@transmitsecurity/platform-web-sdk 1.16.0 → 1.16.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/README.md +37 -18
  2. package/build/drs.d.ts +15 -0
  3. package/build/ido.d.ts +10 -0
  4. package/build/idv.d.ts +10 -0
  5. package/build/webauthn.d.ts +12 -0
  6. package/dist/docs/README.md +32 -32
  7. package/dist/docs/modules.md +1 -1
  8. package/dist/drs.cjs +1 -1
  9. package/dist/drs.js +1 -1
  10. package/dist/ido.cjs +1 -1
  11. package/dist/ido.js +1 -1
  12. package/dist/idv.cjs +1 -1
  13. package/dist/idv.js +1 -1
  14. package/dist/index.cjs +1 -1
  15. package/dist/index.esm.js +1 -1
  16. package/dist/index.umd.js +1 -1
  17. package/dist/ts-platform-websdk.js +1 -1
  18. package/dist/web-sdk-drs+idv+webauthn+ido.js +1 -1
  19. package/dist/web-sdk.d.ts +1 -1
  20. package/dist/webauthn.cjs +1 -1
  21. package/dist/webauthn.js +1 -1
  22. package/package.json +3 -2
package/dist/web-sdk.d.ts CHANGED
@@ -1766,6 +1766,6 @@ declare class TSWebSDK {
1766
1766
  }
1767
1767
  declare const _default: TSWebSDK;
1768
1768
 
1769
- declare const PACKAGE_VERSION = "1.16.0";
1769
+ declare const PACKAGE_VERSION = "1.16.2";
1770
1770
 
1771
1771
  export { ActionEventOptions, ActionResponse, AuthenticationAutofillActivateHandlers, AutofillHandlers, CrossDeviceController, ErrorCode$1 as ErrorCode, PACKAGE_VERSION, SdkError, WebauthnApis, WebauthnAuthenticationFlows, WebauthnCrossDeviceFlows, WebauthnCrossDeviceRegistrationOptions, WebauthnRegistrationOptions, authenticate, crossDevice, _default as default, webSdkModule_d as drs, getDefaultPaths, instance as ido, index_d$1 as idv, initConfigParams, initialize, isAutofillSupported, isPlatformAuthenticatorSupported, register, index_d as webauthn };
package/dist/webauthn.cjs CHANGED
@@ -1 +1 @@
1
- "undefined"==typeof globalThis&&("undefined"!=typeof window?(window.globalThis=window,window.global=window):"undefined"!=typeof self&&(self.globalThis=self,self.global=self));const t=Symbol("MODULE_INITIALIZED"),e=new Map;function i(t,i){var a,s;null===(a=e.get(t))||void 0===a||a.forEach((s=t=>t(i),function(){try{return s(...arguments)}catch(t){console.log(t)}}))}let a=null;function s(t){a=t}var n=Object.freeze({__proto__:null,getInitConfig:function(){return a},get initConfig(){return a},setInitConfig:s});function r(e){s(e),i(t,void 0)}var o=Object.freeze({__proto__:null,initialize:r});function c(t,e){var i=Object.keys(t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(t);e&&(a=a.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),i.push.apply(i,a)}return i}function l(t){for(var e=1;e<arguments.length;e++){var i=null!=arguments[e]?arguments[e]:{};e%2?c(Object(i),!0).forEach((function(e){d(t,e,i[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):c(Object(i)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))}))}return t}function u(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var i=t[Symbol.toPrimitive];if(void 0!==i){var a=i.call(t,e||"default");if("object"!=typeof a)return a;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}function d(t,e,i){return(e=u(e))in t?Object.defineProperty(t,e,{value:i,enumerable:!0,configurable:!0,writable:!0}):t[e]=i,t}function h(t,e){return Object.entries(e).reduce(((e,i)=>{let[a,s]=i;return l(l({},e),{},{[a]:y.isPrototypeOf(s)?new s(t.slug):"function"==typeof s?s.bind(t):"object"==typeof s&&!Array.isArray(s)&&s?h(t,s):s})}),{})}class y{constructor(t){this.slug=t}static create(t){return class extends y{constructor(e){super(e),Object.assign(this,h(this,t(this)))}}}}var p=Object.freeze({__proto__:null,Agent:y}),g=Object.freeze({__proto__:null,MODULE_INITIALIZED:t,emit:i,off:function(t,i){const a=e.get(t);if(!a)return;const s=a.indexOf(i);-1!