookie/dist/js.cookie.mjs","../../../../web/src/utils/index.ts","../../../../web/src/utils/storage.ts","../../../../web/src/SubscriptionService.ts","../../../../js-utils/src/createDeepEqual.ts","../../../../web/src/utils/internal.ts","../../../../web/src/b2b/HeadlessB2BOAuthClient.ts","../../../../web/src/oneTap/navigatorSupportsFedCM.ts","../../../../web/src/oneTap/positionModes.ts","../../../../web/src/oneTap/GoogleOneTapClient.ts","../../../../web/src/b2b/oneTap/B2BOneTapProvider.ts","../../../../web/src/oneTap/OneTapProvider.ts","../../../../web/src/b2b/StytchB2BClient.ts","../../../../web/src/utils/config.ts","../../../../core/src/utils/api.ts","../../../../core/src/utils/dfp.ts","../../../../web/src/utils/createAuthUrlHandler.ts","../../../../core/src/Vertical.ts","../../../../web/src/utils/idpHelpers.ts","../../../../web/src/b2b/index.headless.ts"],"sourcesContent":["export const TEST_API_URL = 'https://test.stytch.com';\nexport const LIVE_API_URL = 'https://api.stytch.com';\nexport const CLIENTSIDE_SERVICES_IFRAME_URL = 'https://js.stytch.com/clientside-services/index.html';\n\nexport const STYTCH_DFP_BACKEND_URL = `https://telemetry.stytch.com`;\nexport const STYTCH_DFP_CDN_URL = `https://elements.stytch.com`;\n\nexport const STYTCH_SESSION_COOKIE = 'stytch_session';\nexport const STYTCH_SESSION_JWT_COOKIE = 'stytch_session_jwt';\nexport const POWERED_BY_STYTCH_IMG_URL = 'https://public-assets.stytch.com/et_powered_by_stytch_logo.png';\n\nexport const GOOGLE_ONE_TAP_HOST = 'https://accounts.google.com/gsi';\n\nexport const GOOGLE_ONE_TAP_SCRIPT_URL = `${GOOGLE_ONE_TAP_HOST}/client`;\n\nexport const DEFAULT_SESSION_DURATION_MINUTES = 30;\nexport const DEFAULT_OTP_EXPIRATION_MINUTES = 5;\n\nexport const MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING =\n \"It looks like you're creating multiple copies of the Stytch client.\" +\n ' This behavior is unsupported, and unintended side effects may occur. ' +\n \"Make sure you are creating the Stytch client at the global level, and not inside a component's render function.\";\n","import { Values } from '../../utils';\n\n/**\n * The authentication methods we support through our UI.\n * Currently we support `emailMagicLinks`, `emailOtp`, `sso`, `passwords`, and `oauth`.\n */\n\nexport const AuthFlowType = {\n Discovery: 'Discovery',\n Organization: 'Organization',\n PasswordReset: 'PasswordReset',\n} as const;\n\nexport type AuthFlowType = Values<typeof AuthFlowType>;\n\nexport const RedirectURLType = {\n ResetPassword: 'reset_password',\n} as const;\n\nexport type RedirectURLType = Values<typeof RedirectURLType>;\n\n/**\n * The OAuth providers we support in our B2B OAuth product.\n */\nexport const B2BOAuthProviders = {\n Google: 'google',\n Microsoft: 'microsoft',\n HubSpot: 'hubspot',\n Slack: 'slack',\n GitHub: 'github',\n} as const;\nexport type B2BOAuthProviders = Values<typeof B2BOAuthProviders>;\n\n/**\n * The options for email magic links. This is used if you've enabled the `emailMagicLinks` product\n * in your configuration.\n */\n\nexport type B2BEmailMagicLinksOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n discoveryRedirectURL?: string;\n loginTemplateId?: string;\n signupTemplateId?: string;\n /**\n * @param domainHint - An optional hint indicating what domain the email will be sent from.\n * This field is only required if your project uses more than one custom domain to send emails.\n */\n domainHint?: string;\n locale?: string;\n};\n\n/**\n * The options for SSO. This is used if you've enabled the `sso` product\n * in your configuration.\n */\n\nexport type B2BSSOOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n};\n\n/**\n * The options for OAuth. This is required if you've enabled the `oauth` product\n * in your configuration.\n */\n\nexport type B2BOAuthOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n discoveryRedirectURL?: string;\n /** @deprecated Use customScopes in B2BOAuthProviderConfig instead */\n customScopes?: string[];\n providers: B2BOAuthProviderConfig[];\n /** @deprecated Use providerParams in B2BOAuthProviderConfig instead */\n providerParams?: Record<string, string>;\n locale?: string;\n};\n\n/**\n * Details about the OAuth provider you wish to use. Each B2BOAuthProviderConfig object can be either a plain\n * B2BOAuthProviders string (e.g. 'google'), or an object with a type key that determines the type of provider. For\n * Google OAuth, you can optionally specify the one_tap property to display Google One Tap.\n */\nexport type B2BOAuthProviderConfig =\n | B2BOAuthProviders\n | {\n type: typeof B2BOAuthProviders.Google;\n customScopes?: string[];\n providerParams?: Record<string, string>;\n\n one_tap?: boolean;\n /**\n * Whether to cancel the One Tap prompt when the user taps outside of it.\n * This is only applicable if one_tap is true.\n */\n cancel_on_tap_outside?: boolean;\n }\n | {\n type: Exclude<B2BOAuthProviders, typeof B2BOAuthProviders.Google>;\n customScopes?: string[];\n providerParams?: Record<string, string>;\n };\n\n/**\n * The options for Passwords. This is used if you've enabled the `passwords` product\n * in your configuration.\n */\n\nexport type B2BPasswordOptions = {\n loginRedirectURL?: string;\n resetPasswordRedirectURL?: string;\n resetPasswordExpirationMinutes?: number;\n resetPasswordTemplateId?: string;\n discoveryRedirectURL?: string;\n verifyEmailTemplateId?: string;\n locale?: string;\n};\n\nexport type B2BEmailOTPOptions = {\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\nexport type B2BSMSOTPOptions = {\n locale?: string;\n};\n\nexport type DirectLoginForSingleMembershipConfig = {\n /**\n * Whether or not direct login for single membership is enabled.\n */\n status: boolean;\n /**\n * If enabled, logs user in directly even if they have pending invite to a different organization\n */\n ignoreInvites: boolean;\n /**\n * If enabled, logs user in directly even if they have organizations they could join via JIT provisioning\n */\n ignoreJitProvisioning: boolean;\n};\n\nexport const B2BMFAProducts = {\n smsOtp: 'smsOtp',\n totp: 'totp',\n} as const;\nexport type B2BMFAProducts = Values<typeof B2BMFAProducts>;\n","/* eslint-disable @typescript-eslint/no-explicit-any */\n\nimport { StytchAPIErrorType } from './StytchAPIErrorType';\n\n/**\n * An Error class thrown when the SDK is unable to reach the Stytch servers,\n * or when the Stytch servers return a value the SDK cannot understand.\n * Usually - it means that you're offline!\n */\nexport class SDKAPIUnreachableError extends Error {\n details: string;\n\n constructor(message: string, details: string) {\n super(message + '\\n' + details);\n this.message = message + '\\n' + details;\n this.name = 'SDKAPIUnreachableError';\n this.details = details;\n Object.setPrototypeOf(this, SDKAPIUnreachableError.prototype);\n }\n}\n\n/**\n * An Error class thrown when the provided input fails client-side validation -\n * for example if a field that was expected to be a number is instead a string.\n */\nexport class StytchSDKUsageError extends Error {\n constructor(methodName: string, message: string) {\n super();\n this.name = 'StytchSDKUsageError';\n this.message = `Invalid call to ${methodName}\\n` + message;\n }\n}\n\n// Example invalid schema error\n// {\n// body: [\n// {\n// keyword: 'type',\n// dataPath: '.session_duration_minutes',\n// schemaPath: '#/properties/session_duration_minutes/type',\n// params: { type: 'number' },\n// message: 'should be number',\n// },\n// ],\n// };\n// Taken from ajv/lib/ajv.d.ts\ninterface ErrorObject {\n keyword: string;\n dataPath: string;\n schemaPath: string;\n message?: string;\n}\n\n/**\n * An Error class thrown when the provided input does not adhere to the Stytch API schema -\n * for example if a field that was expected to be a number is instead a string.\n */\nexport class StytchSDKSchemaError extends Error {\n constructor(schemaError: { body?: ErrorObject[] }) {\n super();\n this.name = 'StytchSDKSchemaError';\n\n const messages = schemaError.body?.map((err) => `${err.dataPath}: ${err.message}`).join('\\n');\n\n this.message = `[400] Request does not match expected schema\\n${messages}`;\n }\n}\n\ninterface APIError {\n status_code: number;\n request_id?: string;\n error_type: StytchAPIErrorType;\n error_message: string;\n error_url: string;\n error_details?: object;\n}\n\n/**\n * An Error class wrapping a well-formed JSON error from the Stytch API.\n * The Stytch error should match one listed at {@link https://stytch.com/docs/api/errors}\n */\nexport class StytchSDKAPIError extends Error {\n error_type: StytchAPIErrorType;\n error_message: string;\n error_url: string;\n request_id?: string;\n status_code: number;\n error_details?: object;\n\n constructor(details: APIError) {\n super();\n this.name = 'StytchSDKAPIError';\n\n const { status_code, error_type, error_message, error_url, request_id, error_details } = details;\n this.error_type = error_type;\n this.error_message = error_message;\n this.error_url = error_url;\n this.request_id = request_id;\n this.status_code = status_code;\n this.error_details = error_details;\n\n this.message =\n `[${status_code}] ${error_type}\\n` +\n `${error_message}\\n` +\n `See ${error_url} for more information.\\n` +\n // Web-Backend doesn't have request IDs yet, so if a request fails there it won't have one.\n // We should figure out how returning tracing info should work\n (request_id ? `request_id: ${request_id}\\n` : '') +\n (this.error_details ? `Details: \\n` + JSON.stringify(this.error_details) + '\\n' : '');\n }\n}\n\n/**\n * If the SDK throws an error with an error type included in this array, the local session and\n * user state will be cleared locally.\n */\nexport const UNRECOVERABLE_ERROR_TYPES: StytchAPIErrorType[] = [\n 'unauthorized_credentials',\n 'user_unauthenticated',\n 'invalid_secret_authentication',\n 'session_not_found',\n];\n\n/**\n * An Error class representing an error within Stytch.\n */\nexport class StytchError extends Error {\n constructor(name: string, message: string) {\n super(message);\n this.name = name;\n }\n}\n\n/**\n * An Error class thrown when the SDK is unable to reach the Stytch servers,\n * or when the Stytch servers return a value the SDK cannot understand.\n * Usually - it means that you're offline!\n */\nexport class StytchAPIUnreachableError extends StytchError {\n constructor(details: string) {\n super('StytchAPIUnreachableError', details);\n Object.setPrototypeOf(this, StytchAPIUnreachableError.prototype);\n }\n}\n\n/**\n * An Error class thrown when the provided input does not adhere to the Stytch API schema -\n * for example if a field that was expected to be a number is instead a string.\n */\nexport class StytchAPISchemaError extends StytchError {\n constructor(schemaError: { body?: ErrorObject[] }) {\n const messages = schemaError.body?.map((err) => `${err.dataPath}: ${err.message}`).join('\\n');\n super('StytchAPISchemaError', `Request does not match expected schema\\n${messages}`);\n }\n}\n\n/**\n * An Error class wrapping a well-formed JSON error from the Stytch API.\n * The Stytch error should match one listed at {@link https://stytch.com/docs/api/errors}\n */\nexport class StytchAPIError extends StytchError {\n error_type: string;\n error_message: string;\n error_url: string;\n request_id?: string;\n status_code: number;\n error_details?: object;\n\n constructor(details: APIError) {\n const { status_code, error_type, error_message, error_url, request_id, error_details } = details;\n super(\n 'StytchAPIError',\n `[${status_code}] ${error_type}\\n` +\n `${error_message}\\n` +\n `See ${error_url} for more information.\\n` +\n // Web-Backend doesn't have request IDs yet, so if a request fails there it won't have one.\n // We should figure out how returning tracing info should work\n (request_id ? `request_id: ${request_id}\\n` : '') +\n (error_details ? `Details: \\n` + JSON.stringify(error_details) + '\\n' : ''),\n );\n this.error_type = error_type;\n this.error_message = error_message;\n this.error_url = error_url;\n this.request_id = request_id;\n this.status_code = status_code;\n this.error_details = error_details;\n }\n\n static from(err: unknown): StytchAPIError {\n if (err instanceof StytchAPIError) {\n return err;\n }\n if (err && typeof err === 'object') {\n const maybe = err as Partial<APIError>;\n if (\n typeof maybe.status_code === 'number' &&\n typeof maybe.error_type === 'string' &&\n typeof maybe.error_message === 'string' &&\n typeof maybe.error_url === 'string'\n ) {\n return new StytchAPIError({\n status_code: maybe.status_code,\n error_type: maybe.error_type,\n error_message: maybe.error_message,\n error_url: maybe.error_url,\n request_id: typeof maybe.request_id === 'string' ? maybe.request_id : undefined,\n error_details: typeof maybe.error_details === 'object' ? maybe.error_details : undefined,\n });\n }\n }\n const message = err instanceof Error ? err.message : 'Unknown error: ' + String(err);\n return new StytchAPIError({\n status_code: 400,\n error_type: 'unknown_error',\n error_message: message,\n error_url: '',\n request_id: undefined,\n error_details: undefined,\n });\n }\n}\n\nexport type StytchSDKErrorOptions = {\n url?: string;\n};\n\n/**\n * An Error class used in the Stytch SDK.\n */\nexport class StytchSDKError extends StytchError {\n options?: StytchSDKErrorOptions;\n\n constructor(name: string, description: string, options?: StytchSDKErrorOptions) {\n super(name, description);\n this.options = options;\n }\n}\n\nexport type StytchSDKUIError = {\n message: string;\n};\n\n/**\n * Thrown when you attempt to perform an action that requires a session, but no local session exists\n */\nexport class NoCurrentSessionError extends StytchSDKError {\n constructor() {\n super(\n 'NoCurrentSessionError',\n 'There is no session currently available. Make sure the user is authenticated with a valid session.',\n );\n }\n}\n\n/**\n * Thrown when an unrecognized error is thrown\n */\nexport class InternalError extends StytchSDKError {\n nativeStack?: unknown;\n\n constructor(error: any) {\n super(\n error.name ? error.name : 'Internal Error',\n error.message ? error.message : 'An internal error has occurred. Please contact Stytch if this occurs.',\n );\n this.nativeStack = error.nativeStackAndroid || error.nativeStackIOS;\n }\n}\n\n/**\n * Thrown when no biometric registration exists\n */\nexport class NoBiometricsRegistrationError extends StytchSDKError {\n constructor() {\n super(\n 'NoBiometricsRegistrationError',\n 'There is no biometric registration available. Authenticate with another method and add a new biometric registration first.',\n );\n }\n}\n\n/**\n * Thrown when biometrics are unavailable on the device\n */\nexport class BiometricsUnavailableError extends StytchSDKError {\n constructor() {\n super('BiometricsUnavailableError', 'Biometrics is not available on the device.');\n }\n}\n\n/**\n * Thrown when the biometrics enrollment has changed, and the underlying key is no longer usable\n */\nexport class KeyInvalidatedError extends StytchSDKError {\n constructor() {\n super('KeyInvalidatedError', 'The biometrics enrollment on the device has changed.');\n }\n}\n\n/**\n * Thrown when the Keystore is determined to be unavailable\n */\nexport class KeystoreUnavailableError extends StytchSDKError {\n constructor() {\n super(\n 'KeystoreUnavailableError',\n 'The Android keystore is unavailable on the device. Consider setting allowFallbackToCleartext to true.',\n );\n }\n}\n\n/**\n * Thrown when there is no biometric factor enrolled on device\n */\nexport class NoBiometricsEnrolledError extends StytchSDKError {\n constructor() {\n super(\n 'NoBiometricsEnrolledError',\n 'There is no biometric factor enrolled on the device. Add a biometric factor in the device settings.',\n );\n }\n}\n\n/**\n * Thrown when there is no biometric factor enrolled on device\n */\nexport class BiometricsAlreadyEnrolledError extends StytchSDKError {\n constructor() {\n super(\n 'BiometricsAlreadyEnrolledError',\n 'There is already a biometric factor enrolled on this device. Fully authenticate with all factors and remove the existing registration before attempting to register again.',\n );\n }\n}\n\n/**\n * Thrown when the user has cancelled the prompt\n */\nexport class UserCancellationError extends StytchSDKError {\n constructor() {\n super('UserCancellationError', 'The user canceled the prompt. Ask the user to try again.');\n }\n}\n\n/**\n * Thrown when the user has been locked out of biometrics\n */\nexport class UserLockedOutError extends StytchSDKError {\n constructor() {\n super(\n 'UserLockedOutError',\n 'The user has been locked out due to too many failed attempts. Ask the user to try again later.',\n );\n }\n}\n\n/**\n * Thrown when biometrics register/authenticate calls are made with mismatched `allowDeviceCredentials` parameter\n */\nexport class DeviceCredentialsNotAllowedError extends StytchSDKError {\n constructor() {\n super(\n 'DeviceCredentialsNotAllowedError',\n 'The device credentials allowment is mismatched. Change the allowDeviceCredentials parameter to be the same in both the register and authenticate methods.',\n );\n }\n}\n\n/**\n * Thrown when no Google client ID is found for the project\n */\nexport class MissingGoogleClientIDError extends StytchSDKError {\n constructor() {\n super('MissingGoogleClientIDError', 'No Google client ID was found in the project.');\n }\n}\n\n/**\n * Thrown when there was an error generating or retrieving a PKCE keypair\n */\nexport class MissingPKCEError extends StytchSDKError {\n constructor() {\n super('MissingPKCEError', 'Make sure this flow is completed on the same device on which it was started.');\n }\n}\n\n/**\n * Thrown when a native OAuth flow is missing the id_token\n */\nexport class MissingAuthorizationCredentialIDTokenError extends StytchSDKError {\n constructor() {\n super('MissingAuthorizationCredentialIDTokenError', 'The authorization credential is missing an ID token.');\n }\n}\n\n/**\n * Thrown when a native OAuth flow returns an invalid credential\n */\nexport class InvalidAuthorizationCredentialError extends StytchSDKError {\n constructor() {\n super(\n 'InvalidAuthorizationCredentialError',\n 'The authorization credential is invalid. Verify that OAuth is set up correctly in the developer console, and call the start flow method.',\n );\n }\n}\n\n/**\n * Thrown when a Google OneTap flow is not completed successfully\n */\nexport class NoCredentialsPresentError extends StytchSDKError {\n constructor() {\n super('NoCredentialsPresentError', 'The user did not provide credentials for a Google OneTap attempt');\n }\n}\n\n/**\n * Thrown when a public key was not found\n */\nexport class MissingPublicKeyError extends StytchSDKError {\n constructor() {\n super('MissingPublicKeyError', 'Failed to retrieve the public key. Add a new biometric registration.');\n }\n}\n\n/**\n * Thrown when the challenge string failed to be signed\n */\nexport class ChallengeSigningFailedError extends StytchSDKError {\n constructor() {\n super('ChallengeSigningFailedError', 'Failed to sign the challenge with the key.');\n }\n}\n\n/**\n * Thrown when the SDK has not been configured\n */\nexport class SDKNotConfiguredError extends StytchSDKError {\n constructor() {\n super(\n 'SDKNotConfiguredError',\n 'Stytch client is not confiured. You must call the configure method before using the SDK',\n );\n }\n}\n\n/**\n * Thrown when the code challenge failed to be generated\n */\nexport class FailedCodeChallengeError extends StytchSDKError {\n constructor() {\n super('FailedCodeChallengeError', 'Failed to create a code challenge');\n }\n}\n\n/**\n * Thrown when Passkeys are unsupported on a device\n */\nexport class PasskeysUnsupportedError extends StytchSDKError {\n constructor() {\n super('PasskeysUnsupportedError', 'Passkeys are not supported on this device');\n }\n}\n\n/**\n * Thrown when user data failed to be decrypted\n */\nexport class FailedToDecryptDataError extends StytchSDKError {\n constructor() {\n super('FailedToDecryptDataError', 'Failed to decrypt user data');\n }\n}\n\n/**\n * Thrown when Biometrics failed\n */\nexport class BiometricsFailedError extends StytchSDKError {\n constructor() {\n super('BiometricsFailedError', 'Biometric authentication failed');\n }\n}\n\n/**\n * Thrown when a start URL was invalid\n */\nexport class InvalidStartUrlError extends StytchSDKError {\n constructor() {\n super('InvalidStartUrlError', 'The start URL was invalid or improperly formatted.');\n }\n}\n\n/**\n * Thrown when a redirect url was invalid\n */\nexport class InvalidRedirectSchemeError extends StytchSDKError {\n constructor() {\n super(\n 'InvalidRedirectSchemeError',\n 'The scheme from the given redirect urls was invalid. Possible reasons include: nil scheme, non-custom scheme (using http or https), or differing schemes for login/signup urls.',\n );\n }\n}\n\n/**\n * Thrown when the underlying web authentication service failed to return a URL.\n */\nexport class MissingUrlError extends StytchSDKError {\n constructor() {\n super('MissingUrlError', 'The underlying web authentication service failed to return a URL.');\n }\n}\n\n/**\n * Thrown when the public key credential type was not of the expected type.\n */\nexport class InvalidCredentialTypeError extends StytchSDKError {\n constructor() {\n super('InvalidCredentialTypeError', 'The public key credential type was not of the expected type.');\n }\n}\n\n/**\n * Thrown when the public key credential is missing the attestation object\n */\nexport class MissingAttestationObjectError extends StytchSDKError {\n constructor() {\n super('MissingAttestationObjectError', 'The public key credential is missing the attestation object.');\n }\n}\n\n/**\n * Thrown when we received JSON data that could not be converted to a string\n */\nexport class JSONDataNotConvertibleToStringError extends StytchSDKError {\n constructor() {\n super('JSONDataNotConvertibleToStringError', 'JSON data unable to be converted to String type.');\n }\n}\n\n/**\n * Thrown when RNG fails\n */\nexport class RandomNumberGenerationFailed extends StytchSDKError {\n constructor() {\n super('RandomNumberGenerationFailed', 'Random number generation failed');\n }\n}\n\n/**\n * Thrown when there was an invalid encoding used for a Passkeys request\n */\nexport class PasskeysInvalidEncoding extends StytchSDKError {\n constructor() {\n super('PasskeysInvalidEncoding', 'Invalid passkey encoding');\n }\n}\n\n/**\n * Thrown when Passkeys support is misconfigured\n */\nexport class PasskeysMisconfigured extends StytchSDKError {\n constructor() {\n super(\n 'PasskeysMisconfigured',\n 'Passkeys are misconfigured. Verify that you have added the correct associated domain for your application, and that the signing information is correct.',\n );\n }\n}\n\n/**\n * Thrown when there was an invalid encoding used for a Passkeys request\n */\nexport class SignInWithAppleMisconfigured extends StytchSDKError {\n constructor() {\n super(\n 'SignInWithAppleMisconfigured',\n 'Sign In With Apple is misconfigured. Verify that you have correctly configured Apple OAuth in the Stytch Dashboard and added the Sign In With Apple capability to your project.',\n );\n }\n}\n\nexport class MissingCipherIv extends StytchSDKError {\n constructor() {\n super(\n 'MissingCipherIv',\n 'The expected cipher Iv was not found when attempting to decrypt an existing biometric key.',\n );\n }\n}\n\nexport class InvalidPrivateKeyLength extends StytchSDKError {\n constructor() {\n super('InvalidPrivateKeyLength', `The private key was of an incorrect length.`);\n }\n}\n\nexport class BiometricRegistrationIdIsNullOrBlank extends StytchSDKError {\n constructor() {\n super(\n 'BiometricRegistrationIdIsNullOrBlank',\n 'Attempted to set a blank or null biometric registration ID. This is not allowed, and indicates no registration was created on the server. Consider deleting any local keys that may have been generated.',\n );\n }\n}\n\nexport class DFPNotConfigured extends StytchSDKError {\n constructor() {\n super(\n 'DFPNotConfigured',\n 'You have attempted to retrieve a telemetry ID before the DFP client has been configured.',\n );\n }\n}\n\n/**\n * Thrown when a client attempts to start an OAuth flow but does not pass all required fields\n */\nexport class IDPOAuthFlowMissingParamError extends StytchSDKError {\n constructor(details: string) {\n super('IDPOAuthFlowMissingParamError', details);\n }\n}\n\nexport function errorToStytchError(error: any): StytchSDKError {\n if (error instanceof StytchSDKError) return error;\n\n switch (error.message) {\n case 'no_current_session':\n return new NoCurrentSessionError();\n case 'no_biometrics_registration':\n return new NoBiometricsRegistrationError();\n case 'biometrics_unavailable':\n return new BiometricsUnavailableError();\n case 'key_invalidated':\n return new KeyInvalidatedError();\n case 'device_hardware_error':\n return new BiometricsUnavailableError();\n case 'biometrics_not_available':\n return new BiometricsUnavailableError();\n case 'no_biometrics_enrolled':\n return new NoBiometricsEnrolledError();\n case 'keystore_unavailable':\n return new KeystoreUnavailableError();\n case 'no_biometric_key':\n return new KeyInvalidatedError();\n case 'device_credentials_not_allowed':\n return new DeviceCredentialsNotAllowedError();\n case 'user_cancellation':\n return new UserCancellationError();\n case 'user_locked_out':\n return new UserLockedOutError();\n case 'google_onetap_missing_id_token':\n return new MissingAuthorizationCredentialIDTokenError();\n case 'google_onetap_missing_member':\n return new InvalidAuthorizationCredentialError();\n case 'oauth_apple_missing_id_token':\n return new MissingAuthorizationCredentialIDTokenError();\n case 'oauth_apple_credential_invalid':\n return new InvalidAuthorizationCredentialError();\n case 'missing_public_key':\n return new MissingPublicKeyError();\n case 'challenge_signing_failed':\n return new ChallengeSigningFailedError();\n case 'missing_authorization_credential_id_token':\n return new MissingAuthorizationCredentialIDTokenError();\n case 'invalid_authorization_credential':\n return new InvalidAuthorizationCredentialError();\n case 'no_credentials_present':\n return new NoCredentialsPresentError();\n case 'sdk_not_configured':\n return new SDKNotConfiguredError();\n case 'failed_code_challenge':\n return new FailedCodeChallengeError();\n case 'passkeys_unsupported':\n return new PasskeysUnsupportedError();\n case 'failed_to_decrypt_data':\n return new FailedToDecryptDataError();\n case 'biometrics_failed':\n return new BiometricsFailedError();\n case 'invalid_start_url':\n return new InvalidStartUrlError();\n case 'invalid_redirect_scheme':\n return new InvalidRedirectSchemeError();\n case 'missing_url':\n return new MissingUrlError();\n case 'invalid_credential_type':\n return new InvalidCredentialTypeError();\n case 'missing_attestation_object':\n return new MissingAttestationObjectError();\n case 'json_data_not_convertible_to_string':\n return new JSONDataNotConvertibleToStringError();\n case 'random_number_generation_failed':\n return new RandomNumberGenerationFailed();\n case 'passkeys_invalid_encoding':\n return new PasskeysInvalidEncoding();\n case 'passkeys_misconfigured':\n return new PasskeysMisconfigured();\n case 'signinwithapple_misconfigured':\n return new SignInWithAppleMisconfigured();\n case 'missing_cipher_iv':\n return new MissingCipherIv();\n case 'invalid_private_key_length':\n return new InvalidPrivateKeyLength();\n case 'biometric_registration_id_is_null_or_blank':\n return new BiometricRegistrationIdIsNullOrBlank();\n case 'dfp_not_configured':\n return new DFPNotConfigured();\n default:\n return new InternalError(error);\n }\n}\n","import type { Values } from '../utils';\nimport {\n B2BDiscoveryIntermediateSessionsExchangeResponse,\n B2BDiscoveryOrganizationsCreateResponse,\n B2BDiscoveryOTPEmailAuthenticateResponse,\n B2BDiscoveryOTPEmailSendResponse,\n B2BImpersonationAuthenticateResponse,\n B2BMagicLinkLoginOrSignupResponse,\n B2BMagicLinksAuthenticateResponse,\n B2BMagicLinksDiscoveryAuthenticateResponse,\n B2BMagicLinksEmailDiscoverySendResponse,\n B2BOAuthAuthenticateResponse,\n B2BOAuthDiscoveryAuthenticateResponse,\n B2BOrganizationsGetBySlugResponse,\n B2BOTPsEmailAuthenticateResponse,\n B2BOTPsEmailLoginOrSignupResponse,\n B2BPasswordAuthenticateResponse,\n B2BPasswordDiscoveryAuthenticateResponse,\n B2BPasswordDiscoveryResetByEmailResponse,\n B2BPasswordDiscoveryResetByEmailStartResponse,\n B2BPasswordResetByEmailResponse,\n B2BPasswordResetByEmailStartResponse,\n B2BPasswordResetBySessionResponse,\n B2BSMSAuthenticateResponse,\n B2BSMSSendResponse,\n B2BSSODiscoverConnectionsResponse,\n B2BTOTPAuthenticateResponse,\n B2BTOTPCreateResponse,\n RecoveryCodeRecoverResponse,\n SSOAuthenticateResponse,\n} from './b2b';\nimport { CryptoWalletAuthenticateResponse, CryptoWalletAuthenticateStartResponse } from './cryptoWallets';\nimport { MagicLinksLoginOrCreateResponse } from './magicLinks';\nimport { OTPsAuthenticateResponse, OTPsLoginOrCreateResponse } from './otps';\nimport {\n PasswordAuthenticateResponse,\n PasswordCreateResponse,\n PasswordResetByEmailResponse,\n PasswordResetByEmailStartResponse,\n} from './passwords';\nimport { StytchSDKUIError } from './SDKErrors';\nimport { StytchProjectConfigurationInput } from './typeConfig';\nimport { WebAuthnAuthenticateResponse, WebAuthnRegisterResponse } from './webauthn';\n\ntype DeepPartial<K> = {\n [attr in keyof K]?: K[attr] extends object ? DeepPartial<K[attr]> : K[attr];\n};\n\n/**\n * The options for email magic links. This is used if you've enabled the `emailMagicLinks` product\n * in your configuration.\n */\n\nexport type EmailMagicLinksOptions = {\n loginRedirectURL?: string;\n loginExpirationMinutes?: number;\n signupRedirectURL?: string;\n signupExpirationMinutes?: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n createUserAsPending?: boolean;\n /**\n * @param domainHint - An optional hint indicating what domain the email will be sent from.\n * This field is only required if your project uses more than one custom domain to send emails.\n */\n domainHint?: string;\n locale?: string;\n};\n\n/**\n * The OAuth providers we support in our OAuth product.\n * Currently we support `Amazon`, `Apple`, `Bitbucket`, `Discord`, `Facebook`, `Figma`, `Google`, `GitLab`,\n * `LinkedIn`, `Microsoft`, `Salesforce`, `Slack`, `Snapchat`, `TikTok`, `Twitch`, `Twitter`, and `Yahoo`.\n */\n\nexport const OAuthProviders = {\n Google: 'google',\n Microsoft: 'microsoft',\n Apple: 'apple',\n Github: 'github',\n GitLab: 'gitlab',\n Facebook: 'facebook',\n Discord: 'discord',\n Salesforce: 'salesforce',\n Slack: 'slack',\n Amazon: 'amazon',\n Bitbucket: 'bitbucket',\n LinkedIn: 'linkedin',\n Coinbase: 'coinbase',\n Twitch: 'twitch',\n Twitter: 'twitter',\n TikTok: 'tiktok',\n Snapchat: 'snapchat',\n Figma: 'figma',\n Yahoo: 'yahoo',\n} as const;\n\nexport type OAuthProviders = Values<typeof OAuthProviders>;\n\n/**\n * The Crypto Wallets we support in our crypto product.\n * Currently we support all ethereum and solana wallets.\n * We additionally detect and show popular wallets as distinct options.\n * The list of poular wallets include `Binance`, `Coinbase`, `Metamask`, and `Phantom`\n */\n\nexport const Wallets = {\n Phantom: 'Phantom',\n Metamask: 'Metamask',\n Coinbase: 'Coinbase',\n Binance: 'Binance',\n GenericEthereumWallet: 'GenericEthereumWallet',\n GenericSolanaWallet: 'GenericSolanaWallet',\n} as const;\n\nexport type Wallets = Values<typeof Wallets>;\n\n/**\n * Supported behaviors for positioning Google One Tap. The actual behavior\n * depends on browser support and Google's One Tap implementation.\n */\n\nexport const OneTapPositions = {\n /**\n * Display Google One Tap using a native browser prompt if available, or\n * embedded in the existing SDK login form otherwise.\n * @deprecated This option has been renamed to `floatingOrEmbedded`\n */\n embedded: 'embedded',\n /**\n * Display the One Tap prompt using a native browser prompt if available, or\n * in the top right corner otherwise. This is the default option.\n */\n floating: 'floating',\n /**\n * Display the One Tap prompt embedded in the existing SDK login form if a\n * native browser prompt is not available, or not at all otherwise. This\n * option is not recommended for new applications.\n */\n embeddedOnly: 'embeddedOnly',\n /**\n * Display the One Tap prompt using a native browser prompt if available, or\n * embedded in the existing SDK login form otherwise.\n */\n floatingOrEmbedded: 'floatingOrEmbedded',\n /**\n * Attempt to display the One Tap prompt embedded in the existing SDK login\n * form, even if a native browser prompt is supported. This option is not\n * recommended. It disables native browser FedCM support even where it is\n * available, and will stop being honored by Google in the future.\n */\n forceLegacyEmbedded: 'forceLegacyEmbedded',\n} as const;\n\nexport type OneTapPositions = Values<typeof OneTapPositions>;\n\nexport type ProviderOptions = {\n type: OAuthProviders;\n one_tap?: boolean;\n position?: OneTapPositions;\n /**\n * Whether to cancel the One Tap prompt when the user taps outside of it.\n * This is only applicable if one_tap is true.\n */\n cancel_on_tap_outside?: boolean;\n custom_scopes?: string[];\n provider_params?: Record<string, string>;\n};\n\n/**\n * An array of OAuth providers you wish to use. Each Provider is an object with a type key that\n * determines the type of provider. Each Provider accepts an optional custom_scopes array of\n * scopes that Stytch will request for your application in addition to the base set of scopes\n * required for login. The order of the providers in the array determines the order of the\n * rendered buttons.\n */\nexport type ProvidersOptions = ProviderOptions[];\n\n/**\n * The options for oAuth. This is required if you've enabled the `oauth` product\n * in your configuration.\n */\n\nexport type OAuthOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n providers: ProvidersOptions;\n};\n\n/**\n * The methods array allows you to specify the authentication methods that you would like to expose\n * to your users. The order of the products that you include here will also be the order in which\n * they appear in the login form, with the first product specified appearing at the top of the login\n * form. We currently support passcodes on `email`, `sms` and `whatsapp`\n */\n\nexport const OTPMethods = {\n SMS: 'sms',\n WhatsApp: 'whatsapp',\n Email: 'email',\n} as const;\n\nexport type OTPMethods = Values<typeof OTPMethods>;\n\n/**\n * The options for One Time Passcodes. This is required if you've enabled the `otp` product\n * in your configuration.\n */\n\nexport type OtpOptions = {\n methods: OTPMethods[];\n expirationMinutes: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\n/**\n * The options for passwords. This is used if you've enabled the `passwords` product\n * in your configuration.\n */\n\nexport type PasswordOptions = {\n loginRedirectURL?: string;\n loginExpirationMinutes?: number;\n resetPasswordRedirectURL?: string;\n resetPasswordExpirationMinutes?: number;\n resetPasswordTemplateId?: string;\n locale?: string;\n};\n\n/**\n * The options for Session Management. If you are using the UI components,\n * we also create a session for users when they log in.\n */\n\nexport type SessionOptions = {\n sessionDurationMinutes: number;\n};\n\nexport type PasskeyOptions = {\n /**\n * Sets the domain option for both webauthn registration and authentication.\n * @default window.location.hostname\n */\n domain?: string;\n};\n\nexport type StringsOptions = {\n /**\n * Specify custom strings to be used in the prebuilt UI. Consult the message\n * catalog (`messages/en.po` or `messages/b2b/en.po`) for the list of\n * available strings. Each value should be specified using ICU MessageFormat.\n *\n * Strings that are not defined will use the default English value as a\n * fallback.\n */\n strings?: Record<string, string>;\n};\n\n/**\n * The style configuration allows you to customize the look of the SDK. You can specify some of\n * them or none at all.\n */\nexport type StyleConfig = DeepPartial<{\n /**\n * The configuration object for the Stytch UI container.\n */\n container: {\n /**\n * The background color of the SDK container.\n */\n backgroundColor: string;\n /**\n * The border color of the SDK container.\n */\n borderColor: string;\n /**\n * The border radius of the SDK container.\n */\n borderRadius: string;\n /**\n * The width of the SDK container.\n */\n width: string;\n };\n\n /**\n * The configuration object for colors used in the Stytch UI.\n */\n colors: {\n /**\n * Your primary brand color. This will be applied to most of the text in the SDK.\n */\n primary: string;\n /**\n * Your secondary brand color. This will be applied to text disclaimers and other visual elements.\n */\n secondary: string;\n /**\n * Your accent brand color. This will be applied to backgrounds of messages to draw user's attention.\n * This should have strong contrast with the primary text color for accessibility.\n */\n accent: string;\n /**\n * A success color to be used in visual elements.\n */\n success: string;\n /**\n * A warning color to be used in visual elements.\n */\n warning: string;\n /**\n * An error color to be used in visual elements.\n */\n error: string;\n };\n\n /**\n * The configuration object for buttons in the Stytch UI components.\n */\n buttons: {\n /**\n * The configuration object for primary buttons. These buttons are used in primary actions\n * including magic links, one-time passcodes and passwords products.\n */\n primary: {\n /**\n * The background color of the primary button.\n */\n backgroundColor: string;\n /**\n * The text color of the primary button.\n */\n textColor: string;\n /**\n * The border color of the primary button.\n */\n borderColor: string;\n /**\n * The border radius of the primary button.\n */\n borderRadius: string;\n };\n\n /**\n * The configuration object for secondary buttons.\n */\n secondary: {\n /**\n * The background color of the secondary button. These buttons are used in secondary actions\n * including but not limited OAuth and crypto wallets.\n */\n backgroundColor: string;\n /**\n * The text color of the secondary button.\n */\n textColor: string;\n /**\n * The border color of the secondary button.\n */\n borderColor: string;\n /**\n * The border radius of the secondary button.\n */\n borderRadius: string;\n };\n\n /**\n * The configuration object for disabled buttons.\n */\n disabled: {\n /**\n * The background color of the disabled button.\n */\n backgroundColor: string;\n /**\n * The text color of the disabled button.\n */\n textColor: string;\n /**\n * The border color of the disabled button.\n */\n borderColor: string;\n /**\n * The border radius of the disabled button.\n */\n borderRadius: string;\n };\n };\n\n /**\n * The configuration object for text inputs in the Stytch UI components.\n */\n inputs: {\n /**\n * The background color of the text inputs.\n */\n backgroundColor: string;\n /**\n * The text color of the text inputs.\n */\n textColor: string;\n /**\n * The color of the placeholder text in the text inputs.\n */\n placeholderColor: string;\n /**\n * The border color of the text inputs.\n */\n borderColor: string;\n /**\n * The border radius of the text inputs.\n */\n borderRadius: string;\n };\n\n /**\n * The font family that will apply to all text in the SDK.\n */\n fontFamily: string;\n\n /**\n * When this value is false, the title and description text will not show in the SDK.\n */\n hideHeaderText: boolean;\n\n /**\n * The configuration object for your custom logo.\n */\n logo: {\n /**\n * The URL of your custom logo.\n */\n logoImageUrl: string;\n };\n}>;\n\nexport type IDPConsentItem =\n | string\n | {\n /**\n * A one liner description of access being requested\n * @example\n * 'View content and info about you'\n */\n text: string;\n /**\n * A detailed list of access being requested for a line item\n * Each item in the array will be displayed as a separate bullet point\n * @example\n * [\n * 'View content you have added to the platform, including videos and comments',\n * 'View information shared on the platform, including your name, and email'\n * ]\n */\n details?: string[];\n };\n\nexport type IDPConsentSection = {\n /**\n * A top-level header for a section of the consent screen\n * @example\n * '$Application is requesting to edit'\n */\n header: string;\n /**\n * A collection of {@link IDPConsentItem} rows to render with the supplied header\n */\n items: IDPConsentItem[];\n};\n\n/**\n * An IDP Consent Screen Manifest defines the text to be shown to the end user during\n * a consent flow. Manifests can be used to customize grouping of access controls.\n * For example, an application can choose to group access controls by action being performed,\n * by resource being accessed, or by something else entirely.\n * @example\n * // A simple list will be rendered as a list of bullet points\n * [\n * { text: 'Content and info about you' },\n * { text: 'Content and info about your workspace' },\n * { text: 'Create and delete new items in your workspace' },\n * ]\n * @example\n * // Items can have nested details\n * [\n * {\n * text: 'Content and info about you'\n * details: [\n * 'View content you have added to the platform, including videos and comments',\n * 'View information shared on the platform, including your name, and email'\n * ]\n * }\n * ]\n * @example\n * // Items can be grouped with headers\n * [\n * {\n * header: '$Application is requesting to view:',\n * items: [\n * { text: 'Content and info about you' },\n * { text: 'Content and info about your workspace' },\n * ]\n * },\n * {\n * header: '$Application is requesting to edit:',\n * items: [\n * { text: 'Your workspace items' }\n * ]\n * }\n * ]\n */\nexport type IDPConsentScreenManifest = IDPConsentSection[] | IDPConsentItem[];\n\nexport enum StytchEventType {\n MagicLinkLoginOrCreateEvent = 'MAGIC_LINK_LOGIN_OR_CREATE',\n OTPsLoginOrCreateEvent = 'OTP_LOGIN_OR_CREATE',\n OTPsAuthenticate = 'OTP_AUTHENTICATE',\n CryptoWalletAuthenticateStart = 'CRYPTO_WALLET_AUTHENTICATE_START',\n CryptoWalletAuthenticate = 'CRYPTO_WALLET_AUTHENTICATE',\n PasswordCreate = 'PASSWORD_CREATE',\n PasswordAuthenticate = 'PASSWORD_AUTHENTICATE',\n PasswordResetByEmailStart = 'PASSWORD_RESET_BY_EMAIL_START',\n PasswordResetByEmail = 'PASSWORD_RESET_BY_EMAIL',\n PasskeyRegister = 'PASSKEY_REGISTER',\n PasskeyAuthenticate = 'PASSKEY_AUTHENTICATE',\n PasskeySkip = 'PASSKEY_SKIP',\n PasskeyDone = 'PASSKEY_DONE',\n /**\n * The authentication UI flow has completed successfully, including any steps\n * that take place after obtaining a valid session (such as saving recovery\n * codes).\n */\n AuthenticateFlowComplete = 'AUTHENTICATE_FLOW_COMPLETE',\n /**\n * An OAuth Authorization flow has been initiated by a Connected Application.\n * The end-user may be prompted for consent to continue depending on the application\n * that is requesting access.\n */\n OAuthAuthorizeFlowStart = 'OAUTH_AUTHORIZE_FLOW_START',\n /**\n * The end-user has completed the Authorization flow and is about to be redirected\n * back to the Connected Application\n */\n OAuthAuthorizeFlowComplete = 'OAUTH_AUTHORIZE_FLOW_COMPLETE',\n /**\n * The end-user has denied the Authorization flow and is about to be redirected\n * back to the Connected Application with an error message\n */\n OAuthAuthorizeFlowConsentDenied = 'OAUTH_AUTHORIZE_FLOW_CONSENT_DENIED',\n // More Events will go here ...\n // B2B Events\n B2BMagicLinkEmailLoginOrSignup = 'B2B_MAGIC_LINK_EMAIL_LOGIN_OR_SIGNUP',\n B2BMagicLinkAuthenticate = 'B2B_MAGIC_LINK_AUTHENTICATE',\n B2BMagicLinkEmailDiscoverySend = 'B2B_MAGIC_LINK_EMAIL_DISCOVERY_SEND',\n B2BMagicLinkDiscoveryAuthenticate = 'B2B_MAGIC_LINK_DISCOVERY_AUTHENTICATE',\n B2BSSOStart = 'B2B_SSO_START',\n B2BSSOAuthenticate = 'B2B_SSO_AUTHENTICATE',\n B2BSSODiscoverConnections = 'B2B_SSO_DISCOVER_CONNECTIONS',\n B2BOAuthAuthenticate = 'B2B_OAUTH_AUTHENTICATE',\n B2BOAuthDiscoveryAuthenticate = 'B2B_OAUTH_DISCOVERY_AUTHENTICATE',\n B2BDiscoveryOrganizationsCreate = 'B2B_DISCOVERY_ORGANIZATIONS_CREATE',\n B2BDiscoveryIntermediateSessionExchange = 'B2B_DISCOVERY_INTERMEDIATE_SESSION_EXCHANGE',\n B2BPasswordAuthenticate = 'B2B_PASSWORD_AUTHENTICATE',\n B2BPasswordDiscoveryAuthenticate = 'B2B_PASSWORD_DISCOVERY_AUTHENTICATE',\n B2BPasswordResetByEmailStart = 'B2B_PASSWORD_RESET_BY_EMAIL_START',\n B2BPasswordResetByEmail = 'B2B_PASSWORD_RESET_BY_EMAIL',\n B2BPasswordResetBySession = 'B2B_PASSWORD_RESET_BY_SESSION',\n B2BSMSOTPSend = 'B2B_SMS_OTP_SEND',\n B2BSMSOTPAuthenticate = 'B2B_SMS_OTP_AUTHENTICATE',\n B2BTOTPCreate = 'B2B_TOTP_CREATE',\n B2BTOTPAuthenticate = 'B2B_TOTP_AUTHENTICATE',\n B2BRecoveryCodesRecover = 'B2B_RECOVERY_CODES_RECOVER',\n B2BPasswordDiscoveryResetStart = 'B2B_PASSWORD_DISCOVERY_RESET_BY_EMAIL_START',\n B2BDiscoveryPasswordReset = 'B2B_PASSWORD_DISCOVERY_RESET_BY_EMAIL',\n B2BImpersonationAuthenticate = 'B2B_IMPERSONATION_AUTHENTICATE',\n B2BOTPsEmailAuthenticate = 'B2B_OTPS_EMAIL_AUTHENTICATE',\n B2BOTPsEmailDiscoveryAuthenticate = 'B2B_OTPS_EMAIL_DISCOVERY_AUTHENTICATE',\n B2BOTPsEmailDiscoverySend = 'B2B_OTPS_EMAIL_DISCOVERY_SEND',\n B2BOTPsEmailLoginOrSignup = 'B2B_OTPS_EMAIL_LOGIN_OR_SIGNUP',\n B2BOrganizationsGetBySlug = 'B2B_ORGANIZATIONS_GET_BY_SLUG',\n}\n\ntype StytchEventMap<TProjectConfiguration extends StytchProjectConfigurationInput> = {\n [StytchEventType.MagicLinkLoginOrCreateEvent]: MagicLinksLoginOrCreateResponse & { email: string };\n [StytchEventType.OTPsLoginOrCreateEvent]: OTPsLoginOrCreateResponse;\n [StytchEventType.OTPsAuthenticate]: OTPsAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.CryptoWalletAuthenticateStart]: CryptoWalletAuthenticateStartResponse;\n [StytchEventType.CryptoWalletAuthenticate]: CryptoWalletAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.PasswordCreate]: PasswordCreateResponse<TProjectConfiguration>;\n [StytchEventType.PasswordAuthenticate]: PasswordAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordDiscoveryAuthenticate]: B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.PasswordResetByEmailStart]: PasswordResetByEmailStartResponse;\n [StytchEventType.PasswordResetByEmail]: PasswordResetByEmailResponse<TProjectConfiguration>;\n [StytchEventType.AuthenticateFlowComplete]: Record<string, never>;\n [StytchEventType.B2BMagicLinkEmailLoginOrSignup]: B2BMagicLinkLoginOrSignupResponse & { email: string };\n [StytchEventType.B2BMagicLinkAuthenticate]: B2BMagicLinksAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BMagicLinkEmailDiscoverySend]: B2BMagicLinksEmailDiscoverySendResponse;\n [StytchEventType.B2BMagicLinkDiscoveryAuthenticate]: B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BSSOStart]: Record<string, never>;\n [StytchEventType.B2BSSOAuthenticate]: SSOAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BSSODiscoverConnections]: B2BSSODiscoverConnectionsResponse;\n [StytchEventType.B2BDiscoveryOrganizationsCreate]: B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordAuthenticate]: B2BPasswordAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordResetByEmailStart]: B2BPasswordResetByEmailStartResponse;\n [StytchEventType.B2BPasswordResetByEmail]: B2BPasswordResetByEmailResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordResetBySession]: B2BPasswordResetBySessionResponse<TProjectConfiguration>;\n [StytchEventType.B2BDiscoveryIntermediateSessionExchange]: B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>;\n [StytchEventType.B2BOAuthAuthenticate]: B2BOAuthAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOAuthDiscoveryAuthenticate]: B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.PasskeySkip]: Record<string, never>;\n [StytchEventType.PasskeyDone]: Record<string, never>;\n [StytchEventType.PasskeyRegister]: WebAuthnRegisterResponse<TProjectConfiguration>;\n [StytchEventType.PasskeyAuthenticate]: WebAuthnAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BSMSOTPSend]: B2BSMSSendResponse;\n [StytchEventType.B2BSMSOTPAuthenticate]: B2BSMSAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BTOTPCreate]: B2BTOTPCreateResponse;\n [StytchEventType.B2BTOTPAuthenticate]: B2BTOTPAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BRecoveryCodesRecover]: RecoveryCodeRecoverResponse<TProjectConfiguration>;\n [StytchEventType.B2BDiscoveryPasswordReset]: B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordDiscoveryResetStart]: B2BPasswordDiscoveryResetByEmailStartResponse;\n [StytchEventType.B2BImpersonationAuthenticate]: B2BImpersonationAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOTPsEmailDiscoverySend]: B2BDiscoveryOTPEmailSendResponse;\n [StytchEventType.B2BOTPsEmailAuthenticate]: B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOTPsEmailDiscoveryAuthenticate]: B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOTPsEmailLoginOrSignup]: B2BOTPsEmailLoginOrSignupResponse;\n [StytchEventType.B2BOrganizationsGetBySlug]: B2BOrganizationsGetBySlugResponse;\n [StytchEventType.OAuthAuthorizeFlowStart]: { client_id: string; redirect_uri: string; scope: string };\n [StytchEventType.OAuthAuthorizeFlowComplete]: Record<string, never>;\n [StytchEventType.OAuthAuthorizeFlowConsentDenied]: Record<string, never>;\n // More Events will go here ...\n};\n\nexport type StytchEvent<\n TProjectConfiguration extends StytchProjectConfigurationInput = Stytch.DefaultProjectConfiguration,\n> = {\n [K in StytchEventType]: { type: K; data: StytchEventMap<TProjectConfiguration>[K] };\n}[keyof StytchEventMap<TProjectConfiguration>];\n\n/**\n * Optional callbacks that are triggered by various events in the SDK. See more details about the callbacks\n * {@link https://stytch.com/docs/sdks/javascript-sdk#resources_ui-callbacks here}.\n */\nexport type Callbacks<\n TProjectConfiguration extends StytchProjectConfigurationInput = Stytch.DefaultProjectConfiguration,\n> = {\n /**\n * A callback function that responds to errors in the SDK. It is useful for debugging during development\n * and error handling in production.\n *\n * @param error - the error from the SDK with an additional error message\n */\n onError?(error: StytchSDKUIError): void;\n /**\n * A callback function that responds to events sent from the SDK. For the full list of events see the\n * {@link StytchEvent StytchEvent}\n *\n * @param event - the event fired by the SDK\n */\n onEvent?(event: StytchEvent<TProjectConfiguration>): void;\n};\n\nexport type OneTapStyleConfig = {\n position?: OneTapPositions;\n};\n\nexport enum RNUIProducts {\n emailMagicLinks,\n oauth,\n otp,\n passwords,\n}\n\nexport type RNUIEmailMagicLinksOptions = {\n loginExpirationMinutes?: number;\n signupExpirationMinutes?: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\nexport type RNUIOAuthOptions = {\n providers: OAuthProviders[] | ProvidersOptions;\n /** @deprecated Use custom_scopes in ProvidersOptions instead */\n customScopes?: string[];\n /** @deprecated Use provider_params in ProvidersOptions instead */\n providerParams?: Record<string, string>;\n};\n\nexport type RNUIOTPOptions = {\n methods: OTPMethods[];\n expirationMinutes: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\nexport type RNUIPasswordOptions = {\n loginExpirationMinutes?: number;\n resetPasswordExpirationMinutes?: number;\n resetPasswordTemplateId?: string;\n locale?: string;\n};\n\nexport type RNUIProductConfig = {\n products: RNUIProducts[];\n emailMagicLinksOptions: RNUIEmailMagicLinksOptions;\n oAuthOptions: RNUIOAuthOptions;\n otpOptions: RNUIOTPOptions;\n sessionOptions: SessionOptions;\n passwordOptions: RNUIPasswordOptions;\n};\n","import { AnalyticsEvent } from './Events';\nimport { ResponseCommon, StytchAPIError, StytchAPISchemaError, StytchAPIUnreachableError } from './public';\n\ntype SDKRequestMethodAndBody =\n | {\n method: 'GET' | 'DELETE';\n body?: null;\n }\n | {\n method: 'POST' | 'PUT';\n body?: Record<string, unknown>;\n };\n\nexport type SDKRequestInfo = SDKRequestMethodAndBody & {\n url: string;\n additionalMetadata?: Record<string, string>;\n};\n\nexport interface SDKTelemetry {\n event_id: string;\n app_session_id: string;\n persistent_id: string;\n client_sent_at: string;\n timezone: string;\n\n // Logged in user data\n // Why don't we generate this from the session_token in the auth header?\n // - We don't want to tie analytics ingest to session validation. There's no need to put\n // that kind of pressure on API, and ingest could be moved to somewhere that doesn't\n // have the ability to validate tokens\n // - For bulk event batches, we want to keep track of whether or not a user was logged\n // in at each event. If we have 10 events, the user logs in at event 5, then they'll have\n // a token when they log the batch, but we want to know that they were not logged in for the\n // first 4 events\n\n // Versioning\n app: {\n identifier: string;\n version?: string;\n };\n os?: {\n identifier?: string;\n version?: string;\n };\n device?: {\n model?: string;\n screen_size?: string;\n };\n sdk: {\n identifier: string;\n version: string;\n };\n}\n\nexport type AdditionalTelemetryData =\n | { stytch_user_id?: string; stytch_session_id?: string }\n | { stytch_member_id?: string; stytch_member_session_id?: string };\n\nexport interface INetworkClient {\n createTelemetryBlob(additionalMetadata?: SDKRequestInfo['additionalMetadata']): SDKTelemetry;\n\n fetchSDK: <T extends ResponseCommon>(info: SDKRequestInfo) => Promise<T>;\n\n retriableFetchSDK: <T extends ResponseCommon>(info: RetriableSDKRequestInfo) => Promise<T>;\n\n logEvent<E extends AnalyticsEvent>({\n name,\n details,\n error,\n }: {\n name: E['name'];\n details: E['details'];\n error?: { error_code?: string; error_description?: string; http_status_code?: string };\n }): void;\n\n // @deprecated Use the new sessions.updateSession() method instead\n updateSessionToken: (sessionToken: string | null) => void;\n}\n\nexport type RetriableSDKRequestInfo = SDKRequestInfo & {\n retryCallback: (e: RetriableError, info: SDKBaseRequestInfo) => Promise<SDKBaseRequestInfo>;\n};\n\nexport type RetriableSDKBaseRequestInfo = SDKBaseRequestInfo & {\n retryCallback: (e: RetriableError, info: SDKBaseRequestInfo) => Promise<SDKBaseRequestInfo>;\n};\n\nexport enum RetriableErrorType {\n RequiredCaptcha = 'CAPTCHA required',\n}\n\nexport class RetriableError extends Error {\n type: RetriableErrorType;\n\n constructor(type: RetriableErrorType) {\n super(type);\n this.type = type;\n }\n}\n\nexport async function retriableFetchSDK<T extends ResponseCommon>({\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n retryCallback,\n}: RetriableSDKBaseRequestInfo): Promise<T> {\n let req: SDKBaseRequestInfo = {\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n };\n\n try {\n return await baseFetchSDK<T>(req);\n } catch (err) {\n if (err instanceof RetriableError) {\n req = await retryCallback(err, req);\n return await baseFetchSDK<T>(req);\n }\n throw err;\n }\n}\n\nexport type SDKBaseRequestInfo = {\n basicAuthHeader: string;\n xSDKClientHeader: string;\n xSDKParentHostHeader?: string;\n body: SDKRequestInfo['body'];\n method: SDKRequestInfo['method'];\n finalURL: string;\n};\n\nexport async function baseFetchSDK<T extends ResponseCommon>({\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n}: SDKBaseRequestInfo): Promise<T> {\n const headers: Record<string, string> = {\n Authorization: basicAuthHeader,\n 'Content-Type': 'application/json',\n 'X-SDK-Client': xSDKClientHeader,\n };\n\n if (xSDKParentHostHeader) {\n headers['X-SDK-Parent-Host'] = xSDKParentHostHeader;\n }\n\n const fetchOpts: RequestInit = {\n method,\n headers,\n body: body && JSON.stringify(body),\n credentials: 'include',\n };\n\n let resp;\n try {\n resp = await fetch(finalURL, fetchOpts);\n /* eslint-disable @typescript-eslint/no-explicit-any */\n } catch (e: any) {\n if (e.message === 'Failed to fetch') {\n throw new StytchAPIUnreachableError('Unable to contact our servers.');\n }\n throw e;\n }\n\n // We only return 200 from WB endpoints, but just in case let's accept all 2xx errors\n if (resp.status <= 299) {\n try {\n const respData = await resp.json();\n return respData.data;\n } catch {\n throw new StytchAPIUnreachableError('Invalid JSON response from our servers.');\n }\n }\n\n // 99% of errors will be well-formed JSON errors with an appropriate content-type set\n if (resp.status !== 200 && resp.headers.get('content-type')?.includes('application/json')) {\n let respError;\n try {\n respError = await resp.json();\n } catch {\n // Error was not JSON- but the content type said it was! This means the server lied to us, which it should never do...\n throw new StytchAPIUnreachableError('Invalid or no response from server');\n }\n // If this looks like a JSONSchema validation error, it probably means the caller isn't using\n // typescript and gave us a bad type.\n if ('body' in respError || 'params' in respError || 'query' in respError) {\n throw new StytchAPISchemaError(respError);\n }\n throw new StytchAPIError(respError);\n }\n\n // Finally handle the other 1% of errors (Captcha errors, network errors, 503s, etc.)\n let respData;\n try {\n respData = await resp.text();\n } catch {\n throw new StytchAPIUnreachableError('Invalid response from our servers.');\n }\n if (respData.includes('Captcha required')) {\n throw new RetriableError(RetriableErrorType.RequiredCaptcha);\n }\n throw new StytchAPIUnreachableError('Invalid response from our servers.');\n}\n\nexport async function baseSubmitFormSDK({\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n}: SDKBaseRequestInfo): Promise<void> {\n const bodyParams = (body || {}) as Record<string, string>;\n const finalBody: Record<string, string> = {\n ...bodyParams,\n __Authorization: basicAuthHeader,\n '__X-SDK-Client': xSDKClientHeader,\n };\n\n if (xSDKParentHostHeader) {\n finalBody['__X-SDK-Parent-Host'] = xSDKParentHostHeader;\n }\n\n const children: HTMLInputElement[] = Object.entries(finalBody).map(([key, value]) => {\n const input = document.createElement('input');\n input.type = 'hidden';\n input.name = key;\n input.value = value;\n return input;\n });\n\n const form = document.createElement('form');\n form.method = method;\n form.action = finalURL;\n form.append(...children);\n\n document.body.appendChild(form);\n form.submit();\n}\n","// Unique ID creation requires a high quality random # generator. In the browser we therefore\n// require the crypto API and do not support built-in fallback to lower quality random number\n// generators (like Math.random()).\nvar getRandomValues;\nvar rnds8 = new Uint8Array(16);\nexport default function rng() {\n // lazy load so that environments that need to polyfill have a chance to do so\n if (!getRandomValues) {\n // getRandomValues needs to be invoked in a context where \"this\" is a Crypto implementation. Also,\n // find the complete implementation of crypto (msCrypto) on IE11.\n getRandomValues = typeof crypto !== 'undefined' && crypto.getRandomValues && crypto.getRandomValues.bind(crypto) || typeof msCrypto !== 'undefined' && typeof msCrypto.getRandomValues === 'function' && msCrypto.getRandomValues.bind(msCrypto);\n\n if (!getRandomValues) {\n throw new Error('crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported');\n }\n }\n\n return getRandomValues(rnds8);\n}","import validate from './validate.js';\n/**\n * Convert array of 16 byte values to UUID string format of the form:\n * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\n */\n\nvar byteToHex = [];\n\nfor (var i = 0; i < 256; ++i) {\n byteToHex.push((i + 0x100).toString(16).substr(1));\n}\n\nfunction stringify(arr) {\n var offset = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : 0;\n // Note: Be careful editing this code! It's been tuned for performance\n // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434\n var uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID. If this throws, it's likely due to one\n // of the following:\n // - One or more input array values don't map to a hex octet (leading to\n // \"undefined\" in the uuid)\n // - Invalid input values for the RFC `version` or `variant` fields\n\n if (!validate(uuid)) {\n throw TypeError('Stringified UUID is invalid');\n }\n\n return uuid;\n}\n\nexport default stringify;","export default /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i;","import rng from './rng.js';\nimport stringify from './stringify.js';\n\nfunction v4(options, buf, offset) {\n options = options || {};\n var rnds = options.random || (options.rng || rng)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`\n\n rnds[6] = rnds[6] & 0x0f | 0x40;\n rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided\n\n if (buf) {\n offset = offset || 0;\n\n for (var i = 0; i < 16; ++i) {\n buf[offset + i] = rnds[i];\n }\n\n return buf;\n }\n\n return stringify(rnds);\n}\n\nexport default v4;","import REGEX from './regex.js';\n\nfunction validate(uuid) {\n return typeof uuid === 'string' && REGEX.test(uuid);\n}\n\nexport default validate;","export const getHttpsUrl = (urlOrDomain: string) => {\n // If it's already a valid URL, extract the domain\n try {\n const url = new URL(urlOrDomain);\n return `https://${url.hostname}`;\n } catch {\n // invalid URLs are OK\n }\n\n // Prepend a scheme and verify it's a valid URL\n try {\n const url = new URL(`https://${urlOrDomain}`);\n return `https://${url.hostname}`;\n } catch {\n // Invalid URL, fallback to undefined\n }\n\n // Input was neither a valid URL nor a valid domain\n return undefined;\n};\n","/**\n * A set of tokens to stylize the console.log output\n * First token is the raw text. %c is a placeholder for string formatting\n * Second token starts our stylizing - adding custom color and background\n * Third token resets stylizing to baseline before showing the rest of the content.\n */\nconst STYTCH_BADGE =\n process.env.NODE_ENV === 'production'\n ? ['[Stytch]']\n : ['%c[Stytch]%c', 'background: #19303d; color: #13E5C0; padding: 2px;border-radius: 4px', ''];\n\n// Turn this to true to enable debug logs\n// TODO: Make this an env var\nconst DEBUG = false;\n\n/* eslint-disable no-console */\n/* eslint-disable @typescript-eslint/no-explicit-any */\n\n/**\n * An ultralightweight wrapper around console.log.\n * In the future, the logger might be passed in from the customer,\n * or the level might be configurable.\n */\nexport const logger = {\n debug: (...args: any[]) => DEBUG && console.log(...STYTCH_BADGE, ...args),\n log: (...args: any[]) => console.log(...STYTCH_BADGE, ...args),\n warn: (...args: any[]) => console.warn(...STYTCH_BADGE, ...args),\n error: (...args: any[]) => console.error(...STYTCH_BADGE, ...args),\n};\n\n/* eslint-enable @typescript-eslint/no-explicit-any */\n/* eslint-enable no-console */\n","import { logger } from './logger';\n\nconst trailer = `\nYou can find your public token at https://stytch.com/dashboard/api-keys.`;\nexport const checkPublicToken = (publicToken: unknown) => {\n if (typeof publicToken !== 'string') {\n logger.warn(`Public token is malformed. Expected a string, got ${typeof publicToken}.${trailer}`);\n } else if (publicToken === '') {\n logger.warn(`Public token is malformed. Expected \"public-token-...\", got an empty string.${trailer}`);\n } else if (!publicToken.startsWith('public-token-')) {\n logger.warn(`Public token is malformed. Expected \"public-token-...\", got ${publicToken}.${trailer}`);\n }\n};\n\nexport const checkNotSSR = () => {\n if (typeof window === 'undefined') {\n throw new Error(\n `\\`new StytchClient()\\` is not supported in server environments. If using @stytch/react or @stytch/nextjs, use \\`createStytchClient()\\` instead.`,\n );\n }\n};\n\nexport const checkB2BNotSSR = () => {\n if (typeof window === 'undefined') {\n throw new Error(\n `\\`new StytchB2BClient()\\` is not supported in server environments. If using @stytch/react or @stytch/nextjs, use \\`createStytchB2BClient()\\` instead.`,\n );\n }\n};\n","const ModulePromiseCache: Record<string, Promise<unknown>> = {};\n\nexport const __clearcache = () => Object.keys(ModulePromiseCache).forEach((key) => delete ModulePromiseCache[key]);\n\nexport async function loadESModule<T>(url: string, moduleFromGlobalScope: () => T): Promise<T> {\n if (ModulePromiseCache[url] !== undefined) {\n return ModulePromiseCache[url] as Promise<T>;\n }\n\n ModulePromiseCache[url] = loadESModuleFromNetwork(url, moduleFromGlobalScope);\n return ModulePromiseCache[url] as Promise<T>;\n}\n\nfunction loadESModuleFromNetwork<T>(url: string, moduleFromGlobalScope: () => T): Promise<T> {\n return new Promise((resolve, reject) => {\n const maybeScript = findScript(url);\n if (maybeScript && maybeScript.dataset.loaded === 'true') {\n try {\n resolve(moduleFromGlobalScope());\n } catch (err) {\n return reject(new Error(`${url} already loaded, but module was not found in global scope: ${err}`));\n }\n }\n\n const script = createScript(url);\n\n script.addEventListener('load', () => {\n script.dataset.loaded = 'true';\n try {\n resolve(moduleFromGlobalScope());\n } catch (err) {\n reject(new Error(`${url} was loaded, but module was not found in global scope: ${err}`));\n }\n });\n\n script.addEventListener('error', (err) => {\n reject(new Error(`${url} could not be loaded: ${err}`));\n });\n });\n}\n\nconst findScriptsInDom = (url: string) => document.querySelectorAll<HTMLScriptElement>(`script[src=\"${url}\"]`);\n\nfunction findScript(url: string): HTMLScriptElement | undefined {\n const scripts = findScriptsInDom(url);\n if (scripts[0]) {\n return scripts[0];\n }\n}\n\nfunction createScript(url: string): HTMLScriptElement {\n const script = document.createElement('script');\n script.setAttribute('src', url);\n script.setAttribute('async', 'true');\n script.setAttribute('defer', 'true');\n document.head.appendChild(script);\n return script;\n}\n","import { RetriableError, RetriableErrorType, SDKBaseRequestInfo } from './NetworkClient';\nimport { BootstrapData } from './types';\nimport { loadESModule } from './utils';\n\ndeclare global {\n // The telemetry.js script will set a global function called GetTelemetryID on the window\n // object. This interface is allows us to call that function while pleasing the TypeScript\n // compiler.\n interface Window {\n GetTelemetryID: (publicToken: string, submitURL: string) => Promise<string>;\n }\n}\n\nconst loadTelemetryJS = (domain: string) => loadESModule(`${domain}/telemetry.js`, () => window.GetTelemetryID);\n\nexport type DFPProtectedAuthMode = 'OBSERVATION' | 'DECISIONING';\n\nexport type DFPProtectedAuthState = {\n publicToken: string;\n dfpBackendURL: string;\n mode?: DFPProtectedAuthMode;\n enabled: boolean;\n loaded: boolean;\n executeRecaptcha: () => Promise<string | undefined>;\n};\n\nexport class DFPProtectedAuthProvider {\n private state: Promise<DFPProtectedAuthState>;\n constructor(\n publicToken: string,\n dfpBackendURL: string,\n dfpCdnDomain: string,\n private bootstrapPromise: Promise<BootstrapData>,\n executeRecaptcha: () => Promise<string | undefined> = () => Promise.resolve(undefined),\n ) {\n this.state = bootstrapPromise.then(async (bootstrapData) => {\n if (!bootstrapData.runDFPProtectedAuth) {\n return { publicToken, dfpBackendURL, enabled: false, loaded: false, executeRecaptcha };\n }\n await loadTelemetryJS(dfpCdnDomain);\n return {\n publicToken,\n dfpBackendURL,\n enabled: true,\n mode: bootstrapData.dfpProtectedAuthMode || 'OBSERVATION',\n loaded: true,\n executeRecaptcha,\n };\n });\n }\n\n isEnabled = async (): Promise<boolean> => {\n return this.state.then((state) => state.enabled);\n };\n\n getTelemetryID = async (): Promise<string | undefined> => {\n const { publicToken, enabled, dfpBackendURL } = await this.state;\n if (!enabled) {\n return undefined;\n }\n return await window.GetTelemetryID(publicToken, `${dfpBackendURL}/submit`);\n };\n\n getDFPTelemetryIDAndCaptcha = async (): Promise<{ dfp_telemetry_id?: string; captcha_token?: string }> => {\n const { enabled, executeRecaptcha, mode } = await this.state;\n\n let dfp_telemetry_id: string | undefined = undefined;\n let captcha_token: string | undefined = undefined;\n if (!enabled) {\n captcha_token = await executeRecaptcha();\n }\n if (mode === 'DECISIONING') {\n dfp_telemetry_id = await this.getTelemetryID();\n } else if (mode === 'OBSERVATION') {\n dfp_telemetry_id = await this.getTelemetryID();\n captcha_token = await executeRecaptcha();\n }\n return { dfp_telemetry_id, captcha_token };\n };\n\n retryWithCaptchaAndDFP = async (e: RetriableError, req: SDKBaseRequestInfo): Promise<SDKBaseRequestInfo> => {\n const { enabled, executeRecaptcha } = await this.state;\n if (e.type === RetriableErrorType.RequiredCaptcha && enabled) {\n if (req.body) {\n req.body.dfp_telemetry_id = await this.getTelemetryID();\n req.body.captcha_token = await executeRecaptcha();\n }\n return req;\n }\n throw new Error('Unable to query captcha and/or dfp telemetry ID');\n };\n}\n\nexport const DisabledDFPProtectedAuthProvider = () => ({\n isEnabled: async () => false,\n getTelemetryID: async () => undefined,\n getDFPTelemetryIDAndCaptcha: async () => ({\n dfp_telemetry_id: undefined,\n captcha_token: undefined,\n }),\n retryWithCaptchaAndDFP: async () => {\n throw new Error('DFP protected auth is disabled');\n },\n});\n\nexport interface IDFPProtectedAuthProvider {\n isEnabled(): Promise<boolean>;\n getTelemetryID(): Promise<string | undefined>;\n retryWithCaptchaAndDFP(e: RetriableError, req: SDKBaseRequestInfo): Promise<SDKBaseRequestInfo>;\n getDFPTelemetryIDAndCaptcha(): Promise<{ dfp_telemetry_id?: string; captcha_token?: string }>;\n}\n","import {\n SDKAPIUnreachableError,\n StytchAPIError,\n StytchAPISchemaError,\n StytchAPIUnreachableError,\n StytchSDKAPIError,\n StytchSDKSchemaError,\n} from './public';\n\n/**\n * Some errors are thrown from inside an iframe, but we can't serialize them\n * to the parent in Webkit. This class handles restoring marshalled errors\n * to their original form.\n * It preserves the error instance/class constructor by inspecting err.name\n * and calling `new` on the matching constructor.\n */\nexport class ErrorMarshaller {\n static inflate<T extends new (...any: never[]) => Error>(ErrorClass: T, ErrorData: Record<string, unknown>): Error {\n // !!HACK!!\n // We make the assumption that if the error takes in a required property\n // (StytchAPIError takes in an APIDetails obj...)\n // that we can just pass in the error body itself to satisfy the constructor...\n // And if the types don't work out, Object.assign(...) copies everything over anyway\n // This is a brittle and weak assumption.\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n const err = new ErrorClass(ErrorData);\n Object.assign(err, ErrorData);\n Object.setPrototypeOf(err, ErrorClass.prototype);\n return err as Error;\n }\n\n static unmarshall(error: Record<string, unknown>): Error {\n if ('name' in error) {\n switch (error.name) {\n case 'SDKAPIUnreachableError':\n return ErrorMarshaller.inflate(SDKAPIUnreachableError, error);\n case 'StytchSDKSchemaError':\n return ErrorMarshaller.inflate(StytchSDKSchemaError, error);\n case 'StytchAPIUnreachableError':\n return ErrorMarshaller.inflate(StytchAPIUnreachableError, error);\n case 'StytchAPISchemaError':\n return ErrorMarshaller.inflate(StytchAPISchemaError, error);\n case 'StytchSDKAPIError':\n return ErrorMarshaller.inflate(StytchSDKAPIError, error);\n case 'StytchAPIError':\n return ErrorMarshaller.inflate(StytchAPIError, error);\n case 'TypeError':\n return ErrorMarshaller.inflate(TypeError, error);\n case 'SyntaxError':\n return ErrorMarshaller.inflate(SyntaxError, error);\n case 'ReferenceError':\n return ErrorMarshaller.inflate(ReferenceError, error);\n case 'RangeError':\n return ErrorMarshaller.inflate(RangeError, error);\n case 'EvalError':\n return ErrorMarshaller.inflate(EvalError, error);\n case 'URIError':\n return ErrorMarshaller.inflate(URIError, error);\n }\n }\n return ErrorMarshaller.inflate(Error, error);\n }\n}\n","import { SDKTelemetry } from './NetworkClient';\n\nexport const DEFAULT_MAX_BATCH_SIZE = 15;\nexport const DEFAULT_INTERVAL_DURATION_MS = 800;\n\ntype EventLoggerArgs = {\n maxBatchSize: number;\n intervalDurationMs: number;\n logEventURL: string;\n};\n\nexport class EventLogger {\n private maxBatchSize: number;\n private logEventURL: string;\n private batch: Record<string, unknown>[];\n\n constructor(args: EventLoggerArgs) {\n this.maxBatchSize = args.maxBatchSize;\n this.logEventURL = args.logEventURL;\n // TODO: If we create more than one of these, we'll want a mechanism to clean up the intervals\n setInterval(this.flush.bind(this), args.intervalDurationMs);\n this.batch = [];\n }\n\n logEvent(telemetry: SDKTelemetry, event: Record<string, unknown>) {\n this.batch.push({ telemetry, event });\n if (this.batch.length >= this.maxBatchSize) {\n this.flush();\n }\n }\n\n async flush() {\n if (!this.batch.length) {\n return;\n }\n const batchToSubmit = this.batch;\n this.batch = [];\n try {\n await fetch(this.logEventURL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(batchToSubmit),\n });\n } catch {\n // Silently ignore fetch errors\n }\n }\n}\n","import { StytchSDKUsageError } from '../public';\n\n/**\n * This function and its parameter is stripped in production builds using rollup plugin.\n * NOTE: Be careful when wrapping render function return values. React before v18 do not allow undefined\n * to be returned, so wrapping the entire return value will crash those runtimes.\n */\nexport const DEV = <T>(input: T): T | undefined => input;\n\n/**\n * This function is stripped in production builds using rollup plugin. Useful for adding\n * logging or validation in dev only\n */\nexport function RUN_IN_DEV(callback: () => void) {\n callback();\n}\n\nexport type ValidateRule =\n | 'object'\n | 'optionalObject'\n | 'string'\n | 'optionalString'\n | 'number'\n | 'optionalNumber'\n | 'stringArray'\n | 'optionalStringArray'\n | 'boolean'\n | 'optionalBoolean';\n\nexport const validateInDev = <T extends Record<string, unknown>>(\n methodName: string,\n obj: T,\n rules: Partial<Record<keyof T, ValidateRule>>,\n) => {\n const errors: StytchSDKUsageError[] = [];\n for (const [key, rule] of Object.entries(rules)) {\n if (rule == null) continue;\n\n const val = obj[key];\n if (rule.startsWith('optional') && val == null) continue;\n\n switch (rule) {\n case 'object':\n case 'optionalObject': {\n const isObject = typeof val === 'object' && !Array.isArray(val) && val !== null;\n if (!isObject) {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be an object.`));\n }\n break;\n }\n\n case 'string':\n case 'optionalString':\n if (typeof val !== 'string') {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be a string.`));\n }\n break;\n\n case 'number':\n case 'optionalNumber':\n if (typeof val !== 'number') {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be a number.`));\n }\n break;\n\n case 'stringArray':\n case 'optionalStringArray':\n if (!Array.isArray(val) || !val.every((str) => typeof str === 'string')) {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be an array of strings.`));\n }\n break;\n\n case 'boolean':\n case 'optionalBoolean':\n if (typeof val !== 'boolean') {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be a boolean.`));\n }\n break;\n }\n }\n\n if (errors.length > 0) {\n if (errors.length === 1) {\n throw errors[0];\n } else {\n throw new AggregateError(errors);\n }\n }\n};\n","import { IB2BSubscriptionService, INetworkClient } from '../..';\nimport {\n B2BDiscoveryIntermediateSessionsExchangeOptions,\n B2BDiscoveryIntermediateSessionsExchangeResponse,\n B2BDiscoveryOrganizationsCreateOptions,\n B2BDiscoveryOrganizationsCreateResponse,\n B2BDiscoveryOrganizationsResponse,\n IHeadlessB2BDiscoveryClient,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BDiscoveryClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BDiscoveryClient<TProjectConfiguration>\n{\n organizations: {\n list: () => Promise<B2BDiscoveryOrganizationsResponse>;\n create: (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ) => Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>;\n };\n\n intermediateSessions: {\n exchange: (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ) => Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.organizations = {\n list: async () =>\n this._networkClient.fetchSDK<B2BDiscoveryOrganizationsResponse>({\n url: '/b2b/discovery/organizations',\n body: {\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n method: 'POST',\n }),\n create: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ): Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.organizations.create', data, {\n session_duration_minutes: 'number',\n organization_name: 'optionalString',\n organization_slug: 'optionalString',\n organization_logo_url: 'optionalString',\n sso_jit_provisioning: 'optionalString',\n email_allowed_domains: 'optionalStringArray',\n email_invites: 'optionalString',\n auth_methods: 'optionalString',\n allowed_auth_methods: 'optionalStringArray',\n mfa_policy: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n };\n\n return this._networkClient.fetchSDK<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/organizations/create',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n\n this.intermediateSessions = {\n exchange: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ): Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.intermediateSessions.exchange', data, {\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.fetchSDK<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/intermediate_sessions/exchange',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n }\n}\n","import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BOAuthAuthorizeStartOptions,\n B2BOAuthAuthorizeStartResponse,\n B2BOAuthAuthorizeSubmitOptions,\n B2BOAuthAuthorizeSubmitResponse,\n B2BOAuthLogoutStartOptions,\n B2BOAuthLogoutStartResponse,\n IHeadlessB2BIDPClient,\n} from '../../public/b2b/idp';\n\nexport class HeadlessB2BIDPClient implements IHeadlessB2BIDPClient {\n constructor(private _networkClient: INetworkClient) {}\n\n /**\n * Initiates a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request. This endpoint validates various fields (scope, client_id, redirect_uri, prompt, etc...) are correct and returns relevant information for rendering an OAuth Consent Screen.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeStart({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeStart = async (data: B2BOAuthAuthorizeStartOptions): Promise<B2BOAuthAuthorizeStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeStartResponse>({\n url: '/idp/b2b/oauth/authorize/start',\n method: 'POST',\n body: data,\n });\n\n /**\n * Completes a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request, after previously validating those parameters using the Preflight Check API. Note that this endpoint takes in a few additional parameters the preflight check does not- state, nonce, and code_challenge.\n *\n * If the authorization was successful, the redirect_uri will contain a valid authorization_code embedded as a query parameter. If the authorization was unsuccessful, the redirect_uri will contain an OAuth2.1 error_code. In both cases, redirect the Member to the location for the response to be consumed by the Connected App.\n *\n * Exactly one of the following must be provided to identify the Member granting authorization:\n * organization_id + member_id\n * session_token\n * session_jwt\n *\n * If a session_token or session_jwt is passed, the OAuth Authorization will be linked to the Member's session for tracking purposes. One of these fields must be used if the Connected App intends to complete the Exchange Access Token flow.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeSubmit({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeSubmit = async (data: B2BOAuthAuthorizeSubmitOptions): Promise<B2BOAuthAuthorizeSubmitResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeSubmitResponse>({\n url: '/idp/b2b/oauth/authorize/submit',\n method: 'POST',\n body: data,\n });\n\n oauthLogoutStart = async (data: B2BOAuthLogoutStartOptions): Promise<B2BOAuthLogoutStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthLogoutStartResponse>({\n url: `/b2b/oauth/logout/start`,\n method: 'POST',\n body: data,\n });\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BImpersonationAuthenticateOptions,\n B2BImpersonationAuthenticateResponse,\n IHeadlessB2BImpersonationClient,\n} from '../../public/b2b/impersonation';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BImpersonationClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BImpersonationClient<TProjectConfiguration>\n{\n authenticate: (\n data: B2BImpersonationAuthenticateOptions,\n ) => Promise<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (data: B2BImpersonationAuthenticateOptions) => {\n validateInDev('stytch.impersonation.authenticate', data, {\n impersonation_token: 'string',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/impersonation/authenticate',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n}\n","import { DisabledDFPProtectedAuthProvider, IDFPProtectedAuthProvider } from '../../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../../NetworkClient';\nimport { IPKCEManager } from '../../PKCEManager';\nimport {\n B2BMagicLinksInviteOptions,\n B2BMagicLinksInviteResponse,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport {\n B2BMagicLinkLoginOrSignupOptions,\n B2BMagicLinkLoginOrSignupResponse,\n B2BMagicLinksAuthenticateOptions,\n B2BMagicLinksAuthenticateResponse,\n B2BMagicLinksDiscoveryAuthenticateOptions,\n B2BMagicLinksDiscoveryAuthenticateResponse,\n B2BMagicLinksEmailDiscoverySendOptions,\n B2BMagicLinksEmailDiscoverySendResponse,\n IHeadlessB2BMagicLinksClient,\n} from '../../public/b2b/magicLinks';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForEmailMagicLinks: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForEmailMagicLinks: false,\n});\n\nexport class HeadlessB2BMagicLinksClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BMagicLinksClient<TProjectConfiguration>\n{\n email: {\n invite: (data: B2BMagicLinksInviteOptions) => Promise<B2BMagicLinksInviteResponse>;\n loginOrSignup: (data: B2BMagicLinkLoginOrSignupOptions) => Promise<ResponseCommon>;\n discovery: {\n send: (data: B2BMagicLinksEmailDiscoverySendOptions) => Promise<B2BMagicLinksEmailDiscoverySendResponse>;\n };\n };\n\n authenticate: (\n data: B2BMagicLinksAuthenticateOptions,\n ) => Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ) => Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _passwordResetPKCEManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider = DisabledDFPProtectedAuthProvider(),\n ) {\n this.email = {\n invite: async (data: B2BMagicLinksInviteOptions): Promise<B2BMagicLinksInviteResponse> => {\n validateInDev('stytch.magicLinks.email.invite', data, {\n email_address: 'string',\n invite_redirect_url: 'optionalString',\n invite_template_id: 'optionalString',\n name: 'optionalString',\n locale: 'optionalString',\n roles: 'optionalStringArray',\n invite_expiration_minutes: 'optionalNumber',\n });\n\n return this._networkClient.fetchSDK<B2BMagicLinksInviteResponse>({\n url: '/b2b/magic_links/email/invite',\n body: data,\n method: 'POST',\n });\n },\n loginOrSignup: async (data: B2BMagicLinkLoginOrSignupOptions): Promise<ResponseCommon> => {\n validateInDev('stytch.magicLinks.email.loginOrSignup', data, {\n email_address: 'string',\n organization_id: 'string',\n login_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n signup_redirect_url: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n };\n return this._networkClient.fetchSDK<B2BMagicLinkLoginOrSignupResponse>({\n url: '/b2b/magic_links/email/login_or_signup',\n body: requestBody,\n method: 'POST',\n });\n },\n discovery: {\n send: async (\n data: B2BMagicLinksEmailDiscoverySendOptions,\n ): Promise<B2BMagicLinksEmailDiscoverySendResponse> => {\n validateInDev('stytch.magicLinks.email.discovery.send', data, {\n email_address: 'string',\n discovery_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BMagicLinksEmailDiscoverySendResponse>({\n url: '/b2b/magic_links/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n },\n };\n\n this.authenticate = this._subscriptionService.withUpdateSession(async (data: B2BMagicLinksAuthenticateOptions) => {\n validateInDev('stytch.magicLinks.authenticate', data, {\n magic_links_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n // When a user resets their password with PKCE turned on, they create a pkPair in the 'passwords' namespace.\n // However, when the user gets the reset password email, they have the option to log in without a password.\n // This redirects them to the magic link authenticate flow, which automatically looks for the pkce code_verifier\n // in the 'magic_links' namespace, breaking the flow. Unfortunately we won't know for sure in the eml authenticate call\n // whether or not the user is coming from a password reset flow. To handle this, we have to try to authenticate with\n // both the 'passwords' and 'magic_links' code_verifiers.\n const passwordResetPKPair = await this._passwordResetPKCEManager.getPKPair();\n\n let resp: B2BMagicLinksAuthenticateResponse<TProjectConfiguration> | null = null;\n\n if (passwordResetPKPair?.code_verifier) {\n try {\n resp = await this.handlePKCEForAuthenticate(this._passwordResetPKCEManager, data);\n } catch (e) {\n if ((e as Error).message.includes('pkce')) {\n // If pkce-related error, fall back to magic links code_verifier\n // eslint-disable-next-line no-console\n console.log(\n 'Authenticate with passwords pkce namespace failed. Falling back to authenticate with magic_links namespace.',\n );\n } else {\n throw e;\n }\n }\n }\n\n if (!resp) {\n resp = await this.handlePKCEForAuthenticate(this._pkceManager, data);\n }\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ): Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.magicLinks.discovery.authenticate', data, {\n discovery_magic_links_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/magic_links/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n if (!pkceRequiredForEmailMagicLinks) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n private async handlePKCEForAuthenticate(\n pkceManager: IPKCEManager,\n data: B2BMagicLinksAuthenticateOptions,\n ): Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>> {\n const pkPair = await pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/magic_links/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n pkceManager.clearPKPair();\n\n return resp;\n }\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient, IPKCEManager } from '../..';\nimport {\n B2BOAuthAuthenticateOptions,\n B2BOAuthAuthenticateResponse,\n B2BOAuthDiscoveryAuthenticateResponse,\n B2BOAuthDiscoveryStartOptions,\n IHeadlessB2BOAuthClient,\n OAuthDiscoveryAuthenticateOptions,\n OAuthStartOptions,\n} from '../../public/b2b/oauth';\nimport { B2BOAuthProviders } from '../../public/b2b/ui';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { isTestPublicToken, logger } from '../../utils';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n cnameDomain: null | string;\n pkceRequiredForOAuth: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport class HeadlessB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOAuthClient<TProjectConfiguration>\n{\n authenticate: (options: B2BOAuthAuthenticateOptions) => Promise<B2BOAuthAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: OAuthDiscoveryAuthenticateOptions,\n ) => Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n google: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n microsoft: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n hubspot: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n slack: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n github: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n protected _pkceManager: IPKCEManager,\n protected _dynamicConfig: DynamicConfig,\n protected _config: Config,\n protected dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(async (options: B2BOAuthAuthenticateOptions) => {\n validateInDev('stytch.oauth.authenticate', options, {\n oauth_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const keyPair = await this._pkceManager.getPKPair();\n\n if (!keyPair) {\n logger.warn(\n 'No code verifier found in local storage for OAuth flow.\\n' +\n 'Consider using stytch.oauth.$provider.start() to add PKCE to your OAuth flows for added security.\\n' +\n 'See https://stytch.com/docs/oauth#guides_pkce for more information.',\n );\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const resp = await this._networkClient.retriableFetchSDK<B2BOAuthAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/oauth/authenticate',\n method: 'POST',\n body: {\n pkce_code_verifier: keyPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...options,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: OAuthDiscoveryAuthenticateOptions,\n ): Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.oauth.discovery.authenticate', data, {\n discovery_oauth_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/oauth/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n\n this.google = {\n start: this.startOAuthFlow(B2BOAuthProviders.Google),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Google),\n },\n };\n\n this.microsoft = {\n start: this.startOAuthFlow(B2BOAuthProviders.Microsoft),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Microsoft),\n },\n };\n\n this.hubspot = {\n start: this.startOAuthFlow(B2BOAuthProviders.HubSpot),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.HubSpot),\n },\n };\n\n this.slack = {\n start: this.startOAuthFlow(B2BOAuthProviders.Slack),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Slack),\n },\n };\n\n this.github = {\n start: this.startOAuthFlow(B2BOAuthProviders.GitHub),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.GitHub),\n },\n };\n }\n\n protected async getBaseApiUrl() {\n const { cnameDomain } = await this._dynamicConfig;\n if (cnameDomain) {\n // The API returns cname domains without a protocol - assume HTTPS\n return `https://${cnameDomain}`;\n }\n // Our TestAPIURL and LiveAPIURL should have the HTTPS protocol already attached\n // Don't add it twice!