@tdfc/sunbreak-react 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +9 -0
- package/README.md +17 -0
- package/dist/index.cjs +9 -0
- package/dist/index.d.cts +113 -0
- package/dist/index.d.ts +113 -0
- package/dist/index.mjs +6 -0
- package/package.json +80 -0
package/LICENSE
ADDED
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
Copyright (c) 2025 The Digital Finance Company. All rights reserved.
|
|
2
|
+
|
|
3
|
+
NOTICE: All information contained herein is, and remains the property of The Digital Finance Company. The intellectual and technical concepts contained herein are proprietary to The Digital Finance Company and are protected by trade secret or copyright law.
|
|
4
|
+
|
|
5
|
+
Dissemination of this information or reproduction of this material is strictly forbidden unless prior written permission is obtained from The Digital Finance Company.
|
|
6
|
+
|
|
7
|
+
This package is not open source. It is distributed via NPM for the sole purpose of integration
|
|
8
|
+
into authorized applications. Unauthorized copying, modification, distribution, or use of this
|
|
9
|
+
software is strictly prohibited.
|
package/README.md
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# Sunbreak React SDK
|
|
2
|
+
|
|
3
|
+
The official React client for the Sunbreak API.
|
|
4
|
+
|
|
5
|
+
This SDK seamlessly connects your application to Sunbreak, executing necessary checks in the background to provide real-time access verdicts based on your specific compliance policies.
|
|
6
|
+
|
|
7
|
+
## Documentation
|
|
8
|
+
|
|
9
|
+
Complete integration guides and API references are available at:
|
|
10
|
+
|
|
11
|
+
**[https://docs.sunbreak.com](https://docs.sunbreak.com)**
|
|
12
|
+
|
|
13
|
+
## Installation
|
|
14
|
+
|
|
15
|
+
```bash
|
|
16
|
+
npm install @tdfc/sunbreak-react
|
|
17
|
+
```
|
package/dist/index.cjs
ADDED
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var react = require('react');
|
|
4
|
+
var jsxRuntime = require('react/jsx-runtime');
|
|
5
|
+
|
|
6
|
+
var zr=Object.defineProperty;var Jt=e=>{throw TypeError(e)};var Xr=(e,t,r)=>t in e?zr(e,t,{enumerable:true,configurable:true,writable:true,value:r}):e[t]=r;var D=(e,t,r)=>Xr(e,typeof t!="symbol"?t+"":t,r),It=(e,t,r)=>t.has(e)||Jt("Cannot "+r);var d=(e,t,r)=>(It(e,t,"read from private field"),r?r.call(e):t.get(e)),M=(e,t,r)=>t.has(e)?Jt("Cannot add the same private member more than once"):t instanceof WeakSet?t.add(e):t.set(e,r),O=(e,t,r,n)=>(It(e,t,"write to private field"),t.set(e,r),r);var ke=async(e,t,r)=>{switch(e.name){case "custom":return {method:"provider_jwt",issuer:"custom",token:t,meta:r||{}};case "privy":return {method:"provider_jwt",issuer:"privy",token:t,meta:{app_id:e.appId}};case "dynamic":return e.expectedAud?{method:"provider_jwt",issuer:"dynamic",token:t,meta:{env_id:e.envId,expected_aud:e.expectedAud}}:{method:"provider_jwt",issuer:"dynamic",token:t,meta:{env_id:e.envId}};default:throw new Error(`Unknown adapter: ${e}`)}};var Yr="sunbreak-kv",Pe="kv",je="sunbreak_dpop_meta_v1",K="sunbreak_dpop_key_v1",ve="ES256",T="P-256",Ae=e=>`${je}:${e}`,_t=()=>new Promise((e,t)=>{let r=indexedDB.open(Yr,1);r.onupgradeneeded=()=>r.result.createObjectStore(Pe),r.onsuccess=()=>e(r.result),r.onerror=()=>t(r.error);}),J=async e=>{try{let t=await _t();return await new Promise((r,n)=>{let a=t.transaction(Pe,"readonly").objectStore(Pe).get(e);a.onsuccess=()=>r(a.result),a.onerror=()=>n(a.error);})}catch{return}},R=async(e,t)=>{let r=await _t();await new Promise((n,o)=>{let i=r.transaction(Pe,"readwrite").objectStore(Pe).put(t,e);i.onsuccess=()=>n(),i.onerror=()=>o(i.error);});};var Zr=e=>{let t=new URL(e);if(t.protocol!=="https:"&&t.hostname!=="localhost"&&t.hostname!=="127.0.0.1")throw new Error("Sunbreak: insecure base URL");return t.hash="",t.origin},Qr=e=>e.replace(/\/+$/,""),rt=e=>{let t=Qr(e);return Zr(t)};function ot(e){let t=new URL(e.baseUrl),r=t.host,n=e.meta.lastHost??null,o=en(n);return e.setLastHost(o),t.host=`${o}.${r}`,t.origin}var en=e=>{for(let t=0;t<nt.length;t++){let r=nt[Math.floor(Math.random()*nt.length)].toLowerCase();if(r!==e)return r}return "alpha"},nt=["Alpha","Bravo","Charlie","Delta","Echo","Foxtrot","Golf","Hotel","India","Juliett","Kilo","Lima","Mike","November","Oscar","Papa","Quebec","Romeo","Sierra","Tango","Uniform","Victor","Whiskey","X-ray","Yankee","Zulu"];var j=(e,t)=>{let r={clientId:e.clientId,wallet:e.wallet,ifPolicyHash:e.meta.lastPolicyHash||void 0,ifPolicyProof:e.meta.lastPolicyProof||void 0,...t};Object.keys(r).forEach(o=>r[o]===void 0&&delete r[o]);let n=JSON.stringify(r);return btoa(n)};var tn=new Set(["connection","keep-alive","proxy-authenticate","proxy-authorization","te","trailer","transfer-encoding","upgrade","via"]),rn=new Set(["user-agent","referer","origin","host","content-length","sec-fetch-site","sec-fetch-mode","sec-fetch-dest","sec-fetch-user","sec-ch-ua","sec-ch-ua-mobile","sec-ch-ua-platform","sec-ch-ua-platform-version","sec-ch-ua-full-version","sec-ch-ua-arch","sec-ch-ua-model","sec-ch-ua-bitness","cookie","set-cookie"]),nn=new Set(["dpop","x-sunbreak-meta"]),on=64,Wt=2048,an=64;function at(e){let t={};if(!e)return t;let r=e instanceof Headers?Array.from(e.entries()):Object.entries(e),n=0;for(let[o,a]of r){if(n>=an)break;if(o==null||a==null)continue;let i=String(o).toLowerCase().trim();if(!i||i.length>on||tn.has(i)||rn.has(i)||nn.has(i))continue;let c=String(a);c.length>Wt&&(c=c.slice(0,Wt)),t[i]=c,n++;}return t}var X=new TextEncoder,ye=new TextDecoder;function Dt(...e){let t=e.reduce((o,{length:a})=>o+a,0),r=new Uint8Array(t),n=0;for(let o of e)r.set(o,n),n+=o.length;return r}function Lt(e){if(Uint8Array.prototype.toBase64)return e.toBase64();let t=32768,r=[];for(let n=0;n<e.length;n+=t)r.push(String.fromCharCode.apply(null,e.subarray(n,n+t)));return btoa(r.join(""))}function Ht(e){if(Uint8Array.fromBase64)return Uint8Array.fromBase64(e);let t=atob(e),r=new Uint8Array(t.length);for(let n=0;n<t.length;n++)r[n]=t.charCodeAt(n);return r}function Mt(e){if(Uint8Array.fromBase64)return Uint8Array.fromBase64(typeof e=="string"?e:ye.decode(e),{alphabet:"base64url"});let t=e;t instanceof Uint8Array&&(t=ye.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return Ht(t)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}}function Ue(e){let t=e;return typeof t=="string"&&(t=X.encode(t)),Uint8Array.prototype.toBase64?t.toBase64({alphabet:"base64url",omitPadding:true}):Lt(t).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}var ce=class extends Error{constructor(r,n){super(r,n);D(this,"code","ERR_JOSE_GENERIC");this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor);}};D(ce,"code","ERR_JOSE_GENERIC");var _=class extends ce{constructor(){super(...arguments);D(this,"code","ERR_JOSE_NOT_SUPPORTED");}};D(_,"code","ERR_JOSE_NOT_SUPPORTED");var Y=class extends ce{constructor(){super(...arguments);D(this,"code","ERR_JWS_INVALID");}};D(Y,"code","ERR_JWS_INVALID");var Ke=class extends ce{constructor(){super(...arguments);D(this,"code","ERR_JWT_INVALID");}};D(Ke,"code","ERR_JWT_INVALID");var Ot,jt,it=class extends(jt=ce,Ot=Symbol.asyncIterator,jt){constructor(r="multiple matching keys found in the JSON Web Key Set",n){super(r,n);D(this,Ot);D(this,"code","ERR_JWKS_MULTIPLE_MATCHING_KEYS");}};D(it,"code","ERR_JWKS_MULTIPLE_MATCHING_KEYS");function B(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function me(e,t){return e.name===t}function st(e){return parseInt(e.name.slice(4),10)}function un(e){switch(e){case "ES256":return "P-256";case "ES384":return "P-384";case "ES512":return "P-521";default:throw new Error("unreachable")}}function ln(e,t){if(!e.usages.includes(t))throw new TypeError(`CryptoKey does not support this operation, its usages must include ${t}.`)}function Ut(e,t,r){switch(t){case "HS256":case "HS384":case "HS512":{if(!me(e.algorithm,"HMAC"))throw B("HMAC");let n=parseInt(t.slice(2),10);if(st(e.algorithm.hash)!==n)throw B(`SHA-${n}`,"algorithm.hash");break}case "RS256":case "RS384":case "RS512":{if(!me(e.algorithm,"RSASSA-PKCS1-v1_5"))throw B("RSASSA-PKCS1-v1_5");let n=parseInt(t.slice(2),10);if(st(e.algorithm.hash)!==n)throw B(`SHA-${n}`,"algorithm.hash");break}case "PS256":case "PS384":case "PS512":{if(!me(e.algorithm,"RSA-PSS"))throw B("RSA-PSS");let n=parseInt(t.slice(2),10);if(st(e.algorithm.hash)!==n)throw B(`SHA-${n}`,"algorithm.hash");break}case "Ed25519":case "EdDSA":{if(!me(e.algorithm,"Ed25519"))throw B("Ed25519");break}case "ML-DSA-44":case "ML-DSA-65":case "ML-DSA-87":{if(!me(e.algorithm,t))throw B(t);break}case "ES256":case "ES384":case "ES512":{if(!me(e.algorithm,"ECDSA"))throw B("ECDSA");let n=un(t);if(e.algorithm.namedCurve!==n)throw B(n,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}ln(e,r);}function $t(e,t,...r){if(r=r.filter(Boolean),r.length>2){let n=r.pop();e+=`one of type ${r.join(", ")}, or ${n}.`;}else r.length===2?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return t==null?e+=` Received ${t}`:typeof t=="function"&&t.name?e+=` Received function ${t.name}`:typeof t=="object"&&t!=null&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}var Nt=(e,...t)=>$t("Key must be ",e,...t);function ct(e,t,...r){return $t(`Key for the ${e} algorithm must be `,t,...r)}function ut(e){return e?.[Symbol.toStringTag]==="CryptoKey"}function lt(e){return e?.[Symbol.toStringTag]==="KeyObject"}var ft=e=>ut(e)||lt(e);var Bt=(...e)=>{let t=e.filter(Boolean);if(t.length===0||t.length===1)return true;let r;for(let n of t){let o=Object.keys(n);if(!r||r.size===0){r=new Set(o);continue}for(let a of o){if(r.has(a))return false;r.add(a);}}return true};function fn(e){return typeof e=="object"&&e!==null}var $e=e=>{if(!fn(e)||Object.prototype.toString.call(e)!=="[object Object]")return false;if(Object.getPrototypeOf(e)===null)return true;let t=e;for(;Object.getPrototypeOf(t)!==null;)t=Object.getPrototypeOf(t);return Object.getPrototypeOf(e)===t};var Ft=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){let{modulusLength:r}=t.algorithm;if(typeof r!="number"||r<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function dn(e){let t,r;switch(e.kty){case "AKP":{switch(e.alg){case "ML-DSA-44":case "ML-DSA-65":case "ML-DSA-87":t={name:e.alg},r=e.priv?["sign"]:["verify"];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case "RSA":{switch(e.alg){case "PS256":case "PS384":case "PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case "RS256":case "RS384":case "RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case "RSA-OAEP":case "RSA-OAEP-256":case "RSA-OAEP-384":case "RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case "EC":{switch(e.alg){case "ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case "ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case "ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case "ECDH-ES":case "ECDH-ES+A128KW":case "ECDH-ES+A192KW":case "ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case "OKP":{switch(e.alg){case "Ed25519":case "EdDSA":t={name:"Ed25519"},r=e.d?["sign"]:["verify"];break;case "ECDH-ES":case "ECDH-ES+A128KW":case "ECDH-ES+A192KW":case "ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}default:throw new _('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return {algorithm:t,keyUsages:r}}var Vt=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');let{algorithm:t,keyUsages:r}=dn(e),n={...e};return n.kty!=="AKP"&&delete n.alg,delete n.use,crypto.subtle.importKey("jwk",n,t,e.ext??!(e.d||e.priv),e.key_ops??r)};var Gt=(e,t,r,n,o)=>{if(o.crit!==void 0&&n?.crit===void 0)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||n.crit===void 0)return new Set;if(!Array.isArray(n.crit)||n.crit.length===0||n.crit.some(i=>typeof i!="string"||i.length===0))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let a;r!==void 0?a=new Map([...Object.entries(r),...t.entries()]):a=t;for(let i of n.crit){if(!a.has(i))throw new _(`Extension Header Parameter "${i}" is not recognized`);if(o[i]===void 0)throw new e(`Extension Header Parameter "${i}" is missing`);if(a.get(i)&&n[i]===void 0)throw new e(`Extension Header Parameter "${i}" MUST be integrity protected`)}return new Set(n.crit)};function xe(e){return $e(e)&&typeof e.kty=="string"}function qt(e){return e.kty!=="oct"&&(e.kty==="AKP"&&typeof e.priv=="string"||typeof e.d=="string")}function zt(e){return e.kty!=="oct"&&typeof e.d>"u"&&typeof e.priv>"u"}function Xt(e){return e.kty==="oct"&&typeof e.k=="string"}var we,Yt=async(e,t,r,n=false)=>{we||(we=new WeakMap);let o=we.get(e);if(o?.[r])return o[r];let a=await Vt({...t,alg:r});return n&&Object.freeze(e),o?o[r]=a:we.set(e,{[r]:a}),a},yn=(e,t)=>{we||(we=new WeakMap);let r=we.get(e);if(r?.[t])return r[t];let n=e.type==="public",o=!!n,a;if(e.asymmetricKeyType==="x25519"){switch(t){case "ECDH-ES":case "ECDH-ES+A128KW":case "ECDH-ES+A192KW":case "ECDH-ES+A256KW":break;default:throw new TypeError("given KeyObject instance cannot be used for this algorithm")}a=e.toCryptoKey(e.asymmetricKeyType,o,n?[]:["deriveBits"]);}if(e.asymmetricKeyType==="ed25519"){if(t!=="EdDSA"&&t!=="Ed25519")throw new TypeError("given KeyObject instance cannot be used for this algorithm");a=e.toCryptoKey(e.asymmetricKeyType,o,[n?"verify":"sign"]);}switch(e.asymmetricKeyType){case "ml-dsa-44":case "ml-dsa-65":case "ml-dsa-87":{if(t!==e.asymmetricKeyType.toUpperCase())throw new TypeError("given KeyObject instance cannot be used for this algorithm");a=e.toCryptoKey(e.asymmetricKeyType,o,[n?"verify":"sign"]);}}if(e.asymmetricKeyType==="rsa"){let i;switch(t){case "RSA-OAEP":i="SHA-1";break;case "RS256":case "PS256":case "RSA-OAEP-256":i="SHA-256";break;case "RS384":case "PS384":case "RSA-OAEP-384":i="SHA-384";break;case "RS512":case "PS512":case "RSA-OAEP-512":i="SHA-512";break;default:throw new TypeError("given KeyObject instance cannot be used for this algorithm")}if(t.startsWith("RSA-OAEP"))return e.toCryptoKey({name:"RSA-OAEP",hash:i},o,n?