==s&&a.splice(s,1)},on:function(t,i){var a;e.has(t)?null===(a=e.get(t))||void 0===a||a.push(i):e.set(t,[i])}});function v(t,e){const i=!t||"object"!=typeof t||Array.isArray(t)?{}:t;return[e.reduce(((t,e)=>{if(e in t){const i=t[e];if(null!==i&&"object"==typeof i&&!Array.isArray(i))return i}const i={};return t[e]=i,i}),i),i]}function f(t,e){let i=t;return e.every((t=>!(!i||"object"!=typeof i||Array.isArray(i)||!(t in i))&&(i=i[t],!0)),t)}const w="tsec",m="general";function b(t){return t?m:a.clientId}function D(t){return function(t){if(!t)return{};try{return JSON.parse(t)}catch(t){return{}}}((t?sessionStorage:localStorage).getItem(w))}function S(t,e){const i=t?sessionStorage:localStorage,a=e(D(t));i.setItem(w,JSON.stringify(a))}var A=Object.freeze({__proto__:null,COMMON_STORAGE_KEY:w,GENERAL_ID_KEY:m,getValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly),[s]=v(a,[this.slug.toString(),i]);return s[t]},hasValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly);return f(a,[this.slug.toString(),i,t])},removeValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral);S(!!e.sessionOnly,(e=>{const[a,s]=v(e,[this.slug.toString(),i]);return delete a[t],s}))},setValue:function(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=b(!!i.isGeneral);S(!!i.sessionOnly,(i=>{const[s,n]=v(i,[this.slug.toString(),a]);return s[t]=e,n}))}});const C="RSA-PSS",_=async(t,e)=>await window.crypto.subtle.generateKey({name:t,modulusLength:2048,publicExponent:new Uint8Array([1,0,1]),hash:"SHA-256"},!1,e),K=async()=>await _("RSA-OAEP",["encrypt","decrypt"]),k=async()=>await _(C,["sign"]),R=async(t,e)=>{const i=(new TextEncoder).encode(e);return await window.crypto.subtle.sign({name:C,saltLength:32},t,i)};class P{constructor(t,e,i){this.slug=t,this.dbName=e,this.dbVersion=i}queryObjectStore(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=(window.indexedDB||window.mozIndexedDB||window.webkitIndexedDB||window.msIndexedDB||window.shimIndexedDB).open(`${this.slug}:${this.dbName}`,this.dbVersion||1);a.onupgradeneeded=()=>{var e;const i=a.result;(null===(e=null==i?void 0:i.objectStoreNames)||void 0===e?void 0:e.contains)&&!i.objectStoreNames.contains(t)&&i.createObjectStore(t,{keyPath:"key"})},a.onsuccess=()=>{const s=a.result,n=s.transaction(t,(null==i?void 0:i.operation)||"readwrite"),r=n.objectStore(t);e(r),n.oncomplete=()=>{s.close()}}}put(t,e,i){return new Promise(((a,s)=>{this.queryObjectStore(t,(t=>{const n=t.put({key:e,value:i});n.onsuccess=()=>{a(n.result)},n.onerror=t=>{s("Failed adding item to objectStore, err: "+t)}}))}))}add(t,e,i){return new Promise(((a,s)=>{this.queryObjectStore(t,(t=>{const n=t.add({key:e,value:i});n.onsuccess=()=>{a(n.result)},n.onerror=t=>{const e=t.target.error;s(e)}}))}))}get(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const s=t.get(e);s.onsuccess=()=>{var t;s.result?i(null===(t=s.result)||void 0===t?void 0:t.value):i(void 0)},s.onerror=t=>{a("Failed adding item to objectStore, err: "+t)}}))}))}getAll(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const s=t.getAll(null,e);s.onsuccess=()=>{if(s.result){const t=s.result;(null==t?void 0:t.length)?i(t.map((t=>null==t?void 