\n if (isTestPublicToken(this._config.publicToken)) {\n return this._config.testAPIURL;\n }\n return this._config.liveAPIURL;\n }\n\n protected startOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: OAuthStartOptions): Promise<void> => {\n const {\n organization_id,\n organization_slug,\n login_redirect_url,\n signup_redirect_url,\n custom_scopes,\n provider_params,\n } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (organization_id && organization_id != '') {\n startUrl.searchParams.set('organization_id', organization_id);\n }\n\n if (organization_slug && organization_slug != '') {\n startUrl.searchParams.set('slug', organization_slug);\n }\n\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (login_redirect_url) startUrl.searchParams.set('login_redirect_url', login_redirect_url);\n if (signup_redirect_url) startUrl.searchParams.set('signup_redirect_url', signup_redirect_url);\n\n this.navigate(startUrl);\n };\n }\n\n protected startDiscoveryOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: B2BOAuthDiscoveryStartOptions): Promise<void> => {\n const { discovery_redirect_url, custom_scopes, provider_params } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/discovery/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (discovery_redirect_url) {\n startUrl.searchParams.set('discovery_redirect_url', discovery_redirect_url);\n }\n\n this.navigate(startUrl);\n };\n }\n\n // Public so it can be mocked in tests\n navigate(url: URL) {\n window.location.href = url.toString();\n }\n}\n","import { v4 as uuidv4 } from 'uuid';\n\nimport { OTPMethods, ResponseCommon, User } from '../public';\n\nexport * from './api';\nexport { arrayUtils } from './arrayUtils';\nexport type { Cacheable } from './Cacheable';\nexport * from './checks';\nexport * from './country';\nexport * from './dfp';\nexport type { EnumOrStringLiteral, StringLiteralFromEnum } from './EnumOrStringLiteral';\nexport { loadESModule } from './loadESModule';\nexport * from './logger';\n\nexport const isTestPublicToken = (token: string) => token.includes('public-token-test');\n\n/**\n * Normalizes an es5 promise with a .then(onSuccess, onFailure) signature to\n * the es6 .then().catch() signature\n */\nexport const normalizePromiseLike = <T>(prom: PromiseLike<T>): Promise<T> => {\n return new Promise<T>((resolve, reject) => {\n prom.then(resolve, reject);\n });\n};\n\nexport const createEventId = () => `event-id-${uuidv4()}`;\nexport const createAppSessionId = () => `app-session-id-${uuidv4()}`;\nexport const createPersistentId = () => `persistent-id-${uuidv4()}`;\n\nexport const isPhoneMethod = (selectionMethod: string) =>\n selectionMethod === OTPMethods.SMS || selectionMethod === OTPMethods.WhatsApp;\nexport const isEmailMethod = (selectionMethod: string) => selectionMethod === OTPMethods.Email;\n\nexport const removeResponseCommon = <T extends ResponseCommon>({\n request_id,\n\n status_code,\n ...rest\n}: T): Omit<T, keyof ResponseCommon> => rest;\n\nexport type WithUser<T> = T & { __user: User & ResponseCommon };\n\nexport const omitUser = <T extends ResponseCommon>(resp: T & { __user: User }): T => {\n const { __user, ...rest } = resp;\n return rest as unknown as T;\n};\n\nexport type Values<T extends object> = T[keyof T];\n\n// A simplified version of PartialDeep from type-fest to avoid referencing that package in exported types\ntype Primitive = null | undefined | string | number | boolean | symbol | bigint;\n\ntype _PartialDeep<T> = T extends Primitive\n ? T //\n : T extends object\n ? PartialObjectDeep<T>\n : unknown;\n\ntype PartialObjectDeep<ObjectType extends object> = {\n [KeyType in keyof ObjectType]?: _PartialDeep<ObjectType[KeyType]>;\n};\n\nexport type PartialDeep<T> = _PartialDeep<T>;\n","import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BOrganizationsDeleteResponse,\n B2BOrganizationsGetBySlugOptions,\n B2BOrganizationsGetBySlugResponse,\n B2BOrganizationsGetConnectedAppOptions,\n B2BOrganizationsGetConnectedAppResponse,\n B2BOrganizationsGetConnectedAppsResponse,\n B2BOrganizationsMemberDeleteMFAPhoneNumberResponse,\n B2BOrganizationsMemberDeleteMFATOTPResponse,\n B2BOrganizationsMemberDeletePasswordResponse,\n B2BOrganizationsMemberGetConnectedAppsOptions,\n B2BOrganizationsMemberGetConnectedAppsResponse,\n B2BOrganizationsMemberRevokeConnectedAppOptions,\n B2BOrganizationsMemberRevokeConnectedAppResponse,\n B2BOrganizationsMembersCreateOptions,\n B2BOrganizationsMembersCreateResponse,\n B2BOrganizationsMembersDeleteResponse,\n B2BOrganizationsMembersReactivateResponse,\n B2BOrganizationsMembersSearchOptions,\n B2BOrganizationsMembersSearchResponse,\n B2BOrganizationsMemberStartEmailUpdateOptions,\n B2BOrganizationsMemberStartEmailUpdateResponse,\n B2BOrganizationsMembersUpdateOptions,\n B2BOrganizationsMembersUpdateResponse,\n B2BOrganizationsMemberUnlinkRetiredEmailOptions,\n B2BOrganizationsMemberUnlinkRetiredEmailResponse,\n B2BOrganizationsUpdateOptions,\n B2BOrganizationsUpdateResponse,\n IHeadlessB2BOrganizationClient,\n MemberResponseCommon,\n Organization,\n OrganizationInfo,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BOrganizationClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOrganizationClient\n{\n constructor(\n private _networkClient: INetworkClient,\n private _apiNetworkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {}\n\n get = async (): Promise<Organization | null> => {\n const resp = await this._networkClient.fetchSDK<{ organization: Organization } & ResponseCommon>({\n url: `/b2b/organizations/me`,\n method: 'GET',\n });\n this._subscriptionService.updateOrganization(resp.organization);\n return resp.organization;\n };\n\n getSync = (): Organization | null => {\n return this._subscriptionService.getOrganization();\n };\n\n getInfo = (): OrganizationInfo => ({\n organization: this.getSync(),\n fromCache: this._subscriptionService.getFromCache(),\n });\n\n onChange = (callback: (organization: Organization | null) => void) => {\n return this._subscriptionService.subscribeToState((state) => callback(state?.organization ?? null));\n };\n\n update = async (data: B2BOrganizationsUpdateOptions): Promise<B2BOrganizationsUpdateResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BOrganizationsUpdateResponse>({\n url: `/b2b/organizations/me`,\n method: 'PUT',\n body: data,\n });\n\n this._subscriptionService.updateOrganization(resp.organization);\n return resp;\n };\n\n delete = async (): Promise<B2BOrganizationsDeleteResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BOrganizationsDeleteResponse>({\n url: `/b2b/organizations/me`,\n method: 'DELETE',\n });\n\n this._subscriptionService.destroyState();\n\n return resp;\n };\n\n getBySlug = async (data: B2BOrganizationsGetBySlugOptions): Promise<B2BOrganizationsGetBySlugResponse> => {\n validateInDev('stytch.organization.getBySlug', data, {\n organization_slug: 'string',\n });\n\n return this._networkClient.fetchSDK<B2BOrganizationsGetBySlugResponse>({\n url: `/b2b/organizations/search`,\n method: 'POST',\n body: data,\n });\n };\n\n getConnectedApps = async (): Promise<B2BOrganizationsGetConnectedAppsResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsGetConnectedAppsResponse>({\n url: '/b2b/organizations/connected_apps',\n method: 'GET',\n });\n };\n\n getConnectedApp = async (\n data: B2BOrganizationsGetConnectedAppOptions,\n ): Promise<B2BOrganizationsGetConnectedAppResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsGetConnectedAppResponse>({\n url: `/b2b/organizations/connected_apps/${data.connected_app_id}`,\n method: 'GET',\n });\n };\n\n members = {\n create: async (data: B2BOrganizationsMembersCreateOptions): Promise<B2BOrganizationsMembersCreateResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMembersCreateResponse>({\n url: `/b2b/organizations/members`,\n method: 'POST',\n body: data,\n });\n },\n search: async (data: B2BOrganizationsMembersSearchOptions): Promise<B2BOrganizationsMembersSearchResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMembersSearchResponse>({\n url: `/b2b/organizations/me/members/search`,\n method: 'POST',\n body: data,\n });\n },\n update: async (data: B2BOrganizationsMembersUpdateOptions): Promise<B2BOrganizationsMembersUpdateResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMembersUpdateResponse>({\n url: `/b2b/organizations/members/${data.member_id}`,\n method: 'PUT',\n body: data,\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n deletePassword: async (passwordId: string): Promise<B2BOrganizationsMemberDeletePasswordResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMemberDeletePasswordResponse>({\n url: `/b2b/organizations/members/passwords/${passwordId}`,\n method: 'DELETE',\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n deleteMFAPhoneNumber: async (memberId: string): Promise<B2BOrganizationsMemberDeleteMFAPhoneNumberResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMemberDeleteMFAPhoneNumberResponse>({\n url: `/b2b/organizations/members/mfa_phone_numbers/${memberId}`,\n method: 'DELETE',\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n deleteMFATOTP: async (memberId: string): Promise<B2BOrganizationsMemberDeleteMFATOTPResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMemberDeleteMFATOTPResponse>({\n url: `/b2b/organizations/members/totp/${memberId}`,\n method: 'DELETE',\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n delete: async (memberId: string): Promise<B2BOrganizationsMembersDeleteResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMembersDeleteResponse>({\n url: `/b2b/organizations/members/${memberId}`,\n method: 'DELETE',\n });\n\n if (memberId === this._subscriptionService.getMember()?.member_id) {\n this._subscriptionService.destroyState();\n }\n\n return response;\n },\n reactivate: async (memberId: string): Promise<B2BOrganizationsMembersReactivateResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMembersReactivateResponse>({\n url: `/b2b/organizations/members/${memberId}/reactivate`,\n method: 'PUT',\n });\n },\n unlinkRetiredEmail: async (\n data: B2BOrganizationsMemberUnlinkRetiredEmailOptions,\n ): Promise<B2BOrganizationsMemberUnlinkRetiredEmailResponse> => {\n const { member_id, ...body } = data;\n const response = await this._apiNetworkClient.fetchSDK<B2BOrganizationsMemberUnlinkRetiredEmailResponse>({\n url: `/b2b/organizations/members/${member_id}/unlink_retired_email`,\n method: 'POST',\n body,\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n startEmailUpdate: async (\n data: B2BOrganizationsMemberStartEmailUpdateOptions,\n ): Promise<B2BOrganizationsMemberStartEmailUpdateResponse> => {\n const { member_id, ...body } = data;\n const response = await this._apiNetworkClient.fetchSDK<B2BOrganizationsMemberStartEmailUpdateResponse>({\n url: `/b2b/organizations/members/${member_id}/start_email_update`,\n method: 'POST',\n body,\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n getConnectedApps: async (\n data: B2BOrganizationsMemberGetConnectedAppsOptions,\n ): Promise<B2BOrganizationsMemberGetConnectedAppsResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMemberGetConnectedAppsResponse>({\n url: `b2b/organizations/members/${data.member_id}/connected_apps`,\n method: 'GET',\n });\n },\n revokeConnectedApp: async (\n data: B2BOrganizationsMemberRevokeConnectedAppOptions,\n ): Promise<B2BOrganizationsMemberRevokeConnectedAppResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMemberRevokeConnectedAppResponse>({\n url: `/b2b/organizations/members/${data.member_id}/connected_apps/${data.connected_app_id}/revoke`,\n method: 'POST',\n });\n },\n };\n\n private updateMemberIfSelf = (response: MemberResponseCommon) => {\n if (response.member_id === this._subscriptionService.getMember()?.member_id) {\n this._subscriptionService.updateMember(response.member);\n }\n };\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BDiscoveryOTPEmailAuthenticateOptions,\n B2BDiscoveryOTPEmailAuthenticateResponse,\n B2BDiscoveryOTPEmailSendOptions,\n B2BDiscoveryOTPEmailSendResponse,\n B2BOTPsEmailAuthenticateOptions,\n B2BOTPsEmailAuthenticateResponse,\n B2BOTPsEmailLoginOrSignupOptions,\n B2BOTPsEmailLoginOrSignupResponse,\n B2BSMSAuthenticateOptions,\n B2BSMSAuthenticateResponse,\n B2BSMSSendOptions,\n B2BSMSSendResponse,\n IHeadlessB2BOTPsClient,\n} from '../../public/b2b/otps';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BOTPsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOTPsClient<TProjectConfiguration>\n{\n sms: {\n send: (data: B2BSMSSendOptions) => Promise<B2BSMSSendResponse>;\n authenticate: (data: B2BSMSAuthenticateOptions) => Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>>;\n };\n\n email: {\n loginOrSignup: (data: B2BOTPsEmailLoginOrSignupOptions) => Promise<B2BOTPsEmailLoginOrSignupResponse>;\n authenticate: (\n data: B2BOTPsEmailAuthenticateOptions,\n ) => Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>;\n discovery: {\n send: (data: B2BDiscoveryOTPEmailSendOptions) => Promise<B2BDiscoveryOTPEmailSendResponse>;\n authenticate: (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ) => Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>>;\n };\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.sms = {\n send: async (data: B2BSMSSendOptions): Promise<B2BSMSSendResponse> => {\n validateInDev('stytch.otps.sms.send', data, {\n organization_id: 'string',\n member_id: 'string',\n mfa_phone_number: 'optionalString',\n locale: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BSMSSendResponse>({\n url: '/b2b/otps/sms/send',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (data: B2BSMSAuthenticateOptions): Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.sms.authenticate', data, {\n session_duration_minutes: 'number',\n organization_id: 'string',\n member_id: 'string',\n code: 'string',\n set_mfa_enrollment: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.retriableFetchSDK<B2BSMSAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/sms/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n };\n\n this.email = {\n loginOrSignup: async (data: B2BOTPsEmailLoginOrSignupOptions): Promise<B2BOTPsEmailLoginOrSignupResponse> => {\n validateInDev('stytch.otps.email.loginOrSignup', data, {\n organization_id: 'string',\n email_address: 'string',\n login_template_id: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailLoginOrSignupResponse>({\n url: '/b2b/otps/email/login_or_signup',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BOTPsEmailAuthenticateOptions,\n ): Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.authenticate', data, {\n code: 'string',\n email_address: 'string',\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/email/authenticate',\n body: {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n discovery: {\n send: async (data: B2BDiscoveryOTPEmailSendOptions): Promise<B2BDiscoveryOTPEmailSendResponse> => {\n validateInDev('stytch.otps.email.discovery.send', data, {\n email_address: 'string',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BDiscoveryOTPEmailSendResponse>({\n url: '/b2b/otps/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ): Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.discovery.authenticate', data, {\n code: 'string',\n email_address: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n\n return this._networkClient.retriableFetchSDK<\n B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/otps/email/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n },\n };\n }\n}\n","import { IDFPProtectedAuthProvider } from '../../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../../NetworkClient';\nimport { IPKCEManager } from '../../PKCEManager';\nimport {\n B2BPasswordAuthenticateOptions,\n B2BPasswordAuthenticateResponse,\n B2BPasswordDiscoveryAuthenticateOptions,\n B2BPasswordDiscoveryAuthenticateResponse,\n B2BPasswordDiscoveryResetByEmailOptions,\n B2BPasswordDiscoveryResetByEmailResponse,\n B2BPasswordDiscoveryResetByEmailStartOptions,\n B2BPasswordDiscoveryResetByEmailStartResponse,\n B2BPasswordResetByEmailOptions,\n B2BPasswordResetByEmailResponse,\n B2BPasswordResetByEmailStartOptions,\n B2BPasswordResetByEmailStartResponse,\n B2BPasswordResetByExistingPasswordOptions,\n B2BPasswordResetByExistingPasswordResponse,\n B2BPasswordResetBySessionOptions,\n B2BPasswordResetBySessionResponse,\n B2BPasswordStrengthCheckOptions,\n B2BPasswordStrengthCheckResponse,\n IHeadlessB2BPasswordClient,\n} from '../../public/b2b/passwords';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForPasswordResets: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForPasswordResets: false,\n});\n\nexport class HeadlessB2BPasswordsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BPasswordClient<TProjectConfiguration>\n{\n authenticate: (\n options: B2BPasswordAuthenticateOptions,\n ) => Promise<B2BPasswordAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n resetByEmailStart: (\n options: B2BPasswordDiscoveryResetByEmailStartOptions,\n ) => Promise<B2BPasswordDiscoveryResetByEmailStartResponse>;\n resetByEmail: (\n options: B2BPasswordDiscoveryResetByEmailOptions,\n ) => Promise<B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>>;\n authenticate: (\n options: B2BPasswordDiscoveryAuthenticateOptions,\n ) => Promise<B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n resetByEmail: (\n options: B2BPasswordResetByEmailOptions,\n ) => Promise<B2BPasswordResetByEmailResponse<TProjectConfiguration>>;\n\n resetByExistingPassword: (\n options: B2BPasswordResetByExistingPasswordOptions,\n ) => Promise<B2BPasswordResetByExistingPasswordResponse<TProjectConfiguration>>;\n\n resetBySession: (\n options: B2BPasswordResetBySessionOptions,\n ) => Promise<B2BPasswordResetBySessionResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordAuthenticateOptions,\n ): Promise<B2BPasswordAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.authenticate', options, {\n organization_id: 'string',\n password: 'string',\n email_address: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/passwords/authenticate',\n method: 'POST',\n body: {\n organization_id: options.organization_id,\n email_address: options.email_address,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n locale: options.locale,\n captcha_token,\n dfp_telemetry_id,\n code_verifier,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n\n this.discovery = {\n resetByEmailStart: async (\n options: B2BPasswordDiscoveryResetByEmailStartOptions,\n ): Promise<B2BPasswordDiscoveryResetByEmailStartResponse> => {\n validateInDev('stytch.passwords.discovery.resetByEmailStart', options, {\n email_address: 'string',\n discovery_redirect_url: 'optionalString',\n reset_password_redirect_url: 'optionalString',\n reset_password_template_id: 'optionalString',\n reset_password_expiration_minutes: 'optionalNumber',\n verify_email_template_id: 'optionalString',\n locale: 'optionalString',\n });\n\n const pkce_code_challenge = await this.getCodeChallenge();\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordDiscoveryResetByEmailStartResponse>({\n url: '/b2b/passwords/discovery/reset/start',\n method: 'POST',\n body: {\n email_address: options.email_address,\n discovery_redirect_url: options.discovery_redirect_url,\n reset_password_redirect_url: options.reset_password_redirect_url,\n reset_password_expiration_minutes: options.reset_password_expiration_minutes,\n reset_password_template_id: options.reset_password_template_id,\n verify_email_template_id: options.verify_email_template_id,\n locale: options.locale,\n pkce_code_challenge,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n resetByEmail: this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordDiscoveryResetByEmailOptions,\n ): Promise<B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.discovery.resetByEmail', options, {\n password_reset_token: 'string',\n password: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkPair = await this._pkceManager.getPKPair();\n const pkce_code_verifier = pkPair?.code_verifier;\n\n const resp = await this._networkClient.retriableFetchSDK<\n B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>\n >({\n url: '/b2b/passwords/discovery/reset',\n method: 'POST',\n body: {\n password_reset_token: options.password_reset_token,\n password: options.password,\n captcha_token,\n dfp_telemetry_id,\n pkce_code_verifier,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordDiscoveryAuthenticateOptions,\n ): Promise<B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.discovery.authenticate', options, {\n password: 'string',\n email_address: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>>(\n {\n url: '/b2b/passwords/discovery/authenticate',\n method: 'POST',\n body: {\n email_address: options.email_address,\n password: options.password,\n captcha_token,\n dfp_telemetry_id,\n code_verifier,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n },\n );\n },\n ),\n };\n\n this.resetByEmail = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordResetByEmailOptions,\n ): Promise<B2BPasswordResetByEmailResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByEmail', options, {\n password_reset_token: 'string',\n password: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n\n const resp = await this._networkClient.retriableFetchSDK<\n B2BPasswordResetByEmailResponse<TProjectConfiguration>\n >({\n url: '/b2b/passwords/email/reset',\n method: 'POST',\n body: {\n password_reset_token: options.password_reset_token,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n locale: options.locale,\n captcha_token,\n dfp_telemetry_id,\n code_verifier: code_verifier,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n return resp;\n },\n );\n\n this.resetByExistingPassword = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordResetByExistingPasswordOptions,\n ): Promise<B2BPasswordResetByExistingPasswordResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByExistingPassword', options, {\n email_address: 'string',\n existing_password: 'string',\n new_password: 'string',\n locale: 'optionalString',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordResetByExistingPasswordResponse<TProjectConfiguration>>(\n {\n url: '/b2b/passwords/existing_password/reset',\n method: 'POST',\n body: {\n organization_id: options.organization_id,\n email_address: options.email_address,\n existing_password: options.existing_password,\n new_password: options.new_password,\n locale: options.locale,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n },\n );\n },\n );\n\n this.resetBySession = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordResetBySessionOptions,\n ): Promise<B2BPasswordResetBySessionResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetBySession', options, {\n password: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordResetBySessionResponse<TProjectConfiguration>>({\n url: '/b2b/passwords/session/reset',\n method: 'POST',\n body: {\n password: options.password,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForPasswordResets } = await this._config;\n if (!pkceRequiredForPasswordResets) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n async resetByEmailStart(options: B2BPasswordResetByEmailStartOptions): Promise<B2BPasswordResetByEmailStartResponse> {\n validateInDev('stytch.passwords.resetByEmailStart', options, {\n email_address: 'string',\n login_redirect_url: 'optionalString',\n reset_password_redirect_url: 'optionalString',\n reset_password_template_id: 'optionalString',\n reset_password_expiration_minutes: 'optionalNumber',\n verify_email_template_id: 'optionalString',\n locale: 'optionalString',\n });\n\n const code_challenge = await this.getCodeChallenge();\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordResetByEmailStartResponse>({\n url: '/b2b/passwords/email/reset/start',\n method: 'POST',\n body: {\n organization_id: options.organization_id,\n email_address: options.email_address,\n login_redirect_url: options.login_redirect_url,\n reset_password_redirect_url: options.reset_password_redirect_url,\n reset_password_expiration_minutes: options.reset_password_expiration_minutes,\n reset_password_template_id: options.reset_password_template_id,\n verify_email_template_id: options.verify_email_template_id,\n locale: options.locale,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n }\n\n async strengthCheck(options: B2BPasswordStrengthCheckOptions): Promise<B2BPasswordStrengthCheckResponse> {\n validateInDev('stytch.passwords.strengthCheck', options, {\n email_address: 'optionalString',\n password: 'string',\n });\n\n return this._networkClient.fetchSDK<B2BPasswordStrengthCheckResponse>({\n url: '/b2b/passwords/strength_check',\n method: 'POST',\n body: {\n email_address: options.email_address,\n password: options.password,\n },\n });\n }\n}\n","export const WILDCARD_ACTION = '*';\n\nexport type RBACPolicyRole = {\n role_id: string;\n description: string;\n permissions: {\n resource_id: string;\n actions: string[];\n }[];\n};\n\nexport type RBACPolicyScope = {\n scope: string;\n description: string;\n permissions: {\n resource_id: string;\n actions: string[];\n }[];\n};\n\nexport type RBACPolicyResource = {\n resource_id: string;\n description: string;\n actions: string[];\n};\n\nexport type RBACPolicyRaw = {\n roles: RBACPolicyRole[];\n resources: RBACPolicyResource[];\n scopes: RBACPolicyScope[];\n};\n\n/**\n * RBACPolicy represents an instance of a parsed Stytch RBAC policy object\n * It contains methods for computing outcomes for various permissions questions\n */\nexport class RBACPolicy {\n private rolesByID: Record<string, RBACPolicyRole>;\n\n constructor(\n public roles: RBACPolicyRole[],\n public resources: RBACPolicyResource[],\n ) {\n this.rolesByID = {};\n roles.forEach((role) => (this.rolesByID[role.role_id] = role));\n }\n\n static fromJSON(input: RBACPolicyRaw): RBACPolicy {\n return new RBACPolicy(input.roles, input.resources);\n }\n\n /**\n * Merges organization custom roles with this project policy.\n * Custom roles are additive - they add additional roles on top of the base project policy.\n * Resources remain from the project policy, roles are combined.\n * @param customRoles Array of custom organization roles to add\n * @returns A new RBACPolicy instance with merged roles\n */\n mergeWithCustomRoles(customRoles: RBACPolicyRole[]): RBACPolicy {\n const mergedRoles = [...this.roles, ...customRoles];\n\n // Resources come from the project policy - custom roles don't define new resources\n return new RBACPolicy(mergedRoles, this.resources);\n }\n\n /**\n * isAuthorized returns whether or not a user with a specific set of roles can perform a desired action\n * @example\n * const canDoIt = policy.callerIsAuthorized(roles, 'files', 'create')\n * console.log(canDoIt) // true\n */\n callerIsAuthorized(memberRoles: string[], resourceId: string, action: string): boolean {\n return !!memberRoles\n .map((roleId) => this.rolesByID[roleId])\n // Defense in depth: filter out null/undefined in case memberRoles contains a role that doesn't match the policy\n // This may happen if the member is loaded _before_ a fresh RBAC policy is loaded\n .filter((v) => v)\n .flatMap((role) => role.permissions)\n .filter((permission) => permission.resource_id === resourceId)\n .find((permission) => permission.actions.includes(action) || permission.actions.includes(WILDCARD_ACTION));\n }\n\n /**\n * allPermissions generates a map that allows quick lookup of all the permissions available to the user\n * @example\n * const perms = policy.allPermissions(roles)\n * console.log(perms.files.create) // true\n * console.log(perms.files.delete) // false\n */\n allPermissionsForCaller(memberRoles: string[]): Record<string, Record<string, boolean>> {\n const allPermsMap: Record<string, Record<string, boolean>> = Object.create(null);\n this.resources.forEach((resource) => {\n allPermsMap[resource.resource_id] = {};\n resource.actions.forEach((action) => {\n allPermsMap[resource.resource_id][action] = this.callerIsAuthorized(memberRoles, resource.resource_id, action);\n });\n });\n return allPermsMap;\n }\n}\n","import { IHeadlessB2BRBACClient, PermissionsMap } from '../../public/b2b/rbac';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { RBACPolicy, RBACPolicyRaw } from '../../rbac';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { logger } from '../../utils';\n\ntype CachedConfig = {\n rbacPolicy: RBACPolicyRaw | null;\n};\n\ntype DynamicConfig = Promise<CachedConfig>;\n\nexport class HeadlessB2BRBACClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BRBACClient\n{\n private cachedPolicy: RBACPolicy | null;\n private policyPromise: Promise<RBACPolicy>;\n constructor(\n cachedConfig: CachedConfig,\n dynamicConfig: DynamicConfig,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.cachedPolicy = cachedConfig.rbacPolicy ? RBACPolicy.fromJSON(cachedConfig.rbacPolicy) : null;\n this.policyPromise = dynamicConfig.then((data) => {\n if (!data.rbacPolicy) {\n logger.error('Unable to retrieve RBAC policy from servers. Assuming caller has no permissions.');\n return new RBACPolicy([], []);\n }\n // Update the existing policy too, so isAuthorizedSync will be up-to-date\n this.cachedPolicy = RBACPolicy.fromJSON(data.rbacPolicy);\n return this.cachedPolicy;\n });\n }\n\n /**\n * Gets the effective policy for the current session by merging project policy with org custom roles\n */\n private async getEffectivePolicy(): Promise<RBACPolicy> {\n const projectPolicy = await this.policyPromise;\n const organization = this._subscriptionService.getOrganization();\n\n // If no org or no custom roles, just return project policy\n if (!organization?.custom_roles?.length) {\n return projectPolicy;\n }\n\n return projectPolicy.mergeWithCustomRoles(organization.custom_roles);\n }\n\n /**\n * Gets the effective policy synchronously for the current session\n * Uses cached policies only\n */\n private getEffectivePolicySync(): RBACPolicy | null {\n if (!this.cachedPolicy) {\n return null;\n }\n\n const organization = this._subscriptionService.getOrganization();\n\n // If no custom roles, just return project policy\n if (!organization?.custom_roles?.length) {\n return this.cachedPolicy;\n }\n\n return this.cachedPolicy.mergeWithCustomRoles(organization.custom_roles);\n }\n\n allPermissions<Permissions extends Record<string, string>>() {\n return this.getEffectivePolicy().then(\n (policy) => policy.allPermissionsForCaller(this.roleIds()) as PermissionsMap<Permissions>,\n );\n }\n\n isAuthorizedSync: IHeadlessB2BRBACClient['isAuthorizedSync'] = (resourceId, action) => {\n const effectivePolicy = this.getEffectivePolicySync();\n return !!effectivePolicy?.callerIsAuthorized(this.roleIds(), resourceId as string, action as unknown as string);\n };\n\n isAuthorized: IHeadlessB2BRBACClient['isAuthorized'] = (resourceId, action) => {\n return this.getEffectivePolicy().then((policy) =>\n policy.callerIsAuthorized(this.roleIds(), resourceId as string, action as unknown as string),\n );\n };\n\n private roleIds() {\n const session = this._subscriptionService.getSession();\n if (!session) {\n return [];\n }\n // Although session.roles is guaranteed to exist for fresh data, there is a minuscule chance\n // that the member session stored in localstorage clientside comes from before roles were added to\n // the API response - in which case session.roles will be undefined and this will crash\n // TODO: [AUTH-2294] We can safely remove this ~3mos after RBAC is released\n return session.roles ?? [];\n }\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n IHeadlessB2BRecoveryCodesClient,\n RecoveryCodeGetResponse,\n RecoveryCodeRecoverOptions,\n RecoveryCodeRecoverResponse,\n RecoveryCodeRotateResponse,\n} from '../../public/b2b/recoveryCodes';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BRecoveryCodesClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BRecoveryCodesClient<TProjectConfiguration>\n{\n recover: (data: RecoveryCodeRecoverOptions) => Promise<RecoveryCodeRecoverResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.recover = this._subscriptionService.withUpdateSession(\n async (data: RecoveryCodeRecoverOptions): Promise<RecoveryCodeRecoverResponse<TProjectConfiguration>> => {\n validateInDev('stytch.recoveryCodes.recover', data, {\n organization_id: 'string',\n member_id: 'string',\n recovery_code: 'string',\n session_duration_minutes: 'number',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.retriableFetchSDK<RecoveryCodeRecoverResponse<TProjectConfiguration>>({\n url: '/b2b/recovery_codes/recover',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n async rotate(): Promise<RecoveryCodeRotateResponse> {\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<RecoveryCodeRotateResponse>({\n url: '/b2b/recovery_codes/rotate',\n body: {\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n }\n\n async get(): Promise<RecoveryCodeGetResponse> {\n return this._networkClient.fetchSDK<RecoveryCodeGetResponse>({\n url: '/b2b/recovery_codes',\n method: 'GET',\n });\n }\n}\n","import { IB2BSubscriptionService, INetworkClient } from '../..';\nimport {\n B2BSCIMCreateConnectionOptions,\n B2BSCIMCreateConnectionResponse,\n B2BSCIMDeleteConnectionResponse,\n B2BSCIMGetConnectionGroupsOptions,\n B2BSCIMGetConnectionGroupsResponse,\n B2BSCIMGetConnectionResponse,\n B2BSCIMRotateCancelResponse,\n B2BSCIMRotateCompleteResponse,\n B2BSCIMRotateStartResponse,\n B2BSCIMUpdateConnectionOptions,\n B2BSCIMUpdateConnectionResponse,\n IHeadlessB2BSCIMClient,\n} from '../../public/b2b/scim';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BSCIMClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSCIMClient\n{\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {}\n\n async createConnection(data: B2BSCIMCreateConnectionOptions): Promise<B2BSCIMCreateConnectionResponse> {\n validateInDev('stytch.scim.createConnection', data, {\n display_name: 'optionalString',\n identity_provider: 'optionalString',\n });\n\n return await this._networkClient.fetchSDK<B2BSCIMCreateConnectionResponse>({\n url: '/b2b/scim',\n method: 'POST',\n body: data,\n });\n }\n\n async updateConnection(data: B2BSCIMUpdateConnectionOptions): Promise<B2BSCIMUpdateConnectionResponse> {\n validateInDev('stytch.scim.updateConnection', data, {\n connection_id: 'string',\n display_name: 'optionalString',\n identity_provider: 'optionalString',\n });\n\n return await this._networkClient.fetchSDK<B2BSCIMUpdateConnectionResponse>({\n url: `/b2b/scim/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n }\n\n async deleteConnection(connectionId: string): Promise<B2BSCIMDeleteConnectionResponse> {\n validateInDev(\n 'stytch.scim.deleteConnection',\n { connection_id: connectionId },\n {\n connection_id: 'string',\n },\n );\n\n return await this._networkClient.fetchSDK<B2BSCIMDeleteConnectionResponse>({\n url: `/b2b/scim/${connectionId}`,\n method: 'DELETE',\n });\n }\n\n async getConnection(): Promise<B2BSCIMGetConnectionResponse> {\n return await this._networkClient.fetchSDK<B2BSCIMGetConnectionResponse>({\n url: '/b2b/scim',\n method: 'GET',\n });\n }\n\n async getConnectionGroups(data: B2BSCIMGetConnectionGroupsOptions): Promise<B2BSCIMGetConnectionGroupsResponse> {\n validateInDev('stytch.scim.getConnectionGroups', data, {\n limit: 'optionalNumber',\n cursor: 'optionalString',\n });\n\n return await this._networkClient.fetchSDK<B2BSCIMGetConnectionGroupsResponse>({\n url: '/b2b/scim/groups',\n method: 'POST',\n body: data,\n });\n }\n\n async rotateStart(connectionId: string): Promise<B2BSCIMRotateStartResponse> {\n validateInDev(\n 'stytch.scim.rotateStart',\n { connectionId },\n {\n connectionId: 'string',\n },\n );\n return await this._networkClient.fetchSDK<B2BSCIMRotateStartResponse>({\n url: `/b2b/scim/rotate/start`,\n method: 'POST',\n body: { connection_id: connectionId },\n });\n }\n\n async rotateComplete(connectionId: string): Promise<B2BSCIMRotateCompleteResponse> {\n validateInDev(\n 'stytch.scim.rotateComplete',\n { connectionId },\n {\n connectionId: 'string',\n },\n );\n\n return await this._networkClient.fetchSDK<B2BSCIMRotateCompleteResponse>({\n url: `/b2b/scim/rotate/complete`,\n method: 'POST',\n body: { connection_id: connectionId },\n });\n }\n\n async rotateCancel(connectionId: string): Promise<B2BSCIMRotateCancelResponse> {\n validateInDev(\n 'stytch.scim.rotateCancel',\n { connectionId },\n {\n connectionId: 'string',\n },\n );\n\n return await this._networkClient.fetchSDK<B2BSCIMRotateCancelResponse>({\n url: `/b2b/scim/rotate/cancel`,\n method: 'POST',\n body: { connection_id: connectionId },\n });\n }\n}\n","import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BMemberDeleteMFAPhoneNumberResponse,\n B2BMemberDeletePasswordResponse,\n B2BMemberGetConnectedAppsResponse,\n B2BMemberOnChangeCallback,\n B2BMemberRevokeConnectedAppOptions,\n B2BMemberRevokeConnectedAppResponse,\n B2BMemberStartEmailUpdateRequest,\n B2BMemberStartEmailUpdateResponse,\n B2BMemberUnlinkRetiredEmailRequest,\n B2BMemberUnlinkRetiredEmailResponse,\n B2BMemberUpdateOptions,\n B2BMemberUpdateResponse,\n IHeadlessB2BSelfClient,\n Member,\n MemberInfo,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BSelfClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSelfClient\n{\n constructor(\n private _networkClient: INetworkClient,\n private _apiNetworkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {}\n\n get = async (): Promise<Member | null> => {\n const resp = await this._networkClient.fetchSDK<{ member: Member } & ResponseCommon>({\n url: `/b2b/organizations/members/me`,\n method: 'GET',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp.member;\n };\n\n getSync = (): Member | null => {\n return this._subscriptionService.getMember();\n };\n\n getInfo = (): MemberInfo => ({\n member: this.getSync(),\n fromCache: this._subscriptionService.getFromCache(),\n });\n\n onChange = (callback: B2BMemberOnChangeCallback) => {\n return this._subscriptionService.subscribeToState((state) => callback(state?.member ?? null));\n };\n\n update = async (data: B2BMemberUpdateOptions): Promise<B2BMemberUpdateResponse> => {\n validateInDev('stytch.self.update', data, {\n name: 'optionalString',\n untrusted_metadata: 'optionalObject',\n mfa_enrolled: 'optionalBoolean',\n mfa_phone_number: 'optionalString',\n default_mfa_method: 'optionalString',\n });\n\n const resp = await this._networkClient.fetchSDK<B2BMemberUpdateResponse>({\n url: '/b2b/organizations/members/update',\n body: data,\n method: 'PUT',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n deleteMFAPhoneNumber = async (): Promise<B2BMemberDeleteMFAPhoneNumberResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BMemberDeleteMFAPhoneNumberResponse>({\n url: '/b2b/organizations/members/deletePhoneNumber',\n method: 'DELETE',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n deleteMFATOTP = async (): Promise<B2BMemberDeletePasswordResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BMemberDeletePasswordResponse>({\n url: `/b2b/organizations/members/deleteTOTP`,\n method: 'DELETE',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n deletePassword = async (passwordId: string): Promise<B2BMemberDeletePasswordResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BMemberDeletePasswordResponse>({\n url: `/b2b/organizations/members/passwords/${passwordId}`,\n method: 'DELETE',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n unlinkRetiredEmail = async (\n data: B2BMemberUnlinkRetiredEmailRequest,\n ): Promise<B2BMemberUnlinkRetiredEmailResponse> => {\n const resp = await this._apiNetworkClient.fetchSDK<B2BMemberUnlinkRetiredEmailResponse>({\n url: '/b2b/organizations/members/unlink_retired_email',\n method: 'POST',\n body: data,\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n startEmailUpdate = async (data: B2BMemberStartEmailUpdateRequest): Promise<B2BMemberStartEmailUpdateResponse> => {\n const resp = await this._apiNetworkClient.fetchSDK<B2BMemberStartEmailUpdateResponse>({\n url: '/b2b/organizations/members/start_email_update',\n method: 'POST',\n body: data,\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n getConnectedApps = async (): Promise<B2BMemberGetConnectedAppsResponse> => {\n return this._networkClient.fetchSDK<B2BMemberGetConnectedAppsResponse>({\n url: '/b2b/organizations/members/connected_apps',\n method: 'GET',\n });\n };\n\n revokeConnectedApp = async (\n data: B2BMemberRevokeConnectedAppOptions,\n ): Promise<B2BMemberRevokeConnectedAppResponse> => {\n return this._networkClient.fetchSDK<B2BMemberRevokeConnectedAppResponse>({\n url: `/b2b/organizations/members/connected_apps/${data.connected_app_id}/revoke`,\n method: 'POST',\n });\n };\n}\n","import { ExtractOpaqueTokens, IB2BSubscriptionService, IfOpaqueTokens, INetworkClient } from '../..';\nimport {\n B2BSessionAccessTokenExchangeOptions,\n B2BSessionAccessTokenExchangeResponse,\n B2BSessionAttestOptions,\n B2BSessionAttestResponse,\n B2BSessionAuthenticateResponse,\n B2BSessionExchangeOptions,\n B2BSessionExchangeResponse,\n B2BSessionOnChangeCallback,\n B2BSessionRevokeOptions,\n IHeadlessB2BSessionClient,\n MemberSessionInfo,\n SessionAuthenticateOptions,\n SessionRevokeResponse,\n SessionTokens,\n SessionTokensUpdate,\n StytchProjectConfigurationInput,\n UNRECOVERABLE_ERROR_TYPES,\n} from '../../public';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BSessionClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSessionClient<TProjectConfiguration>\n{\n getSync = () => {\n return this._subscriptionService.getSession();\n };\n\n getInfo = (): MemberSessionInfo => ({\n session: this.getSync(),\n fromCache: this._subscriptionService.getFromCache(),\n });\n\n onChange = (callback: B2BSessionOnChangeCallback) => {\n return this._subscriptionService.subscribeToState((state) => callback(state?.session ?? null));\n };\n\n revoke = async (options?: B2BSessionRevokeOptions) => {\n /**\n * Revoke destroys the local state if the API request is successful\n * or if we return an unrecoverable error (user is unauthenticated)\n * or if the developer passes in a forceClear option.\n * If the API request returns a recoverable error (the user is offline),\n * we do not destroy the local state to let the developer manually add retry\n * logic to call revoke again.\n */\n try {\n const resp = await this._networkClient.fetchSDK<SessionRevokeResponse>({\n url: `/b2b/sessions/revoke`,\n method: 'POST',\n });\n\n this._subscriptionService.destroyState();\n\n return resp;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n } catch (error: any) {\n if (options?.forceClear) {\n this._subscriptionService.destroyState();\n } else if (UNRECOVERABLE_ERROR_TYPES.includes(error.error_type)) {\n this._subscriptionService.destroyState();\n }\n throw error;\n }\n };\n\n revokeForMember = async (options: { member_id: string }) => {\n validateInDev('stytch.session.revokeForMember', options, {\n member_id: 'string',\n });\n\n return await this._networkClient.fetchSDK<SessionRevokeResponse>({\n url: `/b2b/sessions/revoke/${options.member_id}`,\n method: 'POST',\n });\n };\n\n private _authenticate = async (\n options?: SessionAuthenticateOptions,\n ): Promise<B2BSessionAuthenticateResponse<TProjectConfiguration>> => {\n const initialSession = this._subscriptionService.getSession();\n const isSessionStale = () =>\n initialSession?.member_session_id !== this._subscriptionService.getSession()?.member_session_id;\n\n try {\n const requestBody = {\n session_duration_minutes: options?.session_duration_minutes,\n };\n const resp = await this._networkClient.fetchSDK<B2BSessionAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/authenticate',\n body: requestBody,\n method: 'POST',\n });\n\n if (isSessionStale()) {\n // [SDK-1336] The session was updated out from under us while the\n // request was in flight; discard the response and retry\n return this._authenticate(options);\n }\n\n return resp;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n } catch (error: any) {\n if (isSessionStale()) {\n // [SDK-1336] The session was updated out from under us while the\n // request was in flight; discard the response and retry\n return this._authenticate(options);\n }\n\n if (UNRECOVERABLE_ERROR_TYPES.includes(error.error_type)) {\n this._subscriptionService.destroySession();\n }\n throw error;\n }\n };\n\n authenticate: (\n options?: SessionAuthenticateOptions,\n ) => Promise<B2BSessionAuthenticateResponse<TProjectConfiguration>>;\n\n exchange: (data: B2BSessionExchangeOptions) => Promise<B2BSessionExchangeResponse<TProjectConfiguration>>;\n\n exchangeAccessToken: (\n data: B2BSessionAccessTokenExchangeOptions,\n ) => Promise<B2BSessionAccessTokenExchangeResponse<TProjectConfiguration>>;\n\n attest: (data: B2BSessionAttestOptions) => Promise<B2BSessionAttestResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(this._authenticate);\n\n this.exchange = this._subscriptionService.withUpdateSession(async (data: B2BSessionExchangeOptions) => {\n validateInDev('stytch.session.exchange', data, {\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n return this._networkClient.fetchSDK<B2BSessionExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/exchange',\n body: data,\n method: 'POST',\n });\n });\n\n this.exchangeAccessToken = this._subscriptionService.withUpdateSession(\n async (data: B2BSessionAccessTokenExchangeOptions) => {\n validateInDev('stytch.session.exchange', data, {\n access_token: 'string',\n session_duration_minutes: 'number',\n });\n return this._networkClient.fetchSDK<B2BSessionAccessTokenExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/exchange_access_token',\n body: data,\n method: 'POST',\n });\n },\n );\n\n this.attest = this._subscriptionService.withUpdateSession(async (data: B2BSessionAttestOptions) => {\n validateInDev('stytch.session.attest', data, {\n organization_id: 'optionalString',\n profile_id: 'string',\n token: 'string',\n session_duration_minutes: 'optionalNumber',\n });\n\n return this._networkClient.fetchSDK<B2BSessionAttestResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/attest',\n body: data,\n method: 'POST',\n });\n });\n }\n\n getTokens() {\n return this._subscriptionService.getTokens() as IfOpaqueTokens<\n ExtractOpaqueTokens<TProjectConfiguration>,\n never,\n SessionTokens | null\n >;\n }\n\n updateSession(tokens: SessionTokensUpdate): void {\n validateInDev('stytch.session.updateSession', tokens, {\n session_token: 'string',\n session_jwt: 'optionalString',\n });\n this._subscriptionService.updateTokens(tokens);\n }\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient, IPKCEManager } from '../..';\nimport {\n B2BSSOCreateExternalConnectionOptions,\n B2BSSOCreateExternalConnectionResponse,\n B2BSSODeleteConnectionResponse,\n B2BSSODiscoverConnectionsResponse,\n B2BSSOGetConnectionsResponse,\n B2BSSOOIDCCreateConnectionOptions,\n B2BSSOOIDCCreateConnectionResponse,\n B2BSSOOIDCUpdateConnectionOptions,\n B2BSSOOIDCUpdateConnectionResponse,\n B2BSSOSAMLCreateConnectionOptions,\n B2BSSOSAMLCreateConnectionResponse,\n B2BSSOSAMLDeleteEncryptionPrivateKeyOptions,\n B2BSSOSAMLDeleteEncryptionPrivateKeyResponse,\n B2BSSOSAMLDeleteVerificationCertificateOptions,\n B2BSSOSAMLDeleteVerificationCertificateResponse,\n B2BSSOSAMLUpdateConnectionByURLOptions,\n B2BSSOSAMLUpdateConnectionByURLResponse,\n B2BSSOSAMLUpdateConnectionOptions,\n B2BSSOSAMLUpdateConnectionResponse,\n B2BSSOUpdateExternalConnectionOptions,\n B2BSSOUpdateExternalConnectionResponse,\n IHeadlessB2BSSOClient,\n SSOAuthenticateOptions,\n SSOAuthenticateResponse,\n SSOStartOptions,\n} from '../../public';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { isTestPublicToken, logger } from '../../utils';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForSso: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport class HeadlessB2BSSOClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSSOClient<TProjectConfiguration>\n{\n authenticate: (options: SSOAuthenticateOptions) => Promise<SSOAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n protected _pkceManager: IPKCEManager,\n protected _dynamicConfig: DynamicConfig,\n protected _config: Config,\n protected dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(async (options: SSOAuthenticateOptions) => {\n validateInDev('stytch.sso.authenticate', options, {\n sso_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const keyPair = await this._pkceManager.getPKPair();\n\n if (!keyPair) {\n logger.warn(\n 'No code verifier found in local storage for SSO flow.\\n' +\n 'Consider using stytch.sso.start() to add PKCE to your SSO flows for added security.\\n' +\n 'See https://stytch.com/docs/oauth#guides_pkce for more information.',\n );\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<SSOAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/sso/authenticate',\n method: 'POST',\n body: {\n pkce_code_verifier: keyPair?.code_verifier,\n ...options,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n });\n }\n\n protected async getBaseApiUrl() {\n // Our TestAPIURL and LiveAPIURL should have the HTTPS protocol already attached\n // Don't add it twice!\n if (isTestPublicToken(this._config.publicToken)) {\n return this._config.testAPIURL;\n }\n return this._config.liveAPIURL;\n }\n\n async start({ connection_id, login_redirect_url, signup_redirect_url }: SSOStartOptions): Promise<void> {\n const { pkceRequiredForSso } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/public/sso/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n startUrl.searchParams.set('connection_id', connection_id);\n\n if (pkceRequiredForSso) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (login_redirect_url) startUrl.searchParams.set('login_redirect_url', login_redirect_url);\n if (signup_redirect_url) startUrl.searchParams.set('signup_redirect_url', signup_redirect_url);\n\n this.navigate(startUrl);\n }\n\n // Public so it can be mocked in tests\n navigate(url: URL) {\n window.location.href = url.toString();\n }\n\n async getConnections(): Promise<B2BSSOGetConnectionsResponse> {\n return await this._networkClient.fetchSDK<B2BSSOGetConnectionsResponse>({\n url: '/b2b/sso',\n method: 'GET',\n });\n }\n\n async discoverConnections(emailAddress: string): Promise<B2BSSODiscoverConnectionsResponse> {\n return await this._networkClient.fetchSDK<B2BSSODiscoverConnectionsResponse>({\n url: `/b2b/sso/discovery/connections?email_address=${encodeURIComponent(emailAddress)}`,\n method: 'GET',\n });\n }\n\n async deleteConnection(connectionId: string): Promise<B2BSSODeleteConnectionResponse> {\n return this._networkClient.fetchSDK<B2BSSODeleteConnectionResponse>({\n url: `/b2b/sso/${connectionId}`,\n method: 'DELETE',\n });\n }\n\n saml = {\n createConnection: async (data: B2BSSOSAMLCreateConnectionOptions): Promise<B2BSSOSAMLCreateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLCreateConnectionResponse>({\n url: '/b2b/sso/saml',\n method: 'POST',\n body: data,\n });\n },\n updateConnection: async (data: B2BSSOSAMLUpdateConnectionOptions): Promise<B2BSSOSAMLUpdateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLUpdateConnectionResponse>({\n url: `/b2b/sso/saml/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n },\n updateConnectionByURL: async (\n data: B2BSSOSAMLUpdateConnectionByURLOptions,\n ): Promise<B2BSSOSAMLUpdateConnectionByURLResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLUpdateConnectionResponse>({\n url: `/b2b/sso/saml/${data.connection_id}/url`,\n method: 'PUT',\n body: data,\n });\n },\n deleteVerificationCertificate: async (\n data: B2BSSOSAMLDeleteVerificationCertificateOptions,\n ): Promise<B2BSSOSAMLDeleteVerificationCertificateResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLDeleteVerificationCertificateResponse>({\n url: `/b2b/sso/saml/${data.connection_id}/verification_certificates/${data.certificate_id}`,\n method: 'DELETE',\n });\n },\n deleteEncryptionPrivateKey: async (\n data: B2BSSOSAMLDeleteEncryptionPrivateKeyOptions,\n ): Promise<B2BSSOSAMLDeleteEncryptionPrivateKeyResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLDeleteEncryptionPrivateKeyResponse>({\n url: `/b2b/sso/saml/${data.connection_id}/encryption_private_key/${data.private_key_id}`,\n method: 'DELETE',\n });\n },\n };\n\n oidc = {\n createConnection: async (data: B2BSSOOIDCCreateConnectionOptions): Promise<B2BSSOOIDCCreateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOOIDCCreateConnectionResponse>({\n url: '/b2b/sso/oidc',\n method: 'POST',\n body: data,\n });\n },\n updateConnection: async (data: B2BSSOOIDCUpdateConnectionOptions): Promise<B2BSSOOIDCUpdateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOOIDCUpdateConnectionResponse>({\n url: `/b2b/sso/oidc/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n },\n };\n\n external = {\n createConnection: async (\n data: B2BSSOCreateExternalConnectionOptions,\n ): Promise<B2BSSOCreateExternalConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOCreateExternalConnectionResponse>({\n url: '/b2b/sso/external',\n method: 'POST',\n body: data,\n });\n },\n updateConnection: async (\n data: B2BSSOUpdateExternalConnectionOptions,\n ): Promise<B2BSSOUpdateExternalConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOUpdateExternalConnectionResponse>({\n url: `/b2b/sso/external/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n },\n };\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BTOTPAuthenticateOptions,\n B2BTOTPAuthenticateResponse,\n B2BTOTPCreateOptions,\n B2BTOTPCreateResponse,\n IHeadlessB2BTOTPsClient,\n} from '../../public/b2b/totp';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BTOTPsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BTOTPsClient<TProjectConfiguration>\n{\n authenticate: (data: B2BTOTPAuthenticateOptions) => Promise<B2BTOTPAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (data: B2BTOTPAuthenticateOptions): Promise<B2BTOTPAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.totp.authenticate', data, {\n organization_id: 'string',\n member_id: 'string',\n code: 'string',\n session_duration_minutes: 'number',\n set_mfa_enrollment: 'optionalString',\n set_default_mfa: 'optionalBoolean',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n\n return this._networkClient.retriableFetchSDK<B2BTOTPAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/totp/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n async create(data: B2BTOTPCreateOptions): Promise<B2BTOTPCreateResponse> {\n validateInDev('stytch.totp.create', data, {\n organization_id: 'string',\n member_id: 'string',\n expiration_minutes: 'optionalNumber',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const response = await this._networkClient.retriableFetchSDK<B2BTOTPCreateResponse>({\n url: '/b2b/totp',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n if (response.member_id === this._subscriptionService.getMember()?.member_id) {\n this._subscriptionService.updateMember(response.member);\n }\n\n return response;\n }\n}\n","import { IConsumerSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '..';\nimport {\n CryptoWalletAuthenticateOptions,\n CryptoWalletAuthenticateResponse,\n CryptoWalletAuthenticateStartOptions,\n CryptoWalletAuthenticateStartResponse,\n IHeadlessCryptoWalletClient,\n StytchProjectConfigurationInput,\n} from '../public';\nimport { omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\ntype DynamicConfig = Promise<{\n siweRequiredForCryptoWallets: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n siweRequiredForCryptoWallets: false,\n});\n\nexport class HeadlessCryptoWalletClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessCryptoWalletClient<TProjectConfiguration>\n{\n authenticate: (\n options: CryptoWalletAuthenticateOptions,\n ) => Promise<CryptoWalletAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _apiNetworkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private executeRecaptcha: () => Promise<string | undefined> = () => Promise.resolve(undefined),\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n private _config: DynamicConfig = DefaultDynamicConfig,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (\n options: CryptoWalletAuthenticateOptions,\n ): Promise<CryptoWalletAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.cryptoWallets.authenticate', options, {\n signature: 'string',\n crypto_wallet_address: 'string',\n crypto_wallet_type: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._apiNetworkClient.retriableFetchSDK<\n WithUser<CryptoWalletAuthenticateResponse<TProjectConfiguration>>\n >({\n url: '/crypto_wallets/authenticate',\n method: 'POST',\n body: {\n session_duration_minutes: options.session_duration_minutes,\n crypto_wallet_address: options.crypto_wallet_address,\n crypto_wallet_type: options.crypto_wallet_type,\n signature: options.signature,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n }\n\n async authenticateStart(\n options: CryptoWalletAuthenticateStartOptions,\n ): Promise<CryptoWalletAuthenticateStartResponse> {\n validateInDev('stytch.cryptoWallets.authenticateStart', options, {\n crypto_wallet_address: 'string',\n crypto_wallet_type: 'string',\n });\n if (options.siwe_params) {\n validateInDev('stytch.cryptoWallets.authenticateStart', options.siwe_params, {\n uri: 'optionalString',\n chain_id: 'optionalString',\n issued_at: 'optionalString',\n statement: 'optionalString',\n not_before: 'optionalString',\n message_request_id: 'optionalString',\n resources: 'optionalStringArray',\n });\n }\n\n const isLoggedIn = !!this._subscriptionService.getSession();\n const captcha_token = await this.executeRecaptcha();\n const { siweRequiredForCryptoWallets } = await this._config;\n\n const body: CryptoWalletAuthenticateStartOptions = {\n crypto_wallet_address: options.crypto_wallet_address,\n crypto_wallet_type: options.crypto_wallet_type,\n };\n if (siweRequiredForCryptoWallets && options.crypto_wallet_type == 'ethereum') {\n body.siwe_params = { ...options.siwe_params, uri: options.siwe_params?.uri || window.location.origin };\n }\n\n const endpoint = isLoggedIn\n ? '/crypto_wallets/authenticate/start/secondary'\n : '/crypto_wallets/authenticate/start/primary';\n\n const requestBody = {\n ...body,\n captcha_token,\n };\n return this._apiNetworkClient.fetchSDK<CryptoWalletAuthenticateStartResponse>({\n url: endpoint,\n method: 'POST',\n body: requestBody,\n });\n }\n}\n","import { IConsumerSubscriptionService } from '..';\nimport { IDFPProtectedAuthProvider } from '../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../NetworkClient';\nimport { IPKCEManager } from '../PKCEManager';\nimport {\n IHeadlessMagicLinksClient,\n MagicLinksAuthenticateOptions,\n MagicLinksAuthenticateResponse,\n MagicLinksLoginOrCreateOptions,\n MagicLinksLoginOrCreateResponse,\n MagicLinksSendOptions,\n MagicLinksSendResponse,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../public';\nimport { omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForEmailMagicLinks: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForEmailMagicLinks: false,\n});\n\nexport class HeadlessMagicLinksClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessMagicLinksClient<TProjectConfiguration>\n{\n email: {\n loginOrCreate: (email: string, options?: MagicLinksLoginOrCreateOptions) => Promise<ResponseCommon>;\n send: (email: string, options?: MagicLinksSendOptions) => Promise<ResponseCommon>;\n };\n\n authenticate: (\n token: string,\n options: MagicLinksAuthenticateOptions,\n ) => Promise<MagicLinksAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _passwordResetPKCEManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.email = {\n loginOrCreate: async (email: string, options: MagicLinksLoginOrCreateOptions = {}): Promise<ResponseCommon> => {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n\n let code_challenge: string | undefined = undefined;\n if (pkceRequiredForEmailMagicLinks) {\n code_challenge = await this.getCodeChallenge();\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...options,\n email,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n };\n return this._networkClient.retriableFetchSDK<MagicLinksLoginOrCreateResponse>({\n url: '/magic_links/email/login_or_create',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n\n send: async (email: string, options: MagicLinksSendOptions = {}): Promise<ResponseCommon> => {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n\n let code_challenge: string | undefined = undefined;\n if (pkceRequiredForEmailMagicLinks) {\n code_challenge = await this.getCodeChallenge();\n }\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...options,\n email,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n };\n const isLoggedIn = !!this._subscriptionService.getSession();\n\n const endpoint = isLoggedIn ? '/magic_links/email/send/secondary' : '/magic_links/email/send/primary';\n\n return this._networkClient.retriableFetchSDK<MagicLinksSendResponse>({\n url: endpoint,\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n };\n\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (token: string, options: MagicLinksAuthenticateOptions) => {\n validateInDev(\n 'stytch.magicLinks.authenticate',\n { token, ...options },\n {\n token: 'string',\n session_duration_minutes: 'number',\n },\n );\n\n // When a user resets their password with PKCE turned on, they create a pkPair in the 'passwords' namespace.\n // However, when the user gets the reset password email, they have the option to log in without a password.\n // This redirects them to the magic link authenticate flow, which automatically looks for the pkce code_verifier\n // in the 'magic_links' namespace, breaking the flow. Unfortunately we won't know for sure in the eml authenticate call\n // whether or not the user is coming from a password reset flow. To handle this, we have to try to authenticate with\n // both the 'passwords' and 'magic_links' code_verifiers.\n const passwordResetPKPair = await this._passwordResetPKCEManager.getPKPair();\n\n let resp: WithUser<MagicLinksAuthenticateResponse<TProjectConfiguration>> | null = null;\n\n if (passwordResetPKPair?.code_verifier) {\n try {\n resp = await this.handlePKCEForAuthenticate(this._passwordResetPKCEManager, { token, ...options });\n } catch (e) {\n if ((e as Error).message.includes('pkce')) {\n // If pkce-related error, fall back to magic links code_verifier\n // eslint-disable-next-line no-console\n console.log(\n 'Authenticate with passwords pkce namespace failed. Falling back to authenticate with magic_links namespace.',\n );\n } else {\n throw e;\n }\n }\n }\n\n if (!resp) {\n resp = await this.handlePKCEForAuthenticate(this._pkceManager, { token, ...options });\n }\n\n return omitUser(resp);\n },\n );\n }\n\n private async getCodeChallenge(): Promise<string> {\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n private async handlePKCEForAuthenticate(\n pkceManager: IPKCEManager,\n data: MagicLinksAuthenticateOptions & { token: string },\n ): Promise<WithUser<MagicLinksAuthenticateResponse<TProjectConfiguration>>> {\n const pkPair = await pkceManager.getPKPair();\n\n const requestBody = {\n code_verifier: pkPair?.code_verifier,\n ...data,\n };\n\n const resp = await this._networkClient.fetchSDK<WithUser<MagicLinksAuthenticateResponse<TProjectConfiguration>>>({\n url: '/magic_links/authenticate',\n body: requestBody,\n method: 'POST',\n });\n\n pkceManager.clearPKPair();\n\n return resp;\n }\n}\n","import { IConsumerSubscriptionService } from '..';\nimport { IDFPProtectedAuthProvider } from '../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../NetworkClient';\nimport { IPKCEManager } from '../PKCEManager';\nimport {\n IHeadlessPasswordClient,\n PasswordAuthenticateOptions,\n PasswordAuthenticateResponse,\n PasswordCreateOptions,\n PasswordCreateResponse,\n PasswordResetByEmailOptions,\n PasswordResetByEmailResponse,\n PasswordResetByEmailStartOptions,\n PasswordResetByEmailStartResponse,\n PasswordResetByExistingPasswordOptions,\n PasswordResetByExistingPasswordResponse,\n PasswordResetBySessionOptions,\n PasswordResetBySessionResponse,\n PasswordStrengthCheckOptions,\n PasswordStrengthCheckResponse,\n StytchProjectConfigurationInput,\n} from '../public';\nimport { omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForPasswordResets: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForPasswordResets: false,\n});\n\nexport class HeadlessPasswordClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessPasswordClient<TProjectConfiguration>\n{\n create: (options: PasswordCreateOptions) => Promise<PasswordCreateResponse<TProjectConfiguration>>;\n\n authenticate: (options: PasswordAuthenticateOptions) => Promise<PasswordAuthenticateResponse<TProjectConfiguration>>;\n\n resetByEmail: (options: PasswordResetByEmailOptions) => Promise<PasswordResetByEmailResponse<TProjectConfiguration>>;\n\n resetByExistingPassword: (\n options: PasswordResetByExistingPasswordOptions,\n ) => Promise<PasswordResetByExistingPasswordResponse<TProjectConfiguration>>;\n\n resetBySession: (\n options: PasswordResetBySessionOptions,\n ) => Promise<PasswordResetBySessionResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.create = this._subscriptionService.withUpdateSession(\n async (options: PasswordCreateOptions): Promise<PasswordCreateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.create', options, {\n password: 'string',\n email: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordCreateResponse<TProjectConfiguration>>\n >({\n url: '/passwords',\n method: 'POST',\n body: {\n email: options.email,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (options: PasswordAuthenticateOptions): Promise<PasswordAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.authenticate', options, {\n password: 'string',\n email: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordAuthenticateResponse<TProjectConfiguration>>\n >({\n url: '/passwords/authenticate',\n method: 'POST',\n body: {\n email: options.email,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n\n this.resetByEmail = this._subscriptionService.withUpdateSession(\n async (options: PasswordResetByEmailOptions): Promise<PasswordResetByEmailResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByEmail', options, {\n token: 'string',\n password: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordResetByEmailResponse<TProjectConfiguration>>\n >({\n url: '/passwords/email/reset',\n method: 'POST',\n body: {\n token: options.token,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n code_verifier,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return omitUser(resp);\n },\n );\n\n this.resetByExistingPassword = this._subscriptionService.withUpdateSession(\n async (\n options: PasswordResetByExistingPasswordOptions,\n ): Promise<PasswordResetByExistingPasswordResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByExistingPassword', options, {\n email: 'string',\n existing_password: 'string',\n new_password: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordResetByExistingPasswordResponse<TProjectConfiguration>>\n >({\n url: '/passwords/existing_password/reset',\n method: 'POST',\n body: {\n email: options.email,\n existing_password: options.existing_password,\n new_password: options.new_password,\n session_duration_minutes: options.session_duration_minutes,\n dfp_telemetry_id,\n captcha_token,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n\n this.resetBySession = this._subscriptionService.withUpdateSession(\n async (\n options: PasswordResetBySessionOptions,\n ): Promise<PasswordResetBySessionResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetBySession', options, {\n password: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<PasswordResetBySessionResponse<TProjectConfiguration>>({\n url: '/passwords/session/reset',\n method: 'POST',\n body: {\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n dfp_telemetry_id,\n captcha_token,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForPasswordResets } = await this._config;\n if (!pkceRequiredForPasswordResets) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n async resetByEmailStart(options: PasswordResetByEmailStartOptions): Promise<PasswordResetByEmailStartResponse> {\n validateInDev('stytch.passwords.resetByEmailStart', options, {\n email: 'string',\n login_redirect_url: 'optionalString',\n reset_password_redirect_url: 'optionalString',\n reset_password_template_id: 'optionalString',\n reset_password_expiration_minutes: 'optionalNumber',\n locale: 'optionalString',\n });\n\n const code_challenge = await this.getCodeChallenge();\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<PasswordResetByEmailStartResponse>({\n url: '/passwords/email/reset/start',\n method: 'POST',\n body: {\n email: options.email,\n login_redirect_url: options.login_redirect_url,\n reset_password_redirect_url: options.reset_password_redirect_url,\n reset_password_expiration_minutes: options.reset_password_expiration_minutes,\n reset_password_template_id: options.reset_password_template_id,\n locale: options.locale,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n }\n\n async strengthCheck(options: PasswordStrengthCheckOptions): Promise<PasswordStrengthCheckResponse> {\n validateInDev('stytch.passwords.strengthCheck', options, {\n email: 'optionalString',\n password: 'string',\n });\n\n return this._networkClient.fetchSDK<PasswordStrengthCheckResponse>({\n url: '/passwords/strength_check',\n method: 'POST',\n body: {\n email: options.email,\n password: options.password,\n },\n });\n }\n}\n","import { MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING } from '../constants';\nimport { ErrorMarshaller } from '../ErrorMarshaller';\nimport { logger } from '../utils';\n\ntype RequestPayload = {\n method: string;\n args: unknown[];\n};\n\ntype ResponsePayload<T> = {\n success: boolean;\n payload: T;\n error: Record<string, unknown>;\n};\n\nexport class IframeHostClient {\n frame!: Promise<HTMLIFrameElement>;\n\n constructor(private iframeURL: string) {\n this.createIframe();\n }\n\n private createIframe() {\n let existingIframe = document.querySelector(`[src~=\"${this.iframeURL}\"]`) as HTMLIFrameElement;\n\n /* If an iframe does not exist yet, create one */\n if (!existingIframe) {\n existingIframe = document.createElement('iframe');\n existingIframe.src = this.iframeURL;\n existingIframe.style.position = 'absolute';\n existingIframe.style.width = '0';\n existingIframe.style.height = '0';\n existingIframe.style.border = '0';\n existingIframe.role = 'none';\n document.body.appendChild(existingIframe);\n } else {\n logger.warn(MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING);\n }\n\n /**\n * [NASTY BUG]\n * If we postMessage to an iframe that is _not yet loaded_, chrome will give a cryptic error message\n * Failed to execute 'postMessage' on 'DOMWindow':\n * The target origin provided ('https://js.stytch.com') does not match the recipient window's origin ('http://localhost:3000').\n * There is no builtin way to determine if an iframe is already loaded,\n * so we set a dataset attr in our onload handler and use that to determine loading state\n */\n if (existingIframe.dataset.loaded === 'true') {\n this.frame = Promise.resolve(existingIframe);\n return;\n }\n\n this.frame = new Promise((resolve) => {\n existingIframe.addEventListener(\n 'load',\n () => {\n existingIframe.dataset.loaded = 'true';\n resolve(existingIframe);\n },\n { once: true },\n );\n });\n }\n\n async call<T>(method: string, args: unknown[]): Promise<T> {\n const frame = await this.frame;\n const channel = new MessageChannel();\n\n return new Promise((resolve, reject) => {\n channel.port1.onmessage = (event) => {\n const resp = event.data as ResponsePayload<T>;\n channel.port1.close();\n if (resp.success) {\n resolve(resp.payload);\n } else {\n reject(ErrorMarshaller.unmarshall(resp.error));\n }\n };\n\n const message: RequestPayload = {\n method,\n args,\n };\n\n frame.contentWindow?.postMessage(message, this.iframeURL, [channel.port2]);\n });\n }\n}\n","import { IDFPProtectedAuthProvider } from './DFPProtectedAuthProvider';\nimport { INetworkClient } from './NetworkClient';\nimport { Member, ResponseCommon } from './public';\n\ntype UserSearchData = ResponseCommon & {\n userType: 'new' | 'passwordless' | 'password';\n};\n\nexport type InternalMember = Pick<Member, 'status' | 'name' | 'member_password_id'>;\n\nexport type MemberSearchData = ResponseCommon & { member: InternalMember | null };\n\nexport interface ISearchData {\n searchUser: (email: string) => Promise<UserSearchData>;\n searchMember: (email: string, organization_id: string) => Promise<MemberSearchData>;\n}\n\nexport class SearchDataManager implements ISearchData {\n constructor(\n private _networkClient: INetworkClient,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {}\n\n searchUser(email: string): Promise<UserSearchData> {\n return this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha().then(({ dfp_telemetry_id, captcha_token }) => {\n return this._networkClient.fetchSDK<UserSearchData>({\n url: `/users/search`,\n method: 'POST',\n body: { email, dfp_telemetry_id, captcha_token },\n });\n });\n }\n\n searchMember(email: string, organization_id: string): Promise<MemberSearchData> {\n return this._networkClient.fetchSDK<MemberSearchData>({\n url: `/b2b/organizations/members/search`,\n method: 'POST',\n body: { email_address: email, organization_id },\n });\n }\n}\n","import { MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING } from './constants';\nimport {\n B2BState,\n ConsumerState,\n IHeadlessB2BSessionClient,\n IHeadlessSessionClient,\n SessionAuthenticateOptions,\n StytchProjectConfigurationInput,\n UNRECOVERABLE_ERROR_TYPES,\n} from './public';\nimport { shouldTryRefresh } from './shouldTryRefresh';\nimport { IB2BSubscriptionService, IConsumerSubscriptionService } from './SubscriptionService';\nimport { SessionUpdateOptions } from './types';\nimport { logger } from './utils';\n\nclass SessionManagerRegistry {\n private hasWarned = false;\n\n private registry = new Map<string, ISessionManager>();\n\n public register(key: string, sessionManager: ISessionManager) {\n const otherManager = this.registry.get(key);\n\n // If there appears to be another registered session manager, issue a\n // warning and cancel its background refresh in favor the newer registration\n if (otherManager && otherManager !== sessionManager) {\n if (!this.hasWarned) {\n logger.warn(MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING);\n this.hasWarned = true;\n }\n otherManager.cancelBackgroundRefresh();\n }\n this.registry.set(key, sessionManager);\n }\n\n public unregister(publicToken: string, sessionManager: ISessionManager) {\n const otherManager = this.registry.get(publicToken);\n if (otherManager && otherManager === sessionManager) {\n this.registry.delete(publicToken);\n }\n }\n}\n\nexport interface ISessionManager {\n performBackgroundRefresh: () => void;\n cancelBackgroundRefresh: () => void;\n}\n\nexport class SessionManager<TProjectConfiguration extends StytchProjectConfigurationInput> implements ISessionManager {\n // Three minutes\n private static REFRESH_INTERVAL_MS = 1000 * 60 * 3;\n // When testing - it's often more useful to set to a shorter duration\n // private static REFRESH_INTERVAL_MS = 1000 * 3;\n\n private timeout: ReturnType<typeof setTimeout> | null = null;\n\n /** In minutes */\n private lastAuthenticationSessionDuration: number | undefined;\n\n private static registry = new SessionManagerRegistry();\n\n private register() {\n SessionManager.registry.register(this._publicToken, this);\n }\n\n private unregister() {\n SessionManager.registry.unregister(this._publicToken, this);\n }\n\n constructor(\n private _subscriptionService:\n | IConsumerSubscriptionService<TProjectConfiguration>\n | IB2BSubscriptionService<TProjectConfiguration>,\n private _headlessSessionClient:\n | IHeadlessSessionClient<TProjectConfiguration>\n | IHeadlessB2BSessionClient<TProjectConfiguration>,\n private _publicToken: string,\n private _options: { keepSessionAlive?: boolean },\n ) {\n this._subscriptionService.subscribeToState(this._onDataChange);\n }\n\n /**\n * The core logic of the session refresh recursive trampoline\n * - Refreshes the currently issued session\n * - Schedules a future refresh if successful\n */\n performBackgroundRefresh() {\n logger.debug('performing background refresh at ', Date.now());\n this._reauthenticateWithBackoff()\n .then(() => {\n this.scheduleBackgroundRefresh();\n })\n .catch((error: unknown) => {\n logger.warn('Session background refresh failed. Signalling to app that user is logged out.', { error });\n this._subscriptionService.destroySession();\n });\n }\n\n private scheduleBackgroundRefresh() {\n /* Highlander rules - there can only ever be one */\n this.cancelBackgroundRefresh();\n this.register();\n logger.debug('Scheduling bg refresh', Date.now());\n this.timeout = setTimeout(() => {\n this.performBackgroundRefresh();\n }, SessionManager.REFRESH_INTERVAL_MS);\n }\n\n cancelBackgroundRefresh() {\n if (this.timeout !== null) {\n this.unregister();\n logger.debug('Cancelling bg refresh', Date.now());\n clearTimeout(this.timeout);\n this.timeout = null;\n }\n }\n\n /**\n * We need to listen to a few types of events:\n * - If the user logs in via invoking a .authenticate() call, we should start the background worker\n * - If the user steps up their authentication via another .authenticate call(), we should restart the background worker\n * - If the user logs out, we should terminate the worker\n * - We should ignore session changes that we ourselves caused - so if we already have a timeout, leave it be!\n */\n private _onDataChange = (\n state: (ConsumerState & SessionUpdateOptions) | (B2BState & SessionUpdateOptions) | null,\n ) => {\n if (state != null && state.sessionDurationMinutes) {\n this.lastAuthenticationSessionDuration = state.sessionDurationMinutes;\n }\n\n if (shouldTryRefresh(state)) {\n this.scheduleBackgroundRefresh();\n } else {\n this.cancelBackgroundRefresh();\n }\n };\n\n // In cases where we cannot get a satisfactory request:\n // - Stytch is hard-down\n // - The user's network is disconnected for an extended period of time\n // we will continue to retry every 4 minutes ad infinum\n private _reauthenticateWithBackoff = async () => {\n let count = 0;\n while (true) {\n try {\n const options: SessionAuthenticateOptions = {\n session_duration_minutes: this._options.keepSessionAlive ? this.lastAuthenticationSessionDuration : undefined,\n };\n\n return await this._headlessSessionClient.authenticate(options);\n } catch (err) {\n if (SessionManager.isUnrecoverableError(err)) {\n return Promise.reject(err);\n }\n count++;\n await new Promise((done) => setTimeout(done, SessionManager.timeoutForAttempt(count)));\n }\n }\n };\n\n // We start with a backoff of 2000ms and increase exponentially to ~4 minutes (+/- 175 ms for jitter)\n // A short backoff initially helps increase the chance that we refresh the session before the JWT expires\n static timeoutForAttempt(count: number) {\n count = Math.min(count, 7);\n const jitter = Math.floor(Math.random() * 350) - 175;\n const delayMS = 2000 * 2 ** count;\n return jitter + delayMS;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n static isUnrecoverableError(error: any) {\n return UNRECOVERABLE_ERROR_TYPES.includes(error.error_type);\n }\n}\n","import { B2BState, ConsumerState } from './public';\n\n// We should try refreshing the session if there exists a cached session in\n// state that might be stale. Otherwise, we know there is no session, so there's\n// no need.\nexport const shouldTryRefresh = <T extends ConsumerState | B2BState>(state: T | null) => !!state?.session;\n","import { UnsubscribeFunction } from './public';\nimport { ISubscriptionService } from './SubscriptionService';\nimport { AllowedOpaqueTokens } from './typeConfig';\n\ntype DeepReadonly<T> = {\n readonly [P in keyof T]: DeepReadonly<T[P]>;\n};\n\nexport type StateChangeHandler<T> = (state: DeepReadonly<T>) => void;\nexport type StateChangeRegisterFunction<T> = (callback: StateChangeHandler<T>) => UnsubscribeFunction;\n\nexport class StateChangeClient<T> {\n constructor(\n private readonly _subscriptionService: ISubscriptionService<T | null, AllowedOpaqueTokens>,\n private readonly emptyState: T,\n ) {}\n\n public onStateChange: StateChangeRegisterFunction<T> = (callback) => {\n return this._subscriptionService.subscribeToState((state) => {\n callback(state ?? this.emptyState);\n });\n };\n}\n","import { cannotInvokeMethodOnServerError } from '../utils/errors';\n\nconst SSRStubKey = Symbol('__stytch_SSRStubKey');\n\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport const isStytchSSRProxy = (proxy: any): boolean => {\n return !!proxy[SSRStubKey];\n};\n\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nconst createProxy = (path: string): any => {\n // eslint-disable-next-line @typescript-eslint/no-empty-function\n const noop = () => {};\n return new Proxy(noop, {\n get(target, p) {\n if ((p as symbol) === SSRStubKey) {\n return true;\n }\n return createProxy(path + '.' + String(p));\n },\n apply() {\n throw new Error(cannotInvokeMethodOnServerError(path));\n },\n });\n};\n\n// Exported for testing\nexport const createStytchSSRProxy = () => createProxy('stytch');\n\nexport function ssrSafeClientFactory<Args extends unknown[], T>(ClientConstructor: new (...args: Args) => T) {\n return (...args: Args): T => {\n if (typeof window === 'undefined') {\n return createStytchSSRProxy();\n }\n\n return new ClientConstructor(...args);\n };\n}\n","// The strings in this file are only for developers\n/* eslint-disable lingui/no-unlocalized-strings */\n\nimport { RUN_IN_DEV } from '@stytch/core';\n\nexport function serverRenderError(name: string) {\n RUN_IN_DEV(() => {\n if (typeof window === 'undefined') {\n throw new Error(\n `<${name} /> cannot be rendered on the server. If you are using Next.js, use the @stytch/nextjs package or 'use client' directives`,\n );\n }\n });\n}\n\nexport const noProviderError = (item: string, provider = 'StytchProvider'): string =>\n `${item} can only be used inside <${provider}>.`;\n\nexport const providerMustBeUniqueError = 'You cannot render a <StytchProvider> inside another <StytchProvider>.';\n\nexport const cannotInvokeMethodOnServerError = (path: string) =>\n process.env.NODE_ENV === 'production'\n ? `[Stytch] Invalid server-side function call to ${path}`\n : `[Stytch] Invalid server-side function call to ${path}.\nThe Stytch JavaScript SDK is intended to only be used on the client side.\nMake sure to wrap your API calls in a hook to ensure they are executed on the client.\n\n\\`\\`\\`\nconst myComponent = () => {\n const stytch = useStytch();\n // This will error out on the server.\n stytch.magicLinks.authenticate(...);\n useEffect(() => {\n // This will work well\n stytch.magicLinks.authenticate(...);\n }, []);\n}\n\\`\\`\\`\n\nIf you want to make API calls from server environments, please use the Stytch Node Library\nhttps://www.npmjs.com/package/stytch.`;\n","import { BootstrapData, DFPProtectedAuthMode, INetworkClient, logger, RBACPolicyRaw, Vertical } from '@stytch/core';\n\nimport { B2BSubscriptionDataLayer, ConsumerSubscriptionDataLayer } from './SubscriptionService';\n\nexport interface IBootstrapData {\n getSync: () => BootstrapData;\n getAsync: () => Promise<BootstrapData>;\n}\n\ninterface RawBootstrapData {\n request_id: string;\n project_name: string;\n status_code: number;\n disable_sdk_watermark: boolean;\n cname_domain: string | null;\n email_domains: string[];\n captcha_settings: BootstrapData['captchaSettings'];\n pkce_required_for_email_magic_links: boolean;\n pkce_required_for_password_resets: boolean;\n pkce_required_for_oauth: boolean;\n pkce_required_for_sso: boolean;\n slug_pattern: string | null;\n create_organization_enabled: boolean;\n password_config: { luds_complexity: number; luds_minimum_count: number } | null;\n dfp_protected_auth_enabled?: boolean;\n dfp_protected_auth_mode?: DFPProtectedAuthMode;\n rbac_policy?: RBACPolicyRaw;\n siwe_required_for_crypto_wallets: boolean;\n vertical: Vertical;\n}\n\nconst BOOTSTRAP_CACHE_KEY = 'bootstrap';\nconst DEFAULT_BOOTSTRAP = (): BootstrapData => ({\n displayWatermark: false,\n projectName: null,\n cnameDomain: null,\n emailDomains: ['stytch.com'],\n captchaSettings: { enabled: false },\n pkceRequiredForEmailMagicLinks: false,\n pkceRequiredForPasswordResets: false,\n pkceRequiredForOAuth: false,\n pkceRequiredForSso: false,\n slugPattern: null,\n createOrganizationEnabled: false,\n passwordConfig: null,\n runDFPProtectedAuth: false,\n rbacPolicy: null,\n siweRequiredForCryptoWallets: false,\n vertical: null,\n});\n\nexport class BootstrapDataManager implements IBootstrapData {\n private readonly _bootstrapDataPromise: Promise<BootstrapData>;\n\n constructor(\n private _publicToken: string,\n private _networkClient: INetworkClient,\n private _dataLayer: ConsumerSubscriptionDataLayer | B2BSubscriptionDataLayer,\n ) {\n // TODO: Push the async version of this into @stytch/core\n // for RN to use, have getSync throw a NotImplementedError\n // and inherit it to create a sync one here?\n this._bootstrapDataPromise = this._networkClient\n .fetchSDK<RawBootstrapData>({\n url: `/projects/bootstrap/${this._publicToken}`,\n method: 'GET',\n })\n .then(BootstrapDataManager.mapBootstrapData)\n .then((data) => {\n this._dataLayer.setItem(BOOTSTRAP_CACHE_KEY, JSON.stringify(data));\n return data;\n })\n .catch((error: unknown) => {\n logger.error(error);\n return DEFAULT_BOOTSTRAP();\n });\n }\n\n static mapBootstrapData(response: RawBootstrapData): BootstrapData {\n const passwordConfig =\n response.password_config !== null\n ? {\n ludsComplexity: response.password_config.luds_complexity,\n ludsMinimumCount: response.password_config.luds_minimum_count,\n }\n : null;\n\n return {\n projectName: response.project_name,\n displayWatermark: !response.disable_sdk_watermark,\n captchaSettings: response.captcha_settings,\n cnameDomain: response.cname_domain,\n emailDomains: response.email_domains,\n\n pkceRequiredForEmailMagicLinks: response.pkce_required_for_email_magic_links,\n pkceRequiredForPasswordResets: response.pkce_required_for_password_resets,\n pkceRequiredForOAuth: response.pkce_required_for_oauth,\n pkceRequiredForSso: response.pkce_required_for_sso,\n slugPattern: response.slug_pattern,\n createOrganizationEnabled: response.create_organization_enabled,\n passwordConfig,\n runDFPProtectedAuth: response.dfp_protected_auth_enabled ?? false,\n dfpProtectedAuthMode: response.dfp_protected_auth_mode,\n rbacPolicy: response.rbac_policy ?? null,\n siweRequiredForCryptoWallets: response.siwe_required_for_crypto_wallets,\n vertical: response.vertical,\n };\n }\n\n getSync(): BootstrapData {\n const cached = this._dataLayer.getItem(BOOTSTRAP_CACHE_KEY);\n if (cached === null) {\n return DEFAULT_BOOTSTRAP();\n }\n try {\n return JSON.parse(cached) as BootstrapData;\n } catch {\n return DEFAULT_BOOTSTRAP();\n }\n }\n\n getAsync(): Promise<BootstrapData> {\n return this._bootstrapDataPromise;\n }\n}\n","import { BootstrapData, loadESModule } from '@stytch/core';\n\nconst loadRecaptchaClient = (siteKey: string) =>\n loadESModule(`https://www.google.com/recaptcha/enterprise.js?render=${siteKey}`, () => window.grecaptcha.enterprise);\n\ntype CaptchaState =\n | { configured: true; captchaClient: ReCaptchaV2.ReCaptcha; siteKey: string }\n | { configured: false; captchaClient: undefined; siteKey: undefined };\n\nexport class CaptchaProvider {\n private state: Promise<CaptchaState>;\n constructor(private bootstrapPromise: Promise<BootstrapData>) {\n this.state = bootstrapPromise.then(async (bootstrapData) => {\n if (!bootstrapData.captchaSettings.enabled) {\n return { configured: false };\n }\n return {\n configured: true,\n captchaClient: await loadRecaptchaClient(bootstrapData.captchaSettings.siteKey),\n siteKey: bootstrapData.captchaSettings.siteKey,\n };\n });\n }\n\n executeRecaptcha = async () => {\n const { captchaClient, configured, siteKey } = await this.state;\n if (!configured) {\n return undefined;\n }\n await new Promise<void>((resolve) => captchaClient.ready(resolve));\n return captchaClient.execute(siteKey, {\n action: 'LOGIN',\n });\n };\n}\n","import { IframeHostClient, RPCManifest } from '@stytch/core';\n\nexport class ClientsideServicesProvider implements RPCManifest {\n private _frameClient: IframeHostClient | undefined;\n constructor(private iframeURL: string) {}\n\n /**\n * The frameClient is lazily initialized - we don't want to force users\n * that don't use any of its features to still download the bundle!\n * @private\n */\n private get frameClient(): IframeHostClient {\n this._frameClient = this._frameClient ?? new IframeHostClient(this.iframeURL);\n return this._frameClient;\n }\n\n private call<T, U>(handlerName: string, req: T): Promise<U> {\n return this.frameClient.call<U>(handlerName, [req]);\n }\n\n oneTapStart: RPCManifest['oneTapStart'] = (req) => this.call('oneTapStart', req);\n oneTapSubmit: RPCManifest['oneTapSubmit'] = (req) => this.call('oneTapSubmit', req);\n parsedPhoneNumber: RPCManifest['parsedPhoneNumber'] = (req) => this.call('parsedPhoneNumber', req);\n getExamplePhoneNumber: RPCManifest['getExamplePhoneNumber'] = (req) => this.call('getExamplePhoneNumber', req);\n}\n","import {\n AdditionalTelemetryData,\n baseFetchSDK,\n baseSubmitFormSDK,\n createAppSessionId,\n createEventId,\n createPersistentId,\n DEFAULT_INTERVAL_DURATION_MS,\n DEFAULT_MAX_BATCH_SIZE,\n EventLogger,\n INetworkClient,\n isTestPublicToken,\n retriableFetchSDK,\n RetriableSDKRequestInfo,\n SDKRequestInfo,\n SDKTelemetry,\n} from '@stytch/core';\nimport { ResponseCommon } from '@stytch/core/public';\n\nimport { version as PACKAGE_VERSION } from '../package.json';\nimport { B2BSubscriptionDataLayer, ConsumerSubscriptionDataLayer } from './SubscriptionService';\n\nexport class NetworkClient implements INetworkClient {\n private eventLogger: EventLogger;\n private readonly baseURL: string;\n\n constructor(\n private _publicToken: string,\n private _subscriptionDataLayer: ConsumerSubscriptionDataLayer | B2BSubscriptionDataLayer,\n _liveAPIURL: string,\n _testAPIURL: string,\n private additionalTelemetryDataFn: () => AdditionalTelemetryData,\n ) {\n this.baseURL = _liveAPIURL;\n if (isTestPublicToken(_publicToken)) {\n this.baseURL = _testAPIURL;\n }\n this.eventLogger = new EventLogger({\n maxBatchSize: DEFAULT_MAX_BATCH_SIZE,\n intervalDurationMs: DEFAULT_INTERVAL_DURATION_MS,\n logEventURL: this.buildSDKUrl('/events'),\n });\n }\n\n // @deprecated Use the new sessions.updateSession() method instead\n updateSessionToken = () => {\n return null;\n };\n\n logEvent({\n name,\n details,\n error = {},\n }: {\n name: string;\n details: Record<string, unknown>;\n error?: { error_code?: string; error_description?: string; http_status_code?: string };\n }): void {\n this.eventLogger.logEvent(this.createTelemetryBlob(), {\n public_token: this._publicToken,\n event_name: name,\n details: details,\n\n // Error fields\n error_code: error.error_code,\n error_description: error.error_description,\n http_status_code: error.http_status_code,\n });\n }\n\n createTelemetryBlob(): SDKTelemetry {\n return {\n event_id: createEventId(),\n // TODO: These should be persisted somewhere, not generated per request\n app_session_id: createAppSessionId(),\n persistent_id: createPersistentId(),\n\n client_sent_at: new Date().toISOString(),\n timezone: Intl.DateTimeFormat().resolvedOptions().timeZone,\n\n // Logged in data\n // This gets passed into the constructor from StytchClient or StytchB2BClient\n // We pass in the user & session id when the Consumer SDK is being used and member & session id\n // when the B2B SDK is being used.\n\n // Why don't we generate this from the session_token in the auth header?\n // - We don't want to tie analytics ingest to session validation. There's no need to put\n // that kind of pressure on API, and ingest could be moved to somewhere that doesn't\n // have the ability to validate tokens\n // - For bulk event batches, we want to keep track of whether or not a user was logged\n // in at each event. If we have 10 events, the user logs in at event 5, then they'll have\n // a token when they log the batch, but we want to know that they were not logged in for the\n // first 4 events\n ...this.additionalTelemetryDataFn(),\n\n // Versioning\n app: {\n identifier: window.location.hostname,\n },\n sdk: {\n // TODO: Pull these from package.json when there is a package\n // eslint-disable-next-line lingui/no-unlocalized-strings\n identifier: 'Stytch.js Javascript SDK',\n version: PACKAGE_VERSION,\n },\n };\n }\n\n async fetchSDK<T extends ResponseCommon>({ url, body, method }: SDKRequestInfo): Promise<T> {\n const sessionToken = this._subscriptionDataLayer.readSessionCookie().session_token;\n const basicAuthHeader = 'Basic ' + window.btoa(this._publicToken + ':' + (sessionToken || this._publicToken));\n const xSDKClientHeader = window.btoa(JSON.stringify(this.createTelemetryBlob()));\n const xSDKParentHostHeader = window.location.origin;\n\n return baseFetchSDK<T>({\n basicAuthHeader,\n body,\n finalURL: this.buildSDKUrl(url),\n method,\n xSDKClientHeader,\n xSDKParentHostHeader,\n });\n }\n\n async submitFormSDK({ url, body, method }: SDKRequestInfo): Promise<void> {\n const sessionToken = this._subscriptionDataLayer.readSessionCookie().session_token;\n const basicAuthHeader = 'Basic ' + window.btoa(this._publicToken + ':' + (sessionToken || this._publicToken));\n const xSDKClientHeader = window.btoa(JSON.stringify(this.createTelemetryBlob()));\n const xSDKParentHostHeader = window.location.origin;\n\n return baseSubmitFormSDK({\n basicAuthHeader,\n body,\n finalURL: this.buildSDKUrl(url),\n method,\n xSDKClientHeader,\n xSDKParentHostHeader,\n });\n }\n\n async retriableFetchSDK<T extends ResponseCommon>({\n url,\n body,\n method,\n retryCallback,\n }: RetriableSDKRequestInfo): Promise<T> {\n const sessionToken = this._subscriptionDataLayer.readSessionCookie().session_token;\n const basicAuthHeader = 'Basic ' + window.btoa(this._publicToken + ':' + (sessionToken || this._publicToken));\n const xSDKClientHeader = window.btoa(JSON.stringify(this.createTelemetryBlob()));\n const xSDKParentHostHeader = window.location.origin;\n\n return retriableFetchSDK<T>({\n basicAuthHeader,\n body,\n finalURL: this.buildSDKUrl(url),\n method,\n xSDKClientHeader,\n xSDKParentHostHeader,\n retryCallback,\n });\n }\n\n buildSDKUrl(url: string): string {\n // eslint-disable-next-line lingui/no-unlocalized-strings\n return `${this.baseURL}/sdk/v1${url}`;\n }\n}\n","import { ISyncPKCEManager, logger, ProofkeyPair } from '@stytch/core';\n\nimport { B2BSubscriptionDataLayer, ConsumerSubscriptionDataLayer } from './SubscriptionService';\n\nconst PKCE_VERIFIER_STORAGE_KEY = 'PKCE_VERIFIER' as const;\n\nfunction toHex(n: number): string {\n let str = n.toString(16);\n if (str.length === 1) {\n str = '0' + str;\n }\n return str;\n}\n\nfunction base64URLEncode(buf: ArrayBuffer) {\n // Convert the ArrayBuffer to string using Uint8 array.\n // btoa takes chars from 0-255 and base64 encodes.\n // Then convert the base64 encoded to base64url encoded.\n // (replace + with -, replace / with _, trim trailing =)\n return btoa(String.fromCharCode.call(null, ...new Uint8Array(buf)))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '');\n}\n\nexport class PKCEManager implements ISyncPKCEManager {\n constructor(\n private _dataLayer: ConsumerSubscriptionDataLayer | B2BSubscriptionDataLayer,\n private namespace: string,\n ) {}\n\n private key() {\n return `${PKCE_VERIFIER_STORAGE_KEY}:${this.namespace}` as const;\n }\n\n async startPKCETransaction(): Promise<ProofkeyPair> {\n const keyPair = await PKCEManager.createProofkeyPair();\n this._dataLayer.setItem(this.key(), JSON.stringify(keyPair));\n return keyPair;\n }\n\n getPKPair(): ProofkeyPair | undefined {\n const serialized = this._dataLayer.getItem(this.key());\n if (serialized === null) {\n return undefined;\n }\n try {\n return JSON.parse(serialized) as ProofkeyPair;\n } catch {\n logger.warn('Found malformed Proof Key pair in localstorage.');\n return undefined;\n }\n }\n\n clearPKPair(): void {\n return this._dataLayer.removeItem(this.key());\n }\n\n static async createProofkeyPair(): Promise<ProofkeyPair> {\n const bytes = new Uint32Array(16);\n window.crypto.getRandomValues(bytes);\n const codeVerifier = Array.from(bytes).map(toHex).join('');\n\n const digest = await window.crypto.subtle.digest('SHA-256', new TextEncoder().encode(codeVerifier));\n\n return {\n code_challenge: base64URLEncode(digest),\n code_verifier: codeVerifier,\n };\n }\n}\n","/*! js-cookie v3.0.1 | MIT */\n/* eslint-disable no-var */\nfunction assign (target) {\n for (var i = 1; i < arguments.length; i++) {\n var source = arguments[i];\n for (var key in source) {\n target[key] = source[key];\n }\n }\n return target\n}\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\nvar defaultConverter = {\n read: function (value) {\n if (value[0] === '\"') {\n value = value.slice(1, -1);\n }\n return value.replace(/(%[\\dA-F]{2})+/gi, decodeURIComponent)\n },\n write: function (value) {\n return encodeURIComponent(value).replace(\n /%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,\n decodeURIComponent\n )\n }\n};\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\n\nfunction init (converter, defaultAttributes) {\n function set (key, value, attributes) {\n if (typeof document === 'undefined') {\n return\n }\n\n attributes = assign({}, defaultAttributes, attributes);\n\n if (typeof attributes.expires === 'number') {\n attributes.expires = new Date(Date.now() + attributes.expires * 864e5);\n }\n if (attributes.expires) {\n attributes.expires = attributes.expires.toUTCString();\n }\n\n key = encodeURIComponent(key)\n .replace(/%(2[346B]|5E|60|7C)/g, decodeURIComponent)\n .replace(/[()]/g, escape);\n\n var stringifiedAttributes = '';\n for (var attributeName in attributes) {\n if (!attributes[attributeName]) {\n continue\n }\n\n stringifiedAttributes += '; ' + attributeName;\n\n if (attributes[attributeName] === true) {\n continue\n }\n\n // Considers RFC 6265 section 5.2:\n // ...\n // 3. If the remaining unparsed-attributes contains a %x3B (\";\")\n // character:\n // Consume the characters of the unparsed-attributes up to,\n // not including, the first %x3B (\";\") character.\n // ...\n stringifiedAttributes += '=' + attributes[attributeName].split(';')[0];\n }\n\n return (document.cookie =\n key + '=' + converter.write(value, key) + stringifiedAttributes)\n }\n\n function get (key) {\n if (typeof document === 'undefined' || (arguments.length && !key)) {\n return\n }\n\n // To prevent the for loop in the first place assign an empty array\n // in case there are no cookies at all.\n var cookies = document.cookie ? document.cookie.split('; ') : [];\n var jar = {};\n for (var i = 0; i < cookies.length; i++) {\n var parts = cookies[i].split('=');\n var value = parts.slice(1).join('=');\n\n try {\n var foundKey = decodeURIComponent(parts[0]);\n jar[foundKey] = converter.read(value, foundKey);\n\n if (key === foundKey) {\n break\n }\n } catch (e) {}\n }\n\n return key ? jar[key] : jar\n }\n\n return Object.create(\n {\n set: set,\n get: get,\n remove: function (key, attributes) {\n set(\n key,\n '',\n assign({}, attributes, {\n expires: -1\n })\n );\n },\n withAttributes: function (attributes) {\n return init(this.converter, assign({}, this.attributes, attributes))\n },\n withConverter: function (converter) {\n return init(assign({}, this.converter, converter), this.attributes)\n }\n },\n {\n attributes: { value: Object.freeze(defaultAttributes) },\n converter: { value: Object.freeze(converter) }\n }\n )\n}\n\nvar api = init(defaultConverter, { path: '/' });\n/* eslint-enable no-var */\n\nexport default api;\n","import {\n EmailMagicLinksOptions,\n MagicLinksLoginOrCreateOptions,\n PasswordOptions,\n PasswordResetByEmailStartOptions,\n} from '@stytch/core/public';\n\n// You can't actually validate email just from regex. RFC 5322 is pretty complex and there are some *wild*\n// rules that we would never really expect to handle, but are technically valid like:\n// 1. Emails can contain comments -> cursed(comment)@example.com\n// 2. Emails can contain symbols -> cursed{email}@example.com != cursedemail@example.com\n// 3. Dots are allowed, but not consecutively -> ab.cd@example.com is okay, but not ab..cd@example.com\n// 4. ... unless quoted -> \"ab..cd\"@example.com is okay\n// because yes, emails can also contain quotes\n// but then they *can't* contain comments\n// 5. Emails can also consist of spaces and tabs if you use quoting\n//\n// TL;DR: it's really complicated. I once heard a joke that the only real way to validate an email is to check\n// for the presence of an @ symbol and then see if you can send an email without it bouncing. Anyway, the below\n// regex *attempts* to make some limitations on the regex to help end-users while not being overly constrained.\n// We relaxed it as part of https://linear.app/stytch/issue/OBACK-583/email-pattern-bug-in-fe-sdk if you want some\n// historical context here.\nexport const EMAIL_REGEX = /^[a-zA-Z0-9!#$%&'*+/=?^_`{|}~.-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$/;\n\nexport const convertMagicLinkOptions = (options: EmailMagicLinksOptions = {}): MagicLinksLoginOrCreateOptions => ({\n signup_magic_link_url: options.signupRedirectURL,\n signup_expiration_minutes: options.signupExpirationMinutes,\n login_magic_link_url: options.loginRedirectURL,\n login_expiration_minutes: options.loginExpirationMinutes,\n login_template_id: options.loginTemplateId,\n signup_template_id: options.signupTemplateId,\n locale: options.locale,\n});\n\nexport const convertPasswordResetOptions = (\n email: string,\n options: PasswordOptions = {},\n): PasswordResetByEmailStartOptions => ({\n email: email,\n login_redirect_url: options.loginRedirectURL,\n login_expiration_minutes: options.loginExpirationMinutes,\n reset_password_redirect_url: options.resetPasswordRedirectURL,\n reset_password_expiration_minutes: options.resetPasswordExpirationMinutes,\n reset_password_template_id: options.resetPasswordTemplateId,\n locale: options.locale,\n});\n\nexport const debounce = <F extends (...args: Parameters<F>) => ReturnType<F>>(func: F, waitFor = 500) => {\n let timeout: number | undefined;\n return (...args: Parameters<F>) => {\n clearTimeout(timeout);\n timeout = window.setTimeout(() => func(...args), waitFor);\n };\n};\n\n// Borrowed from Create React App's service worker registration logic\nexport const isLocalhost = () =>\n Boolean(\n window.location.hostname === 'localhost' ||\n // [::1] is the IPv6 localhost address.