["encrypt"]:["decrypt"]);a=e.toCryptoKey({name:t.startsWith("PS")?"RSA-PSS":"RSASSA-PKCS1-v1_5",hash:i},o,[n?"verify":"sign"]);}if(e.asymmetricKeyType==="ec"){let c=new Map([["prime256v1","P-256"],["secp384r1","P-384"],["secp521r1","P-521"]]).get(e.asymmetricKeyDetails?.namedCurve);if(!c)throw new TypeError("given KeyObject instance cannot be used for this algorithm");t==="ES256"&&c==="P-256"&&(a=e.toCryptoKey({name:"ECDSA",namedCurve:c},o,[n?"verify":"sign"])),t==="ES384"&&c==="P-384"&&(a=e.toCryptoKey({name:"ECDSA",namedCurve:c},o,[n?"verify":"sign"])),t==="ES512"&&c==="P-521"&&(a=e.toCryptoKey({name:"ECDSA",namedCurve:c},o,[n?"verify":"sign"])),t.startsWith("ECDH-ES")&&(a=e.toCryptoKey({name:"ECDH",namedCurve:c},o,n?[]:["deriveBits"]));}if(!a)throw new TypeError("given KeyObject instance cannot be used for this algorithm");return r?r[t]=a:we.set(e,{[t]:a}),a},Zt=async(e,t)=>{if(e instanceof Uint8Array||ut(e))return e;if(lt(e)){if(e.type==="secret")return e.export();if("toCryptoKey"in e&&typeof e.toCryptoKey=="function")try{return yn(e,t)}catch(n){if(n instanceof TypeError)throw n}let r=e.export({format:"jwk"});return Yt(e,r,t)}if(xe(e))return e.k?Mt(e.k):Yt(e,e,t,true);throw new Error("unreachable")};var he=e=>e?.[Symbol.toStringTag],dt=(e,t,r)=>{if(t.use!==void 0){let n;switch(r){case "sign":case "verify":n="sig";break;case "encrypt":case "decrypt":n="enc";break}if(t.use!==n)throw new TypeError(`Invalid key for this operation, its "use" must be "${n}" when present`)}if(t.alg!==void 0&&t.alg!==e)throw new TypeError(`Invalid key for this operation, its "alg" must be "${e}" when present`);if(Array.isArray(t.key_ops)){let n;switch(true){case(r==="sign"):case e==="dir":case e.includes("CBC-HS"):n=r;break;case e.startsWith("PBES2"):n="deriveBits";break;case /^A\d{3}(?:GCM)?(?:KW)?$/.test(e):!e.includes("GCM")&&e.endsWith("KW")?n="unwrapKey":n=r;break;case(r==="encrypt"):n="wrapKey";break;case r==="decrypt":n=e.startsWith("RSA")?"unwrapKey":"deriveBits";break}if(n&&t.key_ops?.includes?.(n)===false)throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${n}" when present`)}return true},mn=(e,t,r)=>{if(!(t instanceof Uint8Array)){if(xe(t)){if(Xt(t)&&dt(e,t,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!ft(t))throw new TypeError(ct(e,t,"CryptoKey","KeyObject","JSON Web Key","Uint8Array"));if(t.type!=="secret")throw new TypeError(`${he(t)} instances for symmetric algorithms must be of type "secret"`)}},wn=(e,t,r)=>{if(xe(t))switch(r){case "decrypt":case "sign":if(qt(t)&&dt(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case "encrypt":case "verify":if(zt(t)&&dt(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!ft(t))throw new TypeError(ct(e,t,"CryptoKey","KeyObject","JSON Web Key"));if(t.type==="secret")throw new TypeError(`${he(t)} instances for asymmetric algorithms must not be of type "secret"`);if(t.type==="public")switch(r){case "sign":throw new TypeError(`${he(t)} instances for asymmetric algorithm signing must be of type "private"`);case "decrypt":throw new TypeError(`${he(t)} instances for asymmetric algorithm decryption must be of type "private"`);}if(t.type==="private")switch(r){case "verify":throw new TypeError(`${he(t)} instances for asymmetric algorithm verifying must be of type "public"`);case "encrypt":throw new TypeError(`${he(t)} instances for asymmetric algorithm encryption must be of type "public"`);}},Qt=(e,t,r)=>{e.startsWith("HS")||e==="dir"||e.startsWith("PBES2")||/^A(?:128|192|256)(?:GCM)?(?:KW)?$/.test(e)||/^A(?:128|192|256)CBC-HS(?:256|384|512)$/.test(e)?mn(e,t,r):wn(e,t,r);};var er=(e,t)=>{let r=`SHA-${e.slice(-3)}`;switch(e){case "HS256":case "HS384":case "HS512":return {hash:r,name:"HMAC"};case "PS256":case "PS384":case "PS512":return {hash:r,name:"RSA-PSS",saltLength:parseInt(e.slice(-3),10)>>3};case "RS256":case "RS384":case "RS512":return {hash:r,name:"RSASSA-PKCS1-v1_5"};case "ES256":case "ES384":case "ES512":return {hash:r,name:"ECDSA",namedCurve:t.namedCurve};case "Ed25519":case "EdDSA":return {name:"Ed25519"};case "ML-DSA-44":case "ML-DSA-65":case "ML-DSA-87":return {name:e};default:throw new _(`alg ${e} is not supported either by JOSE or your javascript runtime`)}};var tr=async(e,t,r)=>{if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(Nt(t,"CryptoKey","KeyObject","JSON Web Key"));return crypto.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},false,[r])}return Ut(t,e,r),t};var te=e=>Math.floor(e.getTime()/1e3);var hn=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,Ne=e=>{let t=hn.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");let r=parseFloat(t[2]),n=t[3].toLowerCase(),o;switch(n){case "sec":case "secs":case "second":case "seconds":case "s":o=Math.round(r);break;case "minute":case "minutes":case "min":case "mins":case "m":o=Math.round(r*60);break;case "hour":case "hours":case "hr":case "hrs":case "h":o=Math.round(r*3600);break;case "day":case "days":case "d":o=Math.round(r*86400);break;case "week":case "weeks":case "w":o=Math.round(r*604800);break;default:o=Math.round(r*31557600);break}return t[1]==="-"||t[4]==="ago"?-o:o};function ue(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}var k,Be=class{constructor(t){M(this,k);if(!$e(t))throw new TypeError("JWT Claims Set MUST be an object");O(this,k,structuredClone(t));}data(){return X.encode(JSON.stringify(d(this,k)))}get iss(){return d(this,k).iss}set iss(t){d(this,k).iss=t;}get sub(){return d(this,k).sub}set sub(t){d(this,k).sub=t;}get aud(){return d(this,k).aud}set aud(t){d(this,k).aud=t;}set jti(t){d(this,k).jti=t;}set nbf(t){typeof t=="number"?d(this,k).nbf=ue("setNotBefore",t):t instanceof Date?d(this,k).nbf=ue("setNotBefore",te(t)):d(this,k).nbf=te(new Date)+Ne(t);}set exp(t){typeof t=="number"?d(this,k).exp=ue("setExpirationTime",t):t instanceof Date?d(this,k).exp=ue("setExpirationTime",te(t)):d(this,k).exp=te(new Date)+Ne(t);}set iat(t){typeof t>"u"?d(this,k).iat=te(new Date):t instanceof Date?d(this,k).iat=ue("setIssuedAt",te(t)):typeof t=="string"?d(this,k).iat=ue("setIssuedAt",te(new Date)+Ne(t)):d(this,k).iat=ue("setIssuedAt",t);}};k=new WeakMap;var rr=async(e,t,r)=>{let n=await tr(e,t,"sign");Ft(e,n);let o=await crypto.subtle.sign(er(e,n.algorithm),n,r);return new Uint8Array(o)};var Ce,W,F,Fe=class{constructor(t){M(this,Ce);M(this,W);M(this,F);if(!(t instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");O(this,Ce,t);}setProtectedHeader(t){if(d(this,W))throw new TypeError("setProtectedHeader can only be called once");return O(this,W,t),this}setUnprotectedHeader(t){if(d(this,F))throw new TypeError("setUnprotectedHeader can only be called once");return O(this,F,t),this}async sign(t,r){if(!d(this,W)&&!d(this,F))throw new Y("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!Bt(d(this,W),d(this,F)))throw new Y("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");let n={...d(this,W),...d(this,F)},o=Gt(Y,new Map([["b64",true]]),r?.crit,d(this,W),n),a=true;if(o.has("b64")&&(a=d(this,W).b64,typeof a!="boolean"))throw new Y('The "b64" (base64url-encode payload) Header Parameter must be a boolean');let{alg:i}=n;if(typeof i!="string"||!i)throw new Y('JWS "alg" (Algorithm) Header Parameter missing or invalid');Qt(i,t,"sign");let c=d(this,Ce);a&&(c=X.encode(Ue(c)));let s;d(this,W)?s=X.encode(Ue(JSON.stringify(d(this,W)))):s=X.encode("");let u=Dt(s,X.encode("."),c),l=await Zt(t,i),p=await rr(i,l,u),m={signature:Ue(p),payload:""};return a&&(m.payload=ye.decode(c)),d(this,F)&&(m.header=d(this,F)),d(this,W)&&(m.protected=ye.decode(s)),m}};Ce=new WeakMap,W=new WeakMap,F=new WeakMap;var be,Ve=class{constructor(t){M(this,be);O(this,be,new Fe(t));}setProtectedHeader(t){return d(this,be).setProtectedHeader(t),this}async sign(t,r){let n=await d(this,be).sign(t,r);if(n.payload===void 0)throw new TypeError("use the flattened module for creating JWS with b64: false");return `${n.protected}.${n.payload}.${n.signature}`}};be=new WeakMap;var re,L,le=class{constructor(t={}){M(this,re);M(this,L);O(this,L,new Be(t));}setIssuer(t){return d(this,L).iss=t,this}setSubject(t){return d(this,L).sub=t,this}setAudience(t){return d(this,L).aud=t,this}setJti(t){return d(this,L).jti=t,this}setNotBefore(t){return d(this,L).nbf=t,this}setExpirationTime(t){return d(this,L).exp=t,this}setIssuedAt(t){return d(this,L).iat=t,this}setProtectedHeader(t){return O(this,re,t),this}async sign(t,r){let n=new Ve(d(this,L).data());if(n.setProtectedHeader(d(this,re)),Array.isArray(d(this,re)?.crit)&&d(this,re).crit.includes("b64")&&d(this,re).b64===false)throw new Ke("JWTs MUST NOT use unencoded payload");return n.sign(t,r)}};re=new WeakMap,L=new WeakMap;var bn=e=>btoa(String.fromCharCode(...new Uint8Array(e))).replaceAll("+","-").replaceAll("/","_").replaceAll("=",""),Ge=async e=>{let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return bn(r)},U=async e=>{let{method:t,url:r,nonce:n,ath:o,privateKey:a,publicJwk:i}=e,c={htm:t.toUpperCase(),htu:r,jti:crypto.randomUUID(),iat:Math.floor(Date.now()/1e3)};return n&&(c.nonce=n),o&&(c.ath=o),await new le(c).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:i}).sign(a)};var $=async e=>{let t={crv:e.crv,kty:"EC",x:e.x,y:e.y},r=JSON.stringify(t),n=new TextEncoder().encode(r),o=await crypto.subtle.digest("SHA-256",n);return btoa(String.fromCharCode(...new Uint8Array(o))).replaceAll("+","-").replaceAll("/","_").replaceAll("=","")};async function Te(e){let{rootPrivateKey:t,rootPublicJwk:r,childJkt:n,clientId:o,sid:a,ttlSec:i=300}=e,c=Math.floor(Date.now()/1e3),s=c+Math.max(60,Math.min(i,3600)),u={child_jkt:n,client_id:o,aud:"issuer",iat:c,exp:s,jti:crypto.randomUUID()};return a&&(u.sid=a),await new le(u).setProtectedHeader({alg:"ES256",typ:"pode+jwt",jwk:r}).sign(t)}function Je(e,t=300){return e.replace(/<[^>]*>/g,"").slice(0,t)}async function Ie(e){let t=e.status,r=Array.from(e.headers.keys()).some(c=>c.toLowerCase().startsWith("x-amzn-waf")),n,o,a=e.headers.get("content-type")||"";if(a.includes("application/json"))try{let c=await e.clone().json();n=typeof c?.error=="string"?c.error:void 0,o=typeof c?.detail=="string"?c.detail:void 0;}catch{}let i=t===403&&!r&&!a.includes("application/json");return {status:t,code:n,detail:o,waf:r,alb403:i}}function fe(e,t){let r=new Error(e);return r.status=t.status,r.code=t.code,r.detail=t.detail,r.waf=t.waf,r.alb403=t.alb403,r}var Se={boundWallet:null,clientId:null,jkt:null,refreshId:null,lastPolicyHash:null,lastPolicyProof:null,lastHost:null,rootJkt:null},pt=react.createContext(void 0);function sr(e){try{return JSON.parse(localStorage.getItem(e)||"null")??Se}catch{return Se}}function gn(e,t){try{localStorage.setItem(e,JSON.stringify(t));}catch{}}var yt=({children:e,clientId:t})=>{let[r,n]=react.useState(Se),o=react.useRef(false),[a,i]=react.useState(false),c=react.useMemo(()=>Ae(t),[t]);react.useEffect(()=>{let f=true;return (async()=>{let x=await J(c)??await J(je)??sr(c);f&&(n({...Se,...x}),o.current=true,i(true));})(),()=>{f=false;}},[c]),react.useEffect(()=>{o.current&&(async()=>(await R(c,r),gn(c,r)))();},[r,c]);let s=react.useCallback(f=>n(y=>({...y,refreshId:f})),[]),u=react.useCallback(f=>n(y=>({...y,lastPolicyHash:f})),[]),l=react.useCallback(f=>n(y=>({...y,lastPolicyProof:f})),[]),p=react.useCallback(f=>n(y=>({...y,lastHost:f})),[]),m=react.useCallback(f=>n(y=>({...y,rootJkt:f})),[]),h=async()=>{try{let f=localStorage.getItem(c);if(f){let y=JSON.parse(f);if(typeof y?.refreshId=="string"&&y.refreshId)return y.refreshId}}catch{}try{let f=await J(c);if(typeof f?.refreshId=="string"&&f.refreshId)return f.refreshId}catch{}return null},S=react.useCallback(f=>n(y=>({...y,boundWallet:f})),[]),g=react.useCallback(f=>n(y=>({...y,clientId:f})),[]),E=react.useCallback(f=>n(y=>({...y,jkt:f})),[]),A=react.useCallback(()=>n(Se),[]),b=react.useCallback(async()=>{let y=await J(c)??sr(c);n({...Se,...y});},[]),w=react.useMemo(()=>({meta:r,setBoundWallet:S,setClientId:g,setJkt:E,resetMeta:A,reload:b,setRefreshId:s,getRefreshId:h,ready:a,setLastPolicyHash:u,setLastPolicyProof:l,setLastHost:p,setRootJkt:m}),[r,S,g,E,A,b,a,s,h,u,l,p,m]);return jsxRuntime.jsx(pt.Provider,{value:w,children:e})};function mt(){let e=react.useContext(pt);if(!e)throw new Error("useMeta must be used within <MetaProvider>");return e}var ur=`${K}:wrap`;async function wt(){try{let e=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},!0,["sign","verify"]),t=`${K}:probe`;await R(t,{fmt:"cryptokey",privKey:e.privateKey});let r=await J(t);return await R(t,void 0),!!(r&&r.privKey)}catch{return false}}function ge(e){let t={...e};return delete t.d,t.kty="EC",t.crv=T,t.alg=ve,t.use="sig",t}async function lr(){let e=await J(ur);if(!e){let t=new Uint8Array(32);crypto.getRandomValues(t),e=t.buffer,await R(ur,e);}return crypto.subtle.importKey("raw",e,{name:"AES-GCM",length:256},false,["encrypt","decrypt"])}async function ht(e){let t=await lr(),r=new Uint8Array(12);crypto.getRandomValues(r);let n=new TextEncoder().encode(JSON.stringify(e));return {encPrivJwk:await crypto.subtle.encrypt({name:"AES-GCM",iv:r},t,n),iv:r.buffer}}async function Pn(e,t){let r=await lr(),n=await crypto.subtle.decrypt({name:"AES-GCM",iv:t},r,e);return JSON.parse(new TextDecoder().decode(new Uint8Array(n)))}var bt=()=>{let e=react.useRef(null),t=react.useRef(null),r=react.useCallback(async()=>{let s=await J(K);if(!s)return false;if(s.fmt==="cryptokey"){let l=s;return l.privKey?