0:t.value))):i(t)}else i([])},s.onerror=t=>{a("Failed getting items, err: "+t)}}))}))}delete(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const s=t.delete(e);s.onsuccess=()=>{i()},s.onerror=t=>{a(`Failed deleting key: '${e}' from objectStore, err: `+t)}}))}))}clear(t){return new Promise(((e,i)=>{this.queryObjectStore(t,(t=>{const a=t.clear();a.onsuccess=()=>{e()},a.onerror=t=>{i("Failed clearing objectStore, err: "+t)}}))}))}}const T="platform",I="init",O="completed",x="RSA2048",j=[I,O];class B{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"sign",i=arguments.length>2?arguments[2]:void 0;var s,n,r,o;this.agent=t,this.keysType=e,this.options=i,this._extractingKeysPromise=null;const c=!(null===(s=this.options)||void 0===s?void 0:s.productScope);this.keysDatabaseName=c||!(null===(n=this.options)||void 0===n?void 0:n.indexedDBName)?"ts_crypto_binding":this.options.indexedDBName,this.dbVersion=c?1:(null===(r=this.options)||void 0===r?void 0:r.dbVersion)||1,this.keysStoreName=c||!(null===(o=this.options)||void 0===o?void 0:o.keysStoreName)?"identifiers_store":this.options.keysStoreName,this.indexedDBClient=new P(c?T:t.slug,this.keysDatabaseName,this.dbVersion),this.indexedDBClientFallback=new P((c?T:t.slug)+`:${a.clientId}`,this.keysDatabaseName,this.dbVersion)}getKeysRecordKey(){return`${this.keysType}_keys`}getRotatedKeysRecordKey(){return`rotated_${this.keysType}_keys`}getRotatedKeysRecordKeyPending(){return`rotated_pending_${this.keysType}_keys`}arrayBufferToBase64(t){return window.btoa(String.fromCharCode(...new Uint8Array(t)))}async getPKRepresentations(t){const e=await crypto.subtle.exportKey("spki",t);return{arrayBufferKey:e,base64Key:this.arrayBufferToBase64(e)}}async generateKeyPair(){return"sign"==this.keysType?await k():await K()}async calcKeyIdentifier(t){const e=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(e)).map((t=>t.toString(16).padStart(2,"0"))).join("")}async extractKeysData(){if(this._extractingKeysPromise)return this._extractingKeysPromise;this._extractingKeysPromise=(async()=>{var t,e;const i=(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled)?await this.getRotatedKeysData():await this.getKeysData(),{base64Key:a}=await this.getPKRepresentations(i.publicKey);return this.publicKeyBase64=a,this.keyIdentifier=i.keyIdentifier,i})();try{return await this._extractingKeysPromise}finally{this._extractingKeysPromise=null}}async generateKeyPairData(t){const e=await this.generateKeyPair(),{arrayBufferKey:i}=await this.getPKRepresentations(e.publicKey),a=t||await this.calcKeyIdentifier(i);return l(l({},e),{},{keyIdentifier:a,createdDate:Date.now()})}shouldKeyBeRotated(t){var e;const i=null===(e=this.options)||void 0===e?void 0:e.keyRotation;if(!(null==i?void 0:i.isEnabled)||!i.expiryDays||void 0===i.startedAt)return!1;const a=24*i.expiryDays*60*60*1e3,s=t.createdDate&&t.createdDate>=i.startedAt?t.createdDate:i.startedAt;return Date.now()-s>a-2592e6}async extractMainKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getKeysRecordKey())}async extractFallbackMainKeysData(){return await this.indexedDBClientFallback.get(this.keysStoreName,this.getKeysRecordKey())}async extractRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKey())}async extractPendingRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKeyPending())}async saveKeyData(t,e){try{return await this.indexedDBClient.add(this.keysStoreName,t,e),e}catch(e){if(e