\n window.location.hostname === '[::1]' ||\n // 127.0.0.1/8 is considered localhost for IPv4.\n window.location.hostname.match(/^127(?:\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/),\n );\n\nexport type DeepRequired<T> = { [K in keyof T]: DeepRequired<T[K]> } & Required<T>;\n\nexport const hasMultipleCookies = (cookieName: string) => {\n const cookiePairs = document.cookie ? document.cookie.split('; ') : [];\n const matchedCookies = cookiePairs.filter((pair) => {\n const [name] = pair.split('=');\n return cookieName === name;\n });\n\n return matchedCookies.length > 1;\n};\n\nexport const noop = () => {\n // Noop\n};\n","const PERSISTENT_STORAGE_KEY_PREFIX = 'stytch_sdk_state_';\n\n// Declare all keys to use with storage here. These storage are global so re-using the same key will cause collision\n// Do not remove values from here when the caller is removed since these will still be persisted on user's browsers.\nexport type StorageKey =\n // SubscriptionService\n | ''\n | 'seen_domains'\n // Bootstrap\n | 'bootstrap'\n // PKCE manager\n | `PKCE_VERIFIER:${string}`\n // Admin portal\n | `${string}_itemsPerPage`\n | `${string}_filter_${string}`\n // B2B\n | 'reset-email-value'\n | `b2b_last_used_method`\n // B2C\n | `b2c_last_used_oauth`;\n\nexport const getPersistentStorageKey = (publicToken: string, key: StorageKey): string => {\n return `${PERSISTENT_STORAGE_KEY_PREFIX}${publicToken}${key ? `::${key}` : ''}`;\n};\n\nexport interface IStorage {\n getItem(publicKey: string, key: StorageKey): string | null;\n removeItem(publicKey: string, key: StorageKey): void;\n setItem(publicKey: string, key: StorageKey, value: string): void;\n}\n\nexport interface IKeyBoundStorage {\n getItem(key: StorageKey): string | null;\n setItem(key: StorageKey, value: string): void;\n removeItem(key: StorageKey): void;\n}\n\nfunction makeSafeStorage(storage: Storage | undefined): IStorage {\n if (storage == null) {\n return {\n getItem() {\n return null;\n },\n removeItem() {\n // Noop\n },\n setItem() {\n // Noop\n },\n };\n }\n\n return {\n getItem(publicKey: string, key: StorageKey): string | null {\n const persistentStorageKey = getPersistentStorageKey(publicKey, key);\n try {\n return storage.getItem(persistentStorageKey);\n } catch {\n // Swallow error\n return null;\n }\n },\n setItem(publicKey: string, key: StorageKey, value: string): void {\n const persistentStorageKey = getPersistentStorageKey(publicKey, key);\n try {\n if (value) storage.setItem(persistentStorageKey, value);\n } catch {\n // Swallow error\n }\n },\n removeItem(publicKey: string, key: StorageKey): void {\n const persistentStorageKey = getPersistentStorageKey(publicKey, key);\n try {\n storage.removeItem(persistentStorageKey);\n } catch {\n // Swallow error\n }\n },\n };\n}\n\nexport const safeLocalStorage = makeSafeStorage(globalThis.localStorage);\nexport const safeSessionStorage = makeSafeStorage(globalThis.sessionStorage);\n\nexport function getKeyBoundStorage(storage: IStorage, publicToken: string): IKeyBoundStorage {\n return {\n getItem(key: StorageKey) {\n return storage.getItem(publicToken, key);\n },\n setItem(key: StorageKey, value: string): void {\n storage.setItem(publicToken, key, value);\n },\n removeItem(key: StorageKey) {\n storage.removeItem(publicToken, key);\n },\n };\n}\n","import {\n AllowedOpaqueTokens,\n CommonAuthenticateOptions,\n ExtractOpaqueTokens,\n IB2BSubscriptionService,\n IConsumerSubscriptionService,\n IfOpaqueTokens,\n InternalSessionUpdateOptions,\n ISubscriptionService,\n logger,\n OpaqueTokensNeverConfig,\n SessionUpdateOptions,\n} from '@stytch/core';\nimport {\n AuthenticateResponse,\n B2BAuthenticateResponse,\n B2BAuthenticateResponseWithMFA,\n B2BDiscoveryAuthenticateResponse,\n B2BState,\n ConsumerState,\n Member,\n Organization,\n SessionTokens,\n SessionTokensUpdate,\n StytchClientOptions,\n StytchProjectConfigurationInput,\n UnsubscribeFunction,\n User,\n} from '@stytch/core/public';\nimport { createDeepEqual } from '@stytch/js-utils';\nimport Cookies from 'js-cookie';\n\nimport { hasMultipleCookies, isLocalhost } from '../src/utils';\nimport {\n getKeyBoundStorage,\n getPersistentStorageKey,\n IKeyBoundStorage,\n safeLocalStorage,\n safeSessionStorage,\n StorageKey,\n} from './utils/storage';\n\ntype SubscriberFunction<T> = (value: T | null) => void;\ntype Subscribers<T> = Record<string, SubscriberFunction<T>>;\n\nconst STYTCH_SESSION_COOKIE = 'stytch_session';\nconst STYTCH_SESSION_JWT_COOKIE = 'stytch_session_jwt';\nconst STYTCH_INTERMEDIATE_SESSION_TOKEN_COOKIE = 'stytch_intermediate_session_token';\nconst SEEN_DOMAINS_KEY = 'seen_domains';\n\nexport class SubscriptionDataLayer<T extends ConsumerState | B2BState> {\n publicToken: string;\n state: T | null;\n private readonly _opaqueTokenCookieName: string | null = null;\n private readonly _jwtCookieName: string | null = null;\n private readonly _cookiePath: string | null = null;\n private readonly _domain: string | null = null;\n private readonly _cookieAvailableToSubdomains: boolean = false;\n private readonly _istCookieName: string | null = null;\n\n subscriptions: Subscribers<T & SessionUpdateOptions>;\n\n private readonly _localStorage: IKeyBoundStorage;\n readonly browserSessionStorage: IKeyBoundStorage;\n\n constructor(publicToken: string, options?: StytchClientOptions) {\n this.publicToken = publicToken;\n this.state = null;\n this.subscriptions = {};\n\n // Initialize storage utilities\n this._localStorage = getKeyBoundStorage(safeLocalStorage, publicToken);\n this.browserSessionStorage = getKeyBoundStorage(safeSessionStorage, publicToken);\n\n if (options?.cookieOptions) {\n this._opaqueTokenCookieName = options.cookieOptions.opaqueTokenCookieName || null;\n this._jwtCookieName = options.cookieOptions.jwtCookieName || null;\n this._cookiePath = options.cookieOptions.path || null;\n this._domain = options.cookieOptions.domain || null;\n this._cookieAvailableToSubdomains = options.cookieOptions.availableToSubdomains || false;\n this._istCookieName = options.cookieOptions.istCookieName || null;\n }\n\n const localStorageState = this._localStorage.getItem('');\n\n if (!localStorageState) {\n return;\n }\n let parsedState: unknown;\n try {\n parsedState = JSON.parse(localStorageState);\n } catch {\n // Overwrite the bad data with nulls\n this.syncToLocalStorage();\n return;\n }\n // TODO: Validate the data looks decent & matches Session/User format\n this.state = parsedState as T;\n }\n\n protected get opaqueTokenCookieName(): string {\n return this._opaqueTokenCookieName ?? STYTCH_SESSION_COOKIE;\n }\n\n protected get jwtCookieName(): string {\n return this._jwtCookieName ?? STYTCH_SESSION_JWT_COOKIE;\n }\n\n protected get istCookieName(): string {\n return this._istCookieName ?? STYTCH_INTERMEDIATE_SESSION_TOKEN_COOKIE;\n }\n\n readSessionCookie() {\n return {\n session_token: Cookies.get(this.opaqueTokenCookieName),\n session_jwt: Cookies.get(this.jwtCookieName),\n };\n }\n\n readIntermediateSessionTokenCookie() {\n return Cookies.get(this.istCookieName);\n }\n\n writeSessionCookie(stateDiff: StateWithReadableTokensLoggedIn<T>) {\n const { state, session_token, session_jwt } = stateDiff;\n\n const cookieOpts = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: state?.session?.expires_at ?? '',\n availableToSubdomains: this._cookieAvailableToSubdomains,\n path: this._cookiePath,\n domain: this._domain,\n });\n\n if (cookieOpts.domain) {\n this.addSeenDomain(cookieOpts.domain);\n }\n\n Cookies.set(this.opaqueTokenCookieName, session_token, cookieOpts);\n Cookies.set(this.jwtCookieName, session_jwt, cookieOpts);\n\n /**\n * If a developer flips the boolean value of availableToSubdomains at any point,\n * there will be two cookies set which will could cause the user to log out since\n * the js-cookie API always returns the first cookie set. Thus, we will clear the\n * cookie that doesn't relate to the current cookie options.\n */\n\n const alternateCookieOptions = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: state?.session?.expires_at ?? '',\n availableToSubdomains: !this._cookieAvailableToSubdomains,\n path: this._cookiePath,\n domain: this._domain,\n });\n\n if (alternateCookieOptions.domain) {\n this.addSeenDomain(alternateCookieOptions.domain);\n }\n\n if (hasMultipleCookies(this.jwtCookieName)) {\n Cookies.remove(this.jwtCookieName, alternateCookieOptions);\n }\n\n if (hasMultipleCookies(this.opaqueTokenCookieName)) {\n Cookies.remove(this.opaqueTokenCookieName, alternateCookieOptions);\n }\n\n if (hasMultipleCookies(this.jwtCookieName)) {\n logger.warn(\n 'Could not remove extraneous JWT cookie. This might happen if the cookie has been set using multiple `path` settings, and may produce unwanted behavior.',\n );\n }\n\n if (hasMultipleCookies(this.opaqueTokenCookieName)) {\n logger.warn('Could not remove extraneous opaque token cookie.');\n }\n }\n\n writeIntermediateSessionTokenCookie(IST: string) {\n // ISTs are valid for 10 minutes\n const expiresAtTime = new Date(Date.now() + 10 * 60000);\n const cookieOpts = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: expiresAtTime.toString(),\n availableToSubdomains: this._cookieAvailableToSubdomains,\n path: this._cookiePath,\n domain: this._domain,\n });\n\n Cookies.set(this.istCookieName, IST, cookieOpts);\n }\n\n removeSessionCookie() {\n this.removeCookies([this.opaqueTokenCookieName, this.jwtCookieName]);\n }\n\n removeISTCookie() {\n this.removeCookies([this.istCookieName]);\n }\n\n removeCookies(cookiesToRemove: string[]) {\n /**\n * Spray and Pray approach:\n * In order to delete a cookie, both the path and domain must match exactly\n * We don't always know how the cookie was set - we can use the path & info that the SDK was created with\n * but if the SDK settings have changed (e.g. a dev is developing) then things might get strange.\n * Note: it is _impossible_ to reliably delete a cookie if you don't know what path it was set at - thank,; internet\n * Our best effort approach is to just list off the likely combinations\n *\n * As of 2025-07-14, we track all domains that have been used to set cookies and try to delete\n * cookies from all of them to handle cases where domains change (e.g. something.com -> web.something.com)\n */\n\n // Get all previously seen domains\n const trackedDomains = this.getSeenDomains();\n // Include the current domain and null (no domain) in our attempts\n const allDomains = [this._domain, null, ...trackedDomains];\n // Remove duplicates\n const uniqueDomains = [...new Set(allDomains)];\n\n [true, false].forEach((availableToSubdomains) => {\n [this._cookiePath, null].forEach((path) => {\n uniqueDomains.forEach((domain) => {\n const cookieOpts = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: new Date(0).toString(),\n availableToSubdomains,\n path,\n domain,\n });\n cookiesToRemove.forEach((cookieName) => {\n Cookies.remove(cookieName, cookieOpts);\n });\n });\n });\n });\n }\n\n syncToLocalStorage(): void {\n this._localStorage.setItem('', JSON.stringify(this.state));\n }\n\n getItem(key: StorageKey): string | null {\n return this._localStorage.getItem(key);\n }\n\n setItem(key: StorageKey, value: string): void {\n this._localStorage.setItem(key, value);\n }\n\n removeItem(key: StorageKey): void {\n this._localStorage.removeItem(key);\n }\n\n /**\n * Get all previously seen domains from local storage\n */\n private getSeenDomains(): string[] {\n const storedDomains = this.getItem(SEEN_DOMAINS_KEY);\n\n if (!storedDomains) {\n return [];\n }\n\n try {\n const parsed = JSON.parse(storedDomains);\n return Array.isArray(parsed) ? parsed : [];\n } catch {\n return [];\n }\n }\n\n /**\n * Add a domain to the seen domains list\n */\n private addSeenDomain(domain: string | null): void {\n if (!domain) {\n return;\n }\n\n const storedDomains = this.getSeenDomains();\n if (!storedDomains.includes(domain)) {\n storedDomains.push(domain);\n this.setItem(SEEN_DOMAINS_KEY, JSON.stringify(storedDomains));\n }\n }\n\n static generateCookieOpts({\n path,\n domain,\n availableToSubdomains,\n expiresAt,\n }: {\n path: string | null;\n domain: string | null;\n availableToSubdomains: boolean;\n expiresAt: string;\n }): Cookies.CookieAttributes {\n const cookieOpts: Cookies.CookieAttributes = {\n expires: new Date(expiresAt),\n sameSite: 'lax',\n };\n\n if (path) {\n cookieOpts.path = path;\n }\n\n if (isLocalhost()) {\n // We do not require HTTPS for localhost / local development\n // TODO: Could investigate disabling HTTPS for test projects\n cookieOpts.secure = false;\n } else {\n if (availableToSubdomains) {\n // Domain must be expressly configured in order for the cookie to\n // be sent to subdomains\n // UNLESS it is localhost, in which case domain should not be set\n // cf. https://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain\n cookieOpts.domain = domain || window.location.host;\n }\n cookieOpts.secure = true;\n }\n return cookieOpts;\n }\n}\n\nexport class ConsumerSubscriptionDataLayer extends SubscriptionDataLayer<ConsumerState> {}\nexport class B2BSubscriptionDataLayer extends SubscriptionDataLayer<B2BState> {}\n\n/**\n * We want multiple instances of the same Stytch SDK for the same project in the same page to\n * effectively share state - to do this, we create a single cache for the data layer.\n * In order to preserve the cache state across project hot module reloads, we bind it to\n * the global window object using a stytch-internal symbol.\n *\n * This also allows various StytchClients to communicate across package boundaries -\n * consider the following scenario:\n * - Next App splits out bundles per-page\n * - Next App uses Headless Client on all pages, and UI Client on one page\n * - UI client page includes its own copy of Headless Client (since UI depends on Headless CLient)\n * - B/C of code splitting & recombining, if someone navigates from a Headless page to a UI page\n * the there will actually be two copies of the HeadlessClient loaded,\n * one in the main bundle, and one included inside the UI Client code\n * - So using an in-memory global object will not suffice, we'll end up with two global objects in two diff packages\n */\ntype ConsumerDataLayerCache = Record<string, SubscriptionDataLayer<ConsumerState>>;\ntype B2BDataLayerCache = Record<string, SubscriptionDataLayer<B2BState>>;\n\nconst consumerDataLayerCacheSymbol = Symbol.for('__stytch_DataLayer');\nconst b2bDataLayerCacheSymbol = Symbol.for('__stytch_b2b_DataLayer');\n\nconst getConsumerDataLayerCache = (): ConsumerDataLayerCache => {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n const wdw = window as any;\n if (!wdw[consumerDataLayerCacheSymbol]) {\n wdw[consumerDataLayerCacheSymbol] = {};\n }\n return wdw[consumerDataLayerCacheSymbol];\n};\n\nconst getB2BDataLayerCache = (): B2BDataLayerCache => {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n const wdw = window as any;\n if (!wdw[b2bDataLayerCacheSymbol]) {\n wdw[b2bDataLayerCacheSymbol] = {};\n }\n return wdw[b2bDataLayerCacheSymbol];\n};\n\nexport const __clearConsumerDataLayerCache = () => {\n const dataLayerCache = getConsumerDataLayerCache();\n Object.keys(dataLayerCache).forEach((key) => delete dataLayerCache[key]);\n};\n\nexport const __clearB2BDataLayerCache = () => {\n const dataLayerCache = getB2BDataLayerCache();\n Object.keys(dataLayerCache).forEach((key) => delete dataLayerCache[key]);\n};\n\nexport const getConsumerDataLayer = (\n publicToken: string,\n options?: StytchClientOptions,\n): ConsumerSubscriptionDataLayer => {\n const dataLayerCache = getConsumerDataLayerCache();\n if (!dataLayerCache[publicToken]) {\n dataLayerCache[publicToken] = new ConsumerSubscriptionDataLayer(publicToken, options);\n }\n return dataLayerCache[publicToken];\n};\n\nexport const getB2BDataLayer = (publicToken: string, options?: StytchClientOptions): B2BSubscriptionDataLayer => {\n const dataLayerCache = getB2BDataLayerCache();\n if (!dataLayerCache[publicToken]) {\n dataLayerCache[publicToken] = new B2BSubscriptionDataLayer(publicToken, options);\n }\n return dataLayerCache[publicToken];\n};\n\nconst addSubscriber = <T>(collection: Subscribers<T>, subscriber: SubscriberFunction<T>): UnsubscribeFunction => {\n const uniqueId = Math.random().toString(36).slice(-10);\n collection[uniqueId] = subscriber;\n return () => delete collection[uniqueId];\n};\n\nconst notifySubscribers = <T>(collection: Subscribers<T>, value: T | null): void => {\n Object.values(collection).forEach((cb) => cb(value));\n};\n\ntype StateWithReadableTokensLoggedIn<T> = {\n state: T | null;\n intermediate_session_token: null;\n session_token: string;\n session_jwt: string;\n};\n\ntype StateIfOpaqueTokensLoggedIn<T> = {\n state: T | null;\n intermediate_session_token: null;\n session_token: true;\n session_jwt: true;\n};\n\ntype StateWithTokensLoggedIn<T> = StateWithReadableTokensLoggedIn<T> | StateIfOpaqueTokensLoggedIn<T>;\n\ntype StateWithTokensLoggedOut = {\n state: null;\n session_token: null;\n session_jwt: null;\n intermediate_session_token: null;\n};\n\ntype StateWithReadableIntermediateSessionToken = {\n state: null;\n session_token: null;\n session_jwt: null;\n intermediate_session_token: string;\n};\n\ntype StateWithOpaqueIntermediateSessionToken = {\n state: null;\n session_token: null;\n session_jwt: null;\n intermediate_session_token: true;\n};\n\ntype StateWithIntermediateSessionToken =\n | StateWithReadableIntermediateSessionToken\n | StateWithOpaqueIntermediateSessionToken;\n\ntype StateWithTokensDiff<T> = StateWithTokensLoggedIn<T> | StateWithTokensLoggedOut | StateWithIntermediateSessionToken;\n\nconst deepEqualData = createDeepEqual({\n KEYS_TO_EXCLUDE: ['last_accessed_at'],\n});\n\nexport class BaseSubscriptionService<T extends ConsumerState | B2BState, TOpaqueTokens extends AllowedOpaqueTokens>\n implements ISubscriptionService<T, TOpaqueTokens>\n{\n /**\n * Whether the state was retrieved from the cache and is awaiting a refresh\n */\n private fromCache = true;\n\n constructor(\n private _publicToken: string,\n private _datalayer: SubscriptionDataLayer<T>,\n { usingCustomApiEndpoint }: { usingCustomApiEndpoint: boolean },\n ) {\n window.addEventListener('storage', this._listen);\n\n // If a custom API endpoint is being used, the session may be being managed\n // by HttpOnly cookies, which we can't detect.\n if (!usingCustomApiEndpoint) {\n // If the session does not exist in localstorage (like if we are in an iframe)\n // then the cookie might still be set and we can retrieve the session via an API call\n const { session_token } = this._datalayer.readSessionCookie();\n if (!session_token) {\n this.destroySession();\n return;\n }\n }\n }\n\n // Listening for state changes across tabs\n private _listen = (e: StorageEvent) => {\n if (e.key !== getPersistentStorageKey(this._publicToken, '')) {\n return;\n }\n\n const parsedValue = e.newValue === null || e.newValue === 'null' ? null : (JSON.parse(e.newValue) as T);\n this.updateState(parsedValue, true);\n };\n\n getTokens(): IfOpaqueTokens<TOpaqueTokens, never, SessionTokens | null> {\n const { session_token, session_jwt } = this._datalayer.readSessionCookie();\n if (!(typeof session_token === 'string') || !(typeof session_jwt === 'string')) {\n return null as IfOpaqueTokens<TOpaqueTokens, never, SessionTokens | null>;\n }\n return { session_token, session_jwt } as IfOpaqueTokens<TOpaqueTokens, never, SessionTokens | null>;\n }\n\n getIntermediateSessionToken(): string | null {\n return this._datalayer.readIntermediateSessionTokenCookie() || null;\n }\n\n destroyState() {\n this.updateStateAndTokens({\n state: null,\n session_token: null,\n session_jwt: null,\n intermediate_session_token: null,\n });\n }\n\n destroySession() {\n this._datalayer.removeSessionCookie();\n this.updateState(null);\n }\n\n _updateStateAndTokensInternal(stateDiff: StateWithTokensDiff<T>, options: InternalSessionUpdateOptions) {\n const oldStateValue = this._datalayer.state;\n const newStateValue = stateDiff.state === null ? null : ({ ...this._datalayer.state, ...stateDiff.state } as T);\n this._datalayer.state = newStateValue;\n const wasCached = this.getFromCache();\n this.setCacheRefreshed();\n\n // NOTE: This means that our tab executes first before we signal the state change to other tabs\n // TODO: Should we avoid notifying subscribers in the same thread? Should we put\n // notifications in a setImmediate or setTimeout(..., 0)?\n // Should subscribers let us know if they are active/passive when they sign up?\n if (wasCached || !deepEqualData(oldStateValue, newStateValue)) {\n let notification: (T & SessionUpdateOptions) | null;\n if (newStateValue == null || options.fromCache) {\n notification = newStateValue;\n } else {\n notification = {\n ...newStateValue,\n sessionDurationMinutes: options.sessionDurationMinutes,\n };\n }\n\n notifySubscribers(this._datalayer.subscriptions, notification);\n }\n }\n\n updateStateAndTokens(\n stateDiff: StateWithTokensDiff<T>,\n options: InternalSessionUpdateOptions = { fromCache: false },\n ) {\n if (stateDiff.state) {\n if (typeof stateDiff.session_token === 'string') {\n this._datalayer.writeSessionCookie(stateDiff);\n } else {\n // The session token is opaque, so let's clear any residual session\n // cookies that may have been left over\n this._datalayer.removeSessionCookie();\n }\n this._datalayer.removeISTCookie();\n } else if (stateDiff.intermediate_session_token) {\n if (typeof stateDiff.intermediate_session_token === 'string') {\n this._datalayer.writeIntermediateSessionTokenCookie(stateDiff.intermediate_session_token);\n } else {\n // The intermediate session token is opaque, so let's clear any residual\n // intermediate session token cookies that may have been left over\n this._datalayer.removeISTCookie();\n }\n this._datalayer.removeSessionCookie();\n } else {\n this._datalayer.removeSessionCookie();\n this._datalayer.removeISTCookie();\n }\n\n this._updateStateAndTokensInternal(stateDiff, options);\n\n this._datalayer.syncToLocalStorage();\n }\n\n updateState(state: T | null, fromExternalSource = false) {\n const oldStateValue = this._datalayer.state;\n const newStateValue = state === null ? null : ({ ...this._datalayer.state, ...state } as T);\n this._datalayer.state = newStateValue;\n const wasCached = this.getFromCache();\n this.setCacheRefreshed();\n\n const hasStateChanged = !deepEqualData(oldStateValue, newStateValue);\n if (wasCached || hasStateChanged) {\n notifySubscribers(this._datalayer.subscriptions, newStateValue);\n\n // If there is no state change, or if this update was itself triggered by\n // a storage event, there is no need to sync to local storage since the\n // state is already in sync.\n if (hasStateChanged && !fromExternalSource) {\n // Delay notifying other tabs until after we have refreshed ourselves\n this._datalayer.syncToLocalStorage();\n }\n }\n }\n\n updateTokens(tokens: SessionTokensUpdate) {\n const { session_token, session_jwt } = tokens;\n const cookie = this._datalayer.readSessionCookie();\n const diff = {\n ...cookie,\n session_token,\n session_jwt,\n } as StateWithTokensDiff<T>;\n if (typeof session_token === 'string' || typeof session_jwt === 'string') {\n this._datalayer.writeSessionCookie(diff as StateWithReadableTokensLoggedIn<T>);\n this._datalayer.removeISTCookie();\n } else {\n this._datalayer.removeSessionCookie();\n }\n }\n\n subscribeToState(callback: SubscriberFunction<T & SessionUpdateOptions>): UnsubscribeFunction {\n return addSubscriber(this._datalayer.subscriptions, callback);\n }\n\n getState(): T | null {\n return this._datalayer.state;\n }\n\n destroy() {\n window.removeEventListener('storage', this._listen);\n }\n\n syncFromDeviceStorage() {\n return null;\n }\n\n getFromCache(): boolean {\n return this.fromCache;\n }\n\n setCacheRefreshed() {\n this.fromCache = false;\n }\n}\n\nexport class ConsumerSubscriptionService<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends BaseSubscriptionService<ConsumerState, ExtractOpaqueTokens<TProjectConfiguration>>\n implements IConsumerSubscriptionService<TProjectConfiguration>\n{\n updateUser = (user: User) => this.updateState({ user });\n getUser = () => this.getState()?.user ?? null;\n getSession = () => this.getState()?.session ?? null;\n updateSession: IConsumerSubscriptionService<TProjectConfiguration>['updateSession'] = (resp, options) => {\n const { session, user, session_jwt, session_token } = resp;\n\n if (session_token && session_jwt) {\n this.updateStateAndTokens(\n {\n state: { session, user },\n session_jwt,\n session_token,\n intermediate_session_token: null,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n } else {\n this.updateStateAndTokens(\n {\n state: { session, user },\n session_token: true,\n session_jwt: true,\n intermediate_session_token: null,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n }\n };\n\n withUpdateSession =\n <\n Args extends [] | [options?: CommonAuthenticateOptions] | (string | CommonAuthenticateOptions)[],\n Ret extends AuthenticateResponse<TProjectConfiguration & OpaqueTokensNeverConfig> | null,\n >(\n authenticate: (...args: Args) => Promise<Ret>,\n ): ((...args: Args) => Promise<Ret>) =>\n async (...args) => {\n const resp = await authenticate(...args);\n if (resp != null) {\n const options = args.find((a): a is CommonAuthenticateOptions => a != null && !(typeof a === 'string'));\n this.updateSession(resp, {\n sessionDurationMinutes: options?.session_duration_minutes,\n });\n }\n return resp;\n };\n}\n\nexport class B2BSubscriptionService<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends BaseSubscriptionService<B2BState, ExtractOpaqueTokens<TProjectConfiguration>>\n implements IB2BSubscriptionService<TProjectConfiguration>\n{\n updateMember = (member: Member) => this.updateState({ member });\n getMember = () => this.getState()?.member ?? null;\n updateOrganization = (organization: Organization) => this.updateState({ organization });\n getOrganization = () => this.getState()?.organization ?? null;\n getSession = () => this.getState()?.session ?? null;\n updateSession: IB2BSubscriptionService<TProjectConfiguration>['updateSession'] = (resp, options) => {\n if ('member_session' in resp && resp.member_session) {\n const tokens =\n resp.session_token && resp.session_jwt\n ? { session_token: resp.session_token, session_jwt: resp.session_jwt }\n : ({ session_token: true, session_jwt: true } as const);\n\n this.updateStateAndTokens(\n {\n state: {\n session: resp.member_session,\n member: resp.member,\n organization: resp.organization,\n },\n ...tokens,\n intermediate_session_token: null,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n } else {\n this.updateStateAndTokens(\n {\n state: null,\n session_token: null,\n session_jwt: null,\n intermediate_session_token: resp.intermediate_session_token || true,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n }\n };\n\n withUpdateSession =\n <\n Options extends CommonAuthenticateOptions | undefined,\n Ret extends\n | B2BAuthenticateResponse<TProjectConfiguration & OpaqueTokensNeverConfig>\n | B2BAuthenticateResponseWithMFA<TProjectConfiguration & OpaqueTokensNeverConfig>\n | B2BDiscoveryAuthenticateResponse<TProjectConfiguration & OpaqueTokensNeverConfig>,\n >(\n authenticate: (options: Options) => Promise<Ret>,\n ): ((options: Options) => Promise<Ret>) =>\n async (options) => {\n const resp = await authenticate(options);\n this.updateSession(resp, {\n sessionDurationMinutes: options?.session_duration_minutes,\n });\n return resp;\n };\n}\n","type DeepEqualOpts = {\n KEYS_TO_EXCLUDE?: string[];\n};\n\nexport const createDeepEqual = ({ KEYS_TO_EXCLUDE = [] }: DeepEqualOpts = {}) => {\n // If comparing functions, this may need some work. Not sure the\n // best path for this: compare instance (what it currently does),\n // stringify and compare, etc.\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n const deepEqual = (a: any, b: any): boolean => {\n // Ensures type is the same\n if (typeof a !== typeof b) return false;\n // arrays, null, and objects all have type 'object'\n if (a === null || b === null) return a === b;\n if (typeof a === 'object') {\n if (Object.keys(a).length !== Object.keys(b).length || Object.keys(a).some((k) => !(k in b))) return false;\n return Object.entries(a)\n .filter(([k]) => !KEYS_TO_EXCLUDE.includes(k))\n .every(([k, v]) => deepEqual(v, b[k]));\n }\n // boolean, string, number, undefined\n return a === b;\n };\n\n return deepEqual;\n};\n","import { INetworkClient, SearchDataManager } from '@stytch/core';\nimport { B2BState, ConsumerState, StytchProjectConfigurationInput } from '@stytch/core/public';\n\nimport { B2BOneTapProvider } from '../b2b/oneTap/B2BOneTapProvider';\nimport type { StytchB2BClient } from '../b2b/StytchB2BClient';\nimport { IBootstrapData } from '../BootstrapDataManager';\nimport { CaptchaProvider } from '../CaptchaProvider';\nimport { ClientsideServicesProvider } from '../ClientsideServicesProvider';\nimport { OneTapProvider } from '../oneTap/OneTapProvider';\nimport type { StytchClient } from '../StytchClient';\nimport { SubscriptionDataLayer } from '../SubscriptionService';\n\ntype Internals = {\n // Internal Utilities\n bootstrap: IBootstrapData;\n publicToken: string;\n searchManager: SearchDataManager;\n networkClient: INetworkClient;\n clientsideServices: ClientsideServicesProvider;\n};\n\nexport type B2BInternals = Internals & {\n dataLayer: SubscriptionDataLayer<B2BState>;\n networkClient: INetworkClient;\n oneTap: B2BOneTapProvider;\n};\n\nexport type B2CInternals = Internals & {\n captcha: CaptchaProvider;\n oneTap: OneTapProvider;\n dataLayer: SubscriptionDataLayer<ConsumerState>;\n};\n\nexport const internalSymB2B = Symbol.for('stytch__internal_b2b');\nexport const internalSymB2C = Symbol.for('stytch__internal_b2c');\n\nexport const writeB2BInternals = (obj: StytchB2BClient<StytchProjectConfigurationInput>, internals: B2BInternals) => {\n Object.assign(obj, {\n [internalSymB2B]: internals,\n });\n};\n\nexport const readB2BInternals = (obj: StytchB2BClient<StytchProjectConfigurationInput>): B2BInternals => {\n const casted = obj as { [internalSymB2B]?: B2BInternals };\n if (!casted[internalSymB2B]) {\n throw Error('Internals not found!');\n }\n return casted[internalSymB2B];\n};\n\nexport const writeB2CInternals = (obj: StytchClient<StytchProjectConfigurationInput>, internals: B2CInternals) => {\n Object.assign(obj, {\n [internalSymB2C]: internals,\n });\n};\n\nexport const readB2CInternals = (obj: StytchClient<StytchProjectConfigurationInput>): B2CInternals => {\n const casted = obj as { [internalSymB2C]?: B2CInternals };\n if (!casted[internalSymB2C]) {\n throw Error('Internals not found!');\n }\n return casted[internalSymB2C];\n};\n","import {\n DisabledDFPProtectedAuthProvider,\n HeadlessB2BOAuthClient as BaseHeadlessB2BOAuthClient,\n IB2BSubscriptionService,\n IDFPProtectedAuthProvider,\n INetworkClient,\n IPKCEManager,\n} from '@stytch/core';\nimport {\n IHeadlessB2BOAuthClient,\n OneTapPositions,\n StytchProjectConfigurationInput,\n StytchSDKUsageError,\n} from '@stytch/core/public';\n\nimport { OneTapRenderResult } from '../oneTap/GoogleOneTapClient';\nimport { B2BOneTapProvider } from './oneTap/B2BOneTapProvider';\n\nexport type B2BGoogleOneTapDiscoveryOAuthOptions = {\n /**\n * The URL that Stytch redirects to after the Google One Tap discovery flow is completed.\n * This should be a URL that verifies the request by querying Stytch's /oauth/discovery/authenticate endpoint.\n * If this value is not passed, the default discovery redirect URL that you set in your Dashboard is used.\n * If you have not set a default discovery redirect URL, an error is returned.\n */\n discovery_redirect_url?: string;\n /**\n * Controls whether clicking outside the One Tap prompt dismisses the prompt.\n * Defaults to true.\n */\n cancel_on_tap_outside?: boolean;\n};\n\nexport type B2BGoogleOneTapOAuthOptions = {\n /**\n * The ID of the organization that the end user is logging in to.\n */\n organization_id: string;\n\n /**\n * The URL that Stytch redirects to after the Google One Tap flow is completed for a member who already exists.\n * This should be a URL that verifies the request by querying Stytch's /oauth/authenticate endpoint.\n * If this value is not passed, the default login redirect URL that you set in your Dashboard is used.\n * If you have not set a default login redirect URL, an error is returned.\n */\n login_redirect_url?: string;\n\n /**\n * The URL that Stytch redirects to after the Google One Tap flow is completed for a member who does not yet exist.\n * This should be a URL that verifies the request by querying Stytch's /oauth/authenticate endpoint.\n * If this value is not passed, the default signup redirect URL that you set in your Dashboard is used.\n * If you have not set a default signup redirect URL, an error is returned.\n */\n signup_redirect_url?: string;\n /**\n * Controls whether clicking outside the One Tap prompt dismisses the prompt.\n * Defaults to true.\n */\n cancel_on_tap_outside?: boolean;\n};\n\ninterface IB2BGoogleOneTapOAuthProvider {\n discovery: {\n /**\n * Start a discovery OAuth flow by showing the Google one tap prompt in the top right corner of the user's browser.\n * You can configure this to be started by a user action (i.e Button click) or on load/render.\n * @example\n * const showGoogleOneTap = useCallback(()=> {\n * stytch.oauth.googleOneTap.discovery.start({\n * discovery_redirect_url: 'https://example.com/oauth/callback',\n * })\n * }, [stytch]);\n * return (\n * <Button onClick={showGoogleOneTap}> Show Google one tap </Button>\n * );\n *\n * @param options - A {@link B2BGoogleOneTapDiscoveryOAuthOptions} object\n *\n * @returns A {@link OneTapRenderResult} object. The result object includes if the one-tap prompt\n * was rendered, and a reason if it couldn't be rendered.\n *\n * @throws An Error if the one tap client cannot be created.\n */\n start(options?: B2BGoogleOneTapDiscoveryOAuthOptions): Promise<OneTapRenderResult>;\n };\n /**\n * Start an OAuth flow by showing the Google one tap prompt in the top right corner of the user's browser.\n * You can configure this to be started by a user action (i.e Button click) or on load/render.\n * @example\n * const showGoogleOneTap = useCallback(()=> {\n * stytch.oauth.googleOneTap.start({\n * organization_id: 'organization-test-123',\n * })\n * }, [stytch]);\n * return (\n * <Button onClick={showGoogleOneTap}> Show Google one tap </Button>\n * );\n *\n * @param options - A {@link B2BGoogleOneTapOAuthOptions} object\n *\n * @returns A {@link OneTapRenderResult} object. The result object includes if the one-tap prompt\n * was rendered, and a reason if it couldn't be rendered.\n *\n * @throws An Error if the one tap client cannot be created.\n */\n start(options?: B2BGoogleOneTapOAuthOptions): Promise<OneTapRenderResult>;\n}\n\ntype DynamicConfig = Promise<{\n cnameDomain: null | string;\n pkceRequiredForOAuth: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport interface IWebB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends IHeadlessB2BOAuthClient<TProjectConfiguration> {\n googleOneTap: IB2BGoogleOneTapOAuthProvider;\n}\n\nexport class HeadlessB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends BaseHeadlessB2BOAuthClient<TProjectConfiguration>\n implements IWebB2BOAuthClient<TProjectConfiguration>\n{\n constructor(\n _networkClient: INetworkClient,\n _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n _pkceManager: IPKCEManager,\n _dynamicConfig: DynamicConfig,\n _config: Config,\n _dfpProtectedAuth: IDFPProtectedAuthProvider = DisabledDFPProtectedAuthProvider(),\n private _oneTap: B2BOneTapProvider,\n ) {\n super(_networkClient, _subscriptionService, _pkceManager, _dynamicConfig, _config, _dfpProtectedAuth);\n }\n\n private startOneTapDiscovery = async (options: B2BGoogleOneTapDiscoveryOAuthOptions): Promise<OneTapRenderResult> => {\n const clientResult = await this._oneTap.createOneTapClient();\n if (!clientResult.success) {\n throw new Error(`One Tap could not load: ${clientResult.reason}`);\n }\n\n const { client } = clientResult;\n\n const onSuccessCallback = this._oneTap.createOnDiscoverySuccessHandler({\n discoveryRedirectUrl: options.discovery_redirect_url,\n onSuccess: this._oneTap.redirectOnSuccess,\n });\n\n return client.render({\n style: {\n position: OneTapPositions.floating,\n },\n callback: onSuccessCallback,\n cancelOnTapOutside: options.cancel_on_tap_outside,\n });\n };\n\n private startOneTap = async (options: B2BGoogleOneTapOAuthOptions): Promise<OneTapRenderResult> => {\n if (!options.organization_id) {\n throw new StytchSDKUsageError('stytch.oauth.googleOneTap.start', 'organization_id is a required argument');\n }\n const clientResult = await this._oneTap.createOneTapClient();\n if (!clientResult.success) {\n throw new Error(`One Tap could not load: ${clientResult.reason}`);\n }\n\n const { client } = clientResult;\n\n const onSuccessCallback = this._oneTap.createOnSuccessHandler({\n organizationId: options.organization_id,\n signupRedirectUrl: options.signup_redirect_url,\n loginRedirectUrl: options.login_redirect_url,\n onSuccess: this._oneTap.redirectOnSuccess,\n });\n\n return client.render({\n style: {\n position: OneTapPositions.floating,\n },\n callback: onSuccessCallback,\n cancelOnTapOutside: options.cancel_on_tap_outside,\n });\n };\n\n googleOneTap: IB2BGoogleOneTapOAuthProvider = {\n discovery: {\n start: this.startOneTapDiscovery,\n },\n start: this.startOneTap,\n };\n}\n","// Inspired by https://developers.google.com/privacy-sandbox/3pcd/fedcm-developer-guide#sign-into-rp\nexport const navigatorSupportsFedCM = typeof window !== 'undefined' && 'IdentityCredential' in window;\n","import { OneTapPositions } from '@stytch/core/public';\n\nimport { navigatorSupportsFedCM } from './navigatorSupportsFedCM';\n\nexport const getConfiguredEmbeddedMode = (position: OneTapPositions | undefined) => {\n if (position === OneTapPositions.forceLegacyEmbedded) {\n return 'force';\n }\n\n if (\n position === OneTapPositions.embeddedOnly ||\n position === OneTapPositions.embedded ||\n position === OneTapPositions.floatingOrEmbedded\n ) {\n return true;\n }\n\n return false;\n};\n\nexport const getShouldRenderEmbeddedOneTap = (position: OneTapPositions | undefined) => {\n // Attempt embedded positioning if some embedded mode has been requested, and\n // either:\n // - the browser does not support FedCM (in which case embedded positioning\n // could work), or\n // - the developer has specified legacy embedded positioning (in which case\n // embedded positioning may not be honored)\n\n const embeddedMode = getConfiguredEmbeddedMode(position);\n return embeddedMode === 'force' || (embeddedMode && !navigatorSupportsFedCM);\n};\n\nexport const getShouldRenderFloatingOneTap = (position: OneTapPositions | undefined) => {\n // Use floating positioning if we aren't using embedded positioning and the\n // developer hasn't specifically requested not to use floating positioning\n return position !== OneTapPositions.embeddedOnly && !getShouldRenderEmbeddedOneTap(position);\n};\n\nexport const getRenderedOneTapMode = (position: OneTapPositions | undefined) => {\n const embeddedMode = getConfiguredEmbeddedMode(position);\n\n if (embeddedMode === 'force' || (embeddedMode && !navigatorSupportsFedCM)) {\n return 'embedded';\n }\n\n if (position !== OneTapPositions.embeddedOnly) {\n return 'floating';\n }\n\n return false;\n};\n","import { GOOGLE_ONE_TAP_HOST } from '@stytch/core';\nimport { OneTapStyleConfig } from '@stytch/core/public';\nimport type { accounts, CredentialResponse, IdConfiguration, PromptMomentNotification } from 'google-one-tap';\n\nimport { getConfiguredEmbeddedMode, getShouldRenderEmbeddedOneTap } from './positionModes';\n\ntype OneTapNotShownReason =\n | ReturnType<PromptMomentNotification['getNotDisplayedReason']>\n | ReturnType<PromptMomentNotification['getSkippedReason']>;\n\nexport type OneTapRenderResult = { success: true } | { success: false; reason: OneTapNotShownReason };\n\n/**\n * Wrapper around Google One Tap JS client that combines initialize() and prompt()\n * into one async render() call\n *\n * @see https://developers.google.com/identity/gsi/web/guides/display-google-one-tap#javascript\n */\nexport class GoogleOneTapClient {\n constructor(\n private _googleClient: accounts['id'],\n private _clientId: string,\n ) {}\n\n cancel(): void {\n this._googleClient.cancel();\n }\n\n async render({\n callback,\n onOneTapCancelled,\n style,\n cancelOnTapOutside = true,\n }: {\n callback: (response: CredentialResponse) => void;\n onOneTapCancelled?: (showError?: boolean) => void;\n style: OneTapStyleConfig;\n cancelOnTapOutside?: boolean;\n }): Promise<OneTapRenderResult> {\n const embeddedMode = getConfiguredEmbeddedMode(style.position);\n const shouldRenderEmbeddedOneTap = getShouldRenderEmbeddedOneTap(style.position);\n\n const config: IdConfiguration = {\n client_id: this._clientId,\n callback: callback,\n auto_select: false,\n context: 'use',\n itp_support: true,\n use_fedcm_for_prompt: embeddedMode !== 'force',\n cancel_on_tap_outside: cancelOnTapOutside,\n };\n if (shouldRenderEmbeddedOneTap) {\n config.prompt_parent_id = 'google-parent-prompt';\n config.cancel_on_tap_outside = false;\n }\n this._googleClient.initialize(config);\n\n return new Promise((resolve) => {\n this._googleClient.prompt((notification: PromptMomentNotification) => {\n if (notification.isSkippedMoment()) {\n // After FedCM is mandatory, `getSkippedReason` will no longer be\n // supported, so access it defensively.\n const reason = notification.getSkippedReason?.() ?? 'unknown_reason';\n\n if (reason === 'user_cancel') {\n onOneTapCancelled?.();\n }\n return resolve({\n success: false,\n reason,\n });\n }\n\n // At some point after FedCM is mandatory, `isNotDisplayed` and\n // `getNotDisplayedReason` (and display moments in general) will not be\n // supported. If we can tell they're not available and we're trying to\n // show an embedded one tap UI, we should treat it as a failure, because\n // we won't expect an embedded UI to work (by virtue of FedCM being\n // mandatory) and won't expect any other notifications.\n if ((!notification.isNotDisplayed && shouldRenderEmbeddedOneTap) || notification.isNotDisplayed?.()) {\n return resolve({\n success: false,\n reason: notification.getNotDisplayedReason?.() ?? 'unknown_reason',\n });\n }\n\n if (!notification.isDismissedMoment()) {\n this.styleFrame(shouldRenderEmbeddedOneTap);\n return resolve({ success: true });\n }\n });\n });\n }\n\n styleFrame(shouldRenderEmbeddedOneTap: boolean) {\n if (!shouldRenderEmbeddedOneTap) {\n return;\n }\n Array.from(document.getElementsByTagName('iframe')).forEach((frame) => {\n if (frame.src.includes(GOOGLE_ONE_TAP_HOST)) {\n frame.style.width = '100%';\n }\n });\n }\n}\n","import { INetworkClient, IPKCEManager } from '@stytch/core';\nimport { ResponseCommon, StytchAPIError } from '@stytch/core/public';\nimport type { CredentialResponse } from 'google-one-tap';\n\nimport { GoogleOneTapClient } from '../../oneTap/GoogleOneTapClient';\nimport { loadGoogleOneTapClient } from '../../oneTap/OneTapProvider';\n\ntype B2BOneTapStartResponse = ResponseCommon & {\n google_client_id: string;\n};\n\ntype B2BOneTapSubmitResponse = ResponseCommon & {\n redirect_url: string;\n};\n\ntype OneTapNotLoadedReason =\n // These come from the API directly - err.error_type\n | 'oauth_config_not_found'\n | 'default_provider_not_allowed'\n // If we have an unhandled error :$\n | string;\n\ntype OneTapLoadResult =\n | { success: true; client: GoogleOneTapClient }\n | { success: false; reason: OneTapNotLoadedReason };\n\ntype DynamicConfig = Promise<{\n pkceRequiredForOAuth: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForOAuth: false,\n});\n\n/**\n * Handles loading One Tap config from Stytch API and initializing {@link GoogleOneTapClient}\n */\nexport class B2BOneTapProvider {\n private googleClientID?: string;\n constructor(\n private _networkClient: INetworkClient,\n private _pkceManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n ) {}\n\n private async fetchGoogleStart() {\n if (this.googleClientID) {\n return this.googleClientID;\n }\n const oneTapStartResp = await this._networkClient.fetchSDK<B2BOneTapStartResponse>({\n url: '/b2b/oauth/google/onetap/start',\n method: 'GET',\n });\n this.googleClientID = oneTapStartResp.google_client_id;\n return this.googleClientID;\n }\n\n private async submitGoogleOneTapTokenDiscovery({\n credential,\n discoveryRedirectUrl,\n }: {\n credential: string;\n discoveryRedirectUrl?: string;\n }) {\n let codeChallenge = undefined;\n const { pkceRequiredForOAuth } = await this._config;\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n codeChallenge = keyPair.code_challenge;\n } else {\n this._pkceManager.clearPKPair();\n }\n return await this._networkClient.fetchSDK<B2BOneTapSubmitResponse>({\n url: '/b2b/oauth/google/onetap/discovery/submit',\n method: 'POST',\n body: {\n id_token: credential,\n discovery_redirect_url: discoveryRedirectUrl,\n pkce_code_challenge: codeChallenge,\n },\n });\n }\n\n private async submitGoogleOneTapToken({\n credential,\n organizationId,\n signupRedirectUrl,\n loginRedirectUrl,\n }: {\n credential: string;\n organizationId: string;\n signupRedirectUrl?: string;\n loginRedirectUrl?: string;\n }) {\n let codeChallenge = undefined;\n const { pkceRequiredForOAuth } = await this._config;\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n codeChallenge = keyPair.code_challenge;\n } else {\n this._pkceManager.clearPKPair();\n }\n return await this._networkClient.fetchSDK<B2BOneTapSubmitResponse>({\n url: '/b2b/oauth/google/onetap/submit',\n method: 'POST',\n body: {\n id_token: credential,\n organization_id: organizationId,\n signup_redirect_url: signupRedirectUrl,\n login_redirect_url: loginRedirectUrl,\n pkce_code_challenge: codeChallenge,\n },\n });\n }\n\n async createOneTapClient(): Promise<OneTapLoadResult> {\n let googleClientId: string;\n try {\n googleClientId = await this.fetchGoogleStart();\n } catch (e) {\n const err = StytchAPIError.from(e);\n return { success: false, reason: err.error_type };\n }\n\n if (googleClientId === '') {\n return { success: false, reason: 'oauth_config_not_found' };\n }\n const client = new GoogleOneTapClient(await loadGoogleOneTapClient(), googleClientId);\n return { success: true, client };\n }\n\n createOnDiscoverySuccessHandler =\n ({\n discoveryRedirectUrl,\n onSuccess,\n onError,\n }: {\n discoveryRedirectUrl?: string;\n onSuccess: (redirect_url: string) => void;\n onError?: (error: Error) => void;\n }) =>\n async (response: CredentialResponse) => {\n const { credential } = response;\n let submitPromise = this.submitGoogleOneTapTokenDiscovery({\n credential,\n discoveryRedirectUrl,\n }).then((result) => onSuccess(result.redirect_url));\n if (onError) {\n submitPromise = submitPromise.catch((error) => onError(error));\n }\n await submitPromise;\n };\n\n createOnSuccessHandler =\n ({\n organizationId,\n signupRedirectUrl,\n loginRedirectUrl,\n onSuccess,\n onError,\n }: {\n organizationId: string;\n signupRedirectUrl?: string;\n loginRedirectUrl?: string;\n onSuccess: (redirect_url: string) => void;\n onError?: (error: Error) => void;\n }) =>\n async (response: CredentialResponse) => {\n const { credential } = response;\n let submitPromise = this.submitGoogleOneTapToken({\n credential,\n organizationId,\n signupRedirectUrl,\n loginRedirectUrl,\n }).then((result) => onSuccess(result.redirect_url));\n if (onError) {\n submitPromise = submitPromise.catch((error) => onError(error));\n }\n await submitPromise;\n };\n\n redirectOnSuccess = (redirect_url: string) => {\n window.location.href = redirect_url;\n };\n}\n","import { GOOGLE_ONE_TAP_SCRIPT_URL, loadESModule, OneTapStartResponse, RPCManifest } from '@stytch/core';\nimport { StytchAPIError } from '@stytch/core/public';\nimport type { CredentialResponse } from 'google-one-tap';\n\nimport { GoogleOneTapClient } from './GoogleOneTapClient';\n\nexport const loadGoogleOneTapClient = (): Promise<google.accounts['id']> =>\n loadESModule(GOOGLE_ONE_TAP_SCRIPT_URL, () => window.google.accounts.id);\n\ntype OneTapNotLoadedReason =\n // These come from the API directly - err.error_type\n | 'oauth_config_not_found'\n | 'no_login_redirect_urls_set'\n | 'no_signup_redirect_urls_set'\n // If we have an unhandled error :$\n | string;\n\ntype OneTapLoadResult =\n | { success: true; client: GoogleOneTapClient }\n | { success: false; reason: OneTapNotLoadedReason };\n\n/**\n * Handles loading One Tap config from Stytch API and initializing {@link GoogleOneTapClient}\n */\nexport class OneTapProvider {\n private googleConfig?: Promise<OneTapStartResponse>;\n\n constructor(\n private _publicToken: string,\n private clientsideServices: RPCManifest,\n ) {}\n\n async createOneTapClient(): Promise<OneTapLoadResult> {\n let googleClientId: string;\n try {\n ({ googleClientId } = await this.fetchGoogleStart());\n } catch (e) {\n const err = StytchAPIError.from(e);\n return { success: false, reason: err.error_type };\n }\n\n if (googleClientId === '') {\n return { success: false, reason: 'oauth_config_not_found' };\n }\n const client = new GoogleOneTapClient(await loadGoogleOneTapClient(), googleClientId);\n return { success: true, client };\n }\n\n createOnSuccessHandler =\n ({\n loginRedirectUrl,\n signupRedirectUrl,\n onSuccess,\n }: {\n loginRedirectUrl?: string;\n signupRedirectUrl?: string;\n onSuccess: (redirect_url: string) => void;\n }) =>\n async (response: CredentialResponse) => {\n const { credential } = response;\n const { redirect_url } = await this.submitGoogleOneTapToken({\n credential,\n loginRedirectUrl,\n signupRedirectUrl,\n });\n onSuccess(redirect_url);\n };\n\n private fetchGoogleStart() {\n if (this.googleConfig) {\n return this.googleConfig;\n }\n this.googleConfig = this.clientsideServices.oneTapStart({\n publicToken: this._publicToken,\n });\n return this.googleConfig;\n }\n\n private async submitGoogleOneTapToken({\n credential,\n loginRedirectUrl,\n signupRedirectUrl,\n }: {\n credential: string;\n loginRedirectUrl?: string;\n signupRedirectUrl?: string;\n }) {\n const { oauthCallbackId } = await this.fetchGoogleStart();\n\n return this.clientsideServices.oneTapSubmit({\n publicToken: this._publicToken,\n idToken: credential,\n loginRedirectURL: loginRedirectUrl,\n oauthCallbackID: oauthCallbackId,\n signupRedirectURL: signupRedirectUrl,\n });\n }\n\n redirectOnSuccess = (redirect_url: string) => {\n window.location.href = redirect_url;\n };\n\n /**\n * Google One Tap will show a banner on the bottom of the screen on certain mobile devices\n * This logic is controlled via some sniffing of the useragent string on startup\n * These specific strings were extracted from the One Tap minified source code\n * See the linked PR for details and screenshots\n */\n static willGoogleOneTapShowEmbedded(ua = navigator.userAgent): boolean {\n const uaContains = (userAgent: string, searchString: string) => userAgent.indexOf(searchString) !== -1;\n\n const isTabletUA =\n uaContains(ua, 'iPad') || (uaContains(ua, 'Android') && !uaContains(ua, 'Mobile')) || uaContains(ua, 'Silk');\n\n const isMobileUA =\n uaContains(ua, 'iPod') || uaContains(ua, 'iPhone') || uaContains(ua, 'Android') || uaContains(ua, 'IEMobile');\n\n return !isTabletUA && isMobileUA;\n }\n}\n","import {\n checkB2BNotSSR,\n checkPublicToken,\n DFPProtectedAuthProvider,\n HeadlessB2BDiscoveryClient,\n HeadlessB2BIDPClient,\n HeadlessB2BImpersonationClient,\n HeadlessB2BMagicLinksClient,\n HeadlessB2BOrganizationClient,\n HeadlessB2BOTPsClient,\n HeadlessB2BPasswordsClient,\n HeadlessB2BRBACClient,\n HeadlessB2BRecoveryCodesClient,\n HeadlessB2BSCIMClient,\n HeadlessB2BSelfClient,\n HeadlessB2BSessionClient,\n HeadlessB2BSSOClient,\n HeadlessB2BTOTPsClient,\n INetworkClient,\n logger,\n SearchDataManager,\n SessionManager,\n StateChangeClient,\n StateChangeRegisterFunction,\n VERTICAL_CONSUMER,\n} from '@stytch/core';\nimport {\n B2BState,\n IHeadlessB2BDiscoveryClient,\n IHeadlessB2BImpersonationClient,\n IHeadlessB2BMagicLinksClient,\n IHeadlessB2BMemberClient,\n IHeadlessB2BOrganizationClient,\n IHeadlessB2BOTPsClient,\n IHeadlessB2BPasswordClient,\n IHeadlessB2BRBACClient,\n IHeadlessB2BRecoveryCodesClient,\n IHeadlessB2BSCIMClient,\n IHeadlessB2BSelfClient,\n IHeadlessB2BSessionClient,\n IHeadlessB2BSSOClient,\n IHeadlessB2BTOTPsClient,\n StytchClientOptions,\n StytchProjectConfigurationInput,\n} from '@stytch/core/public';\n\nimport { BootstrapDataManager } from '../BootstrapDataManager';\nimport { CaptchaProvider } from '../CaptchaProvider';\nimport { ClientsideServicesProvider } from '../ClientsideServicesProvider';\nimport { NetworkClient } from '../NetworkClient';\nimport { PKCEManager } from '../PKCEManager';\nimport { B2BSubscriptionDataLayer, B2BSubscriptionService, getB2BDataLayer } from '../SubscriptionService';\nimport { buildFinalConfig, hasCustomApiEndpoint } from '../utils/config';\nimport { AuthenticateByUrl, createAuthUrlHandler, ParseAuthenticateUrl } from '../utils/createAuthUrlHandler';\nimport { B2BInternals, writeB2BInternals } from '../utils/internal';\nimport { HeadlessB2BOAuthClient, IWebB2BOAuthClient } from './HeadlessB2BOAuthClient';\nimport { B2BOneTapProvider } from './oneTap/B2BOneTapProvider';\n\nexport type HandledTokenType =\n | 'discovery'\n | 'discovery_oauth'\n | 'oauth'\n | 'sso'\n | 'multi_tenant_magic_links'\n | 'multi_tenant_impersonation';\n\n/**\n * A headless client used for invoking Stytch's B2B APIs.\n * The Stytch Headless Client can be used as a drop-in solution for authentication and session management.\n * Full documentation can be found {@link https://stytch.com/docs/b2b/sdks/javascript-sdk online}.\n *\n * @example\n * const stytch = new StytchB2BClient('public-token-<find yours in the stytch dashboard>');\n * stytch.magicLinks.email.loginOrCreate({\n * email: 'sandbox@stytch.com',\n * organization_id: 'organization-test-123',\n * });\n */\nexport class StytchB2BClient<\n TProjectConfiguration extends StytchProjectConfigurationInput = Stytch.DefaultProjectConfiguration,\n> {\n private readonly _subscriptionService: B2BSubscriptionService<TProjectConfiguration>;\n private readonly _sessionManager: SessionManager<TProjectConfiguration>;\n private readonly _networkClient: INetworkClient;\n private readonly _dataLayer: B2BSubscriptionDataLayer;\n private readonly _stateChangeClient: StateChangeClient<B2BState>;\n\n // External API Clients\n magicLinks: IHeadlessB2BMagicLinksClient<TProjectConfiguration>;\n session: IHeadlessB2BSessionClient<TProjectConfiguration>;\n /** @deprecated Please use client.self instead. This will be removed in a future release. */\n member: IHeadlessB2BMemberClient;\n self: IHeadlessB2BSelfClient;\n organization: IHeadlessB2BOrganizationClient;\n oauth: IWebB2BOAuthClient<TProjectConfiguration>;\n sso: IHeadlessB2BSSOClient<TProjectConfiguration>;\n discovery: IHeadlessB2BDiscoveryClient<TProjectConfiguration>;\n passwords: IHeadlessB2BPasswordClient<TProjectConfiguration>;\n otps: IHeadlessB2BOTPsClient<TProjectConfiguration>;\n totp: IHeadlessB2BTOTPsClient<TProjectConfiguration>;\n recoveryCodes: IHeadlessB2BRecoveryCodesClient<TProjectConfiguration>;\n rbac: IHeadlessB2BRBACClient;\n scim: IHeadlessB2BSCIMClient;\n impersonation: IHeadlessB2BImpersonationClient;\n idp: HeadlessB2BIDPClient;\n\n // External methods\n /**\n * Register a callback function to be invoked whenever certain state changes\n * occur, like a member or session object being updated.\n *\n * This is an alternative to more specific methods like `self.onChange` and\n * `session.onChange`. It can be helpful if you want to be notified of related\n * changes to different parts of state at once.\n *\n * If you are only interested in specific state changes, consider using more\n * specific methods like `self.onChange` and `session.onChange` instead.\n */\n onStateChange: StateChangeRegisterFunction<B2BState>;\n\n /**\n * Extracts token and token type from the current page URL's query parameters.\n * If the current URL do not have the required query params, this will return null.\n * Otherwise, returns an object { handled: boolean, tokenType: string, token: string }\n */\n parseAuthenticateUrl: ParseAuthenticateUrl<HandledTokenType>;\n\n /**\n * Call this method to authenticate the user when the user has been redirected\n * to this page with a token in the query parameters, such as after OAuth\n * or through an email magic link. This method currently supports\n *\n * - Magic links\n * - OAuth\n * - SSO\n * - Impersonation\n *\n * If the current URL do not have the required query params, the promise returned will resolve to null.\n * If the token type is not supported (e.g. reset_password), the promise returned will resolve to this\n * object allowing you to handle the token.\n * {\n * handled: false,\n * tokenType: 'token_type',\n * token: '<token>'\n * }\n */\n authenticateByUrl: AuthenticateByUrl<HandledTokenType>;\n\n constructor(rawPublicToken: string, options?: StytchClientOptions) {\n checkB2BNotSSR();\n\n // Intentionally check the raw public token so that we can log a correct error message,\n // but then coalesce to an empty string so that the UI components don't fail to render.\n checkPublicToken(rawPublicToken);\n const _PUBLIC_TOKEN = rawPublicToken ?? '';\n\n // Not casting to InternalStytchClientOptions since InternalStytchClientOptions is currently a superset\n const config = buildFinalConfig(this.constructor.name, options);\n const usingCustomApiEndpoint = hasCustomApiEndpoint(_PUBLIC_TOKEN, options);\n\n this._dataLayer = getB2BDataLayer(_PUBLIC_TOKEN, config);\n this._subscriptionService = new B2BSubscriptionService(_PUBLIC_TOKEN, this._dataLayer, { usingCustomApiEndpoint });\n this._stateChangeClient = new StateChangeClient(this._subscriptionService, {});\n this.onStateChange = (...args) => this._stateChangeClient.onStateChange(...args);\n\n const additionalTelemetryDataFn = () => ({\n stytch_member_id: this._dataLayer.state?.member?.member_id,\n stytch_member_session_id: this._dataLayer.state?.session?.member_session_id,\n });\n\n const passwordsPKCEManager = new PKCEManager(this._dataLayer, 'passwords');\n\n const networkClient = new NetworkClient(\n _PUBLIC_TOKEN,\n this._dataLayer,\n config.endpoints.liveAPIURL,\n config.endpoints.testAPIURL,\n additionalTelemetryDataFn,\n );\n this._networkClient = networkClient;\n\n const bootstrap = new BootstrapDataManager(_PUBLIC_TOKEN, networkClient, this._dataLayer);\n const captcha = new CaptchaProvider(bootstrap.getAsync());\n const dfpProtectedAuth = new DFPProtectedAuthProvider(\n _PUBLIC_TOKEN,\n config.endpoints.dfpBackendURL,\n config.endpoints.dfpCdnURL,\n bootstrap.getAsync(),\n captcha.executeRecaptcha,\n );\n const clientsideServices = new ClientsideServicesProvider(config.endpoints.clientsideServicesIframeURL);\n const pkceManagerForOAuth = new PKCEManager(this._dataLayer, 'oauth');\n const oneTap = new B2BOneTapProvider(networkClient, pkceManagerForOAuth, bootstrap.getAsync());\n\n this.organization = new HeadlessB2BOrganizationClient(networkClient, networkClient, this._subscriptionService);\n this.member = new HeadlessB2BSelfClient(networkClient, networkClient, this._subscriptionService);\n this.self = new HeadlessB2BSelfClient(networkClient, networkClient, this._subscriptionService);\n this.session = new HeadlessB2BSessionClient(networkClient, this._subscriptionService);\n this.magicLinks = new HeadlessB2BMagicLinksClient(\n networkClient,\n this._subscriptionService,\n new PKCEManager(this._dataLayer, 'magic_links'),\n passwordsPKCEManager,\n bootstrap.getAsync(),\n dfpProtectedAuth,\n );\n this.oauth = new HeadlessB2BOAuthClient(\n networkClient,\n this._subscriptionService,\n pkceManagerForOAuth,\n bootstrap.getAsync(),\n {\n publicToken: _PUBLIC_TOKEN,\n testAPIURL: config.endpoints.testAPIURL,\n liveAPIURL: config.endpoints.liveAPIURL,\n },\n dfpProtectedAuth,\n oneTap,\n );\n this.sso = new HeadlessB2BSSOClient(\n networkClient,\n this._subscriptionService,\n new PKCEManager(this._dataLayer, 'sso'),\n bootstrap.getAsync(),\n {\n publicToken: _PUBLIC_TOKEN,\n testAPIURL: config.endpoints.testAPIURL,\n liveAPIURL: config.endpoints.liveAPIURL,\n },\n dfpProtectedAuth,\n );\n this.discovery = new HeadlessB2BDiscoveryClient(networkClient, this._subscriptionService);\n this.passwords = new HeadlessB2BPasswordsClient(\n networkClient,\n this._subscriptionService,\n passwordsPKCEManager,\n bootstrap.getAsync(),\n dfpProtectedAuth,\n );\n this.otps = new HeadlessB2BOTPsClient(networkClient, this._subscriptionService, dfpProtectedAuth);\n this.totp = new HeadlessB2BTOTPsClient(networkClient, this._subscriptionService, dfpProtectedAuth);\n this.recoveryCodes = new HeadlessB2BRecoveryCodesClient(networkClient, this._subscriptionService, dfpProtectedAuth);\n this.rbac = new HeadlessB2BRBACClient(bootstrap.getSync(), bootstrap.getAsync(), this._subscriptionService);\n this.scim = new HeadlessB2BSCIMClient(this._networkClient, this._subscriptionService);\n this.impersonation = new HeadlessB2BImpersonationClient(\n this._networkClient,\n this._subscriptionService,\n dfpProtectedAuth,\n );\n this.idp = new HeadlessB2BIDPClient(networkClient);\n this._sessionManager = new SessionManager(this._subscriptionService, this.session, _PUBLIC_TOKEN, {\n keepSessionAlive: config.keepSessionAlive,\n });\n const searchManager = new SearchDataManager(networkClient, dfpProtectedAuth);\n\n // If the session does not exist in localstorage (like if we are in an iframe)\n // then the cookie might still be set and we can retrieve the session via an API call.\n // If a custom API endpoint is being used, the session may be being managed by\n // HttpOnly cookies, which we can't detect.\n if (usingCustomApiEndpoint || this._dataLayer.readSessionCookie().session_token) {\n this._sessionManager.performBackgroundRefresh();\n }\n\n const { authenticateByUrl, parseAuthenticateUrl } = createAuthUrlHandler<HandledTokenType>({\n discovery: (token) => this.magicLinks.discovery.authenticate({ discovery_magic_links_token: token }),\n discovery_oauth: (token) => this.oauth.discovery.authenticate({ discovery_oauth_token: token }),\n oauth: (token, options) => this.oauth.authenticate({ oauth_token: token, ...options }),\n sso: (token, options) => this.sso.authenticate({ sso_token: token, ...options }),\n multi_tenant_magic_links: (token, options) =>\n this.magicLinks.authenticate({ magic_links_token: token, ...options }),\n multi_tenant_impersonation: (token) => this.impersonation.authenticate({ impersonation_token: token }),\n });\n\n this.authenticateByUrl = authenticateByUrl;\n this.parseAuthenticateUrl = parseAuthenticateUrl;\n\n networkClient.logEvent({\n name: 'b2b_sdk_instance_instantiated',\n details: {\n event_callback_registered: false,\n error_callback_registered: false,\n success_callback_registered: false,\n },\n });\n\n bootstrap.getAsync().then((bootstrapData) => {\n if (bootstrapData.vertical === VERTICAL_CONSUMER) {\n logger.error(\n 'This application is using a Stytch client for B2B projects, but the public token is for a Stytch Consumer project. Use a Consumer Stytch client instead, or verify that the public token is correct.',\n );\n }\n });\n\n const internals: B2BInternals = {\n bootstrap,\n clientsideServices,\n publicToken: _PUBLIC_TOKEN,\n searchManager,\n dataLayer: this._dataLayer,\n networkClient: networkClient,\n oneTap,\n };\n\n writeB2BInternals(this, internals);\n }\n}\n","import {\n CLIENTSIDE_SERVICES_IFRAME_URL,\n getDFPBackendURL,\n getDFPCdnURL,\n getLiveApiURL,\n getTestApiURL,\n InternalStytchClientOptions,\n isTestPublicToken,\n validateInDev,\n} from '@stytch/core';\nimport { StytchClientOptions } from '@stytch/core/public';\n\nexport const buildFinalConfig = (clientName: string, opts: InternalStytchClientOptions = {}) => {\n const { cookieOptions, keepSessionAlive } = opts;\n\n validateInDev(clientName, opts, {\n keepSessionAlive: 'optionalBoolean',\n });\n\n if (cookieOptions) {\n validateInDev(`${clientName}.cookieOptions`, cookieOptions, {\n opaqueTokenCookieName: 'optionalString',\n jwtCookieName: 'optionalString',\n istCookieName: 'optionalString',\n path: 'optionalString',\n domain: 'optionalString',\n });\n }\n\n return {\n cookieOptions,\n keepSessionAlive,\n endpoints: {\n testAPIURL: getTestApiURL(opts),\n liveAPIURL: getLiveApiURL(opts),\n dfpBackendURL: getDFPBackendURL(opts),\n dfpCdnURL: getDFPCdnURL(opts),\n clientsideServicesIframeURL: opts?.endpoints?.clientsideServicesIframeURL ?? CLIENTSIDE_SERVICES_IFRAME_URL,\n },\n };\n};\n\n/**\n * rawOptions should be the original object passed into the client, not the output from buildFinalConfig\n */\nexport const hasCustomApiEndpoint = (token: string, rawOptions: StytchClientOptions = {}) => {\n // endpointOptions is deprecated, but we still need to account for it\n const { customBaseUrl, endpointOptions } = rawOptions;\n return isTestPublicToken(token)\n ? !!(customBaseUrl || endpointOptions?.testApiDomain)\n : !!(customBaseUrl || endpointOptions?.apiDomain);\n};\n","import { LIVE_API_URL, TEST_API_URL } from '../constants';\nimport { InternalStytchClientOptions } from '../types';\nimport { getHttpsUrl } from './getHttpsUrl';\nimport { logger } from './logger';\n\nexport const getLiveApiURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.customBaseUrl ?? opts?.endpointOptions?.apiDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.customBaseUrl ? 'customBaseUrl' : 'apiDomain';\n logger.warn(`Unable to use custom API domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return opts?.endpoints?.liveAPIURL ?? LIVE_API_URL;\n};\n\nexport const getTestApiURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.customBaseUrl ?? opts?.endpointOptions?.testApiDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.customBaseUrl ? 'customBaseUrl' : 'testApiDomain';\n logger.warn(`Unable to use custom API domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return opts?.endpoints?.testAPIURL ?? TEST_API_URL;\n};\n","import { STYTCH_DFP_BACKEND_URL, STYTCH_DFP_CDN_URL } from '../constants';\nimport { InternalStytchClientOptions } from '../types';\nimport { getHttpsUrl } from './getHttpsUrl';\nimport { logger } from './logger';\n\nexport const getDFPBackendURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.dfppaUrl ?? opts?.endpointOptions?.dfppaDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.dfppaUrl ? 'dfppaUrl' : 'dfppaDomain';\n logger.warn(`Unable to use custom DFPPA domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return opts?.endpoints?.dfpBackendURL ?? STYTCH_DFP_BACKEND_URL;\n};\n\nexport const getDFPCdnURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.dfpCdnUrl ?? opts?.endpointOptions?.dfpCdnDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.dfpCdnUrl ? 'dfpCdnUrl' : 'dfpCdnDomain';\n logger.warn(`Unable to use custom DFP CDN domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return STYTCH_DFP_CDN_URL;\n};\n","import type { SessionDurationOptions } from '@stytch/core/public';\n\nfunction isHandledTokenType<HandledTokenType extends string>(\n handledTypes: HandledTokenType[],\n tokenType: string,\n): tokenType is HandledTokenType {\n return handledTypes.includes(tokenType as HandledTokenType);\n}\n\nexport const clearStytchTokenParams = () => {\n const url = removeStytchTokenParams(window.location.toString());\n window.history.replaceState(null, document.title, url);\n};\n\nexport type ParseAuthenticateUrl<HandledTokenType extends string> = (\n href?: string,\n) =>\n | { handled: true; token: string; tokenType: HandledTokenType }\n | { handled: false; token: string; tokenType: string }\n | null;\n\nexport type AuthenticateByUrl<TokenType extends string> = (\n options: {\n /**\n * Clear token and stytch_token_type URL params after authenticate is called.\n * @default true if the href parameter is window.location.href (the default)\n **/\n clearParams?: boolean;\n } & SessionDurationOptions,\n\n /**\n * Allow overriding URL where the token and stytch_token_type params are extracted from.\n * You usually would not need to set this.\n * @default window.location.href\n */\n href?: string,\n) => Promise<\n | {\n handled: true;\n tokenType: TokenType;\n data: unknown;\n }\n | {\n handled: false;\n tokenType: string;\n token: string;\n }\n | null\n>;\n\n/**\n * Creates both parseAuthenticateUrl and authenticateByUrl from the set of handlers passed in to ensure\n * both functions agree on what is handled.\n */\nexport const createAuthUrlHandler = <HandledTokenType extends string = string>(\n handlers: Record<HandledTokenType, (token: string, options: SessionDurationOptions) => Promise<unknown>>,\n) => {\n const handledTokenTypes = Object.keys(handlers) as HandledTokenType[];\n\n const parseAuthenticateUrl: ParseAuthenticateUrl<HandledTokenType> = (href = window.location.href) => {\n const url = new URL(href);\n const tokenType = url.searchParams.get('stytch_token_type');\n const token = url.searchParams.get('token');\n if (!token || !tokenType) {\n return null;\n }\n\n if (isHandledTokenType(handledTokenTypes, tokenType)) {\n return {\n handled: true,\n token,\n tokenType,\n };\n }\n\n return {\n handled: false,\n token,\n tokenType,\n };\n };\n\n const authenticateByUrl: AuthenticateByUrl<HandledTokenType> = async (\n { clearParams, ...options },\n href = window.location.href,\n ) => {\n const shouldClearParams = clearParams ?? href === window.location.href;\n const parsed = parseAuthenticateUrl(href);\n if (parsed == null) return null;\n if (!parsed.handled) return parsed;\n\n const { token, tokenType } = parsed;\n const handler = handlers[tokenType as HandledTokenType];\n try {\n const data = await handler(token, options);\n return {\n handled: true,\n tokenType: tokenType as HandledTokenType,\n data,\n };\n } finally {\n if (shouldClearParams) {\n clearStytchTokenParams();\n }\n }\n };\n\n return {\n authenticateByUrl,\n parseAuthenticateUrl,\n };\n};\n\n// Exported for testing\nexport function removeStytchTokenParams(href: string) {\n const url = new URL(href);\n const params = url.searchParams;\n\n params.delete('token');\n params.delete('stytch_token_type');\n\n return url;\n}\n","export const VERTICAL_B2B = 'B2B';\nexport const VERTICAL_CONSUMER = 'CONSUMER';\n\nexport type Vertical = typeof VERTICAL_B2B | typeof VERTICAL_CONSUMER;\n","/* eslint-disable lingui/no-unlocalized-strings -- user-facing strings in this file can be overridden using different APIs */\n\nimport { RBACPolicyRaw } from '@stytch/core';\nimport { IDPConsentItem } from '@stytch/core/public';\n\nconst OPENID_CONSENT_ITEM: IDPConsentItem = {\n text: 'Verify your identity',\n details: ['View information stored within your account'],\n};\n\n// Full Access didn't really make the cut\n// const FULL_ACCESS_CONSENT_ITEM: IDPConsentItem = {\n// text: 'Act on behalf of you',\n// details: [],\n// };\n\nconst PROFILE_CONSENT_ITEM: IDPConsentItem = {\n text: 'View your personal profile information',\n details: [],\n};\n\nconst OFFLINE_ACCESS_CONSENT_ITEM: IDPConsentItem = {\n text: \"Maintain access to your data even when you're not actively using the app\",\n details: [\n 'Access your data even when you are offline.',\n 'Synchronize data and process background tasks on your behalf.',\n ],\n};\n\nconst OPENID_SCOPE = 'openid';\nconst PROFILE_SCOPE = 'profile';\nconst EMAIL_SCOPE = 'email';\nconst PHONE_SCOPE = 'phone';\nconst FULL_ACCESS_SCOPE = 'full_access';\nconst OFFLINE_ACCESS_SCOPE = 'offline_access';\n\nconst DEFAULT_SCOPES = new Set([\n OPENID_SCOPE,\n PROFILE_SCOPE,\n EMAIL_SCOPE,\n PHONE_SCOPE,\n FULL_ACCESS_SCOPE,\n OFFLINE_ACCESS_SCOPE,\n]);\n\n// Scope is an optional param in OAuth2.1\n// When no scope is present, this is what we default to\nconst FALLBACK_SCOPES = [OPENID_SCOPE, EMAIL_SCOPE, PROFILE_SCOPE];\n\nexport const containsCustomScopes = (scope: string): boolean => {\n // set.difference is not in ES2015\n return scope.split(' ').some((sc) => !DEFAULT_SCOPES.has(sc));\n};\n\nexport const createBuiltinScopeDescriptions = (scopes: string[]): IDPConsentItem[] => {\n const descriptions: IDPConsentItem[] = [];\n\n if (scopes.includes(OPENID_SCOPE)) {\n descriptions.push(OPENID_CONSENT_ITEM);\n }\n\n if (scopes.includes(EMAIL_SCOPE) || scopes.includes(PROFILE_SCOPE) || scopes.includes(PHONE_SCOPE)) {\n descriptions.push(\n createProfileScopeDescription({\n containsEmail: scopes.includes(EMAIL_SCOPE),\n containsPhoneNumber: scopes.includes(PHONE_SCOPE),\n containsProfile: scopes.includes(PROFILE_SCOPE),\n }),\n );\n }\n\n // if (scopes.has(FULL_ACCESS_SCOPE)) {\n // descriptions.push();\n // }\n\n if (scopes.includes(OFFLINE_ACCESS_SCOPE)) {\n descriptions.push(OFFLINE_ACCESS_CONSENT_ITEM);\n }\n\n return descriptions;\n};\n\nconst createProfileScopeDescription = ({\n containsProfile,\n containsEmail,\n containsPhoneNumber,\n}: {\n containsProfile: boolean;\n containsEmail: boolean;\n containsPhoneNumber: boolean;\n}): IDPConsentItem => {\n const details = [];\n if (containsProfile) {\n details.push('Your name, profile picture, and language preferences');\n }\n if (containsEmail) {\n details.push('Your email address');\n }\n if (containsPhoneNumber) {\n details.push('Your phone number');\n }\n\n return {\n text: PROFILE_CONSENT_ITEM.text,\n details: details,\n };\n};\n\nexport const createCustomScopeDescriptions = (scopes: string[], rbacPolicy: RBACPolicyRaw | null): string[] => {\n if (!rbacPolicy) return [];\n\n const descriptions: string[] = [];\n\n for (const scope of scopes) {\n if (DEFAULT_SCOPES.has(scope)) continue;\n const found = rbacPolicy.scopes.find((policyScope) => policyScope.scope === scope);\n if (found && found.description) {\n descriptions.push(found.description);\n } else {\n descriptions.push(`Use the ${scope} scope`);\n }\n }\n\n return descriptions;\n};\n\nexport const fallbackConsentManifestGenerator = ({\n scopes,\n clientName,\n rbacPolicy,\n}: {\n scopes: string[];\n clientName: string;\n rbacPolicy: RBACPolicyRaw | null;\n}) => {\n return [\n {\n header: `${clientName} is requesting to:`,\n items: createBuiltinScopeDescriptions(scopes).concat(createCustomScopeDescriptions(scopes, rbacPolicy)),\n },\n ];\n};\n\nexport type OAuthAuthorizeParams = {\n // Required.\n client_id: string;\n redirect_uri: string;\n // Required, but has default\n response_type: string;\n scopes: string[];\n // Optional.\n code_challenge?: string;\n state?: string;\n nonce?: string;\n prompt?: string;\n resources?: string[];\n};\n\nexport type OAuthLogoutParams = {\n // Required.\n client_id: string;\n post_logout_redirect_uri: string;\n // Optional.\n id_token_hint?: string;\n state?: string;\n};\n\nexport type IDPFlowParams =\n | { type: 'Authorize'; params: OAuthAuthorizeParams }\n | { type: 'Logout'; params: OAuthLogoutParams };\n\n/**\n * Parse the OAuth Authorize params from the URL search parameters to pass in to subsequent OAuthAuthorize calls.\n *\n * @param params - The URL search parameters to parse.\n * @returns The parsed OAuth Authorize parameters.\n */\nexport const parseOAuthAuthorizeParams = (\n params: URLSearchParams,\n): { error: string | null; result: OAuthAuthorizeParams } => {\n const authorizeParams: OAuthAuthorizeParams = {\n client_id: '',\n redirect_uri: '',\n // As of writing, ChatGPT isn't sending `response_type` when making calls to our\n // authorization endpoint, even though it's technically a required field in the spec.\n // We default it to 'code' here and server-side.\n // See: https://stytchio.slack.com/archives/C07U0MHAH7G/p1749075544763149.\n response_type: 'code',\n // Default to this initial set of scopes when the client does not provide this param\n scopes: [...FALLBACK_SCOPES],\n };\n\n const requiredFields = ['client_id', 'redirect_uri'] as const;\n for (const field of requiredFields) {\n const value = params.get(field);\n if (!value) {\n return {\n error: `Required parameter is missing: ${field}. Please reach out to the application developer.`,\n result: authorizeParams,\n };\n }\n authorizeParams[field] = value;\n }\n\n const optionalStringFields = ['response_type', 'scope', 'code_challenge', 'state', 'nonce', 'prompt'] as const;\n for (const field of optionalStringFields) {\n const value = params.get(field);\n if (value) {\n if (field === 'scope') {\n authorizeParams.scopes = value.split(' ').filter(Boolean);\n } else {\n authorizeParams[field] = value;\n }\n }\n }\n\n if (params.has('resource')) {\n authorizeParams.resources = params.getAll('resource');\n }\n\n return { error: null, result: authorizeParams };\n};\n\nexport const parseOAuthLogoutParams = (\n params: URLSearchParams,\n): { error: string | null; result: OAuthLogoutParams } => {\n const logoutParams: OAuthLogoutParams = {\n client_id: '',\n post_logout_redirect_uri: '',\n };\n\n const requiredFields = ['client_id', 'post_logout_redirect_uri'] as const;\n for (const field of requiredFields) {\n const value = params.get(field);\n if (!value) {\n return {\n error: `Required parameter is missing: ${field}. Please reach out to the application developer.`,\n result: logoutParams,\n };\n }\n logoutParams[field] = value;\n }\n\n logoutParams.id_token_hint = params.get('id_token_hint') || undefined;\n logoutParams.state = params.get('state') || undefined;\n\n return { error: null, result: logoutParams };\n};\n\n/**\n * Parse generic IDP parameters and determine if it is an Authorize or Logout request.\n */\nexport const parseIDPParams = (searchParams: string): { error: string | null; flow: IDPFlowParams } => {\n const params = new URLSearchParams(searchParams);\n\n // Check if `post_logout_redirect_uri` exists to determine if it's a Logout request.\n if (params.has('post_logout_redirect_uri')) {\n const logoutResult = parseOAuthLogoutParams(params);\n return { error: logoutResult.error, flow: { type: 'Logout', params: logoutResult.result } };\n }\n\n // Otherwise, assume it's an Authorize request.\n const authorizeResult = parseOAuthAuthorizeParams(params);\n return { error: authorizeResult.error, flow: { type: 'Authorize', params: authorizeResult.result! } };\n};\n","import { ssrSafeClientFactory } from '../ui/react/bindings/StytchSSRProxy';\nimport { StytchB2BClient } from './StytchB2BClient';\n\n/**\n * Creates a Headless Stytch client object to call the stytch B2B APIs.\n * The Stytch client is not available serverside.\n * @example\n * const stytch = createStytchB2BClient('public-token-<find yours in the stytch dashboard>')\n *\n * return (\n * <StytchB2BProvider stytch={stytch}>\n * <App />\n * </StytchB2BProvider>\n * )\n * @returns A {@link StytchB2BClient}\n */\nexport const createStytchB2BClient = ssrSafeClientFactory(StytchB2BClient);\n\n/**\n * @deprecated Use {createStytchB2BClient()} instead\n */\nexport const createStytchB2BHeadlessClient = createStytchB2BClient;\n\n/**\n * @deprecated Use {StytchB2BClient()} instead\n */\nexport const StytchB2BHeadlessClient = StytchB2BClient;\nexport { StytchB2BClient };\n\nexport type { OAuthAuthorizeParams, OAuthLogoutParams } from '../utils/idpHelpers';\nexport { parseOAuthAuthorizeParams, parseOAuthLogoutParams } from '../utils/idpHelpers';\nexport * from '@stytch/core/public';\n"],"names":["GOOGLE_ONE_TAP_HOST","GOOGLE_ONE_TAP_SCRIPT_URL","MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING","B2BOAuthProviders","Google","Microsoft","HubSpot","Slack","GitHub","SDKAPIUnreachableError","Error","details","message","name","Object","setPrototypeOf","prototype","StytchSDKUsageError","methodName","StytchSDKSchemaError","schemaError","messages","body","map","err","dataPath","join","StytchSDKAPIError","error_type","error_message","error_url","request_id","status_code","error_details","JSON","stringify","UNRECOVERABLE_ERROR_TYPES","StytchError","StytchAPIUnreachableError","StytchAPISchemaError","StytchAPIError","from","maybe","undefined","String","StytchSDKError","options","description","NoCurrentSessionError","InternalError","nativeStack","error","nativeStackAndroid","nativeStackIOS","NoBiometricsRegistrationError","BiometricsUnavailableError","KeyInvalidatedError","KeystoreUnavailableError","NoBiometricsEnrolledError","UserCancellationError","UserLockedOutError","DeviceCredentialsNotAllowedError","MissingAuthorizationCredentialIDTokenError","InvalidAuthorizationCredentialError","NoCredentialsPresentError","MissingPublicKeyError","ChallengeSigningFailedError","SDKNotConfiguredError","FailedCodeChallengeError","PasskeysUnsupportedError","FailedToDecryptDataError","BiometricsFailedError","InvalidStartUrlError","InvalidRedirectSchemeError","MissingUrlError","InvalidCredentialTypeError","MissingAttestationObjectError","JSONDataNotConvertibleToStringError","RandomNumberGenerationFailed","PasskeysInvalidEncoding","PasskeysMisconfigured","SignInWithAppleMisconfigured","MissingCipherIv","InvalidPrivateKeyLength","BiometricRegistrationIdIsNullOrBlank","DFPNotConfigured","OneTapPositions","embedded","floating","embeddedOnly","floatingOrEmbedded","forceLegacyEmbedded","RNUIProducts","RetriableErrorType","StytchEventType","getRandomValues","RetriableError","type","retriableFetchSDK","method","finalURL","basicAuthHeader","xSDKClientHeader","xSDKParentHostHeader","retryCallback","req","baseFetchSDK","resp","respData","headers","Authorization","fetchOpts","credentials","fetch","e","status","json","data","get","includes","respError","text","baseSubmitFormSDK","finalBody","__Authorization","children","entries","key","value","input","document","createElement","form","action","append","appendChild","submit","rnds8","Uint8Array","REGEX","byteToHex","i","push","toString","substr","v4","buf","offset","rnds","random","rng","crypto","bind","msCrypto","arr","arguments","length","uuid","toLowerCase","test","TypeError","getHttpsUrl","urlOrDomain","url","URL","hostname","STYTCH_BADGE","args","console","warn","trailer","ModulePromiseCache","loadESModule","moduleFromGlobalScope","Promise","resolve","reject","script","maybeScript","findScript","scripts","querySelectorAll","dataset","loaded","setAttribute","head","addEventListener","DFPProtectedAuthProvider","state","publicToken","dfpBackendURL","dfpCdnDomain","bootstrapPromise","executeRecaptcha","then","bootstrapData","runDFPProtectedAuth","window","GetTelemetryID","enabled","mode","dfpProtectedAuthMode","isEnabled","getTelemetryID","getDFPTelemetryIDAndCaptcha","dfp_telemetry_id","captcha_token","retryWithCaptchaAndDFP","RequiredCaptcha","DisabledDFPProtectedAuthProvider","ErrorMarshaller","inflate","ErrorClass","ErrorData","assign","unmarshall","SyntaxError","ReferenceError","RangeError","EvalError","URIError","EventLogger","maxBatchSize","logEventURL","batch","setInterval","flush","intervalDurationMs","logEvent","telemetry","event","batchToSubmit","validateInDev","obj","rules","errors","rule","val","startsWith","Array","isArray","every","str","AggregateError","HeadlessB2BDiscoveryClient","organizations","intermediateSessions","_networkClient","_subscriptionService","list","fetchSDK","intermediate_session_token","getIntermediateSessionToken","create","withUpdateSession","session_duration_minutes","organization_name","organization_slug","organization_logo_url","sso_jit_provisioning","email_allowed_domains","email_invites","auth_methods","allowed_auth_methods","mfa_policy","requestBody","exchange","organization_id","locale","HeadlessB2BIDPClient","oauthAuthorizeStart","oauthAuthorizeSubmit","oauthLogoutStart","HeadlessB2BImpersonationClient","authenticate","dfpProtectedAuth","impersonation_token","DefaultDynamicConfig","pkceRequiredForEmailMagicLinks","HeadlessB2BMagicLinksClient","email","discovery","_pkceManager","_passwordResetPKCEManager","_config","invite","email_address","invite_redirect_url","invite_template_id","roles","invite_expiration_minutes","loginOrSignup","login_redirect_url","login_template_id","signup_redirect_url","signup_template_id","login_expiration_minutes","signup_expiration_minutes","pkce_code_challenge","getCodeChallenge","send","discovery_redirect_url","discovery_expiration_minutes","magic_links_token","passwordResetPKPair","getPKPair","code_verifier","handlePKCEForAuthenticate","log","discovery_magic_links_token","pkPair","pkce_code_verifier","clearPKPair","keyPair","code_challenge","startPKCETransaction","pkceManager","HeadlessB2BOAuthClient$1","google","microsoft","hubspot","slack","github","_dynamicConfig","oauth_token","logger","discovery_oauth_token","start","startOAuthFlow","startDiscoveryOAuthFlow","getBaseApiUrl","cnameDomain","token","testAPIURL","liveAPIURL","providerType","custom_scopes","provider_params","pkceRequiredForOAuth","baseURL","startUrl","searchParams","set","navigate","location","href","HeadlessB2BOrganizationClient","_apiNetworkClient","updateOrganization","organization","getSync","getOrganization","getInfo","fromCache","getFromCache","onChange","callback","subscribeToState","update","delete","destroyState","getBySlug","getConnectedApps","getConnectedApp","connected_app_id","members","search","response","member_id","updateMemberIfSelf","deletePassword","passwordId","deleteMFAPhoneNumber","memberId","deleteMFATOTP","getMember","reactivate","unlinkRetiredEmail","startEmailUpdate","revokeConnectedApp","updateMember","member","HeadlessB2BOTPsClient","sms","mfa_phone_number","code","set_mfa_enrollment","pkceRequiredForPasswordResets","HeadlessB2BPasswordsClient","resetByEmail","resetByExistingPassword","resetBySession","password","resetByEmailStart","reset_password_redirect_url","reset_password_template_id","reset_password_expiration_minutes","verify_email_template_id","password_reset_token","existing_password","new_password","strengthCheck","RBACPolicy","rolesByID","resources","forEach","role","role_id","fromJSON","mergeWithCustomRoles","customRoles","callerIsAuthorized","memberRoles","resourceId","roleId","filter","v","flatMap","permissions","permission","resource_id","find","actions","allPermissionsForCaller","allPermsMap","resource","HeadlessB2BRBACClient","cachedPolicy","policyPromise","cachedConfig","dynamicConfig","rbacPolicy","getEffectivePolicy","projectPolicy","custom_roles","getEffectivePolicySync","allPermissions","policy","roleIds","isAuthorizedSync","effectivePolicy","isAuthorized","session","getSession","HeadlessB2BRecoveryCodesClient","recover","recovery_code","rotate","HeadlessB2BSCIMClient","createConnection","display_name","identity_provider","updateConnection","connection_id","deleteConnection","connectionId","getConnection","getConnectionGroups","limit","cursor","rotateStart","rotateComplete","rotateCancel","HeadlessB2BSelfClient","untrusted_metadata","mfa_enrolled","default_mfa_method","HeadlessB2BSessionClient","revoke","forceClear","revokeForMember","_authenticate","initialSession","isSessionStale","member_session_id","destroySession","exchangeAccessToken","attest","access_token","profile_id","getTokens","updateSession","tokens","session_token","session_jwt","updateTokens","HeadlessB2BSSOClient","sso_token","pkceRequiredForSso","getConnections","discoverConnections","emailAddress","encodeURIComponent","saml","updateConnectionByURL","deleteVerificationCertificate","certificate_id","deleteEncryptionPrivateKey","private_key_id","oidc","external","HeadlessB2BTOTPsClient","set_default_mfa","expiration_minutes","siweRequiredForCryptoWallets","IframeHostClient","frame","iframeURL","createIframe","existingIframe","querySelector","src","style","position","width","height","border","once","call","channel","MessageChannel","port1","onmessage","close","success","payload","contentWindow","postMessage","port2","SearchDataManager","searchUser","searchMember","SessionManagerRegistry","hasWarned","registry","Map","register","sessionManager","otherManager","cancelBackgroundRefresh","unregister","SessionManager","REFRESH_INTERVAL_MS","timeout","lastAuthenticationSessionDuration","_publicToken","_headlessSessionClient","_options","_onDataChange","performBackgroundRefresh","_reauthenticateWithBackoff","scheduleBackgroundRefresh","catch","setTimeout","clearTimeout","sessionDurationMinutes","count","keepSessionAlive","isUnrecoverableError","done","timeoutForAttempt","Math","min","jitter","floor","StateChangeClient","emptyState","onStateChange","SSRStubKey","Symbol","createProxy","path","Proxy","target","p","apply","BOOTSTRAP_CACHE_KEY","DEFAULT_BOOTSTRAP","displayWatermark","projectName","emailDomains","captchaSettings","slugPattern","createOrganizationEnabled","passwordConfig","vertical","BootstrapDataManager","_bootstrapDataPromise","_dataLayer","mapBootstrapData","setItem","password_config","ludsComplexity","luds_complexity","ludsMinimumCount","luds_minimum_count","project_name","disable_sdk_watermark","captcha_settings","cname_domain","email_domains","pkce_required_for_email_magic_links","pkce_required_for_password_resets","pkce_required_for_oauth","pkce_required_for_sso","slug_pattern","create_organization_enabled","dfp_protected_auth_enabled","dfp_protected_auth_mode","rbac_policy","siwe_required_for_crypto_wallets","cached","getItem","parse","getAsync","CaptchaProvider","siteKey","configured","captchaClient","grecaptcha","enterprise","ready","execute","ClientsideServicesProvider","_frameClient","frameClient","handlerName","oneTapStart","oneTapSubmit","parsedPhoneNumber","getExamplePhoneNumber","NetworkClient","eventLogger","_subscriptionDataLayer","_liveAPIURL","_testAPIURL","additionalTelemetryDataFn","isTestPublicToken","buildSDKUrl","updateSessionToken","createTelemetryBlob","public_token","event_name","error_code","error_description","http_status_code","event_id","uuidv4","app_session_id","persistent_id","client_sent_at","Date","toISOString","timezone","Intl","DateTimeFormat","resolvedOptions","timeZone","app","identifier","sdk","version","sessionToken","readSessionCookie","btoa","origin","submitFormSDK","toHex","n","PKCEManager","namespace","createProofkeyPair","serialized","removeItem","bytes","Uint32Array","codeVerifier","subtle","digest","TextEncoder","encode","fromCharCode","replace","source","api","init","converter","defaultAttributes","attributes","expires","now","toUTCString","decodeURIComponent","escape","stringifiedAttributes","attributeName","split","cookie","write","cookies","jar","parts","slice","foundKey","read","remove","withAttributes","withConverter","freeze","hasMultipleCookies","cookieName","matchedCookies","cookiePairs","pair","getPersistentStorageKey","makeSafeStorage","storage","publicKey","persistentStorageKey","safeLocalStorage","globalThis","localStorage","safeSessionStorage","sessionStorage","getKeyBoundStorage","SEEN_DOMAINS_KEY","SubscriptionDataLayer","_opaqueTokenCookieName","_jwtCookieName","_cookiePath","_domain","_cookieAvailableToSubdomains","_istCookieName","subscriptions","_localStorage","browserSessionStorage","parsedState","cookieOptions","opaqueTokenCookieName","jwtCookieName","domain","availableToSubdomains","istCookieName","localStorageState","syncToLocalStorage","Cookies","readIntermediateSessionTokenCookie","writeSessionCookie","stateDiff","cookieOpts","generateCookieOpts","expiresAt","expires_at","addSeenDomain","alternateCookieOptions","writeIntermediateSessionTokenCookie","IST","expiresAtTime","removeSessionCookie","removeCookies","removeISTCookie","cookiesToRemove","trackedDomains","getSeenDomains","uniqueDomains","Set","storedDomains","parsed","sameSite","match","secure","host","B2BSubscriptionDataLayer","b2bDataLayerCacheSymbol","for","notifySubscribers","collection","values","cb","deepEqualData","createDeepEqual","KEYS_TO_EXCLUDE","deepEqual","a","b","keys","some","k","BaseSubscriptionService","_datalayer","usingCustomApiEndpoint","_listen","parsedValue","newValue","updateState","updateStateAndTokens","_updateStateAndTokensInternal","oldStateValue","newStateValue","wasCached","setCacheRefreshed","notification","fromExternalSource","hasStateChanged","diff","uniqueId","getState","destroy","removeEventListener","syncFromDeviceStorage","B2BSubscriptionService","member_session","internalSymB2B","HeadlessB2BOAuthClient","BaseHeadlessB2BOAuthClient","_dfpProtectedAuth","_oneTap","startOneTapDiscovery","clientResult","createOneTapClient","reason","client","onSuccessCallback","createOnDiscoverySuccessHandler","discoveryRedirectUrl","onSuccess","redirectOnSuccess","render","cancelOnTapOutside","cancel_on_tap_outside","startOneTap","createOnSuccessHandler","organizationId","signupRedirectUrl","loginRedirectUrl","googleOneTap","navigatorSupportsFedCM","getConfiguredEmbeddedMode","GoogleOneTapClient","_googleClient","_clientId","cancel","onOneTapCancelled","embeddedMode","shouldRenderEmbeddedOneTap","config","client_id","auto_select","context","itp_support","use_fedcm_for_prompt","prompt_parent_id","initialize","prompt","isSkippedMoment","getSkippedReason","isNotDisplayed","getNotDisplayedReason","isDismissedMoment","styleFrame","getElementsByTagName","B2BOneTapProvider","googleClientID","fetchGoogleStart","oneTapStartResp","google_client_id","submitGoogleOneTapTokenDiscovery","credential","codeChallenge","id_token","submitGoogleOneTapToken","googleClientId","accounts","id","onError","submitPromise","result","redirect_url","StytchB2BClient","_sessionManager","_stateChangeClient","magicLinks","self","oauth","sso","passwords","otps","totp","recoveryCodes","rbac","scim","impersonation","idp","parseAuthenticateUrl","authenticateByUrl","rawPublicToken","checkPublicToken","_PUBLIC_TOKEN","buildFinalConfig","clientName","opts","endpoints","getTestApiURL","customBaseUrl","endpointOptions","testApiDomain","httpsUrl","getLiveApiURL","apiDomain","getDFPBackendURL","dfppaUrl","dfppaDomain","dfpCdnURL","getDFPCdnURL","dfpCdnUrl","clientsideServicesIframeURL","hasCustomApiEndpoint","rawOptions","getB2BDataLayer","wdw","dataLayerCache","stytch_member_id","stytch_member_session_id","passwordsPKCEManager","networkClient","bootstrap","captcha","clientsideServices","pkceManagerForOAuth","oneTap","searchManager","createAuthUrlHandler","handlers","handledTokenTypes","tokenType","handledTypes","handled","clearParams","shouldClearParams","handler","params","history","replaceState","title","discovery_oauth","multi_tenant_magic_links","multi_tenant_impersonation","event_callback_registered","error_callback_registered","success_callback_registered","writeB2BInternals","internals","dataLayer","FALLBACK_SCOPES","createStytchB2BClient","Discovery","Organization","PasswordReset","smsOtp","Apple","Github","GitLab","Facebook","Discord","Salesforce","Amazon","Bitbucket","LinkedIn","Coinbase","Twitch","Twitter","TikTok","Snapchat","Figma","Yahoo","SMS","WhatsApp","Email","ResetPassword","Phantom","Metamask","Binance","GenericEthereumWallet","GenericSolanaWallet","authorizeParams","redirect_uri","response_type","scopes","field","Boolean","has","getAll","logoutParams","post_logout_redirect_uri","id_token_hint"],"mappings":"oCAWO,IAAMA,EAAsB,kCAEtBC,EAA4B,CAAA,EAAGD,EAAoB,OAAO,CAAC,CAK3DE,EACX,2PCKWC,EAAoB,CAC/BC,OAAQ,SACRC,UAAW,YACXC,QAAS,UACTC,MAAO,QACPC,OAAQ,QACV,CCrBO,OAAMC,UAA+BC,MAC1CC,OAAAA,AAEA,aAAYC,CAAe,CAAED,CAAe,CAAE,CAC5C,KAAK,CAACC,EAAU,KAAOD,GACvB,IAAI,CAACC,OAAO,CAAGA,EAAU,KAAOD,EAChC,IAAI,CAACE,IAAI,CAAG,yBACZ,IAAI,CAACF,OAAO,CAAGA,EACfG,OAAOC,cAAc,CAAC,IAAI,CAAEN,EAAuBO,SAAS,CAC9D,CACF,CAMO,MAAMC,UAA4BP,MACvC,YAAYQ,CAAkB,CAAEN,CAAe,CAAE,CAC/C,KAAK,GACL,IAAI,CAACC,IAAI,CAAG,sBACZ,IAAI,CAACD,OAAO,CAAG,CAAC,gBAAgB,EAAEM;AAAa,CAAC,CAAGN,CACrD,CACF,CA0BO,MAAMO,UAA6BT,MACxC,YAAYU,CAAqC,CAAE,CACjD,KAAK,GACL,IAAI,CAACP,IAAI,CAAG,uBAEZ,MAAMQ,EAAWD,EAAYE,IAAI,EAAEC,IAAI,AAACC,GAAQ,CAAA,EAAGA,EAAIC,QAAQ,CAAC,EAAE,EAAED,EAAIZ,OAAO,CAAA,CAAE,EAAEc,KAAK,KAExF,CAAA,IAAI,CAACd,OAAO,CAAG,CAAC;AAA8C,EAAES,EAAAA,CAAU,AAC5E,CACF,CAeO,MAAMM,UAA0BjB,MACrCkB,UAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,SAAAA,AACAC,CAAAA,UAAAA,AACAC,CAAAA,WAAAA,AACAC,CAAAA,aAAAA,AAEA,aAAYtB,CAAiB,CAAE,CAC7B,KAAK,GACL,IAAI,CAACE,IAAI,CAAG,oBAEZ,KAAM,CAAEmB,YAAAA,CAAW,CAAEJ,WAAAA,CAAU,CAAEC,cAAAA,CAAa,CAAEC,UAAAA,CAAS,CAAEC,WAAAA,CAAU,CAAEE,cAAAA,CAAa,CAAE,CAAGtB,CACzF,CAAA,IAAI,CAACiB,UAAU,CAAGA,EAClB,IAAI,CAACC,aAAa,CAAGA,EACrB,IAAI,CAACC,SAAS,CAAGA,EACjB,IAAI,CAACC,UAAU,CAAGA,EAClB,IAAI,CAACC,WAAW,CAAGA,EACnB,IAAI,CAACC,aAAa,CAAGA,EAErB,IAAI,CAACrB,OAAO,CACV,CAAC,CAAC,EAAEoB,EAAY,EAAE,EAAEJ;AACjBC,AAAH,EAAGA;AACF,IAAI,EAAEC,EAAU;AAAwB,CAFP,CAKjCC,CAAAA,EAAa,CAAC,YAAY,EAAEA;AAAa,CAAC,CAAG,EAAA,EAC7C,CAAA,IAAI,CAACE,aAAa,CAAG,CAAC;AAAW,CAAC,CAAGC,KAAKC,SAAS,CAAC,IAAI,CAACF,aAAa,EAAI,KAAO,GACtF,CACF,KAMaG,EAAkD,CAC7D,2BACA,uBACA,gCACA,oBAMK,OAAMC,UAAoB3B,MAC/B,YAAYG,CAAY,CAAED,CAAe,CAAE,CACzC,KAAK,CAACA,GACN,IAAI,CAACC,IAAI,CAAGA,CACd,CACF,CAOO,MAAMyB,UAAkCD,EAC7C,YAAY1B,CAAe,CAAE,CAC3B,KAAK,CAAC,4BAA6BA,GACnCG,OAAOC,cAAc,CAAC,IAAI,CAAEuB,EAA0BtB,SAAS,CACjE,CACF,CAMO,MAAMuB,UAA6BF,EACxC,YAAYjB,CAAqC,CAAE,CACjD,MAAMC,EAAWD,EAAYE,IAAI,EAAEC,IAAI,AAACC,GAAQ,CAAA,EAAGA,EAAIC,QAAQ,CAAC,EAAE,EAAED,EAAIZ,OAAO,CAAA,CAAE,EAAEc,KAAK,MACxF,KAAK,CAAC,uBAAwB,CAAC;AAAwC,EAAEL,EAAAA,CAAU,CACrF,CACF,CAMO,MAAMmB,UAAuBH,EAClCT,UAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,SAAAA,AACAC,CAAAA,UAAAA,AACAC,CAAAA,WAAAA,AACAC,CAAAA,aAAAA,AAEA,aAAYtB,CAAiB,CAAE,CAC7B,KAAM,CAAEqB,YAAAA,CAAW,CAAEJ,WAAAA,CAAU,CAAEC,cAAAA,CAAa,CAAEC,UAAAA,CAAS,CAAEC,WAAAA,CAAU,CAAEE,cAAAA,CAAa,CAAE,CAAGtB,EACzF,KAAK,CACH,iBACA,CAAC,CAAC,EAAEqB,EAAY,EAAE,EAAEJ;AACfC,EAAAA;AACF,IAAI,EAAEC,EAAU;AAAwB,CAFT,CAK/BC,CAAAA,EAAa,CAAC,YAAY,EAAEA;AAAa,CAAC,CAAG,EAAA,EAC7CE,CAAAA,EAAgB,CAAC;AAAW,CAAC,CAAGC,KAAKC,SAAS,CAACF,GAAiB,KAAO,EAAA,GAE5E,IAAI,CAACL,UAAU,CAAGA,EAClB,IAAI,CAACC,aAAa,CAAGA,EACrB,IAAI,CAACC,SAAS,CAAGA,EACjB,IAAI,CAACC,UAAU,CAAGA,EAClB,IAAI,CAACC,WAAW,CAAGA,EACnB,IAAI,CAACC,aAAa,CAAGA,CACvB,CAEA,OAAOQ,KAAKjB,CAAY,CAAkB,QACxC,AAAIA,aAAegB,EACVhB,EAELA,GAAO,AAAe,UAAf,OAAOA,GAGd,AAA6B,UAA7B,OAAOkB,AAFKlB,EAECQ,WAAW,EACxB,AAA4B,UAA5B,OAAOU,AAHKlB,EAGCI,UAAU,EACvB,AAA+B,UAA/B,OAAOc,AAJKlB,EAICK,aAAa,EAC1B,AAA2B,UAA3B,OAAOa,AALKlB,EAKCM,SAAS,CAEf,IAAIU,EAAe,CACxBR,YAAaU,AARHlB,EAQSQ,WAAW,CAC9BJ,WAAYc,AATFlB,EASQI,UAAU,CAC5BC,cAAea,AAVLlB,EAUWK,aAAa,CAClCC,UAAWY,AAXDlB,EAWOM,SAAS,CAC1BC,WAAY,AAA4B,UAA5B,OAAOW,AAZTlB,EAYeO,UAAU,CAAgBW,AAZzClB,EAY+CO,UAAU,CAAGY,KAAAA,EACtEV,cAAe,AAA+B,UAA/B,OAAOS,AAbZlB,EAakBS,aAAa,CAAgBS,AAb/ClB,EAaqDS,aAAa,CAAGU,KAAAA,CACjF,GAIG,IAAIH,EAAe,CACxBR,YAAa,IACbJ,WAAY,gBACZC,cAJcL,aAAed,MAAQc,EAAIZ,OAAO,CAAG,kBAAoBgC,OAAOpB,GAK9EM,UAAW,GACXC,WAAYY,KAAAA,EACZV,cAAeU,KAAAA,CACjB,EACF,CACF,CASO,MAAME,UAAuBR,EAClCS,OAAAA,AAEA,aAAYjC,CAAY,CAAEkC,CAAmB,CAAED,CAA+B,CAAE,CAC9E,KAAK,CAACjC,EAAMkC,GACZ,IAAI,CAACD,OAAO,CAAGA,CACjB,CACF,CASO,MAAME,UAA8BH,EACzC,aAAc,CACZ,KAAK,CACH,wBACA,qGAEJ,CACF,CAKO,MAAMI,UAAsBJ,EACjCK,WAAAA,AAEA,aAAYC,CAAU,CAAE,CACtB,KAAK,CACHA,EAAMtC,IAAI,CAAGsC,EAAMtC,IAAI,CAAG,iBAC1BsC,EAAMvC,OAAO,CAAGuC,EAAMvC,OAAO,CAAG,yEAElC,IAAI,CAACsC,WAAW,CAAGC,EAAMC,kBAAkB,EAAID,EAAME,cAAc,AACrE,CACF,CAKO,MAAMC,UAAsCT,EACjD,aAAc,CACZ,KAAK,CACH,gCACA,6HAEJ,CACF,CAKO,MAAMU,UAAmCV,EAC9C,aAAc,CACZ,KAAK,CAAC,6BAA8B,6CACtC,CACF,CAKO,MAAMW,UAA4BX,EACvC,aAAc,CACZ,KAAK,CAAC,sBAAuB,uDAC/B,CACF,CAKO,MAAMY,UAAiCZ,EAC5C,aAAc,CACZ,KAAK,CACH,2BACA,wGAEJ,CACF,CAKO,MAAMa,UAAkCb,EAC7C,aAAc,CACZ,KAAK,CACH,4BACA,sGAEJ,CACF,CAiBO,MAAMc,UAA8Bd,EACzC,aAAc,CACZ,KAAK,CAAC,wBAAyB,2DACjC,CACF,CAKO,MAAMe,UAA2Bf,EACtC,aAAc,CACZ,KAAK,CACH,qBACA,iGAEJ,CACF,CAKO,MAAMgB,UAAyChB,EACpD,aAAc,CACZ,KAAK,CACH,mCACA,4JAEJ,CACF,CAuBO,MAAMiB,UAAmDjB,EAC9D,aAAc,CACZ,KAAK,CAAC,6CAA8C,uDACtD,CACF,CAKO,MAAMkB,UAA4ClB,EACvD,aAAc,CACZ,KAAK,CACH,sCACA,2IAEJ,CACF,CAKO,MAAMmB,UAAkCnB,EAC7C,aAAc,CACZ,KAAK,CAAC,4BAA6B,mEACrC,CACF,CAKO,MAAMoB,UAA8BpB,EACzC,aAAc,CACZ,KAAK,CAAC,wBAAyB,uEACjC,CACF,CAKO,MAAMqB,UAAoCrB,EAC/C,aAAc,CACZ,KAAK,CAAC,8BAA+B,6CACvC,CACF,CAKO,MAAMsB,UAA8BtB,EACzC,aAAc,CACZ,KAAK,CACH,wBACA,0FAEJ,CACF,CAKO,MAAMuB,UAAiCvB,EAC5C,aAAc,CACZ,KAAK,CAAC,2BAA4B,oCACpC,CACF,CAKO,MAAMwB,UAAiCxB,EAC5C,aAAc,CACZ,KAAK,CAAC,2BAA4B,4CACpC,CACF,CAKO,MAAMyB,UAAiCzB,EAC5C,aAAc,CACZ,KAAK,CAAC,2BAA4B,8BACpC,CACF,CAKO,MAAM0B,UAA8B1B,EACzC,aAAc,CACZ,KAAK,CAAC,wBAAyB,kCACjC,CACF,CAKO,MAAM2B,UAA6B3B,EACxC,aAAc,CACZ,KAAK,CAAC,uBAAwB,qDAChC,CACF,CAKO,MAAM4B,UAAmC5B,EAC9C,aAAc,CACZ,KAAK,CACH,6BACA,kLAEJ,CACF,CAKO,MAAM6B,UAAwB7B,EACnC,aAAc,CACZ,KAAK,CAAC,kBAAmB,oEAC3B,CACF,CAKO,MAAM8B,UAAmC9B,EAC9C,aAAc,CACZ,KAAK,CAAC,6BAA8B,+DACtC,CACF,CAKO,MAAM+B,UAAsC/B,EACjD,aAAc,CACZ,KAAK,CAAC,gCAAiC,+DACzC,CACF,CAKO,MAAMgC,UAA4ChC,EACvD,aAAc,CACZ,KAAK,CAAC,sCAAuC,mDAC/C,CACF,CAKO,MAAMiC,UAAqCjC,EAChD,aAAc,CACZ,KAAK,CAAC,+BAAgC,kCACxC,CACF,CAKO,MAAMkC,UAAgClC,EAC3C,aAAc,CACZ,KAAK,CAAC,0BAA2B,2BACnC,CACF,CAKO,MAAMmC,UAA8BnC,EACzC,aAAc,CACZ,KAAK,CACH,wBACA,0JAEJ,CACF,CAKO,MAAMoC,UAAqCpC,EAChD,aAAc,CACZ,KAAK,CACH,+BACA,kLAEJ,CACF,CAEO,MAAMqC,UAAwBrC,EACnC,aAAc,CACZ,KAAK,CACH,kBACA,6FAEJ,CACF,CAEO,MAAMsC,UAAgCtC,EAC3C,aAAc,CACZ,KAAK,CAAC,0BAA2B,8CACnC,CACF,CAEO,MAAMuC,UAA6CvC,EACxD,aAAc,CACZ,KAAK,CACH,uCACA,2MAEJ,CACF,CAEO,MAAMwC,UAAyBxC,EACpC,aAAc,CACZ,KAAK,CACH,mBACA,2FAEJ,CACF,KC1eayC,EAAkB,CAM7BC,SAAU,WAKVC,SAAU,WAMVC,aAAc,eAKdC,mBAAoB,qBAOpBC,oBAAqB,qBACvB,EA2WO,IAwJKC,ECpkBAC,ED4aAC,EEhgBRC,EFggBGD,KAAKA,EAmEX,CAAA,ulBAjDEA,EAAA,wBAAA,CAAA,6BAMAA,EAAA,uBAAA,CAAA,6BAKAA,EAAA,0BAAA,CAAA,gCAKAA,EAAA,+BAAA,CAAA,ivDAlCSA,GAwJLF,KAAKA,EAKX,CAAA,6GALWA,GCpkBLC,KAAKA,EAEX,uCAFWA,EAIL,OAAMG,WAAuBtF,MAClCuF,IAAAA,AAEA,aAAYA,CAAwB,CAAE,CACpC,KAAK,CAACA,GACN,IAAI,CAACA,IAAI,CAAGA,CACd,CACF,CAEO,eAAeC,GAA4C,CAChEC,OAAAA,CAAM,CACNC,SAAAA,CAAQ,CACRC,gBAAAA,CAAe,CACfC,iBAAAA,CAAgB,CAChBC,qBAAAA,CAAoB,CACpBjF,KAAAA,CAAI,CACJkF,cAAAA,CAAa,CACe,EAC5B,IAAIC,EAA0B,CAC5BN,OAAAA,EACAC,SAAAA,EACAC,gBAAAA,EACAC,iBAAAA,EACAC,qBAAAA,EACAjF,KAAAA,CACF,EAEA,GAAI,CACF,OAAO,MAAMoF,GAAgBD,EAC/B,CAAE,MAAOjF,EAAK,CACZ,GAAIA,aAAewE,GAEjB,OADAS,EAAM,MAAMD,EAAchF,EAAKiF,GACxB,MAAMC,GAAgBD,EAE/B,OAAMjF,CACR,CACF,CAWO,eAAekF,GAAuC,CAC3DP,OAAAA,CAAM,CACNC,SAAAA,CAAQ,CACRC,gBAAAA,CAAe,CACfC,iBAAAA,CAAgB,CAChBC,qBAAAA,CAAoB,CACpBjF,KAAAA,CAAI,CACe,EACnB,IAiBIqF,EAuCAC,EAxDEC,EAAkC,CACtCC,cAAeT,EACf,eAAgB,mBAChB,eAAgBC,CAClB,CAEIC,CAAAA,GACFM,CAAAA,CAAO,CAAC,oBAAoB,CAAGN,CAAAA,EAGjC,IAAMQ,EAAyB,CAC7BZ,OAAAA,EACAU,QAAAA,EACAvF,KAAMA,GAAQY,KAAKC,SAAS,CAACb,GAC7B0F,YAAa,SACf,EAGA,GAAI,CACFL,EAAO,MAAMM,MAAMb,EAAUW,EAE/B,CAAE,MAAOG,EAAQ,CACf,GAAIA,AAAc,oBAAdA,EAAEtG,OAAO,CACX,MAAM,IAAI0B,EAA0B,iCAEtC,OAAM4E,CACR,CAGA,GAAIP,EAAKQ,MAAM,EAAI,IACjB,GAAI,CAEF,MAAOP,AADU,CAAA,MAAMD,EAAKS,IAAI,EAAA,EAChBC,IAAI,AACtB,CAAE,KAAM,CACN,MAAM,IAAI/E,EAA0B,0CACtC,CAIF,GAAIqE,AAAgB,MAAhBA,EAAKQ,MAAM,EAAYR,EAAKE,OAAO,CAACS,GAAG,CAAC,iBAAiBC,SAAS,oBAAqB,CACzF,IAAIC,EACJ,GAAI,CACFA,EAAY,MAAMb,EAAKS,IAAI,EAC7B,CAAE,KAAM,CAEN,MAAM,IAAI9E,EAA0B,qCACtC,CAGA,GAAI,SAAUkF,GAAa,WAAYA,GAAa,UAAWA,EAC7D,MAAM,IAAIjF,EAAqBiF,EAEjC,OAAM,IAAIhF,EAAegF,EAC3B,CAIA,GAAI,CACFZ,EAAW,MAAMD,EAAKc,IAAI,EAC5B,CAAE,KAAM,CACN,MAAM,IAAInF,EAA0B,qCACtC,CACA,GAAIsE,EAASW,QAAQ,CAAC,oBACpB,MAAM,IAAIvB,GAAAA,mBAEZ,OAAM,IAAI1D,EAA0B,qCACtC,CAEO,eAAeoF,GAAkB,CACtCvB,OAAAA,CAAM,CACNC,SAAAA,CAAQ,CACRC,gBAAAA,CAAe,CACfC,iBAAAA,CAAgB,CAChBC,qBAAAA,CAAoB,CACpBjF,KAAAA,CAAI,CACe,EAEnB,IAAMqG,EAAoC,CADb,GAATrG,GAAQ,CAAA,CAE1B,CACAsG,gBAAiBvB,EACjB,iBAAkBC,CACpB,CAEIC,CAAAA,GACFoB,CAAAA,CAAS,CAAC,sBAAsB,CAAGpB,CAAAA,EAGrC,IAAMsB,EAA+B/G,OAAOgH,OAAO,CAACH,GAAWpG,GAAG,CAAC,CAAC,CAACwG,EAAKC,EAAM,IAC9E,IAAMC,EAAQC,SAASC,aAAa,CAAC,SAIrC,OAHAF,EAAMhC,IAAI,CAAG,SACbgC,EAAMpH,IAAI,CAAGkH,EACbE,EAAMD,KAAK,CAAGA,EACPC,CACT,GAEMG,EAAOF,SAASC,aAAa,CAAC,OACpCC,CAAAA,EAAKjC,MAAM,CAAGA,EACdiC,EAAKC,MAAM,CAAGjC,EACdgC,EAAKE,MAAM,IAAIT,GAEfK,SAAS5G,IAAI,CAACiH,WAAW,CAACH,GAC1BA,EAAKI,MAAM,EACb,CEhPA,IAAK,IDJDC,GAAQ,IAAIC,WAAW,IEJ3BC,GAAe,sHDMXC,GAAY,EAAE,CAETC,GAAI,EAAGA,GAAI,IAAK,EAAEA,GACzBD,GAAUE,IAAI,CAAC,AAACD,CAAAA,GAAI,GAAA,EAAOE,QAAQ,CAAC,IAAIC,MAAM,CAAC,IENjD,SAASC,GAAGnG,CAAO,CAAEoG,CAAG,CAAEC,CAAM,EAE9B,IAAIC,EAAOtG,AADXA,CAAAA,EAAUA,GAAW,CAAA,CAAA,EACFuG,MAAM,EAAI,AAACvG,CAAAA,EAAQwG,GAAG,EHA5B,WAEb,GAAI,CAACvD,GAKC,CAFJA,CAAAA,EAAkB,AAAkB,IAAlB,OAAOwD,QAA0BA,OAAOxD,eAAe,EAAIwD,OAAOxD,eAAe,CAACyD,IAAI,CAACD,SAAW,AAAoB,IAApB,OAAOE,UAA4B,AAAoC,YAApC,OAAOA,SAAS1D,eAAe,EAAmB0D,SAAS1D,eAAe,CAACyD,IAAI,CAACC,SAAQ,EAG7O,MAAM,AAAI/I,MAAM,4GAIpB,OAAOqF,EAAgB0C,GACzB,CGb+C,IAe7C,OAbAW,CAAI,CAAC,EAAE,CAAGA,AAAU,GAAVA,CAAI,CAAC,EAAE,CAAU,GAC3BA,CAAI,CAAC,EAAE,CAAGA,AAAU,GAAVA,CAAI,CAAC,EAAE,CAAU,IAYpBjH,AFRT,SAAmBuH,CAAG,EACpB,IAAIP,EAASQ,UAAUC,MAAM,CAAG,GAAKD,AAAiBhH,KAAAA,IAAjBgH,SAAS,CAAC,EAAE,CAAiBA,SAAS,CAAC,EAAE,CAAG,EAG7EE,EAAO,AAACjB,CAAAA,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,AAAD,EAAGW,WAAW,GAMpgB,GAAI,CGnBG,CAAA,AAAgB,UAAhB,OHmBOD,GGnBqBlB,GAAMoB,IAAI,CHmB/BF,EGnBoC,EHoBhD,MAAMG,UAAU,+BAGlB,OAAOH,CACT,EEPmBT,EACnB,CErBO,IAAMa,GAAc,AAACC,IAE1B,GAAI,CACF,IAAMC,EAAM,IAAIC,IAAIF,GACpB,MAAO,CAAC,QAAQ,EAAEC,EAAIE,QAAQ,CAAA,CAAE,AAClC,CAAE,KAAM,CAER,CAGA,GAAI,CACF,IAAMF,EAAM,IAAIC,IAAI,CAAC,QAAQ,EAAEF,EAAAA,CAAa,EAC5C,MAAO,CAAC,QAAQ,EAAEC,EAAIE,QAAQ,CAAA,CAAE,AAClC,CAAE,KAAM,CAER,CAIF,ECbMC,GAGA,CAAC,eAAgB,uEAAwE,GAAG,IAiB1F,CAAC,GAAGC,IAAgBC,QAAQC,IAAI,IAAIH,MAAiBC,MACpD,CAAC,GAAGA,IAAgBC,QAAQrH,KAAK,IAAImH,MAAiBC,GCzBzDG,GAAU;wEACwD,CAAC,CCHnEC,GAAuD,CAAA,EAItD,eAAeC,GAAgBT,CAAW,CAAEU,CAA8B,MAS7CV,EAAaU,SARflI,KAAAA,IAA5BgI,EAAkB,CAACR,EAAI,EAI3BQ,CAAAA,EAAkB,CAACR,EAAI,EAIWA,EAJgBA,EAIHU,EAJQA,EAKhD,IAAIC,QAAQ,CAACC,EAASC,SAoCTb,EAnClB,IAoCIc,EApCEC,EAAcC,AA4BxB,SAAoBhB,CAAW,EAC7B,IAAMiB,EAHkClD,SAASmD,gBAAgB,CAAoB,CAAC,YAAY,EAGjElB,EAHuE,EAAE,CAAC,EAI3G,GAAIiB,CAAO,CAAC,EAAE,CACZ,OAAOA,CAAO,CAAC,EAAE,AAErB,EAjCmCjB,GAC/B,GAAIe,GAAeA,AAA+B,SAA/BA,EAAYI,OAAO,CAACC,MAAM,CAC3C,GAAI,CACFR,EAAQF,IACV,CAAE,MAAOrJ,EAAK,CACZ,OAAOwJ,EAAO,AAAItK,MAAM,GAAGyJ,EAAI,2DAA2D,EAAE3I,EAAAA,CAAK,EACnG,CAGF,IAAMyJ,GA0BYd,EA1BUA,EA4B9Bc,CADMA,EAAS/C,SAASC,aAAa,CAAC,WAC/BqD,YAAY,CAAC,MAAOrB,GAC3Bc,EAAOO,YAAY,CAAC,QAAS,QAC7BP,EAAOO,YAAY,CAAC,QAAS,QAC7BtD,SAASuD,IAAI,CAAClD,WAAW,CAAC0C,GACnBA,GA9BLA,EAAOS,gBAAgB,CAAC,OAAQ,KAC9BT,EAAOK,OAAO,CAACC,MAAM,CAAG,OACxB,GAAI,CACFR,EAAQF,IACV,CAAE,MAAOrJ,EAAK,CACZwJ,EAAO,AAAItK,MAAM,CAAA,EAAGyJ,EAAI,uDAAuD,EAAE3I,EAAAA,CAAK,EACxF,CACF,GAEAyJ,EAAOS,gBAAgB,CAAC,QAAS,AAAClK,IAChCwJ,EAAO,AAAItK,MAAM,CAAA,EAAGyJ,EAAI,sBAAsB,EAAE3I,EAAAA,CAAK,EACvD,EACF,GA7BuDqJ,EAH9CF,EAAkB,CAACR,EAAI,AAKlC,CCeO,MAAMwB,mBACHC,CAAAA,KAAAA,AACR,aACEC,CAAmB,CACnBC,CAAqB,CACrBC,CAAoB,CACZC,CAAwC,CAChDC,EAAsD,IAAMnB,QAAQC,OAAO,CAACpI,KAAAA,EAAU,CACtF,MAFQqJ,gBAAAA,CAAAA,EAGR,IAAI,CAACJ,KAAK,CAAGI,EAAiBE,IAAI,CAAC,MAAOC,GACxC,AAAKA,EAAcC,mBAAmB,EAGtC,MA1BsCxB,GAAa,CAAA,EA0B7BmB,EA1BuC,aAAa,CAAC,CAAE,IAAMM,OAAOC,cAAc,EA2BjG,CACLT,YAAAA,EACAC,cAAAA,EACAS,QAAS,CAAA,EACTC,KAAML,EAAcM,oBAAoB,EAAI,cAC5ClB,OAAQ,CAAA,EACRU,iBAAAA,CACF,GAVS,CAAEJ,YAAAA,EAAaC,cAAAA,EAAeS,QAAS,CAAA,EAAOhB,OAAQ,CAAA,EAAOU,iBAAAA,CAAiB,EAY3F,CAEAS,UAAY,SACH,IAAI,CAACd,KAAK,CAACM,IAAI,CAAC,AAACN,GAAUA,EAAMW,OAAO,CACjD,AAEAI,CAAAA,eAAiB,UACf,GAAM,CAAEd,YAAAA,CAAW,CAAEU,QAAAA,CAAO,CAAET,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACF,KAAK,CAChE,GAAKW,EAGL,OAAO,MAAMF,OAAOC,cAAc,CAACT,EAAa,CAAA,EAAGC,EAAc,OAAO,CAAC,CAC3E,CAAA,AAEAc,CAAAA,4BAA8B,UAC5B,IAEIC,EACAC,EAHE,CAAEP,QAAAA,CAAO,CAAEN,iBAAAA,CAAgB,CAAEO,KAAAA,CAAI,CAAE,CAAG,MAAM,IAAI,CAACZ,KAAK,CAa5D,OATI,AAACW,GACHO,CAAAA,EAAgB,MAAMb,GAAAA,EAEpBO,AAAS,gBAATA,EACFK,EAAmB,MAAM,IAAI,CAACF,cAAc,GAC1B,gBAATH,IACTK,EAAmB,MAAM,IAAI,CAACF,cAAc,GAC5CG,EAAgB,MAAMb,KAEjB,CAAEY,iBAAAA,EAAkBC,cAAAA,CAAc,CAC3C,CAAA,AAEAC,CAAAA,uBAAyB,MAAO7F,EAAmBT,KACjD,GAAM,CAAE8F,QAAAA,CAAO,CAAEN,iBAAAA,CAAgB,CAAE,CAAG,MAAM,IAAI,CAACL,KAAK,CACtD,GAAI1E,EAAEjB,IAAI,GAAKJ,GAAmBmH,eAAe,EAAIT,EAKnD,OAJI9F,EAAInF,IAAI,GACVmF,EAAInF,IAAI,CAACuL,gBAAgB,CAAG,MAAM,IAAI,CAACF,cAAc,GACrDlG,EAAInF,IAAI,CAACwL,aAAa,CAAG,MAAMb,KAE1BxF,CAET,OAAM,AAAI/F,MAAM,kDAClB,CAAA,AACF,CAEO,IAAMuM,GAAmC,IAAO,CAAA,CACrDP,UAAW,SAAY,CAAA,EACvBC,eAAgB,SAAYhK,KAAAA,EAC5BiK,4BAA6B,SAAa,CAAA,CACxCC,iBAAkBlK,KAAAA,EAClBmK,cAAenK,KAAAA,IAEjBoK,uBAAwB,UACtB,MAAM,AAAIrM,MAAM,iCAClB,CACF,CAAA,CCvFO,OAAMwM,GACX,OAAOC,QAAkDC,CAAa,CAAEC,CAAkC,CAAS,CASjH,IAAM7L,EAAM,IAAI4L,EAAWC,GAG3B,OAFAvM,OAAOwM,MAAM,CAAC9L,EAAK6L,GACnBvM,OAAOC,cAAc,CAACS,EAAK4L,EAAWpM,SAAS,EACxCQ,CACT,CAEA,OAAO+L,WAAWpK,CAA8B,CAAS,CACvD,GAAI,SAAUA,EACZ,OAAQA,EAAMtC,IAAI,EAChB,IAAK,yBACH,OAAOqM,GAAgBC,OAAO,CAAC1M,EAAwB0C,EACzD,KAAK,uBACH,OAAO+J,GAAgBC,OAAO,CAAChM,EAAsBgC,EACvD,KAAK,4BACH,OAAO+J,GAAgBC,OAAO,CAAC7K,EAA2Ba,EAC5D,KAAK,uBACH,OAAO+J,GAAgBC,OAAO,CAAC5K,EAAsBY,EACvD,KAAK,oBACH,OAAO+J,GAAgBC,OAAO,CAACxL,EAAmBwB,EACpD,KAAK,iBACH,OAAO+J,GAAgBC,OAAO,CAAC3K,EAAgBW,EACjD,KAAK,YACH,OAAO+J,GAAgBC,OAAO,CAACnD,UAAW7G,EAC5C,KAAK,cACH,OAAO+J,GAAgBC,OAAO,CAACK,YAAarK,EAC9C,KAAK,iBACH,OAAO+J,GAAgBC,OAAO,CAACM,eAAgBtK,EACjD,KAAK,aACH,OAAO+J,GAAgBC,OAAO,CAACO,WAAYvK,EAC7C,KAAK,YACH,OAAO+J,GAAgBC,OAAO,CAACQ,UAAWxK,EAC5C,KAAK,WACH,OAAO+J,GAAgBC,OAAO,CAACS,SAAUzK,EAC7C,CAEF,OAAO+J,GAAgBC,OAAO,CAACzM,MAAOyC,EACxC,CACF,CCpDO,MAAM0K,GACHC,YAAAA,AACAC,CAAAA,WAAAA,AACAC,CAAAA,KAAAA,AAER,aAAYzD,CAAqB,CAAE,CACjC,IAAI,CAACuD,YAAY,CAAGvD,EAAKuD,YAAY,CACrC,IAAI,CAACC,WAAW,CAAGxD,EAAKwD,WAAW,CAEnCE,YAAY,IAAI,CAACC,KAAK,CAAC1E,IAAI,CAAC,IAAI,EAAGe,EAAK4D,kBAAkB,EAC1D,IAAI,CAACH,KAAK,CAAG,EAAE,AACjB,CAEAI,SAASC,CAAuB,CAAEC,CAA8B,CAAE,CAChE,IAAI,CAACN,KAAK,CAAClF,IAAI,CAAC,CAAEuF,UAAAA,EAAWC,MAAAA,CAAM,GAC/B,IAAI,CAACN,KAAK,CAACpE,MAAM,EAAI,IAAI,CAACkE,YAAY,EACxC,IAAI,CAACI,KAAK,EAEd,CAEA,MAAMA,OAAQ,CACZ,GAAI,CAAC,IAAI,CAACF,KAAK,CAACpE,MAAM,CACpB,OAEF,IAAM2E,EAAgB,IAAI,CAACP,KAAK,AAChC,CAAA,IAAI,CAACA,KAAK,CAAG,EAAE,CACf,GAAI,CACF,MAAM/G,MAAM,IAAI,CAAC8G,WAAW,CAAE,CAC5B5H,OAAQ,OACRU,QAAS,CACP,eAAgB,kBAClB,EACAvF,KAAMY,KAAKC,SAAS,CAACoM,EACvB,EACF,CAAE,KAAM,CAER,CACF,CACF,CCpBO,IAAMC,GAAgB,CAC3BtN,EACAuN,EACAC,KAEA,IAAMC,EAAgC,EAAE,CACxC,IAAK,GAAM,CAAC5G,EAAK6G,EAAK,GAAI9N,OAAOgH,OAAO,CAAC4G,GAAQ,CAC/C,GAAIE,AAAQ,MAARA,EAAc,SAElB,IAAMC,EAAMJ,CAAG,CAAC1G,EAAI,CACpB,GAAI6G,CAAAA,EAAKE,UAAU,CAAC,aAAeD,AAAO,MAAPA,EAEnC,OAAQD,GACN,IAAK,SACL,IAAK,iBAEC,AADa,CAAA,AAAe,UAAf,OAAOC,GAAqBE,MAAMC,OAAO,CAACH,IAAQA,AAAQ,OAARA,CAAQ,GAEzEF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,mBAAmB,CAAC,GAE7E,KAGF,KAAK,SACL,IAAK,iBACC,AAAe,UAAf,OAAO8G,GACTF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,kBAAkB,CAAC,GAE5E,KAEF,KAAK,SACL,IAAK,iBACC,AAAe,UAAf,OAAO8G,GACTF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,kBAAkB,CAAC,GAE5E,KAEF,KAAK,cACL,IAAK,sBACC,AAACgH,MAAMC,OAAO,CAACH,IAASA,EAAII,KAAK,CAAC,AAACC,GAAQ,AAAe,UAAf,OAAOA,IACpDP,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,6BAA6B,CAAC,GAEvF,KAEF,KAAK,UACL,IAAK,kBACC,AAAe,WAAf,OAAO8G,GACTF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,mBAAmB,CAAC,EAGjF,CACF,CAEA,GAAI4G,EAAO/E,MAAM,CAAG,EAClB,GAAI+E,AAAkB,IAAlBA,EAAO/E,MAAM,CACf,MAAM+E,CAAM,CAAC,EAAE,MAEf,MAAM,AAAIQ,eAAeR,EAG/B,CC5EO,OAAMS,sCAGXC,CAAAA,aAAAA,AAOAC,CAAAA,oBAAAA,AAMA,aACEC,CAAsC,CAC9BC,CAAoE,CAC5E,MAFQD,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,EAER,IAAI,CAACH,aAAa,CAAG,CACnBI,KAAM,SACJ,IAAI,CAACF,cAAc,CAACG,QAAQ,CAAoC,CAC9DvF,IAAK,+BACL7I,KAAM,CACJqO,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EACAwD,OAAQ,MACV,GACF0J,OAAQ,IAAI,CAACL,oBAAoB,CAACM,iBAAiB,CACjD,MACEzI,IAEAmH,GAAc,wCAAyCnH,EAAM,CAC3D0I,yBAA0B,SAC1BC,kBAAmB,iBACnBC,kBAAmB,iBACnBC,sBAAuB,iBACvBC,qBAAsB,iBACtBC,sBAAuB,sBACvBC,cAAe,iBACfC,aAAc,iBACdC,qBAAsB,sBACtBC,WAAY,gBACd,GAEA,IAAMC,EAAc,CAClB,GAAGpJ,CAAI,CACPsI,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EAEA,OAAO,IAAI,CAAC4M,cAAc,CAACG,QAAQ,CAAiE,CAClGvF,IAAK,sCACL7I,KAAMmP,EACNtK,OAAQ,MACV,EACF,EAEJ,EAEA,IAAI,CAACmJ,oBAAoB,CAAG,CAC1BoB,SAAU,IAAI,CAAClB,oBAAoB,CAACM,iBAAiB,CACnD,MACEzI,IAEAmH,GAAc,iDAAkDnH,EAAM,CACpEsJ,gBAAiB,SACjBZ,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAMH,EAAc,CAClB,GAAGpJ,CAAI,CACPsI,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA,OAAO,IAAI,CAAC4M,cAAc,CAACG,QAAQ,CAA0E,CAC3GvF,IAAK,gDACL7I,KAAMmP,EACNtK,OAAQ,MACV,EACF,EAEJ,CACF,CACF,CCrFO,MAAM0K,iBACX,aAAoBtB,CAA8B,CAAE,MAAhCA,cAAAA,CAAAA,CAAiC,CAcrDuB,oBAAsB,MAAOzJ,GAC3B,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAiC,CAC3DvF,IAAK,iCACLhE,OAAQ,OACR7E,KAAM+F,GACR,AAuBF0J,CAAAA,qBAAuB,MAAO1J,GAC5B,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAkC,CAC5DvF,IAAK,kCACLhE,OAAQ,OACR7E,KAAM+F,GACR,AAEF2J,CAAAA,iBAAmB,MAAO3J,GACxB,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAA8B,CACxDvF,IAAK,0BACLhE,OAAQ,OACR7E,KAAM+F,GACR,AACJ,CC1DO,MAAM4J,uDAGXC,CAAAA,YAAAA,AAIA,aACU3B,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAC7D,MAAOzI,IACLmH,GAAc,oCAAqCnH,EAAM,CACvD+J,oBAAqB,QACvB,GACA,GAAM,CAAEvE,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA8D,CACxGiE,IAAK,kCACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CACF,CCdA,IAAMsE,GAAuBvG,QAAQC,OAAO,CAAC,CAC3CuG,+BAAgC,CAAA,CAClC,EAEO,OAAMC,sGAGXC,CAAAA,KAAAA,AAQAN,CAAAA,YAAAA,AAIAO,CAAAA,SAAAA,AAMA,aACElC,CAAsC,CACtCC,CAA4E,CAC5EkC,CAAkC,CAClCC,CAA+C,CAC/CC,EAAiCP,EAAoB,CACrDF,EAAsDlE,IAAkC,CACxF,MANQsC,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAC,yBAAAA,CAAAA,OACAC,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAER,IAAI,CAACK,KAAK,CAAG,CACXK,OAAQ,MAAOxK,IACbmH,GAAc,iCAAkCnH,EAAM,CACpDyK,cAAe,SACfC,oBAAqB,iBACrBC,mBAAoB,iBACpBnR,KAAM,iBACN+P,OAAQ,iBACRqB,MAAO,sBACPC,0BAA2B,gBAC7B,GAEO,IAAI,CAAC3C,cAAc,CAACG,QAAQ,CAA8B,CAC/DvF,IAAK,gCACL7I,KAAM+F,EACNlB,OAAQ,MACV,IAEFgM,cAAe,MAAO9K,IACpBmH,GAAc,wCAAyCnH,EAAM,CAC3DyK,cAAe,SACfnB,gBAAiB,SACjByB,mBAAoB,iBACpBC,kBAAmB,iBACnBC,oBAAqB,iBACrBC,mBAAoB,iBACpB3B,OAAQ,iBACR4B,yBAA0B,iBAC1BC,0BAA2B,gBAC7B,GAEA,IAAMC,EAAsB,MAAM,IAAI,CAACC,gBAAgB,GACjDlC,EAAc,CAClB,GAAGpJ,CAAI,CACPqL,oBAAAA,CACF,EACA,OAAO,IAAI,CAACnD,cAAc,CAACG,QAAQ,CAAoC,CACrEvF,IAAK,yCACL7I,KAAMmP,EACNtK,OAAQ,MACV,EACF,EACAsL,UAAW,CACTmB,KAAM,MACJvL,IAEAmH,GAAc,yCAA0CnH,EAAM,CAC5DyK,cAAe,SACfe,uBAAwB,iBACxBR,kBAAmB,iBACnBzB,OAAQ,iBACRkC,6BAA8B,gBAChC,GAEA,GAAM,CAAEjG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F8F,EAAsB,MAAM,IAAI,CAACC,gBAAgB,GACjDlC,EAAc,CAClB,GAAGpJ,CAAI,CACPqL,oBAAAA,EACA7F,iBAAAA,EACAC,cAAAA,CACF,EACA,OAAO,IAAI,CAACyC,cAAc,CAACrJ,iBAAiB,CAA0C,CACpFiE,IAAK,wCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,CACF,CACF,EAEA,IAAI,CAACmE,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,MAAOzI,IACrEmH,GAAc,iCAAkCnH,EAAM,CACpD0L,kBAAmB,SACnBhD,yBAA0B,SAC1Ba,OAAQ,gBACV,GAQA,IAAMoC,EAAsB,MAAM,IAAI,CAACrB,yBAAyB,CAACsB,SAAS,GAEtEtM,EAAwE,KAE5E,GAAIqM,GAAqBE,cACvB,GAAI,CACFvM,EAAO,MAAM,IAAI,CAACwM,yBAAyB,CAAC,IAAI,CAACxB,yBAAyB,CAAEtK,EAC9E,CAAE,MAAOH,EAAG,CACV,GAAIA,EAAatG,OAAO,CAAC2G,QAAQ,CAAC,QAGhCiD,QAAQ4I,GAAG,CACT,oHAGF,MAAMlM,CAEV,CAOF,OAJI,AAACP,GACHA,CAAAA,EAAO,MAAM,IAAI,CAACwM,yBAAyB,CAAC,IAAI,CAACzB,YAAY,CAAErK,EAAAA,EAG1DV,CACT,GAEA,IAAI,CAAC8K,SAAS,CAAG,CACfP,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,2CAA4CnH,EAAM,CAC9DgM,4BAA6B,QAC/B,GAEA,IAAMC,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAE1C,CAAEpG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7F6D,EAAc,CAClB8C,mBAAoBD,GAAQJ,cAC5BrG,iBAAAA,EACAC,cAAAA,EACA,GAAGzF,CAAAA,AACL,EACMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,0CACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,EAEJ,CACF,CAEA,MAAcgM,kBAAgD,CAC5D,GAAM,CAAErB,+BAAAA,CAA8B,CAAE,CAAG,MAAM,IAAI,CAACM,OAAO,CAC7D,GAAI,CAACN,EACH,OAEF,IAAImC,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,UAC/C,AAAIQ,EACKA,EAAQC,cAAc,CAGxBD,AADPA,CAAAA,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACvCD,cAAc,AAC/B,CAEA,MAAcP,0BACZS,CAAyB,CACzBvM,CAAsC,CAC6B,CACnE,IAAMiM,EAAS,MAAMM,EAAYX,SAAS,GAEpC,CAAEpG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7F6D,EAAc,CAClB8C,mBAAoBD,GAAQJ,cAC5BrG,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,EAC/F,GAAG0E,CAAAA,AACL,EACMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAA2D,CACjHiE,IAAK,gCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA6G,EAAYJ,WAAW,GAEhB7M,CACT,CACF,CC9NO,IAAAkN,GAAA,8FAGL3C,CAAAA,YAAAA,AAEAO,CAAAA,SAAAA,AAMAqC,CAAAA,MAAAA,AAOAC,CAAAA,SAAAA,AAOAC,CAAAA,OAAAA,AAOAC,CAAAA,KAAAA,AAOAC,CAAAA,MAAAA,AAOA,aACE3E,CAAwC,CACxCC,CAA8E,CAC9EkC,CAAoC,CAC1ByC,CAA6B,CAC7BvC,CAAe,CACfT,CAA2C,CACrD,MANU5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAyC,cAAAA,CAAAA,OACAvC,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAEV,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,MAAOhN,IACrE0L,GAAc,4BAA6B1L,EAAS,CAClDsR,YAAa,SACbrE,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAM6C,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,EAE7C,CAACQ,GACHY,GACE,mOAMJ,GAAM,CAAExH,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7FjG,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAAsD,CAC5GiE,IAAK,0BACLhE,OAAQ,OACR7E,KAAM,CACJiS,mBAAoBE,GAASP,cAC7BrG,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,EAC/F,GAAGG,CAAAA,AACL,EACA0D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,GAEA,IAAI,CAAC8K,SAAS,CAAG,CACfP,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,sCAAuCnH,EAAM,CACzDiN,sBAAuB,QACzB,GAEA,IAAMhB,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAE1C,CAAEpG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7F6D,EAAc,CAClB8C,mBAAoBD,GAAQJ,cAC5BrG,iBAAAA,EACAC,cAAAA,EACA,GAAGzF,CAAAA,AACL,EACMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,oCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,EAEJ,EAEA,IAAI,CAACmN,MAAM,CAAG,CACZS,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBC,MAAM,EACnDqR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBC,MAAM,CAC9D,CACF,EAEA,IAAI,CAAC2T,SAAS,CAAG,CACfQ,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBE,SAAS,EACtDoR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBE,SAAS,CACjE,CACF,EAEA,IAAI,CAAC2T,OAAO,CAAG,CACbO,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBG,OAAO,EACpDmR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBG,OAAO,CAC/D,CACF,EAEA,IAAI,CAAC2T,KAAK,CAAG,CACXM,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBI,KAAK,EAClDkR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBI,KAAK,CAC7D,CACF,EAEA,IAAI,CAAC2T,MAAM,CAAG,CACZK,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBK,MAAM,EACnDiR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBK,MAAM,CAC9D,CACF,CACF,CAEA,MAAgBkU,eAAgB,CAC9B,GAAM,CAAEC,YAAAA,CAAW,CAAE,CAAG,MAAM,IAAI,CAACR,cAAc,QACjD,AAAIQ,EAEK,CAAC,QAAQ,EAAEA,EAAAA,CAAa,CAIjC,ACpLgDC,ADoL1B,IAAI,CAAChD,OAAO,CAAC/F,WAAW,CCpLQtE,QAAQ,CAAC,qBDqLtD,IAAI,CAACqK,OAAO,CAACiD,UAAU,CAEzB,IAAI,CAACjD,OAAO,CAACkD,UAAU,AAChC,CAEUN,eAAeO,CAA+B,CAAE,CACxD,OAAO,MAAOjS,IACZ,GAAM,CACJ6N,gBAAAA,CAAe,CACfV,kBAAAA,CAAiB,CACjBmC,mBAAAA,CAAkB,CAClBE,oBAAAA,CAAmB,CACnB0C,cAAAA,CAAa,CACbC,gBAAAA,CAAe,CAChB,CAAGnS,EACE,CAAEoS,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACf,cAAc,CACpDgB,EAAU,MAAM,IAAI,CAACT,aAAa,GAElCU,EAAW,IAAIhL,IAAI,CAAA,EAAG+K,EAAQ,qBAAqB,EAAEJ,EAAa,MAAM,CAAC,EAoB/E,GAnBAK,EAASC,YAAY,CAACC,GAAG,CAAC,eAAgB,IAAI,CAAC1D,OAAO,CAAC/F,WAAW,EAC9D8E,GAAmBA,AAAmB,IAAnBA,GACrByE,EAASC,YAAY,CAACC,GAAG,CAAC,kBAAmB3E,GAG3CV,GAAqBA,AAAqB,IAArBA,GACvBmF,EAASC,YAAY,CAACC,GAAG,CAAC,OAAQrF,GAGhC+E,IACFxG,GACE,iBACA,CAAEwG,cAAAA,GACF,CACEA,cAAe,aACjB,GAEFI,EAASC,YAAY,CAACC,GAAG,CAAC,gBAAiBN,EAActT,IAAI,CAAC,OAE5DuT,EAQF,IAAK,IAAMlN,KAPXyG,GACE,iBACA,CAAEyG,gBAAAA,GACF,CACEA,gBAAiB,gBACnB,GAEgBA,EAChBG,EAASC,YAAY,CAACC,GAAG,CAAC,YAAcvN,EAAKkN,CAAe,CAAClN,EAAI,EAIrE,GAAImN,EAAsB,CACxB,IAAMzB,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,GAC5DyB,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuB7B,EAAQC,cAAc,CACzE,MACE,IAAI,CAAChC,YAAY,CAAC8B,WAAW,EAG3BpB,CAAAA,GAAoBgD,EAASC,YAAY,CAACC,GAAG,CAAC,qBAAsBlD,GACpEE,GAAqB8C,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuBhD,GAE1E,IAAI,CAACiD,QAAQ,CAACH,EAChB,CACF,CAEUX,wBAAwBM,CAA+B,CAAE,CACjE,OAAO,MAAOjS,IACZ,GAAM,CAAE+P,uBAAAA,CAAsB,CAAEmC,cAAAA,CAAa,CAAEC,gBAAAA,CAAe,CAAE,CAAGnS,EAC7D,CAAEoS,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACf,cAAc,CACpDgB,EAAU,MAAM,IAAI,CAACT,aAAa,GAElCU,EAAW,IAAIhL,IAAI,CAAA,EAAG+K,EAAQ,qBAAqB,EAAEJ,EAAa,gBAAgB,CAAC,EAYzF,GAXAK,EAASC,YAAY,CAACC,GAAG,CAAC,eAAgB,IAAI,CAAC1D,OAAO,CAAC/F,WAAW,EAC9DmJ,IACFxG,GACE,iBACA,CAAEwG,cAAAA,GACF,CACEA,cAAe,aACjB,GAEFI,EAASC,YAAY,CAACC,GAAG,CAAC,gBAAiBN,EAActT,IAAI,CAAC,OAE5DuT,EAQF,IAAK,IAAMlN,KAPXyG,GACE,iBACA,CAAEyG,gBAAAA,GACF,CACEA,gBAAiB,gBACnB,GAEgBA,EAChBG,EAASC,YAAY,CAACC,GAAG,CAAC,YAAcvN,EAAKkN,CAAe,CAAClN,EAAI,EAIrE,GAAImN,EAAsB,CACxB,IAAMzB,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,GAC5DyB,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuB7B,EAAQC,cAAc,CACzE,MACE,IAAI,CAAChC,YAAY,CAAC8B,WAAW,EAG3BX,CAAAA,GACFuC,EAASC,YAAY,CAACC,GAAG,CAAC,yBAA0BzC,GAGtD,IAAI,CAAC0C,QAAQ,CAACH,EAChB,CACF,CAGAG,SAASpL,CAAQ,CAAE,CACjBkC,OAAOmJ,QAAQ,CAACC,IAAI,CAAGtL,EAAIpB,QAAQ,EACrC,CACF,CE/QO,OAAM2M,wDAGX,aACUnG,CAA8B,CAC9BoG,CAAiC,CACjCnG,CAAoE,CAC5E,MAHQD,cAAAA,CAAAA,OACAoG,iBAAAA,CAAAA,OACAnG,oBAAAA,CAAAA,CACP,CAEHlI,IAAM,UACJ,IAAMX,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAkD,CAC/FvF,IAAK,wBACLhE,OAAQ,KACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoG,kBAAkB,CAACjP,EAAKkP,YAAY,EACvDlP,EAAKkP,YAAY,AAC1B,CAAA,AAEAC,CAAAA,QAAU,IACD,IAAI,CAACtG,oBAAoB,CAACuG,eAAe,EAClD,AAEAC,CAAAA,QAAU,IAAyB,CAAA,CACjCH,aAAc,IAAI,CAACC,OAAO,GAC1BG,UAAW,IAAI,CAACzG,oBAAoB,CAAC0G,YAAY,EACnD,CAAA,CAAA,AAEAC,CAAAA,SAAW,AAACC,GACH,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,GAAUwK,EAASxK,GAAOiK,cAAgB,MAC/F,AAEAS,CAAAA,OAAS,MAAOjP,IACd,IAAMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAiC,CAC9EvF,IAAK,wBACLhE,OAAQ,MACR7E,KAAM+F,CACR,GAGA,OADA,IAAI,CAACmI,oBAAoB,CAACoG,kBAAkB,CAACjP,EAAKkP,YAAY,EACvDlP,CACT,CAAA,AAEA4P,CAAAA,OAAS,UACP,IAAM5P,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAiC,CAC9EvF,IAAK,wBACLhE,OAAQ,QACV,GAIA,OAFA,IAAI,CAACqJ,oBAAoB,CAACgH,YAAY,GAE/B7P,CACT,CAAA,AAEA8P,CAAAA,UAAY,MAAOpP,IACjBmH,GAAc,gCAAiCnH,EAAM,CACnD4I,kBAAmB,QACrB,GAEO,IAAI,CAACV,cAAc,CAACG,QAAQ,CAAoC,CACrEvF,IAAK,4BACLhE,OAAQ,OACR7E,KAAM+F,CACR,GACF,AAEAqP,CAAAA,iBAAmB,SACV,IAAI,CAACnH,cAAc,CAACG,QAAQ,CAA2C,CAC5EvF,IAAK,oCACLhE,OAAQ,KACV,EACF,AAEAwQ,CAAAA,gBAAkB,MAChBtP,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAA0C,CAC3EvF,IAAK,CAAC,kCAAkC,EAAE9C,EAAKuP,gBAAgB,CAAA,CAAE,CACjEzQ,OAAQ,KACV,EACF,AAEA0Q,CAAAA,QAAU,CACRhH,OAAQ,MAAOxI,GACN,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAwC,CACzEvF,IAAK,6BACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEFyP,OAAQ,MAAOzP,GACN,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAwC,CACzEvF,IAAK,uCACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEFiP,OAAQ,MAAOjP,IACb,IAAM0P,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAAwC,CACzFvF,IAAK,CAAC,2BAA2B,EAAE9C,EAAK2P,SAAS,CAAA,CAAE,CACnD7Q,OAAQ,MACR7E,KAAM+F,CACR,GAGA,OADA,IAAI,CAAC4P,kBAAkB,CAACF,GACjBA,CACT,EACAG,eAAgB,MAAOC,IACrB,IAAMJ,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAA+C,CAChGvF,IAAK,CAAC,qCAAqC,EAAEgN,EAAAA,CAAY,CACzDhR,OAAQ,QACV,GAGA,OADA,IAAI,CAAC8Q,kBAAkB,CAACF,GACjBA,CACT,EACAK,qBAAsB,MAAOC,IAC3B,IAAMN,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAAqD,CACtGvF,IAAK,CAAC,6CAA6C,EAAEkN,EAAAA,CAAU,CAC/DlR,OAAQ,QACV,GAGA,OADA,IAAI,CAAC8Q,kBAAkB,CAACF,GACjBA,CACT,EACAO,cAAe,MAAOD,IACpB,IAAMN,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAA8C,CAC/FvF,IAAK,CAAC,gCAAgC,EAAEkN,EAAAA,CAAU,CAClDlR,OAAQ,QACV,GAGA,OADA,IAAI,CAAC8Q,kBAAkB,CAACF,GACjBA,CACT,EACAR,OAAQ,MAAOc,IACb,IAAMN,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAAwC,CACzFvF,IAAK,CAAC,2BAA2B,EAAEkN,EAAAA,CAAU,CAC7ClR,OAAQ,QACV,GAMA,OAJIkR,IAAa,IAAI,CAAC7H,oBAAoB,CAAC+H,SAAS,IAAIP,WACtD,IAAI,CAACxH,oBAAoB,CAACgH,YAAY,GAGjCO,CACT,EACAS,WAAY,MAAOH,GACV,IAAI,CAAC9H,cAAc,CAACG,QAAQ,CAA4C,CAC7EvF,IAAK,CAAC,2BAA2B,EAAEkN,EAAS,WAAW,CAAC,CACxDlR,OAAQ,KACV,GAEFsR,mBAAoB,MAClBpQ,IAEA,GAAM,CAAE2P,UAAAA,CAAS,CAAE,GAAG1V,EAAM,CAAG+F,EACzB0P,EAAW,MAAM,IAAI,CAACpB,iBAAiB,CAACjG,QAAQ,CAAmD,CACvGvF,IAAK,CAAC,2BAA2B,EAAE6M,EAAU,qBAAqB,CAAC,CACnE7Q,OAAQ,OACR7E,KAAAA,CACF,GAGA,OADA,IAAI,CAAC2V,kBAAkB,CAACF,GACjBA,CACT,EACAW,iBAAkB,MAChBrQ,IAEA,GAAM,CAAE2P,UAAAA,CAAS,CAAE,GAAG1V,EAAM,CAAG+F,EACzB0P,EAAW,MAAM,IAAI,CAACpB,iBAAiB,CAACjG,QAAQ,CAAiD,CACrGvF,IAAK,CAAC,2BAA2B,EAAE6M,EAAU,mBAAmB,CAAC,CACjE7Q,OAAQ,OACR7E,KAAAA,CACF,GAGA,OADA,IAAI,CAAC2V,kBAAkB,CAACF,GACjBA,CACT,EACAL,iBAAkB,MAChBrP,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAiD,CAClFvF,IAAK,CAAC,0BAA0B,EAAE9C,EAAK2P,SAAS,CAAC,eAAe,CAAC,CACjE7Q,OAAQ,KACV,GAEFwR,mBAAoB,MAClBtQ,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAmD,CACpFvF,IAAK,CAAC,2BAA2B,EAAE9C,EAAK2P,SAAS,CAAC,gBAAgB,EAAE3P,EAAKuP,gBAAgB,CAAC,OAAO,CAAC,CAClGzQ,OAAQ,MACV,GAEJ,AAEQ8Q,CAAAA,mBAAqB,AAACF,IACxBA,EAASC,SAAS,GAAK,IAAI,CAACxH,oBAAoB,CAAC+H,SAAS,IAAIP,WAChE,IAAI,CAACxH,oBAAoB,CAACoI,YAAY,CAACb,EAASc,MAAM,CAE1D,CAAA,AACF,CC5NO,MAAMC,uDAGXC,CAAAA,GAAAA,AAKAvG,CAAAA,KAAAA,AAaA,aACUjC,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAAC4G,GAAG,CAAG,CACTnF,KAAM,MAAOvL,IACXmH,GAAc,uBAAwBnH,EAAM,CAC1CsJ,gBAAiB,SACjBqG,UAAW,SACXgB,iBAAkB,iBAClBpH,OAAQ,gBACV,GACA,GAAM,CAAE/D,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAqB,CAC/DiE,IAAK,qBACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACAwD,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAmE,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MAAOzI,IACLmH,GAAc,+BAAgCnH,EAAM,CAClD0I,yBAA0B,SAC1BY,gBAAiB,SACjBqG,UAAW,SACXiB,KAAM,SACNC,mBAAoB,gBACtB,GACA,GAAM,CAAErL,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA,OAAO,IAAI,CAAC4M,cAAc,CAACrJ,iBAAiB,CAAoD,CAC9FiE,IAAK,6BACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,EAEA,IAAI,CAACyE,KAAK,CAAG,CACXW,cAAe,MAAO9K,IACpBmH,GAAc,kCAAmCnH,EAAM,CACrDsJ,gBAAiB,SACjBmB,cAAe,SACfO,kBAAmB,iBACnBE,mBAAoB,iBACpB3B,OAAQ,iBACR4B,yBAA0B,iBAC1BC,0BAA2B,gBAC7B,GAEA,GAAM,CAAE5F,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAoC,CAC9EiE,IAAK,kCACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAmE,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,iCAAkCnH,EAAM,CACpD4Q,KAAM,SACNnG,cAAe,SACfnB,gBAAiB,SACjBZ,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,GAAM,CAAE/D,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA0D,CACpGiE,IAAK,+BACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPsI,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,EACvFkK,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,GAEF0E,UAAW,CACTmB,KAAM,MAAOvL,IACXmH,GAAc,mCAAoCnH,EAAM,CACtDyK,cAAe,SACfO,kBAAmB,iBACnBzB,OAAQ,iBACRkC,6BAA8B,gBAChC,GAEA,GAAM,CAAEjG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,CACF,EACA,OAAO,IAAI,CAACyC,cAAc,CAACrJ,iBAAiB,CAAmC,CAC7EiE,IAAK,iCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAmE,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,2CAA4CnH,EAAM,CAC9D4Q,KAAM,SACNnG,cAAe,QACjB,GAEA,GAAM,CAAEjF,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB5D,iBAAAA,EACAC,cAAAA,EACA,GAAGzF,CAAAA,AACL,EAEA,OAAO,IAAI,CAACkI,cAAc,CAACrJ,iBAAiB,CAE1C,CACAiE,IAAK,yCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CACF,CACF,CACF,CCjKA,IAAMsE,GAAuBvG,QAAQC,OAAO,CAAC,CAC3CoN,8BAA+B,CAAA,CACjC,EAEO,OAAMC,4EAGXlH,CAAAA,YAAAA,AAIAO,CAAAA,SAAAA,AAYA4G,CAAAA,YAAAA,AAIAC,CAAAA,uBAAAA,AAIAC,CAAAA,cAAAA,AAIA,aACEhJ,CAAsC,CAC9BC,CAAoE,CACpEkC,CAA0B,CAClCE,EAAiCP,EAAoB,CAC7CF,CAA2C,CACnD,MALQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAE,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAER,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAC7D,MACEhN,IAEA0L,GAAc,gCAAiC1L,EAAS,CACtD6N,gBAAiB,SACjB6H,SAAU,SACV1G,cAAe,SACf/B,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAM0C,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CC,EAAgBI,GAAQJ,cACxB,CAAErG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAyD,CACnGiE,IAAK,8BACLhE,OAAQ,OACR7E,KAAM,CACJqP,gBAAiB7N,EAAQ6N,eAAe,CACxCmB,cAAehP,EAAQgP,aAAa,CACpC0G,SAAU1V,EAAQ0V,QAAQ,CAC1BzI,yBAA0BjN,EAAQiN,wBAAwB,CAC1Da,OAAQ9N,EAAQ8N,MAAM,CACtB9D,cAAAA,EACAD,iBAAAA,EACAqG,cAAAA,EACAvD,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,GAGF,IAAI,CAAC0E,SAAS,CAAG,CACfgH,kBAAmB,MACjB3V,IAEA0L,GAAc,+CAAgD1L,EAAS,CACrEgP,cAAe,SACfe,uBAAwB,iBACxB6F,4BAA6B,iBAC7BC,2BAA4B,iBAC5BC,kCAAmC,iBACnCC,yBAA0B,iBAC1BjI,OAAQ,gBACV,GAEA,IAAM8B,EAAsB,MAAM,IAAI,CAACC,gBAAgB,GACjD,CAAE9F,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAgD,CAC1FiE,IAAK,uCACLhE,OAAQ,OACR7E,KAAM,CACJwQ,cAAehP,EAAQgP,aAAa,CACpCe,uBAAwB/P,EAAQ+P,sBAAsB,CACtD6F,4BAA6B5V,EAAQ4V,2BAA2B,CAChEE,kCAAmC9V,EAAQ8V,iCAAiC,CAC5ED,2BAA4B7V,EAAQ6V,0BAA0B,CAC9DE,yBAA0B/V,EAAQ+V,wBAAwB,CAC1DjI,OAAQ9N,EAAQ8N,MAAM,CACtB8B,oBAAAA,EACA5F,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAsL,aAAc,IAAI,CAAC7I,oBAAoB,CAACM,iBAAiB,CACvD,MACEhN,IAEA0L,GAAc,0CAA2C1L,EAAS,CAChEgW,qBAAsB,SACtBN,SAAU,QACZ,GAEA,GAAM,CAAE3L,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F0G,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CM,EAAqBD,GAAQJ,cAE7BvM,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,iCACLhE,OAAQ,OACR7E,KAAM,CACJwX,qBAAsBhW,EAAQgW,oBAAoB,CAClDN,SAAU1V,EAAQ0V,QAAQ,CAC1B1L,cAAAA,EACAD,iBAAAA,EACA0G,mBAAAA,EACA5D,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,GAGFuK,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEhN,IAEA0L,GAAc,0CAA2C1L,EAAS,CAChE0V,SAAU,SACV1G,cAAe,QACjB,GAEA,IAAMwB,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CC,EAAgBI,GAAQJ,cACxB,CAAErG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAC1C,CACEiE,IAAK,wCACLhE,OAAQ,OACR7E,KAAM,CACJwQ,cAAehP,EAAQgP,aAAa,CACpC0G,SAAU1V,EAAQ0V,QAAQ,CAC1B1L,cAAAA,EACAD,iBAAAA,EACAqG,cAAAA,CACF,EACA1M,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EAEJ,EAEJ,EAEA,IAAI,CAACsL,YAAY,CAAG,IAAI,CAAC7I,oBAAoB,CAACM,iBAAiB,CAC7D,MACEhN,IAEA0L,GAAc,gCAAiC1L,EAAS,CACtDgW,qBAAsB,SACtBN,SAAU,SACVzI,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,GAAM,CAAE/D,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F0G,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CC,EAAgBI,GAAQJ,cAExBvM,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,6BACLhE,OAAQ,OACR7E,KAAM,CACJwX,qBAAsBhW,EAAQgW,oBAAoB,CAClDN,SAAU1V,EAAQ0V,QAAQ,CAC1BzI,yBAA0BjN,EAAQiN,wBAAwB,CAC1Da,OAAQ9N,EAAQ8N,MAAM,CACtB9D,cAAAA,EACAD,iBAAAA,EACAqG,cAAeA,EACfvD,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAGA,OADA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GACtB7M,CACT,GAGF,IAAI,CAAC2R,uBAAuB,CAAG,IAAI,CAAC9I,oBAAoB,CAACM,iBAAiB,CACxE,MACEhN,IAEA0L,GAAc,2CAA4C1L,EAAS,CACjEgP,cAAe,SACfiH,kBAAmB,SACnBC,aAAc,SACdpI,OAAQ,iBACRb,yBAA0B,QAC5B,GAEA,GAAM,CAAElD,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAC1C,CACEiE,IAAK,yCACLhE,OAAQ,OACR7E,KAAM,CACJqP,gBAAiB7N,EAAQ6N,eAAe,CACxCmB,cAAehP,EAAQgP,aAAa,CACpCiH,kBAAmBjW,EAAQiW,iBAAiB,CAC5CC,aAAclW,EAAQkW,YAAY,CAClCpI,OAAQ9N,EAAQ8N,MAAM,CACtBb,yBAA0BjN,EAAQiN,wBAAwB,CAC1DjD,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EAEJ,GAGF,IAAI,CAACwL,cAAc,CAAG,IAAI,CAAC/I,oBAAoB,CAACM,iBAAiB,CAC/D,MACEhN,IAEA0L,GAAc,kCAAmC1L,EAAS,CACxD0V,SAAU,QACZ,GAEA,GAAM,CAAE3L,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA2D,CACrGiE,IAAK,+BACLhE,OAAQ,OACR7E,KAAM,CACJkX,SAAU1V,EAAQ0V,QAAQ,CAC1B1L,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CAEA,MAAc4F,kBAAgD,CAC5D,GAAM,CAAEwF,8BAAAA,CAA6B,CAAE,CAAG,MAAM,IAAI,CAACvG,OAAO,CAC5D,GAAI,CAACuG,EACH,OAEF,IAAI1E,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,UAC/C,AAAIQ,EACKA,EAAQC,cAAc,CAGxBD,AADPA,CAAAA,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACvCD,cAAc,AAC/B,CAEA,MAAM+E,kBAAkB3V,CAA4C,CAAiD,CACnH0L,GAAc,qCAAsC1L,EAAS,CAC3DgP,cAAe,SACfM,mBAAoB,iBACpBsG,4BAA6B,iBAC7BC,2BAA4B,iBAC5BC,kCAAmC,iBACnCC,yBAA0B,iBAC1BjI,OAAQ,gBACV,GAEA,IAAM8C,EAAiB,MAAM,IAAI,CAACf,gBAAgB,GAC5C,CAAE9F,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAuC,CACjFiE,IAAK,mCACLhE,OAAQ,OACR7E,KAAM,CACJqP,gBAAiB7N,EAAQ6N,eAAe,CACxCmB,cAAehP,EAAQgP,aAAa,CACpCM,mBAAoBtP,EAAQsP,kBAAkB,CAC9CsG,4BAA6B5V,EAAQ4V,2BAA2B,CAChEE,kCAAmC9V,EAAQ8V,iCAAiC,CAC5ED,2BAA4B7V,EAAQ6V,0BAA0B,CAC9DE,yBAA0B/V,EAAQ+V,wBAAwB,CAC1DjI,OAAQ9N,EAAQ8N,MAAM,CACtB8C,eAAAA,EACA5G,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,CAEA,MAAMkM,cAAcnW,CAAwC,CAA6C,CAMvG,OALA0L,GAAc,iCAAkC1L,EAAS,CACvDgP,cAAe,iBACf0G,SAAU,QACZ,GAEO,IAAI,CAACjJ,cAAc,CAACG,QAAQ,CAAmC,CACpEvF,IAAK,gCACLhE,OAAQ,OACR7E,KAAM,CACJwQ,cAAehP,EAAQgP,aAAa,CACpC0G,SAAU1V,EAAQ0V,QAAAA,AACpB,CACF,EACF,CACF,CC5UO,MAAMU,kBACHC,CAAAA,SAAAA,AAER,aACElH,CAA8B,CACvBmH,CAA+B,CACtC,MAFOnH,KAAAA,CAAAA,OACAmH,SAAAA,CAAAA,EAEP,IAAI,CAACD,SAAS,CAAG,CAAA,EACjBlH,EAAMoH,OAAO,CAAC,AAACC,GAAU,IAAI,CAACH,SAAS,CAACG,EAAKC,OAAO,CAAC,CAAGD,EAC1D,CAEA,OAAOE,SAASvR,CAAoB,CAAc,CAChD,OAAO,IAAIiR,GAAWjR,EAAMgK,KAAK,CAAEhK,EAAMmR,SAAS,CACpD,CASAK,qBAAqBC,CAA6B,CAAc,CAI9D,OAAO,IAAIR,GAHS,IAAI,IAAI,CAACjH,KAAK,IAAKyH,EAAY,CAGhB,IAAI,CAACN,SAAS,CACnD,CAQAO,mBAAmBC,CAAqB,CAAEC,CAAkB,CAAExR,CAAc,CAAW,CACrF,MAAO,CAAC,CAACuR,EACNrY,GAAG,CAAC,AAACuY,GAAW,IAAI,CAACX,SAAS,CAACW,EAAO,EAGtCC,MAAM,CAAC,AAACC,GAAMA,GACdC,OAAO,CAAC,AAACX,GAASA,EAAKY,WAAW,EAClCH,MAAM,CAAC,AAACI,GAAeA,EAAWC,WAAW,GAAKP,GAClDQ,IAAI,CAAC,AAACF,GAAeA,EAAWG,OAAO,CAAC/S,QAAQ,CAACc,IAAW8R,EAAWG,OAAO,CAAC/S,QAAQ,CA/E/D,KAgF7B,CASAgT,wBAAwBX,CAAqB,CAA2C,CACtF,IAAMY,EAAuD1Z,OAAO+O,MAAM,CAAC,MAO3E,OANA,IAAI,CAACuJ,SAAS,CAACC,OAAO,CAAC,AAACoB,IACtBD,CAAW,CAACC,EAASL,WAAW,CAAC,CAAG,CAAA,EACpCK,EAASH,OAAO,CAACjB,OAAO,CAAC,AAAChR,IACxBmS,CAAW,CAACC,EAASL,WAAW,CAAC,CAAC/R,EAAO,CAAG,IAAI,CAACsR,kBAAkB,CAACC,EAAaa,EAASL,WAAW,CAAE/R,EACzG,EACF,GACOmS,CACT,CACF,CCvFO,MAAME,uBAGHC,CAAAA,YAAAA,AACAC,CAAAA,aAAAA,AACR,aACEC,CAA0B,CAC1BC,CAA4B,CACpBtL,CAAoE,CAC5E,MADQA,oBAAAA,CAAAA,EAER,IAAI,CAACmL,YAAY,CAAGE,EAAaE,UAAU,CAAG7B,GAAWM,QAAQ,CAACqB,EAAaE,UAAU,EAAI,KAC7F,IAAI,CAACH,aAAa,CAAGE,EAAc5O,IAAI,CAAC,AAAC7E,GACvC,AAAKA,EAAK0T,UAAU,EAKpB,IAAI,CAACJ,YAAY,CAAGzB,GAAWM,QAAQ,CAACnS,EAAK0T,UAAU,EAChD,IAAI,CAACJ,YAAY,GALtBtG,GAAa,oFACN,IAAI6E,GAAW,EAAE,CAAE,EAAE,GAMlC,CAKA,MAAc8B,oBAA0C,CACtD,IAAMC,EAAgB,MAAM,IAAI,CAACL,aAAa,CACxC/E,EAAe,IAAI,CAACrG,oBAAoB,CAACuG,eAAe,UAG9D,AAAKF,GAAcqF,cAActR,OAI1BqR,EAAcxB,oBAAoB,CAAC5D,EAAaqF,YAAY,EAH1DD,CAIX,CAMAE,wBAAoD,CAClD,GAAI,CAAC,IAAI,CAACR,YAAY,CACpB,OAAO,KAGT,IAAM9E,EAAe,IAAI,CAACrG,oBAAoB,CAACuG,eAAe,UAG9D,AAAKF,GAAcqF,cAActR,OAI1B,IAAI,CAAC+Q,YAAY,CAAClB,oBAAoB,CAAC5D,EAAaqF,YAAY,EAH9D,IAAI,CAACP,YAAY,AAI5B,CAEAS,gBAA6D,CAC3D,OAAO,IAAI,CAACJ,kBAAkB,GAAG9O,IAAI,CACnC,AAACmP,GAAWA,EAAOd,uBAAuB,CAAC,IAAI,CAACe,OAAO,IAE3D,CAEAC,iBAA+D,CAAC1B,EAAYxR,KAC1E,IAAMmT,EAAkB,IAAI,CAACL,sBAAsB,GACnD,MAAO,CAAC,CAACK,GAAiB7B,mBAAmB,IAAI,CAAC2B,OAAO,GAAIzB,EAAsBxR,EACrF,CAAA,AAEAoT,CAAAA,aAAuD,CAAC5B,EAAYxR,IAC3D,IAAI,CAAC2S,kBAAkB,GAAG9O,IAAI,CAAC,AAACmP,GACrCA,EAAO1B,kBAAkB,CAAC,IAAI,CAAC2B,OAAO,GAAIzB,EAAsBxR,GAEpE,AAEQiT,CAAAA,SAAU,CAChB,IAAMI,EAAU,IAAI,CAAClM,oBAAoB,CAACmM,UAAU,UACpD,AAAKD,EAOEA,EAAQzJ,KAAK,EAAI,EAAE,CANjB,EAAE,AAOb,CACF,CCrFO,MAAM2J,uDAGXC,CAAAA,OAAAA,AAEA,aACUtM,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAAC0K,OAAO,CAAG,IAAI,CAACrM,oBAAoB,CAACM,iBAAiB,CACxD,MAAOzI,IACLmH,GAAc,+BAAgCnH,EAAM,CAClDsJ,gBAAiB,SACjBqG,UAAW,SACX8E,cAAe,SACf/L,yBAA0B,QAC5B,GACA,GAAM,CAAElD,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA,OAAO,IAAI,CAAC4M,cAAc,CAACrJ,iBAAiB,CAAqD,CAC/FiE,IAAK,8BACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CAEA,MAAMgP,QAA8C,CAClD,GAAM,CAAElP,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA6B,CACvEiE,IAAK,6BACL7I,KAAM,CACJuL,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,CAEA,MAAMzF,KAAwC,CAC5C,OAAO,IAAI,CAACiI,cAAc,CAACG,QAAQ,CAA0B,CAC3DvF,IAAK,sBACLhE,OAAQ,KACV,EACF,CACF,CC/CO,MAAM6V,sCAGX,aACEzM,CAAwC,CAC9BC,CAAoE,CAC9E,MAFUD,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,CACT,CAEH,MAAMyM,iBAAiB5U,CAAoC,CAA4C,CAMrG,OALAmH,GAAc,+BAAgCnH,EAAM,CAClD6U,aAAc,iBACdC,kBAAmB,gBACrB,GAEO,MAAM,IAAI,CAAC5M,cAAc,CAACG,QAAQ,CAAkC,CACzEvF,IAAK,YACLhE,OAAQ,OACR7E,KAAM+F,CACR,EACF,CAEA,MAAM+U,iBAAiB/U,CAAoC,CAA4C,CAOrG,OANAmH,GAAc,+BAAgCnH,EAAM,CAClDgV,cAAe,SACfH,aAAc,iBACdC,kBAAmB,gBACrB,GAEO,MAAM,IAAI,CAAC5M,cAAc,CAACG,QAAQ,CAAkC,CACzEvF,IAAK,CAAC,UAAU,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CACtClW,OAAQ,MACR7E,KAAM+F,CACR,EACF,CAEA,MAAMiV,iBAAiBC,CAAoB,CAA4C,CASrF,OARA/N,GACE,+BACA,CAAE6N,cAAeE,GACjB,CACEF,cAAe,QACjB,GAGK,MAAM,IAAI,CAAC9M,cAAc,CAACG,QAAQ,CAAkC,CACzEvF,IAAK,CAAC,UAAU,EAAEoS,EAAAA,CAAc,CAChCpW,OAAQ,QACV,EACF,CAEA,MAAMqW,eAAuD,CAC3D,OAAO,MAAM,IAAI,CAACjN,cAAc,CAACG,QAAQ,CAA+B,CACtEvF,IAAK,YACLhE,OAAQ,KACV,EACF,CAEA,MAAMsW,oBAAoBpV,CAAuC,CAA+C,CAM9G,OALAmH,GAAc,kCAAmCnH,EAAM,CACrDqV,MAAO,iBACPC,OAAQ,gBACV,GAEO,MAAM,IAAI,CAACpN,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,mBACLhE,OAAQ,OACR7E,KAAM+F,CACR,EACF,CAEA,MAAMuV,YAAYL,CAAoB,CAAuC,CAQ3E,OAPA/N,GACE,0BACA,CAAE+N,aAAAA,GACF,CACEA,aAAc,QAChB,GAEK,MAAM,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAA6B,CACpEvF,IAAK,yBACLhE,OAAQ,OACR7E,KAAM,CAAE+a,cAAeE,CAAa,CACtC,EACF,CAEA,MAAMM,eAAeN,CAAoB,CAA0C,CASjF,OARA/N,GACE,6BACA,CAAE+N,aAAAA,GACF,CACEA,aAAc,QAChB,GAGK,MAAM,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAAgC,CACvEvF,IAAK,4BACLhE,OAAQ,OACR7E,KAAM,CAAE+a,cAAeE,CAAa,CACtC,EACF,CAEA,MAAMO,aAAaP,CAAoB,CAAwC,CAS7E,OARA/N,GACE,2BACA,CAAE+N,aAAAA,GACF,CACEA,aAAc,QAChB,GAGK,MAAM,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAA8B,CACrEvF,IAAK,0BACLhE,OAAQ,OACR7E,KAAM,CAAE+a,cAAeE,CAAa,CACtC,EACF,CACF,CC/GO,MAAMQ,wDAGX,aACUxN,CAA8B,CAC9BoG,CAAiC,CACjCnG,CAAoE,CAC5E,MAHQD,cAAAA,CAAAA,OACAoG,iBAAAA,CAAAA,OACAnG,oBAAAA,CAAAA,CACP,CAEHlI,IAAM,UACJ,IAAMX,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAsC,CACnFvF,IAAK,gCACLhE,OAAQ,KACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,EAAKkR,MAAM,AACpB,CAAA,AAEA/B,CAAAA,QAAU,IACD,IAAI,CAACtG,oBAAoB,CAAC+H,SAAS,EAC5C,AAEAvB,CAAAA,QAAU,IAAmB,CAAA,CAC3B6B,OAAQ,IAAI,CAAC/B,OAAO,GACpBG,UAAW,IAAI,CAACzG,oBAAoB,CAAC0G,YAAY,EACnD,CAAA,CAAA,AAEAC,CAAAA,SAAW,AAACC,GACH,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,GAAUwK,EAASxK,GAAOiM,QAAU,MACzF,AAEAvB,CAAAA,OAAS,MAAOjP,IACdmH,GAAc,qBAAsBnH,EAAM,CACxCxG,KAAM,iBACNmc,mBAAoB,iBACpBC,aAAc,kBACdjF,iBAAkB,iBAClBkF,mBAAoB,gBACtB,GAEA,IAAMvW,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAA0B,CACvEvF,IAAK,oCACL7I,KAAM+F,EACNlB,OAAQ,KACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEAyQ,CAAAA,qBAAuB,UACrB,IAAMzQ,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAwC,CACrFvF,IAAK,+CACLhE,OAAQ,QACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA2Q,CAAAA,cAAgB,UACd,IAAM3Q,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAkC,CAC/EvF,IAAK,wCACLhE,OAAQ,QACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEAuQ,CAAAA,eAAiB,MAAOC,IACtB,IAAMxQ,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAkC,CAC/EvF,IAAK,CAAC,qCAAqC,EAAEgN,EAAAA,CAAY,CACzDhR,OAAQ,QACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA8Q,CAAAA,mBAAqB,MACnBpQ,IAEA,IAAMV,EAAO,MAAM,IAAI,CAACgP,iBAAiB,CAACjG,QAAQ,CAAsC,CACtFvF,IAAK,kDACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEA,OADA,IAAI,CAACmI,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA+Q,CAAAA,iBAAmB,MAAOrQ,IACxB,IAAMV,EAAO,MAAM,IAAI,CAACgP,iBAAiB,CAACjG,QAAQ,CAAoC,CACpFvF,IAAK,gDACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEA,OADA,IAAI,CAACmI,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA+P,CAAAA,iBAAmB,SACV,IAAI,CAACnH,cAAc,CAACG,QAAQ,CAAoC,CACrEvF,IAAK,4CACLhE,OAAQ,KACV,EACF,AAEAwR,CAAAA,mBAAqB,MACnBtQ,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAsC,CACvEvF,IAAK,CAAC,0CAA0C,EAAE9C,EAAKuP,gBAAgB,CAAC,OAAO,CAAC,CAChFzQ,OAAQ,MACV,EACF,AACF,CClHO,MAAMgX,sCAGXrH,CAAAA,QAAU,IACD,IAAI,CAACtG,oBAAoB,CAACmM,UAAU,EAC7C,AAEA3F,CAAAA,QAAU,IAA0B,CAAA,CAClC0F,QAAS,IAAI,CAAC5F,OAAO,GACrBG,UAAW,IAAI,CAACzG,oBAAoB,CAAC0G,YAAY,EACnD,CAAA,CAAA,AAEAC,CAAAA,SAAW,AAACC,GACH,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,GAAUwK,EAASxK,GAAO8P,SAAW,MAC1F,AAEA0B,CAAAA,OAAS,MAAOta,IASd,GAAI,CACF,IAAM6D,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAwB,CACrEvF,IAAK,uBACLhE,OAAQ,MACV,GAIA,OAFA,IAAI,CAACqJ,oBAAoB,CAACgH,YAAY,GAE/B7P,CAET,CAAE,MAAOxD,EAAY,CAMnB,MALIL,GAASua,WACX,IAAI,CAAC7N,oBAAoB,CAACgH,YAAY,GAC7BpU,EAA0BmF,QAAQ,CAACpE,EAAMvB,UAAU,GAC5D,IAAI,CAAC4N,oBAAoB,CAACgH,YAAY,GAElCrT,CACR,CACF,CAAA,AAEAma,CAAAA,gBAAkB,MAAOxa,IACvB0L,GAAc,iCAAkC1L,EAAS,CACvDkU,UAAW,QACb,GAEO,MAAM,IAAI,CAACzH,cAAc,CAACG,QAAQ,CAAwB,CAC/DvF,IAAK,CAAC,qBAAqB,EAAErH,EAAQkU,SAAS,CAAA,CAAE,CAChD7Q,OAAQ,MACV,GACF,AAEQoX,CAAAA,cAAgB,MACtBza,IAEA,IAAM0a,EAAiB,IAAI,CAAChO,oBAAoB,CAACmM,UAAU,GACrD8B,EAAiB,IACrBD,GAAgBE,oBAAsB,IAAI,CAAClO,oBAAoB,CAACmM,UAAU,IAAI+B,kBAEhF,GAAI,CACF,IAAMjN,EAAc,CAClBV,yBAA0BjN,GAASiN,wBACrC,EACMpJ,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAwD,CACrGvF,IAAK,6BACL7I,KAAMmP,EACNtK,OAAQ,MACV,GAEA,GAAIsX,IAGF,OAAO,IAAI,CAACF,aAAa,CAACza,GAG5B,OAAO6D,CAET,CAAE,MAAOxD,EAAY,CACnB,GAAIsa,IAGF,OAAO,IAAI,CAACF,aAAa,CAACza,EAM5B,OAHIV,EAA0BmF,QAAQ,CAACpE,EAAMvB,UAAU,GACrD,IAAI,CAAC4N,oBAAoB,CAACmO,cAAc,GAEpCxa,CACR,CACF,CAAA,AAEA+N,CAAAA,YAAAA,AAIAR,CAAAA,QAAAA,AAEAkN,CAAAA,mBAAAA,AAIAC,CAAAA,MAAAA,AAEA,aACEtO,CAAsC,CAC9BC,CAAoE,CAC5E,MAFQD,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,EAER,IAAI,CAAC0B,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,IAAI,CAACyN,aAAa,EAElF,IAAI,CAAC7M,QAAQ,CAAG,IAAI,CAAClB,oBAAoB,CAACM,iBAAiB,CAAC,MAAOzI,IACjEmH,GAAc,0BAA2BnH,EAAM,CAC7CsJ,gBAAiB,SACjBZ,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEO,IAAI,CAACrB,cAAc,CAACG,QAAQ,CAAoD,CACrFvF,IAAK,yBACL7I,KAAM+F,EACNlB,OAAQ,MACV,KAGF,IAAI,CAACyX,mBAAmB,CAAG,IAAI,CAACpO,oBAAoB,CAACM,iBAAiB,CACpE,MAAOzI,IACLmH,GAAc,0BAA2BnH,EAAM,CAC7CyW,aAAc,SACd/N,yBAA0B,QAC5B,GACO,IAAI,CAACR,cAAc,CAACG,QAAQ,CAA+D,CAChGvF,IAAK,sCACL7I,KAAM+F,EACNlB,OAAQ,MACV,KAIJ,IAAI,CAAC0X,MAAM,CAAG,IAAI,CAACrO,oBAAoB,CAACM,iBAAiB,CAAC,MAAOzI,IAC/DmH,GAAc,wBAAyBnH,EAAM,CAC3CsJ,gBAAiB,iBACjBoN,WAAY,SACZnJ,MAAO,SACP7E,yBAA0B,gBAC5B,GAEO,IAAI,CAACR,cAAc,CAACG,QAAQ,CAAkD,CACnFvF,IAAK,uBACL7I,KAAM+F,EACNlB,OAAQ,MACV,IAEJ,CAEA6X,WAAY,CACV,OAAO,IAAI,CAACxO,oBAAoB,CAACwO,SAAS,EAK5C,CAEAC,cAAcC,CAA2B,CAAQ,CAC/C1P,GAAc,+BAAgC0P,EAAQ,CACpDC,cAAe,SACfC,YAAa,gBACf,GACA,IAAI,CAAC5O,oBAAoB,CAAC6O,YAAY,CAACH,EACzC,CACF,CCzJO,MAAMI,2FAGXpN,CAAAA,YAAAA,AAEA,aACE3B,CAAwC,CACxCC,CAA8E,CAC9EkC,CAAoC,CAC1ByC,CAA6B,CAC7BvC,CAAe,CACfT,CAA2C,CACrD,MANU5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAyC,cAAAA,CAAAA,OACAvC,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAEV,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,MAAOhN,IACrE0L,GAAc,0BAA2B1L,EAAS,CAChDyb,UAAW,SACXxO,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAM6C,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,EAE7C,CAACQ,GACHY,GACE,mNAMJ,GAAM,CAAExH,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7FjG,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAAiD,CACvGiE,IAAK,wBACLhE,OAAQ,OACR7E,KAAM,CACJiS,mBAAoBE,GAASP,cAC7B,GAAGpQ,CAAO,CACV+J,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,EACF,CAEA,MAAgB+N,eAAgB,QAG9B,AVjFgDE,AUiF1B,IAAI,CAAChD,OAAO,CAAC/F,WAAW,CVjFQtE,QAAQ,CAAC,qBUkFtD,IAAI,CAACqK,OAAO,CAACiD,UAAU,CAEzB,IAAI,CAACjD,OAAO,CAACkD,UAAU,AAChC,CAEA,MAAMP,MAAM,CAAE8H,cAAAA,CAAa,CAAEjK,mBAAAA,CAAkB,CAAEE,oBAAAA,CAAmB,CAAmB,CAAiB,CACtG,GAAM,CAAEkM,mBAAAA,CAAkB,CAAE,CAAG,MAAM,IAAI,CAACrK,cAAc,CAClDgB,EAAU,MAAM,IAAI,CAACT,aAAa,GAElCU,EAAW,IAAIhL,IAAI,CAAA,EAAG+K,EAAQ,oBAAoB,CAAC,EAIzD,GAHAC,EAASC,YAAY,CAACC,GAAG,CAAC,eAAgB,IAAI,CAAC1D,OAAO,CAAC/F,WAAW,EAClEuJ,EAASC,YAAY,CAACC,GAAG,CAAC,gBAAiB+G,GAEvCmC,EAAoB,CACtB,IAAM/K,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,GAC5DyB,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuB7B,EAAQC,cAAc,CACzE,MACE,IAAI,CAAChC,YAAY,CAAC8B,WAAW,EAG3BpB,CAAAA,GAAoBgD,EAASC,YAAY,CAACC,GAAG,CAAC,qBAAsBlD,GACpEE,GAAqB8C,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuBhD,GAE1E,IAAI,CAACiD,QAAQ,CAACH,EAChB,CAGAG,SAASpL,CAAQ,CAAE,CACjBkC,OAAOmJ,QAAQ,CAACC,IAAI,CAAGtL,EAAIpB,QAAQ,EACrC,CAEA,MAAM0V,gBAAwD,CAC5D,OAAO,MAAM,IAAI,CAAClP,cAAc,CAACG,QAAQ,CAA+B,CACtEvF,IAAK,WACLhE,OAAQ,KACV,EACF,CAEA,MAAMuY,oBAAoBC,CAAoB,CAA8C,CAC1F,OAAO,MAAM,IAAI,CAACpP,cAAc,CAACG,QAAQ,CAAoC,CAC3EvF,IAAK,CAAC,6CAA6C,EAAEyU,mBAAmBD,GAAAA,CAAe,CACvFxY,OAAQ,KACV,EACF,CAEA,MAAMmW,iBAAiBC,CAAoB,CAA2C,CACpF,OAAO,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAAiC,CAClEvF,IAAK,CAAC,SAAS,EAAEoS,EAAAA,CAAc,CAC/BpW,OAAQ,QACV,EACF,CAEA0Y,KAAO,CACL5C,iBAAkB,MAAO5U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,gBACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEF+U,iBAAkB,MAAO/U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CAC1ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEFyX,sBAAuB,MACrBzX,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAC,IAAI,CAAC,CAC9ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEF0X,8BAA+B,MAC7B1X,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAkD,CACzFvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAC,2BAA2B,EAAEhV,EAAK2X,cAAc,CAAA,CAAE,CAC3F7Y,OAAQ,QACV,GAEF8Y,2BAA4B,MAC1B5X,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAA+C,CACtFvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAC,wBAAwB,EAAEhV,EAAK6X,cAAc,CAAA,CAAE,CACxF/Y,OAAQ,QACV,GAEJ,AAEAgZ,CAAAA,KAAO,CACLlD,iBAAkB,MAAO5U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,gBACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEF+U,iBAAkB,MAAO/U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CAC1ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEJ,AAEA+X,CAAAA,SAAW,CACTnD,iBAAkB,MAChB5U,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAyC,CAChFvF,IAAK,oBACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEF+U,iBAAkB,MAChB/U,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAyC,CAChFvF,IAAK,CAAC,kBAAkB,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CAC9ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEJ,AACF,CCxNO,MAAMgY,uDAGXnO,CAAAA,YAAAA,AAEA,aACU3B,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAC7D,MAAOzI,IACLmH,GAAc,2BAA4BnH,EAAM,CAC9CsJ,gBAAiB,SACjBqG,UAAW,SACXiB,KAAM,SACNlI,yBAA0B,SAC1BmI,mBAAoB,iBACpBoH,gBAAiB,iBACnB,GACA,GAAM,CAAEzS,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EAEA,OAAO,IAAI,CAAC4M,cAAc,CAACrJ,iBAAiB,CAAqD,CAC/FiE,IAAK,yBACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CAEA,MAAM8C,OAAOxI,CAA0B,CAAkC,CACvEmH,GAAc,qBAAsBnH,EAAM,CACxCsJ,gBAAiB,SACjBqG,UAAW,SACXuI,mBAAoB,gBACtB,GACA,GAAM,CAAE1S,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7FmK,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACrJ,iBAAiB,CAAwB,CAClFiE,IAAK,YACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EACAwD,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAMA,OAJIgK,EAASC,SAAS,GAAK,IAAI,CAACxH,oBAAoB,CAAC+H,SAAS,IAAIP,WAChE,IAAI,CAACxH,oBAAoB,CAACoI,YAAY,CAACb,EAASc,MAAM,EAGjDd,CACT,CACF,CC1D6BjM,QAAQC,OAAO,CAAC,CAC3CyU,6BAA8B,CAAA,CAChC,GCI6B1U,QAAQC,OAAO,CAAC,CAC3CuG,+BAAgC,CAAA,CAClC,GCK6BxG,QAAQC,OAAO,CAAC,CAC3CoN,8BAA+B,CAAA,CACjC,EChBO,OAAMsH,YACXC,CAAAA,KAAAA,AAEA,aAAoBC,CAAiB,CAAE,MAAnBA,SAAAA,CAAAA,EAClB,IAAI,CAACC,YAAY,EACnB,CAEQA,cAAe,CACrB,IAAIC,EAAiB3X,SAAS4X,aAAa,CAAC,CAAC,OAAO,EAAE,IAAI,CAACH,SAAS,CAAC,EAAE,CAAC,EAwBxE,GArBKE,EAUHxL,GAAYnU,IARZ2f,AADAA,CAAAA,EAAiB3X,SAASC,aAAa,CAAC,SAAA,EACzB4X,GAAG,CAAG,IAAI,CAACJ,SAAS,CACnCE,EAAeG,KAAK,CAACC,QAAQ,CAAG,WAChCJ,EAAeG,KAAK,CAACE,KAAK,CAAG,IAC7BL,EAAeG,KAAK,CAACG,MAAM,CAAG,IAC9BN,EAAeG,KAAK,CAACI,MAAM,CAAG,IAC9BP,EAAevG,IAAI,CAAG,OACtBpR,SAAS5G,IAAI,CAACiH,WAAW,CAACsX,IAaxBA,AAAkC,SAAlCA,EAAevU,OAAO,CAACC,MAAM,CAAa,CAC5C,IAAI,CAACmU,KAAK,CAAG5U,QAAQC,OAAO,CAAC8U,GAC7B,MACF,CAEA,IAAI,CAACH,KAAK,CAAG,IAAI5U,QAAQ,AAACC,IACxB8U,EAAenU,gBAAgB,CAC7B,OACA,KACEmU,EAAevU,OAAO,CAACC,MAAM,CAAG,OAChCR,EAAQ8U,EACV,EACA,CAAEQ,KAAM,CAAA,CAAK,EAEjB,EACF,CAEA,MAAMC,KAAQna,CAAc,CAAEoE,CAAe,CAAc,CACzD,IAAMmV,EAAQ,MAAM,IAAI,CAACA,KAAK,CACxBa,EAAU,IAAIC,eAEpB,OAAO,IAAI1V,QAAQ,CAACC,EAASC,KAC3BuV,EAAQE,KAAK,CAACC,SAAS,CAAG,AAACpS,IACzB,IAAM3H,EAAO2H,EAAMjH,IAAI,CACvBkZ,EAAQE,KAAK,CAACE,KAAK,GACfha,EAAKia,OAAO,CACd7V,EAAQpE,EAAKka,OAAO,EAEpB7V,EAAOkC,GAAgBK,UAAU,CAAC5G,EAAKxD,KAAK,EAEhD,EAOAuc,EAAMoB,aAAa,EAAEC,YALW,CAC9B5a,OAAAA,EACAoE,KAAAA,CACF,EAE0C,IAAI,CAACoV,SAAS,CAAE,CAACY,EAAQS,KAAAA,CAAM,CAC3E,EACF,CACF,CCtEO,MAAMC,kCACX,aACE1R,CAAsC,CAC9B4B,CAA2C,CACnD,MAFQ5B,cAAAA,CAAAA,OACA4B,gBAAAA,CAAAA,CACP,CAEH+P,WAAW1P,CAAa,CAA2B,CACjD,OAAO,IAAI,CAACL,gBAAgB,CAACvE,2BAA2B,GAAGV,IAAI,CAAC,CAAC,CAAEW,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,GAC3F,IAAI,CAACyC,cAAc,CAACG,QAAQ,CAAiB,CAClDvF,IAAK,gBACLhE,OAAQ,OACR7E,KAAM,CAAEkQ,MAAAA,EAAO3E,iBAAAA,EAAkBC,cAAAA,CAAc,CACjD,GAEJ,CAEAqU,aAAa3P,CAAa,CAAEb,CAAuB,CAA6B,CAC9E,OAAO,IAAI,CAACpB,cAAc,CAACG,QAAQ,CAAmB,CACpDvF,IAAK,oCACLhE,OAAQ,OACR7E,KAAM,CAAEwQ,cAAeN,EAAOb,gBAAAA,CAAgB,CAChD,EACF,CACF,CCzBA,MAAMyQ,GACIC,UAAY,CAAA,CAAA,AAEZC,CAAAA,SAAW,IAAIC,GAAAA,AAEhBC,CAAAA,SAASzZ,CAAW,CAAE0Z,CAA+B,CAAE,CAC5D,IAAMC,EAAe,IAAI,CAACJ,QAAQ,CAACha,GAAG,CAACS,GAInC2Z,GAAgBA,IAAiBD,IAC9B,IAAI,CAACJ,SAAS,GACjBhN,GAAYnU,GACZ,IAAI,CAACmhB,SAAS,CAAG,CAAA,GAEnBK,EAAaC,uBAAuB,IAEtC,IAAI,CAACL,QAAQ,CAAChM,GAAG,CAACvN,EAAK0Z,EACzB,CAEOG,WAAW/V,CAAmB,CAAE4V,CAA+B,CAAE,CACtE,IAAMC,EAAe,IAAI,CAACJ,QAAQ,CAACha,GAAG,CAACuE,EACnC6V,CAAAA,GAAgBA,IAAiBD,GACnC,IAAI,CAACH,QAAQ,CAAC/K,MAAM,CAAC1K,EAEzB,CACF,CAOO,MAAMgW,oEAEX,QAAeC,oBAAsB,IAAY,AAIzCC,CAAAA,QAAgD,IAAA,AAGxDC,CAAAA,iCAAQA,AAER,QAAeV,SAAW,IAAIF,EAAAA,AAEtBI,CAAAA,UAAW,CACjBK,GAAeP,QAAQ,CAACE,QAAQ,CAAC,IAAI,CAACS,YAAY,CAAE,IAAI,CAC1D,CAEQL,YAAa,CACnBC,GAAeP,QAAQ,CAACM,UAAU,CAAC,IAAI,CAACK,YAAY,CAAE,IAAI,CAC5D,CAEA,YACUzS,CAE0C,CAClD0S,CAEoD,CAC5CD,CAAoB,CAC5BE,CAAgD,CAChD,MARQ3S,oBAAAA,CAAAA,OAGA0S,sBAAAA,CAAAA,OAGAD,YAAAA,CAAAA,OACAE,QAAAA,CAAAA,EAER,IAAI,CAAC3S,oBAAoB,CAAC6G,gBAAgB,CAAC,IAAI,CAAC+L,aAAa,CAC/D,CAOAC,0BAA2B,CAEzB,IAAI,CAACC,0BAA0B,GAC5BpW,IAAI,CAAC,KACJ,IAAI,CAACqW,yBAAyB,EAChC,GACCC,KAAK,CAAC,AAACrf,IACNkR,GAAY,gFAAiF,CAAElR,MAAAA,CAAM,GACrG,IAAI,CAACqM,oBAAoB,CAACmO,cAAc,EAC1C,EACJ,CAEQ4E,2BAA4B,CAElC,IAAI,CAACZ,uBAAuB,GAC5B,IAAI,CAACH,QAAQ,GAEb,IAAI,CAACO,OAAO,CAAGU,WAAW,KACxB,IAAI,CAACJ,wBAAwB,EAC/B,EAAGR,GAAeC,mBAAmB,CACvC,CAEAH,yBAA0B,CACH,OAAjB,IAAI,CAACI,OAAO,GACd,IAAI,CAACH,UAAU,GAEfc,aAAa,IAAI,CAACX,OAAO,EACzB,IAAI,CAACA,OAAO,CAAG,KAEnB,CASQK,cAAgB,AACtBxW,IAEIA,AAAS,MAATA,GAAiBA,EAAM+W,sBAAsB,EAC/C,CAAA,IAAI,CAACX,iCAAiC,CAAGpW,EAAM+W,sBAAsB,AAAtBA,EAG5B/W,GC/HyE8P,QDgI5F,IAAI,CAAC6G,yBAAyB,GAE9B,IAAI,CAACZ,uBAAuB,EAEhC,CAAA,AAMQW,CAAAA,2BAA6B,UACnC,IAAIM,EAAQ,EACZ,OACE,GAAI,CACF,IAAM9f,EAAsC,CAC1CiN,yBAA0B,IAAI,CAACoS,QAAQ,CAACU,gBAAgB,CAAG,IAAI,CAACb,iCAAiC,CAAGrf,KAAAA,CACtG,EAEA,OAAO,MAAM,IAAI,CAACuf,sBAAsB,CAAChR,YAAY,CAACpO,EACxD,CAAE,MAAOtB,EAAK,CACZ,GAAIqgB,GAAeiB,oBAAoB,CAACthB,GACtC,OAAOsJ,QAAQE,MAAM,CAACxJ,EAExBohB,CAAAA,IACA,MAAM,IAAI9X,QAAQ,AAACiY,GAASN,WAAWM,EAAMlB,GAAemB,iBAAiB,CAACJ,IAChF,CAEJ,CAAA,AAIA,QAAOI,kBAAkBJ,CAAa,CAAE,CAItC,OAHAA,EAAQK,KAAKC,GAAG,CAACN,EAAO,GAGjBO,AAFQF,KAAKG,KAAK,CAACH,AAAgB,IAAhBA,KAAK5Z,MAAM,IAAY,IACjC,IAAO,GAAKuZ,CAE9B,CAGA,OAAOE,qBAAqB3f,CAAU,CAAE,CACtC,OAAOf,EAA0BmF,QAAQ,CAACpE,EAAMvB,UAAU,CAC5D,CACF,CEpKO,MAAMyhB,kCACX,aACE7T,CAA0F,CACzE8T,CAAa,CAC9B,MAFiB9T,oBAAAA,CAAAA,OACA8T,UAAAA,CAAAA,CAChB,CAEIC,cAAgD,AAACnN,GAC/C,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,IACjDwK,EAASxK,GAAS,IAAI,CAAC0X,UAAU,CACnC,EACF,AACF,CCpBA,IAAME,GAAaC,OAAO,uBAQpBC,GAAc,AAACC,GAGZ,IAAIC,MADE,KAAO,EACG,CACrBtc,IAAAA,CAAIuc,EAAQC,IACV,AAAKA,IAAiBN,IAGfE,GAAYC,EAAO,IAAM/gB,OAAOkhB,IAEzCC,QACE,MAAM,AAAIrjB,MCEV,CAAC,8CAA8C,EDFCijB,ECEM;;;;;;;;;;;;;;;;;AAiBvB,qCAAA,CAAC,CDlBlC,CACF,GEQIK,GAAsB,YACtBC,GAAoB,IAAsB,CAAA,CAC9CC,iBAAkB,CAAA,EAClBC,YAAa,KACbxP,YAAa,KACbyP,aAAc,CAAC,aAAa,CAC5BC,gBAAiB,CAAE9X,QAAS,CAAA,CAAM,EAClC+E,+BAAgC,CAAA,EAChC6G,8BAA+B,CAAA,EAC/BjD,qBAAsB,CAAA,EACtBsJ,mBAAoB,CAAA,EACpB8F,YAAa,KACbC,0BAA2B,CAAA,EAC3BC,eAAgB,KAChBpY,oBAAqB,CAAA,EACrB2O,WAAY,KACZyE,6BAA8B,CAAA,EAC9BiF,SAAU,MAGL,OAAMC,yCACMC,CAAAA,qBAAAA,AAEjB,aACU1C,CAAoB,CACpB1S,CAA8B,CAC9BqV,CAAoE,CAC5E,MAHQ3C,YAAAA,CAAAA,OACA1S,cAAAA,CAAAA,OACAqV,UAAAA,CAAAA,EAKR,IAAI,CAACD,qBAAqB,CAAG,IAAI,CAACpV,cAAc,CAC7CG,QAAQ,CAAmB,CAC1BvF,IAAK,CAAC,oBAAoB,EAAE,IAAI,CAAC8X,YAAY,CAAA,CAAE,CAC/C9b,OAAQ,KACV,GACC+F,IAAI,CAACwY,GAAqBG,gBAAgB,EAC1C3Y,IAAI,CAAC,AAAC7E,IACL,IAAI,CAACud,UAAU,CAACE,OAAO,CAACd,GAAqB9hB,KAAKC,SAAS,CAACkF,IACrDA,IAERmb,KAAK,CAAC,AAACrf,IACNkR,GAAalR,GACN8gB,MAEb,CAEA,OAAOY,iBAAiB9N,CAA0B,CAAiB,CACjE,IAAMyN,EACJzN,AAA6B,OAA7BA,EAASgO,eAAe,CACpB,CACEC,eAAgBjO,EAASgO,eAAe,CAACE,eAAe,CACxDC,iBAAkBnO,EAASgO,eAAe,CAACI,kBAAAA,EAE7C,KAEN,MAAO,CACLhB,YAAapN,EAASqO,YAAY,CAClClB,iBAAkB,CAACnN,EAASsO,qBAAqB,CACjDhB,gBAAiBtN,EAASuO,gBAAgB,CAC1C3Q,YAAaoC,EAASwO,YAAY,CAClCnB,aAAcrN,EAASyO,aAAa,CAEpClU,+BAAgCyF,EAAS0O,mCAAmC,CAC5EtN,8BAA+BpB,EAAS2O,iCAAiC,CACzExQ,qBAAsB6B,EAAS4O,uBAAuB,CACtDnH,mBAAoBzH,EAAS6O,qBAAqB,CAClDtB,YAAavN,EAAS8O,YAAY,CAClCtB,0BAA2BxN,EAAS+O,2BAA2B,CAC/DtB,eAAAA,EACApY,oBAAqB2K,EAASgP,0BAA0B,EAAI,CAAA,EAC5DtZ,qBAAsBsK,EAASiP,uBAAuB,CACtDjL,WAAYhE,EAASkP,WAAW,EAAI,KACpCzG,6BAA8BzI,EAASmP,gCAAgC,CACvEzB,SAAU1N,EAAS0N,QAAAA,AACrB,CACF,CAEA3O,SAAyB,CACvB,IAAMqQ,EAAS,IAAI,CAACvB,UAAU,CAACwB,OAAO,CAACpC,IACvC,GAAImC,AAAW,OAAXA,EACF,OAAOlC,KAET,GAAI,CACF,OAAO/hB,KAAKmkB,KAAK,CAACF,EACpB,CAAE,KAAM,CACN,OAAOlC,IACT,CACF,CAEAqC,UAAmC,CACjC,OAAO,IAAI,CAAC3B,qBAAqB,AACnC,CACF,CCnHO,MAAM4B,mBACH3a,CAAAA,KAAAA,AACR,aAAoBI,CAAwC,CAAE,MAA1CA,gBAAAA,CAAAA,EAClB,IAAI,CAACJ,KAAK,CAAGI,EAAiBE,IAAI,CAAC,MAAOC,QAVjBqa,SAWvB,AAAKra,EAAckY,eAAe,CAAC9X,OAAO,CAGnC,CACLka,WAAY,CAAA,EACZC,cAAe,OAhBMF,EAgBoBra,EAAckY,eAAe,CAACmC,OAAO,CAfpF5b,GAAa,CAAC,sDAAsD,EAAE4b,EAAAA,CAAS,CAAE,IAAMna,OAAOsa,UAAU,CAACC,UAAU,GAgB7GJ,QAASra,EAAckY,eAAe,CAACmC,OAAAA,AACzC,EANS,CAAEC,WAAY,CAAA,CAAM,CAO/B,EACF,CAEAxa,iBAAmB,UACjB,GAAM,CAAEya,cAAAA,CAAa,CAAED,WAAAA,CAAU,CAAED,QAAAA,CAAO,CAAE,CAAG,MAAM,IAAI,CAAC5a,KAAK,CAC/D,GAAK6a,EAIL,OADA,MAAM,IAAI3b,QAAc,AAACC,GAAY2b,EAAcG,KAAK,CAAC9b,IAClD2b,EAAcI,OAAO,CAACN,EAAS,CACpCne,OAAQ,OACV,EACF,CAAA,AACF,CChCO,MAAM0e,YACHC,CAAAA,YAAAA,AACR,aAAoBrH,CAAiB,CAAE,MAAnBA,SAAAA,CAAAA,CAAoB,CAOxC,IAAYsH,aAAgC,CAE1C,OADA,IAAI,CAACD,YAAY,CAAG,IAAI,CAACA,YAAY,EAAI,IAAIvH,GAAiB,IAAI,CAACE,SAAS,EACrE,IAAI,CAACqH,YAAY,AAC1B,CAEQ1G,KAAW4G,CAAmB,CAAEzgB,CAAM,CAAc,CAC1D,OAAO,IAAI,CAACwgB,WAAW,CAAC3G,IAAI,CAAI4G,EAAa,CAACzgB,EAAI,CACpD,CAEA0gB,YAA0C,AAAC1gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,cAAe7Z,EAAAA,AAC5E2gB,CAAAA,aAA4C,AAAC3gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,eAAgB7Z,EAAAA,AAC/E4gB,CAAAA,kBAAsD,AAAC5gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,oBAAqB7Z,EAAAA,AAC9F6gB,CAAAA,sBAA8D,AAAC7gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,wBAAyB7Z,EAAAA,AAC5G,CCFO,MAAM8gB,gEACHC,CAAAA,WAAAA,AACSrS,CAAAA,OAAAA,AAEjB,aACE8M,CAA4B,CACpBwF,CAAgF,CACxFC,CAAmB,CACnBC,CAAmB,CACnBC,CAAgE,CAChE,MALQ3F,YAAAA,CAAAA,OACAwF,sBAAAA,CAAAA,OAGAG,yBAAAA,CAAAA,EAER,IAAI,CAACzS,OAAO,CAAGuS,EACXG,AzBpByB,CAAA,AAACjT,GAAkBA,EAAMrN,QAAQ,CAAC,oBAAA,EyBoBzC0a,IACpB,CAAA,IAAI,CAAC9M,OAAO,CAAGwS,CAAAA,EAEjB,IAAI,CAACH,WAAW,CAAG,IAAI3Z,GAAY,CACjCC,ahCpCgC,GgCqChCK,mBhCpCsC,IgCqCtCJ,YAAa,IAAI,CAAC+Z,WAAW,CAAC,UAChC,EACF,CAGAC,mBAAqB,IACZ,IACT,AAEA3Z,CAAAA,SAAS,CACPvN,KAAAA,CAAI,CACJF,QAAAA,CAAO,CACPwC,MAAAA,EAAQ,CAAA,CAAE,CAKX,CAAQ,CACP,IAAI,CAACqkB,WAAW,CAACpZ,QAAQ,CAAC,IAAI,CAAC4Z,mBAAmB,GAAI,CACpDC,aAAc,IAAI,CAAChG,YAAY,CAC/BiG,WAAYrnB,EACZF,QAASA,EAGTwnB,WAAYhlB,EAAMglB,UAAU,CAC5BC,kBAAmBjlB,EAAMilB,iBAAiB,CAC1CC,iBAAkBllB,EAAMklB,gBAAAA,AAC1B,EACF,CAEAL,qBAAoC,CAClC,MAAO,CACLM,SzB9C6B,CAAC,SAAS,EAAEC,MAAU,CyBgDnDC,ezB/CkC,CAAC,eAAe,EAAED,MAAU,CyBgD9DE,czB/CkC,CAAC,cAAc,EAAEF,MAAU,CyBiD7DG,eAAgB,IAAIC,OAAOC,WAAW,GACtCC,SAAUC,KAAKC,cAAc,GAAGC,eAAe,GAAGC,QAAQ,CAe1D,GAAG,IAAI,CAACrB,yBAAyB,EAAE,CAGnCsB,IAAK,CACHC,WAAY9c,OAAOmJ,QAAQ,CAACnL,QAAAA,AAC9B,EACA+e,IAAK,CAGHD,WAAY,2BACZE,eACF,CACF,CACF,CAEA,MAAM3Z,SAAmC,CAAEvF,IAAAA,CAAG,CAAE7I,KAAAA,CAAI,CAAE6E,OAAAA,CAAM,CAAkB,CAAc,CAC1F,IAAMmjB,EAAe,IAAI,CAAC7B,sBAAsB,CAAC8B,iBAAiB,GAAGpL,aAAa,CAC5E9X,EAAkB,SAAWgG,OAAOmd,IAAI,CAAC,IAAI,CAACvH,YAAY,CAAG,IAAOqH,CAAAA,GAAgB,IAAI,CAACrH,YAAY,AAAZA,GACzF3b,EAAmB+F,OAAOmd,IAAI,CAACtnB,KAAKC,SAAS,CAAC,IAAI,CAAC6lB,mBAAmB,KACtEzhB,EAAuB8F,OAAOmJ,QAAQ,CAACiU,MAAM,CAEnD,OAAO/iB,GAAgB,CACrBL,gBAAAA,EACA/E,KAAAA,EACA8E,SAAU,IAAI,CAAC0hB,WAAW,CAAC3d,GAC3BhE,OAAAA,EACAG,iBAAAA,EACAC,qBAAAA,CACF,EACF,CAEA,MAAMmjB,cAAc,CAAEvf,IAAAA,CAAG,CAAE7I,KAAAA,CAAI,CAAE6E,OAAAA,CAAM,CAAkB,CAAiB,CACxE,IAAMmjB,EAAe,IAAI,CAAC7B,sBAAsB,CAAC8B,iBAAiB,GAAGpL,aAAa,CAC5E9X,EAAkB,SAAWgG,OAAOmd,IAAI,CAAC,IAAI,CAACvH,YAAY,CAAG,IAAOqH,CAAAA,GAAgB,IAAI,CAACrH,YAAY,AAAZA,GACzF3b,EAAmB+F,OAAOmd,IAAI,CAACtnB,KAAKC,SAAS,CAAC,IAAI,CAAC6lB,mBAAmB,KACtEzhB,EAAuB8F,OAAOmJ,QAAQ,CAACiU,MAAM,CAEnD,OAAO/hB,GAAkB,CACvBrB,gBAAAA,EACA/E,KAAAA,EACA8E,SAAU,IAAI,CAAC0hB,WAAW,CAAC3d,GAC3BhE,OAAAA,EACAG,iBAAAA,EACAC,qBAAAA,CACF,EACF,CAEA,MAAML,kBAA4C,CAChDiE,IAAAA,CAAG,CACH7I,KAAAA,CAAI,CACJ6E,OAAAA,CAAM,CACNK,cAAAA,CAAa,CACW,CAAc,CACtC,IAAM8iB,EAAe,IAAI,CAAC7B,sBAAsB,CAAC8B,iBAAiB,GAAGpL,aAAa,CAC5E9X,EAAkB,SAAWgG,OAAOmd,IAAI,CAAC,IAAI,CAACvH,YAAY,CAAG,IAAOqH,CAAAA,GAAgB,IAAI,CAACrH,YAAY,AAAZA,GACzF3b,EAAmB+F,OAAOmd,IAAI,CAACtnB,KAAKC,SAAS,CAAC,IAAI,CAAC6lB,mBAAmB,KACtEzhB,EAAuB8F,OAAOmJ,QAAQ,CAACiU,MAAM,CAEnD,OAAOvjB,GAAqB,CAC1BG,gBAAAA,EACA/E,KAAAA,EACA8E,SAAU,IAAI,CAAC0hB,WAAW,CAAC3d,GAC3BhE,OAAAA,EACAG,iBAAAA,EACAC,qBAAAA,EACAC,cAAAA,CACF,EACF,CAEAshB,YAAY3d,CAAW,CAAU,CAE/B,MAAO,GAAG,IAAI,CAACgL,OAAO,CAAC,OAAO,EAAEhL,EAAAA,CAAK,AACvC,CACF,CChKA,SAASwf,GAAMC,CAAS,EACtB,IAAI1a,EAAM0a,EAAE7gB,QAAQ,CAAC,IAIrB,OAHImG,AAAe,IAAfA,EAAItF,MAAM,EACZsF,CAAAA,EAAM,IAAMA,CAAAA,EAEPA,CACT,CAaO,MAAM2a,uBACX,aACEjF,CAA4E,CACpEkF,CAAiB,CACzB,MAFQlF,UAAAA,CAAAA,OACAkF,SAAAA,CAAAA,CACP,CAEK/hB,KAAM,CACZ,MAAO,iBAAgC,IAAI,CAAC+hB,SAAS,EAAE,AACzD,CAEA,MAAMnW,sBAA8C,CAClD,IAAMF,EAAU,MAAMoW,GAAYE,kBAAkB,GAEpD,OADA,IAAI,CAACnF,UAAU,CAACE,OAAO,CAAC,IAAI,CAAC/c,GAAG,GAAI7F,KAAKC,SAAS,CAACsR,IAC5CA,CACT,CAEAR,WAAsC,CACpC,IAAM+W,EAAa,IAAI,CAACpF,UAAU,CAACwB,OAAO,CAAC,IAAI,CAACre,GAAG,IACnD,GAAIiiB,AAAe,OAAfA,EAGJ,GAAI,CACF,OAAO9nB,KAAKmkB,KAAK,CAAC2D,EACpB,CAAE,KAAM,CACN3V,GAAY,mDACZ,MACF,CACF,CAEAb,aAAoB,CAClB,OAAO,IAAI,CAACoR,UAAU,CAACqF,UAAU,CAAC,IAAI,CAACliB,GAAG,GAC5C,CAEA,aAAagiB,oBAA4C,KA5ClC7gB,EA6CrB,IAAMghB,EAAQ,IAAIC,YAAY,IAC9B9d,OAAO9C,MAAM,CAACxD,eAAe,CAACmkB,GAC9B,IAAME,EAAerb,MAAMtM,IAAI,CAACynB,GAAO3oB,GAAG,CAACooB,IAAOjoB,IAAI,CAAC,IAIvD,MAAO,CACLgS,cAAAA,EApDmBxK,EAiDN,MAAMmD,OAAO9C,MAAM,CAAC8gB,MAAM,CAACC,MAAM,CAAC,UAAW,IAAIC,cAAcC,MAAM,CAACJ,IA5ChFZ,KAAK5mB,OAAO6nB,YAAY,CAACnK,IAAI,CAAC,QAAS,IAAI5X,WAAWQ,KAC1DwhB,OAAO,CAAC,MAAO,KACfA,OAAO,CAAC,MAAO,KACfA,OAAO,CAAC,MAAO,KA6CdxX,cAAekX,CACjB,CACF,CACF,CCpEA,SAAS9c,GAAQuW,CAAM,EACrB,IAAK,IAAIhb,EAAI,EAAGA,EAAIc,UAAUC,MAAM,CAAEf,IAAK,CACzC,IAAI8hB,EAAShhB,SAAS,CAACd,EAAE,CACzB,IAAK,IAAId,KAAO4iB,EACd9G,CAAM,CAAC9b,EAAI,CAAG4iB,CAAM,CAAC5iB,EAAI,AAE7B,CACA,OAAO8b,CACT,CAwHA,IAAI+G,GAAMC,AAlGV,SAASA,EAAMC,CAAS,CAAEC,CAAiB,EACzC,SAASzV,EAAKvN,CAAG,CAAEC,CAAK,CAAEgjB,CAAU,EAClC,GAAI,AAAoB,IAApB,OAAO9iB,UAMP,AAA8B,UAA9B,MAAO8iB,AAFXA,CAAAA,EAAa1d,GAAO,GAAIyd,EAAmBC,EAAU,EAE/BC,OAAO,EAC3BD,CAAAA,EAAWC,OAAO,CAAG,IAAItC,KAAKA,KAAKuC,GAAG,GAAKF,AAAqB,MAArBA,EAAWC,OAAO,CAAQ,EAEnED,EAAWC,OAAO,EACpBD,CAAAA,EAAWC,OAAO,CAAGD,EAAWC,OAAO,CAACE,WAAW,EAAA,EAGrDpjB,EAAM6W,mBAAmB7W,GACtB2iB,OAAO,CAAC,uBAAwBU,oBAChCV,OAAO,CAAC,QAASW,QAEpB,IAAIC,EAAwB,GAC5B,IAAK,IAAIC,KAAiBP,EACnBA,CAAU,CAACO,EAAc,GAI9BD,GAAyB,KAAOC,EAEE,CAAA,IAA9BP,CAAU,CAACO,EAAc,EAW7BD,CAAAA,GAAyB,IAAMN,CAAU,CAACO,EAAc,CAACC,KAAK,CAAC,IAAI,CAAC,EAAE,AAAD,GAGvE,OAAQtjB,SAASujB,MAAM,CACrB1jB,EAAM,IAAM+iB,EAAUY,KAAK,CAAC1jB,EAAOD,GAAOujB,EAC9C,CA4BA,OAAOxqB,OAAO+O,MAAM,CAClB,CACEyF,IAAKA,EACLhO,IA7BJ,SAAcS,CAAG,EACf,GAAI,AAAoB,IAApB,OAAOG,UAA6ByB,CAAAA,CAAAA,UAAUC,MAAM,EAAK7B,CAAA,GAQ7D,IAAK,IAFD4jB,EAAUzjB,SAASujB,MAAM,CAAGvjB,SAASujB,MAAM,CAACD,KAAK,CAAC,MAAQ,EAAE,CAC5DI,EAAM,CAAA,EACD/iB,EAAI,EAAGA,EAAI8iB,EAAQ/hB,MAAM,CAAEf,IAAK,CACvC,IAAIgjB,EAAQF,CAAO,CAAC9iB,EAAE,CAAC2iB,KAAK,CAAC,KACzBxjB,EAAQ6jB,EAAMC,KAAK,CAAC,GAAGpqB,IAAI,CAAC,KAEhC,GAAI,CACF,IAAIqqB,EAAWX,mBAAmBS,CAAK,CAAC,EAAE,EAG1C,GAFAD,CAAG,CAACG,EAAS,CAAGjB,EAAUkB,IAAI,CAAChkB,EAAO+jB,GAElChkB,IAAQgkB,EACV,KAEJ,CAAE,MAAO7kB,EAAG,CAAC,CACf,CAEA,OAAOa,EAAM6jB,CAAG,CAAC7jB,EAAI,CAAG6jB,EAC1B,EAMIK,OAAQ,SAAUlkB,CAAG,CAAEijB,CAAU,EAC/B1V,EACEvN,EACA,GACAuF,GAAO,CAAA,EAAI0d,EAAY,CACrBC,QAAS,EACrB,GAEM,EACAiB,eAAgB,SAAUlB,CAAU,EAClC,OAAOH,EAAK,IAAI,CAACC,SAAS,CAAExd,GAAO,CAAA,EAAI,IAAI,CAAC0d,UAAU,CAAEA,GAC1D,EACAmB,cAAe,SAAUrB,CAAS,EAChC,OAAOD,EAAKvd,GAAO,GAAI,IAAI,CAACwd,SAAS,CAAEA,GAAY,IAAI,CAACE,UAAU,CACpE,CACN,EACI,CACEA,WAAY,CAAEhjB,MAAOlH,OAAOsrB,MAAM,CAACrB,EAAkB,EACrDD,UAAW,CAAE9iB,MAAOlH,OAAOsrB,MAAM,CAACtB,EAAU,CAClD,EAEA,EAlHuB,CACrBkB,KAAM,SAAUhkB,CAAK,EAInB,MAHIA,AAAa,MAAbA,CAAK,CAAC,EAAE,EACVA,CAAAA,EAAQA,EAAM8jB,KAAK,CAAC,EAAG,GAAE,EAEpB9jB,EAAM0iB,OAAO,CAAC,mBAAoBU,mBAC3C,EACAM,MAAO,SAAU1jB,CAAK,EACpB,OAAO4W,mBAAmB5W,GAAO0iB,OAAO,CACtC,2CACAU,mBAEJ,CACF,EAuGiC,CAAEzH,KAAM,GAAG,GC/DrC,IAAM0I,GAAqB,AAACC,GAO1BC,AALgBC,AADHtkB,CAAAA,SAASujB,MAAM,CAAGvjB,SAASujB,MAAM,CAACD,KAAK,CAAC,MAAQ,EAAE,AAAF,EACjCzR,MAAM,CAAC,AAAC0S,IACzC,GAAM,CAAC5rB,EAAK,CAAG4rB,EAAKjB,KAAK,CAAC,KAC1B,OAAOc,IAAezrB,CACxB,GAEsB+I,MAAM,CAAG,ECrDpB8iB,GAA0B,CAAC7gB,EAAqB9D,IACpD,oBAAmC8D,IAAc9D,EAAM,CAAC,EAAE,EAAEA,EAAAA,CAAK,CAAG,IAAI,CAejF,SAAS4kB,GAAgBC,CAA4B,SACnD,AAAIA,AAAW,MAAXA,EACK,CACLxG,QAAAA,IACS,KAET6D,aAEA,EACAnF,UAEA,CACF,EAGK,CACLsB,QAAQyG,CAAiB,CAAE9kB,CAAe,EACxC,IAAM+kB,EAAuBJ,GAAwBG,EAAW9kB,GAChE,GAAI,CACF,OAAO6kB,EAAQxG,OAAO,CAAC0G,EACzB,CAAE,KAAM,CAEN,OAAO,IACT,CACF,EACAhI,QAAQ+H,CAAiB,CAAE9kB,CAAe,CAAEC,CAAa,EACvD,IAAM8kB,EAAuBJ,GAAwBG,EAAW9kB,GAChE,GAAI,CACEC,GAAO4kB,EAAQ9H,OAAO,CAACgI,EAAsB9kB,EACnD,CAAE,KAAM,CAER,CACF,EACAiiB,WAAW4C,CAAiB,CAAE9kB,CAAe,EAC3C,IAAM+kB,EAAuBJ,GAAwBG,EAAW9kB,GAChE,GAAI,CACF6kB,EAAQ3C,UAAU,CAAC6C,EACrB,CAAE,KAAM,CAER,CACF,CACF,CACF,CAEO,IAAMC,GAAmBJ,GAAgBK,WAAWC,YAAY,EAC1DC,GAAqBP,GAAgBK,WAAWG,cAAc,EAEpE,SAASC,GAAmBR,CAAiB,CAAE/gB,CAAmB,EACvE,MAAO,CACLua,QAAAA,AAAQre,GACC6kB,EAAQxG,OAAO,CAACva,EAAa9D,GAEtC+c,QAAQ/c,CAAe,CAAEC,CAAa,EACpC4kB,EAAQ9H,OAAO,CAACjZ,EAAa9D,EAAKC,EACpC,EACAiiB,WAAWliB,CAAe,EACxB6kB,EAAQ3C,UAAU,CAACpe,EAAa9D,EAClC,CACF,CACF,CChDA,IAAMslB,GAAmB,cAElB,OAAMC,GACXzhB,WAAAA,AACAD,CAAAA,KAAAA,AACiB2hB,CAAAA,uBAAwC,IAAA,AACxCC,CAAAA,eAAgC,IAAA,AAChCC,CAAAA,YAA6B,IAAA,AAC7BC,CAAAA,QAAyB,IAAA,AACzBC,CAAAA,6BAAwC,CAAA,CAAA,AACxCC,CAAAA,eAAgC,IAAA,AAEjDC,CAAAA,aAAAA,AAEiBC,CAAAA,aAAAA,AACRC,CAAAA,qBAAAA,AAET,aAAYliB,CAAmB,CAAE/I,CAA6B,CAAE,KAuB1DkrB,CAtBJ,CAAA,IAAI,CAACniB,WAAW,CAAGA,EACnB,IAAI,CAACD,KAAK,CAAG,KACb,IAAI,CAACiiB,aAAa,CAAG,CAAA,EAGrB,IAAI,CAACC,aAAa,CAAGV,GAAmBL,GAAkBlhB,GAC1D,IAAI,CAACkiB,qBAAqB,CAAGX,GAAmBF,GAAoBrhB,GAEhE/I,GAASmrB,gBACX,IAAI,CAACV,sBAAsB,CAAGzqB,EAAQmrB,aAAa,CAACC,qBAAqB,EAAI,KAC7E,IAAI,CAACV,cAAc,CAAG1qB,EAAQmrB,aAAa,CAACE,aAAa,EAAI,KAC7D,IAAI,CAACV,WAAW,CAAG3qB,EAAQmrB,aAAa,CAACtK,IAAI,EAAI,KACjD,IAAI,CAAC+J,OAAO,CAAG5qB,EAAQmrB,aAAa,CAACG,MAAM,EAAI,KAC/C,IAAI,CAACT,4BAA4B,CAAG7qB,EAAQmrB,aAAa,CAACI,qBAAqB,EAAI,CAAA,EACnF,IAAI,CAACT,cAAc,CAAG9qB,EAAQmrB,aAAa,CAACK,aAAa,EAAI,MAG/D,MAAMC,EAAoB,IAAI,CAACT,aAAa,CAAC1H,OAAO,CAAC,IAErD,GAAI,CAACmI,EACH,OAGF,GAAI,CACFP,EAAc9rB,KAAKmkB,KAAK,CAACkI,EAC3B,CAAE,KAAM,CAEN,IAAI,CAACC,kBAAkB,GACvB,MACF,CAEA,IAAI,CAAC5iB,KAAK,CAAGoiB,CACf,CAEA,IAAcE,uBAAgC,CAC5C,OAAO,IAAI,CAACX,sBAAsB,EAxDR,gBAyD5B,CAEA,IAAcY,eAAwB,CACpC,OAAO,IAAI,CAACX,cAAc,EA3DI,oBA4DhC,CAEA,IAAcc,eAAwB,CACpC,OAAO,IAAI,CAACV,cAAc,EA9DmB,mCA+D/C,CAEArE,mBAAoB,CAClB,MAAO,CACLpL,cAAesQ,GAAQnnB,GAAG,CAAC,IAAI,CAAC4mB,qBAAqB,EACrD9P,YAAaqQ,GAAQnnB,GAAG,CAAC,IAAI,CAAC6mB,aAAa,CAC7C,CACF,CAEAO,oCAAqC,CACnC,OAAOD,GAAQnnB,GAAG,CAAC,IAAI,CAACgnB,aAAa,CACvC,CAEAK,mBAAmBC,CAA6C,CAAE,CAChE,GAAM,CAAEhjB,MAAAA,CAAK,CAAEuS,cAAAA,CAAa,CAAEC,YAAAA,CAAW,CAAE,CAAGwQ,EAExCC,EAAavB,GAAsBwB,kBAAkB,CAAC,CAC1DC,UAAWnjB,GAAO8P,SAASsT,YAAc,GACzCX,sBAAuB,IAAI,CAACV,4BAA4B,CACxDhK,KAAM,IAAI,CAAC8J,WAAW,CACtBW,OAAQ,IAAI,CAACV,OAAAA,AACf,EAEImB,CAAAA,EAAWT,MAAM,EACnB,IAAI,CAACa,aAAa,CAACJ,EAAWT,MAAM,EAGtCK,GAAQnZ,GAAG,CAAC,IAAI,CAAC4Y,qBAAqB,CAAE/P,EAAe0Q,GACvDJ,GAAQnZ,GAAG,CAAC,IAAI,CAAC6Y,aAAa,CAAE/P,EAAayQ,GAS7C,IAAMK,EAAyB5B,GAAsBwB,kBAAkB,CAAC,CACtEC,UAAWnjB,GAAO8P,SAASsT,YAAc,GACzCX,sBAAuB,CAAC,IAAI,CAACV,4BAA4B,CACzDhK,KAAM,IAAI,CAAC8J,WAAW,CACtBW,OAAQ,IAAI,CAACV,OAAAA,AACf,EAEIwB,CAAAA,EAAuBd,MAAM,EAC/B,IAAI,CAACa,aAAa,CAACC,EAAuBd,MAAM,EAG9C/B,GAAmB,IAAI,CAAC8B,aAAa,GACvCM,GAAQxC,MAAM,CAAC,IAAI,CAACkC,aAAa,CAAEe,GAGjC7C,GAAmB,IAAI,CAAC6B,qBAAqB,GAC/CO,GAAQxC,MAAM,CAAC,IAAI,CAACiC,qBAAqB,CAAEgB,GAGzC7C,GAAmB,IAAI,CAAC8B,aAAa,GACvC9Z,GACE,2JAIAgY,GAAmB,IAAI,CAAC6B,qBAAqB,GAC/C7Z,GAAY,mDAEhB,CAEA8a,oCAAoCC,CAAW,CAAE,CAE/C,IAAMC,EAAgB,IAAI1G,KAAKA,KAAKuC,GAAG,GAAK,KACtC2D,EAAavB,GAAsBwB,kBAAkB,CAAC,CAC1DC,UAAWM,EAActmB,QAAQ,GACjCslB,sBAAuB,IAAI,CAACV,4BAA4B,CACxDhK,KAAM,IAAI,CAAC8J,WAAW,CACtBW,OAAQ,IAAI,CAACV,OAAAA,AACf,GAEAe,GAAQnZ,GAAG,CAAC,IAAI,CAACgZ,aAAa,CAAEc,EAAKP,EACvC,CAEAS,qBAAsB,CACpB,IAAI,CAACC,aAAa,CAAC,CAAC,IAAI,CAACrB,qBAAqB,CAAE,IAAI,CAACC,aAAAA,CAAc,CACrE,CAEAqB,iBAAkB,CAChB,IAAI,CAACD,aAAa,CAAC,CAAC,IAAI,CAACjB,aAAAA,CAAc,CACzC,CAEAiB,cAAcE,CAAyB,CAAE,CAcvC,IAAMC,EAAiB,IAAI,CAACC,cAAc,GAIpCC,EAAgB,IAAI,IAAIC,IAFX,CAAC,IAAI,CAACnC,OAAO,CAAE,QAASgC,EAAe,EAEZ,CAE9C,CAAC,CAAA,EAAM,CAAA,EAAM,CAACrW,OAAO,CAAC,AAACgV,IACrB,CAAC,IAAI,CAACZ,WAAW,CAAE,KAAK,CAACpU,OAAO,CAAC,AAACsK,IAChCiM,EAAcvW,OAAO,CAAC,AAAC+U,IACrB,IAAMS,EAAavB,GAAsBwB,kBAAkB,CAAC,CAC1DC,UAAW,IAAIpG,KAAK,GAAG5f,QAAQ,GAC/BslB,sBAAAA,EACA1K,KAAAA,EACAyK,OAAAA,CACF,GACAqB,EAAgBpW,OAAO,CAAC,AAACiT,IACvBmC,GAAQxC,MAAM,CAACK,EAAYuC,EAC7B,EACF,EACF,EACF,EACF,CAEAL,oBAA2B,CACzB,IAAI,CAACV,aAAa,CAAChJ,OAAO,CAAC,GAAI5iB,KAAKC,SAAS,CAAC,IAAI,CAACyJ,KAAK,EAC1D,CAEAwa,QAAQre,CAAe,CAAiB,CACtC,OAAO,IAAI,CAAC+lB,aAAa,CAAC1H,OAAO,CAACre,EACpC,CAEA+c,QAAQ/c,CAAe,CAAEC,CAAa,CAAQ,CAC5C,IAAI,CAAC8lB,aAAa,CAAChJ,OAAO,CAAC/c,EAAKC,EAClC,CAEAiiB,WAAWliB,CAAe,CAAQ,CAChC,IAAI,CAAC+lB,aAAa,CAAC7D,UAAU,CAACliB,EAChC,CAKA4nB,gBAAmC,CACjC,IAAMG,EAAgB,IAAI,CAAC1J,OAAO,CAACiH,IAEnC,GAAI,CAACyC,EACH,MAAO,EAAE,CAGX,GAAI,CACF,IAAMC,EAAS7tB,KAAKmkB,KAAK,CAACyJ,GAC1B,OAAO/gB,MAAMC,OAAO,CAAC+gB,GAAUA,EAAS,EAAE,AAC5C,CAAE,KAAM,CACN,MAAO,EAAE,AACX,CACF,CAKQd,cAAcb,CAAqB,CAAQ,CACjD,GAAI,CAACA,EACH,OAGF,IAAM0B,EAAgB,IAAI,CAACH,cAAc,GACpCG,EAAcvoB,QAAQ,CAAC6mB,KAC1B0B,EAAchnB,IAAI,CAACslB,GACnB,IAAI,CAACtJ,OAAO,CAACuI,GAAkBnrB,KAAKC,SAAS,CAAC2tB,IAElD,CAEA,OAAOhB,mBAAmB,CACxBnL,KAAAA,CAAI,CACJyK,OAAAA,CAAM,CACNC,sBAAAA,CAAqB,CACrBU,UAAAA,CAAS,CAMV,CAA4B,CAC3B,IAAMF,EAAuC,CAC3C5D,QAAS,IAAItC,KAAKoG,GAClBiB,SAAU,KACZ,EAoBA,OAlBIrM,GACFkL,CAAAA,EAAWlL,IAAI,CAAGA,CAAAA,EFnPpBtX,AAA6B,cAA7BA,OAAOmJ,QAAQ,CAACnL,QAAQ,EAEtBgC,AAA6B,UAA7BA,OAAOmJ,QAAQ,CAACnL,QAAQ,EAExBgC,OAAOmJ,QAAQ,CAACnL,QAAQ,CAAC4lB,KAAK,CAAC,0DEqP/BpB,EAAWqB,MAAM,CAAG,CAAA,GAEhB7B,GAKFQ,CAAAA,EAAWT,MAAM,CAAGA,GAAU/hB,OAAOmJ,QAAQ,CAAC2a,IAAI,AAAJA,EAEhDtB,EAAWqB,MAAM,CAAG,CAAA,GAEfrB,CACT,CACF,CAGO,MAAMuB,WAAiC9C,GAAiC,CAsB/E,IAAM+C,GAA0B5M,OAAO6M,GAAG,CAAC,0BAuDrCC,GAAoB,CAAIC,EAA4BxoB,KACxDlH,OAAO2vB,MAAM,CAACD,GAAYnX,OAAO,CAAC,AAACqX,GAAOA,EAAG1oB,GAC/C,EA6CM2oB,GAAgBC,AC3bS,CAAA,CAAC,CAAEC,gBAAAA,EAAkB,EAAE,CAAiB,CAAG,CAAA,CAAE,IAK1E,IAAMC,EAAY,CAACC,EAAQC,IAEzB,AAAI,OAAOD,GAAM,OAAOC,IAEpBD,AAAM,OAANA,GAAcC,AAAM,OAANA,EAAmBD,IAAMC,EACvC,AAAa,UAAb,OAAOD,EACT,CAAIjwB,CAAAA,OAAOmwB,IAAI,CAACF,GAAGnnB,MAAM,GAAK9I,OAAOmwB,IAAI,CAACD,GAAGpnB,MAAM,EAAI9I,OAAOmwB,IAAI,CAACF,GAAGG,IAAI,CAAC,AAACC,GAAM,CAAEA,CAAAA,KAAKH,CAAAA,EAAAA,GAClFlwB,OAAOgH,OAAO,CAACipB,GACnBhX,MAAM,CAAC,CAAC,CAACoX,EAAE,GAAK,CAACN,EAAgBtpB,QAAQ,CAAC4pB,IAC1CliB,KAAK,CAAC,CAAC,CAACkiB,EAAGnX,EAAE,GAAK8W,EAAU9W,EAAGgX,CAAC,CAACG,EAAE,GAGjCJ,IAAMC,GAGf,OAAOF,CACT,CAAA,EDsasC,CACpCD,gBAAiB,CAAC,mBAAmB,AACvC,EAEO,OAAMO,0BAMHnb,CAAAA,UAAY,CAAA,CAAA,AAEpB,aACUgM,CAAoB,CACpBoP,CAAoC,CAC5C,CAAEC,uBAAAA,CAAsB,CAAuC,CAC/D,CAKA,QARQrP,YAAAA,CAAAA,OACAoP,UAAAA,CAAAA,EAGRhlB,OAAOX,gBAAgB,CAAC,UAAW,IAAI,CAAC6lB,OAAO,EAI3C,CAACD,EAAwB,CAG3B,KAAM,CAAEnT,cAAAA,CAAa,CAAE,CAAG,IAAI,CAACkT,UAAU,CAAC9H,iBAAiB,GAC3D,GAAI,CAACpL,EAAe,YAClB,IAAI,CAACR,cAAc,EAGvB,CACF,CAGQ4T,QAAU,AAACrqB,IACjB,GAAIA,EAAEa,GAAG,GAAK2kB,GAAwB,IAAI,CAACzK,YAAY,CAAE,IACvD,OAGF,IAAMuP,EAActqB,AAAe,OAAfA,EAAEuqB,QAAQ,EAAavqB,AAAe,SAAfA,EAAEuqB,QAAQ,CAAc,KAAQvvB,KAAKmkB,KAAK,CAACnf,EAAEuqB,QAAQ,EAChG,IAAI,CAACC,WAAW,CAACF,EAAa,CAAA,EAChC,CAAA,AAEAxT,CAAAA,WAAwE,CACtE,GAAM,CAAEG,cAAAA,CAAa,CAAEC,YAAAA,CAAW,CAAE,CAAG,IAAI,CAACiT,UAAU,CAAC9H,iBAAiB,SACxE,AAAI,AAA2B,UAAzB,OAAOpL,GAAiC,AAAuB,UAAvB,OAAOC,EAC5C,KAEF,CAAED,cAAAA,EAAeC,YAAAA,CAAY,CACtC,CAEAxO,6BAA6C,CAC3C,OAAO,IAAI,CAACyhB,UAAU,CAAC3C,kCAAkC,IAAM,IACjE,CAEAlY,cAAe,CACb,IAAI,CAACmb,oBAAoB,CAAC,CACxB/lB,MAAO,KACPuS,cAAe,KACfC,YAAa,KACbzO,2BAA4B,IAC9B,EACF,CAEAgO,gBAAiB,CACf,IAAI,CAAC0T,UAAU,CAAC/B,mBAAmB,GACnC,IAAI,CAACoC,WAAW,CAAC,KACnB,CAEAE,8BAA8BhD,CAAiC,CAAE9rB,CAAqC,CAAE,CACtG,IAAM+uB,EAAgB,IAAI,CAACR,UAAU,CAACzlB,KAAK,CACrCkmB,EAAgBlD,AAAoB,OAApBA,EAAUhjB,KAAK,CAAY,KAAQ,CAAE,GAAG,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAE,GAAGgjB,EAAUhjB,KAAAA,AAAM,CACxG,CAAA,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAGkmB,EACxB,IAAMC,EAAY,IAAI,CAAC7b,YAAY,GAOnC,GANA,IAAI,CAAC8b,iBAAiB,GAMlBD,GAAa,CAACpB,GAAckB,EAAeC,GAAgB,CAC7D,IAAIG,EAEFA,EADEH,AAAiB,MAAjBA,GAAyBhvB,EAAQmT,SAAS,CAC7B6b,EAEA,CACb,GAAGA,CAAa,CAChBnP,uBAAwB7f,EAAQ6f,sBAAAA,AAClC,EAGF4N,GAAkB,IAAI,CAACc,UAAU,CAACxD,aAAa,CAAEoE,EACnD,CACF,CAEAN,qBACE/C,CAAiC,CACjC9rB,EAAwC,CAAEmT,UAAW,CAAA,CAAM,CAAC,CAC5D,CACI2Y,EAAUhjB,KAAK,EACb,AAAmC,UAAnC,OAAOgjB,EAAUzQ,aAAa,CAChC,IAAI,CAACkT,UAAU,CAAC1C,kBAAkB,CAACC,GAInC,IAAI,CAACyC,UAAU,CAAC/B,mBAAmB,GAErC,IAAI,CAAC+B,UAAU,CAAC7B,eAAe,IACtBZ,EAAUjf,0BAA0B,EACzC,AAAgD,UAAhD,OAAOif,EAAUjf,0BAA0B,CAC7C,IAAI,CAAC0hB,UAAU,CAAClC,mCAAmC,CAACP,EAAUjf,0BAA0B,EAIxF,IAAI,CAAC0hB,UAAU,CAAC7B,eAAe,GAEjC,IAAI,CAAC6B,UAAU,CAAC/B,mBAAmB,KAEnC,IAAI,CAAC+B,UAAU,CAAC/B,mBAAmB,GACnC,IAAI,CAAC+B,UAAU,CAAC7B,eAAe,IAGjC,IAAI,CAACoC,6BAA6B,CAAChD,EAAW9rB,GAE9C,IAAI,CAACuuB,UAAU,CAAC7C,kBAAkB,EACpC,CAEAkD,YAAY9lB,CAAe,CAAEsmB,EAAqB,CAAA,CAAK,CAAE,CACvD,IAAML,EAAgB,IAAI,CAACR,UAAU,CAACzlB,KAAK,CACrCkmB,EAAgBlmB,AAAU,OAAVA,EAAiB,KAAQ,CAAE,GAAG,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAE,GAAGA,CAAAA,AAAM,CACpF,CAAA,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAGkmB,EACxB,IAAMC,EAAY,IAAI,CAAC7b,YAAY,GACnC,IAAI,CAAC8b,iBAAiB,GAEtB,IAAMG,EAAkB,CAACxB,GAAckB,EAAeC,GAClDC,CAAAA,GAAaI,CAAAA,IACf5B,GAAkB,IAAI,CAACc,UAAU,CAACxD,aAAa,CAAEiE,GAK7CK,GAAmB,CAACD,GAEtB,IAAI,CAACb,UAAU,CAAC7C,kBAAkB,GAGxC,CAEAnQ,aAAaH,CAA2B,CAAE,CACxC,GAAM,CAAEC,cAAAA,CAAa,CAAEC,YAAAA,CAAW,CAAE,CAAGF,EAEjCkU,EAAO,CADmC,GAAjC,IAAI,CAACf,UAAU,CAAC9H,iBAAiB,EAE9C,CACApL,cAAAA,EACAC,YAAAA,CACF,CACI,AAAyB,CAAA,UAAzB,OAAOD,GAA8B,AAAuB,UAAvB,OAAOC,GAC9C,IAAI,CAACiT,UAAU,CAAC1C,kBAAkB,CAACyD,GACnC,IAAI,CAACf,UAAU,CAAC7B,eAAe,IAE/B,IAAI,CAAC6B,UAAU,CAAC/B,mBAAmB,EAEvC,CAEAjZ,iBAAiBD,CAAsD,CAAuB,KAxNtEoa,MAClB6B,EAwNJ,OAzNsB7B,EAyND,IAAI,CAACa,UAAU,CAACxD,aAAa,CAvNpD2C,CAAU,CADJ6B,EAAWpP,KAAK5Z,MAAM,GAAGN,QAAQ,CAAC,IAAI+iB,KAAK,CAAC,KAC9B,CAuNkC1V,EAtN/C,IAAM,OAAOoa,CAAU,CAAC6B,EAAS,AAuNxC,CAEAC,UAAqB,CACnB,OAAO,IAAI,CAACjB,UAAU,CAACzlB,KAAK,AAC9B,CAEA2mB,SAAU,CACRlmB,OAAOmmB,mBAAmB,CAAC,UAAW,IAAI,CAACjB,OAAO,CACpD,CAEAkB,uBAAwB,CACtB,OAAO,IACT,CAEAvc,cAAwB,CACtB,OAAO,IAAI,CAACD,SAAS,AACvB,CAEA+b,mBAAoB,CAClB,IAAI,CAAC/b,SAAS,CAAG,CAAA,CACnB,CACF,CA4DO,MAAMyc,WACHtB,GAGRxZ,aAAe,AAACC,GAAmB,IAAI,CAAC6Z,WAAW,CAAC,CAAE7Z,OAAAA,GAAO,AAC7DN,CAAAA,UAAY,IAAM,IAAI,CAAC+a,QAAQ,IAAIza,QAAU,IAAA,AAC7CjC,CAAAA,mBAAqB,AAACC,GAA+B,IAAI,CAAC6b,WAAW,CAAC,CAAE7b,aAAAA,GAAa,AACrFE,CAAAA,gBAAkB,IAAM,IAAI,CAACuc,QAAQ,IAAIzc,cAAgB,IAAA,AACzD8F,CAAAA,WAAa,IAAM,IAAI,CAAC2W,QAAQ,IAAI5W,SAAW,IAAA,AAC/CuC,CAAAA,cAAiF,CAACtX,EAAM7D,KACtF,GAAI,mBAAoB6D,GAAQA,EAAKgsB,cAAc,CAAE,CACnD,IAAMzU,EACJvX,EAAKwX,aAAa,EAAIxX,EAAKyX,WAAW,CAClC,CAAED,cAAexX,EAAKwX,aAAa,CAAEC,YAAazX,EAAKyX,WAAAA,EACtD,CAAED,cAAe,CAAA,EAAMC,YAAa,CAAA,CAAK,EAEhD,IAAI,CAACuT,oBAAoB,CACvB,CACE/lB,MAAO,CACL8P,QAAS/U,EAAKgsB,cAAc,CAC5B9a,OAAQlR,EAAKkR,MAAM,CACnBhC,aAAclP,EAAKkP,YAAAA,AACrB,EACA,GAAGqI,CAAM,CACTvO,2BAA4B,MAE9B,CACEsG,UAAW,CAAA,EACX0M,uBAAwB7f,GAAS6f,sBACnC,EAEJ,MACE,IAAI,CAACgP,oBAAoB,CACvB,CACE/lB,MAAO,KACPuS,cAAe,KACfC,YAAa,KACbzO,2BAA4BhJ,EAAKgJ,0BAA0B,EAAI,CAAA,GAEjE,CACEsG,UAAW,CAAA,EACX0M,uBAAwB7f,GAAS6f,sBACnC,EAGN,CAAA,AAEA7S,CAAAA,kBACE,AAOEoB,GAEF,MAAOpO,IACL,IAAM6D,EAAO,MAAMuK,EAAapO,GAIhC,OAHA,IAAI,CAACmb,aAAa,CAACtX,EAAM,CACvBgc,uBAAwB7f,GAASiN,wBACnC,GACOpJ,CACT,CAAA,AACJ,CEptBO,IAAMisB,GAAiBnP,OAAO6M,GAAG,CAAC,uBC0FlC,OAAMuC,WACHC,UAGR,aACEvjB,CAA8B,CAC9BC,CAAoE,CACpEkC,CAA0B,CAC1ByC,CAA6B,CAC7BvC,CAAe,CACfmhB,EAA+C9lB,IAAkC,CACzE+lB,CAA0B,CAClC,CACA,KAAK,CAACzjB,EAAgBC,EAAsBkC,EAAcyC,EAAgBvC,EAASmhB,QAF3EC,OAAAA,CAAAA,CAGV,CAEQC,qBAAuB,MAAOnwB,IACpC,IAAMowB,EAAe,MAAM,IAAI,CAACF,OAAO,CAACG,kBAAkB,GAC1D,GAAI,CAACD,EAAatS,OAAO,CACvB,MAAM,AAAIlgB,MAAM,CAAC,wBAAwB,EAAEwyB,EAAaE,MAAM,CAAA,CAAE,EAGlE,GAAM,CAAEC,OAAAA,CAAM,CAAE,CAAGH,EAEbI,EAAoB,IAAI,CAACN,OAAO,CAACO,+BAA+B,CAAC,CACrEC,qBAAsB1wB,EAAQ+P,sBAAsB,CACpD4gB,UAAW,IAAI,CAACT,OAAO,CAACU,iBAAAA,AAC1B,GAEA,OAAOL,EAAOM,MAAM,CAAC,CACnB3T,MAAO,CACLC,SAAU3a,EAAgBE,QAAAA,AAC5B,EACA4Q,SAAUkd,EACVM,mBAAoB9wB,EAAQ+wB,qBAAAA,AAC9B,EACF,CAAA,AAEQC,CAAAA,YAAc,MAAOhxB,IAC3B,GAAI,CAACA,EAAQ6N,eAAe,CAC1B,MAAM,IAAI1P,EAAoB,kCAAmC,0CAEnE,IAAMiyB,EAAe,MAAM,IAAI,CAACF,OAAO,CAACG,kBAAkB,GAC1D,GAAI,CAACD,EAAatS,OAAO,CACvB,MAAM,AAAIlgB,MAAM,CAAC,wBAAwB,EAAEwyB,EAAaE,MAAM,CAAA,CAAE,EAGlE,GAAM,CAAEC,OAAAA,CAAM,CAAE,CAAGH,EAEbI,EAAoB,IAAI,CAACN,OAAO,CAACe,sBAAsB,CAAC,CAC5DC,eAAgBlxB,EAAQ6N,eAAe,CACvCsjB,kBAAmBnxB,EAAQwP,mBAAmB,CAC9C4hB,iBAAkBpxB,EAAQsP,kBAAkB,CAC5CqhB,UAAW,IAAI,CAACT,OAAO,CAACU,iBAAAA,AAC1B,GAEA,OAAOL,EAAOM,MAAM,CAAC,CACnB3T,MAAO,CACLC,SAAU3a,EAAgBE,QAAAA,AAC5B,EACA4Q,SAAUkd,EACVM,mBAAoB9wB,EAAQ+wB,qBAAAA,AAC9B,EACF,CAAA,AAEAM,CAAAA,aAA8C,CAC5C1iB,UAAW,CACT8C,MAAO,IAAI,CAAC0e,oBAAAA,AACd,EACA1e,MAAO,IAAI,CAACuf,WAAAA,CACd,AACF,CCjMO,IAAMM,GAAyB,AAAkB,IAAlB,OAAO/nB,QAA0B,uBAAwBA,OCGlFgoB,GAA4B,AAACpU,GACxC,AAAIA,IAAa3a,EAAgBK,mBAAmB,CAC3C,QAIPsa,IAAa3a,EAAgBG,YAAY,EACzCwa,IAAa3a,EAAgBC,QAAQ,EACrC0a,IAAa3a,EAAgBI,kBAAkB,ACM5C,OAAM4uB,0BACX,aACEC,CAAqC,CAC7BC,CAAiB,CACzB,MAFQD,aAAAA,CAAAA,OACAC,SAAAA,CAAAA,CACP,CAEHC,QAAe,CACb,IAAI,CAACF,aAAa,CAACE,MAAM,EAC3B,CAEA,MAAMd,OAAO,CACXvd,SAAAA,CAAQ,CACRse,kBAAAA,CAAiB,CACjB1U,MAAAA,CAAK,CACL4T,mBAAAA,EAAqB,CAAA,CAAI,CAM1B,CAA+B,CAC9B,IDXIe,ECWEA,EAAeN,GAA0BrU,EAAMC,QAAQ,EACvD2U,EDXgB,WADlBD,EAAeN,GCY8CrU,EAAMC,QAAQ,IDX7C0U,GAAgB,CAACP,GCa7CS,EAA0B,CAC9BC,UAAW,IAAI,CAACN,SAAS,CACzBpe,SAAUA,EACV2e,YAAa,CAAA,EACbC,QAAS,MACTC,YAAa,CAAA,EACbC,qBAAsBP,AAAiB,UAAjBA,EACtBd,sBAAuBD,CACzB,EAOA,OANIgB,IACFC,EAAOM,gBAAgB,CAAG,uBAC1BN,EAAOhB,qBAAqB,CAAG,CAAA,GAEjC,IAAI,CAACU,aAAa,CAACa,UAAU,CAACP,GAEvB,IAAI/pB,QAAQ,AAACC,IAClB,IAAI,CAACwpB,aAAa,CAACc,MAAM,CAAC,AAACpD,IACzB,GAAIA,EAAaqD,eAAe,GAAI,CAGlC,IAAMlC,EAASnB,EAAasD,gBAAgB,MAAQ,iBAKpD,MAHInC,AAAW,gBAAXA,GACFsB,MAEK3pB,EAAQ,CACb6V,QAAS,CAAA,EACTwS,OAAAA,CACF,EACF,OAQA,AAAK,CAACnB,EAAauD,cAAc,EAAIZ,GAA+B3C,EAAauD,cAAc,KACtFzqB,EAAQ,CACb6V,QAAS,CAAA,EACTwS,OAAQnB,EAAawD,qBAAqB,MAAQ,gBACpD,GAGGxD,EAAayD,iBAAiB,WACjC,IAAI,CAACC,UAAU,CAACf,GACT7pB,EAAQ,CAAE6V,QAAS,CAAA,CAAK,GAEnC,EACF,EACF,CAEA+U,WAAWf,CAAmC,CAAE,CACzCA,GAGL7lB,MAAMtM,IAAI,CAACyF,SAAS0tB,oBAAoB,CAAC,WAAWvc,OAAO,CAAC,AAACqG,IACvDA,EAAMK,GAAG,CAACxY,QAAQ,CAACvH,IACrB0f,CAAAA,EAAMM,KAAK,CAACE,KAAK,CAAG,MAAA,CAExB,EACF,CACF,CC1EA,IAAM7O,GAAuBvG,QAAQC,OAAO,CAAC,CAC3CmK,qBAAsB,CAAA,CACxB,EAKO,OAAM2gB,sCACHC,CAAAA,cAAAA,AACR,aACUvmB,CAA8B,CAC9BmC,CAA0B,CAC1BE,EAAyBP,EAAoB,CACrD,MAHQ9B,cAAAA,CAAAA,OACAmC,YAAAA,CAAAA,OACAE,OAAAA,CAAAA,CACP,CAEH,MAAcmkB,kBAAmB,CAC/B,GAAI,IAAI,CAACD,cAAc,CACrB,OAAO,IAAI,CAACA,cAAc,CAE5B,IAAME,EAAkB,MAAM,IAAI,CAACzmB,cAAc,CAACG,QAAQ,CAAyB,CACjFvF,IAAK,iCACLhE,OAAQ,KACV,GAEA,OADA,IAAI,CAAC2vB,cAAc,CAAGE,EAAgBC,gBAAgB,CAC/C,IAAI,CAACH,cAAc,AAC5B,CAEA,MAAcI,iCAAiC,CAC7CC,WAAAA,CAAU,CACV3C,qBAAAA,CAAoB,CAIrB,CAAE,CAED,IADI4C,EACE,CAAElhB,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACtD,OAAO,CAOnD,OANIsD,EAEFkhB,EAAgB3iB,AADA,CAAA,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACpCD,cAAc,CAEtC,IAAI,CAAChC,YAAY,CAAC8B,WAAW,GAExB,MAAM,IAAI,CAACjE,cAAc,CAACG,QAAQ,CAA0B,CACjEvF,IAAK,4CACLhE,OAAQ,OACR7E,KAAM,CACJ+0B,SAAUF,EACVtjB,uBAAwB2gB,EACxB9gB,oBAAqB0jB,CACvB,CACF,EACF,CAEA,MAAcE,wBAAwB,CACpCH,WAAAA,CAAU,CACVnC,eAAAA,CAAc,CACdC,kBAAAA,CAAiB,CACjBC,iBAAAA,CAAgB,CAMjB,CAAE,CAED,IADIkC,EACE,CAAElhB,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACtD,OAAO,CAOnD,OANIsD,EAEFkhB,EAAgB3iB,AADA,CAAA,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACpCD,cAAc,CAEtC,IAAI,CAAChC,YAAY,CAAC8B,WAAW,GAExB,MAAM,IAAI,CAACjE,cAAc,CAACG,QAAQ,CAA0B,CACjEvF,IAAK,kCACLhE,OAAQ,OACR7E,KAAM,CACJ+0B,SAAUF,EACVxlB,gBAAiBqjB,EACjB1hB,oBAAqB2hB,EACrB7hB,mBAAoB8hB,EACpBxhB,oBAAqB0jB,CACvB,CACF,EACF,CAEA,MAAMjD,oBAAgD,CACpD,IAAIoD,EACJ,GAAI,CACFA,EAAiB,MAAM,IAAI,CAACR,gBAAgB,EAC9C,CAAE,MAAO7uB,EAAG,CAEV,MAAO,CAAE0Z,QAAS,CAAA,EAAOwS,OAAQ5xB,AADrBgB,EAAeC,IAAI,CAACyE,GACKtF,UAAAA,AAAW,CAClD,OAEA,AAAI20B,AAAmB,KAAnBA,EACK,CAAE3V,QAAS,CAAA,EAAOwS,OAAQ,wBAAyB,EAGrD,CAAExS,QAAS,CAAA,EAAMyS,OADT,IAAIiB,GAAmB,MCxHxC1pB,GAAa3K,EAA2B,IAAMoM,OAAOyH,MAAM,CAAC0iB,QAAQ,CAACC,EAAE,EDwHCF,EACvC,CACjC,CAEAhD,gCACE,CAAC,CACCC,qBAAAA,CAAoB,CACpBC,UAAAA,CAAS,CACTiD,QAAAA,CAAO,CAKR,GACD,MAAO3f,IACL,GAAM,CAAEof,WAAAA,CAAU,CAAE,CAAGpf,EACnB4f,EAAgB,IAAI,CAACT,gCAAgC,CAAC,CACxDC,WAAAA,EACA3C,qBAAAA,CACF,GAAGtnB,IAAI,CAAC,AAAC0qB,GAAWnD,EAAUmD,EAAOC,YAAY,EAC7CH,CAAAA,GACFC,CAAAA,EAAgBA,EAAcnU,KAAK,CAAC,AAACrf,GAAUuzB,EAAQvzB,GAAAA,EAEzD,MAAMwzB,CACR,CAAA,AAEF5C,CAAAA,uBACE,CAAC,CACCC,eAAAA,CAAc,CACdC,kBAAAA,CAAiB,CACjBC,iBAAAA,CAAgB,CAChBT,UAAAA,CAAS,CACTiD,QAAAA,CAAO,CAOR,GACD,MAAO3f,IACL,GAAM,CAAEof,WAAAA,CAAU,CAAE,CAAGpf,EACnB4f,EAAgB,IAAI,CAACL,uBAAuB,CAAC,CAC/CH,WAAAA,EACAnC,eAAAA,EACAC,kBAAAA,EACAC,iBAAAA,CACF,GAAGhoB,IAAI,CAAC,AAAC0qB,GAAWnD,EAAUmD,EAAOC,YAAY,EAC7CH,CAAAA,GACFC,CAAAA,EAAgBA,EAAcnU,KAAK,CAAC,AAACrf,GAAUuzB,EAAQvzB,GAAAA,EAEzD,MAAMwzB,CACR,CAAA,AAEFjD,CAAAA,kBAAoB,AAACmD,IACnBxqB,OAAOmJ,QAAQ,CAACC,IAAI,CAAGohB,CACzB,CAAA,AACF,CE1GO,MAAMC,GAGMtnB,oBAAAA,AACAunB,CAAAA,eAAAA,AACAxnB,CAAAA,cAAAA,AACAqV,CAAAA,UAAAA,AACAoS,CAAAA,kBAAAA,AAGjBC,CAAAA,UAAAA,AACAvb,CAAAA,OAAAA,AAEA7D,CAAAA,MAAAA,AACAqf,CAAAA,IAAAA,AACArhB,CAAAA,YAAAA,AACAshB,CAAAA,KAAAA,AACAC,CAAAA,GAAAA,AACA3lB,CAAAA,SAAAA,AACA4lB,CAAAA,SAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,GAAAA,AAcArU,CAAAA,aAAAA,AAOAsU,CAAAA,oBAAAA,AAqBAC,CAAAA,iBAAAA,AAEA,aAAYC,CAAsB,CAAEj1B,CAA6B,CAAE,ClD7HnE,GAAI,AAAkB,IAAlB,OAAOuJ,OACT,MAAM,AAAI3L,MACR,qJkDgIFs3B,AlDrJ4B,CAAA,AAACnsB,IAC3B,AAAuB,UAAvB,OAAOA,EACTwI,GAAY,CAAC,kDAAkD,EAAE,OAAOxI,EAAY,CAAC,EAAEnB,GAAAA,CAAS,EACvFmB,AAAgB,KAAhBA,EACTwI,GAAY,CAAC,4EAA4E,EAAE3J,GAAAA,CAAS,EAC3F,AAACmB,EAAYiD,UAAU,CAAC,kBACjCuF,GAAY,CAAC,4DAA4D,EAAExI,EAAY,CAAC,EAAEnB,GAAAA,CAAS,CAEvG,CAAA,EkD6IqBqtB,GACjB,MAAME,EAAgBF,GAAkB,GAGlClD,EAASqD,ACjJa,CAAA,CAACC,EAAoBC,EAAoC,EAAE,IACzF,GAAM,CAAEnK,cAAAA,CAAa,CAAEpL,iBAAAA,CAAgB,CAAE,CAAGuV,EAgB5C,OAdA5pB,GAAc2pB,EAAYC,EAAM,CAC9BvV,iBAAkB,iBACpB,GAEIoL,GACFzf,GAAc,CAAA,EAAG2pB,EAAW,cAAc,CAAC,CAAElK,EAAe,CAC1DC,sBAAuB,iBACvBC,cAAe,iBACfG,cAAe,iBACf3K,KAAM,iBACNyK,OAAQ,gBACV,GAGK,CACLH,cAAAA,EACApL,iBAAAA,EACAwV,UAAW,CACTxjB,WAAYyjB,ACbW,CAAA,AAACF,IAC5B,IAAMhK,EAASgK,GAAMG,eAAiBH,GAAMI,iBAAiBC,cAC7D,GAAIrK,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMG,cAAgB,gBAAkB,gBACpDlkB,GAAY,CAAC,kCAAkC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CAC/F,CACF,CAEA,OAAOqwB,GAAMC,WAAWxjB,YhEhCE,yBgEiC5B,CAAA,EDAgCujB,GAC1BtjB,WAAY6jB,AC7BW,CAAA,AAACP,IAC5B,IAAMhK,EAASgK,GAAMG,eAAiBH,GAAMI,iBAAiBI,UAC7D,GAAIxK,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMG,cAAgB,gBAAkB,YACpDlkB,GAAY,CAAC,kCAAkC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CAC/F,CACF,CAEA,OAAOqwB,GAAMC,WAAWvjB,YhEhBE,wBgEiB5B,CAAA,EDgBgCsjB,GAC1BtsB,cAAe+sB,AE9BW,CAAA,AAACT,IAC/B,IAAMhK,EAASgK,GAAMU,UAAYV,GAAMI,iBAAiBO,YACxD,GAAI3K,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMU,SAAW,WAAa,cAC1CzkB,GAAY,CAAC,oCAAoC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CACjG,CACF,CAEA,OAAOqwB,GAAMC,WAAWvsB,ejEbY,8BiEctC,CAAA,EFiBsCssB,GAChCY,UAAWC,AEhBW,CAAA,AAACb,IAC3B,IAAMhK,EAASgK,GAAMc,WAAad,GAAMI,iBAAiBzsB,aACzD,GAAIqiB,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMc,UAAY,YAAc,eAC5C7kB,GAAY,CAAC,sCAAsC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CACnG,CACF,CAEA,MjE3BgC,6BiE4BlC,CAAA,EFG8BqwB,GACxBe,4BAA6Bf,GAAMC,WAAWc,6B/DnCN,sD+DoC1C,CACF,CACF,CAAA,EDqHoC,IAAI,CAAC,WAAW,CAACt4B,IAAI,CAAEiC,GACjDwuB,EAAyB8H,ACjHC,CAAA,CAACxkB,EAAeykB,EAAkC,CAAA,CAAE,IAEtF,GAAM,CAAEd,cAAAA,CAAa,CAAEC,gBAAAA,CAAe,CAAE,CAAGa,EAC3C,OAAOxR,AxClC2CjT,AwCkCzBA,ExClC+BrN,QAAQ,CAAC,qBwCmC7D,CAAC,CAAEgxB,CAAAA,GAAiBC,GAAiBC,aAAAA,EACrC,CAAC,CAAEF,CAAAA,GAAiBC,GAAiBI,SAAAA,CAC3C,CAAA,ED2GwDX,EAAen1B,EAEnE,CAAA,IAAI,CAAC8hB,UAAU,CAAG0U,ATkOS,CAAA,CAACztB,EAAqB/I,KACnD,IA7BMy2B,EA6BAC,GA5BF,AAACD,CADCA,EAAMltB,OACJ,CAACgkB,GAAwB,EAC/BkJ,CAAAA,CAAG,CAAClJ,GAAwB,CAAG,CAAA,CAAA,EAE1BkJ,CAAG,CAAClJ,GAAwB,EA6BnC,OAHI,AAACmJ,CAAc,CAAC3tB,EAAY,EAC9B2tB,CAAAA,CAAc,CAAC3tB,EAAY,CAAG,IAAIukB,GAAyBvkB,EAAa/I,EAAAA,EAEnE02B,CAAc,CAAC3tB,EAAY,AACpC,CAAA,ESxOsCosB,EAAepD,GACjD,IAAI,CAACrlB,oBAAoB,CAAG,IAAIkjB,GAAuBuF,EAAe,IAAI,CAACrT,UAAU,CAAE,CAAE0M,uBAAAA,CAAuB,GAChH,IAAI,CAAC0F,kBAAkB,CAAG,IAAI3T,GAAkB,IAAI,CAAC7T,oBAAoB,CAAE,CAAA,GAC3E,IAAI,CAAC+T,aAAa,CAAG,CAAC,GAAGhZ,IAAS,IAAI,CAACysB,kBAAkB,CAACzT,aAAa,IAAIhZ,GAE3E,MAAMqd,EAA4B,IAAO,CAAA,CACvC6R,iBAAkB,IAAI,CAAC7U,UAAU,CAAChZ,KAAK,EAAEiM,QAAQb,UACjD0iB,yBAA0B,IAAI,CAAC9U,UAAU,CAAChZ,KAAK,EAAE8P,SAASgC,oBAGtDic,EAAuB,IAAI9P,GAAY,IAAI,CAACjF,UAAU,CAAE,aAExDgV,EAAgB,IAAIrS,GACxB0Q,EACA,IAAI,CAACrT,UAAU,CACfiQ,EAAOwD,SAAS,CAACvjB,UAAU,CAC3B+f,EAAOwD,SAAS,CAACxjB,UAAU,CAC3B+S,EAEF,CAAA,IAAI,CAACrY,cAAc,CAAGqqB,EAEtB,MAAMC,EAAY,IAAInV,GAAqBuT,EAAe2B,EAAe,IAAI,CAAChV,UAAU,EAClFkV,EAAU,IAAIvT,GAAgBsT,EAAUvT,QAAQ,IAChDnV,EAAmB,IAAIxF,GAC3BssB,EACApD,EAAOwD,SAAS,CAACvsB,aAAa,CAC9B+oB,EAAOwD,SAAS,CAACW,SAAS,CAC1Ba,EAAUvT,QAAQ,GAClBwT,EAAQ7tB,gBAAgB,EAEpB8tB,EAAqB,IAAIhT,GAA2B8N,EAAOwD,SAAS,CAACc,2BAA2B,EAChGa,EAAsB,IAAInQ,GAAY,IAAI,CAACjF,UAAU,CAAE,SACvDqV,EAAS,IAAIpE,GAAkB+D,EAAeI,EAAqBH,EAAUvT,QAAQ,GAE3F,CAAA,IAAI,CAACzQ,YAAY,CAAG,IAAIH,GAA8BkkB,EAAeA,EAAe,IAAI,CAACpqB,oBAAoB,EAC7G,IAAI,CAACqI,MAAM,CAAG,IAAIkF,GAAsB6c,EAAeA,EAAe,IAAI,CAACpqB,oBAAoB,EAC/F,IAAI,CAAC0nB,IAAI,CAAG,IAAIna,GAAsB6c,EAAeA,EAAe,IAAI,CAACpqB,oBAAoB,EAC7F,IAAI,CAACkM,OAAO,CAAG,IAAIyB,GAAyByc,EAAe,IAAI,CAACpqB,oBAAoB,EACpF,IAAI,CAACynB,UAAU,CAAG,IAAI1lB,GACpBqoB,EACA,IAAI,CAACpqB,oBAAoB,CACzB,IAAIqa,GAAY,IAAI,CAACjF,UAAU,CAAE,eACjC+U,EACAE,EAAUvT,QAAQ,GAClBnV,GAEF,IAAI,CAACgmB,KAAK,CAAG,IAAItE,GACf+G,EACA,IAAI,CAACpqB,oBAAoB,CACzBwqB,EACAH,EAAUvT,QAAQ,GAClB,CACEza,YAAaosB,EACbpjB,WAAYggB,EAAOwD,SAAS,CAACxjB,UAAU,CACvCC,WAAY+f,EAAOwD,SAAS,CAACvjB,UAAAA,AAC/B,EACA3D,EACA8oB,GAEF,IAAI,CAAC7C,GAAG,CAAG,IAAI9Y,GACbsb,EACA,IAAI,CAACpqB,oBAAoB,CACzB,IAAIqa,GAAY,IAAI,CAACjF,UAAU,CAAE,OACjCiV,EAAUvT,QAAQ,GAClB,CACEza,YAAaosB,EACbpjB,WAAYggB,EAAOwD,SAAS,CAACxjB,UAAU,CACvCC,WAAY+f,EAAOwD,SAAS,CAACvjB,UAAAA,EAE/B3D,GAEF,IAAI,CAACM,SAAS,CAAG,IAAIrC,GAA2BwqB,EAAe,IAAI,CAACpqB,oBAAoB,EACxF,IAAI,CAAC6nB,SAAS,CAAG,IAAIjf,GACnBwhB,EACA,IAAI,CAACpqB,oBAAoB,CACzBmqB,EACAE,EAAUvT,QAAQ,GAClBnV,GAEF,IAAI,CAACmmB,IAAI,CAAG,IAAIxf,GAAsB8hB,EAAe,IAAI,CAACpqB,oBAAoB,CAAE2B,GAChF,IAAI,CAAComB,IAAI,CAAG,IAAIlY,GAAuBua,EAAe,IAAI,CAACpqB,oBAAoB,CAAE2B,GACjF,IAAI,CAACqmB,aAAa,CAAG,IAAI5b,GAA+Bge,EAAe,IAAI,CAACpqB,oBAAoB,CAAE2B,GAClG,IAAI,CAACsmB,IAAI,CAAG,IAAI/c,GAAsBmf,EAAU/jB,OAAO,GAAI+jB,EAAUvT,QAAQ,GAAI,IAAI,CAAC9W,oBAAoB,EAC1G,IAAI,CAACkoB,IAAI,CAAG,IAAI1b,GAAsB,IAAI,CAACzM,cAAc,CAAE,IAAI,CAACC,oBAAoB,EACpF,IAAI,CAACmoB,aAAa,CAAG,IAAI1mB,GACvB,IAAI,CAAC1B,cAAc,CACnB,IAAI,CAACC,oBAAoB,CACzB2B,GAEF,IAAI,CAACymB,GAAG,CAAG,IAAI/mB,GAAqB+oB,GACpC,IAAI,CAAC7C,eAAe,CAAG,IAAIlV,GAAe,IAAI,CAACrS,oBAAoB,CAAE,IAAI,CAACkM,OAAO,CAAEuc,EAAe,CAChGpV,iBAAkBgS,EAAOhS,gBAAAA,AAC3B,GACA,MAAMqX,EAAgB,IAAIjZ,GAAkB2Y,EAAezoB,EAMvDmgB,CAAAA,CAAAA,GAA0B,IAAI,CAAC1M,UAAU,CAAC2E,iBAAiB,GAAGpL,aAAa,AAAbA,GAChE,IAAI,CAAC4Y,eAAe,CAAC1U,wBAAwB,GAG/C,KAAM,CAAEyV,kBAAAA,CAAiB,CAAED,qBAAAA,CAAoB,CAAE,CAAGsC,AIjNpB,CAAA,AAClCC,IAEA,IAAMC,EAAoBv5B,OAAOmwB,IAAI,CAACmJ,GAEhCvC,EAA+D,CAACpiB,EAAOpJ,OAAOmJ,QAAQ,CAACC,IAAI,IAC/F,IAAMtL,EAAM,IAAIC,IAAIqL,GACd6kB,EAAYnwB,EAAIkL,YAAY,CAAC/N,GAAG,CAAC,qBACjCsN,EAAQzK,EAAIkL,YAAY,CAAC/N,GAAG,CAAC,gBACnC,AAAI,AAACsN,GAAU0lB,EAIf,AA7DKC,AA6DkBF,EA7DL9yB,QAAQ,CA6DgB+yB,GACjC,CACLE,QAAS,CAAA,EACT5lB,MAAAA,EACA0lB,UAAAA,CACF,EAGK,CACLE,QAAS,CAAA,EACT5lB,MAAAA,EACA0lB,UAAAA,CACF,EAfS,IAgBX,EA2BA,MAAO,CACLxC,kBA1B6D,MAC7D,CAAE2C,YAAAA,CAAW,CAAE,GAAG33B,EAAS,CAC3B2S,EAAOpJ,OAAOmJ,QAAQ,CAACC,IAAI,IAE3B,IAAMilB,EAAoBD,GAAehlB,IAASpJ,OAAOmJ,QAAQ,CAACC,IAAI,CAChEsa,EAAS8H,EAAqBpiB,GACpC,GAAIsa,AAAU,MAAVA,EAAgB,OAAO,KAC3B,GAAI,CAACA,EAAOyK,OAAO,CAAE,OAAOzK,EAE5B,GAAM,CAAEnb,MAAAA,CAAK,CAAE0lB,UAAAA,CAAS,CAAE,CAAGvK,EACvB4K,EAAUP,CAAQ,CAACE,EAA8B,CACvD,GAAI,CACF,IAAMjzB,EAAO,MAAMszB,EAAQ/lB,EAAO9R,GAClC,MAAO,CACL03B,QAAS,CAAA,EACTF,UAAWA,EACXjzB,KAAAA,CACF,CACF,QAAU,CAeZ,IAAM8C,EACAywB,CAfEF,CAAAA,IAiBRE,CAFMA,EAASzwB,CADTA,EAAM,IAAIC,IAzGoBiC,OAAOmJ,QAAQ,CAACzM,QAAQ,KA0GzCsM,YAAY,EAExBkB,MAAM,CAAC,SACdqkB,EAAOrkB,MAAM,CAAC,qBA5GdlK,OAAOwuB,OAAO,CAACC,YAAY,CAAC,KAAM5yB,SAAS6yB,KAAK,CA8GzC5wB,GAjBL,CACF,EAIE0tB,qBAAAA,CACF,CACF,CAAA,EJwJ+F,CACzFpmB,UAAW,AAACmD,GAAU,IAAI,CAACqiB,UAAU,CAACxlB,SAAS,CAACP,YAAY,CAAC,CAAEmC,4BAA6BuB,CAAM,GAClGomB,gBAAiB,AAACpmB,GAAU,IAAI,CAACuiB,KAAK,CAAC1lB,SAAS,CAACP,YAAY,CAAC,CAAEoD,sBAAuBM,CAAM,GAC7FuiB,MAAO,CAACviB,EAAO9R,IAAY,IAAI,CAACq0B,KAAK,CAACjmB,YAAY,CAAC,CAAEkD,YAAaQ,EAAO,GAAG9R,CAAAA,AAAQ,GACpFs0B,IAAK,CAACxiB,EAAO9R,IAAY,IAAI,CAACs0B,GAAG,CAAClmB,YAAY,CAAC,CAAEqN,UAAW3J,EAAO,GAAG9R,CAAAA,AAAQ,GAC9Em4B,yBAA0B,CAACrmB,EAAO9R,IAChC,IAAI,CAACm0B,UAAU,CAAC/lB,YAAY,CAAC,CAAE6B,kBAAmB6B,EAAO,GAAG9R,CAAAA,AAAQ,GACtEo4B,2BAA4B,AAACtmB,GAAU,IAAI,CAAC+iB,aAAa,CAACzmB,YAAY,CAAC,CAAEE,oBAAqBwD,CAAM,EACtG,EAEA,CAAA,IAAI,CAACkjB,iBAAiB,CAAGA,EACzB,IAAI,CAACD,oBAAoB,CAAGA,EAE5B+B,EAAcxrB,QAAQ,CAAC,CACrBvN,KAAM,gCACNF,QAAS,CACPw6B,0BAA2B,CAAA,EAC3BC,0BAA2B,CAAA,EAC3BC,4BAA6B,CAAA,CAC/B,CACF,GAEAxB,EAAUvT,QAAQ,GAAGpa,IAAI,CAAC,AAACC,IACrBA,AK7RuB,aL6RvBA,EAAcsY,QAAQ,EACxBpQ,GACE,uMAGN,GAYAinB,AP3Q6B,CAAA,CAAC7sB,EAAuD8sB,KACvFz6B,OAAOwM,MAAM,CAACmB,EAAK,CACjB,CAACmkB,IAAiB2I,CACpB,EACF,CAAA,EOuQsB,IAAI,CAVU,CAC9B1B,UAAAA,EACAE,mBAAAA,EACAluB,YAAaosB,EACbiC,cAAAA,EACAsB,UAAW,IAAI,CAAC5W,UAAU,CAC1BgV,cAAeA,EACfK,OAAAA,CACF,EAGF,CACF,CMlQA,IAAMwB,GAAkB,CAlBH,SAED,QADE,UAiB4C,CC/BrDC,G1BcJ,CAAC,GAAGnxB,IACT,AAAI,AAAkB,IAAlB,OAAO8B,OAJ2BqX,GAAY,UAQ3C,I0BnB+CoT,M1BmBtBvsB,yB1C5BR,CAC1BoxB,UAAW,YACXC,aAAc,eACdC,cAAe,eACjB,mBAqI8B,CAC5BC,OAAQ,SACRvE,KAAM,MACR,kGCmLO,cAA6C10B,EAClD,aAAc,CACZ,KAAK,CACH,iCACA,6KAEJ,CACF,+OA4RO,cAA4CA,EACjD,YAAYlC,CAAe,CAAE,CAC3B,KAAK,CAAC,gCAAiCA,EACzC,CACF,8YA1PO,cAAyCkC,EAC9C,aAAc,CACZ,KAAK,CAAC,6BAA8B,gDACtC,CACF,qBAKO,cAA+BA,EACpC,aAAc,CACZ,KAAK,CAAC,mBAAoB,+EAC5B,CACF,yLCrT8B,CAC5BzC,OAAQ,SACRC,UAAW,YACX07B,MAAO,QACPC,OAAQ,SACRC,OAAQ,SACRC,SAAU,WACVC,QAAS,UACTC,WAAY,aACZ77B,MAAO,QACP87B,OAAQ,SACRC,UAAW,YACXC,SAAU,WACVC,SAAU,WACVC,OAAQ,SACRC,QAAS,UACTC,OAAQ,SACRC,SAAU,WACVC,MAAO,QACPC,MAAO,OACT,eAqG0B,CACxBC,IAAK,MACLC,SAAU,WACVC,MAAO,OACT,8KFzL+B,CAC7BC,cAAe,gBACjB,iNoESuCpG,2NlEgFhB,CACrBqG,QAAS,UACTC,SAAU,WACVZ,SAAU,WACVa,QAAS,UACTC,sBAAuB,wBACvBC,oBAAqB,qBACvB,6DkE5F6C7B,wBnE0lBtC,SAA4Bv4B,CAAU,EAC3C,GAAIA,aAAiBN,EAAgB,OAAOM,EAE5C,OAAQA,EAAMvC,OAAO,EACnB,IAAK,qBACH,OAAO,IAAIoC,CACb,KAAK,6BACH,OAAO,IAAIM,CACb,KAAK,yBAIL,IAAK,wBAEL,IAAK,2BALH,OAAO,IAAIC,CACb,KAAK,kBAUL,IAAK,mBATH,OAAO,IAAIC,CAKb,KAAK,yBACH,OAAO,IAAIE,CACb,KAAK,uBACH,OAAO,IAAID,CAGb,KAAK,iCACH,OAAO,IAAII,CACb,KAAK,oBACH,OAAO,IAAIF,CACb,KAAK,kBACH,OAAO,IAAIC,CACb,KAAK,iCAIL,IAAK,+BAQL,IAAK,4CAXH,OAAO,IAAIE,CACb,KAAK,+BAIL,IAAK,iCAQL,IAAK,mCAXH,OAAO,IAAIC,CAKb,KAAK,qBACH,OAAO,IAAIE,CACb,KAAK,2BACH,OAAO,IAAIC,CAKb,KAAK,yBACH,OAAO,IAAIF,CACb,KAAK,qBACH,OAAO,IAAIG,CACb,KAAK,wBACH,OAAO,IAAIC,CACb,KAAK,uBACH,OAAO,IAAIC,CACb,KAAK,yBACH,OAAO,IAAIC,CACb,KAAK,oBACH,OAAO,IAAIC,CACb,KAAK,oBACH,OAAO,IAAIC,CACb,KAAK,0BACH,OAAO,IAAIC,CACb,KAAK,cACH,OAAO,IAAIC,CACb,KAAK,0BACH,OAAO,IAAIC,CACb,KAAK,6BACH,OAAO,IAAIC,CACb,KAAK,sCACH,OAAO,IAAIC,CACb,KAAK,kCACH,OAAO,IAAIC,CACb,KAAK,4BACH,OAAO,IAAIC,CACb,KAAK,yBACH,OAAO,IAAIC,CACb,KAAK,gCACH,OAAO,IAAIC,CACb,KAAK,oBACH,OAAO,IAAIC,CACb,KAAK,6BACH,OAAO,IAAIC,CACb,KAAK,6CACH,OAAO,IAAIC,CACb,KAAK,qBACH,OAAO,IAAIC,CACb,SACE,OAAO,IAAIpC,EAAcE,EAC7B,CACF,8BkErhByC,AACvCy3B,IAEA,IAAM4C,EAAwC,CAC5C1I,UAAW,GACX2I,aAAc,GAKdC,cAAe,OAEfC,OAAQ,IAAIlC,GAAgB,AAC9B,EAGA,IAAK,IAAMmC,IADY,CAAC,YAAa,eAAe,CAChB,CAClC,IAAM51B,EAAQ4yB,EAAOtzB,GAAG,CAACs2B,GACzB,GAAI,CAAC51B,EACH,MAAO,CACL7E,MAAO,CAAC,+BAA+B,EAAEy6B,EAAM,gDAAgD,CAAC,CAChGhH,OAAQ4G,CACV,CAEFA,CAAAA,CAAe,CAACI,EAAM,CAAG51B,CAC3B,CAGA,IAAK,IAAM41B,IADkB,CAAC,gBAAiB,QAAS,iBAAkB,QAAS,QAAS,SAAS,CAC3D,CACxC,IAAM51B,EAAQ4yB,EAAOtzB,GAAG,CAACs2B,GACrB51B,IACE41B,AAAU,UAAVA,EACFJ,EAAgBG,MAAM,CAAG31B,EAAMwjB,KAAK,CAAC,KAAKzR,MAAM,CAAC8jB,SAEjDL,CAAe,CAACI,EAAM,CAAG51B,EAG/B,CAMA,OAJI4yB,EAAOkD,GAAG,CAAC,aACbN,CAAAA,EAAgBpkB,SAAS,CAAGwhB,EAAOmD,MAAM,CAAC,WAAA,EAGrC,CAAE56B,MAAO,KAAMyzB,OAAQ4G,CAAgB,CAChD,2BAEsC,AACpC5C,IAEA,IAAMoD,EAAkC,CACtClJ,UAAW,GACXmJ,yBAA0B,EAC5B,EAGA,IAAK,IAAML,IADY,CAAC,YAAa,2BAA2B,CAC5B,CAClC,IAAM51B,EAAQ4yB,EAAOtzB,GAAG,CAACs2B,GACzB,GAAI,CAAC51B,EACH,MAAO,CACL7E,MAAO,CAAC,+BAA+B,EAAEy6B,EAAM,gDAAgD,CAAC,CAChGhH,OAAQoH,CACV,CAEFA,CAAAA,CAAY,CAACJ,EAAM,CAAG51B,CACxB,CAKA,OAHAg2B,EAAaE,aAAa,CAAGtD,EAAOtzB,GAAG,CAAC,kBAAoB3E,KAAAA,EAC5Dq7B,EAAapyB,KAAK,CAAGgvB,EAAOtzB,GAAG,CAAC,UAAY3E,KAAAA,EAErC,CAAEQ,MAAO,KAAMyzB,OAAQoH,CAAa,CAC7C","x_google_ignoreList":[5,6,7,8,9,50]}
|
|
1
|
+