(e.current=l.privKey,t.current=ge(l.pubJwk),true):(await R(K,void 0),false)}if(s.fmt==="encjwk"){let l=s;try{let p=await Pn(l.encPrivJwk,l.iv),m=await crypto.subtle.importKey("jwk",p,{name:"ECDSA",namedCurve:T},!1,["sign"]);return e.current=m,t.current=ge(l.pubJwk),!0}catch{return await R(K,void 0),false}}let u=s;if(u&&u.d)if(await wt()){let p=await crypto.subtle.importKey("jwk",u,{name:"ECDSA",namedCurve:T},false,["sign"]),{d:m,...h}=u,S=ge(h);return await R(K,{fmt:"cryptokey",privKey:p,pubJwk:S}),e.current=p,t.current=S,true}else {let{d:p,...m}=u,h=ge(m),{encPrivJwk:S,iv:g}=await ht(u);await R(K,{fmt:"encjwk",encPrivJwk:S,iv:g,pubJwk:h});let E=await crypto.subtle.importKey("jwk",u,{name:"ECDSA",namedCurve:T},false,["sign"]);return e.current=E,t.current=h,true}return await R(K,void 0),false},[]),n=react.useCallback(async(s,u)=>{await R(K,{fmt:"cryptokey",privKey:s,pubJwk:u});},[]),o=react.useCallback(async(s,u)=>{let{encPrivJwk:l,iv:p}=await ht(s);await R(K,{fmt:"encjwk",encPrivJwk:l,iv:p,pubJwk:u});},[]),a=react.useCallback(async()=>{if(e.current&&t.current||await r())return;let s=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},true,["sign","verify"]),u=ge(await crypto.subtle.exportKey("jwk",s.publicKey));if(await wt())await n(s.privateKey,u),e.current=s.privateKey,t.current=u;else {let l=await crypto.subtle.exportKey("jwk",s.privateKey);await o(l,u),e.current=s.privateKey,t.current=u;}},[r,n,o]),i=react.useCallback(async()=>{let s=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},true,["sign","verify"]),u=ge(await crypto.subtle.exportKey("jwk",s.publicKey));if(await wt())await R(K,{fmt:"cryptokey",privKey:s.privateKey,pubJwk:u});else {let l=await crypto.subtle.exportKey("jwk",s.privateKey),{encPrivJwk:p,iv:m}=await ht(l);await R(K,{fmt:"encjwk",encPrivJwk:p,iv:m,pubJwk:u});}e.current=s.privateKey,t.current=u;},[]),c=react.useCallback(async()=>{await R(K,void 0),e.current=null,t.current=null;},[]);return {ensureKeypair:a,rotate:i,clear:c,privRef:e,pubJwkRef:t}};var Z="sunbreak_root_key_v1",dr=`${Z}:wrap`;async function vn(){try{let e=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},!0,["sign","verify"]),t=`${Z}:probe`;await R(t,{fmt:"cryptokey",privKey:e.privateKey,createdAt:Date.now(),pubJwk:{}});let r=await J(t);return await R(t,void 0),!!(r&&r.privKey)}catch{return false}}function Rt(e){let t={...e};return delete t.d,t.kty="EC",t.crv=T,t.alg=ve,t.use="sig",t}async function pr(){let e=await J(dr);if(!e){let t=new Uint8Array(32);crypto.getRandomValues(t),e=t.buffer,await R(dr,e);}return crypto.subtle.importKey("raw",e,{name:"AES-GCM",length:256},false,["encrypt","decrypt"])}async function An(e){let t=await pr(),r=new Uint8Array(12);crypto.getRandomValues(r);let n=new TextEncoder().encode(JSON.stringify(e));return {encPrivJwk:await crypto.subtle.encrypt({name:"AES-GCM",iv:r},t,n),iv:r.buffer}}async function Kn(e,t){let r=await pr(),n=await crypto.subtle.decrypt({name:"AES-GCM",iv:t},r,e);return JSON.parse(new TextDecoder().decode(new Uint8Array(n)))}var gt=()=>{let e=react.useRef(null),t=react.useRef(null),r=react.useCallback(async()=>{let a=await J(Z);if(!a)return false;if(a.fmt==="cryptokey"){let i=a;return i.privKey?(e.current=i.privKey,t.current=Rt(i.pubJwk),true):(await R(Z,void 0),false)}if(a.fmt==="encjwk"){let i=a;try{let c=await Kn(i.encPrivJwk,i.iv),s=await crypto.subtle.importKey("jwk",c,{name:"ECDSA",namedCurve:T},!1,["sign"]);return e.current=s,t.current=Rt(i.pubJwk),!0}catch{return await R(Z,void 0),false}}return await R(Z,void 0),false},[]),n=react.useCallback(async()=>{if(e.current&&t.current||await r())return;let a=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},true,["sign","verify"]),i=Rt(await crypto.subtle.exportKey("jwk",a.publicKey)),c=Date.now();if(await vn())await R(Z,{fmt:"cryptokey",privKey:a.privateKey,pubJwk:i,createdAt:c});else {let s=await crypto.subtle.exportKey("jwk",a.privateKey),{encPrivJwk:u,iv:l}=await An(s);await R(Z,{fmt:"encjwk",encPrivJwk:u,iv:l,pubJwk:i,createdAt:c});}e.current=a.privateKey,t.current=i;},[r]),o=react.useCallback(async()=>{await R(Z,void 0),e.current=null,t.current=null;},[]);return {ensureRootKeypair:n,clear:o,rootPrivRef:e,rootPubJwkRef:t}};var xn=()=>crypto.randomUUID(),yr=e=>{let{clientId:t,wallet:r,base:n="https://api.tdfc.com",fetchImpl:o,timeoutMs:a=15e3,proof:i=null,providerAdapter:c,refreshDeps:s=[]}=e,u=rt(n),l=typeof window<"u"?(o??fetch).bind(window):o??fetch,{meta:p,setBoundWallet:m,setJkt:h,setRefreshId:S,getRefreshId:g,setLastPolicyHash:E,setLastPolicyProof:A,setLastHost:b,setRootJkt:w,ready:f}=mt(),{ensureRootKeypair:y,rootPrivRef:x,rootPubJwkRef:oe}=gt(),Q=react.useCallback(async()=>{await y();try{if(!p.rootJkt&&oe.current){let se=await $(oe.current);w(se);}}catch{}},[y,p.rootJkt,oe]),{ensureKeypair:Ee,rotate:P,privRef:We,pubJwkRef:De}=bt(),[vt,C]=react.useState(false),[N,H]=react.useState(0),[z,ae]=react.useState(null),[ee,Xe]=react.useState(null),[Ye,At]=react.useState(null),[vr,Ar]=react.useState(null),[Kr,xr]=react.useState(null),[Cr,Tr]=react.useState(null),Jr=react.useRef(null),Ir=react.useRef(null),_r=react.useRef(null),Wr=react.useRef(null),Dr=react.useRef(null),Lr=react.useRef(null),Hr=react.useRef(null),Mr=react.useRef(false),Or=react.useRef(false),jr=react.useRef(void 0),Le=react.useRef(false),Ze=react.useRef(false),Kt=react.useRef(null),ie=react.useRef(null);ie.current||(ie.current=new Promise(se=>{Kt.current=se;}));let Qe=react.useRef(null),Ur=react.useRef(i),He=react.useRef(null),xt=react.useRef(null),Me=react.useRef(null),Ct=()=>Date.now(),$r=()=>(Me.current??0)>0&&Me.current<Ct(),et=react.useCallback((se,qr=15e3)=>{let Tt=xn();return He.current=Tt,xt.current=se,Me.current=Ct()+Math.max(1e3,qr),Tt},[]),Nr=react.useCallback(()=>((!He.current||$r())&&et("adhoc",1e4),He.current),[et]),tt=react.useRef(null),Oe=react.useRef(null);Oe.current||(Oe.current=new Promise(se=>{tt.current=se;}));let Br=react.useCallback(async()=>{!Le.current&&Oe.current&&await Oe.current;},[]),Fr=react.useCallback(()=>{Le.current||(Le.current=true,tt.current?.(),tt.current=null);},[]),Vr=react.useCallback(async()=>{!Ze.current&&ie.current&&await ie.current;},[]),Gr=react.useCallback(async()=>{!Ze.current&&ie.current&&await ie.current,Qe.current&&await Qe.current;},[]);return {clientId:t,wallet:r,baseUrl:u,fetchImpl:l,timeoutMs:a,providerAdapter:c,refreshDeps:s,ensureKeypair:Ee,rotate:P,ensureRootKeypair:Q,rootPrivRef:x,rootPubJwkRef:oe,privRef:We,pubJwkRef:De,meta:p,setBoundWallet:m,setJkt:h,setRefreshId:S,accessTokenRef:_r,tokenExpRef:Wr,authenticated:vt,setAuthenticated:C,loadingCount:N,setLoadingCount:H,error:z,setError:ae,allowed:ee,setAllowed:Xe,denyReason:Ye,setDenyReason:At,sessionExpiry:vr,setSessionExpiry:Ar,sessionData:Kr,setSessionData:xr,verifyData:Cr,setVerifyData:Tr,authWalletRef:Ir,refreshLock:Dr,registerLock:Lr,sessionLock:Hr,didInitialRefresh:Mr,didInitialSession:Or,prevWalletRef:jr,initResolvedRef:Ze,initReady:ie,initResolveRef:Kt,rotateLock:Qe,waitReady:Vr,awaitKeyStable:Gr,proofRef:Ur,registerCooldownUntilRef:Jr,reqIdRef:He,flowLabelRef:xt,flowExpireRef:Me,beginFlow:et,currentReqId:Nr,awaitProbe:Br,markProbed:Fr,hasProbedRef:Le,getRefreshId:g,setLastPolicyHash:E,setLastPolicyProof:A,setLastHost:b,setRootJkt:w,metaReady:f}};var pe=e=>e.accessTokenRef.current??null,G=e=>{let t=e.privRef.current;if(!t)throw new Error("Sunbreak: private key not initialized");return t},I=e=>{let t=e.pubJwkRef.current;if(!t)throw new Error("Sunbreak: public JWK not initialized");return t};var Cn=(e,t)=>`${e.toUpperCase()} ${t}`;async function _e(e,t,r){if(!t)return false;let n=_e._nonceCacheRef||(_e._nonceCacheRef={map:new Map});try{await e.waitReady(),await e.awaitKeyStable(),await e.awaitProbe(),await e.ensureKeypair(),e.setError(null),e.beginFlow("register",2e4);let o;try{if(await e.ensureRootKeypair(),e.rootPrivRef.current&&e.rootPubJwkRef.current){if(!e.meta.rootJkt)try{let f=await $(e.rootPubJwkRef.current);e.setRootJkt?.(f);}catch{}let b=await $(I(e)),w=await e.getRefreshId();o=await Te({rootPrivateKey:e.rootPrivRef.current,rootPublicJwk:e.rootPubJwkRef.current,childJkt:b,clientId:e.clientId,sid:w||void 0,ttlSec:300});}}catch{}let a=e.currentReqId(),i="/auth/register",c=`${e.baseUrl}${i}`,s=new URL(e.baseUrl).origin,u="POST",l=`${s}${i}`,p=Cn(u,l),m=n.map.get(p),h=await U({method:u,url:l,nonce:m,privateKey:G(e),publicJwk:I(e)}),S=async b=>e.fetchImpl(c,{method:u,headers:{"content-type":"application/json","x-sunbreak-meta":j(e,{reqId:a,pode:o||void 0}),...b},credentials:"include",body:JSON.stringify({wallet:t,proof:r})}),g=await S({DPoP:h}),E=b=>{let w=b.headers.get("dpop-nonce");w&&n.map.set(p,w);};if(g.status===401){let b=g.headers.get("www-authenticate"),f=(b&&b.match(/dpop-nonce="([^"]+)"/i))?.[1];if(f){n.map.set(p,f);let y=await U({method:u,url:l,nonce:f,privateKey:G(e),publicJwk:I(e)});g=await S({DPoP:y});}}if(E(g),!g.ok){let b=await Ie(g);if((g.headers.get("content-type")||"").includes("application/json")){let f;try{f=await g.clone().json();}catch{}let y=Je(f&&(f.error||f.message||f.detail)||`HTTP ${g.status}`);throw fe(y,b)}else {let f=b.waf?"Blocked by WAF (403)":b.alb403?"Blocked at origin (ALB 403)":`HTTP ${g.status}`;throw fe(f,b)}}let A=await g.json();e.accessTokenRef.current=A.access,e.authWalletRef.current=t.toLowerCase(),e.setAuthenticated(!0);try{let b=Math.floor(Date.now()/1e3);e.tokenExpRef.current=b+(A.expiresIn??0);}catch{}e.didInitialRefresh.current=!0,e.setBoundWallet(t),e.setLastPolicyHash(null),e.setLastPolicyProof(null);try{e.setJkt(await $(I(e)));}catch{}try{let b={...e.meta,boundWallet:t,clientId:e.meta.clientId??e.clientId,jkt:e.meta.jkt??null,refreshId:A.refreshId??null};e.setRefreshId(A.refreshId??null);let w=Ae(e.clientId);await R(w,b);try{localStorage.setItem(w,JSON.stringify(b));}catch{}}catch{}return !0}catch(o){let a=Number(o?.status||0),i=String(o?.code||""),c=String(o?.message||""),s=Math.floor(Math.random()*1e3);if((a===401||a===403)&&i.toLowerCase()==="replay"){if(e.providerAdapter)try{let u=await e.providerAdapter.getToken()??null;if(u)return await e.awaitKeyStable(),await e.ensureKeypair(),await e.rotate(),e.proofRef.current=await ke(e.providerAdapter,u),e.registerCooldownUntilRef.current=Date.now()+5e3+s,!1}catch{}else return e.proofRef.current=null,e.setError("Proof replayed; please sign a fresh proof."),e.registerCooldownUntilRef.current=Date.now()+1e4+s,false;return e.registerCooldownUntilRef.current=Date.now()+8e3+s,false}if(a===403&&(o?.waf||o?.alb403))return e.setError(c||"Forbidden at edge/origin"),e.registerCooldownUntilRef.current=Date.now()+3e4+s,false;if(a===403)return e.setError(i||c||"Forbidden"),e.registerCooldownUntilRef.current=Date.now()+15e3+s,false;if(a===429||a===503){e.setError(i||c||"Rate limited / unavailable");let u=a===429?5e3:8e3;return e.registerCooldownUntilRef.current=Date.now()+u+s,false}return e.setError(i||c||"Register failed"),e.registerCooldownUntilRef.current=Date.now()+5e3+s,false}}var Tn=(e,t)=>`${e.toUpperCase()} ${t}`;function qe(e){return e.refreshLock.current||(e.refreshLock.current=(async()=>{try{if(await e.waitReady(),await e.awaitKeyStable(),await e.awaitProbe(),e.wallet&&e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)return e.accessTokenRef.current=null,e.setAuthenticated(!1),!1;let t=pe(e);if(t){let w=e.tokenExpRef.current,f=Math.floor(Date.now()/1e3);if(!!t&&!!w&&w-f>5)return !0}e.beginFlow("refresh",15e3);let r=e.currentReqId();await e.ensureKeypair();let n;try{if(await e.ensureRootKeypair(),e.rootPrivRef.current&&e.rootPubJwkRef.current){if(!e.meta.rootJkt)try{let y=await $(e.rootPubJwkRef.current);e.setRootJkt?.(y);}catch{}let w=await $(I(e)),f=await e.getRefreshId();n=await Te({rootPrivateKey:e.rootPrivRef.current,rootPublicJwk:e.rootPubJwkRef.current,childJkt:w,clientId:e.clientId,sid:f||void 0,ttlSec:300});}}catch{}let o="/auth/refresh",a=`${e.baseUrl}${o}`,i=new URL(e.baseUrl).origin,c="POST",s=`${i}${o}`,u=Tn(c,s),l=qe._nonceCacheRef||(qe._nonceCacheRef={map:new Map}),p=async w=>await U({method:c,url:s,nonce:w,privateKey:G(e),publicJwk:I(e)}),m=await e.getRefreshId(),h={"x-sunbreak-meta":j(e,{reqId:r,refreshId:m||void 0,pode:n||void 0}),"content-type":"application/json"},S=async w=>e.fetchImpl(a,{method:c,headers:{DPoP:w,...h},credentials:"include",body:"{}"}),g=w=>{let f=w.headers.get("dpop-nonce");f&&l.map.set(u,f);},E=await S(await p(l.map.get(u)));if(E.status===401){let w=E.headers.get("www-authenticate"),y=(w&&w.match(/dpop-nonce="([^"]+)"/i))?.[1];y&&(l.map.set(u,y),E=await S(await p(y)));}if(g(E),!E.ok){try{if((E.headers.get("content-type")||"").includes("application/json")){let f=await E.clone().json().catch(()=>{}),y=f&&(f.error||f.code||f.message)||"",x=String(y).toLowerCase();if(x.includes("missing")&&x.includes("refresh")){try{e.setRefreshId?.(null);}catch{}try{e.setBoundWallet?.(null);}catch{}e.accessTokenRef.current=null,e.setAuthenticated(!1);}}}catch{}return !1}let A=await E.json();e.accessTokenRef.current=A.access,e.setAuthenticated(!0);let b=(e.wallet&&(!e.meta.boundWallet||e.meta.boundWallet===e.wallet)?e.wallet:e.meta.boundWallet)||null;e.authWalletRef.current=b?b.toLowerCase():null;try{let w=Math.floor(Date.now()/1e3);e.tokenExpRef.current=w+(A.expiresIn??0);}catch{}try{e.setJkt(await $(I(e)));}catch{}return A.refreshId&&e.setRefreshId(A.refreshId),!0}finally{e.refreshLock.current=null;}})()),e.refreshLock.current}var Jn=(e,t)=>`${e.toUpperCase()} ${t}`,Et=new Map,In="sunbreak_probe_v1",mr=e=>`${In}::${e}`,_n=(e,t=6*60*60*1e3)=>{try{let r=localStorage.getItem(mr(e));if(!r)return !0;let n=Number(r);return Number.isFinite(n)?Date.now()-n>=t:!0}catch{return true}},Wn=e=>{try{localStorage.setItem(mr(e),String(Date.now()));}catch{}};async function wr(e){let t=new URL(e.baseUrl).origin;if(!_n(t)){e.hasProbedRef.current||e.markProbed();return}try{await e.awaitKeyStable(),await e.ensureKeypair();let r="POST",n="/auth/probe",o=`${e.baseUrl}${n}`,a=new URL(e.baseUrl).origin,i=`${a}${n}`,c=Jn(r,i),s=async m=>e.fetchImpl(o,{method:r,headers:{DPoP:m,"x-sunbreak-meta":j(e),"content-type":"application/json"},credentials:"include",body:"{}"}),u=async m=>await U({method:r,url:i,nonce:m,privateKey:G(e),publicJwk:I(e)}),l=await s(await u(Et.get(c))),p=m=>{let h=m.headers.get("dpop-nonce");h&&Et.set(c,h);};if(p(l),l.status===401){let m=l.headers.get("www-authenticate"),S=(m&&m.match(/dpop-nonce="([^"]+)"/i))?.[1];S&&(Et.set(c,S),l=await s(await u(S)),p(l));}l.ok||l.status===204?(Wn(a),e.markProbed()):e.hasProbedRef.current||e.markProbed();}catch{e.hasProbedRef.current||e.markProbed();}}var hr=e=>{let t=react.useCallback(()=>qe(e),[e]),r=react.useCallback(async()=>{let o=Date.now(),a=e.registerCooldownUntilRef.current??0;if(o<a||!e.wallet||!e.initResolvedRef.current||e.refreshLock.current||!e.didInitialRefresh.current||e.registerLock.current)return;let i=e.proofRef.current;!i||!