instanceof DOMException&&"ConstraintError"===e.name){const e=await this.indexedDBClient.get(this.keysStoreName,t);if(e)return e}throw e}}async getKeysData(){const t=this.getKeysRecordKey();let e=await this.extractMainKeysData();if(e)return e;if(e=await this.extractFallbackMainKeysData(),e)return this.saveKeyData(t,e);const i=await this.generateKeyPairData();return this.saveKeyData(t,i)}async getOrCreateRotatedKeys(){let t=await this.extractRotatedKeysData();if(!t){const e=this.getRotatedKeysRecordKey(),i=await this.getKeysData(),a=l(l({},i),{},{createdDate:i.createdDate||Date.now()});t=await this.saveKeyData(e,a)}return t}async getRotatedKeysData(){const t=await this.getOrCreateRotatedKeys();if(this.shouldKeyBeRotated(t)){if(!await this.extractPendingRotatedKeysData()){const e=this.getRotatedKeysRecordKeyPending(),i=await this.generateKeyPairData(t.keyIdentifier);await this.saveKeyData(e,i)}}return t}async getPublicData(){return this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData(),{publicKey:this.publicKeyBase64,keyIdentifier:this.keyIdentifier}}async sign(t){if("sign"==this.keysType){const{privateKey:e}=await this.extractKeysData(),i=await R(e,t);return this.arrayBufferToBase64(i)}throw new Error("keysType must be 'sign' in order to use sign keys")}async clearKeys(){const t=this.getKeysRecordKey();await this.indexedDBClient.delete(this.keysStoreName,t)}getBaseRotationPayload(){return{keyIdentifier:this.keyIdentifier,slot:this.getRotatedKeysRecordKey(),publicKey:this.publicKeyBase64,publicKeyType:x,tenantId:this.options.keyRotation.tenantId}}async getRotationData(){var t,e;if(!(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled))return;this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData();const i=await this.extractPendingRotatedKeysData();if(i){const{base64Key:t}=await this.getPKRepresentations(i.publicKey),{privateKey:e}=await this.extractKeysData(),a=l(l({},this.getBaseRotationPayload()),{},{newPublicKey:t,createdDate:i.createdDate,newPublicKeyType:x}),s=JSON.stringify(a);return{data:s,signature:await this.signPayload(s,e)}}const a=await this.extractRotatedKeysData();if(a&&!1===a.confirmed){await this.extractKeysData();const t=JSON.stringify(this.getBaseRotationPayload());return{data:t,signature:await this.signPayload(t,a.privateKey)}}}async signPayload(t,e){const i=await R(e,t);return this.arrayBufferToBase64(i)}async handleRotateResponse(t){if(j.includes(t))if(t===I){const t=await this.extractPendingRotatedKeysData();if(t){await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKey());const e=l(l({},t),{},{confirmed:!1});await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),e),await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKeyPending());const{base64Key:i}=await this.getPKRepresentations(t.publicKey);this.publicKeyBase64=i,this.keyIdentifier=t.keyIdentifier}}else if(t===O){const t=await this.extractRotatedKeysData();t&&!1===t.confirmed&&await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),l(l({},t),{},{confirmed:!0}))}}}var N=Object.freeze({__proto__:null,createCryptoBinding:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"sign",e=arguments.length>1?arguments[1]:void 0;return new B(this,t,e)},generateRSAKeyPair:K,generateRSASignKeyPair:k,signAssymetric:R,verifyAssymetric:async(t,e,i)=>{const a=(new TextEncoder).encode(e);return await window.crypto.subtle.verify(C,t,i,a)}}),E=Object.freeze({__proto__:null});const