{"version":3,"file":"index.headless.js","sources":["../../../../core/src/constants.ts","../../../../core/src/public/b2b/ui.ts","../../../../core/src/public/SDKErrors.ts","../../../../core/src/public/ui.ts","../../../../core/src/NetworkClient.ts","../../../../../node_modules/uuid/dist/esm-browser/rng.js","../../../../../node_modules/uuid/dist/esm-browser/stringify.js","../../../../../node_modules/uuid/dist/esm-browser/regex.js","../../../../../node_modules/uuid/dist/esm-browser/v4.js","../../../../../node_modules/uuid/dist/esm-browser/validate.js","../../../../core/src/utils/getHttpsUrl.ts","../../../../core/src/utils/logger.ts","../../../../core/src/utils/checks.ts","../../../../core/src/utils/loadESModule.ts","../../../../core/src/DFPProtectedAuthProvider.ts","../../../../core/src/ErrorMarshaller.ts","../../../../core/src/EventLogger.ts","../../../../core/src/utils/dev.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BDiscoveryClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BIDPClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BImpersonationClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BMagicLinkClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BOAuthClient.ts","../../../../core/src/utils/index.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BOrganizationClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BOTPsClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BPasswordsClient.ts","../../../../core/src/rbac.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BRBACClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BRecoveryCodesClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSCIMClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSelfClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSessionClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BSSOClient.ts","../../../../core/src/HeadlessClients/b2b/HeadlessB2BTOTPsClient.ts","../../../../core/src/HeadlessClients/HeadlessCryptoWalletClient.ts","../../../../core/src/HeadlessClients/HeadlessMagicLinkClient.ts","../../../../core/src/HeadlessClients/HeadlessPasswordClient.ts","../../../../core/src/rpc/FrameClient.ts","../../../../core/src/SearchManager.ts","../../../../core/src/SessionManager.ts","../../../../core/src/shouldTryRefresh.ts","../../../../core/src/StateChangeClient.ts","../../../../web/src/ui/react/bindings/StytchSSRProxy.ts","../../../../web/src/ui/react/utils/errors.ts","../../../../web/src/BootstrapDataManager.ts","../../../../web/src/CaptchaProvider.ts","../../../../web/src/ClientsideServicesProvider.ts","../../../../web/src/NetworkClient.ts","../../../../web/src/PKCEManager.ts","../../../../../node_modules/js-cookie/dist/js.cookie.mjs","../../../../web/src/utils/index.ts","../../../../web/src/utils/storage.ts","../../../../web/src/SubscriptionService.ts","../../../../js-utils/src/createDeepEqual.ts","../../../../web/src/utils/internal.ts","../../../../web/src/b2b/HeadlessB2BOAuthClient.ts","../../../../web/src/oneTap/navigatorSupportsFedCM.ts","../../../../web/src/oneTap/positionModes.ts","../../../../web/src/oneTap/GoogleOneTapClient.ts","../../../../web/src/b2b/oneTap/B2BOneTapProvider.ts","../../../../web/src/oneTap/OneTapProvider.ts","../../../../web/src/b2b/StytchB2BClient.ts","../../../../web/src/utils/config.ts","../../../../core/src/utils/api.ts","../../../../core/src/utils/dfp.ts","../../../../web/src/utils/createAuthUrlHandler.ts","../../../../core/src/Vertical.ts","../../../../web/src/utils/idpHelpers.ts","../../../../web/src/b2b/index.headless.ts"],"sourcesContent":["export const TEST_API_URL = 'https://test.stytch.com';\nexport const LIVE_API_URL = 'https://api.stytch.com';\nexport const CLIENTSIDE_SERVICES_IFRAME_URL = 'https://js.stytch.com/clientside-services/index.html';\n\nexport const STYTCH_DFP_BACKEND_URL = `https://telemetry.stytch.com`;\nexport const STYTCH_DFP_CDN_URL = `https://elements.stytch.com`;\n\nexport const STYTCH_SESSION_COOKIE = 'stytch_session';\nexport const STYTCH_SESSION_JWT_COOKIE = 'stytch_session_jwt';\nexport const POWERED_BY_STYTCH_IMG_URL = 'https://public-assets.stytch.com/et_powered_by_stytch_logo.png';\n\nexport const GOOGLE_ONE_TAP_HOST = 'https://accounts.google.com/gsi';\n\nexport const GOOGLE_ONE_TAP_SCRIPT_URL = `${GOOGLE_ONE_TAP_HOST}/client`;\n\nexport const DEFAULT_SESSION_DURATION_MINUTES = 30;\nexport const DEFAULT_OTP_EXPIRATION_MINUTES = 5;\n\nexport const MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING =\n \"It looks like you're creating multiple copies of the Stytch client.\" +\n ' This behavior is unsupported, and unintended side effects may occur. ' +\n \"Make sure you are creating the Stytch client at the global level, and not inside a component's render function.\";\n","import { Values } from '../../utils';\n\n/**\n * The authentication methods we support through our UI.\n * Currently we support `emailMagicLinks`, `emailOtp`, `sso`, `passwords`, and `oauth`.\n */\n\nexport const AuthFlowType = {\n Discovery: 'Discovery',\n Organization: 'Organization',\n PasswordReset: 'PasswordReset',\n} as const;\n\nexport type AuthFlowType = Values<typeof AuthFlowType>;\n\nexport const RedirectURLType = {\n ResetPassword: 'reset_password',\n} as const;\n\nexport type RedirectURLType = Values<typeof RedirectURLType>;\n\n/**\n * The OAuth providers we support in our B2B OAuth product.\n */\nexport const B2BOAuthProviders = {\n Google: 'google',\n Microsoft: 'microsoft',\n HubSpot: 'hubspot',\n Slack: 'slack',\n GitHub: 'github',\n} as const;\nexport type B2BOAuthProviders = Values<typeof B2BOAuthProviders>;\n\n/**\n * The options for email magic links. This is used if you've enabled the `emailMagicLinks` product\n * in your configuration.\n */\n\nexport type B2BEmailMagicLinksOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n discoveryRedirectURL?: string;\n loginTemplateId?: string;\n signupTemplateId?: string;\n /**\n * @param domainHint - An optional hint indicating what domain the email will be sent from.\n * This field is only required if your project uses more than one custom domain to send emails.\n */\n domainHint?: string;\n locale?: string;\n};\n\n/**\n * The options for SSO. This is used if you've enabled the `sso` product\n * in your configuration.\n */\n\nexport type B2BSSOOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n};\n\n/**\n * The options for OAuth. This is required if you've enabled the `oauth` product\n * in your configuration.\n */\n\nexport type B2BOAuthOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n discoveryRedirectURL?: string;\n /** @deprecated Use customScopes in B2BOAuthProviderConfig instead */\n customScopes?: string[];\n providers: B2BOAuthProviderConfig[];\n /** @deprecated Use providerParams in B2BOAuthProviderConfig instead */\n providerParams?: Record<string, string>;\n locale?: string;\n};\n\n/**\n * Details about the OAuth provider you wish to use. Each B2BOAuthProviderConfig object can be either a plain\n * B2BOAuthProviders string (e.g. 'google'), or an object with a type key that determines the type of provider. For\n * Google OAuth, you can optionally specify the one_tap property to display Google One Tap.\n */\nexport type B2BOAuthProviderConfig =\n | B2BOAuthProviders\n | {\n type: typeof B2BOAuthProviders.Google;\n customScopes?: string[];\n providerParams?: Record<string, string>;\n\n one_tap?: boolean;\n /**\n * Whether to cancel the One Tap prompt when the user taps outside of it.\n * This is only applicable if one_tap is true.\n */\n cancel_on_tap_outside?: boolean;\n }\n | {\n type: Exclude<B2BOAuthProviders, typeof B2BOAuthProviders.Google>;\n customScopes?: string[];\n providerParams?: Record<string, string>;\n };\n\n/**\n * The options for Passwords. This is used if you've enabled the `passwords` product\n * in your configuration.\n */\n\nexport type B2BPasswordOptions = {\n loginRedirectURL?: string;\n resetPasswordRedirectURL?: string;\n resetPasswordExpirationMinutes?: number;\n resetPasswordTemplateId?: string;\n discoveryRedirectURL?: string;\n verifyEmailTemplateId?: string;\n locale?: string;\n};\n\nexport type B2BEmailOTPOptions = {\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\nexport type B2BSMSOTPOptions = {\n locale?: string;\n};\n\nexport type DirectLoginForSingleMembershipConfig = {\n /**\n * Whether or not direct login for single membership is enabled.\n */\n status: boolean;\n /**\n * If enabled, logs user in directly even if they have pending invite to a different organization\n */\n ignoreInvites: boolean;\n /**\n * If enabled, logs user in directly even if they have organizations they could join via JIT provisioning\n */\n ignoreJitProvisioning: boolean;\n};\n\nexport const B2BMFAProducts = {\n smsOtp: 'smsOtp',\n totp: 'totp',\n} as const;\nexport type B2BMFAProducts = Values<typeof B2BMFAProducts>;\n","/* eslint-disable @typescript-eslint/no-explicit-any */\n\nimport { StytchAPIErrorType } from './StytchAPIErrorType';\n\n/**\n * An Error class thrown when the SDK is unable to reach the Stytch servers,\n * or when the Stytch servers return a value the SDK cannot understand.\n * Usually - it means that you're offline!\n */\nexport class SDKAPIUnreachableError extends Error {\n details: string;\n\n constructor(message: string, details: string) {\n super(message + '\\n' + details);\n this.message = message + '\\n' + details;\n this.name = 'SDKAPIUnreachableError';\n this.details = details;\n Object.setPrototypeOf(this, SDKAPIUnreachableError.prototype);\n }\n}\n\n/**\n * An Error class thrown when the provided input fails client-side validation -\n * for example if a field that was expected to be a number is instead a string.\n */\nexport class StytchSDKUsageError extends Error {\n constructor(methodName: string, message: string) {\n super();\n this.name = 'StytchSDKUsageError';\n this.message = `Invalid call to ${methodName}\\n` + message;\n }\n}\n\n// Example invalid schema error\n// {\n// body: [\n// {\n// keyword: 'type',\n// dataPath: '.session_duration_minutes',\n// schemaPath: '#/properties/session_duration_minutes/type',\n// params: { type: 'number' },\n// message: 'should be number',\n// },\n// ],\n// };\n// Taken from ajv/lib/ajv.d.ts\ninterface ErrorObject {\n keyword: string;\n dataPath: string;\n schemaPath: string;\n message?: string;\n}\n\n/**\n * An Error class thrown when the provided input does not adhere to the Stytch API schema -\n * for example if a field that was expected to be a number is instead a string.\n */\nexport class StytchSDKSchemaError extends Error {\n constructor(schemaError: { body?: ErrorObject[] }) {\n super();\n this.name = 'StytchSDKSchemaError';\n\n const messages = schemaError.body?.map((err) => `${err.dataPath}: ${err.message}`).join('\\n');\n\n this.message = `[400] Request does not match expected schema\\n${messages}`;\n }\n}\n\ninterface APIError {\n status_code: number;\n request_id?: string;\n error_type: StytchAPIErrorType;\n error_message: string;\n error_url: string;\n error_details?: object;\n}\n\n/**\n * An Error class wrapping a well-formed JSON error from the Stytch API.\n * The Stytch error should match one listed at {@link https://stytch.com/docs/api/errors}\n */\nexport class StytchSDKAPIError extends Error {\n error_type: StytchAPIErrorType;\n error_message: string;\n error_url: string;\n request_id?: string;\n status_code: number;\n error_details?: object;\n\n constructor(details: APIError) {\n super();\n this.name = 'StytchSDKAPIError';\n\n const { status_code, error_type, error_message, error_url, request_id, error_details } = details;\n this.error_type = error_type;\n this.error_message = error_message;\n this.error_url = error_url;\n this.request_id = request_id;\n this.status_code = status_code;\n this.error_details = error_details;\n\n this.message =\n `[${status_code}] ${error_type}\\n` +\n `${error_message}\\n` +\n `See ${error_url} for more information.\\n` +\n // Web-Backend doesn't have request IDs yet, so if a request fails there it won't have one.\n // We should figure out how returning tracing info should work\n (request_id ? `request_id: ${request_id}\\n` : '') +\n (this.error_details ? `Details: \\n` + JSON.stringify(this.error_details) + '\\n' : '');\n }\n}\n\n/**\n * If the SDK throws an error with an error type included in this array, the local session and\n * user state will be cleared locally.\n */\nexport const UNRECOVERABLE_ERROR_TYPES: StytchAPIErrorType[] = [\n 'unauthorized_credentials',\n 'user_unauthenticated',\n 'invalid_secret_authentication',\n 'session_not_found',\n];\n\n/**\n * An Error class representing an error within Stytch.\n */\nexport class StytchError extends Error {\n constructor(name: string, message: string) {\n super(message);\n this.name = name;\n }\n}\n\n/**\n * An Error class thrown when the SDK is unable to reach the Stytch servers,\n * or when the Stytch servers return a value the SDK cannot understand.\n * Usually - it means that you're offline!\n */\nexport class StytchAPIUnreachableError extends StytchError {\n constructor(details: string) {\n super('StytchAPIUnreachableError', details);\n Object.setPrototypeOf(this, StytchAPIUnreachableError.prototype);\n }\n}\n\n/**\n * An Error class thrown when the provided input does not adhere to the Stytch API schema -\n * for example if a field that was expected to be a number is instead a string.\n */\nexport class StytchAPISchemaError extends StytchError {\n constructor(schemaError: { body?: ErrorObject[] }) {\n const messages = schemaError.body?.map((err) => `${err.dataPath}: ${err.message}`).join('\\n');\n super('StytchAPISchemaError', `Request does not match expected schema\\n${messages}`);\n }\n}\n\n/**\n * An Error class wrapping a well-formed JSON error from the Stytch API.\n * The Stytch error should match one listed at {@link https://stytch.com/docs/api/errors}\n */\nexport class StytchAPIError extends StytchError {\n error_type: string;\n error_message: string;\n error_url: string;\n request_id?: string;\n status_code: number;\n error_details?: object;\n\n constructor(details: APIError) {\n const { status_code, error_type, error_message, error_url, request_id, error_details } = details;\n super(\n 'StytchAPIError',\n `[${status_code}] ${error_type}\\n` +\n `${error_message}\\n` +\n `See ${error_url} for more information.\\n` +\n // Web-Backend doesn't have request IDs yet, so if a request fails there it won't have one.\n // We should figure out how returning tracing info should work\n (request_id ? `request_id: ${request_id}\\n` : '') +\n (error_details ? `Details: \\n` + JSON.stringify(error_details) + '\\n' : ''),\n );\n this.error_type = error_type;\n this.error_message = error_message;\n this.error_url = error_url;\n this.request_id = request_id;\n this.status_code = status_code;\n this.error_details = error_details;\n }\n\n static from(err: unknown): StytchAPIError {\n if (err instanceof StytchAPIError) {\n return err;\n }\n if (err && typeof err === 'object') {\n const maybe = err as Partial<APIError>;\n if (\n typeof maybe.status_code === 'number' &&\n typeof maybe.error_type === 'string' &&\n typeof maybe.error_message === 'string' &&\n typeof maybe.error_url === 'string'\n ) {\n return new StytchAPIError({\n status_code: maybe.status_code,\n error_type: maybe.error_type,\n error_message: maybe.error_message,\n error_url: maybe.error_url,\n request_id: typeof maybe.request_id === 'string' ? maybe.request_id : undefined,\n error_details: typeof maybe.error_details === 'object' ? maybe.error_details : undefined,\n });\n }\n }\n const message = err instanceof Error ? err.message : 'Unknown error: ' + String(err);\n return new StytchAPIError({\n status_code: 400,\n error_type: 'unknown_error',\n error_message: message,\n error_url: '',\n request_id: undefined,\n error_details: undefined,\n });\n }\n}\n\nexport type StytchSDKErrorOptions = {\n url?: string;\n};\n\n/**\n * An Error class used in the Stytch SDK.\n */\nexport class StytchSDKError extends StytchError {\n options?: StytchSDKErrorOptions;\n\n constructor(name: string, description: string, options?: StytchSDKErrorOptions) {\n super(name, description);\n this.options = options;\n }\n}\n\nexport type StytchSDKUIError = {\n message: string;\n};\n\n/**\n * Thrown when you attempt to perform an action that requires a session, but no local session exists\n */\nexport class NoCurrentSessionError extends StytchSDKError {\n constructor() {\n super(\n 'NoCurrentSessionError',\n 'There is no session currently available. Make sure the user is authenticated with a valid session.',\n );\n }\n}\n\n/**\n * Thrown when an unrecognized error is thrown\n */\nexport class InternalError extends StytchSDKError {\n nativeStack?: unknown;\n\n constructor(error: any) {\n super(\n error.name ? error.name : 'Internal Error',\n error.message ? error.message : 'An internal error has occurred. Please contact Stytch if this occurs.',\n );\n this.nativeStack = error.nativeStackAndroid || error.nativeStackIOS;\n }\n}\n\n/**\n * Thrown when no biometric registration exists\n */\nexport class NoBiometricsRegistrationError extends StytchSDKError {\n constructor() {\n super(\n 'NoBiometricsRegistrationError',\n 'There is no biometric registration available. Authenticate with another method and add a new biometric registration first.',\n );\n }\n}\n\n/**\n * Thrown when biometrics are unavailable on the device\n */\nexport class BiometricsUnavailableError extends StytchSDKError {\n constructor() {\n super('BiometricsUnavailableError', 'Biometrics is not available on the device.');\n }\n}\n\n/**\n * Thrown when the biometrics enrollment has changed, and the underlying key is no longer usable\n */\nexport class KeyInvalidatedError extends StytchSDKError {\n constructor() {\n super('KeyInvalidatedError', 'The biometrics enrollment on the device has changed.');\n }\n}\n\n/**\n * Thrown when the Keystore is determined to be unavailable\n */\nexport class KeystoreUnavailableError extends StytchSDKError {\n constructor() {\n super(\n 'KeystoreUnavailableError',\n 'The Android keystore is unavailable on the device. Consider setting allowFallbackToCleartext to true.',\n );\n }\n}\n\n/**\n * Thrown when there is no biometric factor enrolled on device\n */\nexport class NoBiometricsEnrolledError extends StytchSDKError {\n constructor() {\n super(\n 'NoBiometricsEnrolledError',\n 'There is no biometric factor enrolled on the device. Add a biometric factor in the device settings.',\n );\n }\n}\n\n/**\n * Thrown when there is no biometric factor enrolled on device\n */\nexport class BiometricsAlreadyEnrolledError extends StytchSDKError {\n constructor() {\n super(\n 'BiometricsAlreadyEnrolledError',\n 'There is already a biometric factor enrolled on this device. Fully authenticate with all factors and remove the existing registration before attempting to register again.',\n );\n }\n}\n\n/**\n * Thrown when the user has cancelled the prompt\n */\nexport class UserCancellationError extends StytchSDKError {\n constructor() {\n super('UserCancellationError', 'The user canceled the prompt. Ask the user to try again.');\n }\n}\n\n/**\n * Thrown when the user has been locked out of biometrics\n */\nexport class UserLockedOutError extends StytchSDKError {\n constructor() {\n super(\n 'UserLockedOutError',\n 'The user has been locked out due to too many failed attempts. Ask the user to try again later.',\n );\n }\n}\n\n/**\n * Thrown when biometrics register/authenticate calls are made with mismatched `allowDeviceCredentials` parameter\n */\nexport class DeviceCredentialsNotAllowedError extends StytchSDKError {\n constructor() {\n super(\n 'DeviceCredentialsNotAllowedError',\n 'The device credentials allowment is mismatched. Change the allowDeviceCredentials parameter to be the same in both the register and authenticate methods.',\n );\n }\n}\n\n/**\n * Thrown when no Google client ID is found for the project\n */\nexport class MissingGoogleClientIDError extends StytchSDKError {\n constructor() {\n super('MissingGoogleClientIDError', 'No Google client ID was found in the project.');\n }\n}\n\n/**\n * Thrown when there was an error generating or retrieving a PKCE keypair\n */\nexport class MissingPKCEError extends StytchSDKError {\n constructor() {\n super('MissingPKCEError', 'Make sure this flow is completed on the same device on which it was started.');\n }\n}\n\n/**\n * Thrown when a native OAuth flow is missing the id_token\n */\nexport class MissingAuthorizationCredentialIDTokenError extends StytchSDKError {\n constructor() {\n super('MissingAuthorizationCredentialIDTokenError', 'The authorization credential is missing an ID token.');\n }\n}\n\n/**\n * Thrown when a native OAuth flow returns an invalid credential\n */\nexport class InvalidAuthorizationCredentialError extends StytchSDKError {\n constructor() {\n super(\n 'InvalidAuthorizationCredentialError',\n 'The authorization credential is invalid. Verify that OAuth is set up correctly in the developer console, and call the start flow method.',\n );\n }\n}\n\n/**\n * Thrown when a Google OneTap flow is not completed successfully\n */\nexport class NoCredentialsPresentError extends StytchSDKError {\n constructor() {\n super('NoCredentialsPresentError', 'The user did not provide credentials for a Google OneTap attempt');\n }\n}\n\n/**\n * Thrown when a public key was not found\n */\nexport class MissingPublicKeyError extends StytchSDKError {\n constructor() {\n super('MissingPublicKeyError', 'Failed to retrieve the public key. Add a new biometric registration.');\n }\n}\n\n/**\n * Thrown when the challenge string failed to be signed\n */\nexport class ChallengeSigningFailedError extends StytchSDKError {\n constructor() {\n super('ChallengeSigningFailedError', 'Failed to sign the challenge with the key.');\n }\n}\n\n/**\n * Thrown when the SDK has not been configured\n */\nexport class SDKNotConfiguredError extends StytchSDKError {\n constructor() {\n super(\n 'SDKNotConfiguredError',\n 'Stytch client is not confiured. You must call the configure method before using the SDK',\n );\n }\n}\n\n/**\n * Thrown when the code challenge failed to be generated\n */\nexport class FailedCodeChallengeError extends StytchSDKError {\n constructor() {\n super('FailedCodeChallengeError', 'Failed to create a code challenge');\n }\n}\n\n/**\n * Thrown when Passkeys are unsupported on a device\n */\nexport class PasskeysUnsupportedError extends StytchSDKError {\n constructor() {\n super('PasskeysUnsupportedError', 'Passkeys are not supported on this device');\n }\n}\n\n/**\n * Thrown when user data failed to be decrypted\n */\nexport class FailedToDecryptDataError extends StytchSDKError {\n constructor() {\n super('FailedToDecryptDataError', 'Failed to decrypt user data');\n }\n}\n\n/**\n * Thrown when Biometrics failed\n */\nexport class BiometricsFailedError extends StytchSDKError {\n constructor() {\n super('BiometricsFailedError', 'Biometric authentication failed');\n }\n}\n\n/**\n * Thrown when a start URL was invalid\n */\nexport class InvalidStartUrlError extends StytchSDKError {\n constructor() {\n super('InvalidStartUrlError', 'The start URL was invalid or improperly formatted.');\n }\n}\n\n/**\n * Thrown when a redirect url was invalid\n */\nexport class InvalidRedirectSchemeError extends StytchSDKError {\n constructor() {\n super(\n 'InvalidRedirectSchemeError',\n 'The scheme from the given redirect urls was invalid. Possible reasons include: nil scheme, non-custom scheme (using http or https), or differing schemes for login/signup urls.',\n );\n }\n}\n\n/**\n * Thrown when the underlying web authentication service failed to return a URL.\n */\nexport class MissingUrlError extends StytchSDKError {\n constructor() {\n super('MissingUrlError', 'The underlying web authentication service failed to return a URL.');\n }\n}\n\n/**\n * Thrown when the public key credential type was not of the expected type.\n */\nexport class InvalidCredentialTypeError extends StytchSDKError {\n constructor() {\n super('InvalidCredentialTypeError', 'The public key credential type was not of the expected type.');\n }\n}\n\n/**\n * Thrown when the public key credential is missing the attestation object\n */\nexport class MissingAttestationObjectError extends StytchSDKError {\n constructor() {\n super('MissingAttestationObjectError', 'The public key credential is missing the attestation object.');\n }\n}\n\n/**\n * Thrown when we received JSON data that could not be converted to a string\n */\nexport class JSONDataNotConvertibleToStringError extends StytchSDKError {\n constructor() {\n super('JSONDataNotConvertibleToStringError', 'JSON data unable to be converted to String type.');\n }\n}\n\n/**\n * Thrown when RNG fails\n */\nexport class RandomNumberGenerationFailed extends StytchSDKError {\n constructor() {\n super('RandomNumberGenerationFailed', 'Random number generation failed');\n }\n}\n\n/**\n * Thrown when there was an invalid encoding used for a Passkeys request\n */\nexport class PasskeysInvalidEncoding extends StytchSDKError {\n constructor() {\n super('PasskeysInvalidEncoding', 'Invalid passkey encoding');\n }\n}\n\n/**\n * Thrown when Passkeys support is misconfigured\n */\nexport class PasskeysMisconfigured extends StytchSDKError {\n constructor() {\n super(\n 'PasskeysMisconfigured',\n 'Passkeys are misconfigured. Verify that you have added the correct associated domain for your application, and that the signing information is correct.',\n );\n }\n}\n\n/**\n * Thrown when there was an invalid encoding used for a Passkeys request\n */\nexport class SignInWithAppleMisconfigured extends StytchSDKError {\n constructor() {\n super(\n 'SignInWithAppleMisconfigured',\n 'Sign In With Apple is misconfigured. Verify that you have correctly configured Apple OAuth in the Stytch Dashboard and added the Sign In With Apple capability to your project.',\n );\n }\n}\n\nexport class MissingCipherIv extends StytchSDKError {\n constructor() {\n super(\n 'MissingCipherIv',\n 'The expected cipher Iv was not found when attempting to decrypt an existing biometric key.',\n );\n }\n}\n\nexport class InvalidPrivateKeyLength extends StytchSDKError {\n constructor() {\n super('InvalidPrivateKeyLength', `The private key was of an incorrect length.`);\n }\n}\n\nexport class BiometricRegistrationIdIsNullOrBlank extends StytchSDKError {\n constructor() {\n super(\n 'BiometricRegistrationIdIsNullOrBlank',\n 'Attempted to set a blank or null biometric registration ID. This is not allowed, and indicates no registration was created on the server. Consider deleting any local keys that may have been generated.',\n );\n }\n}\n\nexport class DFPNotConfigured extends StytchSDKError {\n constructor() {\n super(\n 'DFPNotConfigured',\n 'You have attempted to retrieve a telemetry ID before the DFP client has been configured.',\n );\n }\n}\n\n/**\n * Thrown when a client attempts to start an OAuth flow but does not pass all required fields\n */\nexport class IDPOAuthFlowMissingParamError extends StytchSDKError {\n constructor(details: string) {\n super('IDPOAuthFlowMissingParamError', details);\n }\n}\n\nexport function errorToStytchError(error: any): StytchSDKError {\n if (error instanceof StytchSDKError) return error;\n\n switch (error.message) {\n case 'no_current_session':\n return new NoCurrentSessionError();\n case 'no_biometrics_registration':\n return new NoBiometricsRegistrationError();\n case 'biometrics_unavailable':\n return new BiometricsUnavailableError();\n case 'key_invalidated':\n return new KeyInvalidatedError();\n case 'device_hardware_error':\n return new BiometricsUnavailableError();\n case 'biometrics_not_available':\n return new BiometricsUnavailableError();\n case 'no_biometrics_enrolled':\n return new NoBiometricsEnrolledError();\n case 'keystore_unavailable':\n return new KeystoreUnavailableError();\n case 'no_biometric_key':\n return new KeyInvalidatedError();\n case 'device_credentials_not_allowed':\n return new DeviceCredentialsNotAllowedError();\n case 'user_cancellation':\n return new UserCancellationError();\n case 'user_locked_out':\n return new UserLockedOutError();\n case 'google_onetap_missing_id_token':\n return new MissingAuthorizationCredentialIDTokenError();\n case 'google_onetap_missing_member':\n return new InvalidAuthorizationCredentialError();\n case 'oauth_apple_missing_id_token':\n return new MissingAuthorizationCredentialIDTokenError();\n case 'oauth_apple_credential_invalid':\n return new InvalidAuthorizationCredentialError();\n case 'missing_public_key':\n return new MissingPublicKeyError();\n case 'challenge_signing_failed':\n return new ChallengeSigningFailedError();\n case 'missing_authorization_credential_id_token':\n return new MissingAuthorizationCredentialIDTokenError();\n case 'invalid_authorization_credential':\n return new InvalidAuthorizationCredentialError();\n case 'no_credentials_present':\n return new NoCredentialsPresentError();\n case 'sdk_not_configured':\n return new SDKNotConfiguredError();\n case 'failed_code_challenge':\n return new FailedCodeChallengeError();\n case 'passkeys_unsupported':\n return new PasskeysUnsupportedError();\n case 'failed_to_decrypt_data':\n return new FailedToDecryptDataError();\n case 'biometrics_failed':\n return new BiometricsFailedError();\n case 'invalid_start_url':\n return new InvalidStartUrlError();\n case 'invalid_redirect_scheme':\n return new InvalidRedirectSchemeError();\n case 'missing_url':\n return new MissingUrlError();\n case 'invalid_credential_type':\n return new InvalidCredentialTypeError();\n case 'missing_attestation_object':\n return new MissingAttestationObjectError();\n case 'json_data_not_convertible_to_string':\n return new JSONDataNotConvertibleToStringError();\n case 'random_number_generation_failed':\n return new RandomNumberGenerationFailed();\n case 'passkeys_invalid_encoding':\n return new PasskeysInvalidEncoding();\n case 'passkeys_misconfigured':\n return new PasskeysMisconfigured();\n case 'signinwithapple_misconfigured':\n return new SignInWithAppleMisconfigured();\n case 'missing_cipher_iv':\n return new MissingCipherIv();\n case 'invalid_private_key_length':\n return new InvalidPrivateKeyLength();\n case 'biometric_registration_id_is_null_or_blank':\n return new BiometricRegistrationIdIsNullOrBlank();\n case 'dfp_not_configured':\n return new DFPNotConfigured();\n default:\n return new InternalError(error);\n }\n}\n","import type { Values } from '../utils';\nimport {\n B2BDiscoveryIntermediateSessionsExchangeResponse,\n B2BDiscoveryOrganizationsCreateResponse,\n B2BDiscoveryOTPEmailAuthenticateResponse,\n B2BDiscoveryOTPEmailSendResponse,\n B2BImpersonationAuthenticateResponse,\n B2BMagicLinkLoginOrSignupResponse,\n B2BMagicLinksAuthenticateResponse,\n B2BMagicLinksDiscoveryAuthenticateResponse,\n B2BMagicLinksEmailDiscoverySendResponse,\n B2BOAuthAuthenticateResponse,\n B2BOAuthDiscoveryAuthenticateResponse,\n B2BOrganizationsGetBySlugResponse,\n B2BOTPsEmailAuthenticateResponse,\n B2BOTPsEmailLoginOrSignupResponse,\n B2BPasswordAuthenticateResponse,\n B2BPasswordDiscoveryAuthenticateResponse,\n B2BPasswordDiscoveryResetByEmailResponse,\n B2BPasswordDiscoveryResetByEmailStartResponse,\n B2BPasswordResetByEmailResponse,\n B2BPasswordResetByEmailStartResponse,\n B2BPasswordResetBySessionResponse,\n B2BSMSAuthenticateResponse,\n B2BSMSSendResponse,\n B2BSSODiscoverConnectionsResponse,\n B2BTOTPAuthenticateResponse,\n B2BTOTPCreateResponse,\n RecoveryCodeRecoverResponse,\n SSOAuthenticateResponse,\n} from './b2b';\nimport { CryptoWalletAuthenticateResponse, CryptoWalletAuthenticateStartResponse } from './cryptoWallets';\nimport { MagicLinksLoginOrCreateResponse } from './magicLinks';\nimport { OTPsAuthenticateResponse, OTPsLoginOrCreateResponse } from './otps';\nimport {\n PasswordAuthenticateResponse,\n PasswordCreateResponse,\n PasswordResetByEmailResponse,\n PasswordResetByEmailStartResponse,\n} from './passwords';\nimport { StytchSDKUIError } from './SDKErrors';\nimport { StytchProjectConfigurationInput } from './typeConfig';\nimport { WebAuthnAuthenticateResponse, WebAuthnRegisterResponse } from './webauthn';\n\ntype DeepPartial<K> = {\n [attr in keyof K]?: K[attr] extends object ? DeepPartial<K[attr]> : K[attr];\n};\n\n/**\n * The options for email magic links. This is used if you've enabled the `emailMagicLinks` product\n * in your configuration.\n */\n\nexport type EmailMagicLinksOptions = {\n loginRedirectURL?: string;\n loginExpirationMinutes?: number;\n signupRedirectURL?: string;\n signupExpirationMinutes?: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n createUserAsPending?: boolean;\n /**\n * @param domainHint - An optional hint indicating what domain the email will be sent from.\n * This field is only required if your project uses more than one custom domain to send emails.\n */\n domainHint?: string;\n locale?: string;\n};\n\n/**\n * The OAuth providers we support in our OAuth product.\n * Currently we support `Amazon`, `Apple`, `Bitbucket`, `Discord`, `Facebook`, `Figma`, `Google`, `GitLab`,\n * `LinkedIn`, `Microsoft`, `Salesforce`, `Slack`, `Snapchat`, `TikTok`, `Twitch`, `Twitter`, and `Yahoo`.\n */\n\nexport const OAuthProviders = {\n Google: 'google',\n Microsoft: 'microsoft',\n Apple: 'apple',\n Github: 'github',\n GitLab: 'gitlab',\n Facebook: 'facebook',\n Discord: 'discord',\n Salesforce: 'salesforce',\n Slack: 'slack',\n Amazon: 'amazon',\n Bitbucket: 'bitbucket',\n LinkedIn: 'linkedin',\n Coinbase: 'coinbase',\n Twitch: 'twitch',\n Twitter: 'twitter',\n TikTok: 'tiktok',\n Snapchat: 'snapchat',\n Figma: 'figma',\n Yahoo: 'yahoo',\n} as const;\n\nexport type OAuthProviders = Values<typeof OAuthProviders>;\n\n/**\n * The Crypto Wallets we support in our crypto product.\n * Currently we support all ethereum and solana wallets.\n * We additionally detect and show popular wallets as distinct options.\n * The list of poular wallets include `Binance`, `Coinbase`, `Metamask`, and `Phantom`\n */\n\nexport const Wallets = {\n Phantom: 'Phantom',\n Metamask: 'Metamask',\n Coinbase: 'Coinbase',\n Binance: 'Binance',\n GenericEthereumWallet: 'GenericEthereumWallet',\n GenericSolanaWallet: 'GenericSolanaWallet',\n} as const;\n\nexport type Wallets = Values<typeof Wallets>;\n\n/**\n * Supported behaviors for positioning Google One Tap. The actual behavior\n * depends on browser support and Google's One Tap implementation.\n */\n\nexport const OneTapPositions = {\n /**\n * Display Google One Tap using a native browser prompt if available, or\n * embedded in the existing SDK login form otherwise.\n * @deprecated This option has been renamed to `floatingOrEmbedded`\n */\n embedded: 'embedded',\n /**\n * Display the One Tap prompt using a native browser prompt if available, or\n * in the top right corner otherwise. This is the default option.\n */\n floating: 'floating',\n /**\n * Display the One Tap prompt embedded in the existing SDK login form if a\n * native browser prompt is not available, or not at all otherwise. This\n * option is not recommended for new applications.\n */\n embeddedOnly: 'embeddedOnly',\n /**\n * Display the One Tap prompt using a native browser prompt if available, or\n * embedded in the existing SDK login form otherwise.\n */\n floatingOrEmbedded: 'floatingOrEmbedded',\n /**\n * Attempt to display the One Tap prompt embedded in the existing SDK login\n * form, even if a native browser prompt is supported. This option is not\n * recommended. It disables native browser FedCM support even where it is\n * available, and will stop being honored by Google in the future.\n */\n forceLegacyEmbedded: 'forceLegacyEmbedded',\n} as const;\n\nexport type OneTapPositions = Values<typeof OneTapPositions>;\n\nexport type ProviderOptions = {\n type: OAuthProviders;\n one_tap?: boolean;\n position?: OneTapPositions;\n /**\n * Whether to cancel the One Tap prompt when the user taps outside of it.\n * This is only applicable if one_tap is true.\n */\n cancel_on_tap_outside?: boolean;\n custom_scopes?: string[];\n provider_params?: Record<string, string>;\n};\n\n/**\n * An array of OAuth providers you wish to use. Each Provider is an object with a type key that\n * determines the type of provider. Each Provider accepts an optional custom_scopes array of\n * scopes that Stytch will request for your application in addition to the base set of scopes\n * required for login. The order of the providers in the array determines the order of the\n * rendered buttons.\n */\nexport type ProvidersOptions = ProviderOptions[];\n\n/**\n * The options for oAuth. This is required if you've enabled the `oauth` product\n * in your configuration.\n */\n\nexport type OAuthOptions = {\n loginRedirectURL?: string;\n signupRedirectURL?: string;\n providers: ProvidersOptions;\n};\n\n/**\n * The methods array allows you to specify the authentication methods that you would like to expose\n * to your users. The order of the products that you include here will also be the order in which\n * they appear in the login form, with the first product specified appearing at the top of the login\n * form. We currently support passcodes on `email`, `sms` and `whatsapp`\n */\n\nexport const OTPMethods = {\n SMS: 'sms',\n WhatsApp: 'whatsapp',\n Email: 'email',\n} as const;\n\nexport type OTPMethods = Values<typeof OTPMethods>;\n\n/**\n * The options for One Time Passcodes. This is required if you've enabled the `otp` product\n * in your configuration.\n */\n\nexport type OtpOptions = {\n methods: OTPMethods[];\n expirationMinutes: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\n/**\n * The options for passwords. This is used if you've enabled the `passwords` product\n * in your configuration.\n */\n\nexport type PasswordOptions = {\n loginRedirectURL?: string;\n loginExpirationMinutes?: number;\n resetPasswordRedirectURL?: string;\n resetPasswordExpirationMinutes?: number;\n resetPasswordTemplateId?: string;\n locale?: string;\n};\n\n/**\n * The options for Session Management. If you are using the UI components,\n * we also create a session for users when they log in.\n */\n\nexport type SessionOptions = {\n sessionDurationMinutes: number;\n};\n\nexport type PasskeyOptions = {\n /**\n * Sets the domain option for both webauthn registration and authentication.\n * @default window.location.hostname\n */\n domain?: string;\n};\n\nexport type StringsOptions = {\n /**\n * Specify custom strings to be used in the prebuilt UI. Consult the message\n * catalog (`messages/en.po` or `messages/b2b/en.po`) for the list of\n * available strings. Each value should be specified using ICU MessageFormat.\n *\n * Strings that are not defined will use the default English value as a\n * fallback.\n */\n strings?: Record<string, string>;\n};\n\n/**\n * The style configuration allows you to customize the look of the SDK. You can specify some of\n * them or none at all.\n */\nexport type StyleConfig = DeepPartial<{\n /**\n * The configuration object for the Stytch UI container.\n */\n container: {\n /**\n * The background color of the SDK container.\n */\n backgroundColor: string;\n /**\n * The border color of the SDK container.\n */\n borderColor: string;\n /**\n * The border radius of the SDK container.\n */\n borderRadius: string;\n /**\n * The width of the SDK container.\n */\n width: string;\n };\n\n /**\n * The configuration object for colors used in the Stytch UI.\n */\n colors: {\n /**\n * Your primary brand color. This will be applied to most of the text in the SDK.\n */\n primary: string;\n /**\n * Your secondary brand color. This will be applied to text disclaimers and other visual elements.\n */\n secondary: string;\n /**\n * Your accent brand color. This will be applied to backgrounds of messages to draw user's attention.\n * This should have strong contrast with the primary text color for accessibility.\n */\n accent: string;\n /**\n * A success color to be used in visual elements.\n */\n success: string;\n /**\n * A warning color to be used in visual elements.\n */\n warning: string;\n /**\n * An error color to be used in visual elements.\n */\n error: string;\n };\n\n /**\n * The configuration object for buttons in the Stytch UI components.\n */\n buttons: {\n /**\n * The configuration object for primary buttons. These buttons are used in primary actions\n * including magic links, one-time passcodes and passwords products.\n */\n primary: {\n /**\n * The background color of the primary button.\n */\n backgroundColor: string;\n /**\n * The text color of the primary button.\n */\n textColor: string;\n /**\n * The border color of the primary button.\n */\n borderColor: string;\n /**\n * The border radius of the primary button.\n */\n borderRadius: string;\n };\n\n /**\n * The configuration object for secondary buttons.\n */\n secondary: {\n /**\n * The background color of the secondary button. These buttons are used in secondary actions\n * including but not limited OAuth and crypto wallets.\n */\n backgroundColor: string;\n /**\n * The text color of the secondary button.\n */\n textColor: string;\n /**\n * The border color of the secondary button.\n */\n borderColor: string;\n /**\n * The border radius of the secondary button.\n */\n borderRadius: string;\n };\n\n /**\n * The configuration object for disabled buttons.\n */\n disabled: {\n /**\n * The background color of the disabled button.\n */\n backgroundColor: string;\n /**\n * The text color of the disabled button.\n */\n textColor: string;\n /**\n * The border color of the disabled button.\n */\n borderColor: string;\n /**\n * The border radius of the disabled button.\n */\n borderRadius: string;\n };\n };\n\n /**\n * The configuration object for text inputs in the Stytch UI components.\n */\n inputs: {\n /**\n * The background color of the text inputs.\n */\n backgroundColor: string;\n /**\n * The text color of the text inputs.\n */\n textColor: string;\n /**\n * The color of the placeholder text in the text inputs.\n */\n placeholderColor: string;\n /**\n * The border color of the text inputs.\n */\n borderColor: string;\n /**\n * The border radius of the text inputs.\n */\n borderRadius: string;\n };\n\n /**\n * The font family that will apply to all text in the SDK.\n */\n fontFamily: string;\n\n /**\n * When this value is false, the title and description text will not show in the SDK.\n */\n hideHeaderText: boolean;\n\n /**\n * The configuration object for your custom logo.\n */\n logo: {\n /**\n * The URL of your custom logo.\n */\n logoImageUrl: string;\n };\n}>;\n\nexport type IDPConsentItem =\n | string\n | {\n /**\n * A one liner description of access being requested\n * @example\n * 'View content and info about you'\n */\n text: string;\n /**\n * A detailed list of access being requested for a line item\n * Each item in the array will be displayed as a separate bullet point\n * @example\n * [\n * 'View content you have added to the platform, including videos and comments',\n * 'View information shared on the platform, including your name, and email'\n * ]\n */\n details?: string[];\n };\n\nexport type IDPConsentSection = {\n /**\n * A top-level header for a section of the consent screen\n * @example\n * '$Application is requesting to edit'\n */\n header: string;\n /**\n * A collection of {@link IDPConsentItem} rows to render with the supplied header\n */\n items: IDPConsentItem[];\n};\n\n/**\n * An IDP Consent Screen Manifest defines the text to be shown to the end user during\n * a consent flow. Manifests can be used to customize grouping of access controls.\n * For example, an application can choose to group access controls by action being performed,\n * by resource being accessed, or by something else entirely.\n * @example\n * // A simple list will be rendered as a list of bullet points\n * [\n * { text: 'Content and info about you' },\n * { text: 'Content and info about your workspace' },\n * { text: 'Create and delete new items in your workspace' },\n * ]\n * @example\n * // Items can have nested details\n * [\n * {\n * text: 'Content and info about you'\n * details: [\n * 'View content you have added to the platform, including videos and comments',\n * 'View information shared on the platform, including your name, and email'\n * ]\n * }\n * ]\n * @example\n * // Items can be grouped with headers\n * [\n * {\n * header: '$Application is requesting to view:',\n * items: [\n * { text: 'Content and info about you' },\n * { text: 'Content and info about your workspace' },\n * ]\n * },\n * {\n * header: '$Application is requesting to edit:',\n * items: [\n * { text: 'Your workspace items' }\n * ]\n * }\n * ]\n */\nexport type IDPConsentScreenManifest = IDPConsentSection[] | IDPConsentItem[];\n\nexport enum StytchEventType {\n MagicLinkLoginOrCreateEvent = 'MAGIC_LINK_LOGIN_OR_CREATE',\n OTPsLoginOrCreateEvent = 'OTP_LOGIN_OR_CREATE',\n OTPsAuthenticate = 'OTP_AUTHENTICATE',\n CryptoWalletAuthenticateStart = 'CRYPTO_WALLET_AUTHENTICATE_START',\n CryptoWalletAuthenticate = 'CRYPTO_WALLET_AUTHENTICATE',\n PasswordCreate = 'PASSWORD_CREATE',\n PasswordAuthenticate = 'PASSWORD_AUTHENTICATE',\n PasswordResetByEmailStart = 'PASSWORD_RESET_BY_EMAIL_START',\n PasswordResetByEmail = 'PASSWORD_RESET_BY_EMAIL',\n PasskeyRegister = 'PASSKEY_REGISTER',\n PasskeyAuthenticate = 'PASSKEY_AUTHENTICATE',\n PasskeySkip = 'PASSKEY_SKIP',\n PasskeyDone = 'PASSKEY_DONE',\n /**\n * The authentication UI flow has completed successfully, including any steps\n * that take place after obtaining a valid session (such as saving recovery\n * codes).\n */\n AuthenticateFlowComplete = 'AUTHENTICATE_FLOW_COMPLETE',\n /**\n * An OAuth Authorization flow has been initiated by a Connected Application.\n * The end-user may be prompted for consent to continue depending on the application\n * that is requesting access.\n */\n OAuthAuthorizeFlowStart = 'OAUTH_AUTHORIZE_FLOW_START',\n /**\n * The end-user has completed the Authorization flow and is about to be redirected\n * back to the Connected Application\n */\n OAuthAuthorizeFlowComplete = 'OAUTH_AUTHORIZE_FLOW_COMPLETE',\n /**\n * The end-user has denied the Authorization flow and is about to be redirected\n * back to the Connected Application with an error message\n */\n OAuthAuthorizeFlowConsentDenied = 'OAUTH_AUTHORIZE_FLOW_CONSENT_DENIED',\n // More Events will go here ...\n // B2B Events\n B2BMagicLinkEmailLoginOrSignup = 'B2B_MAGIC_LINK_EMAIL_LOGIN_OR_SIGNUP',\n B2BMagicLinkAuthenticate = 'B2B_MAGIC_LINK_AUTHENTICATE',\n B2BMagicLinkEmailDiscoverySend = 'B2B_MAGIC_LINK_EMAIL_DISCOVERY_SEND',\n B2BMagicLinkDiscoveryAuthenticate = 'B2B_MAGIC_LINK_DISCOVERY_AUTHENTICATE',\n B2BSSOStart = 'B2B_SSO_START',\n B2BSSOAuthenticate = 'B2B_SSO_AUTHENTICATE',\n B2BSSODiscoverConnections = 'B2B_SSO_DISCOVER_CONNECTIONS',\n B2BOAuthAuthenticate = 'B2B_OAUTH_AUTHENTICATE',\n B2BOAuthDiscoveryAuthenticate = 'B2B_OAUTH_DISCOVERY_AUTHENTICATE',\n B2BDiscoveryOrganizationsCreate = 'B2B_DISCOVERY_ORGANIZATIONS_CREATE',\n B2BDiscoveryIntermediateSessionExchange = 'B2B_DISCOVERY_INTERMEDIATE_SESSION_EXCHANGE',\n B2BPasswordAuthenticate = 'B2B_PASSWORD_AUTHENTICATE',\n B2BPasswordDiscoveryAuthenticate = 'B2B_PASSWORD_DISCOVERY_AUTHENTICATE',\n B2BPasswordResetByEmailStart = 'B2B_PASSWORD_RESET_BY_EMAIL_START',\n B2BPasswordResetByEmail = 'B2B_PASSWORD_RESET_BY_EMAIL',\n B2BPasswordResetBySession = 'B2B_PASSWORD_RESET_BY_SESSION',\n B2BSMSOTPSend = 'B2B_SMS_OTP_SEND',\n B2BSMSOTPAuthenticate = 'B2B_SMS_OTP_AUTHENTICATE',\n B2BTOTPCreate = 'B2B_TOTP_CREATE',\n B2BTOTPAuthenticate = 'B2B_TOTP_AUTHENTICATE',\n B2BRecoveryCodesRecover = 'B2B_RECOVERY_CODES_RECOVER',\n B2BPasswordDiscoveryResetStart = 'B2B_PASSWORD_DISCOVERY_RESET_BY_EMAIL_START',\n B2BDiscoveryPasswordReset = 'B2B_PASSWORD_DISCOVERY_RESET_BY_EMAIL',\n B2BImpersonationAuthenticate = 'B2B_IMPERSONATION_AUTHENTICATE',\n B2BOTPsEmailAuthenticate = 'B2B_OTPS_EMAIL_AUTHENTICATE',\n B2BOTPsEmailDiscoveryAuthenticate = 'B2B_OTPS_EMAIL_DISCOVERY_AUTHENTICATE',\n B2BOTPsEmailDiscoverySend = 'B2B_OTPS_EMAIL_DISCOVERY_SEND',\n B2BOTPsEmailLoginOrSignup = 'B2B_OTPS_EMAIL_LOGIN_OR_SIGNUP',\n B2BOrganizationsGetBySlug = 'B2B_ORGANIZATIONS_GET_BY_SLUG',\n}\n\ntype StytchEventMap<TProjectConfiguration extends StytchProjectConfigurationInput> = {\n [StytchEventType.MagicLinkLoginOrCreateEvent]: MagicLinksLoginOrCreateResponse & { email: string };\n [StytchEventType.OTPsLoginOrCreateEvent]: OTPsLoginOrCreateResponse;\n [StytchEventType.OTPsAuthenticate]: OTPsAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.CryptoWalletAuthenticateStart]: CryptoWalletAuthenticateStartResponse;\n [StytchEventType.CryptoWalletAuthenticate]: CryptoWalletAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.PasswordCreate]: PasswordCreateResponse<TProjectConfiguration>;\n [StytchEventType.PasswordAuthenticate]: PasswordAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordDiscoveryAuthenticate]: B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.PasswordResetByEmailStart]: PasswordResetByEmailStartResponse;\n [StytchEventType.PasswordResetByEmail]: PasswordResetByEmailResponse<TProjectConfiguration>;\n [StytchEventType.AuthenticateFlowComplete]: Record<string, never>;\n [StytchEventType.B2BMagicLinkEmailLoginOrSignup]: B2BMagicLinkLoginOrSignupResponse & { email: string };\n [StytchEventType.B2BMagicLinkAuthenticate]: B2BMagicLinksAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BMagicLinkEmailDiscoverySend]: B2BMagicLinksEmailDiscoverySendResponse;\n [StytchEventType.B2BMagicLinkDiscoveryAuthenticate]: B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BSSOStart]: Record<string, never>;\n [StytchEventType.B2BSSOAuthenticate]: SSOAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BSSODiscoverConnections]: B2BSSODiscoverConnectionsResponse;\n [StytchEventType.B2BDiscoveryOrganizationsCreate]: B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordAuthenticate]: B2BPasswordAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordResetByEmailStart]: B2BPasswordResetByEmailStartResponse;\n [StytchEventType.B2BPasswordResetByEmail]: B2BPasswordResetByEmailResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordResetBySession]: B2BPasswordResetBySessionResponse<TProjectConfiguration>;\n [StytchEventType.B2BDiscoveryIntermediateSessionExchange]: B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>;\n [StytchEventType.B2BOAuthAuthenticate]: B2BOAuthAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOAuthDiscoveryAuthenticate]: B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.PasskeySkip]: Record<string, never>;\n [StytchEventType.PasskeyDone]: Record<string, never>;\n [StytchEventType.PasskeyRegister]: WebAuthnRegisterResponse<TProjectConfiguration>;\n [StytchEventType.PasskeyAuthenticate]: WebAuthnAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BSMSOTPSend]: B2BSMSSendResponse;\n [StytchEventType.B2BSMSOTPAuthenticate]: B2BSMSAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BTOTPCreate]: B2BTOTPCreateResponse;\n [StytchEventType.B2BTOTPAuthenticate]: B2BTOTPAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BRecoveryCodesRecover]: RecoveryCodeRecoverResponse<TProjectConfiguration>;\n [StytchEventType.B2BDiscoveryPasswordReset]: B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>;\n [StytchEventType.B2BPasswordDiscoveryResetStart]: B2BPasswordDiscoveryResetByEmailStartResponse;\n [StytchEventType.B2BImpersonationAuthenticate]: B2BImpersonationAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOTPsEmailDiscoverySend]: B2BDiscoveryOTPEmailSendResponse;\n [StytchEventType.B2BOTPsEmailAuthenticate]: B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOTPsEmailDiscoveryAuthenticate]: B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>;\n [StytchEventType.B2BOTPsEmailLoginOrSignup]: B2BOTPsEmailLoginOrSignupResponse;\n [StytchEventType.B2BOrganizationsGetBySlug]: B2BOrganizationsGetBySlugResponse;\n [StytchEventType.OAuthAuthorizeFlowStart]: { client_id: string; redirect_uri: string; scope: string };\n [StytchEventType.OAuthAuthorizeFlowComplete]: Record<string, never>;\n [StytchEventType.OAuthAuthorizeFlowConsentDenied]: Record<string, never>;\n // More Events will go here ...\n};\n\nexport type StytchEvent<\n TProjectConfiguration extends StytchProjectConfigurationInput = Stytch.DefaultProjectConfiguration,\n> = {\n [K in StytchEventType]: { type: K; data: StytchEventMap<TProjectConfiguration>[K] };\n}[keyof StytchEventMap<TProjectConfiguration>];\n\n/**\n * Optional callbacks that are triggered by various events in the SDK. See more details about the callbacks\n * {@link https://stytch.com/docs/sdks/javascript-sdk#resources_ui-callbacks here}.\n */\nexport type Callbacks<\n TProjectConfiguration extends StytchProjectConfigurationInput = Stytch.DefaultProjectConfiguration,\n> = {\n /**\n * A callback function that responds to errors in the SDK. It is useful for debugging during development\n * and error handling in production.\n *\n * @param error - the error from the SDK with an additional error message\n */\n onError?(error: StytchSDKUIError): void;\n /**\n * A callback function that responds to events sent from the SDK. For the full list of events see the\n * {@link StytchEvent StytchEvent}\n *\n * @param event - the event fired by the SDK\n */\n onEvent?(event: StytchEvent<TProjectConfiguration>): void;\n};\n\nexport type OneTapStyleConfig = {\n position?: OneTapPositions;\n};\n\nexport enum RNUIProducts {\n emailMagicLinks,\n oauth,\n otp,\n passwords,\n}\n\nexport type RNUIEmailMagicLinksOptions = {\n loginExpirationMinutes?: number;\n signupExpirationMinutes?: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\nexport type RNUIOAuthOptions = {\n providers: OAuthProviders[] | ProvidersOptions;\n /** @deprecated Use custom_scopes in ProvidersOptions instead */\n customScopes?: string[];\n /** @deprecated Use provider_params in ProvidersOptions instead */\n providerParams?: Record<string, string>;\n};\n\nexport type RNUIOTPOptions = {\n methods: OTPMethods[];\n expirationMinutes: number;\n loginTemplateId?: string;\n signupTemplateId?: string;\n locale?: string;\n};\n\nexport type RNUIPasswordOptions = {\n loginExpirationMinutes?: number;\n resetPasswordExpirationMinutes?: number;\n resetPasswordTemplateId?: string;\n locale?: string;\n};\n\nexport type RNUIProductConfig = {\n products: RNUIProducts[];\n emailMagicLinksOptions: RNUIEmailMagicLinksOptions;\n oAuthOptions: RNUIOAuthOptions;\n otpOptions: RNUIOTPOptions;\n sessionOptions: SessionOptions;\n passwordOptions: RNUIPasswordOptions;\n};\n","import { AnalyticsEvent } from './Events';\nimport { ResponseCommon, StytchAPIError, StytchAPISchemaError, StytchAPIUnreachableError } from './public';\n\ntype SDKRequestMethodAndBody =\n | {\n method: 'GET' | 'DELETE';\n body?: null;\n }\n | {\n method: 'POST' | 'PUT';\n body?: Record<string, unknown>;\n };\n\nexport type SDKRequestInfo = SDKRequestMethodAndBody & {\n url: string;\n additionalMetadata?: Record<string, string>;\n};\n\nexport interface SDKTelemetry {\n event_id: string;\n app_session_id: string;\n persistent_id: string;\n client_sent_at: string;\n timezone: string;\n\n // Logged in user data\n // Why don't we generate this from the session_token in the auth header?\n // - We don't want to tie analytics ingest to session validation. There's no need to put\n // that kind of pressure on API, and ingest could be moved to somewhere that doesn't\n // have the ability to validate tokens\n // - For bulk event batches, we want to keep track of whether or not a user was logged\n // in at each event. If we have 10 events, the user logs in at event 5, then they'll have\n // a token when they log the batch, but we want to know that they were not logged in for the\n // first 4 events\n\n // Versioning\n app: {\n identifier: string;\n version?: string;\n };\n os?: {\n identifier?: string;\n version?: string;\n };\n device?: {\n model?: string;\n screen_size?: string;\n };\n sdk: {\n identifier: string;\n version: string;\n };\n}\n\nexport type AdditionalTelemetryData =\n | { stytch_user_id?: string; stytch_session_id?: string }\n | { stytch_member_id?: string; stytch_member_session_id?: string };\n\nexport interface INetworkClient {\n createTelemetryBlob(additionalMetadata?: SDKRequestInfo['additionalMetadata']): SDKTelemetry;\n\n fetchSDK: <T extends ResponseCommon>(info: SDKRequestInfo) => Promise<T>;\n\n retriableFetchSDK: <T extends ResponseCommon>(info: RetriableSDKRequestInfo) => Promise<T>;\n\n logEvent<E extends AnalyticsEvent>({\n name,\n details,\n error,\n }: {\n name: E['name'];\n details: E['details'];\n error?: { error_code?: string; error_description?: string; http_status_code?: string };\n }): void;\n\n // @deprecated Use the new sessions.updateSession() method instead\n updateSessionToken: (sessionToken: string | null) => void;\n}\n\nexport type RetriableSDKRequestInfo = SDKRequestInfo & {\n retryCallback: (e: RetriableError, info: SDKBaseRequestInfo) => Promise<SDKBaseRequestInfo>;\n};\n\nexport type RetriableSDKBaseRequestInfo = SDKBaseRequestInfo & {\n retryCallback: (e: RetriableError, info: SDKBaseRequestInfo) => Promise<SDKBaseRequestInfo>;\n};\n\nexport enum RetriableErrorType {\n RequiredCaptcha = 'CAPTCHA required',\n}\n\nexport class RetriableError extends Error {\n type: RetriableErrorType;\n\n constructor(type: RetriableErrorType) {\n super(type);\n this.type = type;\n }\n}\n\nexport async function retriableFetchSDK<T extends ResponseCommon>({\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n retryCallback,\n}: RetriableSDKBaseRequestInfo): Promise<T> {\n let req: SDKBaseRequestInfo = {\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n };\n\n try {\n return await baseFetchSDK<T>(req);\n } catch (err) {\n if (err instanceof RetriableError) {\n req = await retryCallback(err, req);\n return await baseFetchSDK<T>(req);\n }\n throw err;\n }\n}\n\nexport type SDKBaseRequestInfo = {\n basicAuthHeader: string;\n xSDKClientHeader: string;\n xSDKParentHostHeader?: string;\n body: SDKRequestInfo['body'];\n method: SDKRequestInfo['method'];\n finalURL: string;\n};\n\nexport async function baseFetchSDK<T extends ResponseCommon>({\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n}: SDKBaseRequestInfo): Promise<T> {\n const headers: Record<string, string> = {\n Authorization: basicAuthHeader,\n 'Content-Type': 'application/json',\n 'X-SDK-Client': xSDKClientHeader,\n };\n\n if (xSDKParentHostHeader) {\n headers['X-SDK-Parent-Host'] = xSDKParentHostHeader;\n }\n\n const fetchOpts: RequestInit = {\n method,\n headers,\n body: body && JSON.stringify(body),\n credentials: 'include',\n };\n\n let resp;\n try {\n resp = await fetch(finalURL, fetchOpts);\n /* eslint-disable @typescript-eslint/no-explicit-any */\n } catch (e: any) {\n if (e.message === 'Failed to fetch') {\n throw new StytchAPIUnreachableError('Unable to contact our servers.');\n }\n throw e;\n }\n\n // We only return 200 from WB endpoints, but just in case let's accept all 2xx errors\n if (resp.status <= 299) {\n try {\n const respData = await resp.json();\n return respData.data;\n } catch {\n throw new StytchAPIUnreachableError('Invalid JSON response from our servers.');\n }\n }\n\n // 99% of errors will be well-formed JSON errors with an appropriate content-type set\n if (resp.status !== 200 && resp.headers.get('content-type')?.includes('application/json')) {\n let respError;\n try {\n respError = await resp.json();\n } catch {\n // Error was not JSON- but the content type said it was! This means the server lied to us, which it should never do...\n throw new StytchAPIUnreachableError('Invalid or no response from server');\n }\n // If this looks like a JSONSchema validation error, it probably means the caller isn't using\n // typescript and gave us a bad type.\n if ('body' in respError || 'params' in respError || 'query' in respError) {\n throw new StytchAPISchemaError(respError);\n }\n throw new StytchAPIError(respError);\n }\n\n // Finally handle the other 1% of errors (Captcha errors, network errors, 503s, etc.)\n let respData;\n try {\n respData = await resp.text();\n } catch {\n throw new StytchAPIUnreachableError('Invalid response from our servers.');\n }\n if (respData.includes('Captcha required')) {\n throw new RetriableError(RetriableErrorType.RequiredCaptcha);\n }\n throw new StytchAPIUnreachableError('Invalid response from our servers.');\n}\n\nexport async function baseSubmitFormSDK({\n method,\n finalURL,\n basicAuthHeader,\n xSDKClientHeader,\n xSDKParentHostHeader,\n body,\n}: SDKBaseRequestInfo): Promise<void> {\n const bodyParams = (body || {}) as Record<string, string>;\n const finalBody: Record<string, string> = {\n ...bodyParams,\n __Authorization: basicAuthHeader,\n '__X-SDK-Client': xSDKClientHeader,\n };\n\n if (xSDKParentHostHeader) {\n finalBody['__X-SDK-Parent-Host'] = xSDKParentHostHeader;\n }\n\n const children: HTMLInputElement[] = Object.entries(finalBody).map(([key, value]) => {\n const input = document.createElement('input');\n input.type = 'hidden';\n input.name = key;\n input.value = value;\n return input;\n });\n\n const form = document.createElement('form');\n form.method = method;\n form.action = finalURL;\n form.append(...children);\n\n document.body.appendChild(form);\n form.submit();\n}\n","// Unique ID creation requires a high quality random # generator. In the browser we therefore\n// require the crypto API and do not support built-in fallback to lower quality random number\n// generators (like Math.random()).\nvar getRandomValues;\nvar rnds8 = new Uint8Array(16);\nexport default function rng() {\n // lazy load so that environments that need to polyfill have a chance to do so\n if (!getRandomValues) {\n // getRandomValues needs to be invoked in a context where \"this\" is a Crypto implementation. Also,\n // find the complete implementation of crypto (msCrypto) on IE11.\n getRandomValues = typeof crypto !== 'undefined' && crypto.getRandomValues && crypto.getRandomValues.bind(crypto) || typeof msCrypto !== 'undefined' && typeof msCrypto.getRandomValues === 'function' && msCrypto.getRandomValues.bind(msCrypto);\n\n if (!getRandomValues) {\n throw new Error('crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported');\n }\n }\n\n return getRandomValues(rnds8);\n}","import validate from './validate.js';\n/**\n * Convert array of 16 byte values to UUID string format of the form:\n * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\n */\n\nvar byteToHex = [];\n\nfor (var i = 0; i < 256; ++i) {\n byteToHex.push((i + 0x100).toString(16).substr(1));\n}\n\nfunction stringify(arr) {\n var offset = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : 0;\n // Note: Be careful editing this code! It's been tuned for performance\n // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434\n var uuid = (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase(); // Consistency check for valid UUID. If this throws, it's likely due to one\n // of the following:\n // - One or more input array values don't map to a hex octet (leading to\n // \"undefined\" in the uuid)\n // - Invalid input values for the RFC `version` or `variant` fields\n\n if (!validate(uuid)) {\n throw TypeError('Stringified UUID is invalid');\n }\n\n return uuid;\n}\n\nexport default stringify;","export default /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000)$/i;","import rng from './rng.js';\nimport stringify from './stringify.js';\n\nfunction v4(options, buf, offset) {\n options = options || {};\n var rnds = options.random || (options.rng || rng)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`\n\n rnds[6] = rnds[6] & 0x0f | 0x40;\n rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided\n\n if (buf) {\n offset = offset || 0;\n\n for (var i = 0; i < 16; ++i) {\n buf[offset + i] = rnds[i];\n }\n\n return buf;\n }\n\n return stringify(rnds);\n}\n\nexport default v4;","import REGEX from './regex.js';\n\nfunction validate(uuid) {\n return typeof uuid === 'string' && REGEX.test(uuid);\n}\n\nexport default validate;","export const getHttpsUrl = (urlOrDomain: string) => {\n // If it's already a valid URL, extract the domain\n try {\n const url = new URL(urlOrDomain);\n return `https://${url.hostname}`;\n } catch {\n // invalid URLs are OK\n }\n\n // Prepend a scheme and verify it's a valid URL\n try {\n const url = new URL(`https://${urlOrDomain}`);\n return `https://${url.hostname}`;\n } catch {\n // Invalid URL, fallback to undefined\n }\n\n // Input was neither a valid URL nor a valid domain\n return undefined;\n};\n","/**\n * A set of tokens to stylize the console.log output\n * First token is the raw text. %c is a placeholder for string formatting\n * Second token starts our stylizing - adding custom color and background\n * Third token resets stylizing to baseline before showing the rest of the content.\n */\nconst STYTCH_BADGE =\n process.env.NODE_ENV === 'production'\n ? ['[Stytch]']\n : ['%c[Stytch]%c', 'background: #19303d; color: #13E5C0; padding: 2px;border-radius: 4px', ''];\n\n// Turn this to true to enable debug logs\n// TODO: Make this an env var\nconst DEBUG = false;\n\n/* eslint-disable no-console */\n/* eslint-disable @typescript-eslint/no-explicit-any */\n\n/**\n * An ultralightweight wrapper around console.log.\n * In the future, the logger might be passed in from the customer,\n * or the level might be configurable.\n */\nexport const logger = {\n debug: (...args: any[]) => DEBUG && console.log(...STYTCH_BADGE, ...args),\n log: (...args: any[]) => console.log(...STYTCH_BADGE, ...args),\n warn: (...args: any[]) => console.warn(...STYTCH_BADGE, ...args),\n error: (...args: any[]) => console.error(...STYTCH_BADGE, ...args),\n};\n\n/* eslint-enable @typescript-eslint/no-explicit-any */\n/* eslint-enable no-console */\n","import { logger } from './logger';\n\nconst trailer = `\nYou can find your public token at https://stytch.com/dashboard/api-keys.`;\nexport const checkPublicToken = (publicToken: unknown) => {\n if (typeof publicToken !== 'string') {\n logger.warn(`Public token is malformed. Expected a string, got ${typeof publicToken}.${trailer}`);\n } else if (publicToken === '') {\n logger.warn(`Public token is malformed. Expected \"public-token-...\", got an empty string.${trailer}`);\n } else if (!publicToken.startsWith('public-token-')) {\n logger.warn(`Public token is malformed. Expected \"public-token-...\", got ${publicToken}.${trailer}`);\n }\n};\n\nexport const checkNotSSR = () => {\n if (typeof window === 'undefined') {\n throw new Error(\n `\\`new StytchClient()\\` is not supported in server environments. If using @stytch/react or @stytch/nextjs, use \\`createStytchClient()\\` instead.`,\n );\n }\n};\n\nexport const checkB2BNotSSR = () => {\n if (typeof window === 'undefined') {\n throw new Error(\n `\\`new StytchB2BClient()\\` is not supported in server environments. If using @stytch/react or @stytch/nextjs, use \\`createStytchB2BClient()\\` instead.`,\n );\n }\n};\n","const ModulePromiseCache: Record<string, Promise<unknown>> = {};\n\nexport const __clearcache = () => Object.keys(ModulePromiseCache).forEach((key) => delete ModulePromiseCache[key]);\n\nexport async function loadESModule<T>(url: string, moduleFromGlobalScope: () => T): Promise<T> {\n if (ModulePromiseCache[url] !== undefined) {\n return ModulePromiseCache[url] as Promise<T>;\n }\n\n ModulePromiseCache[url] = loadESModuleFromNetwork(url, moduleFromGlobalScope);\n return ModulePromiseCache[url] as Promise<T>;\n}\n\nfunction loadESModuleFromNetwork<T>(url: string, moduleFromGlobalScope: () => T): Promise<T> {\n return new Promise((resolve, reject) => {\n const maybeScript = findScript(url);\n if (maybeScript && maybeScript.dataset.loaded === 'true') {\n try {\n resolve(moduleFromGlobalScope());\n } catch (err) {\n return reject(new Error(`${url} already loaded, but module was not found in global scope: ${err}`));\n }\n }\n\n const script = createScript(url);\n\n script.addEventListener('load', () => {\n script.dataset.loaded = 'true';\n try {\n resolve(moduleFromGlobalScope());\n } catch (err) {\n reject(new Error(`${url} was loaded, but module was not found in global scope: ${err}`));\n }\n });\n\n script.addEventListener('error', (err) => {\n reject(new Error(`${url} could not be loaded: ${err}`));\n });\n });\n}\n\nconst findScriptsInDom = (url: string) => document.querySelectorAll<HTMLScriptElement>(`script[src=\"${url}\"]`);\n\nfunction findScript(url: string): HTMLScriptElement | undefined {\n const scripts = findScriptsInDom(url);\n if (scripts[0]) {\n return scripts[0];\n }\n}\n\nfunction createScript(url: string): HTMLScriptElement {\n const script = document.createElement('script');\n script.setAttribute('src', url);\n script.setAttribute('async', 'true');\n script.setAttribute('defer', 'true');\n document.head.appendChild(script);\n return script;\n}\n","import { RetriableError, RetriableErrorType, SDKBaseRequestInfo } from './NetworkClient';\nimport { BootstrapData } from './types';\nimport { loadESModule } from './utils';\n\ndeclare global {\n // The telemetry.js script will set a global function called GetTelemetryID on the window\n // object. This interface is allows us to call that function while pleasing the TypeScript\n // compiler.\n interface Window {\n GetTelemetryID: (publicToken: string, submitURL: string) => Promise<string>;\n }\n}\n\nconst loadTelemetryJS = (domain: string) => loadESModule(`${domain}/telemetry.js`, () => window.GetTelemetryID);\n\nexport type DFPProtectedAuthMode = 'OBSERVATION' | 'DECISIONING';\n\nexport type DFPProtectedAuthState = {\n publicToken: string;\n dfpBackendURL: string;\n mode?: DFPProtectedAuthMode;\n enabled: boolean;\n loaded: boolean;\n executeRecaptcha: () => Promise<string | undefined>;\n};\n\nexport class DFPProtectedAuthProvider {\n private state: Promise<DFPProtectedAuthState>;\n constructor(\n publicToken: string,\n dfpBackendURL: string,\n dfpCdnDomain: string,\n private bootstrapPromise: Promise<BootstrapData>,\n executeRecaptcha: () => Promise<string | undefined> = () => Promise.resolve(undefined),\n ) {\n this.state = bootstrapPromise.then(async (bootstrapData) => {\n if (!bootstrapData.runDFPProtectedAuth) {\n return { publicToken, dfpBackendURL, enabled: false, loaded: false, executeRecaptcha };\n }\n await loadTelemetryJS(dfpCdnDomain);\n return {\n publicToken,\n dfpBackendURL,\n enabled: true,\n mode: bootstrapData.dfpProtectedAuthMode || 'OBSERVATION',\n loaded: true,\n executeRecaptcha,\n };\n });\n }\n\n isEnabled = async (): Promise<boolean> => {\n return this.state.then((state) => state.enabled);\n };\n\n getTelemetryID = async (): Promise<string | undefined> => {\n const { publicToken, enabled, dfpBackendURL } = await this.state;\n if (!enabled) {\n return undefined;\n }\n return await window.GetTelemetryID(publicToken, `${dfpBackendURL}/submit`);\n };\n\n getDFPTelemetryIDAndCaptcha = async (): Promise<{ dfp_telemetry_id?: string; captcha_token?: string }> => {\n const { enabled, executeRecaptcha, mode } = await this.state;\n\n let dfp_telemetry_id: string | undefined = undefined;\n let captcha_token: string | undefined = undefined;\n if (!enabled) {\n captcha_token = await executeRecaptcha();\n }\n if (mode === 'DECISIONING') {\n dfp_telemetry_id = await this.getTelemetryID();\n } else if (mode === 'OBSERVATION') {\n dfp_telemetry_id = await this.getTelemetryID();\n captcha_token = await executeRecaptcha();\n }\n return { dfp_telemetry_id, captcha_token };\n };\n\n retryWithCaptchaAndDFP = async (e: RetriableError, req: SDKBaseRequestInfo): Promise<SDKBaseRequestInfo> => {\n const { enabled, executeRecaptcha } = await this.state;\n if (e.type === RetriableErrorType.RequiredCaptcha && enabled) {\n if (req.body) {\n req.body.dfp_telemetry_id = await this.getTelemetryID();\n req.body.captcha_token = await executeRecaptcha();\n }\n return req;\n }\n throw new Error('Unable to query captcha and/or dfp telemetry ID');\n };\n}\n\nexport const DisabledDFPProtectedAuthProvider = () => ({\n isEnabled: async () => false,\n getTelemetryID: async () => undefined,\n getDFPTelemetryIDAndCaptcha: async () => ({\n dfp_telemetry_id: undefined,\n captcha_token: undefined,\n }),\n retryWithCaptchaAndDFP: async () => {\n throw new Error('DFP protected auth is disabled');\n },\n});\n\nexport interface IDFPProtectedAuthProvider {\n isEnabled(): Promise<boolean>;\n getTelemetryID(): Promise<string | undefined>;\n retryWithCaptchaAndDFP(e: RetriableError, req: SDKBaseRequestInfo): Promise<SDKBaseRequestInfo>;\n getDFPTelemetryIDAndCaptcha(): Promise<{ dfp_telemetry_id?: string; captcha_token?: string }>;\n}\n","import {\n SDKAPIUnreachableError,\n StytchAPIError,\n StytchAPISchemaError,\n StytchAPIUnreachableError,\n StytchSDKAPIError,\n StytchSDKSchemaError,\n} from './public';\n\n/**\n * Some errors are thrown from inside an iframe, but we can't serialize them\n * to the parent in Webkit. This class handles restoring marshalled errors\n * to their original form.\n * It preserves the error instance/class constructor by inspecting err.name\n * and calling `new` on the matching constructor.\n */\nexport class ErrorMarshaller {\n static inflate<T extends new (...any: never[]) => Error>(ErrorClass: T, ErrorData: Record<string, unknown>): Error {\n // !!HACK!!\n // We make the assumption that if the error takes in a required property\n // (StytchAPIError takes in an APIDetails obj...)\n // that we can just pass in the error body itself to satisfy the constructor...\n // And if the types don't work out, Object.assign(...) copies everything over anyway\n // This is a brittle and weak assumption.\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n const err = new ErrorClass(ErrorData);\n Object.assign(err, ErrorData);\n Object.setPrototypeOf(err, ErrorClass.prototype);\n return err as Error;\n }\n\n static unmarshall(error: Record<string, unknown>): Error {\n if ('name' in error) {\n switch (error.name) {\n case 'SDKAPIUnreachableError':\n return ErrorMarshaller.inflate(SDKAPIUnreachableError, error);\n case 'StytchSDKSchemaError':\n return ErrorMarshaller.inflate(StytchSDKSchemaError, error);\n case 'StytchAPIUnreachableError':\n return ErrorMarshaller.inflate(StytchAPIUnreachableError, error);\n case 'StytchAPISchemaError':\n return ErrorMarshaller.inflate(StytchAPISchemaError, error);\n case 'StytchSDKAPIError':\n return ErrorMarshaller.inflate(StytchSDKAPIError, error);\n case 'StytchAPIError':\n return ErrorMarshaller.inflate(StytchAPIError, error);\n case 'TypeError':\n return ErrorMarshaller.inflate(TypeError, error);\n case 'SyntaxError':\n return ErrorMarshaller.inflate(SyntaxError, error);\n case 'ReferenceError':\n return ErrorMarshaller.inflate(ReferenceError, error);\n case 'RangeError':\n return ErrorMarshaller.inflate(RangeError, error);\n case 'EvalError':\n return ErrorMarshaller.inflate(EvalError, error);\n case 'URIError':\n return ErrorMarshaller.inflate(URIError, error);\n }\n }\n return ErrorMarshaller.inflate(Error, error);\n }\n}\n","import { SDKTelemetry } from './NetworkClient';\n\nexport const DEFAULT_MAX_BATCH_SIZE = 15;\nexport const DEFAULT_INTERVAL_DURATION_MS = 800;\n\ntype EventLoggerArgs = {\n maxBatchSize: number;\n intervalDurationMs: number;\n logEventURL: string;\n};\n\nexport class EventLogger {\n private maxBatchSize: number;\n private logEventURL: string;\n private batch: Record<string, unknown>[];\n\n constructor(args: EventLoggerArgs) {\n this.maxBatchSize = args.maxBatchSize;\n this.logEventURL = args.logEventURL;\n // TODO: If we create more than one of these, we'll want a mechanism to clean up the intervals\n setInterval(this.flush.bind(this), args.intervalDurationMs);\n this.batch = [];\n }\n\n logEvent(telemetry: SDKTelemetry, event: Record<string, unknown>) {\n this.batch.push({ telemetry, event });\n if (this.batch.length >= this.maxBatchSize) {\n this.flush();\n }\n }\n\n async flush() {\n if (!this.batch.length) {\n return;\n }\n const batchToSubmit = this.batch;\n this.batch = [];\n try {\n await fetch(this.logEventURL, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify(batchToSubmit),\n });\n } catch {\n // Silently ignore fetch errors\n }\n }\n}\n","import { StytchSDKUsageError } from '../public';\n\n/**\n * This function and its parameter is stripped in production builds using rollup plugin.\n * NOTE: Be careful when wrapping render function return values. React before v18 do not allow undefined\n * to be returned, so wrapping the entire return value will crash those runtimes.\n */\nexport const DEV = <T>(input: T): T | undefined => input;\n\n/**\n * This function is stripped in production builds using rollup plugin. Useful for adding\n * logging or validation in dev only\n */\nexport function RUN_IN_DEV(callback: () => void) {\n callback();\n}\n\nexport type ValidateRule =\n | 'object'\n | 'optionalObject'\n | 'string'\n | 'optionalString'\n | 'number'\n | 'optionalNumber'\n | 'stringArray'\n | 'optionalStringArray'\n | 'boolean'\n | 'optionalBoolean';\n\nexport const validateInDev = <T extends Record<string, unknown>>(\n methodName: string,\n obj: T,\n rules: Partial<Record<keyof T, ValidateRule>>,\n) => {\n const errors: StytchSDKUsageError[] = [];\n for (const [key, rule] of Object.entries(rules)) {\n if (rule == null) continue;\n\n const val = obj[key];\n if (rule.startsWith('optional') && val == null) continue;\n\n switch (rule) {\n case 'object':\n case 'optionalObject': {\n const isObject = typeof val === 'object' && !Array.isArray(val) && val !== null;\n if (!isObject) {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be an object.`));\n }\n break;\n }\n\n case 'string':\n case 'optionalString':\n if (typeof val !== 'string') {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be a string.`));\n }\n break;\n\n case 'number':\n case 'optionalNumber':\n if (typeof val !== 'number') {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be a number.`));\n }\n break;\n\n case 'stringArray':\n case 'optionalStringArray':\n if (!Array.isArray(val) || !val.every((str) => typeof str === 'string')) {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be an array of strings.`));\n }\n break;\n\n case 'boolean':\n case 'optionalBoolean':\n if (typeof val !== 'boolean') {\n errors.push(new StytchSDKUsageError(methodName, `${key} must be a boolean.`));\n }\n break;\n }\n }\n\n if (errors.length > 0) {\n if (errors.length === 1) {\n throw errors[0];\n } else {\n throw new AggregateError(errors);\n }\n }\n};\n","import { IB2BSubscriptionService, INetworkClient } from '../..';\nimport {\n B2BDiscoveryIntermediateSessionsExchangeOptions,\n B2BDiscoveryIntermediateSessionsExchangeResponse,\n B2BDiscoveryOrganizationsCreateOptions,\n B2BDiscoveryOrganizationsCreateResponse,\n B2BDiscoveryOrganizationsResponse,\n IHeadlessB2BDiscoveryClient,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BDiscoveryClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BDiscoveryClient<TProjectConfiguration>\n{\n organizations: {\n list: () => Promise<B2BDiscoveryOrganizationsResponse>;\n create: (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ) => Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>;\n };\n\n intermediateSessions: {\n exchange: (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ) => Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.organizations = {\n list: async () =>\n this._networkClient.fetchSDK<B2BDiscoveryOrganizationsResponse>({\n url: '/b2b/discovery/organizations',\n body: {\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n method: 'POST',\n }),\n create: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOrganizationsCreateOptions,\n ): Promise<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.organizations.create', data, {\n session_duration_minutes: 'number',\n organization_name: 'optionalString',\n organization_slug: 'optionalString',\n organization_logo_url: 'optionalString',\n sso_jit_provisioning: 'optionalString',\n email_allowed_domains: 'optionalStringArray',\n email_invites: 'optionalString',\n auth_methods: 'optionalString',\n allowed_auth_methods: 'optionalStringArray',\n mfa_policy: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n };\n\n return this._networkClient.fetchSDK<B2BDiscoveryOrganizationsCreateResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/organizations/create',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n\n this.intermediateSessions = {\n exchange: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryIntermediateSessionsExchangeOptions,\n ): Promise<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>> => {\n validateInDev('stytch.discovery.intermediateSessions.exchange', data, {\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const requestBody = {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.fetchSDK<B2BDiscoveryIntermediateSessionsExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/discovery/intermediate_sessions/exchange',\n body: requestBody,\n method: 'POST',\n });\n },\n ),\n };\n }\n}\n","import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BOAuthAuthorizeStartOptions,\n B2BOAuthAuthorizeStartResponse,\n B2BOAuthAuthorizeSubmitOptions,\n B2BOAuthAuthorizeSubmitResponse,\n B2BOAuthLogoutStartOptions,\n B2BOAuthLogoutStartResponse,\n IHeadlessB2BIDPClient,\n} from '../../public/b2b/idp';\n\nexport class HeadlessB2BIDPClient implements IHeadlessB2BIDPClient {\n constructor(private _networkClient: INetworkClient) {}\n\n /**\n * Initiates a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request. This endpoint validates various fields (scope, client_id, redirect_uri, prompt, etc...) are correct and returns relevant information for rendering an OAuth Consent Screen.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeStart({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeStart = async (data: B2BOAuthAuthorizeStartOptions): Promise<B2BOAuthAuthorizeStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeStartResponse>({\n url: '/idp/b2b/oauth/authorize/start',\n method: 'POST',\n body: data,\n });\n\n /**\n * Completes a request for authorization of a Connected App to access a Member's account.\n *\n * Call this endpoint using the query parameters from an OAuth Authorization request, after previously validating those parameters using the Preflight Check API. Note that this endpoint takes in a few additional parameters the preflight check does not- state, nonce, and code_challenge.\n *\n * If the authorization was successful, the redirect_uri will contain a valid authorization_code embedded as a query parameter. If the authorization was unsuccessful, the redirect_uri will contain an OAuth2.1 error_code. In both cases, redirect the Member to the location for the response to be consumed by the Connected App.\n *\n * Exactly one of the following must be provided to identify the Member granting authorization:\n * organization_id + member_id\n * session_token\n * session_jwt\n *\n * If a session_token or session_jwt is passed, the OAuth Authorization will be linked to the Member's session for tracking purposes. One of these fields must be used if the Connected App intends to complete the Exchange Access Token flow.\n *\n * @example\n * const response = await stytch.idp.oauthAuthorizeSubmit({\n * client_id: 'client_123',\n * redirect_uri: 'https://example.com/callback',\n * scope: 'openid email profile',\n * });\n */\n oauthAuthorizeSubmit = async (data: B2BOAuthAuthorizeSubmitOptions): Promise<B2BOAuthAuthorizeSubmitResponse> =>\n this._networkClient.fetchSDK<B2BOAuthAuthorizeSubmitResponse>({\n url: '/idp/b2b/oauth/authorize/submit',\n method: 'POST',\n body: data,\n });\n\n oauthLogoutStart = async (data: B2BOAuthLogoutStartOptions): Promise<B2BOAuthLogoutStartResponse> =>\n this._networkClient.fetchSDK<B2BOAuthLogoutStartResponse>({\n url: `/b2b/oauth/logout/start`,\n method: 'POST',\n body: data,\n });\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BImpersonationAuthenticateOptions,\n B2BImpersonationAuthenticateResponse,\n IHeadlessB2BImpersonationClient,\n} from '../../public/b2b/impersonation';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BImpersonationClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BImpersonationClient<TProjectConfiguration>\n{\n authenticate: (\n data: B2BImpersonationAuthenticateOptions,\n ) => Promise<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (data: B2BImpersonationAuthenticateOptions) => {\n validateInDev('stytch.impersonation.authenticate', data, {\n impersonation_token: 'string',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BImpersonationAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/impersonation/authenticate',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n}\n","import { DisabledDFPProtectedAuthProvider, IDFPProtectedAuthProvider } from '../../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../../NetworkClient';\nimport { IPKCEManager } from '../../PKCEManager';\nimport {\n B2BMagicLinksInviteOptions,\n B2BMagicLinksInviteResponse,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport {\n B2BMagicLinkLoginOrSignupOptions,\n B2BMagicLinkLoginOrSignupResponse,\n B2BMagicLinksAuthenticateOptions,\n B2BMagicLinksAuthenticateResponse,\n B2BMagicLinksDiscoveryAuthenticateOptions,\n B2BMagicLinksDiscoveryAuthenticateResponse,\n B2BMagicLinksEmailDiscoverySendOptions,\n B2BMagicLinksEmailDiscoverySendResponse,\n IHeadlessB2BMagicLinksClient,\n} from '../../public/b2b/magicLinks';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForEmailMagicLinks: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForEmailMagicLinks: false,\n});\n\nexport class HeadlessB2BMagicLinksClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BMagicLinksClient<TProjectConfiguration>\n{\n email: {\n invite: (data: B2BMagicLinksInviteOptions) => Promise<B2BMagicLinksInviteResponse>;\n loginOrSignup: (data: B2BMagicLinkLoginOrSignupOptions) => Promise<ResponseCommon>;\n discovery: {\n send: (data: B2BMagicLinksEmailDiscoverySendOptions) => Promise<B2BMagicLinksEmailDiscoverySendResponse>;\n };\n };\n\n authenticate: (\n data: B2BMagicLinksAuthenticateOptions,\n ) => Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ) => Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _passwordResetPKCEManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider = DisabledDFPProtectedAuthProvider(),\n ) {\n this.email = {\n invite: async (data: B2BMagicLinksInviteOptions): Promise<B2BMagicLinksInviteResponse> => {\n validateInDev('stytch.magicLinks.email.invite', data, {\n email_address: 'string',\n invite_redirect_url: 'optionalString',\n invite_template_id: 'optionalString',\n name: 'optionalString',\n locale: 'optionalString',\n roles: 'optionalStringArray',\n invite_expiration_minutes: 'optionalNumber',\n });\n\n return this._networkClient.fetchSDK<B2BMagicLinksInviteResponse>({\n url: '/b2b/magic_links/email/invite',\n body: data,\n method: 'POST',\n });\n },\n loginOrSignup: async (data: B2BMagicLinkLoginOrSignupOptions): Promise<ResponseCommon> => {\n validateInDev('stytch.magicLinks.email.loginOrSignup', data, {\n email_address: 'string',\n organization_id: 'string',\n login_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n signup_redirect_url: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n };\n return this._networkClient.fetchSDK<B2BMagicLinkLoginOrSignupResponse>({\n url: '/b2b/magic_links/email/login_or_signup',\n body: requestBody,\n method: 'POST',\n });\n },\n discovery: {\n send: async (\n data: B2BMagicLinksEmailDiscoverySendOptions,\n ): Promise<B2BMagicLinksEmailDiscoverySendResponse> => {\n validateInDev('stytch.magicLinks.email.discovery.send', data, {\n email_address: 'string',\n discovery_redirect_url: 'optionalString',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkce_code_challenge = await this.getCodeChallenge();\n const requestBody = {\n ...data,\n pkce_code_challenge,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BMagicLinksEmailDiscoverySendResponse>({\n url: '/b2b/magic_links/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n },\n };\n\n this.authenticate = this._subscriptionService.withUpdateSession(async (data: B2BMagicLinksAuthenticateOptions) => {\n validateInDev('stytch.magicLinks.authenticate', data, {\n magic_links_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n // When a user resets their password with PKCE turned on, they create a pkPair in the 'passwords' namespace.\n // However, when the user gets the reset password email, they have the option to log in without a password.\n // This redirects them to the magic link authenticate flow, which automatically looks for the pkce code_verifier\n // in the 'magic_links' namespace, breaking the flow. Unfortunately we won't know for sure in the eml authenticate call\n // whether or not the user is coming from a password reset flow. To handle this, we have to try to authenticate with\n // both the 'passwords' and 'magic_links' code_verifiers.\n const passwordResetPKPair = await this._passwordResetPKCEManager.getPKPair();\n\n let resp: B2BMagicLinksAuthenticateResponse<TProjectConfiguration> | null = null;\n\n if (passwordResetPKPair?.code_verifier) {\n try {\n resp = await this.handlePKCEForAuthenticate(this._passwordResetPKCEManager, data);\n } catch (e) {\n if ((e as Error).message.includes('pkce')) {\n // If pkce-related error, fall back to magic links code_verifier\n // eslint-disable-next-line no-console\n console.log(\n 'Authenticate with passwords pkce namespace failed. Falling back to authenticate with magic_links namespace.',\n );\n } else {\n throw e;\n }\n }\n }\n\n if (!resp) {\n resp = await this.handlePKCEForAuthenticate(this._pkceManager, data);\n }\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BMagicLinksDiscoveryAuthenticateOptions,\n ): Promise<B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.magicLinks.discovery.authenticate', data, {\n discovery_magic_links_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BMagicLinksDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/magic_links/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n if (!pkceRequiredForEmailMagicLinks) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n private async handlePKCEForAuthenticate(\n pkceManager: IPKCEManager,\n data: B2BMagicLinksAuthenticateOptions,\n ): Promise<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>> {\n const pkPair = await pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<B2BMagicLinksAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/magic_links/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n pkceManager.clearPKPair();\n\n return resp;\n }\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient, IPKCEManager } from '../..';\nimport {\n B2BOAuthAuthenticateOptions,\n B2BOAuthAuthenticateResponse,\n B2BOAuthDiscoveryAuthenticateResponse,\n B2BOAuthDiscoveryStartOptions,\n IHeadlessB2BOAuthClient,\n OAuthDiscoveryAuthenticateOptions,\n OAuthStartOptions,\n} from '../../public/b2b/oauth';\nimport { B2BOAuthProviders } from '../../public/b2b/ui';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { isTestPublicToken, logger } from '../../utils';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n cnameDomain: null | string;\n pkceRequiredForOAuth: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport class HeadlessB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOAuthClient<TProjectConfiguration>\n{\n authenticate: (options: B2BOAuthAuthenticateOptions) => Promise<B2BOAuthAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n authenticate: (\n data: OAuthDiscoveryAuthenticateOptions,\n ) => Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n google: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n microsoft: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n hubspot: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n slack: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n github: {\n start: (options: OAuthStartOptions) => Promise<void>;\n discovery: {\n start: (options: B2BOAuthDiscoveryStartOptions) => Promise<void>;\n };\n };\n\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n protected _pkceManager: IPKCEManager,\n protected _dynamicConfig: DynamicConfig,\n protected _config: Config,\n protected dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(async (options: B2BOAuthAuthenticateOptions) => {\n validateInDev('stytch.oauth.authenticate', options, {\n oauth_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const keyPair = await this._pkceManager.getPKPair();\n\n if (!keyPair) {\n logger.warn(\n 'No code verifier found in local storage for OAuth flow.\\n' +\n 'Consider using stytch.oauth.$provider.start() to add PKCE to your OAuth flows for added security.\\n' +\n 'See https://stytch.com/docs/oauth#guides_pkce for more information.',\n );\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const resp = await this._networkClient.retriableFetchSDK<B2BOAuthAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/oauth/authenticate',\n method: 'POST',\n body: {\n pkce_code_verifier: keyPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n ...options,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n });\n\n this.discovery = {\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: OAuthDiscoveryAuthenticateOptions,\n ): Promise<B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.oauth.discovery.authenticate', data, {\n discovery_oauth_token: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const requestBody = {\n pkce_code_verifier: pkPair?.code_verifier,\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n const resp = await this._networkClient.retriableFetchSDK<\n B2BOAuthDiscoveryAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/oauth/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n };\n\n this.google = {\n start: this.startOAuthFlow(B2BOAuthProviders.Google),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Google),\n },\n };\n\n this.microsoft = {\n start: this.startOAuthFlow(B2BOAuthProviders.Microsoft),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Microsoft),\n },\n };\n\n this.hubspot = {\n start: this.startOAuthFlow(B2BOAuthProviders.HubSpot),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.HubSpot),\n },\n };\n\n this.slack = {\n start: this.startOAuthFlow(B2BOAuthProviders.Slack),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.Slack),\n },\n };\n\n this.github = {\n start: this.startOAuthFlow(B2BOAuthProviders.GitHub),\n discovery: {\n start: this.startDiscoveryOAuthFlow(B2BOAuthProviders.GitHub),\n },\n };\n }\n\n protected async getBaseApiUrl() {\n const { cnameDomain } = await this._dynamicConfig;\n if (cnameDomain) {\n // The API returns cname domains without a protocol - assume HTTPS\n return `https://${cnameDomain}`;\n }\n // Our TestAPIURL and LiveAPIURL should have the HTTPS protocol already attached\n // Don't add it twice!