(!e.authenticated||e.meta.boundWallet!==e.wallet)||(await e.awaitKeyStable(),e.registerLock.current=(async()=>{try{await _e(e,e.wallet,i)&&(e.didInitialSession.current=!0);}catch(s){e.setError(s?.message||String(s)||"Register failed");}finally{e.registerLock.current=null;}})());},[e]),n=react.useCallback(async o=>{let a=()=>(e.registerCooldownUntilRef.current??0)>Date.now();if(!e.providerAdapter||a())return;let i=await ke(e.providerAdapter,o);e.proofRef.current=i;},[e]);return {refresh:t,register:(o,a)=>_e(e,o,a),attemptRegister:r,setProofFromAdapterToken:n}};var Dn=(e,t)=>`${e.toUpperCase()} ${t}`;async function ze(e,t,r,n,o,a={}){e.setLoadingCount(u=>u+1),e.setError(null);let i=n.startsWith("/api/session"),c=new AbortController,s=setTimeout(()=>c.abort(),e.timeoutMs);try{await e.waitReady(),await e.awaitKeyStable(),await e.awaitProbe(),await e.ensureKeypair();let l=`${i?ot(e):e.baseUrl}${n.startsWith("/")?"":"/"}${n}`,m=`${new URL(e.baseUrl).origin}${n.startsWith("/")?"":"/"}${n}`,h=Dn(r,m),S=n.startsWith("/auth/"),g=!1,E=!1,A=e.currentReqId(),b=ze._nonceCacheRef||(ze._nonceCacheRef={map:new Map}),w=C=>{let N=C.headers.get("dpop-nonce");N&&b.map.set(h,N);},f=!!e.wallet&&!!e.authWalletRef.current&&e.wallet.toLowerCase()!==e.authWalletRef.current.toLowerCase(),y,x,oe=async()=>{if(S||f)return;try{let ae=pe(e),ee=e.tokenExpRef.current,Xe=Math.floor(Date.now()/1e3),Ye=!!ee&&ee-Xe<=60;if((!ae||Ye)&&!await t().catch(()=>!1))return}catch{}let C=pe(e);if(!C)return;let N=await Ge(C),H=b.map.get(h),z=await U({method:r,url:m,nonce:H,ath:N,privateKey:G(e),publicJwk:I(e)});y=`Bearer ${e.accessTokenRef.current}`,x=z;};await oe();let Q={"content-type":"application/json","x-sunbreak-auth":y||"","x-sunbreak-meta":j(e,{reqId:A,auth:y,ifPolicyHash:e.meta.lastPolicyHash||void 0,ifPolicyProof:e.meta.lastPolicyProof||void 0}),...at(a.headers)};x&&(Q.DPoP=x);let Ee=async()=>e.fetchImpl(l,{...a,method:r,headers:Q,body:o!==void 0?JSON.stringify(o):void 0,credentials:"include",signal:c.signal}),P=await Ee(),We=P.headers.get("x-sunbreak-policy-hash"),De=P.headers.get("x-sunbreak-policy-proof");if(We&&e.setLastPolicyHash(We),De&&e.setLastPolicyProof(De),w(P),P.status===401&&!S){let C=pe(e),N=P.headers.get("www-authenticate"),z=(N&&N.match(/dpop-nonce="([^"]+)"/i))?.[1];if(!f&&z&&C&&!E){E=!0,b.map.set(h,z);let ae=await Ge(C),ee=await U({method:r,url:m,nonce:z,ath:ae,privateKey:G(e),publicJwk:I(e)});y=`Bearer ${e.accessTokenRef.current}`,x=ee,Q["x-sunbreak-meta"]=j(e,{reqId:A,auth:y}),Q.DPoP=x,P=await Ee(),w(P);}if(P.status===401&&!g){g=!0;let ae=await t(),ee=pe(e);ae&&ee&&!f&&(await oe(),Q["x-sunbreak-meta"]=j(e,{reqId:A,auth:y}),x&&(Q.DPoP=x),P=await Ee(),w(P));}if(P.status===401)throw new Error("Unauthorized")}if(!P.ok){let C=await Ie(P);if((P.headers.get("content-type")||"").includes("application/json")){let H=await P.json().catch(()=>{}),z=Je(H&&(H.error||H.message||H.detail)||`HTTP ${P.status}`);throw fe(z,C)}else {let H=C.waf?"Blocked by WAF (403)":C.alb403?"Blocked at origin (ALB 403)":`HTTP ${P.status}`;throw fe(H,C)}}return (P.headers.get("content-type")||"").includes("application/json")?await P.json():void 0}finally{clearTimeout(s),e.setLoadingCount(u=>Math.max(0,u-1));}}var br=(e,t)=>react.useCallback(async(r,n,o,a={})=>ze(e,t,r,n,o,a),[e,t]);async function Sr(e,t){let r=await t("GET","/api/session");if(r){e.setAllowed(!!r.allowed),e.setDenyReason(r.reason??null),e.setSessionData(r),e.setSessionExpiry(r.expiry??null);let n=r?.wallet;typeof n=="string"&&n&&e.setBoundWallet(n.toLowerCase());}return r}async function Rr(e,t){let r=await t("GET","/api/verify");return r&&(e.setSessionExpiry(r.expiry??null),e.setVerifyData(r)),r}var Er=(e,t)=>{let r=react.useCallback(async()=>{if(e.wallet&&!(e.meta.boundWallet&&e.wallet!==e.meta.boundWallet))return e.sessionLock.current||(e.sessionLock.current=(async()=>{try{return await Sr(e,t)}finally{e.sessionLock.current=null;}})()),e.sessionLock.current},[e,t]),n=react.useCallback(async()=>{if(e.wallet)return await Rr(e,t)},[e,t]);return {session:r,verify:n}};var kr=(e,t)=>{let{refresh:r,session:n,attemptRegister:o,setProofFromAdapterToken:a,proofProp:i}=t;react.useEffect(()=>{return (async()=>{try{await e.waitReady(),await e.awaitKeyStable(),await e.ensureRootKeypair(),await wr(e);}catch{}})(),()=>{}},[]);let c=()=>(e.registerCooldownUntilRef.current??0)>Date.now();react.useEffect(()=>{if(!e.providerAdapter||c()||!e.metaReady)return;let s=e.wallet,u=e.meta.boundWallet;if(s&&u&&s.toLowerCase()===u.toLowerCase()&&!e.didInitialRefresh.current)return;let l=false;return (async()=>{try{let p=await e.providerAdapter.getToken()??null;if(await e.awaitKeyStable(),l||!p)return;await a(p),await o();}catch{}})(),()=>{l=true;}},[e.providerAdapter,e.wallet,e.meta.boundWallet,e.metaReady,e.registerCooldownUntilRef.current,...e.refreshDeps]),react.useEffect(()=>{typeof i<"u"&&(e.proofRef.current=i??null);let s=e.wallet,u=e.meta.boundWallet;if(e.providerAdapter&&e.metaReady&&s&&u&&s.toLowerCase()===u.toLowerCase()&&!e.didInitialRefresh.current)return;let l=!!s,p=!!e.proofRef.current,m=!!s&&!!e.authWalletRef.current&&s.toLowerCase()!==e.authWalletRef.current.toLowerCase();l&&p&&!e.authenticated&&!m&&e.initResolvedRef.current&&!c()&&!e.didInitialRefresh.current&&o();},[i,e.wallet,e.authenticated,e.meta.boundWallet,e.metaReady,e.providerAdapter,e.initResolvedRef.current,o]),react.useEffect(()=>{let s=e.wallet,u=e.meta.boundWallet;if(!e.metaReady||e.didInitialRefresh.current)return;let l=true;return (async()=>{try{if(await e.waitReady(),e.accessTokenRef.current||e.authenticated){e.didInitialRefresh.current=!0,s&&!e.didInitialSession.current&&(e.didInitialSession.current=!0,await n());return}if(!(!s&&!u||s&&u&&s.toLowerCase()===u.toLowerCase()))return;e.didInitialRefresh.current=!0;let m=await r();if(!l)return;e.setAuthenticated(m),m&&s&&!e.didInitialSession.current&&(e.didInitialSession.current=!0,await n());}catch(p){if(!l)return;e.setAuthenticated(false),e.setError(p?.message||String(p)||"Unknown error");}})(),()=>{l=false;}},[e.wallet,e.meta.boundWallet,e.metaReady,e.didInitialRefresh.current,r,n]),react.useEffect(()=>{e.prevWalletRef.current===void 0&&(async()=>{if(await e.ensureKeypair(),!e.wallet){e.initResolvedRef.current=true,e.initResolveRef.current?.();return}e.meta.boundWallet&&e.meta.boundWallet!==e.wallet&&(e.rotateLock.current=(async()=>{e.accessTokenRef.current=null,e.setAuthenticated(false);})().catch(()=>{}).finally(()=>{e.rotateLock.current=null;}),e.rotateLock.current&&await e.rotateLock.current),e.initResolvedRef.current=true,e.initResolveRef.current?.();})();},[e]),react.useEffect(()=>{(async()=>{if(e.authenticated&&e.wallet&&!(e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)&&!e.didInitialSession.current){e.didInitialSession.current=true;try{await n();}catch(s){e.setError(s?.message||String(s));}}})();},[e.authenticated,e.wallet,e.meta.boundWallet,n]),react.useEffect(()=>{let s=e.prevWalletRef.current;if(e.prevWalletRef.current=e.wallet,!e.wallet){e.setAllowed(null),e.setDenyReason(null),e.setSessionExpiry(null),e.setSessionData(null),e.setAuthenticated(false),e.accessTokenRef.current=null,e.proofRef.current=null,e.setError(null),e.didInitialSession.current=false,e.authWalletRef.current=null,e.setLastPolicyHash(null),e.setLastPolicyProof(null);return}s&&e.wallet&&s!==e.wallet&&(e.rotateLock.current=(async()=>{await e.rotate(),e.accessTokenRef.current=null,e.setAuthenticated(false),e.didInitialSession.current=false,e.authWalletRef.current=null,e.setLastPolicyHash(null),e.setLastPolicyProof(null);})().catch(()=>{}).finally(()=>{e.rotateLock.current=null;}));},[e.wallet]),react.useEffect(()=>{e.wallet&&e.authWalletRef.current&&e.wallet.toLowerCase()!==e.authWalletRef.current.toLowerCase()&&(e.accessTokenRef.current=null,e.setAuthenticated(false));},[e.wallet,e.authWalletRef.current]),react.useEffect(()=>{let u=()=>{if(!e.authenticated||!e.wallet||e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)return false;let m=e.tokenExpRef.current;if(!m)return false;let h=Math.floor(Date.now()/1e3);return m-h<=30},l=async()=>{try{u()&&await r();}catch{}},p=async()=>{document.visibilityState==="visible"&&await l();};return window.addEventListener("focus",l),document.addEventListener("visibilitychange",p),()=>{window.removeEventListener("focus",l),document.removeEventListener("visibilitychange",p);}},[e,r]),react.useEffect(()=>{let l=()=>{let h=Math.floor(Date.now()/1e3),S=e.tokenExpRef.current,g=e.sessionExpiry,E=!!S&&S-h<=30&&S-h>0,A=!!g&&g-h<=3600&&g-h>0;return {tokenSoon:E,sessionSoon:A}},p=async()=>{try{if(!e.authenticated||!e.wallet||e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)return;let{tokenSoon:h,sessionSoon:S}=l();(h||S)&&await r()&&S&&await n();}catch{}},m=async()=>{document.visibilityState==="visible"&&await p();};return window.addEventListener("focus",p),document.addEventListener("visibilitychange",m),()=>{window.removeEventListener("focus",p),document.removeEventListener("visibilitychange",m);}},[e,e.sessionExpiry,r,n]);};var Pr=react.createContext(void 0),jn=e=>{let t=yr(e),{refresh:r,attemptRegister:n,setProofFromAdapterToken:o}=hr(t),a=br(t,r),{session:i,verify:c}=Er(t,a);kr(t,{refresh:r,session:i,attemptRegister:n,setProofFromAdapterToken:o,proofProp:e.proof});let s=react.useMemo(()=>({get:(u,l)=>a("GET",u,void 0,l),post:(u,l,p)=>a("POST",u,l,p),verify:c,session:i,refresh:r,authenticated:t.authenticated,loading:t.loadingCount>0,error:t.error,allowed:t.allowed,denyReason:t.denyReason,sessionExpiry:t.sessionExpiry,sessionData:t.sessionData,verifyData:t.verifyData,wallet:t.wallet}),[a,c,i,r,t.authenticated,t.loadingCount,t.error,t.allowed,t.denyReason,t.sessionExpiry,t.sessionData,t.verifyData,t.wallet]);return jsxRuntime.jsx(Pr.Provider,{value:s,children:e.children})},Un=e=>jsxRuntime.jsx(yt,{clientId:e.clientId,children:jsxRuntime.jsx(jn,{...e})}),$n=()=>{let e=react.useContext(Pr);if(!e)throw new Error("useSunbreak must be used within a SunbreakProvider");return e};
|
|
7
|
+
|
|
8
|
+
exports.SunbreakProvider = Un;
|
|
9
|
+
exports.useSunbreak = $n;
|
package/dist/index.d.cts
ADDED
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
import React$1 from 'react';
|
|
2
|
+
|
|
3
|
+
/** Provider JWT proof: backend derives JWKS URL from meta */
|
|
4
|
+
type ProviderJwtProof = {
|
|
5
|
+
method: "provider_jwt";
|
|
6
|
+
issuer: "privy";
|
|
7
|
+
token: string;
|
|
8
|
+
meta: {
|
|
9
|
+
app_id: string;
|
|
10
|
+
};
|
|
11
|
+
} | {
|
|
12
|
+
method: "provider_jwt";
|
|
13
|
+
issuer: "dynamic";
|
|
14
|
+
token: string;
|
|
15
|
+
meta: {
|
|
16
|
+
env_id: string;
|
|
17
|
+
expected_aud?: string;
|
|
18
|
+
};
|
|
19
|
+
} | {
|
|
20
|
+
method: "provider_jwt";
|
|
21
|
+
issuer: "custom";
|
|
22
|
+
token: string;
|
|
23
|
+
meta: any;
|
|
24
|
+
};
|
|
25
|
+
type SiweProof = {
|
|
26
|
+
method: "siwe";
|
|
27
|
+
message: string;
|
|
28
|
+
signature: string;
|
|
29
|
+
};
|
|
30
|
+
type Eip191Proof = {
|
|
31
|
+
method: "eip191";
|
|
32
|
+
message: string;
|
|
33
|
+
signature: string;
|
|
34
|
+
};
|
|
35
|
+
type Ed25519Proof = {
|
|
36
|
+
method: "ed25519";
|
|
37
|
+
messageBase64: string;
|
|
38
|
+
signatureBase64: string;
|
|
39
|
+
};
|
|
40
|
+
type Proof = ProviderJwtProof | SiweProof | Eip191Proof | Ed25519Proof;
|
|
41
|
+
type ProviderAdapter = {
|
|
42
|
+
name: "privy";
|
|
43
|
+
getToken: () => Promise<string | null | undefined>;
|
|
44
|
+
appId: string;
|
|
45
|
+
} | {
|
|
46
|
+
name: "dynamic";
|
|
47
|
+
getToken: () => Promise<string | null | undefined>;
|
|
48
|
+
envId: string;
|
|
49
|
+
expectedAud?: string;
|
|
50
|
+
} | {
|
|
51
|
+
name: "custom";
|
|
52
|
+
getToken: () => Promise<string | null | undefined>;
|
|
53
|
+
meta: any;
|
|
54
|
+
};
|
|
55
|
+
type Reason = "region" | "vpn" | "ofac" | "ofac_region";
|
|
56
|
+
interface SessionResp {
|
|
57
|
+
allowed: boolean;
|
|
58
|
+
reason?: Reason | null;
|
|
59
|
+
expiry: number | null;
|
|
60
|
+
country: string | null;
|
|
61
|
+
}
|
|
62
|
+
interface VerifyResp {
|
|
63
|
+
allowed: boolean;
|
|
64
|
+
expiry: number;
|
|
65
|
+
wallet: string;
|
|
66
|
+
}
|
|
67
|
+
interface SunbreakContextType {
|
|
68
|
+
get: <T = unknown>(path: string, opts?: RequestInit) => Promise<T | undefined>;
|
|
69
|
+
post: <T = unknown>(path: string, body?: unknown, opts?: RequestInit) => Promise<T | undefined>;
|
|
70
|
+
verify: () => Promise<VerifyResp | undefined>;
|
|
71
|
+
session: () => Promise<SessionResp | undefined>;
|
|
72
|
+
refresh: () => Promise<boolean>;
|
|
73
|
+
authenticated: boolean;
|
|
74
|
+
loading: boolean;
|
|
75
|
+
error: string | null;
|
|
76
|
+
allowed: boolean | null;
|
|
77
|
+
denyReason: Reason | null;
|
|
78
|
+
sessionExpiry: number | null;
|
|
79
|
+
sessionData: SessionResp | null;
|
|
80
|
+
verifyData: VerifyResp | null;
|
|
81
|
+
wallet?: string;
|
|
82
|
+
}
|
|
83
|
+
interface SunbreakProviderProps {
|
|
84
|
+
children: React.ReactNode;
|
|
85
|
+
clientId: string;
|
|
86
|
+
wallet?: string;
|
|
87
|
+
base?: string;
|
|
88
|
+
fetchImpl?: typeof fetch;
|
|
89
|
+
timeoutMs?: number;
|
|
90
|
+
proof?: Proof | null;
|
|
91
|
+
providerAdapter?: ProviderAdapter;
|
|
92
|
+
refreshDeps?: unknown[];
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
/**
|
|
96
|
+
* SunbreakContext
|
|
97
|
+
*
|
|
98
|
+
* Role:
|
|
99
|
+
* - Creates the SDK's React context.
|
|
100
|
+
* - Composes state + feature hooks into a single public API surface.
|
|
101
|
+
* - Wraps the inner provider with MetaProvider to persist client metadata.
|
|
102
|
+
*
|
|
103
|
+
* Exposes:
|
|
104
|
+
* - <SunbreakProvider> and useSunbreak()
|
|
105
|
+
*
|
|
106
|
+
* Notes:
|
|
107
|
+
* - This file orchestrates; it holds no business logic itself.