H=y.create((t=>{class e extends Error{constructor(e,i){super(`${t.slug}-${e} ${i}`)}}return{TsError:e,TsInternalError:class extends e{constructor(t){super(t,"Internal error")}}}}));var F=y.create((()=>l({exceptions:H},p)));class M{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:[];this.agent=t,this.middlewares=e,this.logs=[]}info(t,e){this.pushLog(3,t,e)}warn(t,e){this.pushLog(4,t,e)}error(t,e){this.pushLog(5,t,e)}pushLog(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};this.logs.push({timestamp:Date.now(),module:this.agent.slug,severity:t,fields:i,message:e});const a=this.middlewares.map((t=>t(this)));Promise.all(a).catch((()=>{}))}}var q=Object.freeze({__proto__:null,consoleMiddleware:function(t){const e=t.logs[t.logs.length-1];console.log(`${e.severity} ${e.message}`,e.fields)},createSdkLogger:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:[];return new M(this,t)}});function z(t,e){if(!(null==t?void 0:t.trim()))return"";if(function(t){try{return new URL(t),!0}catch(t){return!1}}(t))return t;const i="http://mock.com",a=new URL(i);a.search=(null==e?void 0:e.toString())||"",a.pathname=t;return a.href.replace(i,"")}const $={"Content-Type":"application/json","X-TS-client-time":(new Date).toUTCString(),"X-TS-ua":navigator.userAgent};function J(t,e,i){var a;const s=(n=e||{},encodeURI(JSON.stringify(n)).split(/%..|./).length-1);var n;return{method:t,headers:l(l(l({},{"X-TS-body-size":String(s)}),$),i||{}),body:null!==(a=e&&JSON.stringify(e||{}))&&void 0!==a?a:void 0}}function W(t,e,i,a,s){const n=z(t,a),r=J(e,i,s);return fetch(n,r)}async function L(t,e,i,a,s){let n;if(n=await W(t,e,i,a,s),!n.ok)throw new Error("Request failed");return n}var U=Object.freeze({__proto__:null,httpDelete:async function(t,e){const i=await L(t,"DELETE",void 0,void 0,e);return l(l({data:await i.json()},i),{},{headers:i.headers})},httpGet:async function(t,e,i){const a=await L(t,"GET",void 0,e,i);return l(l({data:await a.json()},a),{},{headers:a.headers})},httpPost:async function(t,e,i,a){const s=await L(t,"POST",e,i,a);return l(l({data:await s.json()},s),{},{headers:s.headers})},httpPut:async function(t,e,i,a){const s=await L(t,"PUT",e,i,a);return l(l({data:await s.json()},s),{},{headers:s.headers})},init:J}),V=y.create((()=>({events:g,moduleMetadata:n,mainEntry:o,utils:F,storage:A,crypto:N,indexedDB:E,logger:q,http:U})));class G{static arrayBufferToBase64(t){return btoa(String.fromCharCode(...new Uint8Array(t)))}static base64ToArrayBuffer(t){return Uint8Array.from(atob(t),(t=>t.charCodeAt(0)))}static stringToBase64(t){return btoa(t)}static jsonToBase64(t){const e=JSON.stringify(t);return btoa(e)}static base64ToJson(t){const e=atob(t);return JSON.parse(e)}}const Z={log:console.log,error:console.error};var X,Y;!function(t){t.NotInitialized="not_initialized",t.AuthenticationFailed="authentication_failed",t.AuthenticationAbortedTimeout="authentication_aborted_timeout",t.AuthenticationCanceled="webauthn_authentication_canceled",t.RegistrationFailed="registration_failed",t.AlreadyRegistered="username_already_registered",t.RegistrationAbortedTimeout="registration_aborted_timeout",t.RegistrationCanceled="webauthn_registration_canceled",t.AutofillAuthenticationAborted="autofill_authentication_aborted",t.AuthenticationProcessAlreadyActive="authentication_process_already_active",t.InvalidApprovalData="invalid_approval_data",t.FailedToInitCrossDeviceSession="cross_device_init_failed",t.FailedToGetCrossDeviceStatus="cross_device_status_failed",t.Unknown="unknown"}(X||(X={}));class Q extends Error{constructor(t,e){super(t),this.errorCode=X.NotInitialized,this.data=e}}class tt extends Q{constructor(t,e){super(null!