\n if (isTestPublicToken(this._config.publicToken)) {\n return this._config.testAPIURL;\n }\n return this._config.liveAPIURL;\n }\n\n protected startOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: OAuthStartOptions): Promise<void> => {\n const {\n organization_id,\n organization_slug,\n login_redirect_url,\n signup_redirect_url,\n custom_scopes,\n provider_params,\n } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (organization_id && organization_id != '') {\n startUrl.searchParams.set('organization_id', organization_id);\n }\n\n if (organization_slug && organization_slug != '') {\n startUrl.searchParams.set('slug', organization_slug);\n }\n\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (login_redirect_url) startUrl.searchParams.set('login_redirect_url', login_redirect_url);\n if (signup_redirect_url) startUrl.searchParams.set('signup_redirect_url', signup_redirect_url);\n\n this.navigate(startUrl);\n };\n }\n\n protected startDiscoveryOAuthFlow(providerType: B2BOAuthProviders) {\n return async (options: B2BOAuthDiscoveryStartOptions): Promise<void> => {\n const { discovery_redirect_url, custom_scopes, provider_params } = options;\n const { pkceRequiredForOAuth } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/b2b/public/oauth/${providerType}/discovery/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n if (custom_scopes) {\n validateInDev(\n 'startOAuthFlow',\n { custom_scopes },\n {\n custom_scopes: 'stringArray',\n },\n );\n startUrl.searchParams.set('custom_scopes', custom_scopes.join(' '));\n }\n if (provider_params) {\n validateInDev(\n 'startOAuthFlow',\n { provider_params },\n {\n provider_params: 'optionalObject',\n },\n );\n for (const key in provider_params) {\n startUrl.searchParams.set('provider_' + key, provider_params[key]);\n }\n }\n\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (discovery_redirect_url) {\n startUrl.searchParams.set('discovery_redirect_url', discovery_redirect_url);\n }\n\n this.navigate(startUrl);\n };\n }\n\n // Public so it can be mocked in tests\n navigate(url: URL) {\n window.location.href = url.toString();\n }\n}\n","import { v4 as uuidv4 } from 'uuid';\n\nimport { OTPMethods, ResponseCommon, User } from '../public';\n\nexport * from './api';\nexport { arrayUtils } from './arrayUtils';\nexport type { Cacheable } from './Cacheable';\nexport * from './checks';\nexport * from './country';\nexport * from './dfp';\nexport type { EnumOrStringLiteral, StringLiteralFromEnum } from './EnumOrStringLiteral';\nexport { loadESModule } from './loadESModule';\nexport * from './logger';\n\nexport const isTestPublicToken = (token: string) => token.includes('public-token-test');\n\n/**\n * Normalizes an es5 promise with a .then(onSuccess, onFailure) signature to\n * the es6 .then().catch() signature\n */\nexport const normalizePromiseLike = <T>(prom: PromiseLike<T>): Promise<T> => {\n return new Promise<T>((resolve, reject) => {\n prom.then(resolve, reject);\n });\n};\n\nexport const createEventId = () => `event-id-${uuidv4()}`;\nexport const createAppSessionId = () => `app-session-id-${uuidv4()}`;\nexport const createPersistentId = () => `persistent-id-${uuidv4()}`;\n\nexport const isPhoneMethod = (selectionMethod: string) =>\n selectionMethod === OTPMethods.SMS || selectionMethod === OTPMethods.WhatsApp;\nexport const isEmailMethod = (selectionMethod: string) => selectionMethod === OTPMethods.Email;\n\nexport const removeResponseCommon = <T extends ResponseCommon>({\n request_id,\n\n status_code,\n ...rest\n}: T): Omit<T, keyof ResponseCommon> => rest;\n\nexport type WithUser<T> = T & { __user: User & ResponseCommon };\n\nexport const omitUser = <T extends ResponseCommon>(resp: T & { __user: User }): T => {\n const { __user, ...rest } = resp;\n return rest as unknown as T;\n};\n\nexport type Values<T extends object> = T[keyof T];\n\n// A simplified version of PartialDeep from type-fest to avoid referencing that package in exported types\ntype Primitive = null | undefined | string | number | boolean | symbol | bigint;\n\ntype _PartialDeep<T> = T extends Primitive\n ? T //\n : T extends object\n ? PartialObjectDeep<T>\n : unknown;\n\ntype PartialObjectDeep<ObjectType extends object> = {\n [KeyType in keyof ObjectType]?: _PartialDeep<ObjectType[KeyType]>;\n};\n\nexport type PartialDeep<T> = _PartialDeep<T>;\n","import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BOrganizationsDeleteResponse,\n B2BOrganizationsGetBySlugOptions,\n B2BOrganizationsGetBySlugResponse,\n B2BOrganizationsGetConnectedAppOptions,\n B2BOrganizationsGetConnectedAppResponse,\n B2BOrganizationsGetConnectedAppsResponse,\n B2BOrganizationsMemberDeleteMFAPhoneNumberResponse,\n B2BOrganizationsMemberDeleteMFATOTPResponse,\n B2BOrganizationsMemberDeletePasswordResponse,\n B2BOrganizationsMemberGetConnectedAppsOptions,\n B2BOrganizationsMemberGetConnectedAppsResponse,\n B2BOrganizationsMemberRevokeConnectedAppOptions,\n B2BOrganizationsMemberRevokeConnectedAppResponse,\n B2BOrganizationsMembersCreateOptions,\n B2BOrganizationsMembersCreateResponse,\n B2BOrganizationsMembersDeleteResponse,\n B2BOrganizationsMembersReactivateResponse,\n B2BOrganizationsMembersSearchOptions,\n B2BOrganizationsMembersSearchResponse,\n B2BOrganizationsMemberStartEmailUpdateOptions,\n B2BOrganizationsMemberStartEmailUpdateResponse,\n B2BOrganizationsMembersUpdateOptions,\n B2BOrganizationsMembersUpdateResponse,\n B2BOrganizationsMemberUnlinkRetiredEmailOptions,\n B2BOrganizationsMemberUnlinkRetiredEmailResponse,\n B2BOrganizationsUpdateOptions,\n B2BOrganizationsUpdateResponse,\n IHeadlessB2BOrganizationClient,\n MemberResponseCommon,\n Organization,\n OrganizationInfo,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BOrganizationClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOrganizationClient\n{\n constructor(\n private _networkClient: INetworkClient,\n private _apiNetworkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {}\n\n get = async (): Promise<Organization | null> => {\n const resp = await this._networkClient.fetchSDK<{ organization: Organization } & ResponseCommon>({\n url: `/b2b/organizations/me`,\n method: 'GET',\n });\n this._subscriptionService.updateOrganization(resp.organization);\n return resp.organization;\n };\n\n getSync = (): Organization | null => {\n return this._subscriptionService.getOrganization();\n };\n\n getInfo = (): OrganizationInfo => ({\n organization: this.getSync(),\n fromCache: this._subscriptionService.getFromCache(),\n });\n\n onChange = (callback: (organization: Organization | null) => void) => {\n return this._subscriptionService.subscribeToState((state) => callback(state?.organization ?? null));\n };\n\n update = async (data: B2BOrganizationsUpdateOptions): Promise<B2BOrganizationsUpdateResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BOrganizationsUpdateResponse>({\n url: `/b2b/organizations/me`,\n method: 'PUT',\n body: data,\n });\n\n this._subscriptionService.updateOrganization(resp.organization);\n return resp;\n };\n\n delete = async (): Promise<B2BOrganizationsDeleteResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BOrganizationsDeleteResponse>({\n url: `/b2b/organizations/me`,\n method: 'DELETE',\n });\n\n this._subscriptionService.destroyState();\n\n return resp;\n };\n\n getBySlug = async (data: B2BOrganizationsGetBySlugOptions): Promise<B2BOrganizationsGetBySlugResponse> => {\n validateInDev('stytch.organization.getBySlug', data, {\n organization_slug: 'string',\n });\n\n return this._networkClient.fetchSDK<B2BOrganizationsGetBySlugResponse>({\n url: `/b2b/organizations/search`,\n method: 'POST',\n body: data,\n });\n };\n\n getConnectedApps = async (): Promise<B2BOrganizationsGetConnectedAppsResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsGetConnectedAppsResponse>({\n url: '/b2b/organizations/connected_apps',\n method: 'GET',\n });\n };\n\n getConnectedApp = async (\n data: B2BOrganizationsGetConnectedAppOptions,\n ): Promise<B2BOrganizationsGetConnectedAppResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsGetConnectedAppResponse>({\n url: `/b2b/organizations/connected_apps/${data.connected_app_id}`,\n method: 'GET',\n });\n };\n\n members = {\n create: async (data: B2BOrganizationsMembersCreateOptions): Promise<B2BOrganizationsMembersCreateResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMembersCreateResponse>({\n url: `/b2b/organizations/members`,\n method: 'POST',\n body: data,\n });\n },\n search: async (data: B2BOrganizationsMembersSearchOptions): Promise<B2BOrganizationsMembersSearchResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMembersSearchResponse>({\n url: `/b2b/organizations/me/members/search`,\n method: 'POST',\n body: data,\n });\n },\n update: async (data: B2BOrganizationsMembersUpdateOptions): Promise<B2BOrganizationsMembersUpdateResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMembersUpdateResponse>({\n url: `/b2b/organizations/members/${data.member_id}`,\n method: 'PUT',\n body: data,\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n deletePassword: async (passwordId: string): Promise<B2BOrganizationsMemberDeletePasswordResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMemberDeletePasswordResponse>({\n url: `/b2b/organizations/members/passwords/${passwordId}`,\n method: 'DELETE',\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n deleteMFAPhoneNumber: async (memberId: string): Promise<B2BOrganizationsMemberDeleteMFAPhoneNumberResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMemberDeleteMFAPhoneNumberResponse>({\n url: `/b2b/organizations/members/mfa_phone_numbers/${memberId}`,\n method: 'DELETE',\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n deleteMFATOTP: async (memberId: string): Promise<B2BOrganizationsMemberDeleteMFATOTPResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMemberDeleteMFATOTPResponse>({\n url: `/b2b/organizations/members/totp/${memberId}`,\n method: 'DELETE',\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n delete: async (memberId: string): Promise<B2BOrganizationsMembersDeleteResponse> => {\n const response = await this._networkClient.fetchSDK<B2BOrganizationsMembersDeleteResponse>({\n url: `/b2b/organizations/members/${memberId}`,\n method: 'DELETE',\n });\n\n if (memberId === this._subscriptionService.getMember()?.member_id) {\n this._subscriptionService.destroyState();\n }\n\n return response;\n },\n reactivate: async (memberId: string): Promise<B2BOrganizationsMembersReactivateResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMembersReactivateResponse>({\n url: `/b2b/organizations/members/${memberId}/reactivate`,\n method: 'PUT',\n });\n },\n unlinkRetiredEmail: async (\n data: B2BOrganizationsMemberUnlinkRetiredEmailOptions,\n ): Promise<B2BOrganizationsMemberUnlinkRetiredEmailResponse> => {\n const { member_id, ...body } = data;\n const response = await this._apiNetworkClient.fetchSDK<B2BOrganizationsMemberUnlinkRetiredEmailResponse>({\n url: `/b2b/organizations/members/${member_id}/unlink_retired_email`,\n method: 'POST',\n body,\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n startEmailUpdate: async (\n data: B2BOrganizationsMemberStartEmailUpdateOptions,\n ): Promise<B2BOrganizationsMemberStartEmailUpdateResponse> => {\n const { member_id, ...body } = data;\n const response = await this._apiNetworkClient.fetchSDK<B2BOrganizationsMemberStartEmailUpdateResponse>({\n url: `/b2b/organizations/members/${member_id}/start_email_update`,\n method: 'POST',\n body,\n });\n\n this.updateMemberIfSelf(response);\n return response;\n },\n getConnectedApps: async (\n data: B2BOrganizationsMemberGetConnectedAppsOptions,\n ): Promise<B2BOrganizationsMemberGetConnectedAppsResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMemberGetConnectedAppsResponse>({\n url: `b2b/organizations/members/${data.member_id}/connected_apps`,\n method: 'GET',\n });\n },\n revokeConnectedApp: async (\n data: B2BOrganizationsMemberRevokeConnectedAppOptions,\n ): Promise<B2BOrganizationsMemberRevokeConnectedAppResponse> => {\n return this._networkClient.fetchSDK<B2BOrganizationsMemberRevokeConnectedAppResponse>({\n url: `/b2b/organizations/members/${data.member_id}/connected_apps/${data.connected_app_id}/revoke`,\n method: 'POST',\n });\n },\n };\n\n private updateMemberIfSelf = (response: MemberResponseCommon) => {\n if (response.member_id === this._subscriptionService.getMember()?.member_id) {\n this._subscriptionService.updateMember(response.member);\n }\n };\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BDiscoveryOTPEmailAuthenticateOptions,\n B2BDiscoveryOTPEmailAuthenticateResponse,\n B2BDiscoveryOTPEmailSendOptions,\n B2BDiscoveryOTPEmailSendResponse,\n B2BOTPsEmailAuthenticateOptions,\n B2BOTPsEmailAuthenticateResponse,\n B2BOTPsEmailLoginOrSignupOptions,\n B2BOTPsEmailLoginOrSignupResponse,\n B2BSMSAuthenticateOptions,\n B2BSMSAuthenticateResponse,\n B2BSMSSendOptions,\n B2BSMSSendResponse,\n IHeadlessB2BOTPsClient,\n} from '../../public/b2b/otps';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BOTPsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BOTPsClient<TProjectConfiguration>\n{\n sms: {\n send: (data: B2BSMSSendOptions) => Promise<B2BSMSSendResponse>;\n authenticate: (data: B2BSMSAuthenticateOptions) => Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>>;\n };\n\n email: {\n loginOrSignup: (data: B2BOTPsEmailLoginOrSignupOptions) => Promise<B2BOTPsEmailLoginOrSignupResponse>;\n authenticate: (\n data: B2BOTPsEmailAuthenticateOptions,\n ) => Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>;\n discovery: {\n send: (data: B2BDiscoveryOTPEmailSendOptions) => Promise<B2BDiscoveryOTPEmailSendResponse>;\n authenticate: (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ) => Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>>;\n };\n };\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.sms = {\n send: async (data: B2BSMSSendOptions): Promise<B2BSMSSendResponse> => {\n validateInDev('stytch.otps.sms.send', data, {\n organization_id: 'string',\n member_id: 'string',\n mfa_phone_number: 'optionalString',\n locale: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BSMSSendResponse>({\n url: '/b2b/otps/sms/send',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (data: B2BSMSAuthenticateOptions): Promise<B2BSMSAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.sms.authenticate', data, {\n session_duration_minutes: 'number',\n organization_id: 'string',\n member_id: 'string',\n code: 'string',\n set_mfa_enrollment: 'optionalString',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.retriableFetchSDK<B2BSMSAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/sms/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n };\n\n this.email = {\n loginOrSignup: async (data: B2BOTPsEmailLoginOrSignupOptions): Promise<B2BOTPsEmailLoginOrSignupResponse> => {\n validateInDev('stytch.otps.email.loginOrSignup', data, {\n organization_id: 'string',\n email_address: 'string',\n login_template_id: 'optionalString',\n signup_template_id: 'optionalString',\n locale: 'optionalString',\n login_expiration_minutes: 'optionalNumber',\n signup_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailLoginOrSignupResponse>({\n url: '/b2b/otps/email/login_or_signup',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BOTPsEmailAuthenticateOptions,\n ): Promise<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.authenticate', data, {\n code: 'string',\n email_address: 'string',\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<B2BOTPsEmailAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/otps/email/authenticate',\n body: {\n ...data,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n discovery: {\n send: async (data: B2BDiscoveryOTPEmailSendOptions): Promise<B2BDiscoveryOTPEmailSendResponse> => {\n validateInDev('stytch.otps.email.discovery.send', data, {\n email_address: 'string',\n login_template_id: 'optionalString',\n locale: 'optionalString',\n discovery_expiration_minutes: 'optionalNumber',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n };\n return this._networkClient.retriableFetchSDK<B2BDiscoveryOTPEmailSendResponse>({\n url: '/b2b/otps/email/discovery/send',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n data: B2BDiscoveryOTPEmailAuthenticateOptions,\n ): Promise<B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.otps.email.discovery.authenticate', data, {\n code: 'string',\n email_address: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n dfp_telemetry_id,\n captcha_token,\n ...data,\n };\n\n return this._networkClient.retriableFetchSDK<\n B2BDiscoveryOTPEmailAuthenticateResponse<TProjectConfiguration>\n >({\n url: '/b2b/otps/email/discovery/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n ),\n },\n };\n }\n}\n","import { IDFPProtectedAuthProvider } from '../../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../../NetworkClient';\nimport { IPKCEManager } from '../../PKCEManager';\nimport {\n B2BPasswordAuthenticateOptions,\n B2BPasswordAuthenticateResponse,\n B2BPasswordDiscoveryAuthenticateOptions,\n B2BPasswordDiscoveryAuthenticateResponse,\n B2BPasswordDiscoveryResetByEmailOptions,\n B2BPasswordDiscoveryResetByEmailResponse,\n B2BPasswordDiscoveryResetByEmailStartOptions,\n B2BPasswordDiscoveryResetByEmailStartResponse,\n B2BPasswordResetByEmailOptions,\n B2BPasswordResetByEmailResponse,\n B2BPasswordResetByEmailStartOptions,\n B2BPasswordResetByEmailStartResponse,\n B2BPasswordResetByExistingPasswordOptions,\n B2BPasswordResetByExistingPasswordResponse,\n B2BPasswordResetBySessionOptions,\n B2BPasswordResetBySessionResponse,\n B2BPasswordStrengthCheckOptions,\n B2BPasswordStrengthCheckResponse,\n IHeadlessB2BPasswordClient,\n} from '../../public/b2b/passwords';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForPasswordResets: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForPasswordResets: false,\n});\n\nexport class HeadlessB2BPasswordsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BPasswordClient<TProjectConfiguration>\n{\n authenticate: (\n options: B2BPasswordAuthenticateOptions,\n ) => Promise<B2BPasswordAuthenticateResponse<TProjectConfiguration>>;\n\n discovery: {\n resetByEmailStart: (\n options: B2BPasswordDiscoveryResetByEmailStartOptions,\n ) => Promise<B2BPasswordDiscoveryResetByEmailStartResponse>;\n resetByEmail: (\n options: B2BPasswordDiscoveryResetByEmailOptions,\n ) => Promise<B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>>;\n authenticate: (\n options: B2BPasswordDiscoveryAuthenticateOptions,\n ) => Promise<B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>>;\n };\n\n resetByEmail: (\n options: B2BPasswordResetByEmailOptions,\n ) => Promise<B2BPasswordResetByEmailResponse<TProjectConfiguration>>;\n\n resetByExistingPassword: (\n options: B2BPasswordResetByExistingPasswordOptions,\n ) => Promise<B2BPasswordResetByExistingPasswordResponse<TProjectConfiguration>>;\n\n resetBySession: (\n options: B2BPasswordResetBySessionOptions,\n ) => Promise<B2BPasswordResetBySessionResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordAuthenticateOptions,\n ): Promise<B2BPasswordAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.authenticate', options, {\n organization_id: 'string',\n password: 'string',\n email_address: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/passwords/authenticate',\n method: 'POST',\n body: {\n organization_id: options.organization_id,\n email_address: options.email_address,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n locale: options.locale,\n captcha_token,\n dfp_telemetry_id,\n code_verifier,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n\n this.discovery = {\n resetByEmailStart: async (\n options: B2BPasswordDiscoveryResetByEmailStartOptions,\n ): Promise<B2BPasswordDiscoveryResetByEmailStartResponse> => {\n validateInDev('stytch.passwords.discovery.resetByEmailStart', options, {\n email_address: 'string',\n discovery_redirect_url: 'optionalString',\n reset_password_redirect_url: 'optionalString',\n reset_password_template_id: 'optionalString',\n reset_password_expiration_minutes: 'optionalNumber',\n verify_email_template_id: 'optionalString',\n locale: 'optionalString',\n });\n\n const pkce_code_challenge = await this.getCodeChallenge();\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordDiscoveryResetByEmailStartResponse>({\n url: '/b2b/passwords/discovery/reset/start',\n method: 'POST',\n body: {\n email_address: options.email_address,\n discovery_redirect_url: options.discovery_redirect_url,\n reset_password_redirect_url: options.reset_password_redirect_url,\n reset_password_expiration_minutes: options.reset_password_expiration_minutes,\n reset_password_template_id: options.reset_password_template_id,\n verify_email_template_id: options.verify_email_template_id,\n locale: options.locale,\n pkce_code_challenge,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n resetByEmail: this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordDiscoveryResetByEmailOptions,\n ): Promise<B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.discovery.resetByEmail', options, {\n password_reset_token: 'string',\n password: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkPair = await this._pkceManager.getPKPair();\n const pkce_code_verifier = pkPair?.code_verifier;\n\n const resp = await this._networkClient.retriableFetchSDK<\n B2BPasswordDiscoveryResetByEmailResponse<TProjectConfiguration>\n >({\n url: '/b2b/passwords/discovery/reset',\n method: 'POST',\n body: {\n password_reset_token: options.password_reset_token,\n password: options.password,\n captcha_token,\n dfp_telemetry_id,\n pkce_code_verifier,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n },\n ),\n\n authenticate: this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordDiscoveryAuthenticateOptions,\n ): Promise<B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.discovery.authenticate', options, {\n password: 'string',\n email_address: 'string',\n });\n\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordDiscoveryAuthenticateResponse<TProjectConfiguration>>(\n {\n url: '/b2b/passwords/discovery/authenticate',\n method: 'POST',\n body: {\n email_address: options.email_address,\n password: options.password,\n captcha_token,\n dfp_telemetry_id,\n code_verifier,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n },\n );\n },\n ),\n };\n\n this.resetByEmail = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordResetByEmailOptions,\n ): Promise<B2BPasswordResetByEmailResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByEmail', options, {\n password_reset_token: 'string',\n password: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n\n const resp = await this._networkClient.retriableFetchSDK<\n B2BPasswordResetByEmailResponse<TProjectConfiguration>\n >({\n url: '/b2b/passwords/email/reset',\n method: 'POST',\n body: {\n password_reset_token: options.password_reset_token,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n locale: options.locale,\n captcha_token,\n dfp_telemetry_id,\n code_verifier: code_verifier,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n return resp;\n },\n );\n\n this.resetByExistingPassword = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordResetByExistingPasswordOptions,\n ): Promise<B2BPasswordResetByExistingPasswordResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByExistingPassword', options, {\n email_address: 'string',\n existing_password: 'string',\n new_password: 'string',\n locale: 'optionalString',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordResetByExistingPasswordResponse<TProjectConfiguration>>(\n {\n url: '/b2b/passwords/existing_password/reset',\n method: 'POST',\n body: {\n organization_id: options.organization_id,\n email_address: options.email_address,\n existing_password: options.existing_password,\n new_password: options.new_password,\n locale: options.locale,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n },\n );\n },\n );\n\n this.resetBySession = this._subscriptionService.withUpdateSession(\n async (\n options: B2BPasswordResetBySessionOptions,\n ): Promise<B2BPasswordResetBySessionResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetBySession', options, {\n password: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordResetBySessionResponse<TProjectConfiguration>>({\n url: '/b2b/passwords/session/reset',\n method: 'POST',\n body: {\n password: options.password,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForPasswordResets } = await this._config;\n if (!pkceRequiredForPasswordResets) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n async resetByEmailStart(options: B2BPasswordResetByEmailStartOptions): Promise<B2BPasswordResetByEmailStartResponse> {\n validateInDev('stytch.passwords.resetByEmailStart', options, {\n email_address: 'string',\n login_redirect_url: 'optionalString',\n reset_password_redirect_url: 'optionalString',\n reset_password_template_id: 'optionalString',\n reset_password_expiration_minutes: 'optionalNumber',\n verify_email_template_id: 'optionalString',\n locale: 'optionalString',\n });\n\n const code_challenge = await this.getCodeChallenge();\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<B2BPasswordResetByEmailStartResponse>({\n url: '/b2b/passwords/email/reset/start',\n method: 'POST',\n body: {\n organization_id: options.organization_id,\n email_address: options.email_address,\n login_redirect_url: options.login_redirect_url,\n reset_password_redirect_url: options.reset_password_redirect_url,\n reset_password_expiration_minutes: options.reset_password_expiration_minutes,\n reset_password_template_id: options.reset_password_template_id,\n verify_email_template_id: options.verify_email_template_id,\n locale: options.locale,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n }\n\n async strengthCheck(options: B2BPasswordStrengthCheckOptions): Promise<B2BPasswordStrengthCheckResponse> {\n validateInDev('stytch.passwords.strengthCheck', options, {\n email_address: 'optionalString',\n password: 'string',\n });\n\n return this._networkClient.fetchSDK<B2BPasswordStrengthCheckResponse>({\n url: '/b2b/passwords/strength_check',\n method: 'POST',\n body: {\n email_address: options.email_address,\n password: options.password,\n },\n });\n }\n}\n","export const WILDCARD_ACTION = '*';\n\nexport type RBACPolicyRole = {\n role_id: string;\n description: string;\n permissions: {\n resource_id: string;\n actions: string[];\n }[];\n};\n\nexport type RBACPolicyScope = {\n scope: string;\n description: string;\n permissions: {\n resource_id: string;\n actions: string[];\n }[];\n};\n\nexport type RBACPolicyResource = {\n resource_id: string;\n description: string;\n actions: string[];\n};\n\nexport type RBACPolicyRaw = {\n roles: RBACPolicyRole[];\n resources: RBACPolicyResource[];\n scopes: RBACPolicyScope[];\n};\n\n/**\n * RBACPolicy represents an instance of a parsed Stytch RBAC policy object\n * It contains methods for computing outcomes for various permissions questions\n */\nexport class RBACPolicy {\n private rolesByID: Record<string, RBACPolicyRole>;\n\n constructor(\n public roles: RBACPolicyRole[],\n public resources: RBACPolicyResource[],\n ) {\n this.rolesByID = {};\n roles.forEach((role) => (this.rolesByID[role.role_id] = role));\n }\n\n static fromJSON(input: RBACPolicyRaw): RBACPolicy {\n return new RBACPolicy(input.roles, input.resources);\n }\n\n /**\n * Merges organization custom roles with this project policy.\n * Custom roles are additive - they add additional roles on top of the base project policy.\n * Resources remain from the project policy, roles are combined.\n * @param customRoles Array of custom organization roles to add\n * @returns A new RBACPolicy instance with merged roles\n */\n mergeWithCustomRoles(customRoles: RBACPolicyRole[]): RBACPolicy {\n const mergedRoles = [...this.roles, ...customRoles];\n\n // Resources come from the project policy - custom roles don't define new resources\n return new RBACPolicy(mergedRoles, this.resources);\n }\n\n /**\n * isAuthorized returns whether or not a user with a specific set of roles can perform a desired action\n * @example\n * const canDoIt = policy.callerIsAuthorized(roles, 'files', 'create')\n * console.log(canDoIt) // true\n */\n callerIsAuthorized(memberRoles: string[], resourceId: string, action: string): boolean {\n return !!memberRoles\n .map((roleId) => this.rolesByID[roleId])\n // Defense in depth: filter out null/undefined in case memberRoles contains a role that doesn't match the policy\n // This may happen if the member is loaded _before_ a fresh RBAC policy is loaded\n .filter((v) => v)\n .flatMap((role) => role.permissions)\n .filter((permission) => permission.resource_id === resourceId)\n .find((permission) => permission.actions.includes(action) || permission.actions.includes(WILDCARD_ACTION));\n }\n\n /**\n * allPermissions generates a map that allows quick lookup of all the permissions available to the user\n * @example\n * const perms = policy.allPermissions(roles)\n * console.log(perms.files.create) // true\n * console.log(perms.files.delete) // false\n */\n allPermissionsForCaller(memberRoles: string[]): Record<string, Record<string, boolean>> {\n const allPermsMap: Record<string, Record<string, boolean>> = Object.create(null);\n this.resources.forEach((resource) => {\n allPermsMap[resource.resource_id] = {};\n resource.actions.forEach((action) => {\n allPermsMap[resource.resource_id][action] = this.callerIsAuthorized(memberRoles, resource.resource_id, action);\n });\n });\n return allPermsMap;\n }\n}\n","import { IHeadlessB2BRBACClient, PermissionsMap } from '../../public/b2b/rbac';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { RBACPolicy, RBACPolicyRaw } from '../../rbac';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { logger } from '../../utils';\n\ntype CachedConfig = {\n rbacPolicy: RBACPolicyRaw | null;\n};\n\ntype DynamicConfig = Promise<CachedConfig>;\n\nexport class HeadlessB2BRBACClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BRBACClient\n{\n private cachedPolicy: RBACPolicy | null;\n private policyPromise: Promise<RBACPolicy>;\n constructor(\n cachedConfig: CachedConfig,\n dynamicConfig: DynamicConfig,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.cachedPolicy = cachedConfig.rbacPolicy ? RBACPolicy.fromJSON(cachedConfig.rbacPolicy) : null;\n this.policyPromise = dynamicConfig.then((data) => {\n if (!data.rbacPolicy) {\n logger.error('Unable to retrieve RBAC policy from servers. Assuming caller has no permissions.');\n return new RBACPolicy([], []);\n }\n // Update the existing policy too, so isAuthorizedSync will be up-to-date\n this.cachedPolicy = RBACPolicy.fromJSON(data.rbacPolicy);\n return this.cachedPolicy;\n });\n }\n\n /**\n * Gets the effective policy for the current session by merging project policy with org custom roles\n */\n private async getEffectivePolicy(): Promise<RBACPolicy> {\n const projectPolicy = await this.policyPromise;\n const organization = this._subscriptionService.getOrganization();\n\n // If no org or no custom roles, just return project policy\n if (!organization?.custom_roles?.length) {\n return projectPolicy;\n }\n\n return projectPolicy.mergeWithCustomRoles(organization.custom_roles);\n }\n\n /**\n * Gets the effective policy synchronously for the current session\n * Uses cached policies only\n */\n private getEffectivePolicySync(): RBACPolicy | null {\n if (!this.cachedPolicy) {\n return null;\n }\n\n const organization = this._subscriptionService.getOrganization();\n\n // If no custom roles, just return project policy\n if (!organization?.custom_roles?.length) {\n return this.cachedPolicy;\n }\n\n return this.cachedPolicy.mergeWithCustomRoles(organization.custom_roles);\n }\n\n allPermissions<Permissions extends Record<string, string>>() {\n return this.getEffectivePolicy().then(\n (policy) => policy.allPermissionsForCaller(this.roleIds()) as PermissionsMap<Permissions>,\n );\n }\n\n isAuthorizedSync: IHeadlessB2BRBACClient['isAuthorizedSync'] = (resourceId, action) => {\n const effectivePolicy = this.getEffectivePolicySync();\n return !!effectivePolicy?.callerIsAuthorized(this.roleIds(), resourceId as string, action as unknown as string);\n };\n\n isAuthorized: IHeadlessB2BRBACClient['isAuthorized'] = (resourceId, action) => {\n return this.getEffectivePolicy().then((policy) =>\n policy.callerIsAuthorized(this.roleIds(), resourceId as string, action as unknown as string),\n );\n };\n\n private roleIds() {\n const session = this._subscriptionService.getSession();\n if (!session) {\n return [];\n }\n // Although session.roles is guaranteed to exist for fresh data, there is a minuscule chance\n // that the member session stored in localstorage clientside comes from before roles were added to\n // the API response - in which case session.roles will be undefined and this will crash\n // TODO: [AUTH-2294] We can safely remove this ~3mos after RBAC is released\n return session.roles ?? [];\n }\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n IHeadlessB2BRecoveryCodesClient,\n RecoveryCodeGetResponse,\n RecoveryCodeRecoverOptions,\n RecoveryCodeRecoverResponse,\n RecoveryCodeRotateResponse,\n} from '../../public/b2b/recoveryCodes';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BRecoveryCodesClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BRecoveryCodesClient<TProjectConfiguration>\n{\n recover: (data: RecoveryCodeRecoverOptions) => Promise<RecoveryCodeRecoverResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.recover = this._subscriptionService.withUpdateSession(\n async (data: RecoveryCodeRecoverOptions): Promise<RecoveryCodeRecoverResponse<TProjectConfiguration>> => {\n validateInDev('stytch.recoveryCodes.recover', data, {\n organization_id: 'string',\n member_id: 'string',\n recovery_code: 'string',\n session_duration_minutes: 'number',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n return this._networkClient.retriableFetchSDK<RecoveryCodeRecoverResponse<TProjectConfiguration>>({\n url: '/b2b/recovery_codes/recover',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n async rotate(): Promise<RecoveryCodeRotateResponse> {\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n return this._networkClient.retriableFetchSDK<RecoveryCodeRotateResponse>({\n url: '/b2b/recovery_codes/rotate',\n body: {\n dfp_telemetry_id,\n captcha_token,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n }\n\n async get(): Promise<RecoveryCodeGetResponse> {\n return this._networkClient.fetchSDK<RecoveryCodeGetResponse>({\n url: '/b2b/recovery_codes',\n method: 'GET',\n });\n }\n}\n","import { IB2BSubscriptionService, INetworkClient } from '../..';\nimport {\n B2BSCIMCreateConnectionOptions,\n B2BSCIMCreateConnectionResponse,\n B2BSCIMDeleteConnectionResponse,\n B2BSCIMGetConnectionGroupsOptions,\n B2BSCIMGetConnectionGroupsResponse,\n B2BSCIMGetConnectionResponse,\n B2BSCIMRotateCancelResponse,\n B2BSCIMRotateCompleteResponse,\n B2BSCIMRotateStartResponse,\n B2BSCIMUpdateConnectionOptions,\n B2BSCIMUpdateConnectionResponse,\n IHeadlessB2BSCIMClient,\n} from '../../public/b2b/scim';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BSCIMClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSCIMClient\n{\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {}\n\n async createConnection(data: B2BSCIMCreateConnectionOptions): Promise<B2BSCIMCreateConnectionResponse> {\n validateInDev('stytch.scim.createConnection', data, {\n display_name: 'optionalString',\n identity_provider: 'optionalString',\n });\n\n return await this._networkClient.fetchSDK<B2BSCIMCreateConnectionResponse>({\n url: '/b2b/scim',\n method: 'POST',\n body: data,\n });\n }\n\n async updateConnection(data: B2BSCIMUpdateConnectionOptions): Promise<B2BSCIMUpdateConnectionResponse> {\n validateInDev('stytch.scim.updateConnection', data, {\n connection_id: 'string',\n display_name: 'optionalString',\n identity_provider: 'optionalString',\n });\n\n return await this._networkClient.fetchSDK<B2BSCIMUpdateConnectionResponse>({\n url: `/b2b/scim/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n }\n\n async deleteConnection(connectionId: string): Promise<B2BSCIMDeleteConnectionResponse> {\n validateInDev(\n 'stytch.scim.deleteConnection',\n { connection_id: connectionId },\n {\n connection_id: 'string',\n },\n );\n\n return await this._networkClient.fetchSDK<B2BSCIMDeleteConnectionResponse>({\n url: `/b2b/scim/${connectionId}`,\n method: 'DELETE',\n });\n }\n\n async getConnection(): Promise<B2BSCIMGetConnectionResponse> {\n return await this._networkClient.fetchSDK<B2BSCIMGetConnectionResponse>({\n url: '/b2b/scim',\n method: 'GET',\n });\n }\n\n async getConnectionGroups(data: B2BSCIMGetConnectionGroupsOptions): Promise<B2BSCIMGetConnectionGroupsResponse> {\n validateInDev('stytch.scim.getConnectionGroups', data, {\n limit: 'optionalNumber',\n cursor: 'optionalString',\n });\n\n return await this._networkClient.fetchSDK<B2BSCIMGetConnectionGroupsResponse>({\n url: '/b2b/scim/groups',\n method: 'POST',\n body: data,\n });\n }\n\n async rotateStart(connectionId: string): Promise<B2BSCIMRotateStartResponse> {\n validateInDev(\n 'stytch.scim.rotateStart',\n { connectionId },\n {\n connectionId: 'string',\n },\n );\n return await this._networkClient.fetchSDK<B2BSCIMRotateStartResponse>({\n url: `/b2b/scim/rotate/start`,\n method: 'POST',\n body: { connection_id: connectionId },\n });\n }\n\n async rotateComplete(connectionId: string): Promise<B2BSCIMRotateCompleteResponse> {\n validateInDev(\n 'stytch.scim.rotateComplete',\n { connectionId },\n {\n connectionId: 'string',\n },\n );\n\n return await this._networkClient.fetchSDK<B2BSCIMRotateCompleteResponse>({\n url: `/b2b/scim/rotate/complete`,\n method: 'POST',\n body: { connection_id: connectionId },\n });\n }\n\n async rotateCancel(connectionId: string): Promise<B2BSCIMRotateCancelResponse> {\n validateInDev(\n 'stytch.scim.rotateCancel',\n { connectionId },\n {\n connectionId: 'string',\n },\n );\n\n return await this._networkClient.fetchSDK<B2BSCIMRotateCancelResponse>({\n url: `/b2b/scim/rotate/cancel`,\n method: 'POST',\n body: { connection_id: connectionId },\n });\n }\n}\n","import { INetworkClient } from '../../NetworkClient';\nimport {\n B2BMemberDeleteMFAPhoneNumberResponse,\n B2BMemberDeletePasswordResponse,\n B2BMemberGetConnectedAppsResponse,\n B2BMemberOnChangeCallback,\n B2BMemberRevokeConnectedAppOptions,\n B2BMemberRevokeConnectedAppResponse,\n B2BMemberStartEmailUpdateRequest,\n B2BMemberStartEmailUpdateResponse,\n B2BMemberUnlinkRetiredEmailRequest,\n B2BMemberUnlinkRetiredEmailResponse,\n B2BMemberUpdateOptions,\n B2BMemberUpdateResponse,\n IHeadlessB2BSelfClient,\n Member,\n MemberInfo,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../../public';\nimport { IB2BSubscriptionService } from '../../SubscriptionService';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BSelfClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSelfClient\n{\n constructor(\n private _networkClient: INetworkClient,\n private _apiNetworkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {}\n\n get = async (): Promise<Member | null> => {\n const resp = await this._networkClient.fetchSDK<{ member: Member } & ResponseCommon>({\n url: `/b2b/organizations/members/me`,\n method: 'GET',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp.member;\n };\n\n getSync = (): Member | null => {\n return this._subscriptionService.getMember();\n };\n\n getInfo = (): MemberInfo => ({\n member: this.getSync(),\n fromCache: this._subscriptionService.getFromCache(),\n });\n\n onChange = (callback: B2BMemberOnChangeCallback) => {\n return this._subscriptionService.subscribeToState((state) => callback(state?.member ?? null));\n };\n\n update = async (data: B2BMemberUpdateOptions): Promise<B2BMemberUpdateResponse> => {\n validateInDev('stytch.self.update', data, {\n name: 'optionalString',\n untrusted_metadata: 'optionalObject',\n mfa_enrolled: 'optionalBoolean',\n mfa_phone_number: 'optionalString',\n default_mfa_method: 'optionalString',\n });\n\n const resp = await this._networkClient.fetchSDK<B2BMemberUpdateResponse>({\n url: '/b2b/organizations/members/update',\n body: data,\n method: 'PUT',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n deleteMFAPhoneNumber = async (): Promise<B2BMemberDeleteMFAPhoneNumberResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BMemberDeleteMFAPhoneNumberResponse>({\n url: '/b2b/organizations/members/deletePhoneNumber',\n method: 'DELETE',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n deleteMFATOTP = async (): Promise<B2BMemberDeletePasswordResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BMemberDeletePasswordResponse>({\n url: `/b2b/organizations/members/deleteTOTP`,\n method: 'DELETE',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n deletePassword = async (passwordId: string): Promise<B2BMemberDeletePasswordResponse> => {\n const resp = await this._networkClient.fetchSDK<B2BMemberDeletePasswordResponse>({\n url: `/b2b/organizations/members/passwords/${passwordId}`,\n method: 'DELETE',\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n unlinkRetiredEmail = async (\n data: B2BMemberUnlinkRetiredEmailRequest,\n ): Promise<B2BMemberUnlinkRetiredEmailResponse> => {\n const resp = await this._apiNetworkClient.fetchSDK<B2BMemberUnlinkRetiredEmailResponse>({\n url: '/b2b/organizations/members/unlink_retired_email',\n method: 'POST',\n body: data,\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n startEmailUpdate = async (data: B2BMemberStartEmailUpdateRequest): Promise<B2BMemberStartEmailUpdateResponse> => {\n const resp = await this._apiNetworkClient.fetchSDK<B2BMemberStartEmailUpdateResponse>({\n url: '/b2b/organizations/members/start_email_update',\n method: 'POST',\n body: data,\n });\n this._subscriptionService.updateMember(resp.member);\n return resp;\n };\n\n getConnectedApps = async (): Promise<B2BMemberGetConnectedAppsResponse> => {\n return this._networkClient.fetchSDK<B2BMemberGetConnectedAppsResponse>({\n url: '/b2b/organizations/members/connected_apps',\n method: 'GET',\n });\n };\n\n revokeConnectedApp = async (\n data: B2BMemberRevokeConnectedAppOptions,\n ): Promise<B2BMemberRevokeConnectedAppResponse> => {\n return this._networkClient.fetchSDK<B2BMemberRevokeConnectedAppResponse>({\n url: `/b2b/organizations/members/connected_apps/${data.connected_app_id}/revoke`,\n method: 'POST',\n });\n };\n}\n","import { ExtractOpaqueTokens, IB2BSubscriptionService, IfOpaqueTokens, INetworkClient } from '../..';\nimport {\n B2BSessionAccessTokenExchangeOptions,\n B2BSessionAccessTokenExchangeResponse,\n B2BSessionAttestOptions,\n B2BSessionAttestResponse,\n B2BSessionAuthenticateResponse,\n B2BSessionExchangeOptions,\n B2BSessionExchangeResponse,\n B2BSessionOnChangeCallback,\n B2BSessionRevokeOptions,\n IHeadlessB2BSessionClient,\n MemberSessionInfo,\n SessionAuthenticateOptions,\n SessionRevokeResponse,\n SessionTokens,\n SessionTokensUpdate,\n StytchProjectConfigurationInput,\n UNRECOVERABLE_ERROR_TYPES,\n} from '../../public';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BSessionClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSessionClient<TProjectConfiguration>\n{\n getSync = () => {\n return this._subscriptionService.getSession();\n };\n\n getInfo = (): MemberSessionInfo => ({\n session: this.getSync(),\n fromCache: this._subscriptionService.getFromCache(),\n });\n\n onChange = (callback: B2BSessionOnChangeCallback) => {\n return this._subscriptionService.subscribeToState((state) => callback(state?.session ?? null));\n };\n\n revoke = async (options?: B2BSessionRevokeOptions) => {\n /**\n * Revoke destroys the local state if the API request is successful\n * or if we return an unrecoverable error (user is unauthenticated)\n * or if the developer passes in a forceClear option.\n * If the API request returns a recoverable error (the user is offline),\n * we do not destroy the local state to let the developer manually add retry\n * logic to call revoke again.\n */\n try {\n const resp = await this._networkClient.fetchSDK<SessionRevokeResponse>({\n url: `/b2b/sessions/revoke`,\n method: 'POST',\n });\n\n this._subscriptionService.destroyState();\n\n return resp;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n } catch (error: any) {\n if (options?.forceClear) {\n this._subscriptionService.destroyState();\n } else if (UNRECOVERABLE_ERROR_TYPES.includes(error.error_type)) {\n this._subscriptionService.destroyState();\n }\n throw error;\n }\n };\n\n revokeForMember = async (options: { member_id: string }) => {\n validateInDev('stytch.session.revokeForMember', options, {\n member_id: 'string',\n });\n\n return await this._networkClient.fetchSDK<SessionRevokeResponse>({\n url: `/b2b/sessions/revoke/${options.member_id}`,\n method: 'POST',\n });\n };\n\n private _authenticate = async (\n options?: SessionAuthenticateOptions,\n ): Promise<B2BSessionAuthenticateResponse<TProjectConfiguration>> => {\n const initialSession = this._subscriptionService.getSession();\n const isSessionStale = () =>\n initialSession?.member_session_id !== this._subscriptionService.getSession()?.member_session_id;\n\n try {\n const requestBody = {\n session_duration_minutes: options?.session_duration_minutes,\n };\n const resp = await this._networkClient.fetchSDK<B2BSessionAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/authenticate',\n body: requestBody,\n method: 'POST',\n });\n\n if (isSessionStale()) {\n // [SDK-1336] The session was updated out from under us while the\n // request was in flight; discard the response and retry\n return this._authenticate(options);\n }\n\n return resp;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n } catch (error: any) {\n if (isSessionStale()) {\n // [SDK-1336] The session was updated out from under us while the\n // request was in flight; discard the response and retry\n return this._authenticate(options);\n }\n\n if (UNRECOVERABLE_ERROR_TYPES.includes(error.error_type)) {\n this._subscriptionService.destroySession();\n }\n throw error;\n }\n };\n\n authenticate: (\n options?: SessionAuthenticateOptions,\n ) => Promise<B2BSessionAuthenticateResponse<TProjectConfiguration>>;\n\n exchange: (data: B2BSessionExchangeOptions) => Promise<B2BSessionExchangeResponse<TProjectConfiguration>>;\n\n exchangeAccessToken: (\n data: B2BSessionAccessTokenExchangeOptions,\n ) => Promise<B2BSessionAccessTokenExchangeResponse<TProjectConfiguration>>;\n\n attest: (data: B2BSessionAttestOptions) => Promise<B2BSessionAttestResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(this._authenticate);\n\n this.exchange = this._subscriptionService.withUpdateSession(async (data: B2BSessionExchangeOptions) => {\n validateInDev('stytch.session.exchange', data, {\n organization_id: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n return this._networkClient.fetchSDK<B2BSessionExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/exchange',\n body: data,\n method: 'POST',\n });\n });\n\n this.exchangeAccessToken = this._subscriptionService.withUpdateSession(\n async (data: B2BSessionAccessTokenExchangeOptions) => {\n validateInDev('stytch.session.exchange', data, {\n access_token: 'string',\n session_duration_minutes: 'number',\n });\n return this._networkClient.fetchSDK<B2BSessionAccessTokenExchangeResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/exchange_access_token',\n body: data,\n method: 'POST',\n });\n },\n );\n\n this.attest = this._subscriptionService.withUpdateSession(async (data: B2BSessionAttestOptions) => {\n validateInDev('stytch.session.attest', data, {\n organization_id: 'optionalString',\n profile_id: 'string',\n token: 'string',\n session_duration_minutes: 'optionalNumber',\n });\n\n return this._networkClient.fetchSDK<B2BSessionAttestResponse<TProjectConfiguration>>({\n url: '/b2b/sessions/attest',\n body: data,\n method: 'POST',\n });\n });\n }\n\n getTokens() {\n return this._subscriptionService.getTokens() as IfOpaqueTokens<\n ExtractOpaqueTokens<TProjectConfiguration>,\n never,\n SessionTokens | null\n >;\n }\n\n updateSession(tokens: SessionTokensUpdate): void {\n validateInDev('stytch.session.updateSession', tokens, {\n session_token: 'string',\n session_jwt: 'optionalString',\n });\n this._subscriptionService.updateTokens(tokens);\n }\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient, IPKCEManager } from '../..';\nimport {\n B2BSSOCreateExternalConnectionOptions,\n B2BSSOCreateExternalConnectionResponse,\n B2BSSODeleteConnectionResponse,\n B2BSSODiscoverConnectionsResponse,\n B2BSSOGetConnectionsResponse,\n B2BSSOOIDCCreateConnectionOptions,\n B2BSSOOIDCCreateConnectionResponse,\n B2BSSOOIDCUpdateConnectionOptions,\n B2BSSOOIDCUpdateConnectionResponse,\n B2BSSOSAMLCreateConnectionOptions,\n B2BSSOSAMLCreateConnectionResponse,\n B2BSSOSAMLDeleteEncryptionPrivateKeyOptions,\n B2BSSOSAMLDeleteEncryptionPrivateKeyResponse,\n B2BSSOSAMLDeleteVerificationCertificateOptions,\n B2BSSOSAMLDeleteVerificationCertificateResponse,\n B2BSSOSAMLUpdateConnectionByURLOptions,\n B2BSSOSAMLUpdateConnectionByURLResponse,\n B2BSSOSAMLUpdateConnectionOptions,\n B2BSSOSAMLUpdateConnectionResponse,\n B2BSSOUpdateExternalConnectionOptions,\n B2BSSOUpdateExternalConnectionResponse,\n IHeadlessB2BSSOClient,\n SSOAuthenticateOptions,\n SSOAuthenticateResponse,\n SSOStartOptions,\n} from '../../public';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { isTestPublicToken, logger } from '../../utils';\nimport { validateInDev } from '../../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForSso: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport class HeadlessB2BSSOClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BSSOClient<TProjectConfiguration>\n{\n authenticate: (options: SSOAuthenticateOptions) => Promise<SSOAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n protected _networkClient: INetworkClient,\n protected _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n protected _pkceManager: IPKCEManager,\n protected _dynamicConfig: DynamicConfig,\n protected _config: Config,\n protected dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(async (options: SSOAuthenticateOptions) => {\n validateInDev('stytch.sso.authenticate', options, {\n sso_token: 'string',\n session_duration_minutes: 'number',\n locale: 'optionalString',\n });\n\n const keyPair = await this._pkceManager.getPKPair();\n\n if (!keyPair) {\n logger.warn(\n 'No code verifier found in local storage for SSO flow.\\n' +\n 'Consider using stytch.sso.start() to add PKCE to your SSO flows for added security.\\n' +\n 'See https://stytch.com/docs/oauth#guides_pkce for more information.',\n );\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<SSOAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/sso/authenticate',\n method: 'POST',\n body: {\n pkce_code_verifier: keyPair?.code_verifier,\n ...options,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return resp;\n });\n }\n\n protected async getBaseApiUrl() {\n // Our TestAPIURL and LiveAPIURL should have the HTTPS protocol already attached\n // Don't add it twice!\n if (isTestPublicToken(this._config.publicToken)) {\n return this._config.testAPIURL;\n }\n return this._config.liveAPIURL;\n }\n\n async start({ connection_id, login_redirect_url, signup_redirect_url }: SSOStartOptions): Promise<void> {\n const { pkceRequiredForSso } = await this._dynamicConfig;\n const baseURL = await this.getBaseApiUrl();\n\n const startUrl = new URL(`${baseURL}/v1/public/sso/start`);\n startUrl.searchParams.set('public_token', this._config.publicToken);\n startUrl.searchParams.set('connection_id', connection_id);\n\n if (pkceRequiredForSso) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n startUrl.searchParams.set('pkce_code_challenge', keyPair.code_challenge);\n } else {\n this._pkceManager.clearPKPair();\n }\n\n if (login_redirect_url) startUrl.searchParams.set('login_redirect_url', login_redirect_url);\n if (signup_redirect_url) startUrl.searchParams.set('signup_redirect_url', signup_redirect_url);\n\n this.navigate(startUrl);\n }\n\n // Public so it can be mocked in tests\n navigate(url: URL) {\n window.location.href = url.toString();\n }\n\n async getConnections(): Promise<B2BSSOGetConnectionsResponse> {\n return await this._networkClient.fetchSDK<B2BSSOGetConnectionsResponse>({\n url: '/b2b/sso',\n method: 'GET',\n });\n }\n\n async discoverConnections(emailAddress: string): Promise<B2BSSODiscoverConnectionsResponse> {\n return await this._networkClient.fetchSDK<B2BSSODiscoverConnectionsResponse>({\n url: `/b2b/sso/discovery/connections?email_address=${encodeURIComponent(emailAddress)}`,\n method: 'GET',\n });\n }\n\n async deleteConnection(connectionId: string): Promise<B2BSSODeleteConnectionResponse> {\n return this._networkClient.fetchSDK<B2BSSODeleteConnectionResponse>({\n url: `/b2b/sso/${connectionId}`,\n method: 'DELETE',\n });\n }\n\n saml = {\n createConnection: async (data: B2BSSOSAMLCreateConnectionOptions): Promise<B2BSSOSAMLCreateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLCreateConnectionResponse>({\n url: '/b2b/sso/saml',\n method: 'POST',\n body: data,\n });\n },\n updateConnection: async (data: B2BSSOSAMLUpdateConnectionOptions): Promise<B2BSSOSAMLUpdateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLUpdateConnectionResponse>({\n url: `/b2b/sso/saml/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n },\n updateConnectionByURL: async (\n data: B2BSSOSAMLUpdateConnectionByURLOptions,\n ): Promise<B2BSSOSAMLUpdateConnectionByURLResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLUpdateConnectionResponse>({\n url: `/b2b/sso/saml/${data.connection_id}/url`,\n method: 'PUT',\n body: data,\n });\n },\n deleteVerificationCertificate: async (\n data: B2BSSOSAMLDeleteVerificationCertificateOptions,\n ): Promise<B2BSSOSAMLDeleteVerificationCertificateResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLDeleteVerificationCertificateResponse>({\n url: `/b2b/sso/saml/${data.connection_id}/verification_certificates/${data.certificate_id}`,\n method: 'DELETE',\n });\n },\n deleteEncryptionPrivateKey: async (\n data: B2BSSOSAMLDeleteEncryptionPrivateKeyOptions,\n ): Promise<B2BSSOSAMLDeleteEncryptionPrivateKeyResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOSAMLDeleteEncryptionPrivateKeyResponse>({\n url: `/b2b/sso/saml/${data.connection_id}/encryption_private_key/${data.private_key_id}`,\n method: 'DELETE',\n });\n },\n };\n\n oidc = {\n createConnection: async (data: B2BSSOOIDCCreateConnectionOptions): Promise<B2BSSOOIDCCreateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOOIDCCreateConnectionResponse>({\n url: '/b2b/sso/oidc',\n method: 'POST',\n body: data,\n });\n },\n updateConnection: async (data: B2BSSOOIDCUpdateConnectionOptions): Promise<B2BSSOOIDCUpdateConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOOIDCUpdateConnectionResponse>({\n url: `/b2b/sso/oidc/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n },\n };\n\n external = {\n createConnection: async (\n data: B2BSSOCreateExternalConnectionOptions,\n ): Promise<B2BSSOCreateExternalConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOCreateExternalConnectionResponse>({\n url: '/b2b/sso/external',\n method: 'POST',\n body: data,\n });\n },\n updateConnection: async (\n data: B2BSSOUpdateExternalConnectionOptions,\n ): Promise<B2BSSOUpdateExternalConnectionResponse> => {\n return await this._networkClient.fetchSDK<B2BSSOUpdateExternalConnectionResponse>({\n url: `/b2b/sso/external/${data.connection_id}`,\n method: 'PUT',\n body: data,\n });\n },\n };\n}\n","import { IB2BSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '../..';\nimport {\n B2BTOTPAuthenticateOptions,\n B2BTOTPAuthenticateResponse,\n B2BTOTPCreateOptions,\n B2BTOTPCreateResponse,\n IHeadlessB2BTOTPsClient,\n} from '../../public/b2b/totp';\nimport { StytchProjectConfigurationInput } from '../../public/typeConfig';\nimport { validateInDev } from '../../utils/dev';\n\nexport class HeadlessB2BTOTPsClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessB2BTOTPsClient<TProjectConfiguration>\n{\n authenticate: (data: B2BTOTPAuthenticateOptions) => Promise<B2BTOTPAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (data: B2BTOTPAuthenticateOptions): Promise<B2BTOTPAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.totp.authenticate', data, {\n organization_id: 'string',\n member_id: 'string',\n code: 'string',\n session_duration_minutes: 'number',\n set_mfa_enrollment: 'optionalString',\n set_default_mfa: 'optionalBoolean',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: this._subscriptionService.getIntermediateSessionToken() || undefined,\n };\n\n return this._networkClient.retriableFetchSDK<B2BTOTPAuthenticateResponse<TProjectConfiguration>>({\n url: '/b2b/totp/authenticate',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n async create(data: B2BTOTPCreateOptions): Promise<B2BTOTPCreateResponse> {\n validateInDev('stytch.totp.create', data, {\n organization_id: 'string',\n member_id: 'string',\n expiration_minutes: 'optionalNumber',\n });\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const response = await this._networkClient.retriableFetchSDK<B2BTOTPCreateResponse>({\n url: '/b2b/totp',\n body: {\n ...data,\n dfp_telemetry_id,\n captcha_token,\n intermediate_session_token: (await this._subscriptionService.getIntermediateSessionToken()) || undefined,\n },\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n if (response.member_id === this._subscriptionService.getMember()?.member_id) {\n this._subscriptionService.updateMember(response.member);\n }\n\n return response;\n }\n}\n","import { IConsumerSubscriptionService, IDFPProtectedAuthProvider, INetworkClient } from '..';\nimport {\n CryptoWalletAuthenticateOptions,\n CryptoWalletAuthenticateResponse,\n CryptoWalletAuthenticateStartOptions,\n CryptoWalletAuthenticateStartResponse,\n IHeadlessCryptoWalletClient,\n StytchProjectConfigurationInput,\n} from '../public';\nimport { omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\ntype DynamicConfig = Promise<{\n siweRequiredForCryptoWallets: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n siweRequiredForCryptoWallets: false,\n});\n\nexport class HeadlessCryptoWalletClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessCryptoWalletClient<TProjectConfiguration>\n{\n authenticate: (\n options: CryptoWalletAuthenticateOptions,\n ) => Promise<CryptoWalletAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _apiNetworkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private executeRecaptcha: () => Promise<string | undefined> = () => Promise.resolve(undefined),\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n private _config: DynamicConfig = DefaultDynamicConfig,\n ) {\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (\n options: CryptoWalletAuthenticateOptions,\n ): Promise<CryptoWalletAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.cryptoWallets.authenticate', options, {\n signature: 'string',\n crypto_wallet_address: 'string',\n crypto_wallet_type: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._apiNetworkClient.retriableFetchSDK<\n WithUser<CryptoWalletAuthenticateResponse<TProjectConfiguration>>\n >({\n url: '/crypto_wallets/authenticate',\n method: 'POST',\n body: {\n session_duration_minutes: options.session_duration_minutes,\n crypto_wallet_address: options.crypto_wallet_address,\n crypto_wallet_type: options.crypto_wallet_type,\n signature: options.signature,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n }\n\n async authenticateStart(\n options: CryptoWalletAuthenticateStartOptions,\n ): Promise<CryptoWalletAuthenticateStartResponse> {\n validateInDev('stytch.cryptoWallets.authenticateStart', options, {\n crypto_wallet_address: 'string',\n crypto_wallet_type: 'string',\n });\n if (options.siwe_params) {\n validateInDev('stytch.cryptoWallets.authenticateStart', options.siwe_params, {\n uri: 'optionalString',\n chain_id: 'optionalString',\n issued_at: 'optionalString',\n statement: 'optionalString',\n not_before: 'optionalString',\n message_request_id: 'optionalString',\n resources: 'optionalStringArray',\n });\n }\n\n const isLoggedIn = !!this._subscriptionService.getSession();\n const captcha_token = await this.executeRecaptcha();\n const { siweRequiredForCryptoWallets } = await this._config;\n\n const body: CryptoWalletAuthenticateStartOptions = {\n crypto_wallet_address: options.crypto_wallet_address,\n crypto_wallet_type: options.crypto_wallet_type,\n };\n if (siweRequiredForCryptoWallets && options.crypto_wallet_type == 'ethereum') {\n body.siwe_params = { ...options.siwe_params, uri: options.siwe_params?.uri || window.location.origin };\n }\n\n const endpoint = isLoggedIn\n ? '/crypto_wallets/authenticate/start/secondary'\n : '/crypto_wallets/authenticate/start/primary';\n\n const requestBody = {\n ...body,\n captcha_token,\n };\n return this._apiNetworkClient.fetchSDK<CryptoWalletAuthenticateStartResponse>({\n url: endpoint,\n method: 'POST',\n body: requestBody,\n });\n }\n}\n","import { IConsumerSubscriptionService } from '..';\nimport { IDFPProtectedAuthProvider } from '../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../NetworkClient';\nimport { IPKCEManager } from '../PKCEManager';\nimport {\n IHeadlessMagicLinksClient,\n MagicLinksAuthenticateOptions,\n MagicLinksAuthenticateResponse,\n MagicLinksLoginOrCreateOptions,\n MagicLinksLoginOrCreateResponse,\n MagicLinksSendOptions,\n MagicLinksSendResponse,\n ResponseCommon,\n StytchProjectConfigurationInput,\n} from '../public';\nimport { omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForEmailMagicLinks: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForEmailMagicLinks: false,\n});\n\nexport class HeadlessMagicLinksClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessMagicLinksClient<TProjectConfiguration>\n{\n email: {\n loginOrCreate: (email: string, options?: MagicLinksLoginOrCreateOptions) => Promise<ResponseCommon>;\n send: (email: string, options?: MagicLinksSendOptions) => Promise<ResponseCommon>;\n };\n\n authenticate: (\n token: string,\n options: MagicLinksAuthenticateOptions,\n ) => Promise<MagicLinksAuthenticateResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _passwordResetPKCEManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.email = {\n loginOrCreate: async (email: string, options: MagicLinksLoginOrCreateOptions = {}): Promise<ResponseCommon> => {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n\n let code_challenge: string | undefined = undefined;\n if (pkceRequiredForEmailMagicLinks) {\n code_challenge = await this.getCodeChallenge();\n }\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...options,\n email,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n };\n return this._networkClient.retriableFetchSDK<MagicLinksLoginOrCreateResponse>({\n url: '/magic_links/email/login_or_create',\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n\n send: async (email: string, options: MagicLinksSendOptions = {}): Promise<ResponseCommon> => {\n const { pkceRequiredForEmailMagicLinks } = await this._config;\n\n let code_challenge: string | undefined = undefined;\n if (pkceRequiredForEmailMagicLinks) {\n code_challenge = await this.getCodeChallenge();\n }\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const requestBody = {\n ...options,\n email,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n };\n const isLoggedIn = !!this._subscriptionService.getSession();\n\n const endpoint = isLoggedIn ? '/magic_links/email/send/secondary' : '/magic_links/email/send/primary';\n\n return this._networkClient.retriableFetchSDK<MagicLinksSendResponse>({\n url: endpoint,\n body: requestBody,\n method: 'POST',\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n };\n\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (token: string, options: MagicLinksAuthenticateOptions) => {\n validateInDev(\n 'stytch.magicLinks.authenticate',\n { token, ...options },\n {\n token: 'string',\n session_duration_minutes: 'number',\n },\n );\n\n // When a user resets their password with PKCE turned on, they create a pkPair in the 'passwords' namespace.\n // However, when the user gets the reset password email, they have the option to log in without a password.\n // This redirects them to the magic link authenticate flow, which automatically looks for the pkce code_verifier\n // in the 'magic_links' namespace, breaking the flow. Unfortunately we won't know for sure in the eml authenticate call\n // whether or not the user is coming from a password reset flow. To handle this, we have to try to authenticate with\n // both the 'passwords' and 'magic_links' code_verifiers.\n const passwordResetPKPair = await this._passwordResetPKCEManager.getPKPair();\n\n let resp: WithUser<MagicLinksAuthenticateResponse<TProjectConfiguration>> | null = null;\n\n if (passwordResetPKPair?.code_verifier) {\n try {\n resp = await this.handlePKCEForAuthenticate(this._passwordResetPKCEManager, { token, ...options });\n } catch (e) {\n if ((e as Error).message.includes('pkce')) {\n // If pkce-related error, fall back to magic links code_verifier\n // eslint-disable-next-line no-console\n console.log(\n 'Authenticate with passwords pkce namespace failed. Falling back to authenticate with magic_links namespace.',\n );\n } else {\n throw e;\n }\n }\n }\n\n if (!resp) {\n resp = await this.handlePKCEForAuthenticate(this._pkceManager, { token, ...options });\n }\n\n return omitUser(resp);\n },\n );\n }\n\n private async getCodeChallenge(): Promise<string> {\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n private async handlePKCEForAuthenticate(\n pkceManager: IPKCEManager,\n data: MagicLinksAuthenticateOptions & { token: string },\n ): Promise<WithUser<MagicLinksAuthenticateResponse<TProjectConfiguration>>> {\n const pkPair = await pkceManager.getPKPair();\n\n const requestBody = {\n code_verifier: pkPair?.code_verifier,\n ...data,\n };\n\n const resp = await this._networkClient.fetchSDK<WithUser<MagicLinksAuthenticateResponse<TProjectConfiguration>>>({\n url: '/magic_links/authenticate',\n body: requestBody,\n method: 'POST',\n });\n\n pkceManager.clearPKPair();\n\n return resp;\n }\n}\n","import { IConsumerSubscriptionService } from '..';\nimport { IDFPProtectedAuthProvider } from '../DFPProtectedAuthProvider';\nimport { INetworkClient } from '../NetworkClient';\nimport { IPKCEManager } from '../PKCEManager';\nimport {\n IHeadlessPasswordClient,\n PasswordAuthenticateOptions,\n PasswordAuthenticateResponse,\n PasswordCreateOptions,\n PasswordCreateResponse,\n PasswordResetByEmailOptions,\n PasswordResetByEmailResponse,\n PasswordResetByEmailStartOptions,\n PasswordResetByEmailStartResponse,\n PasswordResetByExistingPasswordOptions,\n PasswordResetByExistingPasswordResponse,\n PasswordResetBySessionOptions,\n PasswordResetBySessionResponse,\n PasswordStrengthCheckOptions,\n PasswordStrengthCheckResponse,\n StytchProjectConfigurationInput,\n} from '../public';\nimport { omitUser, WithUser } from '../utils';\nimport { validateInDev } from '../utils/dev';\n\ntype DynamicConfig = Promise<{\n pkceRequiredForPasswordResets: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForPasswordResets: false,\n});\n\nexport class HeadlessPasswordClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n implements IHeadlessPasswordClient<TProjectConfiguration>\n{\n create: (options: PasswordCreateOptions) => Promise<PasswordCreateResponse<TProjectConfiguration>>;\n\n authenticate: (options: PasswordAuthenticateOptions) => Promise<PasswordAuthenticateResponse<TProjectConfiguration>>;\n\n resetByEmail: (options: PasswordResetByEmailOptions) => Promise<PasswordResetByEmailResponse<TProjectConfiguration>>;\n\n resetByExistingPassword: (\n options: PasswordResetByExistingPasswordOptions,\n ) => Promise<PasswordResetByExistingPasswordResponse<TProjectConfiguration>>;\n\n resetBySession: (\n options: PasswordResetBySessionOptions,\n ) => Promise<PasswordResetBySessionResponse<TProjectConfiguration>>;\n\n constructor(\n private _networkClient: INetworkClient,\n private _subscriptionService: IConsumerSubscriptionService<TProjectConfiguration>,\n private _pkceManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {\n this.create = this._subscriptionService.withUpdateSession(\n async (options: PasswordCreateOptions): Promise<PasswordCreateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.create', options, {\n password: 'string',\n email: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordCreateResponse<TProjectConfiguration>>\n >({\n url: '/passwords',\n method: 'POST',\n body: {\n email: options.email,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n\n this.authenticate = this._subscriptionService.withUpdateSession(\n async (options: PasswordAuthenticateOptions): Promise<PasswordAuthenticateResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.authenticate', options, {\n password: 'string',\n email: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordAuthenticateResponse<TProjectConfiguration>>\n >({\n url: '/passwords/authenticate',\n method: 'POST',\n body: {\n email: options.email,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n\n this.resetByEmail = this._subscriptionService.withUpdateSession(\n async (options: PasswordResetByEmailOptions): Promise<PasswordResetByEmailResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByEmail', options, {\n token: 'string',\n password: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n const pkPair = await this._pkceManager.getPKPair();\n const code_verifier = pkPair?.code_verifier;\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordResetByEmailResponse<TProjectConfiguration>>\n >({\n url: '/passwords/email/reset',\n method: 'POST',\n body: {\n token: options.token,\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n captcha_token,\n code_verifier,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n this._pkceManager.clearPKPair();\n\n return omitUser(resp);\n },\n );\n\n this.resetByExistingPassword = this._subscriptionService.withUpdateSession(\n async (\n options: PasswordResetByExistingPasswordOptions,\n ): Promise<PasswordResetByExistingPasswordResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetByExistingPassword', options, {\n email: 'string',\n existing_password: 'string',\n new_password: 'string',\n session_duration_minutes: 'number',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n const resp = await this._networkClient.retriableFetchSDK<\n WithUser<PasswordResetByExistingPasswordResponse<TProjectConfiguration>>\n >({\n url: '/passwords/existing_password/reset',\n method: 'POST',\n body: {\n email: options.email,\n existing_password: options.existing_password,\n new_password: options.new_password,\n session_duration_minutes: options.session_duration_minutes,\n dfp_telemetry_id,\n captcha_token,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n\n return omitUser(resp);\n },\n );\n\n this.resetBySession = this._subscriptionService.withUpdateSession(\n async (\n options: PasswordResetBySessionOptions,\n ): Promise<PasswordResetBySessionResponse<TProjectConfiguration>> => {\n validateInDev('stytch.passwords.resetBySession', options, {\n password: 'string',\n });\n\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<PasswordResetBySessionResponse<TProjectConfiguration>>({\n url: '/passwords/session/reset',\n method: 'POST',\n body: {\n password: options.password,\n session_duration_minutes: options.session_duration_minutes,\n dfp_telemetry_id,\n captcha_token,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n },\n );\n }\n\n private async getCodeChallenge(): Promise<string | undefined> {\n const { pkceRequiredForPasswordResets } = await this._config;\n if (!pkceRequiredForPasswordResets) {\n return undefined;\n }\n let keyPair = await this._pkceManager.getPKPair();\n if (keyPair) {\n return keyPair.code_challenge;\n }\n keyPair = await this._pkceManager.startPKCETransaction();\n return keyPair.code_challenge;\n }\n\n async resetByEmailStart(options: PasswordResetByEmailStartOptions): Promise<PasswordResetByEmailStartResponse> {\n validateInDev('stytch.passwords.resetByEmailStart', options, {\n email: 'string',\n login_redirect_url: 'optionalString',\n reset_password_redirect_url: 'optionalString',\n reset_password_template_id: 'optionalString',\n reset_password_expiration_minutes: 'optionalNumber',\n locale: 'optionalString',\n });\n\n const code_challenge = await this.getCodeChallenge();\n const { dfp_telemetry_id, captcha_token } = await this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha();\n\n return this._networkClient.retriableFetchSDK<PasswordResetByEmailStartResponse>({\n url: '/passwords/email/reset/start',\n method: 'POST',\n body: {\n email: options.email,\n login_redirect_url: options.login_redirect_url,\n reset_password_redirect_url: options.reset_password_redirect_url,\n reset_password_expiration_minutes: options.reset_password_expiration_minutes,\n reset_password_template_id: options.reset_password_template_id,\n locale: options.locale,\n code_challenge,\n captcha_token,\n dfp_telemetry_id,\n },\n retryCallback: this.dfpProtectedAuth.retryWithCaptchaAndDFP,\n });\n }\n\n async strengthCheck(options: PasswordStrengthCheckOptions): Promise<PasswordStrengthCheckResponse> {\n validateInDev('stytch.passwords.strengthCheck', options, {\n email: 'optionalString',\n password: 'string',\n });\n\n return this._networkClient.fetchSDK<PasswordStrengthCheckResponse>({\n url: '/passwords/strength_check',\n method: 'POST',\n body: {\n email: options.email,\n password: options.password,\n },\n });\n }\n}\n","import { MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING } from '../constants';\nimport { ErrorMarshaller } from '../ErrorMarshaller';\nimport { logger } from '../utils';\n\ntype RequestPayload = {\n method: string;\n args: unknown[];\n};\n\ntype ResponsePayload<T> = {\n success: boolean;\n payload: T;\n error: Record<string, unknown>;\n};\n\nexport class IframeHostClient {\n frame!: Promise<HTMLIFrameElement>;\n\n constructor(private iframeURL: string) {\n this.createIframe();\n }\n\n private createIframe() {\n let existingIframe = document.querySelector(`[src~=\"${this.iframeURL}\"]`) as HTMLIFrameElement;\n\n /* If an iframe does not exist yet, create one */\n if (!existingIframe) {\n existingIframe = document.createElement('iframe');\n existingIframe.src = this.iframeURL;\n existingIframe.style.position = 'absolute';\n existingIframe.style.width = '0';\n existingIframe.style.height = '0';\n existingIframe.style.border = '0';\n existingIframe.role = 'none';\n document.body.appendChild(existingIframe);\n } else {\n logger.warn(MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING);\n }\n\n /**\n * [NASTY BUG]\n * If we postMessage to an iframe that is _not yet loaded_, chrome will give a cryptic error message\n * Failed to execute 'postMessage' on 'DOMWindow':\n * The target origin provided ('https://js.stytch.com') does not match the recipient window's origin ('http://localhost:3000').\n * There is no builtin way to determine if an iframe is already loaded,\n * so we set a dataset attr in our onload handler and use that to determine loading state\n */\n if (existingIframe.dataset.loaded === 'true') {\n this.frame = Promise.resolve(existingIframe);\n return;\n }\n\n this.frame = new Promise((resolve) => {\n existingIframe.addEventListener(\n 'load',\n () => {\n existingIframe.dataset.loaded = 'true';\n resolve(existingIframe);\n },\n { once: true },\n );\n });\n }\n\n async call<T>(method: string, args: unknown[]): Promise<T> {\n const frame = await this.frame;\n const channel = new MessageChannel();\n\n return new Promise((resolve, reject) => {\n channel.port1.onmessage = (event) => {\n const resp = event.data as ResponsePayload<T>;\n channel.port1.close();\n if (resp.success) {\n resolve(resp.payload);\n } else {\n reject(ErrorMarshaller.unmarshall(resp.error));\n }\n };\n\n const message: RequestPayload = {\n method,\n args,\n };\n\n frame.contentWindow?.postMessage(message, this.iframeURL, [channel.port2]);\n });\n }\n}\n","import { IDFPProtectedAuthProvider } from './DFPProtectedAuthProvider';\nimport { INetworkClient } from './NetworkClient';\nimport { Member, ResponseCommon } from './public';\n\ntype UserSearchData = ResponseCommon & {\n userType: 'new' | 'passwordless' | 'password';\n};\n\nexport type InternalMember = Pick<Member, 'status' | 'name' | 'member_password_id'>;\n\nexport type MemberSearchData = ResponseCommon & { member: InternalMember | null };\n\nexport interface ISearchData {\n searchUser: (email: string) => Promise<UserSearchData>;\n searchMember: (email: string, organization_id: string) => Promise<MemberSearchData>;\n}\n\nexport class SearchDataManager implements ISearchData {\n constructor(\n private _networkClient: INetworkClient,\n private dfpProtectedAuth: IDFPProtectedAuthProvider,\n ) {}\n\n searchUser(email: string): Promise<UserSearchData> {\n return this.dfpProtectedAuth.getDFPTelemetryIDAndCaptcha().then(({ dfp_telemetry_id, captcha_token }) => {\n return this._networkClient.fetchSDK<UserSearchData>({\n url: `/users/search`,\n method: 'POST',\n body: { email, dfp_telemetry_id, captcha_token },\n });\n });\n }\n\n searchMember(email: string, organization_id: string): Promise<MemberSearchData> {\n return this._networkClient.fetchSDK<MemberSearchData>({\n url: `/b2b/organizations/members/search`,\n method: 'POST',\n body: { email_address: email, organization_id },\n });\n }\n}\n","import { MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING } from './constants';\nimport {\n B2BState,\n ConsumerState,\n IHeadlessB2BSessionClient,\n IHeadlessSessionClient,\n SessionAuthenticateOptions,\n StytchProjectConfigurationInput,\n UNRECOVERABLE_ERROR_TYPES,\n} from './public';\nimport { shouldTryRefresh } from './shouldTryRefresh';\nimport { IB2BSubscriptionService, IConsumerSubscriptionService } from './SubscriptionService';\nimport { SessionUpdateOptions } from './types';\nimport { logger } from './utils';\n\nclass SessionManagerRegistry {\n private hasWarned = false;\n\n private registry = new Map<string, ISessionManager>();\n\n public register(key: string, sessionManager: ISessionManager) {\n const otherManager = this.registry.get(key);\n\n // If there appears to be another registered session manager, issue a\n // warning and cancel its background refresh in favor the newer registration\n if (otherManager && otherManager !== sessionManager) {\n if (!this.hasWarned) {\n logger.warn(MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING);\n this.hasWarned = true;\n }\n otherManager.cancelBackgroundRefresh();\n }\n this.registry.set(key, sessionManager);\n }\n\n public unregister(publicToken: string, sessionManager: ISessionManager) {\n const otherManager = this.registry.get(publicToken);\n if (otherManager && otherManager === sessionManager) {\n this.registry.delete(publicToken);\n }\n }\n}\n\nexport interface ISessionManager {\n performBackgroundRefresh: () => void;\n cancelBackgroundRefresh: () => void;\n}\n\nexport class SessionManager<TProjectConfiguration extends StytchProjectConfigurationInput> implements ISessionManager {\n // Three minutes\n private static REFRESH_INTERVAL_MS = 1000 * 60 * 3;\n // When testing - it's often more useful to set to a shorter duration\n // private static REFRESH_INTERVAL_MS = 1000 * 3;\n\n private timeout: ReturnType<typeof setTimeout> | null = null;\n\n /** In minutes */\n private lastAuthenticationSessionDuration: number | undefined;\n\n private static registry = new SessionManagerRegistry();\n\n private register() {\n SessionManager.registry.register(this._publicToken, this);\n }\n\n private unregister() {\n SessionManager.registry.unregister(this._publicToken, this);\n }\n\n constructor(\n private _subscriptionService:\n | IConsumerSubscriptionService<TProjectConfiguration>\n | IB2BSubscriptionService<TProjectConfiguration>,\n private _headlessSessionClient:\n | IHeadlessSessionClient<TProjectConfiguration>\n | IHeadlessB2BSessionClient<TProjectConfiguration>,\n private _publicToken: string,\n private _options: { keepSessionAlive?: boolean },\n ) {\n this._subscriptionService.subscribeToState(this._onDataChange);\n }\n\n /**\n * The core logic of the session refresh recursive trampoline\n * - Refreshes the currently issued session\n * - Schedules a future refresh if successful\n */\n performBackgroundRefresh() {\n logger.debug('performing background refresh at ', Date.now());\n this._reauthenticateWithBackoff()\n .then(() => {\n this.scheduleBackgroundRefresh();\n })\n .catch((error: unknown) => {\n logger.warn('Session background refresh failed. Signalling to app that user is logged out.', { error });\n this._subscriptionService.destroySession();\n });\n }\n\n private scheduleBackgroundRefresh() {\n /* Highlander rules - there can only ever be one */\n this.cancelBackgroundRefresh();\n this.register();\n logger.debug('Scheduling bg refresh', Date.now());\n this.timeout = setTimeout(() => {\n this.performBackgroundRefresh();\n }, SessionManager.REFRESH_INTERVAL_MS);\n }\n\n cancelBackgroundRefresh() {\n if (this.timeout !== null) {\n this.unregister();\n logger.debug('Cancelling bg refresh', Date.now());\n clearTimeout(this.timeout);\n this.timeout = null;\n }\n }\n\n /**\n * We need to listen to a few types of events:\n * - If the user logs in via invoking a .authenticate() call, we should start the background worker\n * - If the user steps up their authentication via another .authenticate call(), we should restart the background worker\n * - If the user logs out, we should terminate the worker\n * - We should ignore session changes that we ourselves caused - so if we already have a timeout, leave it be!\n */\n private _onDataChange = (\n state: (ConsumerState & SessionUpdateOptions) | (B2BState & SessionUpdateOptions) | null,\n ) => {\n if (state != null && state.sessionDurationMinutes) {\n this.lastAuthenticationSessionDuration = state.sessionDurationMinutes;\n }\n\n if (shouldTryRefresh(state)) {\n this.scheduleBackgroundRefresh();\n } else {\n this.cancelBackgroundRefresh();\n }\n };\n\n // In cases where we cannot get a satisfactory request:\n // - Stytch is hard-down\n // - The user's network is disconnected for an extended period of time\n // we will continue to retry every 4 minutes ad infinum\n private _reauthenticateWithBackoff = async () => {\n let count = 0;\n while (true) {\n try {\n const options: SessionAuthenticateOptions = {\n session_duration_minutes: this._options.keepSessionAlive ? this.lastAuthenticationSessionDuration : undefined,\n };\n\n return await this._headlessSessionClient.authenticate(options);\n } catch (err) {\n if (SessionManager.isUnrecoverableError(err)) {\n return Promise.reject(err);\n }\n count++;\n await new Promise((done) => setTimeout(done, SessionManager.timeoutForAttempt(count)));\n }\n }\n };\n\n // We start with a backoff of 2000ms and increase exponentially to ~4 minutes (+/- 175 ms for jitter)\n // A short backoff initially helps increase the chance that we refresh the session before the JWT expires\n static timeoutForAttempt(count: number) {\n count = Math.min(count, 7);\n const jitter = Math.floor(Math.random() * 350) - 175;\n const delayMS = 2000 * 2 ** count;\n return jitter + delayMS;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n static isUnrecoverableError(error: any) {\n return UNRECOVERABLE_ERROR_TYPES.includes(error.error_type);\n }\n}\n","import { B2BState, ConsumerState } from './public';\n\n// We should try refreshing the session if there exists a cached session in\n// state that might be stale. Otherwise, we know there is no session, so there's\n// no need.\nexport const shouldTryRefresh = <T extends ConsumerState | B2BState>(state: T | null) => !!state?.session;\n","import { UnsubscribeFunction } from './public';\nimport { ISubscriptionService } from './SubscriptionService';\nimport { AllowedOpaqueTokens } from './typeConfig';\n\ntype DeepReadonly<T> = {\n readonly [P in keyof T]: DeepReadonly<T[P]>;\n};\n\nexport type StateChangeHandler<T> = (state: DeepReadonly<T>) => void;\nexport type StateChangeRegisterFunction<T> = (callback: StateChangeHandler<T>) => UnsubscribeFunction;\n\nexport class StateChangeClient<T> {\n constructor(\n private readonly _subscriptionService: ISubscriptionService<T | null, AllowedOpaqueTokens>,\n private readonly emptyState: T,\n ) {}\n\n public onStateChange: StateChangeRegisterFunction<T> = (callback) => {\n return this._subscriptionService.subscribeToState((state) => {\n callback(state ?? this.emptyState);\n });\n };\n}\n","import { cannotInvokeMethodOnServerError } from '../utils/errors';\n\nconst SSRStubKey = Symbol('__stytch_SSRStubKey');\n\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport const isStytchSSRProxy = (proxy: any): boolean => {\n return !!proxy[SSRStubKey];\n};\n\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nconst createProxy = (path: string): any => {\n // eslint-disable-next-line @typescript-eslint/no-empty-function\n const noop = () => {};\n return new Proxy(noop, {\n get(target, p) {\n if ((p as symbol) === SSRStubKey) {\n return true;\n }\n return createProxy(path + '.' + String(p));\n },\n apply() {\n throw new Error(cannotInvokeMethodOnServerError(path));\n },\n });\n};\n\n// Exported for testing\nexport const createStytchSSRProxy = () => createProxy('stytch');\n\nexport function ssrSafeClientFactory<Args extends unknown[], T>(ClientConstructor: new (...args: Args) => T) {\n return (...args: Args): T => {\n if (typeof window === 'undefined') {\n return createStytchSSRProxy();\n }\n\n return new ClientConstructor(...args);\n };\n}\n","// The strings in this file are only for developers\n/* eslint-disable lingui/no-unlocalized-strings */\n\nimport { RUN_IN_DEV } from '@stytch/core';\n\nexport function serverRenderError(name: string) {\n RUN_IN_DEV(() => {\n if (typeof window === 'undefined') {\n throw new Error(\n `<${name} /> cannot be rendered on the server. If you are using Next.js, use the @stytch/nextjs package or 'use client' directives`,\n );\n }\n });\n}\n\nexport const noProviderError = (item: string, provider = 'StytchProvider'): string =>\n `${item} can only be used inside <${provider}>.`;\n\nexport const providerMustBeUniqueError = 'You cannot render a <StytchProvider> inside another <StytchProvider>.';\n\nexport const cannotInvokeMethodOnServerError = (path: string) =>\n process.env.NODE_ENV === 'production'\n ? `[Stytch] Invalid server-side function call to ${path}`\n : `[Stytch] Invalid server-side function call to ${path}.\nThe Stytch JavaScript SDK is intended to only be used on the client side.\nMake sure to wrap your API calls in a hook to ensure they are executed on the client.\n\n\\`\\`\\`\nconst myComponent = () => {\n const stytch = useStytch();\n // This will error out on the server.\n stytch.magicLinks.authenticate(...);\n useEffect(() => {\n // This will work well\n stytch.magicLinks.authenticate(...);\n }, []);\n}\n\\`\\`\\`\n\nIf you want to make API calls from server environments, please use the Stytch Node Library\nhttps://www.npmjs.com/package/stytch.`;\n","import { BootstrapData, DFPProtectedAuthMode, INetworkClient, logger, RBACPolicyRaw, Vertical } from '@stytch/core';\n\nimport { B2BSubscriptionDataLayer, ConsumerSubscriptionDataLayer } from './SubscriptionService';\n\nexport interface IBootstrapData {\n getSync: () => BootstrapData;\n getAsync: () => Promise<BootstrapData>;\n}\n\ninterface RawBootstrapData {\n request_id: string;\n project_name: string;\n status_code: number;\n disable_sdk_watermark: boolean;\n cname_domain: string | null;\n email_domains: string[];\n captcha_settings: BootstrapData['captchaSettings'];\n pkce_required_for_email_magic_links: boolean;\n pkce_required_for_password_resets: boolean;\n pkce_required_for_oauth: boolean;\n pkce_required_for_sso: boolean;\n slug_pattern: string | null;\n create_organization_enabled: boolean;\n password_config: { luds_complexity: number; luds_minimum_count: number } | null;\n dfp_protected_auth_enabled?: boolean;\n dfp_protected_auth_mode?: DFPProtectedAuthMode;\n rbac_policy?: RBACPolicyRaw;\n siwe_required_for_crypto_wallets: boolean;\n vertical: Vertical;\n}\n\nconst BOOTSTRAP_CACHE_KEY = 'bootstrap';\nconst DEFAULT_BOOTSTRAP = (): BootstrapData => ({\n displayWatermark: false,\n projectName: null,\n cnameDomain: null,\n emailDomains: ['stytch.com'],\n captchaSettings: { enabled: false },\n pkceRequiredForEmailMagicLinks: false,\n pkceRequiredForPasswordResets: false,\n pkceRequiredForOAuth: false,\n pkceRequiredForSso: false,\n slugPattern: null,\n createOrganizationEnabled: false,\n passwordConfig: null,\n runDFPProtectedAuth: false,\n rbacPolicy: null,\n siweRequiredForCryptoWallets: false,\n vertical: null,\n});\n\nexport class BootstrapDataManager implements IBootstrapData {\n private readonly _bootstrapDataPromise: Promise<BootstrapData>;\n\n constructor(\n private _publicToken: string,\n private _networkClient: INetworkClient,\n private _dataLayer: ConsumerSubscriptionDataLayer | B2BSubscriptionDataLayer,\n ) {\n // TODO: Push the async version of this into @stytch/core\n // for RN to use, have getSync throw a NotImplementedError\n // and inherit it to create a sync one here?\n this._bootstrapDataPromise = this._networkClient\n .fetchSDK<RawBootstrapData>({\n url: `/projects/bootstrap/${this._publicToken}`,\n method: 'GET',\n })\n .then(BootstrapDataManager.mapBootstrapData)\n .then((data) => {\n this._dataLayer.setItem(BOOTSTRAP_CACHE_KEY, JSON.stringify(data));\n return data;\n })\n .catch((error: unknown) => {\n logger.error(error);\n return DEFAULT_BOOTSTRAP();\n });\n }\n\n static mapBootstrapData(response: RawBootstrapData): BootstrapData {\n const passwordConfig =\n response.password_config !== null\n ? {\n ludsComplexity: response.password_config.luds_complexity,\n ludsMinimumCount: response.password_config.luds_minimum_count,\n }\n : null;\n\n return {\n projectName: response.project_name,\n displayWatermark: !response.disable_sdk_watermark,\n captchaSettings: response.captcha_settings,\n cnameDomain: response.cname_domain,\n emailDomains: response.email_domains,\n\n pkceRequiredForEmailMagicLinks: response.pkce_required_for_email_magic_links,\n pkceRequiredForPasswordResets: response.pkce_required_for_password_resets,\n pkceRequiredForOAuth: response.pkce_required_for_oauth,\n pkceRequiredForSso: response.pkce_required_for_sso,\n slugPattern: response.slug_pattern,\n createOrganizationEnabled: response.create_organization_enabled,\n passwordConfig,\n runDFPProtectedAuth: response.dfp_protected_auth_enabled ?? false,\n dfpProtectedAuthMode: response.dfp_protected_auth_mode,\n rbacPolicy: response.rbac_policy ?? null,\n siweRequiredForCryptoWallets: response.siwe_required_for_crypto_wallets,\n vertical: response.vertical,\n };\n }\n\n getSync(): BootstrapData {\n const cached = this._dataLayer.getItem(BOOTSTRAP_CACHE_KEY);\n if (cached === null) {\n return DEFAULT_BOOTSTRAP();\n }\n try {\n return JSON.parse(cached) as BootstrapData;\n } catch {\n return DEFAULT_BOOTSTRAP();\n }\n }\n\n getAsync(): Promise<BootstrapData> {\n return this._bootstrapDataPromise;\n }\n}\n","import { BootstrapData, loadESModule } from '@stytch/core';\n\nconst loadRecaptchaClient = (siteKey: string) =>\n loadESModule(`https://www.google.com/recaptcha/enterprise.js?render=${siteKey}`, () => window.grecaptcha.enterprise);\n\ntype CaptchaState =\n | { configured: true; captchaClient: ReCaptchaV2.ReCaptcha; siteKey: string }\n | { configured: false; captchaClient: undefined; siteKey: undefined };\n\nexport class CaptchaProvider {\n private state: Promise<CaptchaState>;\n constructor(private bootstrapPromise: Promise<BootstrapData>) {\n this.state = bootstrapPromise.then(async (bootstrapData) => {\n if (!bootstrapData.captchaSettings.enabled) {\n return { configured: false };\n }\n return {\n configured: true,\n captchaClient: await loadRecaptchaClient(bootstrapData.captchaSettings.siteKey),\n siteKey: bootstrapData.captchaSettings.siteKey,\n };\n });\n }\n\n executeRecaptcha = async () => {\n const { captchaClient, configured, siteKey } = await this.state;\n if (!configured) {\n return undefined;\n }\n await new Promise<void>((resolve) => captchaClient.ready(resolve));\n return captchaClient.execute(siteKey, {\n action: 'LOGIN',\n });\n };\n}\n","import { IframeHostClient, RPCManifest } from '@stytch/core';\n\nexport class ClientsideServicesProvider implements RPCManifest {\n private _frameClient: IframeHostClient | undefined;\n constructor(private iframeURL: string) {}\n\n /**\n * The frameClient is lazily initialized - we don't want to force users\n * that don't use any of its features to still download the bundle!\n * @private\n */\n private get frameClient(): IframeHostClient {\n this._frameClient = this._frameClient ?? new IframeHostClient(this.iframeURL);\n return this._frameClient;\n }\n\n private call<T, U>(handlerName: string, req: T): Promise<U> {\n return this.frameClient.call<U>(handlerName, [req]);\n }\n\n oneTapStart: RPCManifest['oneTapStart'] = (req) => this.call('oneTapStart', req);\n oneTapSubmit: RPCManifest['oneTapSubmit'] = (req) => this.call('oneTapSubmit', req);\n parsedPhoneNumber: RPCManifest['parsedPhoneNumber'] = (req) => this.call('parsedPhoneNumber', req);\n getExamplePhoneNumber: RPCManifest['getExamplePhoneNumber'] = (req) => this.call('getExamplePhoneNumber', req);\n}\n","import {\n AdditionalTelemetryData,\n baseFetchSDK,\n baseSubmitFormSDK,\n createAppSessionId,\n createEventId,\n createPersistentId,\n DEFAULT_INTERVAL_DURATION_MS,\n DEFAULT_MAX_BATCH_SIZE,\n EventLogger,\n INetworkClient,\n isTestPublicToken,\n retriableFetchSDK,\n RetriableSDKRequestInfo,\n SDKRequestInfo,\n SDKTelemetry,\n} from '@stytch/core';\nimport { ResponseCommon } from '@stytch/core/public';\n\nimport { version as PACKAGE_VERSION } from '../package.json';\nimport { B2BSubscriptionDataLayer, ConsumerSubscriptionDataLayer } from './SubscriptionService';\n\nexport class NetworkClient implements INetworkClient {\n private eventLogger: EventLogger;\n private readonly baseURL: string;\n\n constructor(\n private _publicToken: string,\n private _subscriptionDataLayer: ConsumerSubscriptionDataLayer | B2BSubscriptionDataLayer,\n _liveAPIURL: string,\n _testAPIURL: string,\n private additionalTelemetryDataFn: () => AdditionalTelemetryData,\n ) {\n this.baseURL = _liveAPIURL;\n if (isTestPublicToken(_publicToken)) {\n this.baseURL = _testAPIURL;\n }\n this.eventLogger = new EventLogger({\n maxBatchSize: DEFAULT_MAX_BATCH_SIZE,\n intervalDurationMs: DEFAULT_INTERVAL_DURATION_MS,\n logEventURL: this.buildSDKUrl('/events'),\n });\n }\n\n // @deprecated Use the new sessions.updateSession() method instead\n updateSessionToken = () => {\n return null;\n };\n\n logEvent({\n name,\n details,\n error = {},\n }: {\n name: string;\n details: Record<string, unknown>;\n error?: { error_code?: string; error_description?: string; http_status_code?: string };\n }): void {\n this.eventLogger.logEvent(this.createTelemetryBlob(), {\n public_token: this._publicToken,\n event_name: name,\n details: details,\n\n // Error fields\n error_code: error.error_code,\n error_description: error.error_description,\n http_status_code: error.http_status_code,\n });\n }\n\n createTelemetryBlob(): SDKTelemetry {\n return {\n event_id: createEventId(),\n // TODO: These should be persisted somewhere, not generated per request\n app_session_id: createAppSessionId(),\n persistent_id: createPersistentId(),\n\n client_sent_at: new Date().toISOString(),\n timezone: Intl.DateTimeFormat().resolvedOptions().timeZone,\n\n // Logged in data\n // This gets passed into the constructor from StytchClient or StytchB2BClient\n // We pass in the user & session id when the Consumer SDK is being used and member & session id\n // when the B2B SDK is being used.\n\n // Why don't we generate this from the session_token in the auth header?\n // - We don't want to tie analytics ingest to session validation. There's no need to put\n // that kind of pressure on API, and ingest could be moved to somewhere that doesn't\n // have the ability to validate tokens\n // - For bulk event batches, we want to keep track of whether or not a user was logged\n // in at each event. If we have 10 events, the user logs in at event 5, then they'll have\n // a token when they log the batch, but we want to know that they were not logged in for the\n // first 4 events\n ...this.additionalTelemetryDataFn(),\n\n // Versioning\n app: {\n identifier: window.location.hostname,\n },\n sdk: {\n // TODO: Pull these from package.json when there is a package\n // eslint-disable-next-line lingui/no-unlocalized-strings\n identifier: 'Stytch.js Javascript SDK',\n version: PACKAGE_VERSION,\n },\n };\n }\n\n async fetchSDK<T extends ResponseCommon>({ url, body, method }: SDKRequestInfo): Promise<T> {\n const sessionToken = this._subscriptionDataLayer.readSessionCookie().session_token;\n const basicAuthHeader = 'Basic ' + window.btoa(this._publicToken + ':' + (sessionToken || this._publicToken));\n const xSDKClientHeader = window.btoa(JSON.stringify(this.createTelemetryBlob()));\n const xSDKParentHostHeader = window.location.origin;\n\n return baseFetchSDK<T>({\n basicAuthHeader,\n body,\n finalURL: this.buildSDKUrl(url),\n method,\n xSDKClientHeader,\n xSDKParentHostHeader,\n });\n }\n\n async submitFormSDK({ url, body, method }: SDKRequestInfo): Promise<void> {\n const sessionToken = this._subscriptionDataLayer.readSessionCookie().session_token;\n const basicAuthHeader = 'Basic ' + window.btoa(this._publicToken + ':' + (sessionToken || this._publicToken));\n const xSDKClientHeader = window.btoa(JSON.stringify(this.createTelemetryBlob()));\n const xSDKParentHostHeader = window.location.origin;\n\n return baseSubmitFormSDK({\n basicAuthHeader,\n body,\n finalURL: this.buildSDKUrl(url),\n method,\n xSDKClientHeader,\n xSDKParentHostHeader,\n });\n }\n\n async retriableFetchSDK<T extends ResponseCommon>({\n url,\n body,\n method,\n retryCallback,\n }: RetriableSDKRequestInfo): Promise<T> {\n const sessionToken = this._subscriptionDataLayer.readSessionCookie().session_token;\n const basicAuthHeader = 'Basic ' + window.btoa(this._publicToken + ':' + (sessionToken || this._publicToken));\n const xSDKClientHeader = window.btoa(JSON.stringify(this.createTelemetryBlob()));\n const xSDKParentHostHeader = window.location.origin;\n\n return retriableFetchSDK<T>({\n basicAuthHeader,\n body,\n finalURL: this.buildSDKUrl(url),\n method,\n xSDKClientHeader,\n xSDKParentHostHeader,\n retryCallback,\n });\n }\n\n buildSDKUrl(url: string): string {\n // eslint-disable-next-line lingui/no-unlocalized-strings\n return `${this.baseURL}/sdk/v1${url}`;\n }\n}\n","import { ISyncPKCEManager, logger, ProofkeyPair } from '@stytch/core';\n\nimport { B2BSubscriptionDataLayer, ConsumerSubscriptionDataLayer } from './SubscriptionService';\n\nconst PKCE_VERIFIER_STORAGE_KEY = 'PKCE_VERIFIER' as const;\n\nfunction toHex(n: number): string {\n let str = n.toString(16);\n if (str.length === 1) {\n str = '0' + str;\n }\n return str;\n}\n\nfunction base64URLEncode(buf: ArrayBuffer) {\n // Convert the ArrayBuffer to string using Uint8 array.\n // btoa takes chars from 0-255 and base64 encodes.\n // Then convert the base64 encoded to base64url encoded.\n // (replace + with -, replace / with _, trim trailing =)\n return btoa(String.fromCharCode.call(null, ...new Uint8Array(buf)))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '');\n}\n\nexport class PKCEManager implements ISyncPKCEManager {\n constructor(\n private _dataLayer: ConsumerSubscriptionDataLayer | B2BSubscriptionDataLayer,\n private namespace: string,\n ) {}\n\n private key() {\n return `${PKCE_VERIFIER_STORAGE_KEY}:${this.namespace}` as const;\n }\n\n async startPKCETransaction(): Promise<ProofkeyPair> {\n const keyPair = await PKCEManager.createProofkeyPair();\n this._dataLayer.setItem(this.key(), JSON.stringify(keyPair));\n return keyPair;\n }\n\n getPKPair(): ProofkeyPair | undefined {\n const serialized = this._dataLayer.getItem(this.key());\n if (serialized === null) {\n return undefined;\n }\n try {\n return JSON.parse(serialized) as ProofkeyPair;\n } catch {\n logger.warn('Found malformed Proof Key pair in localstorage.');\n return undefined;\n }\n }\n\n clearPKPair(): void {\n return this._dataLayer.removeItem(this.key());\n }\n\n static async createProofkeyPair(): Promise<ProofkeyPair> {\n const bytes = new Uint32Array(16);\n window.crypto.getRandomValues(bytes);\n const codeVerifier = Array.from(bytes).map(toHex).join('');\n\n const digest = await window.crypto.subtle.digest('SHA-256', new TextEncoder().encode(codeVerifier));\n\n return {\n code_challenge: base64URLEncode(digest),\n code_verifier: codeVerifier,\n };\n }\n}\n","/*! js-cookie v3.0.1 | MIT */\n/* eslint-disable no-var */\nfunction assign (target) {\n for (var i = 1; i < arguments.length; i++) {\n var source = arguments[i];\n for (var key in source) {\n target[key] = source[key];\n }\n }\n return target\n}\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\nvar defaultConverter = {\n read: function (value) {\n if (value[0] === '\"') {\n value = value.slice(1, -1);\n }\n return value.replace(/(%[\\dA-F]{2})+/gi, decodeURIComponent)\n },\n write: function (value) {\n return encodeURIComponent(value).replace(\n /%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,\n decodeURIComponent\n )\n }\n};\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\n\nfunction init (converter, defaultAttributes) {\n function set (key, value, attributes) {\n if (typeof document === 'undefined') {\n return\n }\n\n attributes = assign({}, defaultAttributes, attributes);\n\n if (typeof attributes.expires === 'number') {\n attributes.expires = new Date(Date.now() + attributes.expires * 864e5);\n }\n if (attributes.expires) {\n attributes.expires = attributes.expires.toUTCString();\n }\n\n key = encodeURIComponent(key)\n .replace(/%(2[346B]|5E|60|7C)/g, decodeURIComponent)\n .replace(/[()]/g, escape);\n\n var stringifiedAttributes = '';\n for (var attributeName in attributes) {\n if (!attributes[attributeName]) {\n continue\n }\n\n stringifiedAttributes += '; ' + attributeName;\n\n if (attributes[attributeName] === true) {\n continue\n }\n\n // Considers RFC 6265 section 5.2:\n // ...\n // 3. If the remaining unparsed-attributes contains a %x3B (\";\")\n // character:\n // Consume the characters of the unparsed-attributes up to,\n // not including, the first %x3B (\";\") character.\n // ...\n stringifiedAttributes += '=' + attributes[attributeName].split(';')[0];\n }\n\n return (document.cookie =\n key + '=' + converter.write(value, key) + stringifiedAttributes)\n }\n\n function get (key) {\n if (typeof document === 'undefined' || (arguments.length && !key)) {\n return\n }\n\n // To prevent the for loop in the first place assign an empty array\n // in case there are no cookies at all.