|
|
108
|
+
*/
|
|
109
|
+
|
|
110
|
+
declare const SunbreakProvider: React$1.FC<SunbreakProviderProps>;
|
|
111
|
+
declare const useSunbreak: () => SunbreakContextType;
|
|
112
|
+
|
|
113
|
+
export { type Proof, type ProviderAdapter, type ProviderJwtProof, type SessionResp, type SunbreakContextType, SunbreakProvider, type SunbreakProviderProps, type VerifyResp, useSunbreak };
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
import React$1 from 'react';
|
|
2
|
+
|
|
3
|
+
/** Provider JWT proof: backend derives JWKS URL from meta */
|
|
4
|
+
type ProviderJwtProof = {
|
|
5
|
+
method: "provider_jwt";
|
|
6
|
+
issuer: "privy";
|
|
7
|
+
token: string;
|
|
8
|
+
meta: {
|
|
9
|
+
app_id: string;
|
|
10
|
+
};
|
|
11
|
+
} | {
|
|
12
|
+
method: "provider_jwt";
|
|
13
|
+
issuer: "dynamic";
|
|
14
|
+
token: string;
|
|
15
|
+
meta: {
|
|
16
|
+
env_id: string;
|
|
17
|
+
expected_aud?: string;
|
|
18
|
+
};
|
|
19
|
+
} | {
|
|
20
|
+
method: "provider_jwt";
|
|
21
|
+
issuer: "custom";
|
|
22
|
+
token: string;
|
|
23
|
+
meta: any;
|
|
24
|
+
};
|
|
25
|
+
type SiweProof = {
|
|
26
|
+
method: "siwe";
|
|
27
|
+
message: string;
|
|
28
|
+
signature: string;
|
|
29
|
+
};
|
|
30
|
+
type Eip191Proof = {
|
|
31
|
+
method: "eip191";
|
|
32
|
+
message: string;
|
|
33
|
+
signature: string;
|
|
34
|
+
};
|
|
35
|
+
type Ed25519Proof = {
|
|
36
|
+
method: "ed25519";
|
|
37
|
+
messageBase64: string;
|
|
38
|
+
signatureBase64: string;
|
|
39
|
+
};
|
|
40
|
+
type Proof = ProviderJwtProof | SiweProof | Eip191Proof | Ed25519Proof;
|
|
41
|
+
type ProviderAdapter = {
|
|
42
|
+
name: "privy";
|
|
43
|
+
getToken: () => Promise<string | null | undefined>;
|
|
44
|
+
appId: string;
|
|
45
|
+
} | {
|
|
46
|
+
name: "dynamic";
|
|
47
|
+
getToken: () => Promise<string | null | undefined>;
|
|
48
|
+
envId: string;
|
|
49
|
+
expectedAud?: string;
|
|
50
|
+
} | {
|
|
51
|
+
name: "custom";
|
|
52
|
+
getToken: () => Promise<string | null | undefined>;
|
|
53
|
+
meta: any;
|
|
54
|
+
};
|
|
55
|
+
type Reason = "region" | "vpn" | "ofac" | "ofac_region";
|
|
56
|
+
interface SessionResp {
|
|
57
|
+
allowed: boolean;
|
|
58
|
+
reason?: Reason | null;
|
|
59
|
+
expiry: number | null;
|
|
60
|
+
country: string | null;
|
|
61
|
+
}
|
|
62
|
+
interface VerifyResp {
|
|
63
|
+
allowed: boolean;
|
|
64
|
+
expiry: number;
|
|
65
|
+
wallet: string;
|
|
66
|
+
}
|
|
67
|
+
interface SunbreakContextType {
|
|
68
|
+
get: <T = unknown>(path: string, opts?: RequestInit) => Promise<T | undefined>;
|
|
69
|
+
post: <T = unknown>(path: string, body?: unknown, opts?: RequestInit) => Promise<T | undefined>;
|
|
70
|
+
verify: () => Promise<VerifyResp | undefined>;
|
|
71
|
+
session: () => Promise<SessionResp | undefined>;
|
|
72
|
+
refresh: () => Promise<boolean>;
|
|
73
|
+
authenticated: boolean;
|
|
74
|
+
loading: boolean;
|
|
75
|
+
error: string | null;
|
|
76
|
+
allowed: boolean | null;
|
|
77
|
+
denyReason: Reason | null;
|
|
78
|
+
sessionExpiry: number | null;
|
|
79
|
+
sessionData: SessionResp | null;
|
|
80
|
+
verifyData: VerifyResp | null;
|
|
81
|
+
wallet?: string;
|
|
82
|
+
}
|
|
83
|
+
interface SunbreakProviderProps {
|
|
84
|
+
children: React.ReactNode;
|
|
85
|
+
clientId: string;
|
|
86
|
+
wallet?: string;
|
|
87
|
+
base?: string;
|
|
88
|
+
fetchImpl?: typeof fetch;
|
|
89
|
+
timeoutMs?: number;
|
|
90
|
+
proof?: Proof | null;
|
|
91
|
+
providerAdapter?: ProviderAdapter;
|
|
92
|
+
refreshDeps?: unknown[];
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
/**
|
|
96
|
+
* SunbreakContext
|
|
97
|
+
*
|
|
98
|
+
* Role:
|
|
99
|
+
* - Creates the SDK's React context.
|
|
100
|
+
* - Composes state + feature hooks into a single public API surface.
|
|
101
|
+
* - Wraps the inner provider with MetaProvider to persist client metadata.
|
|
102
|
+
*
|
|
103
|
+
* Exposes:
|
|
104
|
+
* - <SunbreakProvider> and useSunbreak()
|
|
105
|
+
*
|
|
106
|
+
* Notes:
|
|
107
|
+
* - This file orchestrates; it holds no business logic itself.
|
|
108
|
+
*/
|
|
109
|
+
|
|
110
|
+
declare const SunbreakProvider: React$1.FC<SunbreakProviderProps>;
|
|
111
|
+
declare const useSunbreak: () => SunbreakContextType;
|
|
112
|
+
|
|
113
|
+
export { type Proof, type ProviderAdapter, type ProviderJwtProof, type SessionResp, type SunbreakContextType, SunbreakProvider, type SunbreakProviderProps, type VerifyResp, useSunbreak };
|
package/dist/index.mjs
ADDED
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { createContext, useContext, useState, useRef, useMemo, useEffect, useCallback } from 'react';
|
|
2
|
+
import { jsx } from 'react/jsx-runtime';
|
|
3
|
+
|
|
4
|
+
var zr=Object.defineProperty;var Jt=e=>{throw TypeError(e)};var Xr=(e,t,r)=>t in e?zr(e,t,{enumerable:true,configurable:true,writable:true,value:r}):e[t]=r;var D=(e,t,r)=>Xr(e,typeof t!="symbol"?t+"":t,r),It=(e,t,r)=>t.has(e)||Jt("Cannot "+r);var d=(e,t,r)=>(It(e,t,"read from private field"),r?r.call(e):t.get(e)),M=(e,t,r)=>t.has(e)?Jt("Cannot add the same private member more than once"):t instanceof WeakSet?t.add(e):t.set(e,r),O=(e,t,r,n)=>(It(e,t,"write to private field"),t.set(e,r),r);var ke=async(e,t,r)=>{switch(e.name){case "custom":return {method:"provider_jwt",issuer:"custom",token:t,meta:r||{}};case "privy":return {method:"provider_jwt",issuer:"privy",token:t,meta:{app_id:e.appId}};case "dynamic":return e.expectedAud?{method:"provider_jwt",issuer:"dynamic",token:t,meta:{env_id:e.envId,expected_aud:e.expectedAud}}:{method:"provider_jwt",issuer:"dynamic",token:t,meta:{env_id:e.envId}};default:throw new Error(`Unknown adapter: ${e}`)}};var Yr="sunbreak-kv",Pe="kv",je="sunbreak_dpop_meta_v1",K="sunbreak_dpop_key_v1",ve="ES256",T="P-256",Ae=e=>`${je}:${e}`,_t=()=>new Promise((e,t)=>{let r=indexedDB.open(Yr,1);r.onupgradeneeded=()=>r.result.createObjectStore(Pe),r.onsuccess=()=>e(r.result),r.onerror=()=>t(r.error);}),J=async e=>{try{let t=await _t();return await new Promise((r,n)=>{let a=t.transaction(Pe,"readonly").objectStore(Pe).get(e);a.onsuccess=()=>r(a.result),a.onerror=()=>n(a.error);})}catch{return}},R=async(e,t)=>{let r=await _t();await new Promise((n,o)=>{let i=r.transaction(Pe,"readwrite").objectStore(Pe).put(t,e);i.onsuccess=()=>n(),i.onerror=()=>o(i.error);});};var Zr=e=>{let t=new URL(e);if(t.protocol!=="https:"&&t.hostname!=="localhost"&&t.hostname!=="127.0.0.1")throw new Error("Sunbreak: insecure base URL");return t.hash="",t.origin},Qr=e=>e.replace(/\/+$/,""),rt=e=>{let t=Qr(e);return Zr(t)};function ot(e){let t=new URL(e.baseUrl),r=t.host,n=e.meta.lastHost??null,o=en(n);return e.setLastHost(o),t.host=`${o}.${r}`,t.origin}var en=e=>{for(let t=0;t<nt.length;t++){let r=nt[Math.floor(Math.random()*nt.length)].toLowerCase();if(r!==e)return r}return "alpha"},nt=["Alpha","Bravo","Charlie","Delta","Echo","Foxtrot","Golf","Hotel","India","Juliett","Kilo","Lima","Mike","November","Oscar","Papa","Quebec","Romeo","Sierra","Tango","Uniform","Victor","Whiskey","X-ray","Yankee","Zulu"];var j=(e,t)=>{let r={clientId:e.clientId,wallet:e.wallet,ifPolicyHash:e.meta.lastPolicyHash||void 0,ifPolicyProof:e.meta.lastPolicyProof||void 0,...t};Object.keys(r).forEach(o=>r[o]===void 0&&delete r[o]);let n=JSON.stringify(r);return btoa(n)};var tn=new Set(["connection","keep-alive","proxy-authenticate","proxy-authorization","te","trailer","transfer-encoding","upgrade","via"]),rn=new Set(["user-agent","referer","origin","host","content-length","sec-fetch-site","sec-fetch-mode","sec-fetch-dest","sec-fetch-user","sec-ch-ua","sec-ch-ua-mobile","sec-ch-ua-platform","sec-ch-ua-platform-version","sec-ch-ua-full-version","sec-ch-ua-arch","sec-ch-ua-model","sec-ch-ua-bitness","cookie","set-cookie"]),nn=new Set(["dpop","x-sunbreak-meta"]),on=64,Wt=2048,an=64;function at(e){let t={};if(!e)return t;let r=e instanceof Headers?Array.from(e.entries()):Object.entries(e),n=0;for(let[o,a]of r){if(n>=an)break;if(o==null||a==null)continue;let i=String(o).toLowerCase().trim();if(!i||i.length>on||tn.has(i)||rn.has(i)||nn.has(i))continue;let c=String(a);c.length>Wt&&(c=c.slice(0,Wt)),t[i]=c,n++;}return t}var X=new TextEncoder,ye=new TextDecoder;function Dt(...e){let t=e.reduce((o,{length:a})=>o+a,0),r=new Uint8Array(t),n=0;for(let o of e)r.set(o,n),n+=o.length;return r}function Lt(e){if(Uint8Array.prototype.toBase64)return e.toBase64();let t=32768,r=[];for(let n=0;n<e.length;n+=t)r.push(String.fromCharCode.apply(null,e.subarray(n,n+t)));return btoa(r.join(""))}function Ht(e){if(Uint8Array.fromBase64)return Uint8Array.fromBase64(e);let t=atob(e),r=new Uint8Array(t.length);for(let n=0;n<t.length;n++)r[n]=t.charCodeAt(n);return r}function Mt(e){if(Uint8Array.fromBase64)return Uint8Array.fromBase64(typeof e=="string"?e:ye.decode(e),{alphabet:"base64url"});let t=e;t instanceof Uint8Array&&(t=ye.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return Ht(t)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}}function Ue(e){let t=e;return typeof t=="string"&&(t=X.encode(t)),Uint8Array.prototype.toBase64?t.toBase64({alphabet:"base64url",omitPadding:true}):Lt(t).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}var ce=class extends Error{constructor(r,n){super(r,n);D(this,"code","ERR_JOSE_GENERIC");this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor);}};D(ce,"code","ERR_JOSE_GENERIC");var _=class extends ce{constructor(){super(...arguments);D(this,"code","ERR_JOSE_NOT_SUPPORTED");}};D(_,"code","ERR_JOSE_NOT_SUPPORTED");var Y=class extends ce{constructor(){super(...arguments);D(this,"code","ERR_JWS_INVALID");}};D(Y,"code","ERR_JWS_INVALID");var Ke=class extends ce{constructor(){super(...arguments);D(this,"code","ERR_JWT_INVALID");}};D(Ke,"code","ERR_JWT_INVALID");var Ot,jt,it=class extends(jt=ce,Ot=Symbol.asyncIterator,jt){constructor(r="multiple matching keys found in the JSON Web Key Set",n){super(r,n);D(this,Ot);D(this,"code","ERR_JWKS_MULTIPLE_MATCHING_KEYS");}};D(it,"code","ERR_JWKS_MULTIPLE_MATCHING_KEYS");function B(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function me(e,t){return e.name===t}function st(e){return parseInt(e.name.slice(4),10)}function un(e){switch(e){case "ES256":return "P-256";case "ES384":return "P-384";case "ES512":return "P-521";default:throw new Error("unreachable")}}function ln(e,t){if(!e.usages.includes(t))throw new TypeError(`CryptoKey does not support this operation, its usages must include ${t}.`)}function Ut(e,t,r){switch(t){case "HS256":case "HS384":case "HS512":{if(!me(e.algorithm,"HMAC"))throw B("HMAC");let n=parseInt(t.slice(2),10);if(st(e.algorithm.hash)!==n)throw B(`SHA-${n}`,"algorithm.hash");break}case "RS256":case "RS384":case "RS512":{if(!me(e.algorithm,"RSASSA-PKCS1-v1_5"))throw B("RSASSA-PKCS1-v1_5");let n=parseInt(t.slice(2),10);if(st(e.algorithm.hash)!==n)throw B(`SHA-${n}`,"algorithm.hash");break}case "PS256":case "PS384":case "PS512":{if(!me(e.algorithm,"RSA-PSS"))throw B("RSA-PSS");let n=parseInt(t.slice(2),10);if(st(e.algorithm.hash)!==n)throw B(`SHA-${n}`,"algorithm.hash");break}case "Ed25519":case "EdDSA":{if(!me(e.algorithm,"Ed25519"))throw B("Ed25519");break}case "ML-DSA-44":case "ML-DSA-65":case "ML-DSA-87":{if(!me(e.algorithm,t))throw B(t);break}case "ES256":case "ES384":case "ES512":{if(!me(e.algorithm,"ECDSA"))throw B("ECDSA");let n=un(t);if(e.algorithm.namedCurve!==n)throw B(n,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}ln(e,r);}function $t(e,t,...r){if(r=r.filter(Boolean),r.length>2){let n=r.pop();e+=`one of type ${r.join(", ")}, or ${n}.`;}else r.length===2?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return t==null?e+=` Received ${t}`:typeof t=="function"&&t.name?e+=` Received function ${t.name}`:typeof t=="object"&&t!=null&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}var Nt=(e,...t)=>$t("Key must be ",e,...t);function ct(e,t,...r){return $t(`Key for the ${e} algorithm must be `,t,...r)}function ut(e){return e?.[Symbol.toStringTag]==="CryptoKey"}function lt(e){return e?.[Symbol.toStringTag]==="KeyObject"}var ft=e=>ut(e)||lt(e);var Bt=(...e)=>{let t=e.filter(Boolean);if(t.length===0||t.length===1)return true;let r;for(let n of t){let o=Object.keys(n);if(!r||r.size===0){r=new Set(o);continue}for(let a of o){if(r.has(a))return false;r.add(a);}}return true};function fn(e){return typeof e=="object"&&e!==null}var $e=e=>{if(!fn(e)||Object.prototype.toString.call(e)!=="[object Object]")return false;if(Object.getPrototypeOf(e)===null)return true;let t=e;for(;Object.getPrototypeOf(t)!==null;)t=Object.getPrototypeOf(t);return Object.getPrototypeOf(e)===t};var Ft=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){let{modulusLength:r}=t.algorithm;if(typeof r!="number"||r<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function dn(e){let t,r;switch(e.kty){case "AKP":{switch(e.alg){case "ML-DSA-44":case "ML-DSA-65":case "ML-DSA-87":t={name:e.alg},r=e.priv?["sign"]:["verify"];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case "RSA":{switch(e.alg){case "PS256":case "PS384":case "PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case "RS256":case "RS384":case "RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case "RSA-OAEP":case "RSA-OAEP-256":case "RSA-OAEP-384":case "RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case "EC":{switch(e.alg){case "ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case "ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case "ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case "ECDH-ES":case "ECDH-ES+A128KW":case "ECDH-ES+A192KW":case "ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case "OKP":{switch(e.alg){case "Ed25519":case "EdDSA":t={name:"Ed25519"},r=e.d?["sign"]:["verify"];break;case "ECDH-ES":case "ECDH-ES+A128KW":case "ECDH-ES+A192KW":case "ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new _('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}default:throw new _('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return {algorithm:t,keyUsages:r}}var Vt=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');let{algorithm:t,keyUsages:r}=dn(e),n={...e};return n.kty!=="AKP"&&delete n.alg,delete n.use,crypto.subtle.importKey("jwk",n,t,e.ext??!(e.d||e.priv),e.key_ops??r)};var Gt=(e,t,r,n,o)=>{if(o.crit!