=t?t:"WebAuthnSdk is not initialized",e),this.errorCode=X.NotInitialized}}class et extends Q{constructor(t,e){super(null!=t?t:"Authentication failed with an error",e),this.errorCode=X.AuthenticationFailed}}class it extends Q{constructor(t,e){super(null!=t?t:"Authentication was canceled by the user or got timeout",e),this.errorCode=X.AuthenticationCanceled}}class at extends Q{constructor(t,e){super(null!=t?t:"Registration failed with an error",e),this.errorCode=X.RegistrationFailed}}class st extends Q{constructor(t,e){super(null!=t?t:"Registration was canceled by the user or got timeout",e),this.errorCode=X.RegistrationCanceled}}class nt extends Q{constructor(t){super(null!=t?t:"Autofill flow was aborted"),this.errorCode=X.AutofillAuthenticationAborted}}class rt extends Q{constructor(t){super(null!=t?t:"Operation was aborted by timeout"),this.errorCode=X.AutofillAuthenticationAborted}}class ot extends Q{constructor(t){super(null!=t?t:"Passkey with this username is already registered with the relying party."),this.errorCode=X.AlreadyRegistered}}class ct extends Q{constructor(t,e){super(null!=t?t:"Authentication process is already active",e),this.errorCode=X.AuthenticationProcessAlreadyActive}}class lt extends Q{constructor(t,e){super(null!=t?t:"Invalid approval data",e),this.errorCode=X.InvalidApprovalData}}class ut extends Q{constructor(t,e){super(null!=t?t:"Failed to init cross device authentication",e),this.errorCode=X.FailedToInitCrossDeviceSession}}class dt extends Q{constructor(t,e){super(null!=t?t:"Failed to get cross device status",e),this.errorCode=X.FailedToGetCrossDeviceStatus}}function ht(t){return t.errorCode&&Object.values(X).includes(t.errorCode)}!function(t){t[t.persistent=0]="persistent",t[t.session=1]="session"}(Y||(Y={}));class yt{static get(t){return yt.getStorageMedium(yt.allowedKeys[t]).getItem(yt.getStorageKey(t))||void 0}static set(t,e){return yt.getStorageMedium(yt.allowedKeys[t]).setItem(yt.getStorageKey(t),e)}static remove(t){yt.getStorageMedium(yt.allowedKeys[t]).removeItem(yt.getStorageKey(t))}static clear(t){for(const[e,i]of Object.entries(yt.allowedKeys)){const a=e;t&&this.configurationKeys.includes(a)||yt.getStorageMedium(i).removeItem(yt.getStorageKey(a))}}static getStorageKey(t){return`WebAuthnSdk:${t}`}static getStorageMedium(t){return t===Y.session?sessionStorage:localStorage}}yt.allowedKeys={clientId:Y.session},yt.configurationKeys=["clientId"];class pt{static isNewApiDomain(t){return t&&(this.newApiDomains.includes(t)||t.startsWith("api.")&&t.endsWith(".transmitsecurity.io"))}static dnsPrefetch(t){const e=document.createElement("link");e.rel="dns-prefetch",e.href=t,document.head.appendChild(e)}static preconnect(t,e){const i=document.createElement("link");i.rel="preconnect",i.href=t,e&&(i.crossOrigin="anonymous"),document.head.appendChild(i)}static warmupConnection(t){this.dnsPrefetch(t),this.preconnect(t,!1),this.preconnect(t,!0)}static init(t,e){var i,a;try{this._serverPath=new URL(e.serverPath),this.isNewApiDomain(null===(i=this._serverPath)||void 0===i?void 0:i.hostname)&&this.warmupConnection(this._serverPath.origin),this._apiPaths=null!==(a=e.webauthnApiPaths)&&void 0!