\n var cookies = document.cookie ? document.cookie.split('; ') : [];\n var jar = {};\n for (var i = 0; i < cookies.length; i++) {\n var parts = cookies[i].split('=');\n var value = parts.slice(1).join('=');\n\n try {\n var foundKey = decodeURIComponent(parts[0]);\n jar[foundKey] = converter.read(value, foundKey);\n\n if (key === foundKey) {\n break\n }\n } catch (e) {}\n }\n\n return key ? jar[key] : jar\n }\n\n return Object.create(\n {\n set: set,\n get: get,\n remove: function (key, attributes) {\n set(\n key,\n '',\n assign({}, attributes, {\n expires: -1\n })\n );\n },\n withAttributes: function (attributes) {\n return init(this.converter, assign({}, this.attributes, attributes))\n },\n withConverter: function (converter) {\n return init(assign({}, this.converter, converter), this.attributes)\n }\n },\n {\n attributes: { value: Object.freeze(defaultAttributes) },\n converter: { value: Object.freeze(converter) }\n }\n )\n}\n\nvar api = init(defaultConverter, { path: '/' });\n/* eslint-enable no-var */\n\nexport default api;\n","import {\n EmailMagicLinksOptions,\n MagicLinksLoginOrCreateOptions,\n PasswordOptions,\n PasswordResetByEmailStartOptions,\n} from '@stytch/core/public';\n\n// You can't actually validate email just from regex. RFC 5322 is pretty complex and there are some *wild*\n// rules that we would never really expect to handle, but are technically valid like:\n// 1. Emails can contain comments -> cursed(comment)@example.com\n// 2. Emails can contain symbols -> cursed{email}@example.com != cursedemail@example.com\n// 3. Dots are allowed, but not consecutively -> ab.cd@example.com is okay, but not ab..cd@example.com\n// 4. ... unless quoted -> \"ab..cd\"@example.com is okay\n// because yes, emails can also contain quotes\n// but then they *can't* contain comments\n// 5. Emails can also consist of spaces and tabs if you use quoting\n//\n// TL;DR: it's really complicated. I once heard a joke that the only real way to validate an email is to check\n// for the presence of an @ symbol and then see if you can send an email without it bouncing. Anyway, the below\n// regex *attempts* to make some limitations on the regex to help end-users while not being overly constrained.\n// We relaxed it as part of https://linear.app/stytch/issue/OBACK-583/email-pattern-bug-in-fe-sdk if you want some\n// historical context here.\nexport const EMAIL_REGEX = /^[a-zA-Z0-9!#$%&'*+/=?^_`{|}~.-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$/;\n\nexport const convertMagicLinkOptions = (options: EmailMagicLinksOptions = {}): MagicLinksLoginOrCreateOptions => ({\n signup_magic_link_url: options.signupRedirectURL,\n signup_expiration_minutes: options.signupExpirationMinutes,\n login_magic_link_url: options.loginRedirectURL,\n login_expiration_minutes: options.loginExpirationMinutes,\n login_template_id: options.loginTemplateId,\n signup_template_id: options.signupTemplateId,\n locale: options.locale,\n});\n\nexport const convertPasswordResetOptions = (\n email: string,\n options: PasswordOptions = {},\n): PasswordResetByEmailStartOptions => ({\n email: email,\n login_redirect_url: options.loginRedirectURL,\n login_expiration_minutes: options.loginExpirationMinutes,\n reset_password_redirect_url: options.resetPasswordRedirectURL,\n reset_password_expiration_minutes: options.resetPasswordExpirationMinutes,\n reset_password_template_id: options.resetPasswordTemplateId,\n locale: options.locale,\n});\n\nexport const debounce = <F extends (...args: Parameters<F>) => ReturnType<F>>(func: F, waitFor = 500) => {\n let timeout: number | undefined;\n return (...args: Parameters<F>) => {\n clearTimeout(timeout);\n timeout = window.setTimeout(() => func(...args), waitFor);\n };\n};\n\n// Borrowed from Create React App's service worker registration logic\nexport const isLocalhost = () =>\n Boolean(\n window.location.hostname === 'localhost' ||\n // [::1] is the IPv6 localhost address.\n window.location.hostname === '[::1]' ||\n // 127.0.0.1/8 is considered localhost for IPv4.\n window.location.hostname.match(/^127(?:\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/),\n );\n\nexport type DeepRequired<T> = { [K in keyof T]: DeepRequired<T[K]> } & Required<T>;\n\nexport const hasMultipleCookies = (cookieName: string) => {\n const cookiePairs = document.cookie ? document.cookie.split('; ') : [];\n const matchedCookies = cookiePairs.filter((pair) => {\n const [name] = pair.split('=');\n return cookieName === name;\n });\n\n return matchedCookies.length > 1;\n};\n\nexport const noop = () => {\n // Noop\n};\n","const PERSISTENT_STORAGE_KEY_PREFIX = 'stytch_sdk_state_';\n\n// Declare all keys to use with storage here. These storage are global so re-using the same key will cause collision\n// Do not remove values from here when the caller is removed since these will still be persisted on user's browsers.\nexport type StorageKey =\n // SubscriptionService\n | ''\n | 'seen_domains'\n // Bootstrap\n | 'bootstrap'\n // PKCE manager\n | `PKCE_VERIFIER:${string}`\n // Admin portal\n | `${string}_itemsPerPage`\n | `${string}_filter_${string}`\n // B2B\n | 'reset-email-value'\n | `b2b_last_used_method`\n // B2C\n | `b2c_last_used_oauth`;\n\nexport const getPersistentStorageKey = (publicToken: string, key: StorageKey): string => {\n return `${PERSISTENT_STORAGE_KEY_PREFIX}${publicToken}${key ? `::${key}` : ''}`;\n};\n\nexport interface IStorage {\n getItem(publicKey: string, key: StorageKey): string | null;\n removeItem(publicKey: string, key: StorageKey): void;\n setItem(publicKey: string, key: StorageKey, value: string): void;\n}\n\nexport interface IKeyBoundStorage {\n getItem(key: StorageKey): string | null;\n setItem(key: StorageKey, value: string): void;\n removeItem(key: StorageKey): void;\n}\n\nfunction makeSafeStorage(storage: Storage | undefined): IStorage {\n if (storage == null) {\n return {\n getItem() {\n return null;\n },\n removeItem() {\n // Noop\n },\n setItem() {\n // Noop\n },\n };\n }\n\n return {\n getItem(publicKey: string, key: StorageKey): string | null {\n const persistentStorageKey = getPersistentStorageKey(publicKey, key);\n try {\n return storage.getItem(persistentStorageKey);\n } catch {\n // Swallow error\n return null;\n }\n },\n setItem(publicKey: string, key: StorageKey, value: string): void {\n const persistentStorageKey = getPersistentStorageKey(publicKey, key);\n try {\n if (value) storage.setItem(persistentStorageKey, value);\n } catch {\n // Swallow error\n }\n },\n removeItem(publicKey: string, key: StorageKey): void {\n const persistentStorageKey = getPersistentStorageKey(publicKey, key);\n try {\n storage.removeItem(persistentStorageKey);\n } catch {\n // Swallow error\n }\n },\n };\n}\n\nexport const safeLocalStorage = makeSafeStorage(globalThis.localStorage);\nexport const safeSessionStorage = makeSafeStorage(globalThis.sessionStorage);\n\nexport function getKeyBoundStorage(storage: IStorage, publicToken: string): IKeyBoundStorage {\n return {\n getItem(key: StorageKey) {\n return storage.getItem(publicToken, key);\n },\n setItem(key: StorageKey, value: string): void {\n storage.setItem(publicToken, key, value);\n },\n removeItem(key: StorageKey) {\n storage.removeItem(publicToken, key);\n },\n };\n}\n","import {\n AllowedOpaqueTokens,\n CommonAuthenticateOptions,\n ExtractOpaqueTokens,\n IB2BSubscriptionService,\n IConsumerSubscriptionService,\n IfOpaqueTokens,\n InternalSessionUpdateOptions,\n ISubscriptionService,\n logger,\n OpaqueTokensNeverConfig,\n SessionUpdateOptions,\n} from '@stytch/core';\nimport {\n AuthenticateResponse,\n B2BAuthenticateResponse,\n B2BAuthenticateResponseWithMFA,\n B2BDiscoveryAuthenticateResponse,\n B2BState,\n ConsumerState,\n Member,\n Organization,\n SessionTokens,\n SessionTokensUpdate,\n StytchClientOptions,\n StytchProjectConfigurationInput,\n UnsubscribeFunction,\n User,\n} from '@stytch/core/public';\nimport { createDeepEqual } from '@stytch/js-utils';\nimport Cookies from 'js-cookie';\n\nimport { hasMultipleCookies, isLocalhost } from '../src/utils';\nimport {\n getKeyBoundStorage,\n getPersistentStorageKey,\n IKeyBoundStorage,\n safeLocalStorage,\n safeSessionStorage,\n StorageKey,\n} from './utils/storage';\n\ntype SubscriberFunction<T> = (value: T | null) => void;\ntype Subscribers<T> = Record<string, SubscriberFunction<T>>;\n\nconst STYTCH_SESSION_COOKIE = 'stytch_session';\nconst STYTCH_SESSION_JWT_COOKIE = 'stytch_session_jwt';\nconst STYTCH_INTERMEDIATE_SESSION_TOKEN_COOKIE = 'stytch_intermediate_session_token';\nconst SEEN_DOMAINS_KEY = 'seen_domains';\n\nexport class SubscriptionDataLayer<T extends ConsumerState | B2BState> {\n publicToken: string;\n state: T | null;\n private readonly _opaqueTokenCookieName: string | null = null;\n private readonly _jwtCookieName: string | null = null;\n private readonly _cookiePath: string | null = null;\n private readonly _domain: string | null = null;\n private readonly _cookieAvailableToSubdomains: boolean = false;\n private readonly _istCookieName: string | null = null;\n\n subscriptions: Subscribers<T & SessionUpdateOptions>;\n\n private readonly _localStorage: IKeyBoundStorage;\n readonly browserSessionStorage: IKeyBoundStorage;\n\n constructor(publicToken: string, options?: StytchClientOptions) {\n this.publicToken = publicToken;\n this.state = null;\n this.subscriptions = {};\n\n // Initialize storage utilities\n this._localStorage = getKeyBoundStorage(safeLocalStorage, publicToken);\n this.browserSessionStorage = getKeyBoundStorage(safeSessionStorage, publicToken);\n\n if (options?.cookieOptions) {\n this._opaqueTokenCookieName = options.cookieOptions.opaqueTokenCookieName || null;\n this._jwtCookieName = options.cookieOptions.jwtCookieName || null;\n this._cookiePath = options.cookieOptions.path || null;\n this._domain = options.cookieOptions.domain || null;\n this._cookieAvailableToSubdomains = options.cookieOptions.availableToSubdomains || false;\n this._istCookieName = options.cookieOptions.istCookieName || null;\n }\n\n const localStorageState = this._localStorage.getItem('');\n\n if (!localStorageState) {\n return;\n }\n let parsedState: unknown;\n try {\n parsedState = JSON.parse(localStorageState);\n } catch {\n // Overwrite the bad data with nulls\n this.syncToLocalStorage();\n return;\n }\n // TODO: Validate the data looks decent & matches Session/User format\n this.state = parsedState as T;\n }\n\n protected get opaqueTokenCookieName(): string {\n return this._opaqueTokenCookieName ?? STYTCH_SESSION_COOKIE;\n }\n\n protected get jwtCookieName(): string {\n return this._jwtCookieName ?? STYTCH_SESSION_JWT_COOKIE;\n }\n\n protected get istCookieName(): string {\n return this._istCookieName ?? STYTCH_INTERMEDIATE_SESSION_TOKEN_COOKIE;\n }\n\n readSessionCookie() {\n return {\n session_token: Cookies.get(this.opaqueTokenCookieName),\n session_jwt: Cookies.get(this.jwtCookieName),\n };\n }\n\n readIntermediateSessionTokenCookie() {\n return Cookies.get(this.istCookieName);\n }\n\n writeSessionCookie(stateDiff: StateWithReadableTokensLoggedIn<T>) {\n const { state, session_token, session_jwt } = stateDiff;\n\n const cookieOpts = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: state?.session?.expires_at ?? '',\n availableToSubdomains: this._cookieAvailableToSubdomains,\n path: this._cookiePath,\n domain: this._domain,\n });\n\n if (cookieOpts.domain) {\n this.addSeenDomain(cookieOpts.domain);\n }\n\n Cookies.set(this.opaqueTokenCookieName, session_token, cookieOpts);\n Cookies.set(this.jwtCookieName, session_jwt, cookieOpts);\n\n /**\n * If a developer flips the boolean value of availableToSubdomains at any point,\n * there will be two cookies set which will could cause the user to log out since\n * the js-cookie API always returns the first cookie set. Thus, we will clear the\n * cookie that doesn't relate to the current cookie options.\n */\n\n const alternateCookieOptions = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: state?.session?.expires_at ?? '',\n availableToSubdomains: !this._cookieAvailableToSubdomains,\n path: this._cookiePath,\n domain: this._domain,\n });\n\n if (alternateCookieOptions.domain) {\n this.addSeenDomain(alternateCookieOptions.domain);\n }\n\n if (hasMultipleCookies(this.jwtCookieName)) {\n Cookies.remove(this.jwtCookieName, alternateCookieOptions);\n }\n\n if (hasMultipleCookies(this.opaqueTokenCookieName)) {\n Cookies.remove(this.opaqueTokenCookieName, alternateCookieOptions);\n }\n\n if (hasMultipleCookies(this.jwtCookieName)) {\n logger.warn(\n 'Could not remove extraneous JWT cookie. This might happen if the cookie has been set using multiple `path` settings, and may produce unwanted behavior.',\n );\n }\n\n if (hasMultipleCookies(this.opaqueTokenCookieName)) {\n logger.warn('Could not remove extraneous opaque token cookie.');\n }\n }\n\n writeIntermediateSessionTokenCookie(IST: string) {\n // ISTs are valid for 10 minutes\n const expiresAtTime = new Date(Date.now() + 10 * 60000);\n const cookieOpts = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: expiresAtTime.toString(),\n availableToSubdomains: this._cookieAvailableToSubdomains,\n path: this._cookiePath,\n domain: this._domain,\n });\n\n Cookies.set(this.istCookieName, IST, cookieOpts);\n }\n\n removeSessionCookie() {\n this.removeCookies([this.opaqueTokenCookieName, this.jwtCookieName]);\n }\n\n removeISTCookie() {\n this.removeCookies([this.istCookieName]);\n }\n\n removeCookies(cookiesToRemove: string[]) {\n /**\n * Spray and Pray approach:\n * In order to delete a cookie, both the path and domain must match exactly\n * We don't always know how the cookie was set - we can use the path & info that the SDK was created with\n * but if the SDK settings have changed (e.g. a dev is developing) then things might get strange.\n * Note: it is _impossible_ to reliably delete a cookie if you don't know what path it was set at - thank,; internet\n * Our best effort approach is to just list off the likely combinations\n *\n * As of 2025-07-14, we track all domains that have been used to set cookies and try to delete\n * cookies from all of them to handle cases where domains change (e.g. something.com -> web.something.com)\n */\n\n // Get all previously seen domains\n const trackedDomains = this.getSeenDomains();\n // Include the current domain and null (no domain) in our attempts\n const allDomains = [this._domain, null, ...trackedDomains];\n // Remove duplicates\n const uniqueDomains = [...new Set(allDomains)];\n\n [true, false].forEach((availableToSubdomains) => {\n [this._cookiePath, null].forEach((path) => {\n uniqueDomains.forEach((domain) => {\n const cookieOpts = SubscriptionDataLayer.generateCookieOpts({\n expiresAt: new Date(0).toString(),\n availableToSubdomains,\n path,\n domain,\n });\n cookiesToRemove.forEach((cookieName) => {\n Cookies.remove(cookieName, cookieOpts);\n });\n });\n });\n });\n }\n\n syncToLocalStorage(): void {\n this._localStorage.setItem('', JSON.stringify(this.state));\n }\n\n getItem(key: StorageKey): string | null {\n return this._localStorage.getItem(key);\n }\n\n setItem(key: StorageKey, value: string): void {\n this._localStorage.setItem(key, value);\n }\n\n removeItem(key: StorageKey): void {\n this._localStorage.removeItem(key);\n }\n\n /**\n * Get all previously seen domains from local storage\n */\n private getSeenDomains(): string[] {\n const storedDomains = this.getItem(SEEN_DOMAINS_KEY);\n\n if (!storedDomains) {\n return [];\n }\n\n try {\n const parsed = JSON.parse(storedDomains);\n return Array.isArray(parsed) ? parsed : [];\n } catch {\n return [];\n }\n }\n\n /**\n * Add a domain to the seen domains list\n */\n private addSeenDomain(domain: string | null): void {\n if (!domain) {\n return;\n }\n\n const storedDomains = this.getSeenDomains();\n if (!storedDomains.includes(domain)) {\n storedDomains.push(domain);\n this.setItem(SEEN_DOMAINS_KEY, JSON.stringify(storedDomains));\n }\n }\n\n static generateCookieOpts({\n path,\n domain,\n availableToSubdomains,\n expiresAt,\n }: {\n path: string | null;\n domain: string | null;\n availableToSubdomains: boolean;\n expiresAt: string;\n }): Cookies.CookieAttributes {\n const cookieOpts: Cookies.CookieAttributes = {\n expires: new Date(expiresAt),\n sameSite: 'lax',\n };\n\n if (path) {\n cookieOpts.path = path;\n }\n\n if (isLocalhost()) {\n // We do not require HTTPS for localhost / local development\n // TODO: Could investigate disabling HTTPS for test projects\n cookieOpts.secure = false;\n } else {\n if (availableToSubdomains) {\n // Domain must be expressly configured in order for the cookie to\n // be sent to subdomains\n // UNLESS it is localhost, in which case domain should not be set\n // cf. https://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain\n cookieOpts.domain = domain || window.location.host;\n }\n cookieOpts.secure = true;\n }\n return cookieOpts;\n }\n}\n\nexport class ConsumerSubscriptionDataLayer extends SubscriptionDataLayer<ConsumerState> {}\nexport class B2BSubscriptionDataLayer extends SubscriptionDataLayer<B2BState> {}\n\n/**\n * We want multiple instances of the same Stytch SDK for the same project in the same page to\n * effectively share state - to do this, we create a single cache for the data layer.\n * In order to preserve the cache state across project hot module reloads, we bind it to\n * the global window object using a stytch-internal symbol.\n *\n * This also allows various StytchClients to communicate across package boundaries -\n * consider the following scenario:\n * - Next App splits out bundles per-page\n * - Next App uses Headless Client on all pages, and UI Client on one page\n * - UI client page includes its own copy of Headless Client (since UI depends on Headless CLient)\n * - B/C of code splitting & recombining, if someone navigates from a Headless page to a UI page\n * the there will actually be two copies of the HeadlessClient loaded,\n * one in the main bundle, and one included inside the UI Client code\n * - So using an in-memory global object will not suffice, we'll end up with two global objects in two diff packages\n */\ntype ConsumerDataLayerCache = Record<string, SubscriptionDataLayer<ConsumerState>>;\ntype B2BDataLayerCache = Record<string, SubscriptionDataLayer<B2BState>>;\n\nconst consumerDataLayerCacheSymbol = Symbol.for('__stytch_DataLayer');\nconst b2bDataLayerCacheSymbol = Symbol.for('__stytch_b2b_DataLayer');\n\nconst getConsumerDataLayerCache = (): ConsumerDataLayerCache => {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n const wdw = window as any;\n if (!wdw[consumerDataLayerCacheSymbol]) {\n wdw[consumerDataLayerCacheSymbol] = {};\n }\n return wdw[consumerDataLayerCacheSymbol];\n};\n\nconst getB2BDataLayerCache = (): B2BDataLayerCache => {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n const wdw = window as any;\n if (!wdw[b2bDataLayerCacheSymbol]) {\n wdw[b2bDataLayerCacheSymbol] = {};\n }\n return wdw[b2bDataLayerCacheSymbol];\n};\n\nexport const __clearConsumerDataLayerCache = () => {\n const dataLayerCache = getConsumerDataLayerCache();\n Object.keys(dataLayerCache).forEach((key) => delete dataLayerCache[key]);\n};\n\nexport const __clearB2BDataLayerCache = () => {\n const dataLayerCache = getB2BDataLayerCache();\n Object.keys(dataLayerCache).forEach((key) => delete dataLayerCache[key]);\n};\n\nexport const getConsumerDataLayer = (\n publicToken: string,\n options?: StytchClientOptions,\n): ConsumerSubscriptionDataLayer => {\n const dataLayerCache = getConsumerDataLayerCache();\n if (!dataLayerCache[publicToken]) {\n dataLayerCache[publicToken] = new ConsumerSubscriptionDataLayer(publicToken, options);\n }\n return dataLayerCache[publicToken];\n};\n\nexport const getB2BDataLayer = (publicToken: string, options?: StytchClientOptions): B2BSubscriptionDataLayer => {\n const dataLayerCache = getB2BDataLayerCache();\n if (!dataLayerCache[publicToken]) {\n dataLayerCache[publicToken] = new B2BSubscriptionDataLayer(publicToken, options);\n }\n return dataLayerCache[publicToken];\n};\n\nconst addSubscriber = <T>(collection: Subscribers<T>, subscriber: SubscriberFunction<T>): UnsubscribeFunction => {\n const uniqueId = Math.random().toString(36).slice(-10);\n collection[uniqueId] = subscriber;\n return () => delete collection[uniqueId];\n};\n\nconst notifySubscribers = <T>(collection: Subscribers<T>, value: T | null): void => {\n Object.values(collection).forEach((cb) => cb(value));\n};\n\ntype StateWithReadableTokensLoggedIn<T> = {\n state: T | null;\n intermediate_session_token: null;\n session_token: string;\n session_jwt: string;\n};\n\ntype StateIfOpaqueTokensLoggedIn<T> = {\n state: T | null;\n intermediate_session_token: null;\n session_token: true;\n session_jwt: true;\n};\n\ntype StateWithTokensLoggedIn<T> = StateWithReadableTokensLoggedIn<T> | StateIfOpaqueTokensLoggedIn<T>;\n\ntype StateWithTokensLoggedOut = {\n state: null;\n session_token: null;\n session_jwt: null;\n intermediate_session_token: null;\n};\n\ntype StateWithReadableIntermediateSessionToken = {\n state: null;\n session_token: null;\n session_jwt: null;\n intermediate_session_token: string;\n};\n\ntype StateWithOpaqueIntermediateSessionToken = {\n state: null;\n session_token: null;\n session_jwt: null;\n intermediate_session_token: true;\n};\n\ntype StateWithIntermediateSessionToken =\n | StateWithReadableIntermediateSessionToken\n | StateWithOpaqueIntermediateSessionToken;\n\ntype StateWithTokensDiff<T> = StateWithTokensLoggedIn<T> | StateWithTokensLoggedOut | StateWithIntermediateSessionToken;\n\nconst deepEqualData = createDeepEqual({\n KEYS_TO_EXCLUDE: ['last_accessed_at'],\n});\n\nexport class BaseSubscriptionService<T extends ConsumerState | B2BState, TOpaqueTokens extends AllowedOpaqueTokens>\n implements ISubscriptionService<T, TOpaqueTokens>\n{\n /**\n * Whether the state was retrieved from the cache and is awaiting a refresh\n */\n private fromCache = true;\n\n constructor(\n private _publicToken: string,\n private _datalayer: SubscriptionDataLayer<T>,\n { usingCustomApiEndpoint }: { usingCustomApiEndpoint: boolean },\n ) {\n window.addEventListener('storage', this._listen);\n\n // If a custom API endpoint is being used, the session may be being managed\n // by HttpOnly cookies, which we can't detect.\n if (!usingCustomApiEndpoint) {\n // If the session does not exist in localstorage (like if we are in an iframe)\n // then the cookie might still be set and we can retrieve the session via an API call\n const { session_token } = this._datalayer.readSessionCookie();\n if (!session_token) {\n this.destroySession();\n return;\n }\n }\n }\n\n // Listening for state changes across tabs\n private _listen = (e: StorageEvent) => {\n if (e.key !== getPersistentStorageKey(this._publicToken, '')) {\n return;\n }\n\n const parsedValue = e.newValue === null || e.newValue === 'null' ? null : (JSON.parse(e.newValue) as T);\n this.updateState(parsedValue, true);\n };\n\n getTokens(): IfOpaqueTokens<TOpaqueTokens, never, SessionTokens | null> {\n const { session_token, session_jwt } = this._datalayer.readSessionCookie();\n if (!(typeof session_token === 'string') || !(typeof session_jwt === 'string')) {\n return null as IfOpaqueTokens<TOpaqueTokens, never, SessionTokens | null>;\n }\n return { session_token, session_jwt } as IfOpaqueTokens<TOpaqueTokens, never, SessionTokens | null>;\n }\n\n getIntermediateSessionToken(): string | null {\n return this._datalayer.readIntermediateSessionTokenCookie() || null;\n }\n\n destroyState() {\n this.updateStateAndTokens({\n state: null,\n session_token: null,\n session_jwt: null,\n intermediate_session_token: null,\n });\n }\n\n destroySession() {\n this._datalayer.removeSessionCookie();\n this.updateState(null);\n }\n\n _updateStateAndTokensInternal(stateDiff: StateWithTokensDiff<T>, options: InternalSessionUpdateOptions) {\n const oldStateValue = this._datalayer.state;\n const newStateValue = stateDiff.state === null ? null : ({ ...this._datalayer.state, ...stateDiff.state } as T);\n this._datalayer.state = newStateValue;\n const wasCached = this.getFromCache();\n this.setCacheRefreshed();\n\n // NOTE: This means that our tab executes first before we signal the state change to other tabs\n // TODO: Should we avoid notifying subscribers in the same thread? Should we put\n // notifications in a setImmediate or setTimeout(..., 0)?\n // Should subscribers let us know if they are active/passive when they sign up?\n if (wasCached || !deepEqualData(oldStateValue, newStateValue)) {\n let notification: (T & SessionUpdateOptions) | null;\n if (newStateValue == null || options.fromCache) {\n notification = newStateValue;\n } else {\n notification = {\n ...newStateValue,\n sessionDurationMinutes: options.sessionDurationMinutes,\n };\n }\n\n notifySubscribers(this._datalayer.subscriptions, notification);\n }\n }\n\n updateStateAndTokens(\n stateDiff: StateWithTokensDiff<T>,\n options: InternalSessionUpdateOptions = { fromCache: false },\n ) {\n if (stateDiff.state) {\n if (typeof stateDiff.session_token === 'string') {\n this._datalayer.writeSessionCookie(stateDiff);\n } else {\n // The session token is opaque, so let's clear any residual session\n // cookies that may have been left over\n this._datalayer.removeSessionCookie();\n }\n this._datalayer.removeISTCookie();\n } else if (stateDiff.intermediate_session_token) {\n if (typeof stateDiff.intermediate_session_token === 'string') {\n this._datalayer.writeIntermediateSessionTokenCookie(stateDiff.intermediate_session_token);\n } else {\n // The intermediate session token is opaque, so let's clear any residual\n // intermediate session token cookies that may have been left over\n this._datalayer.removeISTCookie();\n }\n this._datalayer.removeSessionCookie();\n } else {\n this._datalayer.removeSessionCookie();\n this._datalayer.removeISTCookie();\n }\n\n this._updateStateAndTokensInternal(stateDiff, options);\n\n this._datalayer.syncToLocalStorage();\n }\n\n updateState(state: T | null, fromExternalSource = false) {\n const oldStateValue = this._datalayer.state;\n const newStateValue = state === null ? null : ({ ...this._datalayer.state, ...state } as T);\n this._datalayer.state = newStateValue;\n const wasCached = this.getFromCache();\n this.setCacheRefreshed();\n\n const hasStateChanged = !deepEqualData(oldStateValue, newStateValue);\n if (wasCached || hasStateChanged) {\n notifySubscribers(this._datalayer.subscriptions, newStateValue);\n\n // If there is no state change, or if this update was itself triggered by\n // a storage event, there is no need to sync to local storage since the\n // state is already in sync.\n if (hasStateChanged && !fromExternalSource) {\n // Delay notifying other tabs until after we have refreshed ourselves\n this._datalayer.syncToLocalStorage();\n }\n }\n }\n\n updateTokens(tokens: SessionTokensUpdate) {\n const { session_token, session_jwt } = tokens;\n const cookie = this._datalayer.readSessionCookie();\n const diff = {\n ...cookie,\n session_token,\n session_jwt,\n } as StateWithTokensDiff<T>;\n if (typeof session_token === 'string' || typeof session_jwt === 'string') {\n this._datalayer.writeSessionCookie(diff as StateWithReadableTokensLoggedIn<T>);\n this._datalayer.removeISTCookie();\n } else {\n this._datalayer.removeSessionCookie();\n }\n }\n\n subscribeToState(callback: SubscriberFunction<T & SessionUpdateOptions>): UnsubscribeFunction {\n return addSubscriber(this._datalayer.subscriptions, callback);\n }\n\n getState(): T | null {\n return this._datalayer.state;\n }\n\n destroy() {\n window.removeEventListener('storage', this._listen);\n }\n\n syncFromDeviceStorage() {\n return null;\n }\n\n getFromCache(): boolean {\n return this.fromCache;\n }\n\n setCacheRefreshed() {\n this.fromCache = false;\n }\n}\n\nexport class ConsumerSubscriptionService<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends BaseSubscriptionService<ConsumerState, ExtractOpaqueTokens<TProjectConfiguration>>\n implements IConsumerSubscriptionService<TProjectConfiguration>\n{\n updateUser = (user: User) => this.updateState({ user });\n getUser = () => this.getState()?.user ?? null;\n getSession = () => this.getState()?.session ?? null;\n updateSession: IConsumerSubscriptionService<TProjectConfiguration>['updateSession'] = (resp, options) => {\n const { session, user, session_jwt, session_token } = resp;\n\n if (session_token && session_jwt) {\n this.updateStateAndTokens(\n {\n state: { session, user },\n session_jwt,\n session_token,\n intermediate_session_token: null,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n } else {\n this.updateStateAndTokens(\n {\n state: { session, user },\n session_token: true,\n session_jwt: true,\n intermediate_session_token: null,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n }\n };\n\n withUpdateSession =\n <\n Args extends [] | [options?: CommonAuthenticateOptions] | (string | CommonAuthenticateOptions)[],\n Ret extends AuthenticateResponse<TProjectConfiguration & OpaqueTokensNeverConfig> | null,\n >(\n authenticate: (...args: Args) => Promise<Ret>,\n ): ((...args: Args) => Promise<Ret>) =>\n async (...args) => {\n const resp = await authenticate(...args);\n if (resp != null) {\n const options = args.find((a): a is CommonAuthenticateOptions => a != null && !(typeof a === 'string'));\n this.updateSession(resp, {\n sessionDurationMinutes: options?.session_duration_minutes,\n });\n }\n return resp;\n };\n}\n\nexport class B2BSubscriptionService<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends BaseSubscriptionService<B2BState, ExtractOpaqueTokens<TProjectConfiguration>>\n implements IB2BSubscriptionService<TProjectConfiguration>\n{\n updateMember = (member: Member) => this.updateState({ member });\n getMember = () => this.getState()?.member ?? null;\n updateOrganization = (organization: Organization) => this.updateState({ organization });\n getOrganization = () => this.getState()?.organization ?? null;\n getSession = () => this.getState()?.session ?? null;\n updateSession: IB2BSubscriptionService<TProjectConfiguration>['updateSession'] = (resp, options) => {\n if ('member_session' in resp && resp.member_session) {\n const tokens =\n resp.session_token && resp.session_jwt\n ? { session_token: resp.session_token, session_jwt: resp.session_jwt }\n : ({ session_token: true, session_jwt: true } as const);\n\n this.updateStateAndTokens(\n {\n state: {\n session: resp.member_session,\n member: resp.member,\n organization: resp.organization,\n },\n ...tokens,\n intermediate_session_token: null,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n } else {\n this.updateStateAndTokens(\n {\n state: null,\n session_token: null,\n session_jwt: null,\n intermediate_session_token: resp.intermediate_session_token || true,\n },\n {\n fromCache: false,\n sessionDurationMinutes: options?.sessionDurationMinutes,\n },\n );\n }\n };\n\n withUpdateSession =\n <\n Options extends CommonAuthenticateOptions | undefined,\n Ret extends\n | B2BAuthenticateResponse<TProjectConfiguration & OpaqueTokensNeverConfig>\n | B2BAuthenticateResponseWithMFA<TProjectConfiguration & OpaqueTokensNeverConfig>\n | B2BDiscoveryAuthenticateResponse<TProjectConfiguration & OpaqueTokensNeverConfig>,\n >(\n authenticate: (options: Options) => Promise<Ret>,\n ): ((options: Options) => Promise<Ret>) =>\n async (options) => {\n const resp = await authenticate(options);\n this.updateSession(resp, {\n sessionDurationMinutes: options?.session_duration_minutes,\n });\n return resp;\n };\n}\n","type DeepEqualOpts = {\n KEYS_TO_EXCLUDE?: string[];\n};\n\nexport const createDeepEqual = ({ KEYS_TO_EXCLUDE = [] }: DeepEqualOpts = {}) => {\n // If comparing functions, this may need some work. Not sure the\n // best path for this: compare instance (what it currently does),\n // stringify and compare, etc.\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n const deepEqual = (a: any, b: any): boolean => {\n // Ensures type is the same\n if (typeof a !== typeof b) return false;\n // arrays, null, and objects all have type 'object'\n if (a === null || b === null) return a === b;\n if (typeof a === 'object') {\n if (Object.keys(a).length !== Object.keys(b).length || Object.keys(a).some((k) => !(k in b))) return false;\n return Object.entries(a)\n .filter(([k]) => !KEYS_TO_EXCLUDE.includes(k))\n .every(([k, v]) => deepEqual(v, b[k]));\n }\n // boolean, string, number, undefined\n return a === b;\n };\n\n return deepEqual;\n};\n","import { INetworkClient, SearchDataManager } from '@stytch/core';\nimport { B2BState, ConsumerState, StytchProjectConfigurationInput } from '@stytch/core/public';\n\nimport { B2BOneTapProvider } from '../b2b/oneTap/B2BOneTapProvider';\nimport type { StytchB2BClient } from '../b2b/StytchB2BClient';\nimport { IBootstrapData } from '../BootstrapDataManager';\nimport { CaptchaProvider } from '../CaptchaProvider';\nimport { ClientsideServicesProvider } from '../ClientsideServicesProvider';\nimport { OneTapProvider } from '../oneTap/OneTapProvider';\nimport type { StytchClient } from '../StytchClient';\nimport { SubscriptionDataLayer } from '../SubscriptionService';\n\ntype Internals = {\n // Internal Utilities\n bootstrap: IBootstrapData;\n publicToken: string;\n searchManager: SearchDataManager;\n networkClient: INetworkClient;\n clientsideServices: ClientsideServicesProvider;\n};\n\nexport type B2BInternals = Internals & {\n dataLayer: SubscriptionDataLayer<B2BState>;\n networkClient: INetworkClient;\n oneTap: B2BOneTapProvider;\n};\n\nexport type B2CInternals = Internals & {\n captcha: CaptchaProvider;\n oneTap: OneTapProvider;\n dataLayer: SubscriptionDataLayer<ConsumerState>;\n};\n\nexport const internalSymB2B = Symbol.for('stytch__internal_b2b');\nexport const internalSymB2C = Symbol.for('stytch__internal_b2c');\n\nexport const writeB2BInternals = (obj: StytchB2BClient<StytchProjectConfigurationInput>, internals: B2BInternals) => {\n Object.assign(obj, {\n [internalSymB2B]: internals,\n });\n};\n\nexport const readB2BInternals = (obj: StytchB2BClient<StytchProjectConfigurationInput>): B2BInternals => {\n const casted = obj as { [internalSymB2B]?: B2BInternals };\n if (!casted[internalSymB2B]) {\n throw Error('Internals not found!');\n }\n return casted[internalSymB2B];\n};\n\nexport const writeB2CInternals = (obj: StytchClient<StytchProjectConfigurationInput>, internals: B2CInternals) => {\n Object.assign(obj, {\n [internalSymB2C]: internals,\n });\n};\n\nexport const readB2CInternals = (obj: StytchClient<StytchProjectConfigurationInput>): B2CInternals => {\n const casted = obj as { [internalSymB2C]?: B2CInternals };\n if (!casted[internalSymB2C]) {\n throw Error('Internals not found!');\n }\n return casted[internalSymB2C];\n};\n","import {\n DisabledDFPProtectedAuthProvider,\n HeadlessB2BOAuthClient as BaseHeadlessB2BOAuthClient,\n IB2BSubscriptionService,\n IDFPProtectedAuthProvider,\n INetworkClient,\n IPKCEManager,\n} from '@stytch/core';\nimport {\n IHeadlessB2BOAuthClient,\n OneTapPositions,\n StytchProjectConfigurationInput,\n StytchSDKUsageError,\n} from '@stytch/core/public';\n\nimport { OneTapRenderResult } from '../oneTap/GoogleOneTapClient';\nimport { B2BOneTapProvider } from './oneTap/B2BOneTapProvider';\n\nexport type B2BGoogleOneTapDiscoveryOAuthOptions = {\n /**\n * The URL that Stytch redirects to after the Google One Tap discovery flow is completed.\n * This should be a URL that verifies the request by querying Stytch's /oauth/discovery/authenticate endpoint.\n * If this value is not passed, the default discovery redirect URL that you set in your Dashboard is used.\n * If you have not set a default discovery redirect URL, an error is returned.\n */\n discovery_redirect_url?: string;\n /**\n * Controls whether clicking outside the One Tap prompt dismisses the prompt.\n * Defaults to true.\n */\n cancel_on_tap_outside?: boolean;\n};\n\nexport type B2BGoogleOneTapOAuthOptions = {\n /**\n * The ID of the organization that the end user is logging in to.\n */\n organization_id: string;\n\n /**\n * The URL that Stytch redirects to after the Google One Tap flow is completed for a member who already exists.\n * This should be a URL that verifies the request by querying Stytch's /oauth/authenticate endpoint.\n * If this value is not passed, the default login redirect URL that you set in your Dashboard is used.\n * If you have not set a default login redirect URL, an error is returned.\n */\n login_redirect_url?: string;\n\n /**\n * The URL that Stytch redirects to after the Google One Tap flow is completed for a member who does not yet exist.\n * This should be a URL that verifies the request by querying Stytch's /oauth/authenticate endpoint.\n * If this value is not passed, the default signup redirect URL that you set in your Dashboard is used.\n * If you have not set a default signup redirect URL, an error is returned.\n */\n signup_redirect_url?: string;\n /**\n * Controls whether clicking outside the One Tap prompt dismisses the prompt.\n * Defaults to true.\n */\n cancel_on_tap_outside?: boolean;\n};\n\ninterface IB2BGoogleOneTapOAuthProvider {\n discovery: {\n /**\n * Start a discovery OAuth flow by showing the Google one tap prompt in the top right corner of the user's browser.\n * You can configure this to be started by a user action (i.e Button click) or on load/render.\n * @example\n * const showGoogleOneTap = useCallback(()=> {\n * stytch.oauth.googleOneTap.discovery.start({\n * discovery_redirect_url: 'https://example.com/oauth/callback',\n * })\n * }, [stytch]);\n * return (\n * <Button onClick={showGoogleOneTap}> Show Google one tap </Button>\n * );\n *\n * @param options - A {@link B2BGoogleOneTapDiscoveryOAuthOptions} object\n *\n * @returns A {@link OneTapRenderResult} object. The result object includes if the one-tap prompt\n * was rendered, and a reason if it couldn't be rendered.\n *\n * @throws An Error if the one tap client cannot be created.\n */\n start(options?: B2BGoogleOneTapDiscoveryOAuthOptions): Promise<OneTapRenderResult>;\n };\n /**\n * Start an OAuth flow by showing the Google one tap prompt in the top right corner of the user's browser.\n * You can configure this to be started by a user action (i.e Button click) or on load/render.\n * @example\n * const showGoogleOneTap = useCallback(()=> {\n * stytch.oauth.googleOneTap.start({\n * organization_id: 'organization-test-123',\n * })\n * }, [stytch]);\n * return (\n * <Button onClick={showGoogleOneTap}> Show Google one tap </Button>\n * );\n *\n * @param options - A {@link B2BGoogleOneTapOAuthOptions} object\n *\n * @returns A {@link OneTapRenderResult} object. The result object includes if the one-tap prompt\n * was rendered, and a reason if it couldn't be rendered.\n *\n * @throws An Error if the one tap client cannot be created.\n */\n start(options?: B2BGoogleOneTapOAuthOptions): Promise<OneTapRenderResult>;\n}\n\ntype DynamicConfig = Promise<{\n cnameDomain: null | string;\n pkceRequiredForOAuth: boolean;\n}>;\ntype Config = {\n publicToken: string;\n testAPIURL: string;\n liveAPIURL: string;\n};\n\nexport interface IWebB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends IHeadlessB2BOAuthClient<TProjectConfiguration> {\n googleOneTap: IB2BGoogleOneTapOAuthProvider;\n}\n\nexport class HeadlessB2BOAuthClient<TProjectConfiguration extends StytchProjectConfigurationInput>\n extends BaseHeadlessB2BOAuthClient<TProjectConfiguration>\n implements IWebB2BOAuthClient<TProjectConfiguration>\n{\n constructor(\n _networkClient: INetworkClient,\n _subscriptionService: IB2BSubscriptionService<TProjectConfiguration>,\n _pkceManager: IPKCEManager,\n _dynamicConfig: DynamicConfig,\n _config: Config,\n _dfpProtectedAuth: IDFPProtectedAuthProvider = DisabledDFPProtectedAuthProvider(),\n private _oneTap: B2BOneTapProvider,\n ) {\n super(_networkClient, _subscriptionService, _pkceManager, _dynamicConfig, _config, _dfpProtectedAuth);\n }\n\n private startOneTapDiscovery = async (options: B2BGoogleOneTapDiscoveryOAuthOptions): Promise<OneTapRenderResult> => {\n const clientResult = await this._oneTap.createOneTapClient();\n if (!clientResult.success) {\n throw new Error(`One Tap could not load: ${clientResult.reason}`);\n }\n\n const { client } = clientResult;\n\n const onSuccessCallback = this._oneTap.createOnDiscoverySuccessHandler({\n discoveryRedirectUrl: options.discovery_redirect_url,\n onSuccess: this._oneTap.redirectOnSuccess,\n });\n\n return client.render({\n style: {\n position: OneTapPositions.floating,\n },\n callback: onSuccessCallback,\n cancelOnTapOutside: options.cancel_on_tap_outside,\n });\n };\n\n private startOneTap = async (options: B2BGoogleOneTapOAuthOptions): Promise<OneTapRenderResult> => {\n if (!options.organization_id) {\n throw new StytchSDKUsageError('stytch.oauth.googleOneTap.start', 'organization_id is a required argument');\n }\n const clientResult = await this._oneTap.createOneTapClient();\n if (!clientResult.success) {\n throw new Error(`One Tap could not load: ${clientResult.reason}`);\n }\n\n const { client } = clientResult;\n\n const onSuccessCallback = this._oneTap.createOnSuccessHandler({\n organizationId: options.organization_id,\n signupRedirectUrl: options.signup_redirect_url,\n loginRedirectUrl: options.login_redirect_url,\n onSuccess: this._oneTap.redirectOnSuccess,\n });\n\n return client.render({\n style: {\n position: OneTapPositions.floating,\n },\n callback: onSuccessCallback,\n cancelOnTapOutside: options.cancel_on_tap_outside,\n });\n };\n\n googleOneTap: IB2BGoogleOneTapOAuthProvider = {\n discovery: {\n start: this.startOneTapDiscovery,\n },\n start: this.startOneTap,\n };\n}\n","// Inspired by https://developers.google.com/privacy-sandbox/3pcd/fedcm-developer-guide#sign-into-rp\nexport const navigatorSupportsFedCM = typeof window !== 'undefined' && 'IdentityCredential' in window;\n","import { OneTapPositions } from '@stytch/core/public';\n\nimport { navigatorSupportsFedCM } from './navigatorSupportsFedCM';\n\nexport const getConfiguredEmbeddedMode = (position: OneTapPositions | undefined) => {\n if (position === OneTapPositions.forceLegacyEmbedded) {\n return 'force';\n }\n\n if (\n position === OneTapPositions.embeddedOnly ||\n position === OneTapPositions.embedded ||\n position === OneTapPositions.floatingOrEmbedded\n ) {\n return true;\n }\n\n return false;\n};\n\nexport const getShouldRenderEmbeddedOneTap = (position: OneTapPositions | undefined) => {\n // Attempt embedded positioning if some embedded mode has been requested, and\n // either:\n // - the browser does not support FedCM (in which case embedded positioning\n // could work), or\n // - the developer has specified legacy embedded positioning (in which case\n // embedded positioning may not be honored)\n\n const embeddedMode = getConfiguredEmbeddedMode(position);\n return embeddedMode === 'force' || (embeddedMode && !navigatorSupportsFedCM);\n};\n\nexport const getShouldRenderFloatingOneTap = (position: OneTapPositions | undefined) => {\n // Use floating positioning if we aren't using embedded positioning and the\n // developer hasn't specifically requested not to use floating positioning\n return position !== OneTapPositions.embeddedOnly && !getShouldRenderEmbeddedOneTap(position);\n};\n\nexport const getRenderedOneTapMode = (position: OneTapPositions | undefined) => {\n const embeddedMode = getConfiguredEmbeddedMode(position);\n\n if (embeddedMode === 'force' || (embeddedMode && !navigatorSupportsFedCM)) {\n return 'embedded';\n }\n\n if (position !== OneTapPositions.embeddedOnly) {\n return 'floating';\n }\n\n return false;\n};\n","import { GOOGLE_ONE_TAP_HOST } from '@stytch/core';\nimport { OneTapStyleConfig } from '@stytch/core/public';\nimport type { accounts, CredentialResponse, IdConfiguration, PromptMomentNotification } from 'google-one-tap';\n\nimport { getConfiguredEmbeddedMode, getShouldRenderEmbeddedOneTap } from './positionModes';\n\ntype OneTapNotShownReason =\n | ReturnType<PromptMomentNotification['getNotDisplayedReason']>\n | ReturnType<PromptMomentNotification['getSkippedReason']>;\n\nexport type OneTapRenderResult = { success: true } | { success: false; reason: OneTapNotShownReason };\n\n/**\n * Wrapper around Google One Tap JS client that combines initialize() and prompt()\n * into one async render() call\n *\n * @see https://developers.google.com/identity/gsi/web/guides/display-google-one-tap#javascript\n */\nexport class GoogleOneTapClient {\n constructor(\n private _googleClient: accounts['id'],\n private _clientId: string,\n ) {}\n\n cancel(): void {\n this._googleClient.cancel();\n }\n\n async render({\n callback,\n onOneTapCancelled,\n style,\n cancelOnTapOutside = true,\n }: {\n callback: (response: CredentialResponse) => void;\n onOneTapCancelled?: (showError?: boolean) => void;\n style: OneTapStyleConfig;\n cancelOnTapOutside?: boolean;\n }): Promise<OneTapRenderResult> {\n const embeddedMode = getConfiguredEmbeddedMode(style.position);\n const shouldRenderEmbeddedOneTap = getShouldRenderEmbeddedOneTap(style.position);\n\n const config: IdConfiguration = {\n client_id: this._clientId,\n callback: callback,\n auto_select: false,\n context: 'use',\n itp_support: true,\n use_fedcm_for_prompt: embeddedMode !== 'force',\n cancel_on_tap_outside: cancelOnTapOutside,\n };\n if (shouldRenderEmbeddedOneTap) {\n config.prompt_parent_id = 'google-parent-prompt';\n config.cancel_on_tap_outside = false;\n }\n this._googleClient.initialize(config);\n\n return new Promise((resolve) => {\n this._googleClient.prompt((notification: PromptMomentNotification) => {\n if (notification.isSkippedMoment()) {\n // After FedCM is mandatory, `getSkippedReason` will no longer be\n // supported, so access it defensively.\n const reason = notification.getSkippedReason?.() ?? 'unknown_reason';\n\n if (reason === 'user_cancel') {\n onOneTapCancelled?.();\n }\n return resolve({\n success: false,\n reason,\n });\n }\n\n // At some point after FedCM is mandatory, `isNotDisplayed` and\n // `getNotDisplayedReason` (and display moments in general) will not be\n // supported. If we can tell they're not available and we're trying to\n // show an embedded one tap UI, we should treat it as a failure, because\n // we won't expect an embedded UI to work (by virtue of FedCM being\n // mandatory) and won't expect any other notifications.\n if ((!notification.isNotDisplayed && shouldRenderEmbeddedOneTap) || notification.isNotDisplayed?.()) {\n return resolve({\n success: false,\n reason: notification.getNotDisplayedReason?.() ?? 'unknown_reason',\n });\n }\n\n if (!notification.isDismissedMoment()) {\n this.styleFrame(shouldRenderEmbeddedOneTap);\n return resolve({ success: true });\n }\n });\n });\n }\n\n styleFrame(shouldRenderEmbeddedOneTap: boolean) {\n if (!shouldRenderEmbeddedOneTap) {\n return;\n }\n Array.from(document.getElementsByTagName('iframe')).forEach((frame) => {\n if (frame.src.includes(GOOGLE_ONE_TAP_HOST)) {\n frame.style.width = '100%';\n }\n });\n }\n}\n","import { INetworkClient, IPKCEManager } from '@stytch/core';\nimport { ResponseCommon, StytchAPIError } from '@stytch/core/public';\nimport type { CredentialResponse } from 'google-one-tap';\n\nimport { GoogleOneTapClient } from '../../oneTap/GoogleOneTapClient';\nimport { loadGoogleOneTapClient } from '../../oneTap/OneTapProvider';\n\ntype B2BOneTapStartResponse = ResponseCommon & {\n google_client_id: string;\n};\n\ntype B2BOneTapSubmitResponse = ResponseCommon & {\n redirect_url: string;\n};\n\ntype OneTapNotLoadedReason =\n // These come from the API directly - err.error_type\n | 'oauth_config_not_found'\n | 'default_provider_not_allowed'\n // If we have an unhandled error :$\n | string;\n\ntype OneTapLoadResult =\n | { success: true; client: GoogleOneTapClient }\n | { success: false; reason: OneTapNotLoadedReason };\n\ntype DynamicConfig = Promise<{\n pkceRequiredForOAuth: boolean;\n}>;\n\nconst DefaultDynamicConfig = Promise.resolve({\n pkceRequiredForOAuth: false,\n});\n\n/**\n * Handles loading One Tap config from Stytch API and initializing {@link GoogleOneTapClient}\n */\nexport class B2BOneTapProvider {\n private googleClientID?: string;\n constructor(\n private _networkClient: INetworkClient,\n private _pkceManager: IPKCEManager,\n private _config: DynamicConfig = DefaultDynamicConfig,\n ) {}\n\n private async fetchGoogleStart() {\n if (this.googleClientID) {\n return this.googleClientID;\n }\n const oneTapStartResp = await this._networkClient.fetchSDK<B2BOneTapStartResponse>({\n url: '/b2b/oauth/google/onetap/start',\n method: 'GET',\n });\n this.googleClientID = oneTapStartResp.google_client_id;\n return this.googleClientID;\n }\n\n private async submitGoogleOneTapTokenDiscovery({\n credential,\n discoveryRedirectUrl,\n }: {\n credential: string;\n discoveryRedirectUrl?: string;\n }) {\n let codeChallenge = undefined;\n const { pkceRequiredForOAuth } = await this._config;\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n codeChallenge = keyPair.code_challenge;\n } else {\n this._pkceManager.clearPKPair();\n }\n return await this._networkClient.fetchSDK<B2BOneTapSubmitResponse>({\n url: '/b2b/oauth/google/onetap/discovery/submit',\n method: 'POST',\n body: {\n id_token: credential,\n discovery_redirect_url: discoveryRedirectUrl,\n pkce_code_challenge: codeChallenge,\n },\n });\n }\n\n private async submitGoogleOneTapToken({\n credential,\n organizationId,\n signupRedirectUrl,\n loginRedirectUrl,\n }: {\n credential: string;\n organizationId: string;\n signupRedirectUrl?: string;\n loginRedirectUrl?: string;\n }) {\n let codeChallenge = undefined;\n const { pkceRequiredForOAuth } = await this._config;\n if (pkceRequiredForOAuth) {\n const keyPair = await this._pkceManager.startPKCETransaction();\n codeChallenge = keyPair.code_challenge;\n } else {\n this._pkceManager.clearPKPair();\n }\n return await this._networkClient.fetchSDK<B2BOneTapSubmitResponse>({\n url: '/b2b/oauth/google/onetap/submit',\n method: 'POST',\n body: {\n id_token: credential,\n organization_id: organizationId,\n signup_redirect_url: signupRedirectUrl,\n login_redirect_url: loginRedirectUrl,\n pkce_code_challenge: codeChallenge,\n },\n });\n }\n\n async createOneTapClient(): Promise<OneTapLoadResult> {\n let googleClientId: string;\n try {\n googleClientId = await this.fetchGoogleStart();\n } catch (e) {\n const err = StytchAPIError.from(e);\n return { success: false, reason: err.error_type };\n }\n\n if (googleClientId === '') {\n return { success: false, reason: 'oauth_config_not_found' };\n }\n const client = new GoogleOneTapClient(await loadGoogleOneTapClient(), googleClientId);\n return { success: true, client };\n }\n\n createOnDiscoverySuccessHandler =\n ({\n discoveryRedirectUrl,\n onSuccess,\n onError,\n }: {\n discoveryRedirectUrl?: string;\n onSuccess: (redirect_url: string) => void;\n onError?: (error: Error) => void;\n }) =>\n async (response: CredentialResponse) => {\n const { credential } = response;\n let submitPromise = this.submitGoogleOneTapTokenDiscovery({\n credential,\n discoveryRedirectUrl,\n }).then((result) => onSuccess(result.redirect_url));\n if (onError) {\n submitPromise = submitPromise.catch((error) => onError(error));\n }\n await submitPromise;\n };\n\n createOnSuccessHandler =\n ({\n organizationId,\n signupRedirectUrl,\n loginRedirectUrl,\n onSuccess,\n onError,\n }: {\n organizationId: string;\n signupRedirectUrl?: string;\n loginRedirectUrl?: string;\n onSuccess: (redirect_url: string) => void;\n onError?: (error: Error) => void;\n }) =>\n async (response: CredentialResponse) => {\n const { credential } = response;\n let submitPromise = this.submitGoogleOneTapToken({\n credential,\n organizationId,\n signupRedirectUrl,\n loginRedirectUrl,\n }).then((result) => onSuccess(result.redirect_url));\n if (onError) {\n submitPromise = submitPromise.catch((error) => onError(error));\n }\n await submitPromise;\n };\n\n redirectOnSuccess = (redirect_url: string) => {\n window.location.href = redirect_url;\n };\n}\n","import { GOOGLE_ONE_TAP_SCRIPT_URL, loadESModule, OneTapStartResponse, RPCManifest } from '@stytch/core';\nimport { StytchAPIError } from '@stytch/core/public';\nimport type { CredentialResponse } from 'google-one-tap';\n\nimport { GoogleOneTapClient } from './GoogleOneTapClient';\n\nexport const loadGoogleOneTapClient = (): Promise<google.accounts['id']> =>\n loadESModule(GOOGLE_ONE_TAP_SCRIPT_URL, () => window.google.accounts.id);\n\ntype OneTapNotLoadedReason =\n // These come from the API directly - err.error_type\n | 'oauth_config_not_found'\n | 'no_login_redirect_urls_set'\n | 'no_signup_redirect_urls_set'\n // If we have an unhandled error :$\n | string;\n\ntype OneTapLoadResult =\n | { success: true; client: GoogleOneTapClient }\n | { success: false; reason: OneTapNotLoadedReason };\n\n/**\n * Handles loading One Tap config from Stytch API and initializing {@link GoogleOneTapClient}\n */\nexport class OneTapProvider {\n private googleConfig?: Promise<OneTapStartResponse>;\n\n constructor(\n private _publicToken: string,\n private clientsideServices: RPCManifest,\n ) {}\n\n async createOneTapClient(): Promise<OneTapLoadResult> {\n let googleClientId: string;\n try {\n ({ googleClientId } = await this.fetchGoogleStart());\n } catch (e) {\n const err = StytchAPIError.from(e);\n return { success: false, reason: err.error_type };\n }\n\n if (googleClientId === '') {\n return { success: false, reason: 'oauth_config_not_found' };\n }\n const client = new GoogleOneTapClient(await loadGoogleOneTapClient(), googleClientId);\n return { success: true, client };\n }\n\n createOnSuccessHandler =\n ({\n loginRedirectUrl,\n signupRedirectUrl,\n onSuccess,\n }: {\n loginRedirectUrl?: string;\n signupRedirectUrl?: string;\n onSuccess: (redirect_url: string) => void;\n }) =>\n async (response: CredentialResponse) => {\n const { credential } = response;\n const { redirect_url } = await this.submitGoogleOneTapToken({\n credential,\n loginRedirectUrl,\n signupRedirectUrl,\n });\n onSuccess(redirect_url);\n };\n\n private fetchGoogleStart() {\n if (this.googleConfig) {\n return this.googleConfig;\n }\n this.googleConfig = this.clientsideServices.oneTapStart({\n publicToken: this._publicToken,\n });\n return this.googleConfig;\n }\n\n private async submitGoogleOneTapToken({\n credential,\n loginRedirectUrl,\n signupRedirectUrl,\n }: {\n credential: string;\n loginRedirectUrl?: string;\n signupRedirectUrl?: string;\n }) {\n const { oauthCallbackId } = await this.fetchGoogleStart();\n\n return this.clientsideServices.oneTapSubmit({\n publicToken: this._publicToken,\n idToken: credential,\n loginRedirectURL: loginRedirectUrl,\n oauthCallbackID: oauthCallbackId,\n signupRedirectURL: signupRedirectUrl,\n });\n }\n\n redirectOnSuccess = (redirect_url: string) => {\n window.location.href = redirect_url;\n };\n\n /**\n * Google One Tap will show a banner on the bottom of the screen on certain mobile devices\n * This logic is controlled via some sniffing of the useragent string on startup\n * These specific strings were extracted from the One Tap minified source code\n * See the linked PR for details and screenshots\n */\n static willGoogleOneTapShowEmbedded(ua = navigator.userAgent): boolean {\n const uaContains = (userAgent: string, searchString: string) => userAgent.indexOf(searchString) !== -1;\n\n const isTabletUA =\n uaContains(ua, 'iPad') || (uaContains(ua, 'Android') && !uaContains(ua, 'Mobile')) || uaContains(ua, 'Silk');\n\n const isMobileUA =\n uaContains(ua, 'iPod') || uaContains(ua, 'iPhone') || uaContains(ua, 'Android') || uaContains(ua, 'IEMobile');\n\n return !isTabletUA && isMobileUA;\n }\n}\n","import {\n checkB2BNotSSR,\n checkPublicToken,\n DFPProtectedAuthProvider,\n HeadlessB2BDiscoveryClient,\n HeadlessB2BIDPClient,\n HeadlessB2BImpersonationClient,\n HeadlessB2BMagicLinksClient,\n HeadlessB2BOrganizationClient,\n HeadlessB2BOTPsClient,\n HeadlessB2BPasswordsClient,\n HeadlessB2BRBACClient,\n HeadlessB2BRecoveryCodesClient,\n HeadlessB2BSCIMClient,\n HeadlessB2BSelfClient,\n HeadlessB2BSessionClient,\n HeadlessB2BSSOClient,\n HeadlessB2BTOTPsClient,\n INetworkClient,\n logger,\n SearchDataManager,\n SessionManager,\n StateChangeClient,\n StateChangeRegisterFunction,\n VERTICAL_CONSUMER,\n} from '@stytch/core';\nimport {\n B2BState,\n IHeadlessB2BDiscoveryClient,\n IHeadlessB2BImpersonationClient,\n IHeadlessB2BMagicLinksClient,\n IHeadlessB2BMemberClient,\n IHeadlessB2BOrganizationClient,\n IHeadlessB2BOTPsClient,\n IHeadlessB2BPasswordClient,\n IHeadlessB2BRBACClient,\n IHeadlessB2BRecoveryCodesClient,\n IHeadlessB2BSCIMClient,\n IHeadlessB2BSelfClient,\n IHeadlessB2BSessionClient,\n IHeadlessB2BSSOClient,\n IHeadlessB2BTOTPsClient,\n StytchClientOptions,\n StytchProjectConfigurationInput,\n} from '@stytch/core/public';\n\nimport { BootstrapDataManager } from '../BootstrapDataManager';\nimport { CaptchaProvider } from '../CaptchaProvider';\nimport { ClientsideServicesProvider } from '../ClientsideServicesProvider';\nimport { NetworkClient } from '../NetworkClient';\nimport { PKCEManager } from '../PKCEManager';\nimport { B2BSubscriptionDataLayer, B2BSubscriptionService, getB2BDataLayer } from '../SubscriptionService';\nimport { buildFinalConfig, hasCustomApiEndpoint } from '../utils/config';\nimport { AuthenticateByUrl, createAuthUrlHandler, ParseAuthenticateUrl } from '../utils/createAuthUrlHandler';\nimport { B2BInternals, writeB2BInternals } from '../utils/internal';\nimport { HeadlessB2BOAuthClient, IWebB2BOAuthClient } from './HeadlessB2BOAuthClient';\nimport { B2BOneTapProvider } from './oneTap/B2BOneTapProvider';\n\nexport type HandledTokenType =\n | 'discovery'\n | 'discovery_oauth'\n | 'oauth'\n | 'sso'\n | 'multi_tenant_magic_links'\n | 'multi_tenant_impersonation';\n\n/**\n * A headless client used for invoking Stytch's B2B APIs.\n * The Stytch Headless Client can be used as a drop-in solution for authentication and session management.\n * Full documentation can be found {@link https://stytch.com/docs/b2b/sdks/javascript-sdk online}.\n *\n * @example\n * const stytch = new StytchB2BClient('public-token-<find yours in the stytch dashboard>');\n * stytch.magicLinks.email.loginOrCreate({\n * email: 'sandbox@stytch.com',\n * organization_id: 'organization-test-123',\n * });\n */\nexport class StytchB2BClient<\n TProjectConfiguration extends StytchProjectConfigurationInput = Stytch.DefaultProjectConfiguration,\n> {\n private readonly _subscriptionService: B2BSubscriptionService<TProjectConfiguration>;\n private readonly _sessionManager: SessionManager<TProjectConfiguration>;\n private readonly _networkClient: INetworkClient;\n private readonly _dataLayer: B2BSubscriptionDataLayer;\n private readonly _stateChangeClient: StateChangeClient<B2BState>;\n\n // External API Clients\n magicLinks: IHeadlessB2BMagicLinksClient<TProjectConfiguration>;\n session: IHeadlessB2BSessionClient<TProjectConfiguration>;\n /** @deprecated Please use client.self instead. This will be removed in a future release. */\n member: IHeadlessB2BMemberClient;\n self: IHeadlessB2BSelfClient;\n organization: IHeadlessB2BOrganizationClient;\n oauth: IWebB2BOAuthClient<TProjectConfiguration>;\n sso: IHeadlessB2BSSOClient<TProjectConfiguration>;\n discovery: IHeadlessB2BDiscoveryClient<TProjectConfiguration>;\n passwords: IHeadlessB2BPasswordClient<TProjectConfiguration>;\n otps: IHeadlessB2BOTPsClient<TProjectConfiguration>;\n totp: IHeadlessB2BTOTPsClient<TProjectConfiguration>;\n recoveryCodes: IHeadlessB2BRecoveryCodesClient<TProjectConfiguration>;\n rbac: IHeadlessB2BRBACClient;\n scim: IHeadlessB2BSCIMClient;\n impersonation: IHeadlessB2BImpersonationClient;\n idp: HeadlessB2BIDPClient;\n\n // External methods\n /**\n * Register a callback function to be invoked whenever certain state changes\n * occur, like a member or session object being updated.\n *\n * This is an alternative to more specific methods like `self.onChange` and\n * `session.onChange`. It can be helpful if you want to be notified of related\n * changes to different parts of state at once.\n *\n * If you are only interested in specific state changes, consider using more\n * specific methods like `self.onChange` and `session.onChange` instead.\n */\n onStateChange: StateChangeRegisterFunction<B2BState>;\n\n /**\n * Extracts token and token type from the current page URL's query parameters.\n * If the current URL do not have the required query params, this will return null.\n * Otherwise, returns an object { handled: boolean, tokenType: string, token: string }\n */\n parseAuthenticateUrl: ParseAuthenticateUrl<HandledTokenType>;\n\n /**\n * Call this method to authenticate the user when the user has been redirected\n * to this page with a token in the query parameters, such as after OAuth\n * or through an email magic link. This method currently supports\n *\n * - Magic links\n * - OAuth\n * - SSO\n * - Impersonation\n *\n * If the current URL do not have the required query params, the promise returned will resolve to null.\n * If the token type is not supported (e.g. reset_password), the promise returned will resolve to this\n * object allowing you to handle the token.\n * {\n * handled: false,\n * tokenType: 'token_type',\n * token: '<token>'\n * }\n */\n authenticateByUrl: AuthenticateByUrl<HandledTokenType>;\n\n constructor(rawPublicToken: string, options?: StytchClientOptions) {\n checkB2BNotSSR();\n\n // Intentionally check the raw public token so that we can log a correct error message,\n // but then coalesce to an empty string so that the UI components don't fail to render.\n checkPublicToken(rawPublicToken);\n const _PUBLIC_TOKEN = rawPublicToken ?? '';\n\n // Not casting to InternalStytchClientOptions since InternalStytchClientOptions is currently a superset\n const config = buildFinalConfig(this.constructor.name, options);\n const usingCustomApiEndpoint = hasCustomApiEndpoint(_PUBLIC_TOKEN, options);\n\n this._dataLayer = getB2BDataLayer(_PUBLIC_TOKEN, config);\n this._subscriptionService = new B2BSubscriptionService(_PUBLIC_TOKEN, this._dataLayer, { usingCustomApiEndpoint });\n this._stateChangeClient = new StateChangeClient(this._subscriptionService, {});\n this.onStateChange = (...args) => this._stateChangeClient.onStateChange(...args);\n\n const additionalTelemetryDataFn = () => ({\n stytch_member_id: this._dataLayer.state?.member?.member_id,\n stytch_member_session_id: this._dataLayer.state?.session?.member_session_id,\n });\n\n const passwordsPKCEManager = new PKCEManager(this._dataLayer, 'passwords');\n\n const networkClient = new NetworkClient(\n _PUBLIC_TOKEN,\n this._dataLayer,\n config.endpoints.liveAPIURL,\n config.endpoints.testAPIURL,\n additionalTelemetryDataFn,\n );\n this._networkClient = networkClient;\n\n const bootstrap = new BootstrapDataManager(_PUBLIC_TOKEN, networkClient, this._dataLayer);\n const captcha = new CaptchaProvider(bootstrap.getAsync());\n const dfpProtectedAuth = new DFPProtectedAuthProvider(\n _PUBLIC_TOKEN,\n config.endpoints.dfpBackendURL,\n config.endpoints.dfpCdnURL,\n bootstrap.getAsync(),\n captcha.executeRecaptcha,\n );\n const clientsideServices = new ClientsideServicesProvider(config.endpoints.clientsideServicesIframeURL);\n const pkceManagerForOAuth = new PKCEManager(this._dataLayer, 'oauth');\n const oneTap = new B2BOneTapProvider(networkClient, pkceManagerForOAuth, bootstrap.getAsync());\n\n this.organization = new HeadlessB2BOrganizationClient(networkClient, networkClient, this._subscriptionService);\n this.member = new HeadlessB2BSelfClient(networkClient, networkClient, this._subscriptionService);\n this.self = new HeadlessB2BSelfClient(networkClient, networkClient, this._subscriptionService);\n this.session = new HeadlessB2BSessionClient(networkClient, this._subscriptionService);\n this.magicLinks = new HeadlessB2BMagicLinksClient(\n networkClient,\n this._subscriptionService,\n new PKCEManager(this._dataLayer, 'magic_links'),\n passwordsPKCEManager,\n bootstrap.getAsync(),\n dfpProtectedAuth,\n );\n this.oauth = new HeadlessB2BOAuthClient(\n networkClient,\n this._subscriptionService,\n pkceManagerForOAuth,\n bootstrap.getAsync(),\n {\n publicToken: _PUBLIC_TOKEN,\n testAPIURL: config.endpoints.testAPIURL,\n liveAPIURL: config.endpoints.liveAPIURL,\n },\n dfpProtectedAuth,\n oneTap,\n );\n this.sso = new HeadlessB2BSSOClient(\n networkClient,\n this._subscriptionService,\n new PKCEManager(this._dataLayer, 'sso'),\n bootstrap.getAsync(),\n {\n publicToken: _PUBLIC_TOKEN,\n testAPIURL: config.endpoints.testAPIURL,\n liveAPIURL: config.endpoints.liveAPIURL,\n },\n dfpProtectedAuth,\n );\n this.discovery = new HeadlessB2BDiscoveryClient(networkClient, this._subscriptionService);\n this.passwords = new HeadlessB2BPasswordsClient(\n networkClient,\n this._subscriptionService,\n passwordsPKCEManager,\n bootstrap.getAsync(),\n dfpProtectedAuth,\n );\n this.otps = new HeadlessB2BOTPsClient(networkClient, this._subscriptionService, dfpProtectedAuth);\n this.totp = new HeadlessB2BTOTPsClient(networkClient, this._subscriptionService, dfpProtectedAuth);\n this.recoveryCodes = new HeadlessB2BRecoveryCodesClient(networkClient, this._subscriptionService, dfpProtectedAuth);\n this.rbac = new HeadlessB2BRBACClient(bootstrap.getSync(), bootstrap.getAsync(), this._subscriptionService);\n this.scim = new HeadlessB2BSCIMClient(this._networkClient, this._subscriptionService);\n this.impersonation = new HeadlessB2BImpersonationClient(\n this._networkClient,\n this._subscriptionService,\n dfpProtectedAuth,\n );\n this.idp = new HeadlessB2BIDPClient(networkClient);\n this._sessionManager = new SessionManager(this._subscriptionService, this.session, _PUBLIC_TOKEN, {\n keepSessionAlive: config.keepSessionAlive,\n });\n const searchManager = new SearchDataManager(networkClient, dfpProtectedAuth);\n\n // If the session does not exist in localstorage (like if we are in an iframe)\n // then the cookie might still be set and we can retrieve the session via an API call.\n // If a custom API endpoint is being used, the session may be being managed by\n // HttpOnly cookies, which we can't detect.\n if (usingCustomApiEndpoint || this._dataLayer.readSessionCookie().session_token) {\n this._sessionManager.performBackgroundRefresh();\n }\n\n const { authenticateByUrl, parseAuthenticateUrl } = createAuthUrlHandler<HandledTokenType>({\n discovery: (token) => this.magicLinks.discovery.authenticate({ discovery_magic_links_token: token }),\n discovery_oauth: (token) => this.oauth.discovery.authenticate({ discovery_oauth_token: token }),\n oauth: (token, options) => this.oauth.authenticate({ oauth_token: token, ...options }),\n sso: (token, options) => this.sso.authenticate({ sso_token: token, ...options }),\n multi_tenant_magic_links: (token, options) =>\n this.magicLinks.authenticate({ magic_links_token: token, ...options }),\n multi_tenant_impersonation: (token) => this.impersonation.authenticate({ impersonation_token: token }),\n });\n\n this.authenticateByUrl = authenticateByUrl;\n this.parseAuthenticateUrl = parseAuthenticateUrl;\n\n networkClient.logEvent({\n name: 'b2b_sdk_instance_instantiated',\n details: {\n event_callback_registered: false,\n error_callback_registered: false,\n success_callback_registered: false,\n },\n });\n\n bootstrap.getAsync().then((bootstrapData) => {\n if (bootstrapData.vertical === VERTICAL_CONSUMER) {\n logger.error(\n 'This application is using a Stytch client for B2B projects, but the public token is for a Stytch Consumer project. Use a Consumer Stytch client instead, or verify that the public token is correct.',\n );\n }\n });\n\n const internals: B2BInternals = {\n bootstrap,\n clientsideServices,\n publicToken: _PUBLIC_TOKEN,\n searchManager,\n dataLayer: this._dataLayer,\n networkClient: networkClient,\n oneTap,\n };\n\n writeB2BInternals(this, internals);\n }\n}\n","import {\n CLIENTSIDE_SERVICES_IFRAME_URL,\n getDFPBackendURL,\n getDFPCdnURL,\n getLiveApiURL,\n getTestApiURL,\n InternalStytchClientOptions,\n isTestPublicToken,\n validateInDev,\n} from '@stytch/core';\nimport { StytchClientOptions } from '@stytch/core/public';\n\nexport const buildFinalConfig = (clientName: string, opts: InternalStytchClientOptions = {}) => {\n const { cookieOptions, keepSessionAlive } = opts;\n\n validateInDev(clientName, opts, {\n keepSessionAlive: 'optionalBoolean',\n });\n\n if (cookieOptions) {\n validateInDev(`${clientName}.cookieOptions`, cookieOptions, {\n opaqueTokenCookieName: 'optionalString',\n jwtCookieName: 'optionalString',\n istCookieName: 'optionalString',\n path: 'optionalString',\n domain: 'optionalString',\n });\n }\n\n return {\n cookieOptions,\n keepSessionAlive,\n endpoints: {\n testAPIURL: getTestApiURL(opts),\n liveAPIURL: getLiveApiURL(opts),\n dfpBackendURL: getDFPBackendURL(opts),\n dfpCdnURL: getDFPCdnURL(opts),\n clientsideServicesIframeURL: opts?.endpoints?.clientsideServicesIframeURL ?? CLIENTSIDE_SERVICES_IFRAME_URL,\n },\n };\n};\n\n/**\n * rawOptions should be the original object passed into the client, not the output from buildFinalConfig\n */\nexport const hasCustomApiEndpoint = (token: string, rawOptions: StytchClientOptions = {}) => {\n // endpointOptions is deprecated, but we still need to account for it\n const { customBaseUrl, endpointOptions } = rawOptions;\n return isTestPublicToken(token)\n ? !!(customBaseUrl || endpointOptions?.testApiDomain)\n : !!(customBaseUrl || endpointOptions?.apiDomain);\n};\n","import { LIVE_API_URL, TEST_API_URL } from '../constants';\nimport { InternalStytchClientOptions } from '../types';\nimport { getHttpsUrl } from './getHttpsUrl';\nimport { logger } from './logger';\n\nexport const getLiveApiURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.customBaseUrl ?? opts?.endpointOptions?.apiDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.customBaseUrl ? 'customBaseUrl' : 'apiDomain';\n logger.warn(`Unable to use custom API domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return opts?.endpoints?.liveAPIURL ?? LIVE_API_URL;\n};\n\nexport const getTestApiURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.customBaseUrl ?? opts?.endpointOptions?.testApiDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.customBaseUrl ? 'customBaseUrl' : 'testApiDomain';\n logger.warn(`Unable to use custom API domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return opts?.endpoints?.testAPIURL ?? TEST_API_URL;\n};\n","import { STYTCH_DFP_BACKEND_URL, STYTCH_DFP_CDN_URL } from '../constants';\nimport { InternalStytchClientOptions } from '../types';\nimport { getHttpsUrl } from './getHttpsUrl';\nimport { logger } from './logger';\n\nexport const getDFPBackendURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.dfppaUrl ?? opts?.endpointOptions?.dfppaDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.dfppaUrl ? 'dfppaUrl' : 'dfppaDomain';\n logger.warn(`Unable to use custom DFPPA domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return opts?.endpoints?.dfpBackendURL ?? STYTCH_DFP_BACKEND_URL;\n};\n\nexport const getDFPCdnURL = (opts: InternalStytchClientOptions | undefined) => {\n const domain = opts?.dfpCdnUrl ?? opts?.endpointOptions?.dfpCdnDomain;\n if (domain) {\n const httpsUrl = getHttpsUrl(domain);\n if (httpsUrl) {\n return httpsUrl;\n } else {\n const key = opts?.dfpCdnUrl ? 'dfpCdnUrl' : 'dfpCdnDomain';\n logger.warn(`Unable to use custom DFP CDN domain \\`${domain}\\`. ${key} should be a valid domain.`);\n }\n }\n\n return STYTCH_DFP_CDN_URL;\n};\n","import type { SessionDurationOptions } from '@stytch/core/public';\n\nfunction isHandledTokenType<HandledTokenType extends string>(\n handledTypes: HandledTokenType[],\n tokenType: string,\n): tokenType is HandledTokenType {\n return handledTypes.includes(tokenType as HandledTokenType);\n}\n\nexport const clearStytchTokenParams = () => {\n const url = removeStytchTokenParams(window.location.toString());\n window.history.replaceState(null, document.title, url);\n};\n\nexport type ParseAuthenticateUrl<HandledTokenType extends string> = (\n href?: string,\n) =>\n | { handled: true; token: string; tokenType: HandledTokenType }\n | { handled: false; token: string; tokenType: string }\n | null;\n\nexport type AuthenticateByUrl<TokenType extends string> = (\n options: {\n /**\n * Clear token and stytch_token_type URL params after authenticate is called.\n * @default true if the href parameter is window.location.href (the default)\n **/\n clearParams?: boolean;\n } & SessionDurationOptions,\n\n /**\n * Allow overriding URL where the token and stytch_token_type params are extracted from.\n * You usually would not need to set this.\n * @default window.location.href\n */\n href?: string,\n) => Promise<\n | {\n handled: true;\n tokenType: TokenType;\n data: unknown;\n }\n | {\n handled: false;\n tokenType: string;\n token: string;\n }\n | null\n>;\n\n/**\n * Creates both parseAuthenticateUrl and authenticateByUrl from the set of handlers passed in to ensure\n * both functions agree on what is handled.\n */\nexport const createAuthUrlHandler = <HandledTokenType extends string = string>(\n handlers: Record<HandledTokenType, (token: string, options: SessionDurationOptions) => Promise<unknown>>,\n) => {\n const handledTokenTypes = Object.keys(handlers) as HandledTokenType[];\n\n const parseAuthenticateUrl: ParseAuthenticateUrl<HandledTokenType> = (href = window.location.href) => {\n const url = new URL(href);\n const tokenType = url.searchParams.get('stytch_token_type');\n const token = url.searchParams.get('token');\n if (!token || !tokenType) {\n return null;\n }\n\n if (isHandledTokenType(handledTokenTypes, tokenType)) {\n return {\n handled: true,\n token,\n tokenType,\n };\n }\n\n return {\n handled: false,\n token,\n tokenType,\n };\n };\n\n const authenticateByUrl: AuthenticateByUrl<HandledTokenType> = async (\n { clearParams, ...options },\n href = window.location.href,\n ) => {\n const shouldClearParams = clearParams ?? href === window.location.href;\n const parsed = parseAuthenticateUrl(href);\n if (parsed == null) return null;\n if (!parsed.handled) return parsed;\n\n const { token, tokenType } = parsed;\n const handler = handlers[tokenType as HandledTokenType];\n\n // Clear token immediately when it is \"consumed\" by the authenticate call to prevent reloads\n // from repeating the call\n if (shouldClearParams) {\n clearStytchTokenParams();\n }\n\n const data = await handler(token, options);\n return {\n handled: true,\n tokenType: tokenType as HandledTokenType,\n data,\n };\n };\n\n return {\n authenticateByUrl,\n parseAuthenticateUrl,\n };\n};\n\n// Exported for testing\nexport function removeStytchTokenParams(href: string) {\n const url = new URL(href);\n const params = url.searchParams;\n\n params.delete('token');\n params.delete('stytch_token_type');\n\n return url;\n}\n","export const VERTICAL_B2B = 'B2B';\nexport const VERTICAL_CONSUMER = 'CONSUMER';\n\nexport type Vertical = typeof VERTICAL_B2B | typeof VERTICAL_CONSUMER;\n","/* eslint-disable lingui/no-unlocalized-strings -- user-facing strings in this file can be overridden using different APIs */\n\nimport { RBACPolicyRaw } from '@stytch/core';\nimport { IDPConsentItem } from '@stytch/core/public';\n\nconst OPENID_CONSENT_ITEM: IDPConsentItem = {\n text: 'Verify your identity',\n details: ['View information stored within your account'],\n};\n\n// Full Access didn't really make the cut\n// const FULL_ACCESS_CONSENT_ITEM: IDPConsentItem = {\n// text: 'Act on behalf of you',\n// details: [],\n// };\n\nconst PROFILE_CONSENT_ITEM: IDPConsentItem = {\n text: 'View your personal profile information',\n details: [],\n};\n\nconst OFFLINE_ACCESS_CONSENT_ITEM: IDPConsentItem = {\n text: \"Maintain access to your data even when you're not actively using the app\",\n details: [\n 'Access your data even when you are offline.',\n 'Synchronize data and process background tasks on your behalf.',\n ],\n};\n\nconst OPENID_SCOPE = 'openid';\nconst PROFILE_SCOPE = 'profile';\nconst EMAIL_SCOPE = 'email';\nconst PHONE_SCOPE = 'phone';\nconst FULL_ACCESS_SCOPE = 'full_access';\nconst OFFLINE_ACCESS_SCOPE = 'offline_access';\n\nconst DEFAULT_SCOPES = new Set([\n OPENID_SCOPE,\n PROFILE_SCOPE,\n EMAIL_SCOPE,\n PHONE_SCOPE,\n FULL_ACCESS_SCOPE,\n OFFLINE_ACCESS_SCOPE,\n]);\n\n// Scope is an optional param in OAuth2.1\n// When no scope is present, this is what we default to\nconst FALLBACK_SCOPES = [OPENID_SCOPE, EMAIL_SCOPE, PROFILE_SCOPE];\n\nexport const containsCustomScopes = (scope: string): boolean => {\n // set.difference is not in ES2015\n return scope.split(' ').some((sc) => !DEFAULT_SCOPES.has(sc));\n};\n\nexport const createBuiltinScopeDescriptions = (scopes: string[]): IDPConsentItem[] => {\n const descriptions: IDPConsentItem[] = [];\n\n if (scopes.includes(OPENID_SCOPE)) {\n descriptions.push(OPENID_CONSENT_ITEM);\n }\n\n if (scopes.includes(EMAIL_SCOPE) || scopes.includes(PROFILE_SCOPE) || scopes.includes(PHONE_SCOPE)) {\n descriptions.push(\n createProfileScopeDescription({\n containsEmail: scopes.includes(EMAIL_SCOPE),\n containsPhoneNumber: scopes.includes(PHONE_SCOPE),\n containsProfile: scopes.includes(PROFILE_SCOPE),\n }),\n );\n }\n\n // if (scopes.has(FULL_ACCESS_SCOPE)) {\n // descriptions.push();\n // }\n\n if (scopes.includes(OFFLINE_ACCESS_SCOPE)) {\n descriptions.push(OFFLINE_ACCESS_CONSENT_ITEM);\n }\n\n return descriptions;\n};\n\nconst createProfileScopeDescription = ({\n containsProfile,\n containsEmail,\n containsPhoneNumber,\n}: {\n containsProfile: boolean;\n containsEmail: boolean;\n containsPhoneNumber: boolean;\n}): IDPConsentItem => {\n const details = [];\n if (containsProfile) {\n details.push('Your name, profile picture, and language preferences');\n }\n if (containsEmail) {\n details.push('Your email address');\n }\n if (containsPhoneNumber) {\n details.push('Your phone number');\n }\n\n return {\n text: PROFILE_CONSENT_ITEM.text,\n details: details,\n };\n};\n\nexport const createCustomScopeDescriptions = (scopes: string[], rbacPolicy: RBACPolicyRaw | null): string[] => {\n if (!rbacPolicy) return [];\n\n const descriptions: string[] = [];\n\n for (const scope of scopes) {\n if (DEFAULT_SCOPES.has(scope)) continue;\n const found = rbacPolicy.scopes.find((policyScope) => policyScope.scope === scope);\n if (found && found.description) {\n descriptions.push(found.description);\n } else {\n descriptions.push(`Use the ${scope} scope`);\n }\n }\n\n return descriptions;\n};\n\nexport const fallbackConsentManifestGenerator = ({\n scopes,\n clientName,\n rbacPolicy,\n}: {\n scopes: string[];\n clientName: string;\n rbacPolicy: RBACPolicyRaw | null;\n}) => {\n return [\n {\n header: `${clientName} is requesting to:`,\n items: createBuiltinScopeDescriptions(scopes).concat(createCustomScopeDescriptions(scopes, rbacPolicy)),\n },\n ];\n};\n\nexport type OAuthAuthorizeParams = {\n // Required.\n client_id: string;\n redirect_uri: string;\n // Required, but has default\n response_type: string;\n scopes: string[];\n // Optional.\n code_challenge?: string;\n state?: string;\n nonce?: string;\n prompt?: string;\n resources?: string[];\n};\n\nexport type OAuthLogoutParams = {\n // Required.\n client_id: string;\n post_logout_redirect_uri: string;\n // Optional.\n id_token_hint?: string;\n state?: string;\n};\n\nexport type IDPFlowParams =\n | { type: 'Authorize'; params: OAuthAuthorizeParams }\n | { type: 'Logout'; params: OAuthLogoutParams };\n\n/**\n * Parse the OAuth Authorize params from the URL search parameters to pass in to subsequent OAuthAuthorize calls.\n *\n * @param params - The URL search parameters to parse.\n * @returns The parsed OAuth Authorize parameters.\n */\nexport const parseOAuthAuthorizeParams = (\n params: URLSearchParams,\n): { error: string | null; result: OAuthAuthorizeParams } => {\n const authorizeParams: OAuthAuthorizeParams = {\n client_id: '',\n redirect_uri: '',\n // As of writing, ChatGPT isn't sending `response_type` when making calls to our\n // authorization endpoint, even though it's technically a required field in the spec.\n // We default it to 'code' here and server-side.\n // See: https://stytchio.slack.com/archives/C07U0MHAH7G/p1749075544763149.\n response_type: 'code',\n // Default to this initial set of scopes when the client does not provide this param\n scopes: [...FALLBACK_SCOPES],\n };\n\n const requiredFields = ['client_id', 'redirect_uri'] as const;\n for (const field of requiredFields) {\n const value = params.get(field);\n if (!value) {\n return {\n error: `Required parameter is missing: ${field}. Please reach out to the application developer.`,\n result: authorizeParams,\n };\n }\n authorizeParams[field] = value;\n }\n\n const optionalStringFields = ['response_type', 'scope', 'code_challenge', 'state', 'nonce', 'prompt'] as const;\n for (const field of optionalStringFields) {\n const value = params.get(field);\n if (value) {\n if (field === 'scope') {\n authorizeParams.scopes = value.split(' ').filter(Boolean);\n } else {\n authorizeParams[field] = value;\n }\n }\n }\n\n if (params.has('resource')) {\n authorizeParams.resources = params.getAll('resource');\n }\n\n return { error: null, result: authorizeParams };\n};\n\nexport const parseOAuthLogoutParams = (\n params: URLSearchParams,\n): { error: string | null; result: OAuthLogoutParams } => {\n const logoutParams: OAuthLogoutParams = {\n client_id: '',\n post_logout_redirect_uri: '',\n };\n\n const requiredFields = ['client_id', 'post_logout_redirect_uri'] as const;\n for (const field of requiredFields) {\n const value = params.get(field);\n if (!value) {\n return {\n error: `Required parameter is missing: ${field}. Please reach out to the application developer.`,\n result: logoutParams,\n };\n }\n logoutParams[field] = value;\n }\n\n logoutParams.id_token_hint = params.get('id_token_hint') || undefined;\n logoutParams.state = params.get('state') || undefined;\n\n return { error: null, result: logoutParams };\n};\n\n/**\n * Parse generic IDP parameters and determine if it is an Authorize or Logout request.\n */\nexport const parseIDPParams = (searchParams: string): { error: string | null; flow: IDPFlowParams } => {\n const params = new URLSearchParams(searchParams);\n\n // Check if `post_logout_redirect_uri` exists to determine if it's a Logout request.\n if (params.has('post_logout_redirect_uri')) {\n const logoutResult = parseOAuthLogoutParams(params);\n return { error: logoutResult.error, flow: { type: 'Logout', params: logoutResult.result } };\n }\n\n // Otherwise, assume it's an Authorize request.\n const authorizeResult = parseOAuthAuthorizeParams(params);\n return { error: authorizeResult.error, flow: { type: 'Authorize', params: authorizeResult.result! } };\n};\n","import { ssrSafeClientFactory } from '../ui/react/bindings/StytchSSRProxy';\nimport { StytchB2BClient } from './StytchB2BClient';\n\n/**\n * Creates a Headless Stytch client object to call the stytch B2B APIs.\n * The Stytch client is not available serverside.