==void 0&&n?.crit===void 0)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||n.crit===void 0)return new Set;if(!Array.isArray(n.crit)||n.crit.length===0||n.crit.some(i=>typeof i!="string"||i.length===0))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let a;r!==void 0?a=new Map([...Object.entries(r),...t.entries()]):a=t;for(let i of n.crit){if(!a.has(i))throw new _(`Extension Header Parameter "${i}" is not recognized`);if(o[i]===void 0)throw new e(`Extension Header Parameter "${i}" is missing`);if(a.get(i)&&n[i]===void 0)throw new e(`Extension Header Parameter "${i}" MUST be integrity protected`)}return new Set(n.crit)};function xe(e){return $e(e)&&typeof e.kty=="string"}function qt(e){return e.kty!=="oct"&&(e.kty==="AKP"&&typeof e.priv=="string"||typeof e.d=="string")}function zt(e){return e.kty!=="oct"&&typeof e.d>"u"&&typeof e.priv>"u"}function Xt(e){return e.kty==="oct"&&typeof e.k=="string"}var we,Yt=async(e,t,r,n=false)=>{we||(we=new WeakMap);let o=we.get(e);if(o?.[r])return o[r];let a=await Vt({...t,alg:r});return n&&Object.freeze(e),o?o[r]=a:we.set(e,{[r]:a}),a},yn=(e,t)=>{we||(we=new WeakMap);let r=we.get(e);if(r?.[t])return r[t];let n=e.type==="public",o=!!n,a;if(e.asymmetricKeyType==="x25519"){switch(t){case "ECDH-ES":case "ECDH-ES+A128KW":case "ECDH-ES+A192KW":case "ECDH-ES+A256KW":break;default:throw new TypeError("given KeyObject instance cannot be used for this algorithm")}a=e.toCryptoKey(e.asymmetricKeyType,o,n?[]:["deriveBits"]);}if(e.asymmetricKeyType==="ed25519"){if(t!=="EdDSA"&&t!=="Ed25519")throw new TypeError("given KeyObject instance cannot be used for this algorithm");a=e.toCryptoKey(e.asymmetricKeyType,o,[n?"verify":"sign"]);}switch(e.asymmetricKeyType){case "ml-dsa-44":case "ml-dsa-65":case "ml-dsa-87":{if(t!==e.asymmetricKeyType.toUpperCase())throw new TypeError("given KeyObject instance cannot be used for this algorithm");a=e.toCryptoKey(e.asymmetricKeyType,o,[n?"verify":"sign"]);}}if(e.asymmetricKeyType==="rsa"){let i;switch(t){case "RSA-OAEP":i="SHA-1";break;case "RS256":case "PS256":case "RSA-OAEP-256":i="SHA-256";break;case "RS384":case "PS384":case "RSA-OAEP-384":i="SHA-384";break;case "RS512":case "PS512":case "RSA-OAEP-512":i="SHA-512";break;default:throw new TypeError("given KeyObject instance cannot be used for this algorithm")}if(t.startsWith("RSA-OAEP"))return e.toCryptoKey({name:"RSA-OAEP",hash:i},o,n?["encrypt"]:["decrypt"]);a=e.toCryptoKey({name:t.startsWith("PS")?"RSA-PSS":"RSASSA-PKCS1-v1_5",hash:i},o,[n?"verify":"sign"]);}if(e.asymmetricKeyType==="ec"){let c=new Map([["prime256v1","P-256"],["secp384r1","P-384"],["secp521r1","P-521"]]).get(e.asymmetricKeyDetails?.namedCurve);if(!c)throw new TypeError("given KeyObject instance cannot be used for this algorithm");t==="ES256"&&c==="P-256"&&(a=e.toCryptoKey({name:"ECDSA",namedCurve:c},o,[n?"verify":"sign"])),t==="ES384"&&c==="P-384"&&(a=e.toCryptoKey({name:"ECDSA",namedCurve:c},o,[n?"verify":"sign"])),t==="ES512"&&c==="P-521"&&(a=e.toCryptoKey({name:"ECDSA",namedCurve:c},o,[n?"verify":"sign"])),t.startsWith("ECDH-ES")&&(a=e.toCryptoKey({name:"ECDH",namedCurve:c},o,n?[]:["deriveBits"]));}if(!a)throw new TypeError("given KeyObject instance cannot be used for this algorithm");return r?r[t]=a:we.set(e,{[t]:a}),a},Zt=async(e,t)=>{if(e instanceof Uint8Array||ut(e))return e;if(lt(e)){if(e.type==="secret")return e.export();if("toCryptoKey"in e&&typeof e.toCryptoKey=="function")try{return yn(e,t)}catch(n){if(n instanceof TypeError)throw n}let r=e.export({format:"jwk"});return Yt(e,r,t)}if(xe(e))return e.k?Mt(e.k):Yt(e,e,t,true);throw new Error("unreachable")};var he=e=>e?.[Symbol.toStringTag],dt=(e,t,r)=>{if(t.use!==void 0){let n;switch(r){case "sign":case "verify":n="sig";break;case "encrypt":case "decrypt":n="enc";break}if(t.use!==n)throw new TypeError(`Invalid key for this operation, its "use" must be "${n}" when present`)}if(t.alg!==void 0&&t.alg!==e)throw new TypeError(`Invalid key for this operation, its "alg" must be "${e}" when present`);if(Array.isArray(t.key_ops)){let n;switch(true){case(r==="sign"):case e==="dir":case e.includes("CBC-HS"):n=r;break;case e.startsWith("PBES2"):n="deriveBits";break;case /^A\d{3}(?:GCM)?(?:KW)?$/.test(e):!e.includes("GCM")&&e.endsWith("KW")?n="unwrapKey":n=r;break;case(r==="encrypt"):n="wrapKey";break;case r==="decrypt":n=e.startsWith("RSA")?"unwrapKey":"deriveBits";break}if(n&&t.key_ops?.includes?.(n)===false)throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${n}" when present`)}return true},mn=(e,t,r)=>{if(!(t instanceof Uint8Array)){if(xe(t)){if(Xt(t)&&dt(e,t,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!ft(t))throw new TypeError(ct(e,t,"CryptoKey","KeyObject","JSON Web Key","Uint8Array"));if(t.type!=="secret")throw new TypeError(`${he(t)} instances for symmetric algorithms must be of type "secret"`)}},wn=(e,t,r)=>{if(xe(t))switch(r){case "decrypt":case "sign":if(qt(t)&&dt(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case "encrypt":case "verify":if(zt(t)&&dt(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!ft(t))throw new TypeError(ct(e,t,"CryptoKey","KeyObject","JSON Web Key"));if(t.type==="secret")throw new TypeError(`${he(t)} instances for asymmetric algorithms must not be of type "secret"`);if(t.type==="public")switch(r){case "sign":throw new TypeError(`${he(t)} instances for asymmetric algorithm signing must be of type "private"`);case "decrypt":throw new TypeError(`${he(t)} instances for asymmetric algorithm decryption must be of type "private"`);}if(t.type==="private")switch(r){case "verify":throw new TypeError(`${he(t)} instances for asymmetric algorithm verifying must be of type "public"`);case "encrypt":throw new TypeError(`${he(t)} instances for asymmetric algorithm encryption must be of type "public"`);}},Qt=(e,t,r)=>{e.startsWith("HS")||e==="dir"||e.startsWith("PBES2")||/^A(?:128|192|256)(?:GCM)?(?:KW)?$/.test(e)||/^A(?:128|192|256)CBC-HS(?:256|384|512)$/.test(e)?mn(e,t,r):wn(e,t,r);};var er=(e,t)=>{let r=`SHA-${e.slice(-3)}`;switch(e){case "HS256":case "HS384":case "HS512":return {hash:r,name:"HMAC"};case "PS256":case "PS384":case "PS512":return {hash:r,name:"RSA-PSS",saltLength:parseInt(e.slice(-3),10)>>3};case "RS256":case "RS384":case "RS512":return {hash:r,name:"RSASSA-PKCS1-v1_5"};case "ES256":case "ES384":case "ES512":return {hash:r,name:"ECDSA",namedCurve:t.namedCurve};case "Ed25519":case "EdDSA":return {name:"Ed25519"};case "ML-DSA-44":case "ML-DSA-65":case "ML-DSA-87":return {name:e};default:throw new _(`alg ${e} is not supported either by JOSE or your javascript runtime`)}};var tr=async(e,t,r)=>{if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(Nt(t,"CryptoKey","KeyObject","JSON Web Key"));return crypto.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},false,[r])}return Ut(t,e,r),t};var te=e=>Math.floor(e.getTime()/1e3);var hn=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,Ne=e=>{let t=hn.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");let r=parseFloat(t[2]),n=t[3].toLowerCase(),o;switch(n){case "sec":case "secs":case "second":case "seconds":case "s":o=Math.round(r);break;case "minute":case "minutes":case "min":case "mins":case "m":o=Math.round(r*60);break;case "hour":case "hours":case "hr":case "hrs":case "h":o=Math.round(r*3600);break;case "day":case "days":case "d":o=Math.round(r*86400);break;case "week":case "weeks":case "w":o=Math.round(r*604800);break;default:o=Math.round(r*31557600);break}return t[1]==="-"||t[4]==="ago"?-o:o};function ue(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}var k,Be=class{constructor(t){M(this,k);if(!$e(t))throw new TypeError("JWT Claims Set MUST be an object");O(this,k,structuredClone(t));}data(){return X.encode(JSON.stringify(d(this,k)))}get iss(){return d(this,k).iss}set iss(t){d(this,k).iss=t;}get sub(){return d(this,k).sub}set sub(t){d(this,k).sub=t;}get aud(){return d(this,k).aud}set aud(t){d(this,k).aud=t;}set jti(t){d(this,k).jti=t;}set nbf(t){typeof t=="number"?d(this,k).nbf=ue("setNotBefore",t):t instanceof Date?d(this,k).nbf=ue("setNotBefore",te(t)):d(this,k).nbf=te(new Date)+Ne(t);}set exp(t){typeof t=="number"?d(this,k).exp=ue("setExpirationTime",t):t instanceof Date?d(this,k).exp=ue("setExpirationTime",te(t)):d(this,k).exp=te(new Date)+Ne(t);}set iat(t){typeof t>"u"?d(this,k).iat=te(new Date):t instanceof Date?d(this,k).iat=ue("setIssuedAt",te(t)):typeof t=="string"?d(this,k).iat=ue("setIssuedAt",te(new Date)+Ne(t)):d(this,k).iat=ue("setIssuedAt",t);}};k=new WeakMap;var rr=async(e,t,r)=>{let n=await tr(e,t,"sign");Ft(e,n);let o=await crypto.subtle.sign(er(e,n.algorithm),n,r);return new Uint8Array(o)};var Ce,W,F,Fe=class{constructor(t){M(this,Ce);M(this,W);M(this,F);if(!(t instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");O(this,Ce,t);}setProtectedHeader(t){if(d(this,W))throw new TypeError("setProtectedHeader can only be called once");return O(this,W,t),this}setUnprotectedHeader(t){if(d(this,F))throw new TypeError("setUnprotectedHeader can only be called once");return O(this,F,t),this}async sign(t,r){if(!d(this,W)&&!d(this,F))throw new Y("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!Bt(d(this,W),d(this,F)))throw new Y("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");let n={...d(this,W),...d(this,F)},o=Gt(Y,new Map([["b64",true]]),r?.crit,d(this,W),n),a=true;if(o.has("b64")&&(a=d(this,W).b64,typeof a!="boolean"))throw new Y('The "b64" (base64url-encode payload) Header Parameter must be a boolean');let{alg:i}=n;if(typeof i!="string"||!i)throw new Y('JWS "alg" (Algorithm) Header Parameter missing or invalid');Qt(i,t,"sign");let c=d(this,Ce);a&&(c=X.encode(Ue(c)));let s;d(this,W)?s=X.encode(Ue(JSON.stringify(d(this,W)))):s=X.encode("");let u=Dt(s,X.encode("."),c),l=await Zt(t,i),p=await rr(i,l,u),m={signature:Ue(p),payload:""};return a&&(m.payload=ye.decode(c)),d(this,F)&&(m.header=d(this,F)),d(this,W)&&(m.protected=ye.decode(s)),m}};Ce=new WeakMap,W=new WeakMap,F=new WeakMap;var be,Ve=class{constructor(t){M(this,be);O(this,be,new Fe(t));}setProtectedHeader(t){return d(this,be).setProtectedHeader(t),this}async sign(t,r){let n=await d(this,be).sign(t,r);if(n.payload===void 0)throw new TypeError("use the flattened module for creating JWS with b64: false");return `${n.protected}.${n.payload}.${n.signature}`}};be=new WeakMap;var re,L,le=class{constructor(t={}){M(this,re);M(this,L);O(this,L,new Be(t));}setIssuer(t){return d(this,L).iss=t,this}setSubject(t){return d(this,L).sub=t,this}setAudience(t){return d(this,L).aud=t,this}setJti(t){return d(this,L).jti=t,this}setNotBefore(t){return d(this,L).nbf=t,this}setExpirationTime(t){return d(this,L).exp=t,this}setIssuedAt(t){return d(this,L).iat=t,this}setProtectedHeader(t){return O(this,re,t),this}async sign(t,r){let n=new Ve(d(this,L).data());if(n.setProtectedHeader(d(this,re)),Array.isArray(d(this,re)?.crit)&&d(this,re).crit.includes("b64")&&d(this,re).b64===false)throw new Ke("JWTs MUST NOT use unencoded payload");return n.sign(t,r)}};re=new WeakMap,L=new WeakMap;var bn=e=>btoa(String.fromCharCode(...new Uint8Array(e))).replaceAll("+","-").replaceAll("/","_").replaceAll("=",""),Ge=async e=>{let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return bn(r)},U=async e=>{let{method:t,url:r,nonce:n,ath:o,privateKey:a,publicJwk:i}=e,c={htm:t.toUpperCase(),htu:r,jti:crypto.randomUUID(),iat:Math.floor(Date.now()/1e3)};return n&&(c.nonce=n),o&&(c.ath=o),await new le(c).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:i}).sign(a)};var $=async e=>{let t={crv:e.crv,kty:"EC",x:e.x,y:e.y},r=JSON.stringify(t),n=new TextEncoder().encode(r),o=await crypto.subtle.digest("SHA-256",n);return btoa(String.fromCharCode(...new Uint8Array(o))).replaceAll("+","-").replaceAll("/","_").replaceAll("=","")};async function Te(e){let{rootPrivateKey:t,rootPublicJwk:r,childJkt:n,clientId:o,sid:a,ttlSec:i=300}=e,c=Math.floor(Date.now()/1e3),s=c+Math.max(60,Math.min(i,3600)),u={child_jkt:n,client_id:o,aud:"issuer",iat:c,exp:s,jti:crypto.randomUUID()};return a&&(u.sid=a),await new le(u).setProtectedHeader({alg:"ES256",typ:"pode+jwt",jwk:r}).sign(t)}function Je(e,t=300){return e.replace(/<[^>]*>/g,"").slice(0,t)}async function Ie(e){let t=e.status,r=Array.from(e.headers.keys()).some(c=>c.toLowerCase().startsWith("x-amzn-waf")),n,o,a=e.headers.get("content-type")||"";if(a.includes("application/json"))try{let c=await e.clone().json();n=typeof c?.error=="string"?c.error:void 0,o=typeof c?.detail=="string"?c.detail:void 0;}catch{}let i=t===403&&!r&&!a.includes("application/json");return {status:t,code:n,detail:o,waf:r,alb403:i}}function fe(e,t){let r=new Error(e);return r.status=t.status,r.code=t.code,r.detail=t.detail,r.waf=t.waf,r.alb403=t.alb403,r}var Se={boundWallet:null,clientId:null,jkt:null,refreshId:null,lastPolicyHash:null,lastPolicyProof:null,lastHost:null,rootJkt:null},pt=createContext(void 0);function sr(e){try{return JSON.parse(localStorage.getItem(e)||"null")??Se}catch{return Se}}function gn(e,t){try{localStorage.setItem(e,JSON.stringify(t));}catch{}}var yt=({children:e,clientId:t})=>{let[r,n]=useState(Se),o=useRef(false),[a,i]=useState(false),c=useMemo(()=>Ae(t),[t]);useEffect(()=>{let f=true;return (async()=>{let x=await J(c)??await J(je)??sr(c);f&&(n({...Se,...x}),o.current=true,i(true));})(),()=>{f=false;}},[c]),useEffect(()=>{o.current&&(async()=>(await R(c,r),gn(c,r)))();},[r,c]);let s=useCallback(f=>n(y=>({...y,refreshId:f})),[]),u=useCallback(f=>n(y=>({...y,lastPolicyHash:f})),[]),l=useCallback(f=>n(y=>({...y,lastPolicyProof:f})),[]),p=useCallback(f=>n(y=>({...y,lastHost:f})),[]),m=useCallback(f=>n(y=>({...y,rootJkt:f})),[]),h=async()=>{try{let f=localStorage.getItem(c);if(f){let y=JSON.parse(f);if(typeof y?.refreshId=="string"&&y.refreshId)return y.refreshId}}catch{}try{let f=await J(c);if(typeof f?.refreshId=="string"&&f.refreshId)return f.refreshId}catch{}return null},S=useCallback(f=>n(y=>({...y,boundWallet:f})),[]),g=useCallback(f=>n(y=>({...y,clientId:f})),[]),E=useCallback(f=>n(y=>({...y,jkt:f})),[]),A=useCallback(()=>n(Se),[]),b=useCallback(async()=>{let y=await J(c)??sr(c);n({...Se,...y});},[]),w=useMemo(()=>({meta:r,setBoundWallet:S,setClientId:g,setJkt:E,resetMeta:A,reload:b,setRefreshId:s,getRefreshId:h,ready:a,setLastPolicyHash:u,setLastPolicyProof:l,setLastHost:p,setRootJkt:m}),[r,S,g,E,A,b,a,s,h,u,l,p,m]);return jsx(pt.Provider,{value:w,children:e})};function mt(){let e=useContext(pt);if(!e)throw new Error("useMeta must be used within <MetaProvider>");return e}var ur=`${K}:wrap`;async function wt(){try{let e=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},!0,["sign","verify"]),t=`${K}:probe`;await R(t,{fmt:"cryptokey",privKey:e.privateKey});let r=await J(t);return await R(t,void 0),!!(r&&r.privKey)}catch{return false}}function ge(e){let t={...e};return delete t.d,t.kty="EC",t.crv=T,t.alg=ve,t.use="sig",t}async function lr(){let e=await J(ur);if(!e){let t=new Uint8Array(32);crypto.getRandomValues(t),e=t.buffer,await R(ur,e);}return crypto.subtle.importKey("raw",e,{name:"AES-GCM",length:256},false,["encrypt","decrypt"])}async function ht(e){let t=await lr(),r=new Uint8Array(12);crypto.getRandomValues(r);let n=new TextEncoder().encode(JSON.stringify(e));return {encPrivJwk:await crypto.subtle.encrypt({name:"AES-GCM",iv:r},t,n),iv:r.buffer}}async function Pn(e,t){let r=await lr(),n=await crypto.subtle.decrypt({name:"AES-GCM",iv:t},r,e);return JSON.parse(new TextDecoder().decode(new Uint8Array(n)))}var bt=()=>{let e=useRef(null),t=useRef(null),r=useCallback(async()=>{let s=await J(K);if(!s)return false;if(s.fmt==="cryptokey"){let l=s;return l.privKey?(e.current=l.privKey,t.current=ge(l.pubJwk),true):(await R(K,void 0),false)}if(s.fmt==="encjwk"){let l=s;try{let p=await Pn(l.encPrivJwk,l.iv),m=await crypto.subtle.importKey("jwk",p,{name:"ECDSA",namedCurve:T},!1,["sign"]);return e.current=m,t.current=ge(l.pubJwk),!0}catch{return await R(K,void 0),false}}let u=s;if(u&&u.d)if(await wt()){let p=await crypto.subtle.importKey("jwk",u,{name:"ECDSA",namedCurve:T},false,["sign"]),{d:m,...h}=u,S=ge(h);return await R(K,{fmt:"cryptokey",privKey:p,pubJwk:S}),e.current=p,t.current=S,true}else {let{d:p,...m}=u,h=ge(m),{encPrivJwk:S,iv:g}=await ht(u);await R(K,{fmt:"encjwk",encPrivJwk:S,iv:g,pubJwk:h});let E=await crypto.subtle.importKey("jwk",u,{name:"ECDSA",namedCurve:T},false,["sign"]);return e.current=E,t.current=h,true}return await R(K,void 0),false},[]),n=useCallback(async(s,u)=>{await R(K,{fmt:"cryptokey",privKey:s,pubJwk:u});},[]),o=useCallback(async(s,u)=>{let{encPrivJwk:l,iv:p}=await ht(s);await R(K,{fmt:"encjwk",encPrivJwk:l,iv:p,pubJwk:u});},[]),a=useCallback(async()=>{if(e.current&&t.current||await r())return;let s=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},true,["sign","verify"]),u=ge(await crypto.subtle.exportKey("jwk",s.publicKey));if(await wt())await n(s.privateKey,u),e.current=s.privateKey,t.current=u;else {let l=await crypto.subtle.exportKey("jwk",s.privateKey);await o(l,u),e.current=s.privateKey,t.current=u;}},[r,n,o]),i=useCallback(async()=>{let s=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},true,["sign","verify"]),u=ge(await crypto.subtle.exportKey("jwk",s.publicKey));if(await wt())await R(K,{fmt:"cryptokey",privKey:s.privateKey,pubJwk:u});else {let l=await crypto.subtle.exportKey("jwk",s.privateKey),{encPrivJwk:p,iv:m}=await ht(l);await R(K,{fmt:"encjwk",encPrivJwk:p,iv:m,pubJwk:u});}e.current=s.privateKey,t.current=u;},[]),c=useCallback(async()=>{await R(K,void 0),e.current=null,t.current=null;},[]);return {ensureKeypair:a,rotate:i,clear:c,privRef:e,pubJwkRef:t}};var Z="sunbreak_root_key_v1",dr=`${Z}:wrap`;async function vn(){try{let e=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},!0,["sign","verify"]),t=`${Z}:probe`;await R(t,{fmt:"cryptokey",privKey:e.privateKey,createdAt:Date.now(),pubJwk:{}});let r=await J(t);return await R(t,void 0),!!(r&&r.privKey)}catch{return false}}function Rt(e){let t={...e};return delete t.d,t.kty="EC",t.crv=T,t.alg=ve,t.use="sig",t}async function pr(){let e=await J(dr);if(!e){let t=new Uint8Array(32);crypto.getRandomValues(t),e=t.buffer,await R(dr,e);}return crypto.subtle.importKey("raw",e,{name:"AES-GCM",length:256},false,["encrypt","decrypt"])}async function An(e){let t=await pr(),r=new Uint8Array(12);crypto.getRandomValues(r);let n=new TextEncoder().encode(JSON.stringify(e));return {encPrivJwk:await crypto.subtle.encrypt({name:"AES-GCM",iv:r},t,n),iv:r.buffer}}async function Kn(e,t){let r=await pr(),n=await crypto.subtle.decrypt({name:"AES-GCM",iv:t},r,e);return JSON.parse(new TextDecoder().decode(new Uint8Array(n)))}var gt=()=>{let e=useRef(null),t=useRef(null),r=useCallback(async()=>{let a=await J(Z);if(!a)return false;if(a.fmt==="cryptokey"){let i=a;return i.privKey?(e.current=i.privKey,t.current=Rt(i.pubJwk),true):(await R(Z,void 0),false)}if(a.fmt==="encjwk"){let i=a;try{let c=await Kn(i.encPrivJwk,i.iv),s=await crypto.subtle.importKey("jwk",c,{name:"ECDSA",namedCurve:T},!1,["sign"]);return e.current=s,t.current=Rt(i.pubJwk),!0}catch{return await R(Z,void 0),false}}return await R(Z,void 0),false},[]),n=useCallback(async()=>{if(e.current&&t.current||await r())return;let a=await crypto.subtle.generateKey({name:"ECDSA",namedCurve:T},true,["sign","verify"]),i=Rt(await crypto.subtle.exportKey("jwk",a.publicKey)),c=Date.now();if(await vn())await R(Z,{fmt:"cryptokey",privKey:a.privateKey,pubJwk:i,createdAt:c});else {let s=await crypto.subtle.exportKey("jwk",a.privateKey),{encPrivJwk:u,iv:l}=await An(s);await R(Z,{fmt:"encjwk",encPrivJwk:u,iv:l,pubJwk:i,createdAt:c});}e.current=a.privateKey,t.current=i;},[r]),o=useCallback(async()=>{await R(Z,void 0),e.current=null,t.current=null;},[]);return {ensureRootKeypair:n,clear:o,rootPrivRef:e,rootPubJwkRef:t}};var xn=()=>crypto.randomUUID(),yr=e=>{let{clientId:t,wallet:r,base:n="https://api.tdfc.com",fetchImpl:o,timeoutMs:a=15e3,proof:i=null,providerAdapter:c,refreshDeps:s=[]}=e,u=rt(n),l=typeof window<"u"?(o??fetch).bind(window):o??fetch,{meta:p,setBoundWallet:m,setJkt:h,setRefreshId:S,getRefreshId:g,setLastPolicyHash:E,setLastPolicyProof:A,setLastHost:b,setRootJkt:w,ready:f}=mt(),{ensureRootKeypair:y,rootPrivRef:x,rootPubJwkRef:oe}=gt(),Q=useCallback(async()=>{await y();try{if(!p.rootJkt&&oe.current){let se=await $(oe.current);w(se);}}catch{}},[y,p.rootJkt,oe]),{ensureKeypair:Ee,rotate:P,privRef:We,pubJwkRef:De}=bt(),[vt,C]=useState(false),[N,H]=useState(0),[z,ae]=useState(null),[ee,Xe]=useState(null),[Ye,At]=useState(null),[vr,Ar]=useState(null),[Kr,xr]=useState(null),[Cr,Tr]=useState(null),Jr=useRef(null),Ir=useRef(null),_r=useRef(null),Wr=useRef(null),Dr=useRef(null),Lr=useRef(null),Hr=useRef(null),Mr=useRef(false),Or=useRef(false),jr=useRef(void 0),Le=useRef(false),Ze=useRef(false),Kt=useRef(null),ie=useRef(null);ie.current||(ie.current=new Promise(se=>{Kt.current=se;}));let Qe=useRef(null),Ur=useRef(i),He=useRef(null),xt=useRef(null),Me=useRef(null),Ct=()=>Date.now(),$r=()=>(Me.current??0)>0&&Me.current<Ct(),et=useCallback((se,qr=15e3)=>{let Tt=xn();return He.current=Tt,xt.current=se,Me.current=Ct()+Math.max(1e3,qr),Tt},[]),Nr=useCallback(()=>((!He.current||$r())&&et("adhoc",1e4),He.current),[et]),tt=useRef(null),Oe=useRef(null);Oe.current||(Oe.current=new Promise(se=>{tt.current=se;}));let Br=useCallback(async()=>{!Le.current&&Oe.current&&await Oe.current;},[]),Fr=useCallback(()=>{Le.current||(Le.current=true,tt.current?.(),tt.current=null);},[]),Vr=useCallback(async()=>{!Ze.current&&ie.current&&await ie.current;},[]),Gr=useCallback(async()=>{!Ze.current&&ie.current&&await ie.current,Qe.current&&await Qe.current;},[]);return {clientId:t,wallet:r,baseUrl:u,fetchImpl:l,timeoutMs:a,providerAdapter:c,refreshDeps:s,ensureKeypair:Ee,rotate:P,ensureRootKeypair:Q,rootPrivRef:x,rootPubJwkRef:oe,privRef:We,pubJwkRef:De,meta:p,setBoundWallet:m,setJkt:h,setRefreshId:S,accessTokenRef:_r,tokenExpRef:Wr,authenticated:vt,setAuthenticated:C,loadingCount:N,setLoadingCount:H,error:z,setError:ae,allowed:ee,setAllowed:Xe,denyReason:Ye,setDenyReason:At,sessionExpiry:vr,setSessionExpiry:Ar,sessionData:Kr,setSessionData:xr,verifyData:Cr,setVerifyData:Tr,authWalletRef:Ir,refreshLock:Dr,registerLock:Lr,sessionLock:Hr,didInitialRefresh:Mr,didInitialSession:Or,prevWalletRef:jr,initResolvedRef:Ze,initReady:ie,initResolveRef:Kt,rotateLock:Qe,waitReady:Vr,awaitKeyStable:Gr,proofRef:Ur,registerCooldownUntilRef:Jr,reqIdRef:He,flowLabelRef:xt,flowExpireRef:Me,beginFlow:et,currentReqId:Nr,awaitProbe:Br,markProbed:Fr,hasProbedRef:Le,getRefreshId:g,setLastPolicyHash:E,setLastPolicyProof:A,setLastHost:b,setRootJkt:w,metaReady:f}};var pe=e=>e.accessTokenRef.current??null,G=e=>{let t=e.privRef.current;if(!t)throw new Error("Sunbreak: private key not initialized");return t},I=e=>{let t=e.pubJwkRef.current;if(!t)throw new Error("Sunbreak: public JWK not initialized");return t};var Cn=(e,t)=>`${e.toUpperCase()} ${t}`;async function _e(e,t,r){if(!t)return false;let n=_e._nonceCacheRef||(_e._nonceCacheRef={map:new Map});try{await e.waitReady(),await e.awaitKeyStable(),await e.awaitProbe(),await e.ensureKeypair(),e.setError(null),e.beginFlow("register",2e4);let o;try{if(await e.ensureRootKeypair(),e.rootPrivRef.current&&e.rootPubJwkRef.current){if(!e.meta.rootJkt)try{let f=await $(e.rootPubJwkRef.current);e.setRootJkt?.(f);}catch{}let b=await $(I(e)),w=await e.getRefreshId();o=await Te({rootPrivateKey:e.rootPrivRef.current,rootPublicJwk:e.rootPubJwkRef.current,childJkt:b,clientId:e.clientId,sid:w||void 0,ttlSec:300});}}catch{}let a=e.currentReqId(),i="/auth/register",c=`${e.baseUrl}${i}`,s=new URL(e.baseUrl).origin,u="POST",l=`${s}${i}`,p=Cn(u,l),m=n.map.get(p),h=await U({method:u,url:l,nonce:m,privateKey:G(e),publicJwk:I(e)}),S=async b=>e.fetchImpl(c,{method:u,headers:{"content-type":"application/json","x-sunbreak-meta":j(e,{reqId:a,pode:o||void 0}),...b},credentials:"include",body:JSON.stringify({wallet:t,proof:r})}),g=await S({DPoP:h}),E=b=>{let w=b.headers.get("dpop-nonce");w&&n.map.set(p,w);};if(g.status===401){let b=g.headers.get("www-authenticate"),f=(b&&b.match(/dpop-nonce="([^"]+)"/i))?.[1];if(f){n.map.set(p,f);let y=await U({method:u,url:l,nonce:f,privateKey:G(e),publicJwk:I(e)});g=await S({DPoP:y});}}if(E(g),!g.ok){let b=await Ie(g);if((g.headers.get("content-type")||"").includes("application/json")){let f;try{f=await g.clone().json();}catch{}let y=Je(f&&(f.error||f.message||f.detail)||`HTTP ${g.status}`);throw fe(y,b)}else {let f=b.waf?"Blocked by WAF (403)":b.alb403?"Blocked at origin (ALB 403)":`HTTP ${g.status}`;throw fe(f,b)}}let A=await g.json();e.accessTokenRef.current=A.access,e.authWalletRef.current=t.toLowerCase(),e.setAuthenticated(!0);try{let b=Math.floor(Date.now()/1e3);e.tokenExpRef.current=b+(A.expiresIn??0);}catch{}e.didInitialRefresh.current=!0,e.setBoundWallet(t),e.setLastPolicyHash(null),e.setLastPolicyProof(null);try{e.setJkt(await $(I(e)));}catch{}try{let b={...e.meta,boundWallet:t,clientId:e.meta.clientId??e.clientId,jkt:e.meta.jkt??null,refreshId:A.refreshId??null};e.setRefreshId(A.refreshId??null);let w=Ae(e.clientId);await R(w,b);try{localStorage.setItem(w,JSON.stringify(b));}catch{}}catch{}return !0}catch(o){let a=Number(o?.status||0),i=String(o?.code||""),c=String(o?.message||""),s=Math.floor(Math.random()*1e3);if((a===401||a===403)&&i.toLowerCase()==="replay"){if(e.providerAdapter)try{let u=await e.providerAdapter.getToken()??null;if(u)return await e.awaitKeyStable(),await e.ensureKeypair(),await e.rotate(),e.proofRef.current=await ke(e.providerAdapter,u),e.registerCooldownUntilRef.current=Date.now()+5e3+s,!1}catch{}else return e.proofRef.current=null,e.setError("Proof replayed; please sign a fresh proof."),e.registerCooldownUntilRef.current=Date.now()+1e4+s,false;return e.registerCooldownUntilRef.current=Date.now()+8e3+s,false}if(a===403&&(o?.waf||o?.alb403))return e.setError(c||"Forbidden at edge/origin"),e.registerCooldownUntilRef.current=Date.now()+3e4+s,false;if(a===403)return e.setError(i||c||"Forbidden"),e.registerCooldownUntilRef.current=Date.now()+15e3+s,false;if(a===429||a===503){e.setError(i||c||"Rate limited / unavailable");let u=a===429?5e3:8e3;return e.registerCooldownUntilRef.current=Date.now()+u+s,false}return e.setError(i||c||"Register failed"),e.registerCooldownUntilRef.current=Date.now()+5e3+s,false}}var Tn=(e,t)=>`${e.toUpperCase()} ${t}`;function qe(e){return e.refreshLock.current||(e.refreshLock.current=(async()=>{try{if(await e.waitReady(),await e.awaitKeyStable(),await e.awaitProbe(),e.wallet&&e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)return e.accessTokenRef.current=null,e.setAuthenticated(!1),!1;let t=pe(e);if(t){let w=e.tokenExpRef.current,f=Math.floor(Date.now()/1e3);if(!!t&&!!w&&w-f>5)return !0}e.beginFlow("refresh",15e3);let r=e.currentReqId();await e.ensureKeypair();let n;try{if(await e.ensureRootKeypair(),e.rootPrivRef.current&&e.rootPubJwkRef.current){if(!e.meta.rootJkt)try{let y=await $(e.rootPubJwkRef.current);e.setRootJkt?.(y);}catch{}let w=await $(I(e)),f=await e.getRefreshId();n=await Te({rootPrivateKey:e.rootPrivRef.current,rootPublicJwk:e.rootPubJwkRef.current,childJkt:w,clientId:e.clientId,sid:f||void 0,ttlSec:300});}}catch{}let o="/auth/refresh",a=`${e.baseUrl}${o}`,i=new URL(e.baseUrl).origin,c="POST",s=`${i}${o}`,u=Tn(c,s),l=qe._nonceCacheRef||(qe._nonceCacheRef={map:new Map}),p=async w=>await U({method:c,url:s,nonce:w,privateKey:G(e),publicJwk:I(e)}),m=await e.getRefreshId(),h={"x-sunbreak-meta":j(e,{reqId:r,refreshId:m||void 0,pode:n||void 0}),"content-type":"application/json"},S=async w=>e.fetchImpl(a,{method:c,headers:{DPoP:w,...h},credentials:"include",body:"{}"}),g=w=>{let f=w.headers.get("dpop-nonce");f&&l.map.set(u,f);},E=await S(await p(l.map.get(u)));if(E.status===401){let w=E.headers.get("www-authenticate"),y=(w&&w.match(/dpop-nonce="([^"]+)"/i))?.[1];y&&(l.map.set(u,y),E=await S(await p(y)));}if(g(E),!E.ok){try{if((E.headers.get("content-type")||"").includes("application/json")){let f=await E.clone().json().catch(()=>{}),y=f&&(f.error||f.code||f.message)||"",x=String(y).toLowerCase();if(x.includes("missing")&&x.includes("refresh")){try{e.setRefreshId?.(null);}catch{}try{e.setBoundWallet?.(null);}catch{}e.accessTokenRef.current=null,e.setAuthenticated(!1);}}}catch{}return !1}let A=await E.json();e.accessTokenRef.current=A.access,e.setAuthenticated(!0);let b=(e.wallet&&(!e.meta.boundWallet||e.meta.boundWallet===e.wallet)?e.wallet:e.meta.boundWallet)||null;e.authWalletRef.current=b?b.toLowerCase():null;try{let w=Math.floor(Date.now()/1e3);e.tokenExpRef.current=w+(A.expiresIn??0);}catch{}try{e.setJkt(await $(I(e)));}catch{}return A.refreshId&&e.setRefreshId(A.refreshId),!0}finally{e.refreshLock.current=null;}})()),e.refreshLock.current}var Jn=(e,t)=>`${e.toUpperCase()} ${t}`,Et=new Map,In="sunbreak_probe_v1",mr=e=>`${In}::${e}`,_n=(e,t=6*60*60*1e3)=>{try{let r=localStorage.getItem(mr(e));if(!r)return !0;let n=Number(r);return Number.isFinite(n)?Date.now()-n>=t:!0}catch{return true}},Wn=e=>{try{localStorage.setItem(mr(e),String(Date.now()));}catch{}};async function wr(e){let t=new URL(e.baseUrl).origin;if(!