\n * @example\n * const stytch = createStytchB2BClient('public-token-<find yours in the stytch dashboard>')\n *\n * return (\n * <StytchB2BProvider stytch={stytch}>\n * <App />\n * </StytchB2BProvider>\n * )\n * @returns A {@link StytchB2BClient}\n */\nexport const createStytchB2BClient = ssrSafeClientFactory(StytchB2BClient);\n\n/**\n * @deprecated Use {createStytchB2BClient()} instead\n */\nexport const createStytchB2BHeadlessClient = createStytchB2BClient;\n\n/**\n * @deprecated Use {StytchB2BClient()} instead\n */\nexport const StytchB2BHeadlessClient = StytchB2BClient;\nexport { StytchB2BClient };\n\nexport type { OAuthAuthorizeParams, OAuthLogoutParams } from '../utils/idpHelpers';\nexport { parseOAuthAuthorizeParams, parseOAuthLogoutParams } from '../utils/idpHelpers';\nexport * from '@stytch/core/public';\n"],"names":["GOOGLE_ONE_TAP_HOST","GOOGLE_ONE_TAP_SCRIPT_URL","MULTIPLE_STYTCH_CLIENTS_DETECTED_WARNING","B2BOAuthProviders","Google","Microsoft","HubSpot","Slack","GitHub","SDKAPIUnreachableError","Error","details","message","name","Object","setPrototypeOf","prototype","StytchSDKUsageError","methodName","StytchSDKSchemaError","schemaError","messages","body","map","err","dataPath","join","StytchSDKAPIError","error_type","error_message","error_url","request_id","status_code","error_details","JSON","stringify","UNRECOVERABLE_ERROR_TYPES","StytchError","StytchAPIUnreachableError","StytchAPISchemaError","StytchAPIError","from","maybe","undefined","String","StytchSDKError","options","description","NoCurrentSessionError","InternalError","nativeStack","error","nativeStackAndroid","nativeStackIOS","NoBiometricsRegistrationError","BiometricsUnavailableError","KeyInvalidatedError","KeystoreUnavailableError","NoBiometricsEnrolledError","UserCancellationError","UserLockedOutError","DeviceCredentialsNotAllowedError","MissingAuthorizationCredentialIDTokenError","InvalidAuthorizationCredentialError","NoCredentialsPresentError","MissingPublicKeyError","ChallengeSigningFailedError","SDKNotConfiguredError","FailedCodeChallengeError","PasskeysUnsupportedError","FailedToDecryptDataError","BiometricsFailedError","InvalidStartUrlError","InvalidRedirectSchemeError","MissingUrlError","InvalidCredentialTypeError","MissingAttestationObjectError","JSONDataNotConvertibleToStringError","RandomNumberGenerationFailed","PasskeysInvalidEncoding","PasskeysMisconfigured","SignInWithAppleMisconfigured","MissingCipherIv","InvalidPrivateKeyLength","BiometricRegistrationIdIsNullOrBlank","DFPNotConfigured","OneTapPositions","embedded","floating","embeddedOnly","floatingOrEmbedded","forceLegacyEmbedded","RNUIProducts","RetriableErrorType","StytchEventType","getRandomValues","RetriableError","type","retriableFetchSDK","method","finalURL","basicAuthHeader","xSDKClientHeader","xSDKParentHostHeader","retryCallback","req","baseFetchSDK","resp","respData","headers","Authorization","fetchOpts","credentials","fetch","e","status","json","data","get","includes","respError","text","baseSubmitFormSDK","finalBody","__Authorization","children","entries","key","value","input","document","createElement","form","action","append","appendChild","submit","rnds8","Uint8Array","REGEX","byteToHex","i","push","toString","substr","v4","buf","offset","rnds","random","rng","crypto","bind","msCrypto","arr","arguments","length","uuid","toLowerCase","test","TypeError","getHttpsUrl","urlOrDomain","url","URL","hostname","STYTCH_BADGE","args","console","warn","trailer","ModulePromiseCache","loadESModule","moduleFromGlobalScope","Promise","resolve","reject","script","maybeScript","findScript","scripts","querySelectorAll","dataset","loaded","setAttribute","head","addEventListener","DFPProtectedAuthProvider","state","publicToken","dfpBackendURL","dfpCdnDomain","bootstrapPromise","executeRecaptcha","then","bootstrapData","runDFPProtectedAuth","window","GetTelemetryID","enabled","mode","dfpProtectedAuthMode","isEnabled","getTelemetryID","getDFPTelemetryIDAndCaptcha","dfp_telemetry_id","captcha_token","retryWithCaptchaAndDFP","RequiredCaptcha","DisabledDFPProtectedAuthProvider","ErrorMarshaller","inflate","ErrorClass","ErrorData","assign","unmarshall","SyntaxError","ReferenceError","RangeError","EvalError","URIError","EventLogger","maxBatchSize","logEventURL","batch","setInterval","flush","intervalDurationMs","logEvent","telemetry","event","batchToSubmit","validateInDev","obj","rules","errors","rule","val","startsWith","Array","isArray","every","str","AggregateError","HeadlessB2BDiscoveryClient","organizations","intermediateSessions","_networkClient","_subscriptionService","list","fetchSDK","intermediate_session_token","getIntermediateSessionToken","create","withUpdateSession","session_duration_minutes","organization_name","organization_slug","organization_logo_url","sso_jit_provisioning","email_allowed_domains","email_invites","auth_methods","allowed_auth_methods","mfa_policy","requestBody","exchange","organization_id","locale","HeadlessB2BIDPClient","oauthAuthorizeStart","oauthAuthorizeSubmit","oauthLogoutStart","HeadlessB2BImpersonationClient","authenticate","dfpProtectedAuth","impersonation_token","DefaultDynamicConfig","pkceRequiredForEmailMagicLinks","HeadlessB2BMagicLinksClient","email","discovery","_pkceManager","_passwordResetPKCEManager","_config","invite","email_address","invite_redirect_url","invite_template_id","roles","invite_expiration_minutes","loginOrSignup","login_redirect_url","login_template_id","signup_redirect_url","signup_template_id","login_expiration_minutes","signup_expiration_minutes","pkce_code_challenge","getCodeChallenge","send","discovery_redirect_url","discovery_expiration_minutes","magic_links_token","passwordResetPKPair","getPKPair","code_verifier","handlePKCEForAuthenticate","log","discovery_magic_links_token","pkPair","pkce_code_verifier","clearPKPair","keyPair","code_challenge","startPKCETransaction","pkceManager","HeadlessB2BOAuthClient$1","google","microsoft","hubspot","slack","github","_dynamicConfig","oauth_token","logger","discovery_oauth_token","start","startOAuthFlow","startDiscoveryOAuthFlow","getBaseApiUrl","cnameDomain","token","testAPIURL","liveAPIURL","providerType","custom_scopes","provider_params","pkceRequiredForOAuth","baseURL","startUrl","searchParams","set","navigate","location","href","HeadlessB2BOrganizationClient","_apiNetworkClient","updateOrganization","organization","getSync","getOrganization","getInfo","fromCache","getFromCache","onChange","callback","subscribeToState","update","delete","destroyState","getBySlug","getConnectedApps","getConnectedApp","connected_app_id","members","search","response","member_id","updateMemberIfSelf","deletePassword","passwordId","deleteMFAPhoneNumber","memberId","deleteMFATOTP","getMember","reactivate","unlinkRetiredEmail","startEmailUpdate","revokeConnectedApp","updateMember","member","HeadlessB2BOTPsClient","sms","mfa_phone_number","code","set_mfa_enrollment","pkceRequiredForPasswordResets","HeadlessB2BPasswordsClient","resetByEmail","resetByExistingPassword","resetBySession","password","resetByEmailStart","reset_password_redirect_url","reset_password_template_id","reset_password_expiration_minutes","verify_email_template_id","password_reset_token","existing_password","new_password","strengthCheck","RBACPolicy","rolesByID","resources","forEach","role","role_id","fromJSON","mergeWithCustomRoles","customRoles","callerIsAuthorized","memberRoles","resourceId","roleId","filter","v","flatMap","permissions","permission","resource_id","find","actions","allPermissionsForCaller","allPermsMap","resource","HeadlessB2BRBACClient","cachedPolicy","policyPromise","cachedConfig","dynamicConfig","rbacPolicy","getEffectivePolicy","projectPolicy","custom_roles","getEffectivePolicySync","allPermissions","policy","roleIds","isAuthorizedSync","effectivePolicy","isAuthorized","session","getSession","HeadlessB2BRecoveryCodesClient","recover","recovery_code","rotate","HeadlessB2BSCIMClient","createConnection","display_name","identity_provider","updateConnection","connection_id","deleteConnection","connectionId","getConnection","getConnectionGroups","limit","cursor","rotateStart","rotateComplete","rotateCancel","HeadlessB2BSelfClient","untrusted_metadata","mfa_enrolled","default_mfa_method","HeadlessB2BSessionClient","revoke","forceClear","revokeForMember","_authenticate","initialSession","isSessionStale","member_session_id","destroySession","exchangeAccessToken","attest","access_token","profile_id","getTokens","updateSession","tokens","session_token","session_jwt","updateTokens","HeadlessB2BSSOClient","sso_token","pkceRequiredForSso","getConnections","discoverConnections","emailAddress","encodeURIComponent","saml","updateConnectionByURL","deleteVerificationCertificate","certificate_id","deleteEncryptionPrivateKey","private_key_id","oidc","external","HeadlessB2BTOTPsClient","set_default_mfa","expiration_minutes","siweRequiredForCryptoWallets","IframeHostClient","frame","iframeURL","createIframe","existingIframe","querySelector","src","style","position","width","height","border","once","call","channel","MessageChannel","port1","onmessage","close","success","payload","contentWindow","postMessage","port2","SearchDataManager","searchUser","searchMember","SessionManagerRegistry","hasWarned","registry","Map","register","sessionManager","otherManager","cancelBackgroundRefresh","unregister","SessionManager","REFRESH_INTERVAL_MS","timeout","lastAuthenticationSessionDuration","_publicToken","_headlessSessionClient","_options","_onDataChange","performBackgroundRefresh","_reauthenticateWithBackoff","scheduleBackgroundRefresh","catch","setTimeout","clearTimeout","sessionDurationMinutes","count","keepSessionAlive","isUnrecoverableError","done","timeoutForAttempt","Math","min","jitter","floor","StateChangeClient","emptyState","onStateChange","SSRStubKey","Symbol","createProxy","path","Proxy","target","p","apply","BOOTSTRAP_CACHE_KEY","DEFAULT_BOOTSTRAP","displayWatermark","projectName","emailDomains","captchaSettings","slugPattern","createOrganizationEnabled","passwordConfig","vertical","BootstrapDataManager","_bootstrapDataPromise","_dataLayer","mapBootstrapData","setItem","password_config","ludsComplexity","luds_complexity","ludsMinimumCount","luds_minimum_count","project_name","disable_sdk_watermark","captcha_settings","cname_domain","email_domains","pkce_required_for_email_magic_links","pkce_required_for_password_resets","pkce_required_for_oauth","pkce_required_for_sso","slug_pattern","create_organization_enabled","dfp_protected_auth_enabled","dfp_protected_auth_mode","rbac_policy","siwe_required_for_crypto_wallets","cached","getItem","parse","getAsync","CaptchaProvider","siteKey","configured","captchaClient","grecaptcha","enterprise","ready","execute","ClientsideServicesProvider","_frameClient","frameClient","handlerName","oneTapStart","oneTapSubmit","parsedPhoneNumber","getExamplePhoneNumber","NetworkClient","eventLogger","_subscriptionDataLayer","_liveAPIURL","_testAPIURL","additionalTelemetryDataFn","isTestPublicToken","buildSDKUrl","updateSessionToken","createTelemetryBlob","public_token","event_name","error_code","error_description","http_status_code","event_id","uuidv4","app_session_id","persistent_id","client_sent_at","Date","toISOString","timezone","Intl","DateTimeFormat","resolvedOptions","timeZone","app","identifier","sdk","version","sessionToken","readSessionCookie","btoa","origin","submitFormSDK","toHex","n","PKCEManager","namespace","createProofkeyPair","serialized","removeItem","bytes","Uint32Array","codeVerifier","subtle","digest","TextEncoder","encode","fromCharCode","replace","source","api","init","converter","defaultAttributes","attributes","expires","now","toUTCString","decodeURIComponent","escape","stringifiedAttributes","attributeName","split","cookie","write","cookies","jar","parts","slice","foundKey","read","remove","withAttributes","withConverter","freeze","hasMultipleCookies","cookieName","matchedCookies","cookiePairs","pair","getPersistentStorageKey","makeSafeStorage","storage","publicKey","persistentStorageKey","safeLocalStorage","globalThis","localStorage","safeSessionStorage","sessionStorage","getKeyBoundStorage","SEEN_DOMAINS_KEY","SubscriptionDataLayer","_opaqueTokenCookieName","_jwtCookieName","_cookiePath","_domain","_cookieAvailableToSubdomains","_istCookieName","subscriptions","_localStorage","browserSessionStorage","parsedState","cookieOptions","opaqueTokenCookieName","jwtCookieName","domain","availableToSubdomains","istCookieName","localStorageState","syncToLocalStorage","Cookies","readIntermediateSessionTokenCookie","writeSessionCookie","stateDiff","cookieOpts","generateCookieOpts","expiresAt","expires_at","addSeenDomain","alternateCookieOptions","writeIntermediateSessionTokenCookie","IST","expiresAtTime","removeSessionCookie","removeCookies","removeISTCookie","cookiesToRemove","trackedDomains","getSeenDomains","uniqueDomains","Set","storedDomains","parsed","sameSite","match","secure","host","B2BSubscriptionDataLayer","b2bDataLayerCacheSymbol","for","notifySubscribers","collection","values","cb","deepEqualData","createDeepEqual","KEYS_TO_EXCLUDE","deepEqual","a","b","keys","some","k","BaseSubscriptionService","_datalayer","usingCustomApiEndpoint","_listen","parsedValue","newValue","updateState","updateStateAndTokens","_updateStateAndTokensInternal","oldStateValue","newStateValue","wasCached","setCacheRefreshed","notification","fromExternalSource","hasStateChanged","diff","uniqueId","getState","destroy","removeEventListener","syncFromDeviceStorage","B2BSubscriptionService","member_session","internalSymB2B","HeadlessB2BOAuthClient","BaseHeadlessB2BOAuthClient","_dfpProtectedAuth","_oneTap","startOneTapDiscovery","clientResult","createOneTapClient","reason","client","onSuccessCallback","createOnDiscoverySuccessHandler","discoveryRedirectUrl","onSuccess","redirectOnSuccess","render","cancelOnTapOutside","cancel_on_tap_outside","startOneTap","createOnSuccessHandler","organizationId","signupRedirectUrl","loginRedirectUrl","googleOneTap","navigatorSupportsFedCM","getConfiguredEmbeddedMode","GoogleOneTapClient","_googleClient","_clientId","cancel","onOneTapCancelled","embeddedMode","shouldRenderEmbeddedOneTap","config","client_id","auto_select","context","itp_support","use_fedcm_for_prompt","prompt_parent_id","initialize","prompt","isSkippedMoment","getSkippedReason","isNotDisplayed","getNotDisplayedReason","isDismissedMoment","styleFrame","getElementsByTagName","B2BOneTapProvider","googleClientID","fetchGoogleStart","oneTapStartResp","google_client_id","submitGoogleOneTapTokenDiscovery","credential","codeChallenge","id_token","submitGoogleOneTapToken","googleClientId","accounts","id","onError","submitPromise","result","redirect_url","StytchB2BClient","_sessionManager","_stateChangeClient","magicLinks","self","oauth","sso","passwords","otps","totp","recoveryCodes","rbac","scim","impersonation","idp","parseAuthenticateUrl","authenticateByUrl","rawPublicToken","checkPublicToken","_PUBLIC_TOKEN","buildFinalConfig","clientName","opts","endpoints","getTestApiURL","customBaseUrl","endpointOptions","testApiDomain","httpsUrl","getLiveApiURL","apiDomain","getDFPBackendURL","dfppaUrl","dfppaDomain","dfpCdnURL","getDFPCdnURL","dfpCdnUrl","clientsideServicesIframeURL","hasCustomApiEndpoint","rawOptions","getB2BDataLayer","wdw","dataLayerCache","stytch_member_id","stytch_member_session_id","passwordsPKCEManager","networkClient","bootstrap","captcha","clientsideServices","pkceManagerForOAuth","oneTap","searchManager","createAuthUrlHandler","handlers","handledTokenTypes","tokenType","handledTypes","handled","clearParams","params","shouldClearParams","handler","history","replaceState","title","discovery_oauth","multi_tenant_magic_links","multi_tenant_impersonation","event_callback_registered","error_callback_registered","success_callback_registered","writeB2BInternals","internals","dataLayer","FALLBACK_SCOPES","createStytchB2BClient","Discovery","Organization","PasswordReset","smsOtp","Apple","Github","GitLab","Facebook","Discord","Salesforce","Amazon","Bitbucket","LinkedIn","Coinbase","Twitch","Twitter","TikTok","Snapchat","Figma","Yahoo","SMS","WhatsApp","Email","ResetPassword","Phantom","Metamask","Binance","GenericEthereumWallet","GenericSolanaWallet","authorizeParams","redirect_uri","response_type","scopes","field","Boolean","has","getAll","logoutParams","post_logout_redirect_uri","id_token_hint"],"mappings":"oCAWO,IAAMA,EAAsB,kCAEtBC,EAA4B,CAAA,EAAGD,EAAoB,OAAO,CAAC,CAK3DE,EACX,2PCKWC,EAAoB,CAC/BC,OAAQ,SACRC,UAAW,YACXC,QAAS,UACTC,MAAO,QACPC,OAAQ,QACV,CCrBO,OAAMC,UAA+BC,MAC1CC,OAAAA,AAEA,aAAYC,CAAe,CAAED,CAAe,CAAE,CAC5C,KAAK,CAACC,EAAU,KAAOD,GACvB,IAAI,CAACC,OAAO,CAAGA,EAAU,KAAOD,EAChC,IAAI,CAACE,IAAI,CAAG,yBACZ,IAAI,CAACF,OAAO,CAAGA,EACfG,OAAOC,cAAc,CAAC,IAAI,CAAEN,EAAuBO,SAAS,CAC9D,CACF,CAMO,MAAMC,UAA4BP,MACvC,YAAYQ,CAAkB,CAAEN,CAAe,CAAE,CAC/C,KAAK,GACL,IAAI,CAACC,IAAI,CAAG,sBACZ,IAAI,CAACD,OAAO,CAAG,CAAC,gBAAgB,EAAEM;AAAa,CAAC,CAAGN,CACrD,CACF,CA0BO,MAAMO,UAA6BT,MACxC,YAAYU,CAAqC,CAAE,CACjD,KAAK,GACL,IAAI,CAACP,IAAI,CAAG,uBAEZ,MAAMQ,EAAWD,EAAYE,IAAI,EAAEC,IAAI,AAACC,GAAQ,CAAA,EAAGA,EAAIC,QAAQ,CAAC,EAAE,EAAED,EAAIZ,OAAO,CAAA,CAAE,EAAEc,KAAK,KAExF,CAAA,IAAI,CAACd,OAAO,CAAG,CAAC;AAA8C,EAAES,EAAAA,CAAU,AAC5E,CACF,CAeO,MAAMM,UAA0BjB,MACrCkB,UAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,SAAAA,AACAC,CAAAA,UAAAA,AACAC,CAAAA,WAAAA,AACAC,CAAAA,aAAAA,AAEA,aAAYtB,CAAiB,CAAE,CAC7B,KAAK,GACL,IAAI,CAACE,IAAI,CAAG,oBAEZ,KAAM,CAAEmB,YAAAA,CAAW,CAAEJ,WAAAA,CAAU,CAAEC,cAAAA,CAAa,CAAEC,UAAAA,CAAS,CAAEC,WAAAA,CAAU,CAAEE,cAAAA,CAAa,CAAE,CAAGtB,CACzF,CAAA,IAAI,CAACiB,UAAU,CAAGA,EAClB,IAAI,CAACC,aAAa,CAAGA,EACrB,IAAI,CAACC,SAAS,CAAGA,EACjB,IAAI,CAACC,UAAU,CAAGA,EAClB,IAAI,CAACC,WAAW,CAAGA,EACnB,IAAI,CAACC,aAAa,CAAGA,EAErB,IAAI,CAACrB,OAAO,CACV,CAAC,CAAC,EAAEoB,EAAY,EAAE,EAAEJ;AACjBC,AAAH,EAAGA;AACF,IAAI,EAAEC,EAAU;AAAwB,CAFP,CAKjCC,CAAAA,EAAa,CAAC,YAAY,EAAEA;AAAa,CAAC,CAAG,EAAA,EAC7C,CAAA,IAAI,CAACE,aAAa,CAAG,CAAC;AAAW,CAAC,CAAGC,KAAKC,SAAS,CAAC,IAAI,CAACF,aAAa,EAAI,KAAO,GACtF,CACF,KAMaG,EAAkD,CAC7D,2BACA,uBACA,gCACA,oBAMK,OAAMC,UAAoB3B,MAC/B,YAAYG,CAAY,CAAED,CAAe,CAAE,CACzC,KAAK,CAACA,GACN,IAAI,CAACC,IAAI,CAAGA,CACd,CACF,CAOO,MAAMyB,UAAkCD,EAC7C,YAAY1B,CAAe,CAAE,CAC3B,KAAK,CAAC,4BAA6BA,GACnCG,OAAOC,cAAc,CAAC,IAAI,CAAEuB,EAA0BtB,SAAS,CACjE,CACF,CAMO,MAAMuB,UAA6BF,EACxC,YAAYjB,CAAqC,CAAE,CACjD,MAAMC,EAAWD,EAAYE,IAAI,EAAEC,IAAI,AAACC,GAAQ,CAAA,EAAGA,EAAIC,QAAQ,CAAC,EAAE,EAAED,EAAIZ,OAAO,CAAA,CAAE,EAAEc,KAAK,MACxF,KAAK,CAAC,uBAAwB,CAAC;AAAwC,EAAEL,EAAAA,CAAU,CACrF,CACF,CAMO,MAAMmB,UAAuBH,EAClCT,UAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,SAAAA,AACAC,CAAAA,UAAAA,AACAC,CAAAA,WAAAA,AACAC,CAAAA,aAAAA,AAEA,aAAYtB,CAAiB,CAAE,CAC7B,KAAM,CAAEqB,YAAAA,CAAW,CAAEJ,WAAAA,CAAU,CAAEC,cAAAA,CAAa,CAAEC,UAAAA,CAAS,CAAEC,WAAAA,CAAU,CAAEE,cAAAA,CAAa,CAAE,CAAGtB,EACzF,KAAK,CACH,iBACA,CAAC,CAAC,EAAEqB,EAAY,EAAE,EAAEJ;AACfC,EAAAA;AACF,IAAI,EAAEC,EAAU;AAAwB,CAFT,CAK/BC,CAAAA,EAAa,CAAC,YAAY,EAAEA;AAAa,CAAC,CAAG,EAAA,EAC7CE,CAAAA,EAAgB,CAAC;AAAW,CAAC,CAAGC,KAAKC,SAAS,CAACF,GAAiB,KAAO,EAAA,GAE5E,IAAI,CAACL,UAAU,CAAGA,EAClB,IAAI,CAACC,aAAa,CAAGA,EACrB,IAAI,CAACC,SAAS,CAAGA,EACjB,IAAI,CAACC,UAAU,CAAGA,EAClB,IAAI,CAACC,WAAW,CAAGA,EACnB,IAAI,CAACC,aAAa,CAAGA,CACvB,CAEA,OAAOQ,KAAKjB,CAAY,CAAkB,QACxC,AAAIA,aAAegB,EACVhB,EAELA,GAAO,AAAe,UAAf,OAAOA,GAGd,AAA6B,UAA7B,OAAOkB,AAFKlB,EAECQ,WAAW,EACxB,AAA4B,UAA5B,OAAOU,AAHKlB,EAGCI,UAAU,EACvB,AAA+B,UAA/B,OAAOc,AAJKlB,EAICK,aAAa,EAC1B,AAA2B,UAA3B,OAAOa,AALKlB,EAKCM,SAAS,CAEf,IAAIU,EAAe,CACxBR,YAAaU,AARHlB,EAQSQ,WAAW,CAC9BJ,WAAYc,AATFlB,EASQI,UAAU,CAC5BC,cAAea,AAVLlB,EAUWK,aAAa,CAClCC,UAAWY,AAXDlB,EAWOM,SAAS,CAC1BC,WAAY,AAA4B,UAA5B,OAAOW,AAZTlB,EAYeO,UAAU,CAAgBW,AAZzClB,EAY+CO,UAAU,CAAGY,KAAAA,EACtEV,cAAe,AAA+B,UAA/B,OAAOS,AAbZlB,EAakBS,aAAa,CAAgBS,AAb/ClB,EAaqDS,aAAa,CAAGU,KAAAA,CACjF,GAIG,IAAIH,EAAe,CACxBR,YAAa,IACbJ,WAAY,gBACZC,cAJcL,aAAed,MAAQc,EAAIZ,OAAO,CAAG,kBAAoBgC,OAAOpB,GAK9EM,UAAW,GACXC,WAAYY,KAAAA,EACZV,cAAeU,KAAAA,CACjB,EACF,CACF,CASO,MAAME,UAAuBR,EAClCS,OAAAA,AAEA,aAAYjC,CAAY,CAAEkC,CAAmB,CAAED,CAA+B,CAAE,CAC9E,KAAK,CAACjC,EAAMkC,GACZ,IAAI,CAACD,OAAO,CAAGA,CACjB,CACF,CASO,MAAME,UAA8BH,EACzC,aAAc,CACZ,KAAK,CACH,wBACA,qGAEJ,CACF,CAKO,MAAMI,UAAsBJ,EACjCK,WAAAA,AAEA,aAAYC,CAAU,CAAE,CACtB,KAAK,CACHA,EAAMtC,IAAI,CAAGsC,EAAMtC,IAAI,CAAG,iBAC1BsC,EAAMvC,OAAO,CAAGuC,EAAMvC,OAAO,CAAG,yEAElC,IAAI,CAACsC,WAAW,CAAGC,EAAMC,kBAAkB,EAAID,EAAME,cAAc,AACrE,CACF,CAKO,MAAMC,UAAsCT,EACjD,aAAc,CACZ,KAAK,CACH,gCACA,6HAEJ,CACF,CAKO,MAAMU,UAAmCV,EAC9C,aAAc,CACZ,KAAK,CAAC,6BAA8B,6CACtC,CACF,CAKO,MAAMW,UAA4BX,EACvC,aAAc,CACZ,KAAK,CAAC,sBAAuB,uDAC/B,CACF,CAKO,MAAMY,UAAiCZ,EAC5C,aAAc,CACZ,KAAK,CACH,2BACA,wGAEJ,CACF,CAKO,MAAMa,UAAkCb,EAC7C,aAAc,CACZ,KAAK,CACH,4BACA,sGAEJ,CACF,CAiBO,MAAMc,UAA8Bd,EACzC,aAAc,CACZ,KAAK,CAAC,wBAAyB,2DACjC,CACF,CAKO,MAAMe,UAA2Bf,EACtC,aAAc,CACZ,KAAK,CACH,qBACA,iGAEJ,CACF,CAKO,MAAMgB,UAAyChB,EACpD,aAAc,CACZ,KAAK,CACH,mCACA,4JAEJ,CACF,CAuBO,MAAMiB,UAAmDjB,EAC9D,aAAc,CACZ,KAAK,CAAC,6CAA8C,uDACtD,CACF,CAKO,MAAMkB,UAA4ClB,EACvD,aAAc,CACZ,KAAK,CACH,sCACA,2IAEJ,CACF,CAKO,MAAMmB,UAAkCnB,EAC7C,aAAc,CACZ,KAAK,CAAC,4BAA6B,mEACrC,CACF,CAKO,MAAMoB,UAA8BpB,EACzC,aAAc,CACZ,KAAK,CAAC,wBAAyB,uEACjC,CACF,CAKO,MAAMqB,UAAoCrB,EAC/C,aAAc,CACZ,KAAK,CAAC,8BAA+B,6CACvC,CACF,CAKO,MAAMsB,UAA8BtB,EACzC,aAAc,CACZ,KAAK,CACH,wBACA,0FAEJ,CACF,CAKO,MAAMuB,UAAiCvB,EAC5C,aAAc,CACZ,KAAK,CAAC,2BAA4B,oCACpC,CACF,CAKO,MAAMwB,UAAiCxB,EAC5C,aAAc,CACZ,KAAK,CAAC,2BAA4B,4CACpC,CACF,CAKO,MAAMyB,UAAiCzB,EAC5C,aAAc,CACZ,KAAK,CAAC,2BAA4B,8BACpC,CACF,CAKO,MAAM0B,UAA8B1B,EACzC,aAAc,CACZ,KAAK,CAAC,wBAAyB,kCACjC,CACF,CAKO,MAAM2B,UAA6B3B,EACxC,aAAc,CACZ,KAAK,CAAC,uBAAwB,qDAChC,CACF,CAKO,MAAM4B,UAAmC5B,EAC9C,aAAc,CACZ,KAAK,CACH,6BACA,kLAEJ,CACF,CAKO,MAAM6B,UAAwB7B,EACnC,aAAc,CACZ,KAAK,CAAC,kBAAmB,oEAC3B,CACF,CAKO,MAAM8B,UAAmC9B,EAC9C,aAAc,CACZ,KAAK,CAAC,6BAA8B,+DACtC,CACF,CAKO,MAAM+B,UAAsC/B,EACjD,aAAc,CACZ,KAAK,CAAC,gCAAiC,+DACzC,CACF,CAKO,MAAMgC,UAA4ChC,EACvD,aAAc,CACZ,KAAK,CAAC,sCAAuC,mDAC/C,CACF,CAKO,MAAMiC,UAAqCjC,EAChD,aAAc,CACZ,KAAK,CAAC,+BAAgC,kCACxC,CACF,CAKO,MAAMkC,UAAgClC,EAC3C,aAAc,CACZ,KAAK,CAAC,0BAA2B,2BACnC,CACF,CAKO,MAAMmC,UAA8BnC,EACzC,aAAc,CACZ,KAAK,CACH,wBACA,0JAEJ,CACF,CAKO,MAAMoC,UAAqCpC,EAChD,aAAc,CACZ,KAAK,CACH,+BACA,kLAEJ,CACF,CAEO,MAAMqC,UAAwBrC,EACnC,aAAc,CACZ,KAAK,CACH,kBACA,6FAEJ,CACF,CAEO,MAAMsC,UAAgCtC,EAC3C,aAAc,CACZ,KAAK,CAAC,0BAA2B,8CACnC,CACF,CAEO,MAAMuC,UAA6CvC,EACxD,aAAc,CACZ,KAAK,CACH,uCACA,2MAEJ,CACF,CAEO,MAAMwC,UAAyBxC,EACpC,aAAc,CACZ,KAAK,CACH,mBACA,2FAEJ,CACF,KC1eayC,EAAkB,CAM7BC,SAAU,WAKVC,SAAU,WAMVC,aAAc,eAKdC,mBAAoB,qBAOpBC,oBAAqB,qBACvB,EA2WO,IAwJKC,ECpkBAC,ED4aAC,EEhgBRC,EFggBGD,KAAKA,EAmEX,CAAA,ulBAjDEA,EAAA,wBAAA,CAAA,6BAMAA,EAAA,uBAAA,CAAA,6BAKAA,EAAA,0BAAA,CAAA,gCAKAA,EAAA,+BAAA,CAAA,ivDAlCSA,GAwJLF,KAAKA,EAKX,CAAA,6GALWA,GCpkBLC,KAAKA,EAEX,uCAFWA,EAIL,OAAMG,WAAuBtF,MAClCuF,IAAAA,AAEA,aAAYA,CAAwB,CAAE,CACpC,KAAK,CAACA,GACN,IAAI,CAACA,IAAI,CAAGA,CACd,CACF,CAEO,eAAeC,GAA4C,CAChEC,OAAAA,CAAM,CACNC,SAAAA,CAAQ,CACRC,gBAAAA,CAAe,CACfC,iBAAAA,CAAgB,CAChBC,qBAAAA,CAAoB,CACpBjF,KAAAA,CAAI,CACJkF,cAAAA,CAAa,CACe,EAC5B,IAAIC,EAA0B,CAC5BN,OAAAA,EACAC,SAAAA,EACAC,gBAAAA,EACAC,iBAAAA,EACAC,qBAAAA,EACAjF,KAAAA,CACF,EAEA,GAAI,CACF,OAAO,MAAMoF,GAAgBD,EAC/B,CAAE,MAAOjF,EAAK,CACZ,GAAIA,aAAewE,GAEjB,OADAS,EAAM,MAAMD,EAAchF,EAAKiF,GACxB,MAAMC,GAAgBD,EAE/B,OAAMjF,CACR,CACF,CAWO,eAAekF,GAAuC,CAC3DP,OAAAA,CAAM,CACNC,SAAAA,CAAQ,CACRC,gBAAAA,CAAe,CACfC,iBAAAA,CAAgB,CAChBC,qBAAAA,CAAoB,CACpBjF,KAAAA,CAAI,CACe,EACnB,IAiBIqF,EAuCAC,EAxDEC,EAAkC,CACtCC,cAAeT,EACf,eAAgB,mBAChB,eAAgBC,CAClB,CAEIC,CAAAA,GACFM,CAAAA,CAAO,CAAC,oBAAoB,CAAGN,CAAAA,EAGjC,IAAMQ,EAAyB,CAC7BZ,OAAAA,EACAU,QAAAA,EACAvF,KAAMA,GAAQY,KAAKC,SAAS,CAACb,GAC7B0F,YAAa,SACf,EAGA,GAAI,CACFL,EAAO,MAAMM,MAAMb,EAAUW,EAE/B,CAAE,MAAOG,EAAQ,CACf,GAAIA,AAAc,oBAAdA,EAAEtG,OAAO,CACX,MAAM,IAAI0B,EAA0B,iCAEtC,OAAM4E,CACR,CAGA,GAAIP,EAAKQ,MAAM,EAAI,IACjB,GAAI,CAEF,MAAOP,AADU,CAAA,MAAMD,EAAKS,IAAI,EAAA,EAChBC,IAAI,AACtB,CAAE,KAAM,CACN,MAAM,IAAI/E,EAA0B,0CACtC,CAIF,GAAIqE,AAAgB,MAAhBA,EAAKQ,MAAM,EAAYR,EAAKE,OAAO,CAACS,GAAG,CAAC,iBAAiBC,SAAS,oBAAqB,CACzF,IAAIC,EACJ,GAAI,CACFA,EAAY,MAAMb,EAAKS,IAAI,EAC7B,CAAE,KAAM,CAEN,MAAM,IAAI9E,EAA0B,qCACtC,CAGA,GAAI,SAAUkF,GAAa,WAAYA,GAAa,UAAWA,EAC7D,MAAM,IAAIjF,EAAqBiF,EAEjC,OAAM,IAAIhF,EAAegF,EAC3B,CAIA,GAAI,CACFZ,EAAW,MAAMD,EAAKc,IAAI,EAC5B,CAAE,KAAM,CACN,MAAM,IAAInF,EAA0B,qCACtC,CACA,GAAIsE,EAASW,QAAQ,CAAC,oBACpB,MAAM,IAAIvB,GAAAA,mBAEZ,OAAM,IAAI1D,EAA0B,qCACtC,CAEO,eAAeoF,GAAkB,CACtCvB,OAAAA,CAAM,CACNC,SAAAA,CAAQ,CACRC,gBAAAA,CAAe,CACfC,iBAAAA,CAAgB,CAChBC,qBAAAA,CAAoB,CACpBjF,KAAAA,CAAI,CACe,EAEnB,IAAMqG,EAAoC,CADb,GAATrG,GAAQ,CAAA,CAE1B,CACAsG,gBAAiBvB,EACjB,iBAAkBC,CACpB,CAEIC,CAAAA,GACFoB,CAAAA,CAAS,CAAC,sBAAsB,CAAGpB,CAAAA,EAGrC,IAAMsB,EAA+B/G,OAAOgH,OAAO,CAACH,GAAWpG,GAAG,CAAC,CAAC,CAACwG,EAAKC,EAAM,IAC9E,IAAMC,EAAQC,SAASC,aAAa,CAAC,SAIrC,OAHAF,EAAMhC,IAAI,CAAG,SACbgC,EAAMpH,IAAI,CAAGkH,EACbE,EAAMD,KAAK,CAAGA,EACPC,CACT,GAEMG,EAAOF,SAASC,aAAa,CAAC,OACpCC,CAAAA,EAAKjC,MAAM,CAAGA,EACdiC,EAAKC,MAAM,CAAGjC,EACdgC,EAAKE,MAAM,IAAIT,GAEfK,SAAS5G,IAAI,CAACiH,WAAW,CAACH,GAC1BA,EAAKI,MAAM,EACb,CEhPA,IAAK,IDJDC,GAAQ,IAAIC,WAAW,IEJ3BC,GAAe,sHDMXC,GAAY,EAAE,CAETC,GAAI,EAAGA,GAAI,IAAK,EAAEA,GACzBD,GAAUE,IAAI,CAAC,AAACD,CAAAA,GAAI,GAAA,EAAOE,QAAQ,CAAC,IAAIC,MAAM,CAAC,IENjD,SAASC,GAAGnG,CAAO,CAAEoG,CAAG,CAAEC,CAAM,EAE9B,IAAIC,EAAOtG,AADXA,CAAAA,EAAUA,GAAW,CAAA,CAAA,EACFuG,MAAM,EAAI,AAACvG,CAAAA,EAAQwG,GAAG,EHA5B,WAEb,GAAI,CAACvD,GAKC,CAFJA,CAAAA,EAAkB,AAAkB,IAAlB,OAAOwD,QAA0BA,OAAOxD,eAAe,EAAIwD,OAAOxD,eAAe,CAACyD,IAAI,CAACD,SAAW,AAAoB,IAApB,OAAOE,UAA4B,AAAoC,YAApC,OAAOA,SAAS1D,eAAe,EAAmB0D,SAAS1D,eAAe,CAACyD,IAAI,CAACC,SAAQ,EAG7O,MAAM,AAAI/I,MAAM,4GAIpB,OAAOqF,EAAgB0C,GACzB,CGb+C,IAe7C,OAbAW,CAAI,CAAC,EAAE,CAAGA,AAAU,GAAVA,CAAI,CAAC,EAAE,CAAU,GAC3BA,CAAI,CAAC,EAAE,CAAGA,AAAU,GAAVA,CAAI,CAAC,EAAE,CAAU,IAYpBjH,AFRT,SAAmBuH,CAAG,EACpB,IAAIP,EAASQ,UAAUC,MAAM,CAAG,GAAKD,AAAiBhH,KAAAA,IAAjBgH,SAAS,CAAC,EAAE,CAAiBA,SAAS,CAAC,EAAE,CAAG,EAG7EE,EAAO,AAACjB,CAAAA,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,EAAE,CAAC,CAAG,IAAMP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,CAAGP,EAAS,CAACc,CAAG,CAACP,EAAS,GAAG,CAAC,AAAD,EAAGW,WAAW,GAMpgB,GAAI,CGnBG,CAAA,AAAgB,UAAhB,OHmBOD,GGnBqBlB,GAAMoB,IAAI,CHmB/BF,EGnBoC,EHoBhD,MAAMG,UAAU,+BAGlB,OAAOH,CACT,EEPmBT,EACnB,CErBO,IAAMa,GAAc,AAACC,IAE1B,GAAI,CACF,IAAMC,EAAM,IAAIC,IAAIF,GACpB,MAAO,CAAC,QAAQ,EAAEC,EAAIE,QAAQ,CAAA,CAAE,AAClC,CAAE,KAAM,CAER,CAGA,GAAI,CACF,IAAMF,EAAM,IAAIC,IAAI,CAAC,QAAQ,EAAEF,EAAAA,CAAa,EAC5C,MAAO,CAAC,QAAQ,EAAEC,EAAIE,QAAQ,CAAA,CAAE,AAClC,CAAE,KAAM,CAER,CAIF,ECbMC,GAGA,CAAC,eAAgB,uEAAwE,GAAG,IAiB1F,CAAC,GAAGC,IAAgBC,QAAQC,IAAI,IAAIH,MAAiBC,MACpD,CAAC,GAAGA,IAAgBC,QAAQrH,KAAK,IAAImH,MAAiBC,GCzBzDG,GAAU;wEACwD,CAAC,CCHnEC,GAAuD,CAAA,EAItD,eAAeC,GAAgBT,CAAW,CAAEU,CAA8B,MAS7CV,EAAaU,SARflI,KAAAA,IAA5BgI,EAAkB,CAACR,EAAI,EAI3BQ,CAAAA,EAAkB,CAACR,EAAI,EAIWA,EAJgBA,EAIHU,EAJQA,EAKhD,IAAIC,QAAQ,CAACC,EAASC,SAoCTb,EAnClB,IAoCIc,EApCEC,EAAcC,AA4BxB,SAAoBhB,CAAW,EAC7B,IAAMiB,EAHkClD,SAASmD,gBAAgB,CAAoB,CAAC,YAAY,EAGjElB,EAHuE,EAAE,CAAC,EAI3G,GAAIiB,CAAO,CAAC,EAAE,CACZ,OAAOA,CAAO,CAAC,EAAE,AAErB,EAjCmCjB,GAC/B,GAAIe,GAAeA,AAA+B,SAA/BA,EAAYI,OAAO,CAACC,MAAM,CAC3C,GAAI,CACFR,EAAQF,IACV,CAAE,MAAOrJ,EAAK,CACZ,OAAOwJ,EAAO,AAAItK,MAAM,GAAGyJ,EAAI,2DAA2D,EAAE3I,EAAAA,CAAK,EACnG,CAGF,IAAMyJ,GA0BYd,EA1BUA,EA4B9Bc,CADMA,EAAS/C,SAASC,aAAa,CAAC,WAC/BqD,YAAY,CAAC,MAAOrB,GAC3Bc,EAAOO,YAAY,CAAC,QAAS,QAC7BP,EAAOO,YAAY,CAAC,QAAS,QAC7BtD,SAASuD,IAAI,CAAClD,WAAW,CAAC0C,GACnBA,GA9BLA,EAAOS,gBAAgB,CAAC,OAAQ,KAC9BT,EAAOK,OAAO,CAACC,MAAM,CAAG,OACxB,GAAI,CACFR,EAAQF,IACV,CAAE,MAAOrJ,EAAK,CACZwJ,EAAO,AAAItK,MAAM,CAAA,EAAGyJ,EAAI,uDAAuD,EAAE3I,EAAAA,CAAK,EACxF,CACF,GAEAyJ,EAAOS,gBAAgB,CAAC,QAAS,AAAClK,IAChCwJ,EAAO,AAAItK,MAAM,CAAA,EAAGyJ,EAAI,sBAAsB,EAAE3I,EAAAA,CAAK,EACvD,EACF,GA7BuDqJ,EAH9CF,EAAkB,CAACR,EAAI,AAKlC,CCeO,MAAMwB,mBACHC,CAAAA,KAAAA,AACR,aACEC,CAAmB,CACnBC,CAAqB,CACrBC,CAAoB,CACZC,CAAwC,CAChDC,EAAsD,IAAMnB,QAAQC,OAAO,CAACpI,KAAAA,EAAU,CACtF,MAFQqJ,gBAAAA,CAAAA,EAGR,IAAI,CAACJ,KAAK,CAAGI,EAAiBE,IAAI,CAAC,MAAOC,GACxC,AAAKA,EAAcC,mBAAmB,EAGtC,MA1BsCxB,GAAa,CAAA,EA0B7BmB,EA1BuC,aAAa,CAAC,CAAE,IAAMM,OAAOC,cAAc,EA2BjG,CACLT,YAAAA,EACAC,cAAAA,EACAS,QAAS,CAAA,EACTC,KAAML,EAAcM,oBAAoB,EAAI,cAC5ClB,OAAQ,CAAA,EACRU,iBAAAA,CACF,GAVS,CAAEJ,YAAAA,EAAaC,cAAAA,EAAeS,QAAS,CAAA,EAAOhB,OAAQ,CAAA,EAAOU,iBAAAA,CAAiB,EAY3F,CAEAS,UAAY,SACH,IAAI,CAACd,KAAK,CAACM,IAAI,CAAC,AAACN,GAAUA,EAAMW,OAAO,CACjD,AAEAI,CAAAA,eAAiB,UACf,GAAM,CAAEd,YAAAA,CAAW,CAAEU,QAAAA,CAAO,CAAET,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACF,KAAK,CAChE,GAAKW,EAGL,OAAO,MAAMF,OAAOC,cAAc,CAACT,EAAa,CAAA,EAAGC,EAAc,OAAO,CAAC,CAC3E,CAAA,AAEAc,CAAAA,4BAA8B,UAC5B,IAEIC,EACAC,EAHE,CAAEP,QAAAA,CAAO,CAAEN,iBAAAA,CAAgB,CAAEO,KAAAA,CAAI,CAAE,CAAG,MAAM,IAAI,CAACZ,KAAK,CAa5D,OATI,AAACW,GACHO,CAAAA,EAAgB,MAAMb,GAAAA,EAEpBO,AAAS,gBAATA,EACFK,EAAmB,MAAM,IAAI,CAACF,cAAc,GAC1B,gBAATH,IACTK,EAAmB,MAAM,IAAI,CAACF,cAAc,GAC5CG,EAAgB,MAAMb,KAEjB,CAAEY,iBAAAA,EAAkBC,cAAAA,CAAc,CAC3C,CAAA,AAEAC,CAAAA,uBAAyB,MAAO7F,EAAmBT,KACjD,GAAM,CAAE8F,QAAAA,CAAO,CAAEN,iBAAAA,CAAgB,CAAE,CAAG,MAAM,IAAI,CAACL,KAAK,CACtD,GAAI1E,EAAEjB,IAAI,GAAKJ,GAAmBmH,eAAe,EAAIT,EAKnD,OAJI9F,EAAInF,IAAI,GACVmF,EAAInF,IAAI,CAACuL,gBAAgB,CAAG,MAAM,IAAI,CAACF,cAAc,GACrDlG,EAAInF,IAAI,CAACwL,aAAa,CAAG,MAAMb,KAE1BxF,CAET,OAAM,AAAI/F,MAAM,kDAClB,CAAA,AACF,CAEO,IAAMuM,GAAmC,IAAO,CAAA,CACrDP,UAAW,SAAY,CAAA,EACvBC,eAAgB,SAAYhK,KAAAA,EAC5BiK,4BAA6B,SAAa,CAAA,CACxCC,iBAAkBlK,KAAAA,EAClBmK,cAAenK,KAAAA,IAEjBoK,uBAAwB,UACtB,MAAM,AAAIrM,MAAM,iCAClB,CACF,CAAA,CCvFO,OAAMwM,GACX,OAAOC,QAAkDC,CAAa,CAAEC,CAAkC,CAAS,CASjH,IAAM7L,EAAM,IAAI4L,EAAWC,GAG3B,OAFAvM,OAAOwM,MAAM,CAAC9L,EAAK6L,GACnBvM,OAAOC,cAAc,CAACS,EAAK4L,EAAWpM,SAAS,EACxCQ,CACT,CAEA,OAAO+L,WAAWpK,CAA8B,CAAS,CACvD,GAAI,SAAUA,EACZ,OAAQA,EAAMtC,IAAI,EAChB,IAAK,yBACH,OAAOqM,GAAgBC,OAAO,CAAC1M,EAAwB0C,EACzD,KAAK,uBACH,OAAO+J,GAAgBC,OAAO,CAAChM,EAAsBgC,EACvD,KAAK,4BACH,OAAO+J,GAAgBC,OAAO,CAAC7K,EAA2Ba,EAC5D,KAAK,uBACH,OAAO+J,GAAgBC,OAAO,CAAC5K,EAAsBY,EACvD,KAAK,oBACH,OAAO+J,GAAgBC,OAAO,CAACxL,EAAmBwB,EACpD,KAAK,iBACH,OAAO+J,GAAgBC,OAAO,CAAC3K,EAAgBW,EACjD,KAAK,YACH,OAAO+J,GAAgBC,OAAO,CAACnD,UAAW7G,EAC5C,KAAK,cACH,OAAO+J,GAAgBC,OAAO,CAACK,YAAarK,EAC9C,KAAK,iBACH,OAAO+J,GAAgBC,OAAO,CAACM,eAAgBtK,EACjD,KAAK,aACH,OAAO+J,GAAgBC,OAAO,CAACO,WAAYvK,EAC7C,KAAK,YACH,OAAO+J,GAAgBC,OAAO,CAACQ,UAAWxK,EAC5C,KAAK,WACH,OAAO+J,GAAgBC,OAAO,CAACS,SAAUzK,EAC7C,CAEF,OAAO+J,GAAgBC,OAAO,CAACzM,MAAOyC,EACxC,CACF,CCpDO,MAAM0K,GACHC,YAAAA,AACAC,CAAAA,WAAAA,AACAC,CAAAA,KAAAA,AAER,aAAYzD,CAAqB,CAAE,CACjC,IAAI,CAACuD,YAAY,CAAGvD,EAAKuD,YAAY,CACrC,IAAI,CAACC,WAAW,CAAGxD,EAAKwD,WAAW,CAEnCE,YAAY,IAAI,CAACC,KAAK,CAAC1E,IAAI,CAAC,IAAI,EAAGe,EAAK4D,kBAAkB,EAC1D,IAAI,CAACH,KAAK,CAAG,EAAE,AACjB,CAEAI,SAASC,CAAuB,CAAEC,CAA8B,CAAE,CAChE,IAAI,CAACN,KAAK,CAAClF,IAAI,CAAC,CAAEuF,UAAAA,EAAWC,MAAAA,CAAM,GAC/B,IAAI,CAACN,KAAK,CAACpE,MAAM,EAAI,IAAI,CAACkE,YAAY,EACxC,IAAI,CAACI,KAAK,EAEd,CAEA,MAAMA,OAAQ,CACZ,GAAI,CAAC,IAAI,CAACF,KAAK,CAACpE,MAAM,CACpB,OAEF,IAAM2E,EAAgB,IAAI,CAACP,KAAK,AAChC,CAAA,IAAI,CAACA,KAAK,CAAG,EAAE,CACf,GAAI,CACF,MAAM/G,MAAM,IAAI,CAAC8G,WAAW,CAAE,CAC5B5H,OAAQ,OACRU,QAAS,CACP,eAAgB,kBAClB,EACAvF,KAAMY,KAAKC,SAAS,CAACoM,EACvB,EACF,CAAE,KAAM,CAER,CACF,CACF,CCpBO,IAAMC,GAAgB,CAC3BtN,EACAuN,EACAC,KAEA,IAAMC,EAAgC,EAAE,CACxC,IAAK,GAAM,CAAC5G,EAAK6G,EAAK,GAAI9N,OAAOgH,OAAO,CAAC4G,GAAQ,CAC/C,GAAIE,AAAQ,MAARA,EAAc,SAElB,IAAMC,EAAMJ,CAAG,CAAC1G,EAAI,CACpB,GAAI6G,CAAAA,EAAKE,UAAU,CAAC,aAAeD,AAAO,MAAPA,EAEnC,OAAQD,GACN,IAAK,SACL,IAAK,iBAEC,AADa,CAAA,AAAe,UAAf,OAAOC,GAAqBE,MAAMC,OAAO,CAACH,IAAQA,AAAQ,OAARA,CAAQ,GAEzEF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,mBAAmB,CAAC,GAE7E,KAGF,KAAK,SACL,IAAK,iBACC,AAAe,UAAf,OAAO8G,GACTF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,kBAAkB,CAAC,GAE5E,KAEF,KAAK,SACL,IAAK,iBACC,AAAe,UAAf,OAAO8G,GACTF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,kBAAkB,CAAC,GAE5E,KAEF,KAAK,cACL,IAAK,sBACC,AAACgH,MAAMC,OAAO,CAACH,IAASA,EAAII,KAAK,CAAC,AAACC,GAAQ,AAAe,UAAf,OAAOA,IACpDP,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,6BAA6B,CAAC,GAEvF,KAEF,KAAK,UACL,IAAK,kBACC,AAAe,WAAf,OAAO8G,GACTF,EAAO7F,IAAI,CAAC,IAAI7H,EAAoBC,EAAY,CAAA,EAAG6G,EAAI,mBAAmB,CAAC,EAGjF,CACF,CAEA,GAAI4G,EAAO/E,MAAM,CAAG,EAClB,GAAI+E,AAAkB,IAAlBA,EAAO/E,MAAM,CACf,MAAM+E,CAAM,CAAC,EAAE,MAEf,MAAM,AAAIQ,eAAeR,EAG/B,CC5EO,OAAMS,sCAGXC,CAAAA,aAAAA,AAOAC,CAAAA,oBAAAA,AAMA,aACEC,CAAsC,CAC9BC,CAAoE,CAC5E,MAFQD,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,EAER,IAAI,CAACH,aAAa,CAAG,CACnBI,KAAM,SACJ,IAAI,CAACF,cAAc,CAACG,QAAQ,CAAoC,CAC9DvF,IAAK,+BACL7I,KAAM,CACJqO,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EACAwD,OAAQ,MACV,GACF0J,OAAQ,IAAI,CAACL,oBAAoB,CAACM,iBAAiB,CACjD,MACEzI,IAEAmH,GAAc,wCAAyCnH,EAAM,CAC3D0I,yBAA0B,SAC1BC,kBAAmB,iBACnBC,kBAAmB,iBACnBC,sBAAuB,iBACvBC,qBAAsB,iBACtBC,sBAAuB,sBACvBC,cAAe,iBACfC,aAAc,iBACdC,qBAAsB,sBACtBC,WAAY,gBACd,GAEA,IAAMC,EAAc,CAClB,GAAGpJ,CAAI,CACPsI,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EAEA,OAAO,IAAI,CAAC4M,cAAc,CAACG,QAAQ,CAAiE,CAClGvF,IAAK,sCACL7I,KAAMmP,EACNtK,OAAQ,MACV,EACF,EAEJ,EAEA,IAAI,CAACmJ,oBAAoB,CAAG,CAC1BoB,SAAU,IAAI,CAAClB,oBAAoB,CAACM,iBAAiB,CACnD,MACEzI,IAEAmH,GAAc,iDAAkDnH,EAAM,CACpEsJ,gBAAiB,SACjBZ,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAMH,EAAc,CAClB,GAAGpJ,CAAI,CACPsI,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA,OAAO,IAAI,CAAC4M,cAAc,CAACG,QAAQ,CAA0E,CAC3GvF,IAAK,gDACL7I,KAAMmP,EACNtK,OAAQ,MACV,EACF,EAEJ,CACF,CACF,CCrFO,MAAM0K,iBACX,aAAoBtB,CAA8B,CAAE,MAAhCA,cAAAA,CAAAA,CAAiC,CAcrDuB,oBAAsB,MAAOzJ,GAC3B,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAiC,CAC3DvF,IAAK,iCACLhE,OAAQ,OACR7E,KAAM+F,GACR,AAuBF0J,CAAAA,qBAAuB,MAAO1J,GAC5B,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAkC,CAC5DvF,IAAK,kCACLhE,OAAQ,OACR7E,KAAM+F,GACR,AAEF2J,CAAAA,iBAAmB,MAAO3J,GACxB,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAA8B,CACxDvF,IAAK,0BACLhE,OAAQ,OACR7E,KAAM+F,GACR,AACJ,CC1DO,MAAM4J,uDAGXC,CAAAA,YAAAA,AAIA,aACU3B,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAC7D,MAAOzI,IACLmH,GAAc,oCAAqCnH,EAAM,CACvD+J,oBAAqB,QACvB,GACA,GAAM,CAAEvE,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA8D,CACxGiE,IAAK,kCACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CACF,CCdA,IAAMsE,GAAuBvG,QAAQC,OAAO,CAAC,CAC3CuG,+BAAgC,CAAA,CAClC,EAEO,OAAMC,sGAGXC,CAAAA,KAAAA,AAQAN,CAAAA,YAAAA,AAIAO,CAAAA,SAAAA,AAMA,aACElC,CAAsC,CACtCC,CAA4E,CAC5EkC,CAAkC,CAClCC,CAA+C,CAC/CC,EAAiCP,EAAoB,CACrDF,EAAsDlE,IAAkC,CACxF,MANQsC,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAC,yBAAAA,CAAAA,OACAC,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAER,IAAI,CAACK,KAAK,CAAG,CACXK,OAAQ,MAAOxK,IACbmH,GAAc,iCAAkCnH,EAAM,CACpDyK,cAAe,SACfC,oBAAqB,iBACrBC,mBAAoB,iBACpBnR,KAAM,iBACN+P,OAAQ,iBACRqB,MAAO,sBACPC,0BAA2B,gBAC7B,GAEO,IAAI,CAAC3C,cAAc,CAACG,QAAQ,CAA8B,CAC/DvF,IAAK,gCACL7I,KAAM+F,EACNlB,OAAQ,MACV,IAEFgM,cAAe,MAAO9K,IACpBmH,GAAc,wCAAyCnH,EAAM,CAC3DyK,cAAe,SACfnB,gBAAiB,SACjByB,mBAAoB,iBACpBC,kBAAmB,iBACnBC,oBAAqB,iBACrBC,mBAAoB,iBACpB3B,OAAQ,iBACR4B,yBAA0B,iBAC1BC,0BAA2B,gBAC7B,GAEA,IAAMC,EAAsB,MAAM,IAAI,CAACC,gBAAgB,GACjDlC,EAAc,CAClB,GAAGpJ,CAAI,CACPqL,oBAAAA,CACF,EACA,OAAO,IAAI,CAACnD,cAAc,CAACG,QAAQ,CAAoC,CACrEvF,IAAK,yCACL7I,KAAMmP,EACNtK,OAAQ,MACV,EACF,EACAsL,UAAW,CACTmB,KAAM,MACJvL,IAEAmH,GAAc,yCAA0CnH,EAAM,CAC5DyK,cAAe,SACfe,uBAAwB,iBACxBR,kBAAmB,iBACnBzB,OAAQ,iBACRkC,6BAA8B,gBAChC,GAEA,GAAM,CAAEjG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F8F,EAAsB,MAAM,IAAI,CAACC,gBAAgB,GACjDlC,EAAc,CAClB,GAAGpJ,CAAI,CACPqL,oBAAAA,EACA7F,iBAAAA,EACAC,cAAAA,CACF,EACA,OAAO,IAAI,CAACyC,cAAc,CAACrJ,iBAAiB,CAA0C,CACpFiE,IAAK,wCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,CACF,CACF,EAEA,IAAI,CAACmE,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,MAAOzI,IACrEmH,GAAc,iCAAkCnH,EAAM,CACpD0L,kBAAmB,SACnBhD,yBAA0B,SAC1Ba,OAAQ,gBACV,GAQA,IAAMoC,EAAsB,MAAM,IAAI,CAACrB,yBAAyB,CAACsB,SAAS,GAEtEtM,EAAwE,KAE5E,GAAIqM,GAAqBE,cACvB,GAAI,CACFvM,EAAO,MAAM,IAAI,CAACwM,yBAAyB,CAAC,IAAI,CAACxB,yBAAyB,CAAEtK,EAC9E,CAAE,MAAOH,EAAG,CACV,GAAIA,EAAatG,OAAO,CAAC2G,QAAQ,CAAC,QAGhCiD,QAAQ4I,GAAG,CACT,oHAGF,MAAMlM,CAEV,CAOF,OAJI,AAACP,GACHA,CAAAA,EAAO,MAAM,IAAI,CAACwM,yBAAyB,CAAC,IAAI,CAACzB,YAAY,CAAErK,EAAAA,EAG1DV,CACT,GAEA,IAAI,CAAC8K,SAAS,CAAG,CACfP,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,2CAA4CnH,EAAM,CAC9DgM,4BAA6B,QAC/B,GAEA,IAAMC,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAE1C,CAAEpG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7F6D,EAAc,CAClB8C,mBAAoBD,GAAQJ,cAC5BrG,iBAAAA,EACAC,cAAAA,EACA,GAAGzF,CAAAA,AACL,EACMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,0CACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,EAEJ,CACF,CAEA,MAAcgM,kBAAgD,CAC5D,GAAM,CAAErB,+BAAAA,CAA8B,CAAE,CAAG,MAAM,IAAI,CAACM,OAAO,CAC7D,GAAI,CAACN,EACH,OAEF,IAAImC,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,UAC/C,AAAIQ,EACKA,EAAQC,cAAc,CAGxBD,AADPA,CAAAA,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACvCD,cAAc,AAC/B,CAEA,MAAcP,0BACZS,CAAyB,CACzBvM,CAAsC,CAC6B,CACnE,IAAMiM,EAAS,MAAMM,EAAYX,SAAS,GAEpC,CAAEpG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7F6D,EAAc,CAClB8C,mBAAoBD,GAAQJ,cAC5BrG,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,EAC/F,GAAG0E,CAAAA,AACL,EACMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAA2D,CACjHiE,IAAK,gCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA6G,EAAYJ,WAAW,GAEhB7M,CACT,CACF,CC9NO,IAAAkN,GAAA,8FAGL3C,CAAAA,YAAAA,AAEAO,CAAAA,SAAAA,AAMAqC,CAAAA,MAAAA,AAOAC,CAAAA,SAAAA,AAOAC,CAAAA,OAAAA,AAOAC,CAAAA,KAAAA,AAOAC,CAAAA,MAAAA,AAOA,aACE3E,CAAwC,CACxCC,CAA8E,CAC9EkC,CAAoC,CAC1ByC,CAA6B,CAC7BvC,CAAe,CACfT,CAA2C,CACrD,MANU5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAyC,cAAAA,CAAAA,OACAvC,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAEV,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,MAAOhN,IACrE0L,GAAc,4BAA6B1L,EAAS,CAClDsR,YAAa,SACbrE,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAM6C,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,EAE7C,CAACQ,GACHY,GACE,mOAMJ,GAAM,CAAExH,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7FjG,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAAsD,CAC5GiE,IAAK,0BACLhE,OAAQ,OACR7E,KAAM,CACJiS,mBAAoBE,GAASP,cAC7BrG,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,EAC/F,GAAGG,CAAAA,AACL,EACA0D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,GAEA,IAAI,CAAC8K,SAAS,CAAG,CACfP,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,sCAAuCnH,EAAM,CACzDiN,sBAAuB,QACzB,GAEA,IAAMhB,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAE1C,CAAEpG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7F6D,EAAc,CAClB8C,mBAAoBD,GAAQJ,cAC5BrG,iBAAAA,EACAC,cAAAA,EACA,GAAGzF,CAAAA,AACL,EACMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,oCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,EAEJ,EAEA,IAAI,CAACmN,MAAM,CAAG,CACZS,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBC,MAAM,EACnDqR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBC,MAAM,CAC9D,CACF,EAEA,IAAI,CAAC2T,SAAS,CAAG,CACfQ,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBE,SAAS,EACtDoR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBE,SAAS,CACjE,CACF,EAEA,IAAI,CAAC2T,OAAO,CAAG,CACbO,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBG,OAAO,EACpDmR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBG,OAAO,CAC/D,CACF,EAEA,IAAI,CAAC2T,KAAK,CAAG,CACXM,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBI,KAAK,EAClDkR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBI,KAAK,CAC7D,CACF,EAEA,IAAI,CAAC2T,MAAM,CAAG,CACZK,MAAO,IAAI,CAACC,cAAc,CAACrU,EAAkBK,MAAM,EACnDiR,UAAW,CACT8C,MAAO,IAAI,CAACE,uBAAuB,CAACtU,EAAkBK,MAAM,CAC9D,CACF,CACF,CAEA,MAAgBkU,eAAgB,CAC9B,GAAM,CAAEC,YAAAA,CAAW,CAAE,CAAG,MAAM,IAAI,CAACR,cAAc,QACjD,AAAIQ,EAEK,CAAC,QAAQ,EAAEA,EAAAA,CAAa,CAIjC,ACpLgDC,ADoL1B,IAAI,CAAChD,OAAO,CAAC/F,WAAW,CCpLQtE,QAAQ,CAAC,qBDqLtD,IAAI,CAACqK,OAAO,CAACiD,UAAU,CAEzB,IAAI,CAACjD,OAAO,CAACkD,UAAU,AAChC,CAEUN,eAAeO,CAA+B,CAAE,CACxD,OAAO,MAAOjS,IACZ,GAAM,CACJ6N,gBAAAA,CAAe,CACfV,kBAAAA,CAAiB,CACjBmC,mBAAAA,CAAkB,CAClBE,oBAAAA,CAAmB,CACnB0C,cAAAA,CAAa,CACbC,gBAAAA,CAAe,CAChB,CAAGnS,EACE,CAAEoS,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACf,cAAc,CACpDgB,EAAU,MAAM,IAAI,CAACT,aAAa,GAElCU,EAAW,IAAIhL,IAAI,CAAA,EAAG+K,EAAQ,qBAAqB,EAAEJ,EAAa,MAAM,CAAC,EAoB/E,GAnBAK,EAASC,YAAY,CAACC,GAAG,CAAC,eAAgB,IAAI,CAAC1D,OAAO,CAAC/F,WAAW,EAC9D8E,GAAmBA,AAAmB,IAAnBA,GACrByE,EAASC,YAAY,CAACC,GAAG,CAAC,kBAAmB3E,GAG3CV,GAAqBA,AAAqB,IAArBA,GACvBmF,EAASC,YAAY,CAACC,GAAG,CAAC,OAAQrF,GAGhC+E,IACFxG,GACE,iBACA,CAAEwG,cAAAA,GACF,CACEA,cAAe,aACjB,GAEFI,EAASC,YAAY,CAACC,GAAG,CAAC,gBAAiBN,EAActT,IAAI,CAAC,OAE5DuT,EAQF,IAAK,IAAMlN,KAPXyG,GACE,iBACA,CAAEyG,gBAAAA,GACF,CACEA,gBAAiB,gBACnB,GAEgBA,EAChBG,EAASC,YAAY,CAACC,GAAG,CAAC,YAAcvN,EAAKkN,CAAe,CAAClN,EAAI,EAIrE,GAAImN,EAAsB,CACxB,IAAMzB,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,GAC5DyB,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuB7B,EAAQC,cAAc,CACzE,MACE,IAAI,CAAChC,YAAY,CAAC8B,WAAW,EAG3BpB,CAAAA,GAAoBgD,EAASC,YAAY,CAACC,GAAG,CAAC,qBAAsBlD,GACpEE,GAAqB8C,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuBhD,GAE1E,IAAI,CAACiD,QAAQ,CAACH,EAChB,CACF,CAEUX,wBAAwBM,CAA+B,CAAE,CACjE,OAAO,MAAOjS,IACZ,GAAM,CAAE+P,uBAAAA,CAAsB,CAAEmC,cAAAA,CAAa,CAAEC,gBAAAA,CAAe,CAAE,CAAGnS,EAC7D,CAAEoS,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACf,cAAc,CACpDgB,EAAU,MAAM,IAAI,CAACT,aAAa,GAElCU,EAAW,IAAIhL,IAAI,CAAA,EAAG+K,EAAQ,qBAAqB,EAAEJ,EAAa,gBAAgB,CAAC,EAYzF,GAXAK,EAASC,YAAY,CAACC,GAAG,CAAC,eAAgB,IAAI,CAAC1D,OAAO,CAAC/F,WAAW,EAC9DmJ,IACFxG,GACE,iBACA,CAAEwG,cAAAA,GACF,CACEA,cAAe,aACjB,GAEFI,EAASC,YAAY,CAACC,GAAG,CAAC,gBAAiBN,EAActT,IAAI,CAAC,OAE5DuT,EAQF,IAAK,IAAMlN,KAPXyG,GACE,iBACA,CAAEyG,gBAAAA,GACF,CACEA,gBAAiB,gBACnB,GAEgBA,EAChBG,EAASC,YAAY,CAACC,GAAG,CAAC,YAAcvN,EAAKkN,CAAe,CAAClN,EAAI,EAIrE,GAAImN,EAAsB,CACxB,IAAMzB,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,GAC5DyB,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuB7B,EAAQC,cAAc,CACzE,MACE,IAAI,CAAChC,YAAY,CAAC8B,WAAW,EAG3BX,CAAAA,GACFuC,EAASC,YAAY,CAACC,GAAG,CAAC,yBAA0BzC,GAGtD,IAAI,CAAC0C,QAAQ,CAACH,EAChB,CACF,CAGAG,SAASpL,CAAQ,CAAE,CACjBkC,OAAOmJ,QAAQ,CAACC,IAAI,CAAGtL,EAAIpB,QAAQ,EACrC,CACF,CE/QO,OAAM2M,wDAGX,aACUnG,CAA8B,CAC9BoG,CAAiC,CACjCnG,CAAoE,CAC5E,MAHQD,cAAAA,CAAAA,OACAoG,iBAAAA,CAAAA,OACAnG,oBAAAA,CAAAA,CACP,CAEHlI,IAAM,UACJ,IAAMX,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAkD,CAC/FvF,IAAK,wBACLhE,OAAQ,KACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoG,kBAAkB,CAACjP,EAAKkP,YAAY,EACvDlP,EAAKkP,YAAY,AAC1B,CAAA,AAEAC,CAAAA,QAAU,IACD,IAAI,CAACtG,oBAAoB,CAACuG,eAAe,EAClD,AAEAC,CAAAA,QAAU,IAAyB,CAAA,CACjCH,aAAc,IAAI,CAACC,OAAO,GAC1BG,UAAW,IAAI,CAACzG,oBAAoB,CAAC0G,YAAY,EACnD,CAAA,CAAA,AAEAC,CAAAA,SAAW,AAACC,GACH,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,GAAUwK,EAASxK,GAAOiK,cAAgB,MAC/F,AAEAS,CAAAA,OAAS,MAAOjP,IACd,IAAMV,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAiC,CAC9EvF,IAAK,wBACLhE,OAAQ,MACR7E,KAAM+F,CACR,GAGA,OADA,IAAI,CAACmI,oBAAoB,CAACoG,kBAAkB,CAACjP,EAAKkP,YAAY,EACvDlP,CACT,CAAA,AAEA4P,CAAAA,OAAS,UACP,IAAM5P,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAiC,CAC9EvF,IAAK,wBACLhE,OAAQ,QACV,GAIA,OAFA,IAAI,CAACqJ,oBAAoB,CAACgH,YAAY,GAE/B7P,CACT,CAAA,AAEA8P,CAAAA,UAAY,MAAOpP,IACjBmH,GAAc,gCAAiCnH,EAAM,CACnD4I,kBAAmB,QACrB,GAEO,IAAI,CAACV,cAAc,CAACG,QAAQ,CAAoC,CACrEvF,IAAK,4BACLhE,OAAQ,OACR7E,KAAM+F,CACR,GACF,AAEAqP,CAAAA,iBAAmB,SACV,IAAI,CAACnH,cAAc,CAACG,QAAQ,CAA2C,CAC5EvF,IAAK,oCACLhE,OAAQ,KACV,EACF,AAEAwQ,CAAAA,gBAAkB,MAChBtP,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAA0C,CAC3EvF,IAAK,CAAC,kCAAkC,EAAE9C,EAAKuP,gBAAgB,CAAA,CAAE,CACjEzQ,OAAQ,KACV,EACF,AAEA0Q,CAAAA,QAAU,CACRhH,OAAQ,MAAOxI,GACN,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAwC,CACzEvF,IAAK,6BACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEFyP,OAAQ,MAAOzP,GACN,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAwC,CACzEvF,IAAK,uCACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEFiP,OAAQ,MAAOjP,IACb,IAAM0P,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAAwC,CACzFvF,IAAK,CAAC,2BAA2B,EAAE9C,EAAK2P,SAAS,CAAA,CAAE,CACnD7Q,OAAQ,MACR7E,KAAM+F,CACR,GAGA,OADA,IAAI,CAAC4P,kBAAkB,CAACF,GACjBA,CACT,EACAG,eAAgB,MAAOC,IACrB,IAAMJ,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAA+C,CAChGvF,IAAK,CAAC,qCAAqC,EAAEgN,EAAAA,CAAY,CACzDhR,OAAQ,QACV,GAGA,OADA,IAAI,CAAC8Q,kBAAkB,CAACF,GACjBA,CACT,EACAK,qBAAsB,MAAOC,IAC3B,IAAMN,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAAqD,CACtGvF,IAAK,CAAC,6CAA6C,EAAEkN,EAAAA,CAAU,CAC/DlR,OAAQ,QACV,GAGA,OADA,IAAI,CAAC8Q,kBAAkB,CAACF,GACjBA,CACT,EACAO,cAAe,MAAOD,IACpB,IAAMN,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAA8C,CAC/FvF,IAAK,CAAC,gCAAgC,EAAEkN,EAAAA,CAAU,CAClDlR,OAAQ,QACV,GAGA,OADA,IAAI,CAAC8Q,kBAAkB,CAACF,GACjBA,CACT,EACAR,OAAQ,MAAOc,IACb,IAAMN,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACG,QAAQ,CAAwC,CACzFvF,IAAK,CAAC,2BAA2B,EAAEkN,EAAAA,CAAU,CAC7ClR,OAAQ,QACV,GAMA,OAJIkR,IAAa,IAAI,CAAC7H,oBAAoB,CAAC+H,SAAS,IAAIP,WACtD,IAAI,CAACxH,oBAAoB,CAACgH,YAAY,GAGjCO,CACT,EACAS,WAAY,MAAOH,GACV,IAAI,CAAC9H,cAAc,CAACG,QAAQ,CAA4C,CAC7EvF,IAAK,CAAC,2BAA2B,EAAEkN,EAAS,WAAW,CAAC,CACxDlR,OAAQ,KACV,GAEFsR,mBAAoB,MAClBpQ,IAEA,GAAM,CAAE2P,UAAAA,CAAS,CAAE,GAAG1V,EAAM,CAAG+F,EACzB0P,EAAW,MAAM,IAAI,CAACpB,iBAAiB,CAACjG,QAAQ,CAAmD,CACvGvF,IAAK,CAAC,2BAA2B,EAAE6M,EAAU,qBAAqB,CAAC,CACnE7Q,OAAQ,OACR7E,KAAAA,CACF,GAGA,OADA,IAAI,CAAC2V,kBAAkB,CAACF,GACjBA,CACT,EACAW,iBAAkB,MAChBrQ,IAEA,GAAM,CAAE2P,UAAAA,CAAS,CAAE,GAAG1V,EAAM,CAAG+F,EACzB0P,EAAW,MAAM,IAAI,CAACpB,iBAAiB,CAACjG,QAAQ,CAAiD,CACrGvF,IAAK,CAAC,2BAA2B,EAAE6M,EAAU,mBAAmB,CAAC,CACjE7Q,OAAQ,OACR7E,KAAAA,CACF,GAGA,OADA,IAAI,CAAC2V,kBAAkB,CAACF,GACjBA,CACT,EACAL,iBAAkB,MAChBrP,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAiD,CAClFvF,IAAK,CAAC,0BAA0B,EAAE9C,EAAK2P,SAAS,CAAC,eAAe,CAAC,CACjE7Q,OAAQ,KACV,GAEFwR,mBAAoB,MAClBtQ,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAmD,CACpFvF,IAAK,CAAC,2BAA2B,EAAE9C,EAAK2P,SAAS,CAAC,gBAAgB,EAAE3P,EAAKuP,gBAAgB,CAAC,OAAO,CAAC,CAClGzQ,OAAQ,MACV,GAEJ,AAEQ8Q,CAAAA,mBAAqB,AAACF,IACxBA,EAASC,SAAS,GAAK,IAAI,CAACxH,oBAAoB,CAAC+H,SAAS,IAAIP,WAChE,IAAI,CAACxH,oBAAoB,CAACoI,YAAY,CAACb,EAASc,MAAM,CAE1D,CAAA,AACF,CC5NO,MAAMC,uDAGXC,CAAAA,GAAAA,AAKAvG,CAAAA,KAAAA,AAaA,aACUjC,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAAC4G,GAAG,CAAG,CACTnF,KAAM,MAAOvL,IACXmH,GAAc,uBAAwBnH,EAAM,CAC1CsJ,gBAAiB,SACjBqG,UAAW,SACXgB,iBAAkB,iBAClBpH,OAAQ,gBACV,GACA,GAAM,CAAE/D,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAqB,CAC/DiE,IAAK,qBACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACAwD,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAmE,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MAAOzI,IACLmH,GAAc,+BAAgCnH,EAAM,CAClD0I,yBAA0B,SAC1BY,gBAAiB,SACjBqG,UAAW,SACXiB,KAAM,SACNC,mBAAoB,gBACtB,GACA,GAAM,CAAErL,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA,OAAO,IAAI,CAAC4M,cAAc,CAACrJ,iBAAiB,CAAoD,CAC9FiE,IAAK,6BACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,EAEA,IAAI,CAACyE,KAAK,CAAG,CACXW,cAAe,MAAO9K,IACpBmH,GAAc,kCAAmCnH,EAAM,CACrDsJ,gBAAiB,SACjBmB,cAAe,SACfO,kBAAmB,iBACnBE,mBAAoB,iBACpB3B,OAAQ,iBACR4B,yBAA0B,iBAC1BC,0BAA2B,gBAC7B,GAEA,GAAM,CAAE5F,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAoC,CAC9EiE,IAAK,kCACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAmE,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,iCAAkCnH,EAAM,CACpD4Q,KAAM,SACNnG,cAAe,SACfnB,gBAAiB,SACjBZ,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,GAAM,CAAE/D,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA0D,CACpGiE,IAAK,+BACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPsI,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,EACvFkK,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,GAEF0E,UAAW,CACTmB,KAAM,MAAOvL,IACXmH,GAAc,mCAAoCnH,EAAM,CACtDyK,cAAe,SACfO,kBAAmB,iBACnBzB,OAAQ,iBACRkC,6BAA8B,gBAChC,GAEA,GAAM,CAAEjG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,CACF,EACA,OAAO,IAAI,CAACyC,cAAc,CAACrJ,iBAAiB,CAAmC,CAC7EiE,IAAK,iCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAmE,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEzI,IAEAmH,GAAc,2CAA4CnH,EAAM,CAC9D4Q,KAAM,SACNnG,cAAe,QACjB,GAEA,GAAM,CAAEjF,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB5D,iBAAAA,EACAC,cAAAA,EACA,GAAGzF,CAAAA,AACL,EAEA,OAAO,IAAI,CAACkI,cAAc,CAACrJ,iBAAiB,CAE1C,CACAiE,IAAK,yCACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CACF,CACF,CACF,CCjKA,IAAMsE,GAAuBvG,QAAQC,OAAO,CAAC,CAC3CoN,8BAA+B,CAAA,CACjC,EAEO,OAAMC,4EAGXlH,CAAAA,YAAAA,AAIAO,CAAAA,SAAAA,AAYA4G,CAAAA,YAAAA,AAIAC,CAAAA,uBAAAA,AAIAC,CAAAA,cAAAA,AAIA,aACEhJ,CAAsC,CAC9BC,CAAoE,CACpEkC,CAA0B,CAClCE,EAAiCP,EAAoB,CAC7CF,CAA2C,CACnD,MALQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAE,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAER,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAC7D,MACEhN,IAEA0L,GAAc,gCAAiC1L,EAAS,CACtD6N,gBAAiB,SACjB6H,SAAU,SACV1G,cAAe,SACf/B,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAM0C,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CC,EAAgBI,GAAQJ,cACxB,CAAErG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAyD,CACnGiE,IAAK,8BACLhE,OAAQ,OACR7E,KAAM,CACJqP,gBAAiB7N,EAAQ6N,eAAe,CACxCmB,cAAehP,EAAQgP,aAAa,CACpC0G,SAAU1V,EAAQ0V,QAAQ,CAC1BzI,yBAA0BjN,EAAQiN,wBAAwB,CAC1Da,OAAQ9N,EAAQ8N,MAAM,CACtB9D,cAAAA,EACAD,iBAAAA,EACAqG,cAAAA,EACAvD,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,GAGF,IAAI,CAAC0E,SAAS,CAAG,CACfgH,kBAAmB,MACjB3V,IAEA0L,GAAc,+CAAgD1L,EAAS,CACrEgP,cAAe,SACfe,uBAAwB,iBACxB6F,4BAA6B,iBAC7BC,2BAA4B,iBAC5BC,kCAAmC,iBACnCC,yBAA0B,iBAC1BjI,OAAQ,gBACV,GAEA,IAAM8B,EAAsB,MAAM,IAAI,CAACC,gBAAgB,GACjD,CAAE9F,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAgD,CAC1FiE,IAAK,uCACLhE,OAAQ,OACR7E,KAAM,CACJwQ,cAAehP,EAAQgP,aAAa,CACpCe,uBAAwB/P,EAAQ+P,sBAAsB,CACtD6F,4BAA6B5V,EAAQ4V,2BAA2B,CAChEE,kCAAmC9V,EAAQ8V,iCAAiC,CAC5ED,2BAA4B7V,EAAQ6V,0BAA0B,CAC9DE,yBAA0B/V,EAAQ+V,wBAAwB,CAC1DjI,OAAQ9N,EAAQ8N,MAAM,CACtB8B,oBAAAA,EACA5F,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EACAsL,aAAc,IAAI,CAAC7I,oBAAoB,CAACM,iBAAiB,CACvD,MACEhN,IAEA0L,GAAc,0CAA2C1L,EAAS,CAChEgW,qBAAsB,SACtBN,SAAU,QACZ,GAEA,GAAM,CAAE3L,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F0G,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CM,EAAqBD,GAAQJ,cAE7BvM,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,iCACLhE,OAAQ,OACR7E,KAAM,CACJwX,qBAAsBhW,EAAQgW,oBAAoB,CAClDN,SAAU1V,EAAQ0V,QAAQ,CAC1B1L,cAAAA,EACAD,iBAAAA,EACA0G,mBAAAA,EACA5D,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,GAGFuK,aAAc,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CACvD,MACEhN,IAEA0L,GAAc,0CAA2C1L,EAAS,CAChE0V,SAAU,SACV1G,cAAe,QACjB,GAEA,IAAMwB,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CC,EAAgBI,GAAQJ,cACxB,CAAErG,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAC1C,CACEiE,IAAK,wCACLhE,OAAQ,OACR7E,KAAM,CACJwQ,cAAehP,EAAQgP,aAAa,CACpC0G,SAAU1V,EAAQ0V,QAAQ,CAC1B1L,cAAAA,EACAD,iBAAAA,EACAqG,cAAAA,CACF,EACA1M,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EAEJ,EAEJ,EAEA,IAAI,CAACsL,YAAY,CAAG,IAAI,CAAC7I,oBAAoB,CAACM,iBAAiB,CAC7D,MACEhN,IAEA0L,GAAc,gCAAiC1L,EAAS,CACtDgW,qBAAsB,SACtBN,SAAU,SACVzI,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,GAAM,CAAE/D,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F0G,EAAS,MAAM,IAAI,CAAC5B,YAAY,CAACuB,SAAS,GAC1CC,EAAgBI,GAAQJ,cAExBvM,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAEtD,CACAiE,IAAK,6BACLhE,OAAQ,OACR7E,KAAM,CACJwX,qBAAsBhW,EAAQgW,oBAAoB,CAClDN,SAAU1V,EAAQ0V,QAAQ,CAC1BzI,yBAA0BjN,EAAQiN,wBAAwB,CAC1Da,OAAQ9N,EAAQ8N,MAAM,CACtB9D,cAAAA,EACAD,iBAAAA,EACAqG,cAAeA,EACfvD,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAGA,OADA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GACtB7M,CACT,GAGF,IAAI,CAAC2R,uBAAuB,CAAG,IAAI,CAAC9I,oBAAoB,CAACM,iBAAiB,CACxE,MACEhN,IAEA0L,GAAc,2CAA4C1L,EAAS,CACjEgP,cAAe,SACfiH,kBAAmB,SACnBC,aAAc,SACdpI,OAAQ,iBACRb,yBAA0B,QAC5B,GAEA,GAAM,CAAElD,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAC1C,CACEiE,IAAK,yCACLhE,OAAQ,OACR7E,KAAM,CACJqP,gBAAiB7N,EAAQ6N,eAAe,CACxCmB,cAAehP,EAAQgP,aAAa,CACpCiH,kBAAmBjW,EAAQiW,iBAAiB,CAC5CC,aAAclW,EAAQkW,YAAY,CAClCpI,OAAQ9N,EAAQ8N,MAAM,CACtBb,yBAA0BjN,EAAQiN,wBAAwB,CAC1DjD,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EAEJ,GAGF,IAAI,CAACwL,cAAc,CAAG,IAAI,CAAC/I,oBAAoB,CAACM,iBAAiB,CAC/D,MACEhN,IAEA0L,GAAc,kCAAmC1L,EAAS,CACxD0V,SAAU,QACZ,GAEA,GAAM,CAAE3L,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA2D,CACrGiE,IAAK,+BACLhE,OAAQ,OACR7E,KAAM,CACJkX,SAAU1V,EAAQ0V,QAAQ,CAC1B1L,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CAEA,MAAc4F,kBAAgD,CAC5D,GAAM,CAAEwF,8BAAAA,CAA6B,CAAE,CAAG,MAAM,IAAI,CAACvG,OAAO,CAC5D,GAAI,CAACuG,EACH,OAEF,IAAI1E,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,UAC/C,AAAIQ,EACKA,EAAQC,cAAc,CAGxBD,AADPA,CAAAA,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACvCD,cAAc,AAC/B,CAEA,MAAM+E,kBAAkB3V,CAA4C,CAAiD,CACnH0L,GAAc,qCAAsC1L,EAAS,CAC3DgP,cAAe,SACfM,mBAAoB,iBACpBsG,4BAA6B,iBAC7BC,2BAA4B,iBAC5BC,kCAAmC,iBACnCC,yBAA0B,iBAC1BjI,OAAQ,gBACV,GAEA,IAAM8C,EAAiB,MAAM,IAAI,CAACf,gBAAgB,GAC5C,CAAE9F,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAEnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAAuC,CACjFiE,IAAK,mCACLhE,OAAQ,OACR7E,KAAM,CACJqP,gBAAiB7N,EAAQ6N,eAAe,CACxCmB,cAAehP,EAAQgP,aAAa,CACpCM,mBAAoBtP,EAAQsP,kBAAkB,CAC9CsG,4BAA6B5V,EAAQ4V,2BAA2B,CAChEE,kCAAmC9V,EAAQ8V,iCAAiC,CAC5ED,2BAA4B7V,EAAQ6V,0BAA0B,CAC9DE,yBAA0B/V,EAAQ+V,wBAAwB,CAC1DjI,OAAQ9N,EAAQ8N,MAAM,CACtB8C,eAAAA,EACA5G,cAAAA,EACAD,iBAAAA,CACF,EACArG,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,CAEA,MAAMkM,cAAcnW,CAAwC,CAA6C,CAMvG,OALA0L,GAAc,iCAAkC1L,EAAS,CACvDgP,cAAe,iBACf0G,SAAU,QACZ,GAEO,IAAI,CAACjJ,cAAc,CAACG,QAAQ,CAAmC,CACpEvF,IAAK,gCACLhE,OAAQ,OACR7E,KAAM,CACJwQ,cAAehP,EAAQgP,aAAa,CACpC0G,SAAU1V,EAAQ0V,QAAAA,AACpB,CACF,EACF,CACF,CC5UO,MAAMU,kBACHC,CAAAA,SAAAA,AAER,aACElH,CAA8B,CACvBmH,CAA+B,CACtC,MAFOnH,KAAAA,CAAAA,OACAmH,SAAAA,CAAAA,EAEP,IAAI,CAACD,SAAS,CAAG,CAAA,EACjBlH,EAAMoH,OAAO,CAAC,AAACC,GAAU,IAAI,CAACH,SAAS,CAACG,EAAKC,OAAO,CAAC,CAAGD,EAC1D,CAEA,OAAOE,SAASvR,CAAoB,CAAc,CAChD,OAAO,IAAIiR,GAAWjR,EAAMgK,KAAK,CAAEhK,EAAMmR,SAAS,CACpD,CASAK,qBAAqBC,CAA6B,CAAc,CAI9D,OAAO,IAAIR,GAHS,IAAI,IAAI,CAACjH,KAAK,IAAKyH,EAAY,CAGhB,IAAI,CAACN,SAAS,CACnD,CAQAO,mBAAmBC,CAAqB,CAAEC,CAAkB,CAAExR,CAAc,CAAW,CACrF,MAAO,CAAC,CAACuR,EACNrY,GAAG,CAAC,AAACuY,GAAW,IAAI,CAACX,SAAS,CAACW,EAAO,EAGtCC,MAAM,CAAC,AAACC,GAAMA,GACdC,OAAO,CAAC,AAACX,GAASA,EAAKY,WAAW,EAClCH,MAAM,CAAC,AAACI,GAAeA,EAAWC,WAAW,GAAKP,GAClDQ,IAAI,CAAC,AAACF,GAAeA,EAAWG,OAAO,CAAC/S,QAAQ,CAACc,IAAW8R,EAAWG,OAAO,CAAC/S,QAAQ,CA/E/D,KAgF7B,CASAgT,wBAAwBX,CAAqB,CAA2C,CACtF,IAAMY,EAAuD1Z,OAAO+O,MAAM,CAAC,MAO3E,OANA,IAAI,CAACuJ,SAAS,CAACC,OAAO,CAAC,AAACoB,IACtBD,CAAW,CAACC,EAASL,WAAW,CAAC,CAAG,CAAA,EACpCK,EAASH,OAAO,CAACjB,OAAO,CAAC,AAAChR,IACxBmS,CAAW,CAACC,EAASL,WAAW,CAAC,CAAC/R,EAAO,CAAG,IAAI,CAACsR,kBAAkB,CAACC,EAAaa,EAASL,WAAW,CAAE/R,EACzG,EACF,GACOmS,CACT,CACF,CCvFO,MAAME,uBAGHC,CAAAA,YAAAA,AACAC,CAAAA,aAAAA,AACR,aACEC,CAA0B,CAC1BC,CAA4B,CACpBtL,CAAoE,CAC5E,MADQA,oBAAAA,CAAAA,EAER,IAAI,CAACmL,YAAY,CAAGE,EAAaE,UAAU,CAAG7B,GAAWM,QAAQ,CAACqB,EAAaE,UAAU,EAAI,KAC7F,IAAI,CAACH,aAAa,CAAGE,EAAc5O,IAAI,CAAC,AAAC7E,GACvC,AAAKA,EAAK0T,UAAU,EAKpB,IAAI,CAACJ,YAAY,CAAGzB,GAAWM,QAAQ,CAACnS,EAAK0T,UAAU,EAChD,IAAI,CAACJ,YAAY,GALtBtG,GAAa,oFACN,IAAI6E,GAAW,EAAE,CAAE,EAAE,GAMlC,CAKA,MAAc8B,oBAA0C,CACtD,IAAMC,EAAgB,MAAM,IAAI,CAACL,aAAa,CACxC/E,EAAe,IAAI,CAACrG,oBAAoB,CAACuG,eAAe,UAG9D,AAAKF,GAAcqF,cAActR,OAI1BqR,EAAcxB,oBAAoB,CAAC5D,EAAaqF,YAAY,EAH1DD,CAIX,CAMAE,wBAAoD,CAClD,GAAI,CAAC,IAAI,CAACR,YAAY,CACpB,OAAO,KAGT,IAAM9E,EAAe,IAAI,CAACrG,oBAAoB,CAACuG,eAAe,UAG9D,AAAKF,GAAcqF,cAActR,OAI1B,IAAI,CAAC+Q,YAAY,CAAClB,oBAAoB,CAAC5D,EAAaqF,YAAY,EAH9D,IAAI,CAACP,YAAY,AAI5B,CAEAS,gBAA6D,CAC3D,OAAO,IAAI,CAACJ,kBAAkB,GAAG9O,IAAI,CACnC,AAACmP,GAAWA,EAAOd,uBAAuB,CAAC,IAAI,CAACe,OAAO,IAE3D,CAEAC,iBAA+D,CAAC1B,EAAYxR,KAC1E,IAAMmT,EAAkB,IAAI,CAACL,sBAAsB,GACnD,MAAO,CAAC,CAACK,GAAiB7B,mBAAmB,IAAI,CAAC2B,OAAO,GAAIzB,EAAsBxR,EACrF,CAAA,AAEAoT,CAAAA,aAAuD,CAAC5B,EAAYxR,IAC3D,IAAI,CAAC2S,kBAAkB,GAAG9O,IAAI,CAAC,AAACmP,GACrCA,EAAO1B,kBAAkB,CAAC,IAAI,CAAC2B,OAAO,GAAIzB,EAAsBxR,GAEpE,AAEQiT,CAAAA,SAAU,CAChB,IAAMI,EAAU,IAAI,CAAClM,oBAAoB,CAACmM,UAAU,UACpD,AAAKD,EAOEA,EAAQzJ,KAAK,EAAI,EAAE,CANjB,EAAE,AAOb,CACF,CCrFO,MAAM2J,uDAGXC,CAAAA,OAAAA,AAEA,aACUtM,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAAC0K,OAAO,CAAG,IAAI,CAACrM,oBAAoB,CAACM,iBAAiB,CACxD,MAAOzI,IACLmH,GAAc,+BAAgCnH,EAAM,CAClDsJ,gBAAiB,SACjBqG,UAAW,SACX8E,cAAe,SACf/L,yBAA0B,QAC5B,GACA,GAAM,CAAElD,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA,OAAO,IAAI,CAAC4M,cAAc,CAACrJ,iBAAiB,CAAqD,CAC/FiE,IAAK,8BACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CAEA,MAAMgP,QAA8C,CAClD,GAAM,CAAElP,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GACnG,OAAO,IAAI,CAAC2C,cAAc,CAACrJ,iBAAiB,CAA6B,CACvEiE,IAAK,6BACL7I,KAAM,CACJuL,iBAAAA,EACAC,cAAAA,CACF,EACA3G,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,CAEA,MAAMzF,KAAwC,CAC5C,OAAO,IAAI,CAACiI,cAAc,CAACG,QAAQ,CAA0B,CAC3DvF,IAAK,sBACLhE,OAAQ,KACV,EACF,CACF,CC/CO,MAAM6V,sCAGX,aACEzM,CAAwC,CAC9BC,CAAoE,CAC9E,MAFUD,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,CACT,CAEH,MAAMyM,iBAAiB5U,CAAoC,CAA4C,CAMrG,OALAmH,GAAc,+BAAgCnH,EAAM,CAClD6U,aAAc,iBACdC,kBAAmB,gBACrB,GAEO,MAAM,IAAI,CAAC5M,cAAc,CAACG,QAAQ,CAAkC,CACzEvF,IAAK,YACLhE,OAAQ,OACR7E,KAAM+F,CACR,EACF,CAEA,MAAM+U,iBAAiB/U,CAAoC,CAA4C,CAOrG,OANAmH,GAAc,+BAAgCnH,EAAM,CAClDgV,cAAe,SACfH,aAAc,iBACdC,kBAAmB,gBACrB,GAEO,MAAM,IAAI,CAAC5M,cAAc,CAACG,QAAQ,CAAkC,CACzEvF,IAAK,CAAC,UAAU,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CACtClW,OAAQ,MACR7E,KAAM+F,CACR,EACF,CAEA,MAAMiV,iBAAiBC,CAAoB,CAA4C,CASrF,OARA/N,GACE,+BACA,CAAE6N,cAAeE,GACjB,CACEF,cAAe,QACjB,GAGK,MAAM,IAAI,CAAC9M,cAAc,CAACG,QAAQ,CAAkC,CACzEvF,IAAK,CAAC,UAAU,EAAEoS,EAAAA,CAAc,CAChCpW,OAAQ,QACV,EACF,CAEA,MAAMqW,eAAuD,CAC3D,OAAO,MAAM,IAAI,CAACjN,cAAc,CAACG,QAAQ,CAA+B,CACtEvF,IAAK,YACLhE,OAAQ,KACV,EACF,CAEA,MAAMsW,oBAAoBpV,CAAuC,CAA+C,CAM9G,OALAmH,GAAc,kCAAmCnH,EAAM,CACrDqV,MAAO,iBACPC,OAAQ,gBACV,GAEO,MAAM,IAAI,CAACpN,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,mBACLhE,OAAQ,OACR7E,KAAM+F,CACR,EACF,CAEA,MAAMuV,YAAYL,CAAoB,CAAuC,CAQ3E,OAPA/N,GACE,0BACA,CAAE+N,aAAAA,GACF,CACEA,aAAc,QAChB,GAEK,MAAM,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAA6B,CACpEvF,IAAK,yBACLhE,OAAQ,OACR7E,KAAM,CAAE+a,cAAeE,CAAa,CACtC,EACF,CAEA,MAAMM,eAAeN,CAAoB,CAA0C,CASjF,OARA/N,GACE,6BACA,CAAE+N,aAAAA,GACF,CACEA,aAAc,QAChB,GAGK,MAAM,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAAgC,CACvEvF,IAAK,4BACLhE,OAAQ,OACR7E,KAAM,CAAE+a,cAAeE,CAAa,CACtC,EACF,CAEA,MAAMO,aAAaP,CAAoB,CAAwC,CAS7E,OARA/N,GACE,2BACA,CAAE+N,aAAAA,GACF,CACEA,aAAc,QAChB,GAGK,MAAM,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAA8B,CACrEvF,IAAK,0BACLhE,OAAQ,OACR7E,KAAM,CAAE+a,cAAeE,CAAa,CACtC,EACF,CACF,CC/GO,MAAMQ,wDAGX,aACUxN,CAA8B,CAC9BoG,CAAiC,CACjCnG,CAAoE,CAC5E,MAHQD,cAAAA,CAAAA,OACAoG,iBAAAA,CAAAA,OACAnG,oBAAAA,CAAAA,CACP,CAEHlI,IAAM,UACJ,IAAMX,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAsC,CACnFvF,IAAK,gCACLhE,OAAQ,KACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,EAAKkR,MAAM,AACpB,CAAA,AAEA/B,CAAAA,QAAU,IACD,IAAI,CAACtG,oBAAoB,CAAC+H,SAAS,EAC5C,AAEAvB,CAAAA,QAAU,IAAmB,CAAA,CAC3B6B,OAAQ,IAAI,CAAC/B,OAAO,GACpBG,UAAW,IAAI,CAACzG,oBAAoB,CAAC0G,YAAY,EACnD,CAAA,CAAA,AAEAC,CAAAA,SAAW,AAACC,GACH,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,GAAUwK,EAASxK,GAAOiM,QAAU,MACzF,AAEAvB,CAAAA,OAAS,MAAOjP,IACdmH,GAAc,qBAAsBnH,EAAM,CACxCxG,KAAM,iBACNmc,mBAAoB,iBACpBC,aAAc,kBACdjF,iBAAkB,iBAClBkF,mBAAoB,gBACtB,GAEA,IAAMvW,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAA0B,CACvEvF,IAAK,oCACL7I,KAAM+F,EACNlB,OAAQ,KACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEAyQ,CAAAA,qBAAuB,UACrB,IAAMzQ,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAwC,CACrFvF,IAAK,+CACLhE,OAAQ,QACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA2Q,CAAAA,cAAgB,UACd,IAAM3Q,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAkC,CAC/EvF,IAAK,wCACLhE,OAAQ,QACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEAuQ,CAAAA,eAAiB,MAAOC,IACtB,IAAMxQ,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAkC,CAC/EvF,IAAK,CAAC,qCAAqC,EAAEgN,EAAAA,CAAY,CACzDhR,OAAQ,QACV,GAEA,OADA,IAAI,CAACqJ,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA8Q,CAAAA,mBAAqB,MACnBpQ,IAEA,IAAMV,EAAO,MAAM,IAAI,CAACgP,iBAAiB,CAACjG,QAAQ,CAAsC,CACtFvF,IAAK,kDACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEA,OADA,IAAI,CAACmI,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA+Q,CAAAA,iBAAmB,MAAOrQ,IACxB,IAAMV,EAAO,MAAM,IAAI,CAACgP,iBAAiB,CAACjG,QAAQ,CAAoC,CACpFvF,IAAK,gDACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEA,OADA,IAAI,CAACmI,oBAAoB,CAACoI,YAAY,CAACjR,EAAKkR,MAAM,EAC3ClR,CACT,CAAA,AAEA+P,CAAAA,iBAAmB,SACV,IAAI,CAACnH,cAAc,CAACG,QAAQ,CAAoC,CACrEvF,IAAK,4CACLhE,OAAQ,KACV,EACF,AAEAwR,CAAAA,mBAAqB,MACnBtQ,GAEO,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAsC,CACvEvF,IAAK,CAAC,0CAA0C,EAAE9C,EAAKuP,gBAAgB,CAAC,OAAO,CAAC,CAChFzQ,OAAQ,MACV,EACF,AACF,CClHO,MAAMgX,sCAGXrH,CAAAA,QAAU,IACD,IAAI,CAACtG,oBAAoB,CAACmM,UAAU,EAC7C,AAEA3F,CAAAA,QAAU,IAA0B,CAAA,CAClC0F,QAAS,IAAI,CAAC5F,OAAO,GACrBG,UAAW,IAAI,CAACzG,oBAAoB,CAAC0G,YAAY,EACnD,CAAA,CAAA,AAEAC,CAAAA,SAAW,AAACC,GACH,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,GAAUwK,EAASxK,GAAO8P,SAAW,MAC1F,AAEA0B,CAAAA,OAAS,MAAOta,IASd,GAAI,CACF,IAAM6D,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAwB,CACrEvF,IAAK,uBACLhE,OAAQ,MACV,GAIA,OAFA,IAAI,CAACqJ,oBAAoB,CAACgH,YAAY,GAE/B7P,CAET,CAAE,MAAOxD,EAAY,CAMnB,MALIL,GAASua,WACX,IAAI,CAAC7N,oBAAoB,CAACgH,YAAY,GAC7BpU,EAA0BmF,QAAQ,CAACpE,EAAMvB,UAAU,GAC5D,IAAI,CAAC4N,oBAAoB,CAACgH,YAAY,GAElCrT,CACR,CACF,CAAA,AAEAma,CAAAA,gBAAkB,MAAOxa,IACvB0L,GAAc,iCAAkC1L,EAAS,CACvDkU,UAAW,QACb,GAEO,MAAM,IAAI,CAACzH,cAAc,CAACG,QAAQ,CAAwB,CAC/DvF,IAAK,CAAC,qBAAqB,EAAErH,EAAQkU,SAAS,CAAA,CAAE,CAChD7Q,OAAQ,MACV,GACF,AAEQoX,CAAAA,cAAgB,MACtBza,IAEA,IAAM0a,EAAiB,IAAI,CAAChO,oBAAoB,CAACmM,UAAU,GACrD8B,EAAiB,IACrBD,GAAgBE,oBAAsB,IAAI,CAAClO,oBAAoB,CAACmM,UAAU,IAAI+B,kBAEhF,GAAI,CACF,IAAMjN,EAAc,CAClBV,yBAA0BjN,GAASiN,wBACrC,EACMpJ,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACG,QAAQ,CAAwD,CACrGvF,IAAK,6BACL7I,KAAMmP,EACNtK,OAAQ,MACV,GAEA,GAAIsX,IAGF,OAAO,IAAI,CAACF,aAAa,CAACza,GAG5B,OAAO6D,CAET,CAAE,MAAOxD,EAAY,CACnB,GAAIsa,IAGF,OAAO,IAAI,CAACF,aAAa,CAACza,EAM5B,OAHIV,EAA0BmF,QAAQ,CAACpE,EAAMvB,UAAU,GACrD,IAAI,CAAC4N,oBAAoB,CAACmO,cAAc,GAEpCxa,CACR,CACF,CAAA,AAEA+N,CAAAA,YAAAA,AAIAR,CAAAA,QAAAA,AAEAkN,CAAAA,mBAAAA,AAIAC,CAAAA,MAAAA,AAEA,aACEtO,CAAsC,CAC9BC,CAAoE,CAC5E,MAFQD,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,EAER,IAAI,CAAC0B,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,IAAI,CAACyN,aAAa,EAElF,IAAI,CAAC7M,QAAQ,CAAG,IAAI,CAAClB,oBAAoB,CAACM,iBAAiB,CAAC,MAAOzI,IACjEmH,GAAc,0BAA2BnH,EAAM,CAC7CsJ,gBAAiB,SACjBZ,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEO,IAAI,CAACrB,cAAc,CAACG,QAAQ,CAAoD,CACrFvF,IAAK,yBACL7I,KAAM+F,EACNlB,OAAQ,MACV,KAGF,IAAI,CAACyX,mBAAmB,CAAG,IAAI,CAACpO,oBAAoB,CAACM,iBAAiB,CACpE,MAAOzI,IACLmH,GAAc,0BAA2BnH,EAAM,CAC7CyW,aAAc,SACd/N,yBAA0B,QAC5B,GACO,IAAI,CAACR,cAAc,CAACG,QAAQ,CAA+D,CAChGvF,IAAK,sCACL7I,KAAM+F,EACNlB,OAAQ,MACV,KAIJ,IAAI,CAAC0X,MAAM,CAAG,IAAI,CAACrO,oBAAoB,CAACM,iBAAiB,CAAC,MAAOzI,IAC/DmH,GAAc,wBAAyBnH,EAAM,CAC3CsJ,gBAAiB,iBACjBoN,WAAY,SACZnJ,MAAO,SACP7E,yBAA0B,gBAC5B,GAEO,IAAI,CAACR,cAAc,CAACG,QAAQ,CAAkD,CACnFvF,IAAK,uBACL7I,KAAM+F,EACNlB,OAAQ,MACV,IAEJ,CAEA6X,WAAY,CACV,OAAO,IAAI,CAACxO,oBAAoB,CAACwO,SAAS,EAK5C,CAEAC,cAAcC,CAA2B,CAAQ,CAC/C1P,GAAc,+BAAgC0P,EAAQ,CACpDC,cAAe,SACfC,YAAa,gBACf,GACA,IAAI,CAAC5O,oBAAoB,CAAC6O,YAAY,CAACH,EACzC,CACF,CCzJO,MAAMI,2FAGXpN,CAAAA,YAAAA,AAEA,aACE3B,CAAwC,CACxCC,CAA8E,CAC9EkC,CAAoC,CAC1ByC,CAA6B,CAC7BvC,CAAe,CACfT,CAA2C,CACrD,MANU5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACAkC,YAAAA,CAAAA,OACAyC,cAAAA,CAAAA,OACAvC,OAAAA,CAAAA,OACAT,gBAAAA,CAAAA,EAEV,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAAC,MAAOhN,IACrE0L,GAAc,0BAA2B1L,EAAS,CAChDyb,UAAW,SACXxO,yBAA0B,SAC1Ba,OAAQ,gBACV,GAEA,IAAM6C,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACuB,SAAS,EAE7C,CAACQ,GACHY,GACE,mNAMJ,GAAM,CAAExH,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAE7FjG,EAAO,MAAM,IAAI,CAAC4I,cAAc,CAACrJ,iBAAiB,CAAiD,CACvGiE,IAAK,wBACLhE,OAAQ,OACR7E,KAAM,CACJiS,mBAAoBE,GAASP,cAC7B,GAAGpQ,CAAO,CACV+J,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EACA6D,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAIA,OAFA,IAAI,CAAC2E,YAAY,CAAC8B,WAAW,GAEtB7M,CACT,EACF,CAEA,MAAgB+N,eAAgB,QAG9B,AVjFgDE,AUiF1B,IAAI,CAAChD,OAAO,CAAC/F,WAAW,CVjFQtE,QAAQ,CAAC,qBUkFtD,IAAI,CAACqK,OAAO,CAACiD,UAAU,CAEzB,IAAI,CAACjD,OAAO,CAACkD,UAAU,AAChC,CAEA,MAAMP,MAAM,CAAE8H,cAAAA,CAAa,CAAEjK,mBAAAA,CAAkB,CAAEE,oBAAAA,CAAmB,CAAmB,CAAiB,CACtG,GAAM,CAAEkM,mBAAAA,CAAkB,CAAE,CAAG,MAAM,IAAI,CAACrK,cAAc,CAClDgB,EAAU,MAAM,IAAI,CAACT,aAAa,GAElCU,EAAW,IAAIhL,IAAI,CAAA,EAAG+K,EAAQ,oBAAoB,CAAC,EAIzD,GAHAC,EAASC,YAAY,CAACC,GAAG,CAAC,eAAgB,IAAI,CAAC1D,OAAO,CAAC/F,WAAW,EAClEuJ,EAASC,YAAY,CAACC,GAAG,CAAC,gBAAiB+G,GAEvCmC,EAAoB,CACtB,IAAM/K,EAAU,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,GAC5DyB,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuB7B,EAAQC,cAAc,CACzE,MACE,IAAI,CAAChC,YAAY,CAAC8B,WAAW,EAG3BpB,CAAAA,GAAoBgD,EAASC,YAAY,CAACC,GAAG,CAAC,qBAAsBlD,GACpEE,GAAqB8C,EAASC,YAAY,CAACC,GAAG,CAAC,sBAAuBhD,GAE1E,IAAI,CAACiD,QAAQ,CAACH,EAChB,CAGAG,SAASpL,CAAQ,CAAE,CACjBkC,OAAOmJ,QAAQ,CAACC,IAAI,CAAGtL,EAAIpB,QAAQ,EACrC,CAEA,MAAM0V,gBAAwD,CAC5D,OAAO,MAAM,IAAI,CAAClP,cAAc,CAACG,QAAQ,CAA+B,CACtEvF,IAAK,WACLhE,OAAQ,KACV,EACF,CAEA,MAAMuY,oBAAoBC,CAAoB,CAA8C,CAC1F,OAAO,MAAM,IAAI,CAACpP,cAAc,CAACG,QAAQ,CAAoC,CAC3EvF,IAAK,CAAC,6CAA6C,EAAEyU,mBAAmBD,GAAAA,CAAe,CACvFxY,OAAQ,KACV,EACF,CAEA,MAAMmW,iBAAiBC,CAAoB,CAA2C,CACpF,OAAO,IAAI,CAAChN,cAAc,CAACG,QAAQ,CAAiC,CAClEvF,IAAK,CAAC,SAAS,EAAEoS,EAAAA,CAAc,CAC/BpW,OAAQ,QACV,EACF,CAEA0Y,KAAO,CACL5C,iBAAkB,MAAO5U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,gBACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEF+U,iBAAkB,MAAO/U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CAC1ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEFyX,sBAAuB,MACrBzX,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAC,IAAI,CAAC,CAC9ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEF0X,8BAA+B,MAC7B1X,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAkD,CACzFvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAC,2BAA2B,EAAEhV,EAAK2X,cAAc,CAAA,CAAE,CAC3F7Y,OAAQ,QACV,GAEF8Y,2BAA4B,MAC1B5X,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAA+C,CACtFvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAC,wBAAwB,EAAEhV,EAAK6X,cAAc,CAAA,CAAE,CACxF/Y,OAAQ,QACV,GAEJ,AAEAgZ,CAAAA,KAAO,CACLlD,iBAAkB,MAAO5U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,gBACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEF+U,iBAAkB,MAAO/U,GAChB,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAqC,CAC5EvF,IAAK,CAAC,cAAc,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CAC1ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEJ,AAEA+X,CAAAA,SAAW,CACTnD,iBAAkB,MAChB5U,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAyC,CAChFvF,IAAK,oBACLhE,OAAQ,OACR7E,KAAM+F,CACR,GAEF+U,iBAAkB,MAChB/U,GAEO,MAAM,IAAI,CAACkI,cAAc,CAACG,QAAQ,CAAyC,CAChFvF,IAAK,CAAC,kBAAkB,EAAE9C,EAAKgV,aAAa,CAAA,CAAE,CAC9ClW,OAAQ,MACR7E,KAAM+F,CACR,GAEJ,AACF,CCxNO,MAAMgY,uDAGXnO,CAAAA,YAAAA,AAEA,aACU3B,CAA8B,CAC9BC,CAAoE,CACpE2B,CAA2C,CACnD,MAHQ5B,cAAAA,CAAAA,OACAC,oBAAAA,CAAAA,OACA2B,gBAAAA,CAAAA,EAER,IAAI,CAACD,YAAY,CAAG,IAAI,CAAC1B,oBAAoB,CAACM,iBAAiB,CAC7D,MAAOzI,IACLmH,GAAc,2BAA4BnH,EAAM,CAC9CsJ,gBAAiB,SACjBqG,UAAW,SACXiB,KAAM,SACNlI,yBAA0B,SAC1BmI,mBAAoB,iBACpBoH,gBAAiB,iBACnB,GACA,GAAM,CAAEzS,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7F6D,EAAc,CAClB,GAAGpJ,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAMjN,KAAAA,CACzF,EAEA,OAAO,IAAI,CAAC4M,cAAc,CAACrJ,iBAAiB,CAAqD,CAC/FiE,IAAK,yBACL7I,KAAMmP,EACNtK,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,EACF,EAEJ,CAEA,MAAM8C,OAAOxI,CAA0B,CAAkC,CACvEmH,GAAc,qBAAsBnH,EAAM,CACxCsJ,gBAAiB,SACjBqG,UAAW,SACXuI,mBAAoB,gBACtB,GACA,GAAM,CAAE1S,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,CAAG,MAAM,IAAI,CAACqE,gBAAgB,CAACvE,2BAA2B,GAC7FmK,EAAW,MAAM,IAAI,CAACxH,cAAc,CAACrJ,iBAAiB,CAAwB,CAClFiE,IAAK,YACL7I,KAAM,CACJ,GAAG+F,CAAI,CACPwF,iBAAAA,EACAC,cAAAA,EACA6C,2BAA4B,MAAO,IAAI,CAACH,oBAAoB,CAACI,2BAA2B,IAAOjN,KAAAA,CACjG,EACAwD,OAAQ,OACRK,cAAe,IAAI,CAAC2K,gBAAgB,CAACpE,sBAAAA,AACvC,GAMA,OAJIgK,EAASC,SAAS,GAAK,IAAI,CAACxH,oBAAoB,CAAC+H,SAAS,IAAIP,WAChE,IAAI,CAACxH,oBAAoB,CAACoI,YAAY,CAACb,EAASc,MAAM,EAGjDd,CACT,CACF,CC1D6BjM,QAAQC,OAAO,CAAC,CAC3CyU,6BAA8B,CAAA,CAChC,GCI6B1U,QAAQC,OAAO,CAAC,CAC3CuG,+BAAgC,CAAA,CAClC,GCK6BxG,QAAQC,OAAO,CAAC,CAC3CoN,8BAA+B,CAAA,CACjC,EChBO,OAAMsH,YACXC,CAAAA,KAAAA,AAEA,aAAoBC,CAAiB,CAAE,MAAnBA,SAAAA,CAAAA,EAClB,IAAI,CAACC,YAAY,EACnB,CAEQA,cAAe,CACrB,IAAIC,EAAiB3X,SAAS4X,aAAa,CAAC,CAAC,OAAO,EAAE,IAAI,CAACH,SAAS,CAAC,EAAE,CAAC,EAwBxE,GArBKE,EAUHxL,GAAYnU,IARZ2f,AADAA,CAAAA,EAAiB3X,SAASC,aAAa,CAAC,SAAA,EACzB4X,GAAG,CAAG,IAAI,CAACJ,SAAS,CACnCE,EAAeG,KAAK,CAACC,QAAQ,CAAG,WAChCJ,EAAeG,KAAK,CAACE,KAAK,CAAG,IAC7BL,EAAeG,KAAK,CAACG,MAAM,CAAG,IAC9BN,EAAeG,KAAK,CAACI,MAAM,CAAG,IAC9BP,EAAevG,IAAI,CAAG,OACtBpR,SAAS5G,IAAI,CAACiH,WAAW,CAACsX,IAaxBA,AAAkC,SAAlCA,EAAevU,OAAO,CAACC,MAAM,CAAa,CAC5C,IAAI,CAACmU,KAAK,CAAG5U,QAAQC,OAAO,CAAC8U,GAC7B,MACF,CAEA,IAAI,CAACH,KAAK,CAAG,IAAI5U,QAAQ,AAACC,IACxB8U,EAAenU,gBAAgB,CAC7B,OACA,KACEmU,EAAevU,OAAO,CAACC,MAAM,CAAG,OAChCR,EAAQ8U,EACV,EACA,CAAEQ,KAAM,CAAA,CAAK,EAEjB,EACF,CAEA,MAAMC,KAAQna,CAAc,CAAEoE,CAAe,CAAc,CACzD,IAAMmV,EAAQ,MAAM,IAAI,CAACA,KAAK,CACxBa,EAAU,IAAIC,eAEpB,OAAO,IAAI1V,QAAQ,CAACC,EAASC,KAC3BuV,EAAQE,KAAK,CAACC,SAAS,CAAG,AAACpS,IACzB,IAAM3H,EAAO2H,EAAMjH,IAAI,CACvBkZ,EAAQE,KAAK,CAACE,KAAK,GACfha,EAAKia,OAAO,CACd7V,EAAQpE,EAAKka,OAAO,EAEpB7V,EAAOkC,GAAgBK,UAAU,CAAC5G,EAAKxD,KAAK,EAEhD,EAOAuc,EAAMoB,aAAa,EAAEC,YALW,CAC9B5a,OAAAA,EACAoE,KAAAA,CACF,EAE0C,IAAI,CAACoV,SAAS,CAAE,CAACY,EAAQS,KAAAA,CAAM,CAC3E,EACF,CACF,CCtEO,MAAMC,kCACX,aACE1R,CAAsC,CAC9B4B,CAA2C,CACnD,MAFQ5B,cAAAA,CAAAA,OACA4B,gBAAAA,CAAAA,CACP,CAEH+P,WAAW1P,CAAa,CAA2B,CACjD,OAAO,IAAI,CAACL,gBAAgB,CAACvE,2BAA2B,GAAGV,IAAI,CAAC,CAAC,CAAEW,iBAAAA,CAAgB,CAAEC,cAAAA,CAAa,CAAE,GAC3F,IAAI,CAACyC,cAAc,CAACG,QAAQ,CAAiB,CAClDvF,IAAK,gBACLhE,OAAQ,OACR7E,KAAM,CAAEkQ,MAAAA,EAAO3E,iBAAAA,EAAkBC,cAAAA,CAAc,CACjD,GAEJ,CAEAqU,aAAa3P,CAAa,CAAEb,CAAuB,CAA6B,CAC9E,OAAO,IAAI,CAACpB,cAAc,CAACG,QAAQ,CAAmB,CACpDvF,IAAK,oCACLhE,OAAQ,OACR7E,KAAM,CAAEwQ,cAAeN,EAAOb,gBAAAA,CAAgB,CAChD,EACF,CACF,CCzBA,MAAMyQ,GACIC,UAAY,CAAA,CAAA,AAEZC,CAAAA,SAAW,IAAIC,GAAAA,AAEhBC,CAAAA,SAASzZ,CAAW,CAAE0Z,CAA+B,CAAE,CAC5D,IAAMC,EAAe,IAAI,CAACJ,QAAQ,CAACha,GAAG,CAACS,GAInC2Z,GAAgBA,IAAiBD,IAC9B,IAAI,CAACJ,SAAS,GACjBhN,GAAYnU,GACZ,IAAI,CAACmhB,SAAS,CAAG,CAAA,GAEnBK,EAAaC,uBAAuB,IAEtC,IAAI,CAACL,QAAQ,CAAChM,GAAG,CAACvN,EAAK0Z,EACzB,CAEOG,WAAW/V,CAAmB,CAAE4V,CAA+B,CAAE,CACtE,IAAMC,EAAe,IAAI,CAACJ,QAAQ,CAACha,GAAG,CAACuE,EACnC6V,CAAAA,GAAgBA,IAAiBD,GACnC,IAAI,CAACH,QAAQ,CAAC/K,MAAM,CAAC1K,EAEzB,CACF,CAOO,MAAMgW,oEAEX,QAAeC,oBAAsB,IAAY,AAIzCC,CAAAA,QAAgD,IAAA,AAGxDC,CAAAA,iCAAQA,AAER,QAAeV,SAAW,IAAIF,EAAAA,AAEtBI,CAAAA,UAAW,CACjBK,GAAeP,QAAQ,CAACE,QAAQ,CAAC,IAAI,CAACS,YAAY,CAAE,IAAI,CAC1D,CAEQL,YAAa,CACnBC,GAAeP,QAAQ,CAACM,UAAU,CAAC,IAAI,CAACK,YAAY,CAAE,IAAI,CAC5D,CAEA,YACUzS,CAE0C,CAClD0S,CAEoD,CAC5CD,CAAoB,CAC5BE,CAAgD,CAChD,MARQ3S,oBAAAA,CAAAA,OAGA0S,sBAAAA,CAAAA,OAGAD,YAAAA,CAAAA,OACAE,QAAAA,CAAAA,EAER,IAAI,CAAC3S,oBAAoB,CAAC6G,gBAAgB,CAAC,IAAI,CAAC+L,aAAa,CAC/D,CAOAC,0BAA2B,CAEzB,IAAI,CAACC,0BAA0B,GAC5BpW,IAAI,CAAC,KACJ,IAAI,CAACqW,yBAAyB,EAChC,GACCC,KAAK,CAAC,AAACrf,IACNkR,GAAY,gFAAiF,CAAElR,MAAAA,CAAM,GACrG,IAAI,CAACqM,oBAAoB,CAACmO,cAAc,EAC1C,EACJ,CAEQ4E,2BAA4B,CAElC,IAAI,CAACZ,uBAAuB,GAC5B,IAAI,CAACH,QAAQ,GAEb,IAAI,CAACO,OAAO,CAAGU,WAAW,KACxB,IAAI,CAACJ,wBAAwB,EAC/B,EAAGR,GAAeC,mBAAmB,CACvC,CAEAH,yBAA0B,CACH,OAAjB,IAAI,CAACI,OAAO,GACd,IAAI,CAACH,UAAU,GAEfc,aAAa,IAAI,CAACX,OAAO,EACzB,IAAI,CAACA,OAAO,CAAG,KAEnB,CASQK,cAAgB,AACtBxW,IAEIA,AAAS,MAATA,GAAiBA,EAAM+W,sBAAsB,EAC/C,CAAA,IAAI,CAACX,iCAAiC,CAAGpW,EAAM+W,sBAAsB,AAAtBA,EAG5B/W,GC/HyE8P,QDgI5F,IAAI,CAAC6G,yBAAyB,GAE9B,IAAI,CAACZ,uBAAuB,EAEhC,CAAA,AAMQW,CAAAA,2BAA6B,UACnC,IAAIM,EAAQ,EACZ,OACE,GAAI,CACF,IAAM9f,EAAsC,CAC1CiN,yBAA0B,IAAI,CAACoS,QAAQ,CAACU,gBAAgB,CAAG,IAAI,CAACb,iCAAiC,CAAGrf,KAAAA,CACtG,EAEA,OAAO,MAAM,IAAI,CAACuf,sBAAsB,CAAChR,YAAY,CAACpO,EACxD,CAAE,MAAOtB,EAAK,CACZ,GAAIqgB,GAAeiB,oBAAoB,CAACthB,GACtC,OAAOsJ,QAAQE,MAAM,CAACxJ,EAExBohB,CAAAA,IACA,MAAM,IAAI9X,QAAQ,AAACiY,GAASN,WAAWM,EAAMlB,GAAemB,iBAAiB,CAACJ,IAChF,CAEJ,CAAA,AAIA,QAAOI,kBAAkBJ,CAAa,CAAE,CAItC,OAHAA,EAAQK,KAAKC,GAAG,CAACN,EAAO,GAGjBO,AAFQF,KAAKG,KAAK,CAACH,AAAgB,IAAhBA,KAAK5Z,MAAM,IAAY,IACjC,IAAO,GAAKuZ,CAE9B,CAGA,OAAOE,qBAAqB3f,CAAU,CAAE,CACtC,OAAOf,EAA0BmF,QAAQ,CAACpE,EAAMvB,UAAU,CAC5D,CACF,CEpKO,MAAMyhB,kCACX,aACE7T,CAA0F,CACzE8T,CAAa,CAC9B,MAFiB9T,oBAAAA,CAAAA,OACA8T,UAAAA,CAAAA,CAChB,CAEIC,cAAgD,AAACnN,GAC/C,IAAI,CAAC5G,oBAAoB,CAAC6G,gBAAgB,CAAC,AAACzK,IACjDwK,EAASxK,GAAS,IAAI,CAAC0X,UAAU,CACnC,EACF,AACF,CCpBA,IAAME,GAAaC,OAAO,uBAQpBC,GAAc,AAACC,GAGZ,IAAIC,MADE,KAAO,EACG,CACrBtc,IAAAA,CAAIuc,EAAQC,IACV,AAAKA,IAAiBN,IAGfE,GAAYC,EAAO,IAAM/gB,OAAOkhB,IAEzCC,QACE,MAAM,AAAIrjB,MCEV,CAAC,8CAA8C,EDFCijB,ECEM;;;;;;;;;;;;;;;;;AAiBvB,qCAAA,CAAC,CDlBlC,CACF,GEQIK,GAAsB,YACtBC,GAAoB,IAAsB,CAAA,CAC9CC,iBAAkB,CAAA,EAClBC,YAAa,KACbxP,YAAa,KACbyP,aAAc,CAAC,aAAa,CAC5BC,gBAAiB,CAAE9X,QAAS,CAAA,CAAM,EAClC+E,+BAAgC,CAAA,EAChC6G,8BAA+B,CAAA,EAC/BjD,qBAAsB,CAAA,EACtBsJ,mBAAoB,CAAA,EACpB8F,YAAa,KACbC,0BAA2B,CAAA,EAC3BC,eAAgB,KAChBpY,oBAAqB,CAAA,EACrB2O,WAAY,KACZyE,6BAA8B,CAAA,EAC9BiF,SAAU,MAGL,OAAMC,yCACMC,CAAAA,qBAAAA,AAEjB,aACU1C,CAAoB,CACpB1S,CAA8B,CAC9BqV,CAAoE,CAC5E,MAHQ3C,YAAAA,CAAAA,OACA1S,cAAAA,CAAAA,OACAqV,UAAAA,CAAAA,EAKR,IAAI,CAACD,qBAAqB,CAAG,IAAI,CAACpV,cAAc,CAC7CG,QAAQ,CAAmB,CAC1BvF,IAAK,CAAC,oBAAoB,EAAE,IAAI,CAAC8X,YAAY,CAAA,CAAE,CAC/C9b,OAAQ,KACV,GACC+F,IAAI,CAACwY,GAAqBG,gBAAgB,EAC1C3Y,IAAI,CAAC,AAAC7E,IACL,IAAI,CAACud,UAAU,CAACE,OAAO,CAACd,GAAqB9hB,KAAKC,SAAS,CAACkF,IACrDA,IAERmb,KAAK,CAAC,AAACrf,IACNkR,GAAalR,GACN8gB,MAEb,CAEA,OAAOY,iBAAiB9N,CAA0B,CAAiB,CACjE,IAAMyN,EACJzN,AAA6B,OAA7BA,EAASgO,eAAe,CACpB,CACEC,eAAgBjO,EAASgO,eAAe,CAACE,eAAe,CACxDC,iBAAkBnO,EAASgO,eAAe,CAACI,kBAAAA,EAE7C,KAEN,MAAO,CACLhB,YAAapN,EAASqO,YAAY,CAClClB,iBAAkB,CAACnN,EAASsO,qBAAqB,CACjDhB,gBAAiBtN,EAASuO,gBAAgB,CAC1C3Q,YAAaoC,EAASwO,YAAY,CAClCnB,aAAcrN,EAASyO,aAAa,CAEpClU,+BAAgCyF,EAAS0O,mCAAmC,CAC5EtN,8BAA+BpB,EAAS2O,iCAAiC,CACzExQ,qBAAsB6B,EAAS4O,uBAAuB,CACtDnH,mBAAoBzH,EAAS6O,qBAAqB,CAClDtB,YAAavN,EAAS8O,YAAY,CAClCtB,0BAA2BxN,EAAS+O,2BAA2B,CAC/DtB,eAAAA,EACApY,oBAAqB2K,EAASgP,0BAA0B,EAAI,CAAA,EAC5DtZ,qBAAsBsK,EAASiP,uBAAuB,CACtDjL,WAAYhE,EAASkP,WAAW,EAAI,KACpCzG,6BAA8BzI,EAASmP,gCAAgC,CACvEzB,SAAU1N,EAAS0N,QAAAA,AACrB,CACF,CAEA3O,SAAyB,CACvB,IAAMqQ,EAAS,IAAI,CAACvB,UAAU,CAACwB,OAAO,CAACpC,IACvC,GAAImC,AAAW,OAAXA,EACF,OAAOlC,KAET,GAAI,CACF,OAAO/hB,KAAKmkB,KAAK,CAACF,EACpB,CAAE,KAAM,CACN,OAAOlC,IACT,CACF,CAEAqC,UAAmC,CACjC,OAAO,IAAI,CAAC3B,qBAAqB,AACnC,CACF,CCnHO,MAAM4B,mBACH3a,CAAAA,KAAAA,AACR,aAAoBI,CAAwC,CAAE,MAA1CA,gBAAAA,CAAAA,EAClB,IAAI,CAACJ,KAAK,CAAGI,EAAiBE,IAAI,CAAC,MAAOC,QAVjBqa,SAWvB,AAAKra,EAAckY,eAAe,CAAC9X,OAAO,CAGnC,CACLka,WAAY,CAAA,EACZC,cAAe,OAhBMF,EAgBoBra,EAAckY,eAAe,CAACmC,OAAO,CAfpF5b,GAAa,CAAC,sDAAsD,EAAE4b,EAAAA,CAAS,CAAE,IAAMna,OAAOsa,UAAU,CAACC,UAAU,GAgB7GJ,QAASra,EAAckY,eAAe,CAACmC,OAAAA,AACzC,EANS,CAAEC,WAAY,CAAA,CAAM,CAO/B,EACF,CAEAxa,iBAAmB,UACjB,GAAM,CAAEya,cAAAA,CAAa,CAAED,WAAAA,CAAU,CAAED,QAAAA,CAAO,CAAE,CAAG,MAAM,IAAI,CAAC5a,KAAK,CAC/D,GAAK6a,EAIL,OADA,MAAM,IAAI3b,QAAc,AAACC,GAAY2b,EAAcG,KAAK,CAAC9b,IAClD2b,EAAcI,OAAO,CAACN,EAAS,CACpCne,OAAQ,OACV,EACF,CAAA,AACF,CChCO,MAAM0e,YACHC,CAAAA,YAAAA,AACR,aAAoBrH,CAAiB,CAAE,MAAnBA,SAAAA,CAAAA,CAAoB,CAOxC,IAAYsH,aAAgC,CAE1C,OADA,IAAI,CAACD,YAAY,CAAG,IAAI,CAACA,YAAY,EAAI,IAAIvH,GAAiB,IAAI,CAACE,SAAS,EACrE,IAAI,CAACqH,YAAY,AAC1B,CAEQ1G,KAAW4G,CAAmB,CAAEzgB,CAAM,CAAc,CAC1D,OAAO,IAAI,CAACwgB,WAAW,CAAC3G,IAAI,CAAI4G,EAAa,CAACzgB,EAAI,CACpD,CAEA0gB,YAA0C,AAAC1gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,cAAe7Z,EAAAA,AAC5E2gB,CAAAA,aAA4C,AAAC3gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,eAAgB7Z,EAAAA,AAC/E4gB,CAAAA,kBAAsD,AAAC5gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,oBAAqB7Z,EAAAA,AAC9F6gB,CAAAA,sBAA8D,AAAC7gB,GAAQ,IAAI,CAAC6Z,IAAI,CAAC,wBAAyB7Z,EAAAA,AAC5G,CCFO,MAAM8gB,gEACHC,CAAAA,WAAAA,AACSrS,CAAAA,OAAAA,AAEjB,aACE8M,CAA4B,CACpBwF,CAAgF,CACxFC,CAAmB,CACnBC,CAAmB,CACnBC,CAAgE,CAChE,MALQ3F,YAAAA,CAAAA,OACAwF,sBAAAA,CAAAA,OAGAG,yBAAAA,CAAAA,EAER,IAAI,CAACzS,OAAO,CAAGuS,EACXG,AzBpByB,CAAA,AAACjT,GAAkBA,EAAMrN,QAAQ,CAAC,oBAAA,EyBoBzC0a,IACpB,CAAA,IAAI,CAAC9M,OAAO,CAAGwS,CAAAA,EAEjB,IAAI,CAACH,WAAW,CAAG,IAAI3Z,GAAY,CACjCC,ahCpCgC,GgCqChCK,mBhCpCsC,IgCqCtCJ,YAAa,IAAI,CAAC+Z,WAAW,CAAC,UAChC,EACF,CAGAC,mBAAqB,IACZ,IACT,AAEA3Z,CAAAA,SAAS,CACPvN,KAAAA,CAAI,CACJF,QAAAA,CAAO,CACPwC,MAAAA,EAAQ,CAAA,CAAE,CAKX,CAAQ,CACP,IAAI,CAACqkB,WAAW,CAACpZ,QAAQ,CAAC,IAAI,CAAC4Z,mBAAmB,GAAI,CACpDC,aAAc,IAAI,CAAChG,YAAY,CAC/BiG,WAAYrnB,EACZF,QAASA,EAGTwnB,WAAYhlB,EAAMglB,UAAU,CAC5BC,kBAAmBjlB,EAAMilB,iBAAiB,CAC1CC,iBAAkBllB,EAAMklB,gBAAAA,AAC1B,EACF,CAEAL,qBAAoC,CAClC,MAAO,CACLM,SzB9C6B,CAAC,SAAS,EAAEC,MAAU,CyBgDnDC,ezB/CkC,CAAC,eAAe,EAAED,MAAU,CyBgD9DE,czB/CkC,CAAC,cAAc,EAAEF,MAAU,CyBiD7DG,eAAgB,IAAIC,OAAOC,WAAW,GACtCC,SAAUC,KAAKC,cAAc,GAAGC,eAAe,GAAGC,QAAQ,CAe1D,GAAG,IAAI,CAACrB,yBAAyB,EAAE,CAGnCsB,IAAK,CACHC,WAAY9c,OAAOmJ,QAAQ,CAACnL,QAAAA,AAC9B,EACA+e,IAAK,CAGHD,WAAY,2BACZE,eACF,CACF,CACF,CAEA,MAAM3Z,SAAmC,CAAEvF,IAAAA,CAAG,CAAE7I,KAAAA,CAAI,CAAE6E,OAAAA,CAAM,CAAkB,CAAc,CAC1F,IAAMmjB,EAAe,IAAI,CAAC7B,sBAAsB,CAAC8B,iBAAiB,GAAGpL,aAAa,CAC5E9X,EAAkB,SAAWgG,OAAOmd,IAAI,CAAC,IAAI,CAACvH,YAAY,CAAG,IAAOqH,CAAAA,GAAgB,IAAI,CAACrH,YAAY,AAAZA,GACzF3b,EAAmB+F,OAAOmd,IAAI,CAACtnB,KAAKC,SAAS,CAAC,IAAI,CAAC6lB,mBAAmB,KACtEzhB,EAAuB8F,OAAOmJ,QAAQ,CAACiU,MAAM,CAEnD,OAAO/iB,GAAgB,CACrBL,gBAAAA,EACA/E,KAAAA,EACA8E,SAAU,IAAI,CAAC0hB,WAAW,CAAC3d,GAC3BhE,OAAAA,EACAG,iBAAAA,EACAC,qBAAAA,CACF,EACF,CAEA,MAAMmjB,cAAc,CAAEvf,IAAAA,CAAG,CAAE7I,KAAAA,CAAI,CAAE6E,OAAAA,CAAM,CAAkB,CAAiB,CACxE,IAAMmjB,EAAe,IAAI,CAAC7B,sBAAsB,CAAC8B,iBAAiB,GAAGpL,aAAa,CAC5E9X,EAAkB,SAAWgG,OAAOmd,IAAI,CAAC,IAAI,CAACvH,YAAY,CAAG,IAAOqH,CAAAA,GAAgB,IAAI,CAACrH,YAAY,AAAZA,GACzF3b,EAAmB+F,OAAOmd,IAAI,CAACtnB,KAAKC,SAAS,CAAC,IAAI,CAAC6lB,mBAAmB,KACtEzhB,EAAuB8F,OAAOmJ,QAAQ,CAACiU,MAAM,CAEnD,OAAO/hB,GAAkB,CACvBrB,gBAAAA,EACA/E,KAAAA,EACA8E,SAAU,IAAI,CAAC0hB,WAAW,CAAC3d,GAC3BhE,OAAAA,EACAG,iBAAAA,EACAC,qBAAAA,CACF,EACF,CAEA,MAAML,kBAA4C,CAChDiE,IAAAA,CAAG,CACH7I,KAAAA,CAAI,CACJ6E,OAAAA,CAAM,CACNK,cAAAA,CAAa,CACW,CAAc,CACtC,IAAM8iB,EAAe,IAAI,CAAC7B,sBAAsB,CAAC8B,iBAAiB,GAAGpL,aAAa,CAC5E9X,EAAkB,SAAWgG,OAAOmd,IAAI,CAAC,IAAI,CAACvH,YAAY,CAAG,IAAOqH,CAAAA,GAAgB,IAAI,CAACrH,YAAY,AAAZA,GACzF3b,EAAmB+F,OAAOmd,IAAI,CAACtnB,KAAKC,SAAS,CAAC,IAAI,CAAC6lB,mBAAmB,KACtEzhB,EAAuB8F,OAAOmJ,QAAQ,CAACiU,MAAM,CAEnD,OAAOvjB,GAAqB,CAC1BG,gBAAAA,EACA/E,KAAAA,EACA8E,SAAU,IAAI,CAAC0hB,WAAW,CAAC3d,GAC3BhE,OAAAA,EACAG,iBAAAA,EACAC,qBAAAA,EACAC,cAAAA,CACF,EACF,CAEAshB,YAAY3d,CAAW,CAAU,CAE/B,MAAO,GAAG,IAAI,CAACgL,OAAO,CAAC,OAAO,EAAEhL,EAAAA,CAAK,AACvC,CACF,CChKA,SAASwf,GAAMC,CAAS,EACtB,IAAI1a,EAAM0a,EAAE7gB,QAAQ,CAAC,IAIrB,OAHImG,AAAe,IAAfA,EAAItF,MAAM,EACZsF,CAAAA,EAAM,IAAMA,CAAAA,EAEPA,CACT,CAaO,MAAM2a,uBACX,aACEjF,CAA4E,CACpEkF,CAAiB,CACzB,MAFQlF,UAAAA,CAAAA,OACAkF,SAAAA,CAAAA,CACP,CAEK/hB,KAAM,CACZ,MAAO,iBAAgC,IAAI,CAAC+hB,SAAS,EAAE,AACzD,CAEA,MAAMnW,sBAA8C,CAClD,IAAMF,EAAU,MAAMoW,GAAYE,kBAAkB,GAEpD,OADA,IAAI,CAACnF,UAAU,CAACE,OAAO,CAAC,IAAI,CAAC/c,GAAG,GAAI7F,KAAKC,SAAS,CAACsR,IAC5CA,CACT,CAEAR,WAAsC,CACpC,IAAM+W,EAAa,IAAI,CAACpF,UAAU,CAACwB,OAAO,CAAC,IAAI,CAACre,GAAG,IACnD,GAAIiiB,AAAe,OAAfA,EAGJ,GAAI,CACF,OAAO9nB,KAAKmkB,KAAK,CAAC2D,EACpB,CAAE,KAAM,CACN3V,GAAY,mDACZ,MACF,CACF,CAEAb,aAAoB,CAClB,OAAO,IAAI,CAACoR,UAAU,CAACqF,UAAU,CAAC,IAAI,CAACliB,GAAG,GAC5C,CAEA,aAAagiB,oBAA4C,KA5ClC7gB,EA6CrB,IAAMghB,EAAQ,IAAIC,YAAY,IAC9B9d,OAAO9C,MAAM,CAACxD,eAAe,CAACmkB,GAC9B,IAAME,EAAerb,MAAMtM,IAAI,CAACynB,GAAO3oB,GAAG,CAACooB,IAAOjoB,IAAI,CAAC,IAIvD,MAAO,CACLgS,cAAAA,EApDmBxK,EAiDN,MAAMmD,OAAO9C,MAAM,CAAC8gB,MAAM,CAACC,MAAM,CAAC,UAAW,IAAIC,cAAcC,MAAM,CAACJ,IA5ChFZ,KAAK5mB,OAAO6nB,YAAY,CAACnK,IAAI,CAAC,QAAS,IAAI5X,WAAWQ,KAC1DwhB,OAAO,CAAC,MAAO,KACfA,OAAO,CAAC,MAAO,KACfA,OAAO,CAAC,MAAO,KA6CdxX,cAAekX,CACjB,CACF,CACF,CCpEA,SAAS9c,GAAQuW,CAAM,EACrB,IAAK,IAAIhb,EAAI,EAAGA,EAAIc,UAAUC,MAAM,CAAEf,IAAK,CACzC,IAAI8hB,EAAShhB,SAAS,CAACd,EAAE,CACzB,IAAK,IAAId,KAAO4iB,EACd9G,CAAM,CAAC9b,EAAI,CAAG4iB,CAAM,CAAC5iB,EAAI,AAE7B,CACA,OAAO8b,CACT,CAwHA,IAAI+G,GAAMC,AAlGV,SAASA,EAAMC,CAAS,CAAEC,CAAiB,EACzC,SAASzV,EAAKvN,CAAG,CAAEC,CAAK,CAAEgjB,CAAU,EAClC,GAAI,AAAoB,IAApB,OAAO9iB,UAMP,AAA8B,UAA9B,MAAO8iB,AAFXA,CAAAA,EAAa1d,GAAO,GAAIyd,EAAmBC,EAAU,EAE/BC,OAAO,EAC3BD,CAAAA,EAAWC,OAAO,CAAG,IAAItC,KAAKA,KAAKuC,GAAG,GAAKF,AAAqB,MAArBA,EAAWC,OAAO,CAAQ,EAEnED,EAAWC,OAAO,EACpBD,CAAAA,EAAWC,OAAO,CAAGD,EAAWC,OAAO,CAACE,WAAW,EAAA,EAGrDpjB,EAAM6W,mBAAmB7W,GACtB2iB,OAAO,CAAC,uBAAwBU,oBAChCV,OAAO,CAAC,QAASW,QAEpB,IAAIC,EAAwB,GAC5B,IAAK,IAAIC,KAAiBP,EACnBA,CAAU,CAACO,EAAc,GAI9BD,GAAyB,KAAOC,EAEE,CAAA,IAA9BP,CAAU,CAACO,EAAc,EAW7BD,CAAAA,GAAyB,IAAMN,CAAU,CAACO,EAAc,CAACC,KAAK,CAAC,IAAI,CAAC,EAAE,AAAD,GAGvE,OAAQtjB,SAASujB,MAAM,CACrB1jB,EAAM,IAAM+iB,EAAUY,KAAK,CAAC1jB,EAAOD,GAAOujB,EAC9C,CA4BA,OAAOxqB,OAAO+O,MAAM,CAClB,CACEyF,IAAKA,EACLhO,IA7BJ,SAAcS,CAAG,EACf,GAAI,AAAoB,IAApB,OAAOG,UAA6ByB,CAAAA,CAAAA,UAAUC,MAAM,EAAK7B,CAAA,GAQ7D,IAAK,IAFD4jB,EAAUzjB,SAASujB,MAAM,CAAGvjB,SAASujB,MAAM,CAACD,KAAK,CAAC,MAAQ,EAAE,CAC5DI,EAAM,CAAA,EACD/iB,EAAI,EAAGA,EAAI8iB,EAAQ/hB,MAAM,CAAEf,IAAK,CACvC,IAAIgjB,EAAQF,CAAO,CAAC9iB,EAAE,CAAC2iB,KAAK,CAAC,KACzBxjB,EAAQ6jB,EAAMC,KAAK,CAAC,GAAGpqB,IAAI,CAAC,KAEhC,GAAI,CACF,IAAIqqB,EAAWX,mBAAmBS,CAAK,CAAC,EAAE,EAG1C,GAFAD,CAAG,CAACG,EAAS,CAAGjB,EAAUkB,IAAI,CAAChkB,EAAO+jB,GAElChkB,IAAQgkB,EACV,KAEJ,CAAE,MAAO7kB,EAAG,CAAC,CACf,CAEA,OAAOa,EAAM6jB,CAAG,CAAC7jB,EAAI,CAAG6jB,EAC1B,EAMIK,OAAQ,SAAUlkB,CAAG,CAAEijB,CAAU,EAC/B1V,EACEvN,EACA,GACAuF,GAAO,CAAA,EAAI0d,EAAY,CACrBC,QAAS,EACrB,GAEM,EACAiB,eAAgB,SAAUlB,CAAU,EAClC,OAAOH,EAAK,IAAI,CAACC,SAAS,CAAExd,GAAO,CAAA,EAAI,IAAI,CAAC0d,UAAU,CAAEA,GAC1D,EACAmB,cAAe,SAAUrB,CAAS,EAChC,OAAOD,EAAKvd,GAAO,GAAI,IAAI,CAACwd,SAAS,CAAEA,GAAY,IAAI,CAACE,UAAU,CACpE,CACN,EACI,CACEA,WAAY,CAAEhjB,MAAOlH,OAAOsrB,MAAM,CAACrB,EAAkB,EACrDD,UAAW,CAAE9iB,MAAOlH,OAAOsrB,MAAM,CAACtB,EAAU,CAClD,EAEA,EAlHuB,CACrBkB,KAAM,SAAUhkB,CAAK,EAInB,MAHIA,AAAa,MAAbA,CAAK,CAAC,EAAE,EACVA,CAAAA,EAAQA,EAAM8jB,KAAK,CAAC,EAAG,GAAE,EAEpB9jB,EAAM0iB,OAAO,CAAC,mBAAoBU,mBAC3C,EACAM,MAAO,SAAU1jB,CAAK,EACpB,OAAO4W,mBAAmB5W,GAAO0iB,OAAO,CACtC,2CACAU,mBAEJ,CACF,EAuGiC,CAAEzH,KAAM,GAAG,GC/DrC,IAAM0I,GAAqB,AAACC,GAO1BC,AALgBC,AADHtkB,CAAAA,SAASujB,MAAM,CAAGvjB,SAASujB,MAAM,CAACD,KAAK,CAAC,MAAQ,EAAE,AAAF,EACjCzR,MAAM,CAAC,AAAC0S,IACzC,GAAM,CAAC5rB,EAAK,CAAG4rB,EAAKjB,KAAK,CAAC,KAC1B,OAAOc,IAAezrB,CACxB,GAEsB+I,MAAM,CAAG,ECrDpB8iB,GAA0B,CAAC7gB,EAAqB9D,IACpD,oBAAmC8D,IAAc9D,EAAM,CAAC,EAAE,EAAEA,EAAAA,CAAK,CAAG,IAAI,CAejF,SAAS4kB,GAAgBC,CAA4B,SACnD,AAAIA,AAAW,MAAXA,EACK,CACLxG,QAAAA,IACS,KAET6D,aAEA,EACAnF,UAEA,CACF,EAGK,CACLsB,QAAQyG,CAAiB,CAAE9kB,CAAe,EACxC,IAAM+kB,EAAuBJ,GAAwBG,EAAW9kB,GAChE,GAAI,CACF,OAAO6kB,EAAQxG,OAAO,CAAC0G,EACzB,CAAE,KAAM,CAEN,OAAO,IACT,CACF,EACAhI,QAAQ+H,CAAiB,CAAE9kB,CAAe,CAAEC,CAAa,EACvD,IAAM8kB,EAAuBJ,GAAwBG,EAAW9kB,GAChE,GAAI,CACEC,GAAO4kB,EAAQ9H,OAAO,CAACgI,EAAsB9kB,EACnD,CAAE,KAAM,CAER,CACF,EACAiiB,WAAW4C,CAAiB,CAAE9kB,CAAe,EAC3C,IAAM+kB,EAAuBJ,GAAwBG,EAAW9kB,GAChE,GAAI,CACF6kB,EAAQ3C,UAAU,CAAC6C,EACrB,CAAE,KAAM,CAER,CACF,CACF,CACF,CAEO,IAAMC,GAAmBJ,GAAgBK,WAAWC,YAAY,EAC1DC,GAAqBP,GAAgBK,WAAWG,cAAc,EAEpE,SAASC,GAAmBR,CAAiB,CAAE/gB,CAAmB,EACvE,MAAO,CACLua,QAAAA,AAAQre,GACC6kB,EAAQxG,OAAO,CAACva,EAAa9D,GAEtC+c,QAAQ/c,CAAe,CAAEC,CAAa,EACpC4kB,EAAQ9H,OAAO,CAACjZ,EAAa9D,EAAKC,EACpC,EACAiiB,WAAWliB,CAAe,EACxB6kB,EAAQ3C,UAAU,CAACpe,EAAa9D,EAClC,CACF,CACF,CChDA,IAAMslB,GAAmB,cAElB,OAAMC,GACXzhB,WAAAA,AACAD,CAAAA,KAAAA,AACiB2hB,CAAAA,uBAAwC,IAAA,AACxCC,CAAAA,eAAgC,IAAA,AAChCC,CAAAA,YAA6B,IAAA,AAC7BC,CAAAA,QAAyB,IAAA,AACzBC,CAAAA,6BAAwC,CAAA,CAAA,AACxCC,CAAAA,eAAgC,IAAA,AAEjDC,CAAAA,aAAAA,AAEiBC,CAAAA,aAAAA,AACRC,CAAAA,qBAAAA,AAET,aAAYliB,CAAmB,CAAE/I,CAA6B,CAAE,KAuB1DkrB,CAtBJ,CAAA,IAAI,CAACniB,WAAW,CAAGA,EACnB,IAAI,CAACD,KAAK,CAAG,KACb,IAAI,CAACiiB,aAAa,CAAG,CAAA,EAGrB,IAAI,CAACC,aAAa,CAAGV,GAAmBL,GAAkBlhB,GAC1D,IAAI,CAACkiB,qBAAqB,CAAGX,GAAmBF,GAAoBrhB,GAEhE/I,GAASmrB,gBACX,IAAI,CAACV,sBAAsB,CAAGzqB,EAAQmrB,aAAa,CAACC,qBAAqB,EAAI,KAC7E,IAAI,CAACV,cAAc,CAAG1qB,EAAQmrB,aAAa,CAACE,aAAa,EAAI,KAC7D,IAAI,CAACV,WAAW,CAAG3qB,EAAQmrB,aAAa,CAACtK,IAAI,EAAI,KACjD,IAAI,CAAC+J,OAAO,CAAG5qB,EAAQmrB,aAAa,CAACG,MAAM,EAAI,KAC/C,IAAI,CAACT,4BAA4B,CAAG7qB,EAAQmrB,aAAa,CAACI,qBAAqB,EAAI,CAAA,EACnF,IAAI,CAACT,cAAc,CAAG9qB,EAAQmrB,aAAa,CAACK,aAAa,EAAI,MAG/D,MAAMC,EAAoB,IAAI,CAACT,aAAa,CAAC1H,OAAO,CAAC,IAErD,GAAI,CAACmI,EACH,OAGF,GAAI,CACFP,EAAc9rB,KAAKmkB,KAAK,CAACkI,EAC3B,CAAE,KAAM,CAEN,IAAI,CAACC,kBAAkB,GACvB,MACF,CAEA,IAAI,CAAC5iB,KAAK,CAAGoiB,CACf,CAEA,IAAcE,uBAAgC,CAC5C,OAAO,IAAI,CAACX,sBAAsB,EAxDR,gBAyD5B,CAEA,IAAcY,eAAwB,CACpC,OAAO,IAAI,CAACX,cAAc,EA3DI,oBA4DhC,CAEA,IAAcc,eAAwB,CACpC,OAAO,IAAI,CAACV,cAAc,EA9DmB,mCA+D/C,CAEArE,mBAAoB,CAClB,MAAO,CACLpL,cAAesQ,GAAQnnB,GAAG,CAAC,IAAI,CAAC4mB,qBAAqB,EACrD9P,YAAaqQ,GAAQnnB,GAAG,CAAC,IAAI,CAAC6mB,aAAa,CAC7C,CACF,CAEAO,oCAAqC,CACnC,OAAOD,GAAQnnB,GAAG,CAAC,IAAI,CAACgnB,aAAa,CACvC,CAEAK,mBAAmBC,CAA6C,CAAE,CAChE,GAAM,CAAEhjB,MAAAA,CAAK,CAAEuS,cAAAA,CAAa,CAAEC,YAAAA,CAAW,CAAE,CAAGwQ,EAExCC,EAAavB,GAAsBwB,kBAAkB,CAAC,CAC1DC,UAAWnjB,GAAO8P,SAASsT,YAAc,GACzCX,sBAAuB,IAAI,CAACV,4BAA4B,CACxDhK,KAAM,IAAI,CAAC8J,WAAW,CACtBW,OAAQ,IAAI,CAACV,OAAAA,AACf,EAEImB,CAAAA,EAAWT,MAAM,EACnB,IAAI,CAACa,aAAa,CAACJ,EAAWT,MAAM,EAGtCK,GAAQnZ,GAAG,CAAC,IAAI,CAAC4Y,qBAAqB,CAAE/P,EAAe0Q,GACvDJ,GAAQnZ,GAAG,CAAC,IAAI,CAAC6Y,aAAa,CAAE/P,EAAayQ,GAS7C,IAAMK,EAAyB5B,GAAsBwB,kBAAkB,CAAC,CACtEC,UAAWnjB,GAAO8P,SAASsT,YAAc,GACzCX,sBAAuB,CAAC,IAAI,CAACV,4BAA4B,CACzDhK,KAAM,IAAI,CAAC8J,WAAW,CACtBW,OAAQ,IAAI,CAACV,OAAAA,AACf,EAEIwB,CAAAA,EAAuBd,MAAM,EAC/B,IAAI,CAACa,aAAa,CAACC,EAAuBd,MAAM,EAG9C/B,GAAmB,IAAI,CAAC8B,aAAa,GACvCM,GAAQxC,MAAM,CAAC,IAAI,CAACkC,aAAa,CAAEe,GAGjC7C,GAAmB,IAAI,CAAC6B,qBAAqB,GAC/CO,GAAQxC,MAAM,CAAC,IAAI,CAACiC,qBAAqB,CAAEgB,GAGzC7C,GAAmB,IAAI,CAAC8B,aAAa,GACvC9Z,GACE,2JAIAgY,GAAmB,IAAI,CAAC6B,qBAAqB,GAC/C7Z,GAAY,mDAEhB,CAEA8a,oCAAoCC,CAAW,CAAE,CAE/C,IAAMC,EAAgB,IAAI1G,KAAKA,KAAKuC,GAAG,GAAK,KACtC2D,EAAavB,GAAsBwB,kBAAkB,CAAC,CAC1DC,UAAWM,EAActmB,QAAQ,GACjCslB,sBAAuB,IAAI,CAACV,4BAA4B,CACxDhK,KAAM,IAAI,CAAC8J,WAAW,CACtBW,OAAQ,IAAI,CAACV,OAAAA,AACf,GAEAe,GAAQnZ,GAAG,CAAC,IAAI,CAACgZ,aAAa,CAAEc,EAAKP,EACvC,CAEAS,qBAAsB,CACpB,IAAI,CAACC,aAAa,CAAC,CAAC,IAAI,CAACrB,qBAAqB,CAAE,IAAI,CAACC,aAAAA,CAAc,CACrE,CAEAqB,iBAAkB,CAChB,IAAI,CAACD,aAAa,CAAC,CAAC,IAAI,CAACjB,aAAAA,CAAc,CACzC,CAEAiB,cAAcE,CAAyB,CAAE,CAcvC,IAAMC,EAAiB,IAAI,CAACC,cAAc,GAIpCC,EAAgB,IAAI,IAAIC,IAFX,CAAC,IAAI,CAACnC,OAAO,CAAE,QAASgC,EAAe,EAEZ,CAE9C,CAAC,CAAA,EAAM,CAAA,EAAM,CAACrW,OAAO,CAAC,AAACgV,IACrB,CAAC,IAAI,CAACZ,WAAW,CAAE,KAAK,CAACpU,OAAO,CAAC,AAACsK,IAChCiM,EAAcvW,OAAO,CAAC,AAAC+U,IACrB,IAAMS,EAAavB,GAAsBwB,kBAAkB,CAAC,CAC1DC,UAAW,IAAIpG,KAAK,GAAG5f,QAAQ,GAC/BslB,sBAAAA,EACA1K,KAAAA,EACAyK,OAAAA,CACF,GACAqB,EAAgBpW,OAAO,CAAC,AAACiT,IACvBmC,GAAQxC,MAAM,CAACK,EAAYuC,EAC7B,EACF,EACF,EACF,EACF,CAEAL,oBAA2B,CACzB,IAAI,CAACV,aAAa,CAAChJ,OAAO,CAAC,GAAI5iB,KAAKC,SAAS,CAAC,IAAI,CAACyJ,KAAK,EAC1D,CAEAwa,QAAQre,CAAe,CAAiB,CACtC,OAAO,IAAI,CAAC+lB,aAAa,CAAC1H,OAAO,CAACre,EACpC,CAEA+c,QAAQ/c,CAAe,CAAEC,CAAa,CAAQ,CAC5C,IAAI,CAAC8lB,aAAa,CAAChJ,OAAO,CAAC/c,EAAKC,EAClC,CAEAiiB,WAAWliB,CAAe,CAAQ,CAChC,IAAI,CAAC+lB,aAAa,CAAC7D,UAAU,CAACliB,EAChC,CAKA4nB,gBAAmC,CACjC,IAAMG,EAAgB,IAAI,CAAC1J,OAAO,CAACiH,IAEnC,GAAI,CAACyC,EACH,MAAO,EAAE,CAGX,GAAI,CACF,IAAMC,EAAS7tB,KAAKmkB,KAAK,CAACyJ,GAC1B,OAAO/gB,MAAMC,OAAO,CAAC+gB,GAAUA,EAAS,EAAE,AAC5C,CAAE,KAAM,CACN,MAAO,EAAE,AACX,CACF,CAKQd,cAAcb,CAAqB,CAAQ,CACjD,GAAI,CAACA,EACH,OAGF,IAAM0B,EAAgB,IAAI,CAACH,cAAc,GACpCG,EAAcvoB,QAAQ,CAAC6mB,KAC1B0B,EAAchnB,IAAI,CAACslB,GACnB,IAAI,CAACtJ,OAAO,CAACuI,GAAkBnrB,KAAKC,SAAS,CAAC2tB,IAElD,CAEA,OAAOhB,mBAAmB,CACxBnL,KAAAA,CAAI,CACJyK,OAAAA,CAAM,CACNC,sBAAAA,CAAqB,CACrBU,UAAAA,CAAS,CAMV,CAA4B,CAC3B,IAAMF,EAAuC,CAC3C5D,QAAS,IAAItC,KAAKoG,GAClBiB,SAAU,KACZ,EAoBA,OAlBIrM,GACFkL,CAAAA,EAAWlL,IAAI,CAAGA,CAAAA,EFnPpBtX,AAA6B,cAA7BA,OAAOmJ,QAAQ,CAACnL,QAAQ,EAEtBgC,AAA6B,UAA7BA,OAAOmJ,QAAQ,CAACnL,QAAQ,EAExBgC,OAAOmJ,QAAQ,CAACnL,QAAQ,CAAC4lB,KAAK,CAAC,0DEqP/BpB,EAAWqB,MAAM,CAAG,CAAA,GAEhB7B,GAKFQ,CAAAA,EAAWT,MAAM,CAAGA,GAAU/hB,OAAOmJ,QAAQ,CAAC2a,IAAI,AAAJA,EAEhDtB,EAAWqB,MAAM,CAAG,CAAA,GAEfrB,CACT,CACF,CAGO,MAAMuB,WAAiC9C,GAAiC,CAsB/E,IAAM+C,GAA0B5M,OAAO6M,GAAG,CAAC,0BAuDrCC,GAAoB,CAAIC,EAA4BxoB,KACxDlH,OAAO2vB,MAAM,CAACD,GAAYnX,OAAO,CAAC,AAACqX,GAAOA,EAAG1oB,GAC/C,EA6CM2oB,GAAgBC,AC3bS,CAAA,CAAC,CAAEC,gBAAAA,EAAkB,EAAE,CAAiB,CAAG,CAAA,CAAE,IAK1E,IAAMC,EAAY,CAACC,EAAQC,IAEzB,AAAI,OAAOD,GAAM,OAAOC,IAEpBD,AAAM,OAANA,GAAcC,AAAM,OAANA,EAAmBD,IAAMC,EACvC,AAAa,UAAb,OAAOD,EACT,CAAIjwB,CAAAA,OAAOmwB,IAAI,CAACF,GAAGnnB,MAAM,GAAK9I,OAAOmwB,IAAI,CAACD,GAAGpnB,MAAM,EAAI9I,OAAOmwB,IAAI,CAACF,GAAGG,IAAI,CAAC,AAACC,GAAM,CAAEA,CAAAA,KAAKH,CAAAA,EAAAA,GAClFlwB,OAAOgH,OAAO,CAACipB,GACnBhX,MAAM,CAAC,CAAC,CAACoX,EAAE,GAAK,CAACN,EAAgBtpB,QAAQ,CAAC4pB,IAC1CliB,KAAK,CAAC,CAAC,CAACkiB,EAAGnX,EAAE,GAAK8W,EAAU9W,EAAGgX,CAAC,CAACG,EAAE,GAGjCJ,IAAMC,GAGf,OAAOF,CACT,CAAA,EDsasC,CACpCD,gBAAiB,CAAC,mBAAmB,AACvC,EAEO,OAAMO,0BAMHnb,CAAAA,UAAY,CAAA,CAAA,AAEpB,aACUgM,CAAoB,CACpBoP,CAAoC,CAC5C,CAAEC,uBAAAA,CAAsB,CAAuC,CAC/D,CAKA,QARQrP,YAAAA,CAAAA,OACAoP,UAAAA,CAAAA,EAGRhlB,OAAOX,gBAAgB,CAAC,UAAW,IAAI,CAAC6lB,OAAO,EAI3C,CAACD,EAAwB,CAG3B,KAAM,CAAEnT,cAAAA,CAAa,CAAE,CAAG,IAAI,CAACkT,UAAU,CAAC9H,iBAAiB,GAC3D,GAAI,CAACpL,EAAe,YAClB,IAAI,CAACR,cAAc,EAGvB,CACF,CAGQ4T,QAAU,AAACrqB,IACjB,GAAIA,EAAEa,GAAG,GAAK2kB,GAAwB,IAAI,CAACzK,YAAY,CAAE,IACvD,OAGF,IAAMuP,EAActqB,AAAe,OAAfA,EAAEuqB,QAAQ,EAAavqB,AAAe,SAAfA,EAAEuqB,QAAQ,CAAc,KAAQvvB,KAAKmkB,KAAK,CAACnf,EAAEuqB,QAAQ,EAChG,IAAI,CAACC,WAAW,CAACF,EAAa,CAAA,EAChC,CAAA,AAEAxT,CAAAA,WAAwE,CACtE,GAAM,CAAEG,cAAAA,CAAa,CAAEC,YAAAA,CAAW,CAAE,CAAG,IAAI,CAACiT,UAAU,CAAC9H,iBAAiB,SACxE,AAAI,AAA2B,UAAzB,OAAOpL,GAAiC,AAAuB,UAAvB,OAAOC,EAC5C,KAEF,CAAED,cAAAA,EAAeC,YAAAA,CAAY,CACtC,CAEAxO,6BAA6C,CAC3C,OAAO,IAAI,CAACyhB,UAAU,CAAC3C,kCAAkC,IAAM,IACjE,CAEAlY,cAAe,CACb,IAAI,CAACmb,oBAAoB,CAAC,CACxB/lB,MAAO,KACPuS,cAAe,KACfC,YAAa,KACbzO,2BAA4B,IAC9B,EACF,CAEAgO,gBAAiB,CACf,IAAI,CAAC0T,UAAU,CAAC/B,mBAAmB,GACnC,IAAI,CAACoC,WAAW,CAAC,KACnB,CAEAE,8BAA8BhD,CAAiC,CAAE9rB,CAAqC,CAAE,CACtG,IAAM+uB,EAAgB,IAAI,CAACR,UAAU,CAACzlB,KAAK,CACrCkmB,EAAgBlD,AAAoB,OAApBA,EAAUhjB,KAAK,CAAY,KAAQ,CAAE,GAAG,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAE,GAAGgjB,EAAUhjB,KAAAA,AAAM,CACxG,CAAA,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAGkmB,EACxB,IAAMC,EAAY,IAAI,CAAC7b,YAAY,GAOnC,GANA,IAAI,CAAC8b,iBAAiB,GAMlBD,GAAa,CAACpB,GAAckB,EAAeC,GAAgB,CAC7D,IAAIG,EAEFA,EADEH,AAAiB,MAAjBA,GAAyBhvB,EAAQmT,SAAS,CAC7B6b,EAEA,CACb,GAAGA,CAAa,CAChBnP,uBAAwB7f,EAAQ6f,sBAAAA,AAClC,EAGF4N,GAAkB,IAAI,CAACc,UAAU,CAACxD,aAAa,CAAEoE,EACnD,CACF,CAEAN,qBACE/C,CAAiC,CACjC9rB,EAAwC,CAAEmT,UAAW,CAAA,CAAM,CAAC,CAC5D,CACI2Y,EAAUhjB,KAAK,EACb,AAAmC,UAAnC,OAAOgjB,EAAUzQ,aAAa,CAChC,IAAI,CAACkT,UAAU,CAAC1C,kBAAkB,CAACC,GAInC,IAAI,CAACyC,UAAU,CAAC/B,mBAAmB,GAErC,IAAI,CAAC+B,UAAU,CAAC7B,eAAe,IACtBZ,EAAUjf,0BAA0B,EACzC,AAAgD,UAAhD,OAAOif,EAAUjf,0BAA0B,CAC7C,IAAI,CAAC0hB,UAAU,CAAClC,mCAAmC,CAACP,EAAUjf,0BAA0B,EAIxF,IAAI,CAAC0hB,UAAU,CAAC7B,eAAe,GAEjC,IAAI,CAAC6B,UAAU,CAAC/B,mBAAmB,KAEnC,IAAI,CAAC+B,UAAU,CAAC/B,mBAAmB,GACnC,IAAI,CAAC+B,UAAU,CAAC7B,eAAe,IAGjC,IAAI,CAACoC,6BAA6B,CAAChD,EAAW9rB,GAE9C,IAAI,CAACuuB,UAAU,CAAC7C,kBAAkB,EACpC,CAEAkD,YAAY9lB,CAAe,CAAEsmB,EAAqB,CAAA,CAAK,CAAE,CACvD,IAAML,EAAgB,IAAI,CAACR,UAAU,CAACzlB,KAAK,CACrCkmB,EAAgBlmB,AAAU,OAAVA,EAAiB,KAAQ,CAAE,GAAG,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAE,GAAGA,CAAAA,AAAM,CACpF,CAAA,IAAI,CAACylB,UAAU,CAACzlB,KAAK,CAAGkmB,EACxB,IAAMC,EAAY,IAAI,CAAC7b,YAAY,GACnC,IAAI,CAAC8b,iBAAiB,GAEtB,IAAMG,EAAkB,CAACxB,GAAckB,EAAeC,GAClDC,CAAAA,GAAaI,CAAAA,IACf5B,GAAkB,IAAI,CAACc,UAAU,CAACxD,aAAa,CAAEiE,GAK7CK,GAAmB,CAACD,GAEtB,IAAI,CAACb,UAAU,CAAC7C,kBAAkB,GAGxC,CAEAnQ,aAAaH,CAA2B,CAAE,CACxC,GAAM,CAAEC,cAAAA,CAAa,CAAEC,YAAAA,CAAW,CAAE,CAAGF,EAEjCkU,EAAO,CADmC,GAAjC,IAAI,CAACf,UAAU,CAAC9H,iBAAiB,EAE9C,CACApL,cAAAA,EACAC,YAAAA,CACF,CACI,AAAyB,CAAA,UAAzB,OAAOD,GAA8B,AAAuB,UAAvB,OAAOC,GAC9C,IAAI,CAACiT,UAAU,CAAC1C,kBAAkB,CAACyD,GACnC,IAAI,CAACf,UAAU,CAAC7B,eAAe,IAE/B,IAAI,CAAC6B,UAAU,CAAC/B,mBAAmB,EAEvC,CAEAjZ,iBAAiBD,CAAsD,CAAuB,KAxNtEoa,MAClB6B,EAwNJ,OAzNsB7B,EAyND,IAAI,CAACa,UAAU,CAACxD,aAAa,CAvNpD2C,CAAU,CADJ6B,EAAWpP,KAAK5Z,MAAM,GAAGN,QAAQ,CAAC,IAAI+iB,KAAK,CAAC,KAC9B,CAuNkC1V,EAtN/C,IAAM,OAAOoa,CAAU,CAAC6B,EAAS,AAuNxC,CAEAC,UAAqB,CACnB,OAAO,IAAI,CAACjB,UAAU,CAACzlB,KAAK,AAC9B,CAEA2mB,SAAU,CACRlmB,OAAOmmB,mBAAmB,CAAC,UAAW,IAAI,CAACjB,OAAO,CACpD,CAEAkB,uBAAwB,CACtB,OAAO,IACT,CAEAvc,cAAwB,CACtB,OAAO,IAAI,CAACD,SAAS,AACvB,CAEA+b,mBAAoB,CAClB,IAAI,CAAC/b,SAAS,CAAG,CAAA,CACnB,CACF,CA4DO,MAAMyc,WACHtB,GAGRxZ,aAAe,AAACC,GAAmB,IAAI,CAAC6Z,WAAW,CAAC,CAAE7Z,OAAAA,GAAO,AAC7DN,CAAAA,UAAY,IAAM,IAAI,CAAC+a,QAAQ,IAAIza,QAAU,IAAA,AAC7CjC,CAAAA,mBAAqB,AAACC,GAA+B,IAAI,CAAC6b,WAAW,CAAC,CAAE7b,aAAAA,GAAa,AACrFE,CAAAA,gBAAkB,IAAM,IAAI,CAACuc,QAAQ,IAAIzc,cAAgB,IAAA,AACzD8F,CAAAA,WAAa,IAAM,IAAI,CAAC2W,QAAQ,IAAI5W,SAAW,IAAA,AAC/CuC,CAAAA,cAAiF,CAACtX,EAAM7D,KACtF,GAAI,mBAAoB6D,GAAQA,EAAKgsB,cAAc,CAAE,CACnD,IAAMzU,EACJvX,EAAKwX,aAAa,EAAIxX,EAAKyX,WAAW,CAClC,CAAED,cAAexX,EAAKwX,aAAa,CAAEC,YAAazX,EAAKyX,WAAAA,EACtD,CAAED,cAAe,CAAA,EAAMC,YAAa,CAAA,CAAK,EAEhD,IAAI,CAACuT,oBAAoB,CACvB,CACE/lB,MAAO,CACL8P,QAAS/U,EAAKgsB,cAAc,CAC5B9a,OAAQlR,EAAKkR,MAAM,CACnBhC,aAAclP,EAAKkP,YAAAA,AACrB,EACA,GAAGqI,CAAM,CACTvO,2BAA4B,MAE9B,CACEsG,UAAW,CAAA,EACX0M,uBAAwB7f,GAAS6f,sBACnC,EAEJ,MACE,IAAI,CAACgP,oBAAoB,CACvB,CACE/lB,MAAO,KACPuS,cAAe,KACfC,YAAa,KACbzO,2BAA4BhJ,EAAKgJ,0BAA0B,EAAI,CAAA,GAEjE,CACEsG,UAAW,CAAA,EACX0M,uBAAwB7f,GAAS6f,sBACnC,EAGN,CAAA,AAEA7S,CAAAA,kBACE,AAOEoB,GAEF,MAAOpO,IACL,IAAM6D,EAAO,MAAMuK,EAAapO,GAIhC,OAHA,IAAI,CAACmb,aAAa,CAACtX,EAAM,CACvBgc,uBAAwB7f,GAASiN,wBACnC,GACOpJ,CACT,CAAA,AACJ,CEptBO,IAAMisB,GAAiBnP,OAAO6M,GAAG,CAAC,uBC0FlC,OAAMuC,WACHC,UAGR,aACEvjB,CAA8B,CAC9BC,CAAoE,CACpEkC,CAA0B,CAC1ByC,CAA6B,CAC7BvC,CAAe,CACfmhB,EAA+C9lB,IAAkC,CACzE+lB,CAA0B,CAClC,CACA,KAAK,CAACzjB,EAAgBC,EAAsBkC,EAAcyC,EAAgBvC,EAASmhB,QAF3EC,OAAAA,CAAAA,CAGV,CAEQC,qBAAuB,MAAOnwB,IACpC,IAAMowB,EAAe,MAAM,IAAI,CAACF,OAAO,CAACG,kBAAkB,GAC1D,GAAI,CAACD,EAAatS,OAAO,CACvB,MAAM,AAAIlgB,MAAM,CAAC,wBAAwB,EAAEwyB,EAAaE,MAAM,CAAA,CAAE,EAGlE,GAAM,CAAEC,OAAAA,CAAM,CAAE,CAAGH,EAEbI,EAAoB,IAAI,CAACN,OAAO,CAACO,+BAA+B,CAAC,CACrEC,qBAAsB1wB,EAAQ+P,sBAAsB,CACpD4gB,UAAW,IAAI,CAACT,OAAO,CAACU,iBAAAA,AAC1B,GAEA,OAAOL,EAAOM,MAAM,CAAC,CACnB3T,MAAO,CACLC,SAAU3a,EAAgBE,QAAAA,AAC5B,EACA4Q,SAAUkd,EACVM,mBAAoB9wB,EAAQ+wB,qBAAAA,AAC9B,EACF,CAAA,AAEQC,CAAAA,YAAc,MAAOhxB,IAC3B,GAAI,CAACA,EAAQ6N,eAAe,CAC1B,MAAM,IAAI1P,EAAoB,kCAAmC,0CAEnE,IAAMiyB,EAAe,MAAM,IAAI,CAACF,OAAO,CAACG,kBAAkB,GAC1D,GAAI,CAACD,EAAatS,OAAO,CACvB,MAAM,AAAIlgB,MAAM,CAAC,wBAAwB,EAAEwyB,EAAaE,MAAM,CAAA,CAAE,EAGlE,GAAM,CAAEC,OAAAA,CAAM,CAAE,CAAGH,EAEbI,EAAoB,IAAI,CAACN,OAAO,CAACe,sBAAsB,CAAC,CAC5DC,eAAgBlxB,EAAQ6N,eAAe,CACvCsjB,kBAAmBnxB,EAAQwP,mBAAmB,CAC9C4hB,iBAAkBpxB,EAAQsP,kBAAkB,CAC5CqhB,UAAW,IAAI,CAACT,OAAO,CAACU,iBAAAA,AAC1B,GAEA,OAAOL,EAAOM,MAAM,CAAC,CACnB3T,MAAO,CACLC,SAAU3a,EAAgBE,QAAAA,AAC5B,EACA4Q,SAAUkd,EACVM,mBAAoB9wB,EAAQ+wB,qBAAAA,AAC9B,EACF,CAAA,AAEAM,CAAAA,aAA8C,CAC5C1iB,UAAW,CACT8C,MAAO,IAAI,CAAC0e,oBAAAA,AACd,EACA1e,MAAO,IAAI,CAACuf,WAAAA,CACd,AACF,CCjMO,IAAMM,GAAyB,AAAkB,IAAlB,OAAO/nB,QAA0B,uBAAwBA,OCGlFgoB,GAA4B,AAACpU,GACxC,AAAIA,IAAa3a,EAAgBK,mBAAmB,CAC3C,QAIPsa,IAAa3a,EAAgBG,YAAY,EACzCwa,IAAa3a,EAAgBC,QAAQ,EACrC0a,IAAa3a,EAAgBI,kBAAkB,ACM5C,OAAM4uB,0BACX,aACEC,CAAqC,CAC7BC,CAAiB,CACzB,MAFQD,aAAAA,CAAAA,OACAC,SAAAA,CAAAA,CACP,CAEHC,QAAe,CACb,IAAI,CAACF,aAAa,CAACE,MAAM,EAC3B,CAEA,MAAMd,OAAO,CACXvd,SAAAA,CAAQ,CACRse,kBAAAA,CAAiB,CACjB1U,MAAAA,CAAK,CACL4T,mBAAAA,EAAqB,CAAA,CAAI,CAM1B,CAA+B,CAC9B,IDXIe,ECWEA,EAAeN,GAA0BrU,EAAMC,QAAQ,EACvD2U,EDXgB,WADlBD,EAAeN,GCY8CrU,EAAMC,QAAQ,IDX7C0U,GAAgB,CAACP,GCa7CS,EAA0B,CAC9BC,UAAW,IAAI,CAACN,SAAS,CACzBpe,SAAUA,EACV2e,YAAa,CAAA,EACbC,QAAS,MACTC,YAAa,CAAA,EACbC,qBAAsBP,AAAiB,UAAjBA,EACtBd,sBAAuBD,CACzB,EAOA,OANIgB,IACFC,EAAOM,gBAAgB,CAAG,uBAC1BN,EAAOhB,qBAAqB,CAAG,CAAA,GAEjC,IAAI,CAACU,aAAa,CAACa,UAAU,CAACP,GAEvB,IAAI/pB,QAAQ,AAACC,IAClB,IAAI,CAACwpB,aAAa,CAACc,MAAM,CAAC,AAACpD,IACzB,GAAIA,EAAaqD,eAAe,GAAI,CAGlC,IAAMlC,EAASnB,EAAasD,gBAAgB,MAAQ,iBAKpD,MAHInC,AAAW,gBAAXA,GACFsB,MAEK3pB,EAAQ,CACb6V,QAAS,CAAA,EACTwS,OAAAA,CACF,EACF,OAQA,AAAK,CAACnB,EAAauD,cAAc,EAAIZ,GAA+B3C,EAAauD,cAAc,KACtFzqB,EAAQ,CACb6V,QAAS,CAAA,EACTwS,OAAQnB,EAAawD,qBAAqB,MAAQ,gBACpD,GAGGxD,EAAayD,iBAAiB,WACjC,IAAI,CAACC,UAAU,CAACf,GACT7pB,EAAQ,CAAE6V,QAAS,CAAA,CAAK,GAEnC,EACF,EACF,CAEA+U,WAAWf,CAAmC,CAAE,CACzCA,GAGL7lB,MAAMtM,IAAI,CAACyF,SAAS0tB,oBAAoB,CAAC,WAAWvc,OAAO,CAAC,AAACqG,IACvDA,EAAMK,GAAG,CAACxY,QAAQ,CAACvH,IACrB0f,CAAAA,EAAMM,KAAK,CAACE,KAAK,CAAG,MAAA,CAExB,EACF,CACF,CC1EA,IAAM7O,GAAuBvG,QAAQC,OAAO,CAAC,CAC3CmK,qBAAsB,CAAA,CACxB,EAKO,OAAM2gB,sCACHC,CAAAA,cAAAA,AACR,aACUvmB,CAA8B,CAC9BmC,CAA0B,CAC1BE,EAAyBP,EAAoB,CACrD,MAHQ9B,cAAAA,CAAAA,OACAmC,YAAAA,CAAAA,OACAE,OAAAA,CAAAA,CACP,CAEH,MAAcmkB,kBAAmB,CAC/B,GAAI,IAAI,CAACD,cAAc,CACrB,OAAO,IAAI,CAACA,cAAc,CAE5B,IAAME,EAAkB,MAAM,IAAI,CAACzmB,cAAc,CAACG,QAAQ,CAAyB,CACjFvF,IAAK,iCACLhE,OAAQ,KACV,GAEA,OADA,IAAI,CAAC2vB,cAAc,CAAGE,EAAgBC,gBAAgB,CAC/C,IAAI,CAACH,cAAc,AAC5B,CAEA,MAAcI,iCAAiC,CAC7CC,WAAAA,CAAU,CACV3C,qBAAAA,CAAoB,CAIrB,CAAE,CAED,IADI4C,EACE,CAAElhB,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACtD,OAAO,CAOnD,OANIsD,EAEFkhB,EAAgB3iB,AADA,CAAA,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACpCD,cAAc,CAEtC,IAAI,CAAChC,YAAY,CAAC8B,WAAW,GAExB,MAAM,IAAI,CAACjE,cAAc,CAACG,QAAQ,CAA0B,CACjEvF,IAAK,4CACLhE,OAAQ,OACR7E,KAAM,CACJ+0B,SAAUF,EACVtjB,uBAAwB2gB,EACxB9gB,oBAAqB0jB,CACvB,CACF,EACF,CAEA,MAAcE,wBAAwB,CACpCH,WAAAA,CAAU,CACVnC,eAAAA,CAAc,CACdC,kBAAAA,CAAiB,CACjBC,iBAAAA,CAAgB,CAMjB,CAAE,CAED,IADIkC,EACE,CAAElhB,qBAAAA,CAAoB,CAAE,CAAG,MAAM,IAAI,CAACtD,OAAO,CAOnD,OANIsD,EAEFkhB,EAAgB3iB,AADA,CAAA,MAAM,IAAI,CAAC/B,YAAY,CAACiC,oBAAoB,EAAA,EACpCD,cAAc,CAEtC,IAAI,CAAChC,YAAY,CAAC8B,WAAW,GAExB,MAAM,IAAI,CAACjE,cAAc,CAACG,QAAQ,CAA0B,CACjEvF,IAAK,kCACLhE,OAAQ,OACR7E,KAAM,CACJ+0B,SAAUF,EACVxlB,gBAAiBqjB,EACjB1hB,oBAAqB2hB,EACrB7hB,mBAAoB8hB,EACpBxhB,oBAAqB0jB,CACvB,CACF,EACF,CAEA,MAAMjD,oBAAgD,CACpD,IAAIoD,EACJ,GAAI,CACFA,EAAiB,MAAM,IAAI,CAACR,gBAAgB,EAC9C,CAAE,MAAO7uB,EAAG,CAEV,MAAO,CAAE0Z,QAAS,CAAA,EAAOwS,OAAQ5xB,AADrBgB,EAAeC,IAAI,CAACyE,GACKtF,UAAAA,AAAW,CAClD,OAEA,AAAI20B,AAAmB,KAAnBA,EACK,CAAE3V,QAAS,CAAA,EAAOwS,OAAQ,wBAAyB,EAGrD,CAAExS,QAAS,CAAA,EAAMyS,OADT,IAAIiB,GAAmB,MCxHxC1pB,GAAa3K,EAA2B,IAAMoM,OAAOyH,MAAM,CAAC0iB,QAAQ,CAACC,EAAE,EDwHCF,EACvC,CACjC,CAEAhD,gCACE,CAAC,CACCC,qBAAAA,CAAoB,CACpBC,UAAAA,CAAS,CACTiD,QAAAA,CAAO,CAKR,GACD,MAAO3f,IACL,GAAM,CAAEof,WAAAA,CAAU,CAAE,CAAGpf,EACnB4f,EAAgB,IAAI,CAACT,gCAAgC,CAAC,CACxDC,WAAAA,EACA3C,qBAAAA,CACF,GAAGtnB,IAAI,CAAC,AAAC0qB,GAAWnD,EAAUmD,EAAOC,YAAY,EAC7CH,CAAAA,GACFC,CAAAA,EAAgBA,EAAcnU,KAAK,CAAC,AAACrf,GAAUuzB,EAAQvzB,GAAAA,EAEzD,MAAMwzB,CACR,CAAA,AAEF5C,CAAAA,uBACE,CAAC,CACCC,eAAAA,CAAc,CACdC,kBAAAA,CAAiB,CACjBC,iBAAAA,CAAgB,CAChBT,UAAAA,CAAS,CACTiD,QAAAA,CAAO,CAOR,GACD,MAAO3f,IACL,GAAM,CAAEof,WAAAA,CAAU,CAAE,CAAGpf,EACnB4f,EAAgB,IAAI,CAACL,uBAAuB,CAAC,CAC/CH,WAAAA,EACAnC,eAAAA,EACAC,kBAAAA,EACAC,iBAAAA,CACF,GAAGhoB,IAAI,CAAC,AAAC0qB,GAAWnD,EAAUmD,EAAOC,YAAY,EAC7CH,CAAAA,GACFC,CAAAA,EAAgBA,EAAcnU,KAAK,CAAC,AAACrf,GAAUuzB,EAAQvzB,GAAAA,EAEzD,MAAMwzB,CACR,CAAA,AAEFjD,CAAAA,kBAAoB,AAACmD,IACnBxqB,OAAOmJ,QAAQ,CAACC,IAAI,CAAGohB,CACzB,CAAA,AACF,CE1GO,MAAMC,GAGMtnB,oBAAAA,AACAunB,CAAAA,eAAAA,AACAxnB,CAAAA,cAAAA,AACAqV,CAAAA,UAAAA,AACAoS,CAAAA,kBAAAA,AAGjBC,CAAAA,UAAAA,AACAvb,CAAAA,OAAAA,AAEA7D,CAAAA,MAAAA,AACAqf,CAAAA,IAAAA,AACArhB,CAAAA,YAAAA,AACAshB,CAAAA,KAAAA,AACAC,CAAAA,GAAAA,AACA3lB,CAAAA,SAAAA,AACA4lB,CAAAA,SAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,IAAAA,AACAC,CAAAA,aAAAA,AACAC,CAAAA,GAAAA,AAcArU,CAAAA,aAAAA,AAOAsU,CAAAA,oBAAAA,AAqBAC,CAAAA,iBAAAA,AAEA,aAAYC,CAAsB,CAAEj1B,CAA6B,CAAE,ClD7HnE,GAAI,AAAkB,IAAlB,OAAOuJ,OACT,MAAM,AAAI3L,MACR,qJkDgIFs3B,AlDrJ4B,CAAA,AAACnsB,IAC3B,AAAuB,UAAvB,OAAOA,EACTwI,GAAY,CAAC,kDAAkD,EAAE,OAAOxI,EAAY,CAAC,EAAEnB,GAAAA,CAAS,EACvFmB,AAAgB,KAAhBA,EACTwI,GAAY,CAAC,4EAA4E,EAAE3J,GAAAA,CAAS,EAC3F,AAACmB,EAAYiD,UAAU,CAAC,kBACjCuF,GAAY,CAAC,4DAA4D,EAAExI,EAAY,CAAC,EAAEnB,GAAAA,CAAS,CAEvG,CAAA,EkD6IqBqtB,GACjB,MAAME,EAAgBF,GAAkB,GAGlClD,EAASqD,ACjJa,CAAA,CAACC,EAAoBC,EAAoC,EAAE,IACzF,GAAM,CAAEnK,cAAAA,CAAa,CAAEpL,iBAAAA,CAAgB,CAAE,CAAGuV,EAgB5C,OAdA5pB,GAAc2pB,EAAYC,EAAM,CAC9BvV,iBAAkB,iBACpB,GAEIoL,GACFzf,GAAc,CAAA,EAAG2pB,EAAW,cAAc,CAAC,CAAElK,EAAe,CAC1DC,sBAAuB,iBACvBC,cAAe,iBACfG,cAAe,iBACf3K,KAAM,iBACNyK,OAAQ,gBACV,GAGK,CACLH,cAAAA,EACApL,iBAAAA,EACAwV,UAAW,CACTxjB,WAAYyjB,ACbW,CAAA,AAACF,IAC5B,IAAMhK,EAASgK,GAAMG,eAAiBH,GAAMI,iBAAiBC,cAC7D,GAAIrK,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMG,cAAgB,gBAAkB,gBACpDlkB,GAAY,CAAC,kCAAkC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CAC/F,CACF,CAEA,OAAOqwB,GAAMC,WAAWxjB,YhEhCE,yBgEiC5B,CAAA,EDAgCujB,GAC1BtjB,WAAY6jB,AC7BW,CAAA,AAACP,IAC5B,IAAMhK,EAASgK,GAAMG,eAAiBH,GAAMI,iBAAiBI,UAC7D,GAAIxK,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMG,cAAgB,gBAAkB,YACpDlkB,GAAY,CAAC,kCAAkC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CAC/F,CACF,CAEA,OAAOqwB,GAAMC,WAAWvjB,YhEhBE,wBgEiB5B,CAAA,EDgBgCsjB,GAC1BtsB,cAAe+sB,AE9BW,CAAA,AAACT,IAC/B,IAAMhK,EAASgK,GAAMU,UAAYV,GAAMI,iBAAiBO,YACxD,GAAI3K,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMU,SAAW,WAAa,cAC1CzkB,GAAY,CAAC,oCAAoC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CACjG,CACF,CAEA,OAAOqwB,GAAMC,WAAWvsB,ejEbY,8BiEctC,CAAA,EFiBsCssB,GAChCY,UAAWC,AEhBW,CAAA,AAACb,IAC3B,IAAMhK,EAASgK,GAAMc,WAAad,GAAMI,iBAAiBzsB,aACzD,GAAIqiB,EAAQ,CACV,IAAMsK,EAAWzuB,GAAYmkB,GAC7B,GAAIsK,EACF,OAAOA,CACF,EACL,IAAM3wB,EAAMqwB,GAAMc,UAAY,YAAc,eAC5C7kB,GAAY,CAAC,sCAAsC,EAAE+Z,EAAO,IAAI,EAAErmB,EAAI,0BAA0B,CAAC,CACnG,CACF,CAEA,MjE3BgC,6BiE4BlC,CAAA,EFG8BqwB,GACxBe,4BAA6Bf,GAAMC,WAAWc,6B/DnCN,sD+DoC1C,CACF,CACF,CAAA,EDqHoC,IAAI,CAAC,WAAW,CAACt4B,IAAI,CAAEiC,GACjDwuB,EAAyB8H,ACjHC,CAAA,CAACxkB,EAAeykB,EAAkC,CAAA,CAAE,IAEtF,GAAM,CAAEd,cAAAA,CAAa,CAAEC,gBAAAA,CAAe,CAAE,CAAGa,EAC3C,OAAOxR,AxClC2CjT,AwCkCzBA,ExClC+BrN,QAAQ,CAAC,qBwCmC7D,CAAC,CAAEgxB,CAAAA,GAAiBC,GAAiBC,aAAAA,EACrC,CAAC,CAAEF,CAAAA,GAAiBC,GAAiBI,SAAAA,CAC3C,CAAA,ED2GwDX,EAAen1B,EAEnE,CAAA,IAAI,CAAC8hB,UAAU,CAAG0U,ATkOS,CAAA,CAACztB,EAAqB/I,KACnD,IA7BMy2B,EA6BAC,GA5BF,AAACD,CADCA,EAAMltB,OACJ,CAACgkB,GAAwB,EAC/BkJ,CAAAA,CAAG,CAAClJ,GAAwB,CAAG,CAAA,CAAA,EAE1BkJ,CAAG,CAAClJ,GAAwB,EA6BnC,OAHI,AAACmJ,CAAc,CAAC3tB,EAAY,EAC9B2tB,CAAAA,CAAc,CAAC3tB,EAAY,CAAG,IAAIukB,GAAyBvkB,EAAa/I,EAAAA,EAEnE02B,CAAc,CAAC3tB,EAAY,AACpC,CAAA,ESxOsCosB,EAAepD,GACjD,IAAI,CAACrlB,oBAAoB,CAAG,IAAIkjB,GAAuBuF,EAAe,IAAI,CAACrT,UAAU,CAAE,CAAE0M,uBAAAA,CAAuB,GAChH,IAAI,CAAC0F,kBAAkB,CAAG,IAAI3T,GAAkB,IAAI,CAAC7T,oBAAoB,CAAE,CAAA,GAC3E,IAAI,CAAC+T,aAAa,CAAG,CAAC,GAAGhZ,IAAS,IAAI,CAACysB,kBAAkB,CAACzT,aAAa,IAAIhZ,GAE3E,MAAMqd,EAA4B,IAAO,CAAA,CACvC6R,iBAAkB,IAAI,CAAC7U,UAAU,CAAChZ,KAAK,EAAEiM,QAAQb,UACjD0iB,yBAA0B,IAAI,CAAC9U,UAAU,CAAChZ,KAAK,EAAE8P,SAASgC,oBAGtDic,EAAuB,IAAI9P,GAAY,IAAI,CAACjF,UAAU,CAAE,aAExDgV,EAAgB,IAAIrS,GACxB0Q,EACA,IAAI,CAACrT,UAAU,CACfiQ,EAAOwD,SAAS,CAACvjB,UAAU,CAC3B+f,EAAOwD,SAAS,CAACxjB,UAAU,CAC3B+S,EAEF,CAAA,IAAI,CAACrY,cAAc,CAAGqqB,EAEtB,MAAMC,EAAY,IAAInV,GAAqBuT,EAAe2B,EAAe,IAAI,CAAChV,UAAU,EAClFkV,EAAU,IAAIvT,GAAgBsT,EAAUvT,QAAQ,IAChDnV,EAAmB,IAAIxF,GAC3BssB,EACApD,EAAOwD,SAAS,CAACvsB,aAAa,CAC9B+oB,EAAOwD,SAAS,CAACW,SAAS,CAC1Ba,EAAUvT,QAAQ,GAClBwT,EAAQ7tB,gBAAgB,EAEpB8tB,EAAqB,IAAIhT,GAA2B8N,EAAOwD,SAAS,CAACc,2BAA2B,EAChGa,EAAsB,IAAInQ,GAAY,IAAI,CAACjF,UAAU,CAAE,SACvDqV,EAAS,IAAIpE,GAAkB+D,EAAeI,EAAqBH,EAAUvT,QAAQ,GAE3F,CAAA,IAAI,CAACzQ,YAAY,CAAG,IAAIH,GAA8BkkB,EAAeA,EAAe,IAAI,CAACpqB,oBAAoB,EAC7G,IAAI,CAACqI,MAAM,CAAG,IAAIkF,GAAsB6c,EAAeA,EAAe,IAAI,CAACpqB,oBAAoB,EAC/F,IAAI,CAAC0nB,IAAI,CAAG,IAAIna,GAAsB6c,EAAeA,EAAe,IAAI,CAACpqB,oBAAoB,EAC7F,IAAI,CAACkM,OAAO,CAAG,IAAIyB,GAAyByc,EAAe,IAAI,CAACpqB,oBAAoB,EACpF,IAAI,CAACynB,UAAU,CAAG,IAAI1lB,GACpBqoB,EACA,IAAI,CAACpqB,oBAAoB,CACzB,IAAIqa,GAAY,IAAI,CAACjF,UAAU,CAAE,eACjC+U,EACAE,EAAUvT,QAAQ,GAClBnV,GAEF,IAAI,CAACgmB,KAAK,CAAG,IAAItE,GACf+G,EACA,IAAI,CAACpqB,oBAAoB,CACzBwqB,EACAH,EAAUvT,QAAQ,GAClB,CACEza,YAAaosB,EACbpjB,WAAYggB,EAAOwD,SAAS,CAACxjB,UAAU,CACvCC,WAAY+f,EAAOwD,SAAS,CAACvjB,UAAAA,AAC/B,EACA3D,EACA8oB,GAEF,IAAI,CAAC7C,GAAG,CAAG,IAAI9Y,GACbsb,EACA,IAAI,CAACpqB,oBAAoB,CACzB,IAAIqa,GAAY,IAAI,CAACjF,UAAU,CAAE,OACjCiV,EAAUvT,QAAQ,GAClB,CACEza,YAAaosB,EACbpjB,WAAYggB,EAAOwD,SAAS,CAACxjB,UAAU,CACvCC,WAAY+f,EAAOwD,SAAS,CAACvjB,UAAAA,EAE/B3D,GAEF,IAAI,CAACM,SAAS,CAAG,IAAIrC,GAA2BwqB,EAAe,IAAI,CAACpqB,oBAAoB,EACxF,IAAI,CAAC6nB,SAAS,CAAG,IAAIjf,GACnBwhB,EACA,IAAI,CAACpqB,oBAAoB,CACzBmqB,EACAE,EAAUvT,QAAQ,GAClBnV,GAEF,IAAI,CAACmmB,IAAI,CAAG,IAAIxf,GAAsB8hB,EAAe,IAAI,CAACpqB,oBAAoB,CAAE2B,GAChF,IAAI,CAAComB,IAAI,CAAG,IAAIlY,GAAuBua,EAAe,IAAI,CAACpqB,oBAAoB,CAAE2B,GACjF,IAAI,CAACqmB,aAAa,CAAG,IAAI5b,GAA+Bge,EAAe,IAAI,CAACpqB,oBAAoB,CAAE2B,GAClG,IAAI,CAACsmB,IAAI,CAAG,IAAI/c,GAAsBmf,EAAU/jB,OAAO,GAAI+jB,EAAUvT,QAAQ,GAAI,IAAI,CAAC9W,oBAAoB,EAC1G,IAAI,CAACkoB,IAAI,CAAG,IAAI1b,GAAsB,IAAI,CAACzM,cAAc,CAAE,IAAI,CAACC,oBAAoB,EACpF,IAAI,CAACmoB,aAAa,CAAG,IAAI1mB,GACvB,IAAI,CAAC1B,cAAc,CACnB,IAAI,CAACC,oBAAoB,CACzB2B,GAEF,IAAI,CAACymB,GAAG,CAAG,IAAI/mB,GAAqB+oB,GACpC,IAAI,CAAC7C,eAAe,CAAG,IAAIlV,GAAe,IAAI,CAACrS,oBAAoB,CAAE,IAAI,CAACkM,OAAO,CAAEuc,EAAe,CAChGpV,iBAAkBgS,EAAOhS,gBAAAA,AAC3B,GACA,MAAMqX,EAAgB,IAAIjZ,GAAkB2Y,EAAezoB,EAMvDmgB,CAAAA,CAAAA,GAA0B,IAAI,CAAC1M,UAAU,CAAC2E,iBAAiB,GAAGpL,aAAa,AAAbA,GAChE,IAAI,CAAC4Y,eAAe,CAAC1U,wBAAwB,GAG/C,KAAM,CAAEyV,kBAAAA,CAAiB,CAAED,qBAAAA,CAAoB,CAAE,CAAGsC,AIjNpB,CAAA,AAClCC,IAEA,IAAMC,EAAoBv5B,OAAOmwB,IAAI,CAACmJ,GAEhCvC,EAA+D,CAACpiB,EAAOpJ,OAAOmJ,QAAQ,CAACC,IAAI,IAC/F,IAAMtL,EAAM,IAAIC,IAAIqL,GACd6kB,EAAYnwB,EAAIkL,YAAY,CAAC/N,GAAG,CAAC,qBACjCsN,EAAQzK,EAAIkL,YAAY,CAAC/N,GAAG,CAAC,gBACnC,AAAI,AAACsN,GAAU0lB,EAIf,AA7DKC,AA6DkBF,EA7DL9yB,QAAQ,CA6DgB+yB,GACjC,CACLE,QAAS,CAAA,EACT5lB,MAAAA,EACA0lB,UAAAA,CACF,EAGK,CACLE,QAAS,CAAA,EACT5lB,MAAAA,EACA0lB,UAAAA,CACF,EAfS,IAgBX,EA4BA,MAAO,CACLxC,kBA3B6D,MAC7D,CAAE2C,YAAAA,CAAW,CAAE,GAAG33B,EAAS,CAC3B2S,EAAOpJ,OAAOmJ,QAAQ,CAACC,IAAI,IAE3B,IA8BItL,EACAuwB,EA3GAvwB,EA4EEwwB,EAAoBF,GAAehlB,IAASpJ,OAAOmJ,QAAQ,CAACC,IAAI,CAChEsa,EAAS8H,EAAqBpiB,GACpC,GAAIsa,AAAU,MAAVA,EAAgB,OAAO,KAC3B,GAAI,CAACA,EAAOyK,OAAO,CAAE,OAAOzK,EAE5B,GAAM,CAAEnb,MAAAA,CAAK,CAAE0lB,UAAAA,CAAS,CAAE,CAAGvK,EACvB6K,EAAUR,CAAQ,CAACE,EAA8B,CASvD,OALIK,IAuBND,CAFMA,EAASvwB,CADTA,EAAM,IAAIC,IA1GoBiC,OAAOmJ,QAAQ,CAACzM,QAAQ,KA2GzCsM,YAAY,EAExBkB,MAAM,CAAC,SACdmkB,EAAOnkB,MAAM,CAAC,qBA9GRpM,EAgHCA,EA/GPkC,OAAOwuB,OAAO,CAACC,YAAY,CAAC,KAAM5yB,SAAS6yB,KAAK,CAAE5wB,IA0FzC,CACLqwB,QAAS,CAAA,EACTF,UAAWA,EACXjzB,KAJW,MAAMuzB,EAAQhmB,EAAO9R,EAKlC,CACF,EAIE+0B,qBAAAA,CACF,CACF,CAAA,EJuJ+F,CACzFpmB,UAAW,AAACmD,GAAU,IAAI,CAACqiB,UAAU,CAACxlB,SAAS,CAACP,YAAY,CAAC,CAAEmC,4BAA6BuB,CAAM,GAClGomB,gBAAiB,AAACpmB,GAAU,IAAI,CAACuiB,KAAK,CAAC1lB,SAAS,CAACP,YAAY,CAAC,CAAEoD,sBAAuBM,CAAM,GAC7FuiB,MAAO,CAACviB,EAAO9R,IAAY,IAAI,CAACq0B,KAAK,CAACjmB,YAAY,CAAC,CAAEkD,YAAaQ,EAAO,GAAG9R,CAAAA,AAAQ,GACpFs0B,IAAK,CAACxiB,EAAO9R,IAAY,IAAI,CAACs0B,GAAG,CAAClmB,YAAY,CAAC,CAAEqN,UAAW3J,EAAO,GAAG9R,CAAAA,AAAQ,GAC9Em4B,yBAA0B,CAACrmB,EAAO9R,IAChC,IAAI,CAACm0B,UAAU,CAAC/lB,YAAY,CAAC,CAAE6B,kBAAmB6B,EAAO,GAAG9R,CAAAA,AAAQ,GACtEo4B,2BAA4B,AAACtmB,GAAU,IAAI,CAAC+iB,aAAa,CAACzmB,YAAY,CAAC,CAAEE,oBAAqBwD,CAAM,EACtG,EAEA,CAAA,IAAI,CAACkjB,iBAAiB,CAAGA,EACzB,IAAI,CAACD,oBAAoB,CAAGA,EAE5B+B,EAAcxrB,QAAQ,CAAC,CACrBvN,KAAM,gCACNF,QAAS,CACPw6B,0BAA2B,CAAA,EAC3BC,0BAA2B,CAAA,EAC3BC,4BAA6B,CAAA,CAC/B,CACF,GAEAxB,EAAUvT,QAAQ,GAAGpa,IAAI,CAAC,AAACC,IACrBA,AK7RuB,aL6RvBA,EAAcsY,QAAQ,EACxBpQ,GACE,uMAGN,GAYAinB,AP3Q6B,CAAA,CAAC7sB,EAAuD8sB,KACvFz6B,OAAOwM,MAAM,CAACmB,EAAK,CACjB,CAACmkB,IAAiB2I,CACpB,EACF,CAAA,EOuQsB,IAAI,CAVU,CAC9B1B,UAAAA,EACAE,mBAAAA,EACAluB,YAAaosB,EACbiC,cAAAA,EACAsB,UAAW,IAAI,CAAC5W,UAAU,CAC1BgV,cAAeA,EACfK,OAAAA,CACF,EAGF,CACF,CMlQA,IAAMwB,GAAkB,CAlBH,SAED,QADE,UAiB4C,CC/BrDC,G1BcJ,CAAC,GAAGnxB,IACT,AAAI,AAAkB,IAAlB,OAAO8B,OAJ2BqX,GAAY,UAQ3C,I0BnB+CoT,M1BmBtBvsB,yB1C5BR,CAC1BoxB,UAAW,YACXC,aAAc,eACdC,cAAe,eACjB,mBAqI8B,CAC5BC,OAAQ,SACRvE,KAAM,MACR,kGCmLO,cAA6C10B,EAClD,aAAc,CACZ,KAAK,CACH,iCACA,6KAEJ,CACF,+OA4RO,cAA4CA,EACjD,YAAYlC,CAAe,CAAE,CAC3B,KAAK,CAAC,gCAAiCA,EACzC,CACF,8YA1PO,cAAyCkC,EAC9C,aAAc,CACZ,KAAK,CAAC,6BAA8B,gDACtC,CACF,qBAKO,cAA+BA,EACpC,aAAc,CACZ,KAAK,CAAC,mBAAoB,+EAC5B,CACF,yLCrT8B,CAC5BzC,OAAQ,SACRC,UAAW,YACX07B,MAAO,QACPC,OAAQ,SACRC,OAAQ,SACRC,SAAU,WACVC,QAAS,UACTC,WAAY,aACZ77B,MAAO,QACP87B,OAAQ,SACRC,UAAW,YACXC,SAAU,WACVC,SAAU,WACVC,OAAQ,SACRC,QAAS,UACTC,OAAQ,SACRC,SAAU,WACVC,MAAO,QACPC,MAAO,OACT,eAqG0B,CACxBC,IAAK,MACLC,SAAU,WACVC,MAAO,OACT,8KFzL+B,CAC7BC,cAAe,gBACjB,iNoESuCpG,2NlEgFhB,CACrBqG,QAAS,UACTC,SAAU,WACVZ,SAAU,WACVa,QAAS,UACTC,sBAAuB,wBACvBC,oBAAqB,qBACvB,6DkE5F6C7B,wBnE0lBtC,SAA4Bv4B,CAAU,EAC3C,GAAIA,aAAiBN,EAAgB,OAAOM,EAE5C,OAAQA,EAAMvC,OAAO,EACnB,IAAK,qBACH,OAAO,IAAIoC,CACb,KAAK,6BACH,OAAO,IAAIM,CACb,KAAK,yBAIL,IAAK,wBAEL,IAAK,2BALH,OAAO,IAAIC,CACb,KAAK,kBAUL,IAAK,mBATH,OAAO,IAAIC,CAKb,KAAK,yBACH,OAAO,IAAIE,CACb,KAAK,uBACH,OAAO,IAAID,CAGb,KAAK,iCACH,OAAO,IAAII,CACb,KAAK,oBACH,OAAO,IAAIF,CACb,KAAK,kBACH,OAAO,IAAIC,CACb,KAAK,iCAIL,IAAK,+BAQL,IAAK,4CAXH,OAAO,IAAIE,CACb,KAAK,+BAIL,IAAK,iCAQL,IAAK,mCAXH,OAAO,IAAIC,CAKb,KAAK,qBACH,OAAO,IAAIE,CACb,KAAK,2BACH,OAAO,IAAIC,CAKb,KAAK,yBACH,OAAO,IAAIF,CACb,KAAK,qBACH,OAAO,IAAIG,CACb,KAAK,wBACH,OAAO,IAAIC,CACb,KAAK,uBACH,OAAO,IAAIC,CACb,KAAK,yBACH,OAAO,IAAIC,CACb,KAAK,oBACH,OAAO,IAAIC,CACb,KAAK,oBACH,OAAO,IAAIC,CACb,KAAK,0BACH,OAAO,IAAIC,CACb,KAAK,cACH,OAAO,IAAIC,CACb,KAAK,0BACH,OAAO,IAAIC,CACb,KAAK,6BACH,OAAO,IAAIC,CACb,KAAK,sCACH,OAAO,IAAIC,CACb,KAAK,kCACH,OAAO,IAAIC,CACb,KAAK,4BACH,OAAO,IAAIC,CACb,KAAK,yBACH,OAAO,IAAIC,CACb,KAAK,gCACH,OAAO,IAAIC,CACb,KAAK,oBACH,OAAO,IAAIC,CACb,KAAK,6BACH,OAAO,IAAIC,CACb,KAAK,6CACH,OAAO,IAAIC,CACb,KAAK,qBACH,OAAO,IAAIC,CACb,SACE,OAAO,IAAIpC,EAAcE,EAC7B,CACF,8BkErhByC,AACvCu3B,IAEA,IAAM8C,EAAwC,CAC5C1I,UAAW,GACX2I,aAAc,GAKdC,cAAe,OAEfC,OAAQ,IAAIlC,GAAgB,AAC9B,EAGA,IAAK,IAAMmC,IADY,CAAC,YAAa,eAAe,CAChB,CAClC,IAAM51B,EAAQ0yB,EAAOpzB,GAAG,CAACs2B,GACzB,GAAI,CAAC51B,EACH,MAAO,CACL7E,MAAO,CAAC,+BAA+B,EAAEy6B,EAAM,gDAAgD,CAAC,CAChGhH,OAAQ4G,CACV,CAEFA,CAAAA,CAAe,CAACI,EAAM,CAAG51B,CAC3B,CAGA,IAAK,IAAM41B,IADkB,CAAC,gBAAiB,QAAS,iBAAkB,QAAS,QAAS,SAAS,CAC3D,CACxC,IAAM51B,EAAQ0yB,EAAOpzB,GAAG,CAACs2B,GACrB51B,IACE41B,AAAU,UAAVA,EACFJ,EAAgBG,MAAM,CAAG31B,EAAMwjB,KAAK,CAAC,KAAKzR,MAAM,CAAC8jB,SAEjDL,CAAe,CAACI,EAAM,CAAG51B,EAG/B,CAMA,OAJI0yB,EAAOoD,GAAG,CAAC,aACbN,CAAAA,EAAgBpkB,SAAS,CAAGshB,EAAOqD,MAAM,CAAC,WAAA,EAGrC,CAAE56B,MAAO,KAAMyzB,OAAQ4G,CAAgB,CAChD,2BAEsC,AACpC9C,IAEA,IAAMsD,EAAkC,CACtClJ,UAAW,GACXmJ,yBAA0B,EAC5B,EAGA,IAAK,IAAML,IADY,CAAC,YAAa,2BAA2B,CAC5B,CAClC,IAAM51B,EAAQ0yB,EAAOpzB,GAAG,CAACs2B,GACzB,GAAI,CAAC51B,EACH,MAAO,CACL7E,MAAO,CAAC,+BAA+B,EAAEy6B,EAAM,gDAAgD,CAAC,CAChGhH,OAAQoH,CACV,CAEFA,CAAAA,CAAY,CAACJ,EAAM,CAAG51B,CACxB,CAKA,OAHAg2B,EAAaE,aAAa,CAAGxD,EAAOpzB,GAAG,CAAC,kBAAoB3E,KAAAA,EAC5Dq7B,EAAapyB,KAAK,CAAG8uB,EAAOpzB,GAAG,CAAC,UAAY3E,KAAAA,EAErC,CAAEQ,MAAO,KAAMyzB,OAAQoH,CAAa,CAC7C","x_google_ignoreList":[5,6,7,8,9,50]}
|