_n(t)){e.hasProbedRef.current||e.markProbed();return}try{await e.awaitKeyStable(),await e.ensureKeypair();let r="POST",n="/auth/probe",o=`${e.baseUrl}${n}`,a=new URL(e.baseUrl).origin,i=`${a}${n}`,c=Jn(r,i),s=async m=>e.fetchImpl(o,{method:r,headers:{DPoP:m,"x-sunbreak-meta":j(e),"content-type":"application/json"},credentials:"include",body:"{}"}),u=async m=>await U({method:r,url:i,nonce:m,privateKey:G(e),publicJwk:I(e)}),l=await s(await u(Et.get(c))),p=m=>{let h=m.headers.get("dpop-nonce");h&&Et.set(c,h);};if(p(l),l.status===401){let m=l.headers.get("www-authenticate"),S=(m&&m.match(/dpop-nonce="([^"]+)"/i))?.[1];S&&(Et.set(c,S),l=await s(await u(S)),p(l));}l.ok||l.status===204?(Wn(a),e.markProbed()):e.hasProbedRef.current||e.markProbed();}catch{e.hasProbedRef.current||e.markProbed();}}var hr=e=>{let t=useCallback(()=>qe(e),[e]),r=useCallback(async()=>{let o=Date.now(),a=e.registerCooldownUntilRef.current??0;if(o<a||!e.wallet||!e.initResolvedRef.current||e.refreshLock.current||!e.didInitialRefresh.current||e.registerLock.current)return;let i=e.proofRef.current;!i||!(!e.authenticated||e.meta.boundWallet!==e.wallet)||(await e.awaitKeyStable(),e.registerLock.current=(async()=>{try{await _e(e,e.wallet,i)&&(e.didInitialSession.current=!0);}catch(s){e.setError(s?.message||String(s)||"Register failed");}finally{e.registerLock.current=null;}})());},[e]),n=useCallback(async o=>{let a=()=>(e.registerCooldownUntilRef.current??0)>Date.now();if(!e.providerAdapter||a())return;let i=await ke(e.providerAdapter,o);e.proofRef.current=i;},[e]);return {refresh:t,register:(o,a)=>_e(e,o,a),attemptRegister:r,setProofFromAdapterToken:n}};var Dn=(e,t)=>`${e.toUpperCase()} ${t}`;async function ze(e,t,r,n,o,a={}){e.setLoadingCount(u=>u+1),e.setError(null);let i=n.startsWith("/api/session"),c=new AbortController,s=setTimeout(()=>c.abort(),e.timeoutMs);try{await e.waitReady(),await e.awaitKeyStable(),await e.awaitProbe(),await e.ensureKeypair();let l=`${i?ot(e):e.baseUrl}${n.startsWith("/")?"":"/"}${n}`,m=`${new URL(e.baseUrl).origin}${n.startsWith("/")?"":"/"}${n}`,h=Dn(r,m),S=n.startsWith("/auth/"),g=!1,E=!1,A=e.currentReqId(),b=ze._nonceCacheRef||(ze._nonceCacheRef={map:new Map}),w=C=>{let N=C.headers.get("dpop-nonce");N&&b.map.set(h,N);},f=!!e.wallet&&!!e.authWalletRef.current&&e.wallet.toLowerCase()!==e.authWalletRef.current.toLowerCase(),y,x,oe=async()=>{if(S||f)return;try{let ae=pe(e),ee=e.tokenExpRef.current,Xe=Math.floor(Date.now()/1e3),Ye=!!ee&&ee-Xe<=60;if((!ae||Ye)&&!await t().catch(()=>!1))return}catch{}let C=pe(e);if(!C)return;let N=await Ge(C),H=b.map.get(h),z=await U({method:r,url:m,nonce:H,ath:N,privateKey:G(e),publicJwk:I(e)});y=`Bearer ${e.accessTokenRef.current}`,x=z;};await oe();let Q={"content-type":"application/json","x-sunbreak-auth":y||"","x-sunbreak-meta":j(e,{reqId:A,auth:y,ifPolicyHash:e.meta.lastPolicyHash||void 0,ifPolicyProof:e.meta.lastPolicyProof||void 0}),...at(a.headers)};x&&(Q.DPoP=x);let Ee=async()=>e.fetchImpl(l,{...a,method:r,headers:Q,body:o!==void 0?JSON.stringify(o):void 0,credentials:"include",signal:c.signal}),P=await Ee(),We=P.headers.get("x-sunbreak-policy-hash"),De=P.headers.get("x-sunbreak-policy-proof");if(We&&e.setLastPolicyHash(We),De&&e.setLastPolicyProof(De),w(P),P.status===401&&!S){let C=pe(e),N=P.headers.get("www-authenticate"),z=(N&&N.match(/dpop-nonce="([^"]+)"/i))?.[1];if(!f&&z&&C&&!E){E=!0,b.map.set(h,z);let ae=await Ge(C),ee=await U({method:r,url:m,nonce:z,ath:ae,privateKey:G(e),publicJwk:I(e)});y=`Bearer ${e.accessTokenRef.current}`,x=ee,Q["x-sunbreak-meta"]=j(e,{reqId:A,auth:y}),Q.DPoP=x,P=await Ee(),w(P);}if(P.status===401&&!g){g=!0;let ae=await t(),ee=pe(e);ae&&ee&&!f&&(await oe(),Q["x-sunbreak-meta"]=j(e,{reqId:A,auth:y}),x&&(Q.DPoP=x),P=await Ee(),w(P));}if(P.status===401)throw new Error("Unauthorized")}if(!P.ok){let C=await Ie(P);if((P.headers.get("content-type")||"").includes("application/json")){let H=await P.json().catch(()=>{}),z=Je(H&&(H.error||H.message||H.detail)||`HTTP ${P.status}`);throw fe(z,C)}else {let H=C.waf?"Blocked by WAF (403)":C.alb403?"Blocked at origin (ALB 403)":`HTTP ${P.status}`;throw fe(H,C)}}return (P.headers.get("content-type")||"").includes("application/json")?await P.json():void 0}finally{clearTimeout(s),e.setLoadingCount(u=>Math.max(0,u-1));}}var br=(e,t)=>useCallback(async(r,n,o,a={})=>ze(e,t,r,n,o,a),[e,t]);async function Sr(e,t){let r=await t("GET","/api/session");if(r){e.setAllowed(!!r.allowed),e.setDenyReason(r.reason??null),e.setSessionData(r),e.setSessionExpiry(r.expiry??null);let n=r?.wallet;typeof n=="string"&&n&&e.setBoundWallet(n.toLowerCase());}return r}async function Rr(e,t){let r=await t("GET","/api/verify");return r&&(e.setSessionExpiry(r.expiry??null),e.setVerifyData(r)),r}var Er=(e,t)=>{let r=useCallback(async()=>{if(e.wallet&&!(e.meta.boundWallet&&e.wallet!==e.meta.boundWallet))return e.sessionLock.current||(e.sessionLock.current=(async()=>{try{return await Sr(e,t)}finally{e.sessionLock.current=null;}})()),e.sessionLock.current},[e,t]),n=useCallback(async()=>{if(e.wallet)return await Rr(e,t)},[e,t]);return {session:r,verify:n}};var kr=(e,t)=>{let{refresh:r,session:n,attemptRegister:o,setProofFromAdapterToken:a,proofProp:i}=t;useEffect(()=>{return (async()=>{try{await e.waitReady(),await e.awaitKeyStable(),await e.ensureRootKeypair(),await wr(e);}catch{}})(),()=>{}},[]);let c=()=>(e.registerCooldownUntilRef.current??0)>Date.now();useEffect(()=>{if(!e.providerAdapter||c()||!e.metaReady)return;let s=e.wallet,u=e.meta.boundWallet;if(s&&u&&s.toLowerCase()===u.toLowerCase()&&!e.didInitialRefresh.current)return;let l=false;return (async()=>{try{let p=await e.providerAdapter.getToken()??null;if(await e.awaitKeyStable(),l||!p)return;await a(p),await o();}catch{}})(),()=>{l=true;}},[e.providerAdapter,e.wallet,e.meta.boundWallet,e.metaReady,e.registerCooldownUntilRef.current,...e.refreshDeps]),useEffect(()=>{typeof i<"u"&&(e.proofRef.current=i??null);let s=e.wallet,u=e.meta.boundWallet;if(e.providerAdapter&&e.metaReady&&s&&u&&s.toLowerCase()===u.toLowerCase()&&!e.didInitialRefresh.current)return;let l=!!s,p=!!e.proofRef.current,m=!!s&&!!e.authWalletRef.current&&s.toLowerCase()!==e.authWalletRef.current.toLowerCase();l&&p&&!e.authenticated&&!m&&e.initResolvedRef.current&&!c()&&!e.didInitialRefresh.current&&o();},[i,e.wallet,e.authenticated,e.meta.boundWallet,e.metaReady,e.providerAdapter,e.initResolvedRef.current,o]),useEffect(()=>{let s=e.wallet,u=e.meta.boundWallet;if(!e.metaReady||e.didInitialRefresh.current)return;let l=true;return (async()=>{try{if(await e.waitReady(),e.accessTokenRef.current||e.authenticated){e.didInitialRefresh.current=!0,s&&!e.didInitialSession.current&&(e.didInitialSession.current=!0,await n());return}if(!(!s&&!u||s&&u&&s.toLowerCase()===u.toLowerCase()))return;e.didInitialRefresh.current=!0;let m=await r();if(!l)return;e.setAuthenticated(m),m&&s&&!e.didInitialSession.current&&(e.didInitialSession.current=!0,await n());}catch(p){if(!l)return;e.setAuthenticated(false),e.setError(p?.message||String(p)||"Unknown error");}})(),()=>{l=false;}},[e.wallet,e.meta.boundWallet,e.metaReady,e.didInitialRefresh.current,r,n]),useEffect(()=>{e.prevWalletRef.current===void 0&&(async()=>{if(await e.ensureKeypair(),!e.wallet){e.initResolvedRef.current=true,e.initResolveRef.current?.();return}e.meta.boundWallet&&e.meta.boundWallet!==e.wallet&&(e.rotateLock.current=(async()=>{e.accessTokenRef.current=null,e.setAuthenticated(false);})().catch(()=>{}).finally(()=>{e.rotateLock.current=null;}),e.rotateLock.current&&await e.rotateLock.current),e.initResolvedRef.current=true,e.initResolveRef.current?.();})();},[e]),useEffect(()=>{(async()=>{if(e.authenticated&&e.wallet&&!(e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)&&!e.didInitialSession.current){e.didInitialSession.current=true;try{await n();}catch(s){e.setError(s?.message||String(s));}}})();},[e.authenticated,e.wallet,e.meta.boundWallet,n]),useEffect(()=>{let s=e.prevWalletRef.current;if(e.prevWalletRef.current=e.wallet,!e.wallet){e.setAllowed(null),e.setDenyReason(null),e.setSessionExpiry(null),e.setSessionData(null),e.setAuthenticated(false),e.accessTokenRef.current=null,e.proofRef.current=null,e.setError(null),e.didInitialSession.current=false,e.authWalletRef.current=null,e.setLastPolicyHash(null),e.setLastPolicyProof(null);return}s&&e.wallet&&s!==e.wallet&&(e.rotateLock.current=(async()=>{await e.rotate(),e.accessTokenRef.current=null,e.setAuthenticated(false),e.didInitialSession.current=false,e.authWalletRef.current=null,e.setLastPolicyHash(null),e.setLastPolicyProof(null);})().catch(()=>{}).finally(()=>{e.rotateLock.current=null;}));},[e.wallet]),useEffect(()=>{e.wallet&&e.authWalletRef.current&&e.wallet.toLowerCase()!==e.authWalletRef.current.toLowerCase()&&(e.accessTokenRef.current=null,e.setAuthenticated(false));},[e.wallet,e.authWalletRef.current]),useEffect(()=>{let u=()=>{if(!e.authenticated||!e.wallet||e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)return false;let m=e.tokenExpRef.current;if(!m)return false;let h=Math.floor(Date.now()/1e3);return m-h<=30},l=async()=>{try{u()&&await r();}catch{}},p=async()=>{document.visibilityState==="visible"&&await l();};return window.addEventListener("focus",l),document.addEventListener("visibilitychange",p),()=>{window.removeEventListener("focus",l),document.removeEventListener("visibilitychange",p);}},[e,r]),useEffect(()=>{let l=()=>{let h=Math.floor(Date.now()/1e3),S=e.tokenExpRef.current,g=e.sessionExpiry,E=!!S&&S-h<=30&&S-h>0,A=!!g&&g-h<=3600&&g-h>0;return {tokenSoon:E,sessionSoon:A}},p=async()=>{try{if(!e.authenticated||!e.wallet||e.meta.boundWallet&&e.wallet!==e.meta.boundWallet)return;let{tokenSoon:h,sessionSoon:S}=l();(h||S)&&await r()&&S&&await n();}catch{}},m=async()=>{document.visibilityState==="visible"&&await p();};return window.addEventListener("focus",p),document.addEventListener("visibilitychange",m),()=>{window.removeEventListener("focus",p),document.removeEventListener("visibilitychange",m);}},[e,e.sessionExpiry,r,n]);};var Pr=createContext(void 0),jn=e=>{let t=yr(e),{refresh:r,attemptRegister:n,setProofFromAdapterToken:o}=hr(t),a=br(t,r),{session:i,verify:c}=Er(t,a);kr(t,{refresh:r,session:i,attemptRegister:n,setProofFromAdapterToken:o,proofProp:e.proof});let s=useMemo(()=>({get:(u,l)=>a("GET",u,void 0,l),post:(u,l,p)=>a("POST",u,l,p),verify:c,session:i,refresh:r,authenticated:t.authenticated,loading:t.loadingCount>0,error:t.error,allowed:t.allowed,denyReason:t.denyReason,sessionExpiry:t.sessionExpiry,sessionData:t.sessionData,verifyData:t.verifyData,wallet:t.wallet}),[a,c,i,r,t.authenticated,t.loadingCount,t.error,t.allowed,t.denyReason,t.sessionExpiry,t.sessionData,t.verifyData,t.wallet]);return jsx(Pr.Provider,{value:s,children:e.children})},Un=e=>jsx(yt,{clientId:e.clientId,children:jsx(jn,{...e})}),$n=()=>{let e=useContext(Pr);if(!e)throw new Error("useSunbreak must be used within a SunbreakProvider");return e};
|
|
5
|
+
|
|
6
|
+
export { Un as SunbreakProvider, $n as useSunbreak };
|
package/package.json
ADDED
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@tdfc/sunbreak-react",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"description": "SDK for connecting to the Sunbreak API",
|
|
5
|
+
"license": "UNLICENSED",
|
|
6
|
+
"repository": "github:thedigitalfinancecompany/sunbreak-react",
|
|
7
|
+
"homepage": "https://github.com/thedigitalfinancecompany/sunbreak-react#readme",
|
|
8
|
+
"type": "module",
|
|
9
|
+
"sideEffects": false,
|
|
10
|
+
"main": "./dist/index.cjs",
|
|
11
|
+
"module": "./dist/index.mjs",
|
|
12
|
+
"types": "./dist/index.d.ts",
|
|
13
|
+
"packageManager": "npm@10.9.2",
|
|
14
|
+
"exports": {
|
|
15
|
+
".": {
|
|
16
|
+
"types": "./dist/index.d.ts",
|
|
17
|
+
"import": "./dist/index.mjs",
|
|
18
|
+
"require": "./dist/index.cjs",
|
|
19
|
+
"default": "./dist/index.mjs"
|
|
20
|
+
}
|
|
21
|
+
},
|
|
22
|
+
"files": [
|
|
23
|
+
"dist",
|
|
24
|
+
"README.md",
|
|
25
|
+
"LICENSE"
|
|
26
|
+
],
|
|
27
|
+
"scripts": {
|
|
28
|
+
"llm": "node scripts/llm.cjs",
|
|
29
|
+
"prepack": "npm run build",
|
|
30
|
+
"prepare": "npm run build",
|
|
31
|
+
"clean": "rimraf dist",
|
|
32
|
+
"build": "tsup",
|
|
33
|
+
"dev": "tsup --watch",
|
|
34
|
+
"lint": "eslint .",
|
|
35
|
+
"typecheck": "tsc -p tsconfig.typecheck.json",
|
|
36
|
+
"test": "vitest run",
|
|
37
|
+
"test:watch": "vitest",
|
|
38
|
+
"release": "changeset version && git add -A && git commit -m \"chore: version\" || true && git push",
|
|
39
|
+
"publish:pkg": "changeset publish"
|
|
40
|
+
},
|
|
41
|
+
"engines": {
|
|
42
|
+
"node": ">=18.17"
|
|
43
|
+
},
|
|
44
|
+
"peerDependencies": {
|
|
45
|
+
"react": ">=18",
|
|
46
|
+
"react-dom": ">=18"
|
|
47
|
+
},
|
|
48
|
+
"peerDependenciesMeta": {
|
|
49
|
+
"react-dom": {
|
|
50
|
+
"optional": true
|
|
51
|
+
}
|
|
52
|
+
},
|
|
53
|
+
"devDependencies": {
|
|
54
|
+
"@changesets/cli": "^2.29.8",
|
|
55
|
+
"@eslint/js": "9.37.0",
|
|
56
|
+
"@testing-library/jest-dom": "6.9.1",
|
|
57
|
+
"@testing-library/react": "16.3.0",
|
|
58
|
+
"@types/node": "24.8.1",
|
|
59
|
+
"@types/react": "19.2.2",
|
|
60
|
+
"@types/react-dom": "19.2.1",
|
|
61
|
+
"@typescript-eslint/eslint-plugin": "8.8.0",
|
|
62
|
+
"@typescript-eslint/parser": "8.8.0",
|
|
63
|
+
"@vitest/coverage-v8": "3.2.4",
|
|
64
|
+
"eslint": "9.11.1",
|
|
65
|
+
"eslint-plugin-security": "3.0.1",
|
|
66
|
+
"fake-indexeddb": "6.2.4",
|
|
67
|
+
"globals": "16.4.0",
|
|
68
|
+
"jose": "6.1.0",
|
|
69
|
+
"jsdom": "27.0.0",
|
|
70
|
+
"rimraf": "6.0.1",
|
|
71
|
+
"tsup": "8.1.0",
|
|
72
|
+
"typescript": "5.6.2",
|
|
73
|
+
"typescript-eslint": "8.46.0",
|
|
74
|
+
"vite-tsconfig-paths": "5.1.4",
|
|
75
|
+
"vitest": "3.2.4"
|
|
76
|
+
},
|
|
77
|
+
"publishConfig": {
|
|
78
|
+
"access": "public"
|
|
79
|
+
}
|
|
80
|
+
}
|