==a?a:this.getDefaultPaths(),this._clientId=t,yt.set("clientId",t)}catch(t){throw new tt("Invalid options.serverPath",{error:t})}}static getDefaultPaths(){var t;const e=this.isNewApiDomain(null===(t=this._serverPath)||void 0===t?void 0:t.hostname)?"/cis":"";return{startAuthentication:`${e}/v1/auth/webauthn/authenticate/start`,startRegistration:`${e}/v1/auth/webauthn/register/start`,initCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/init`,startCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/start`,startCrossDeviceRegistration:`${e}/v1/auth/webauthn/cross-device/register/start`,getCrossDeviceTicketStatus:`${e}/v1/auth/webauthn/cross-device/status`,attachDeviceToCrossDeviceSession:`${e}/v1/auth/webauthn/cross-device/attach-device`}}static getApiPaths(){return this._apiPaths}static async sendRequest(t,e,i){Z.log(`[WebAuthn SDK] Calling ${e.method} ${t}...`);const a=new URL(this._serverPath);return a.pathname=t,i&&(a.search=i),fetch(a.toString(),e)}static async startRegistration(t){const e=await this.sendRequest(this._apiPaths.startRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId(),username:t.username,display_name:t.displayName},t.timeout&&{timeout:t.timeout}),t.limitSingleCredentialToDevice&&{limit_single_credential_to_device:t.limitSingleCredentialToDevice}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start registration",null==e?void 0:e.body);return await e.json()}static async startAuthentication(t){const e=await this.sendRequest(this._apiPaths.startAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}),t.timeout&&{timeout:t.timeout}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start authentication",null==e?void 0:e.body);return await e.json()}static async initCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.initCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}))});if(!(null==e?void 0:e.ok))throw new ut(void 0,null==e?void 0:e.body);return await e.json()}static async getCrossDeviceTicketStatus(t){const e=await this.sendRequest(this._apiPaths.getCrossDeviceTicketStatus,{method:"GET"},`cross_device_ticket_id=${t.ticketId}`);if(!(null==e?void 0:e.ok))throw new dt(void 0,null==e?void 0:e.body);return await e.json()}static async startCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new et("Failed to start cross device authentication",null==e?void 0:e.body);return await e.json()}static async startCrossDeviceRegistration(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to start cross device registration",null==e?void 0:e.body);return await e.json()}static async attachDeviceToCrossDeviceSession(t){const e=await this.sendRequest(this._apiPaths.attachDeviceToCrossDeviceSession,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to attach device to cross device session",null==e?void 0:e.body);return await e.json()}static getValidatedClientId(){var t;const e=null!==(t=this._clientId)&&void 0!==t?t:yt.get("clientId");if(!e)throw new tt("Missing clientId");return e}}var gt,vt,ft,wt;pt.newApiDomains=["api.idsec-dev.com","api.idsec-stg.com"],function(t){t.InputAutofill="input-autofill",t.Modal="modal"}(gt||(gt={})),exports.WebauthnCrossDeviceStatus=void 0,(vt=exports.WebauthnCrossDeviceStatus||(exports.WebauthnCrossDeviceStatus={})).Pending="pending",vt.Scanned="scanned",vt.Success="success",vt.Error="error",vt.Timeout="timeout",vt.Aborted="aborted",function(t){t.toAuthenticationError=t=>ht(t)?t:"NotAllowedError"===t.name?new it:"OperationError"===t.name?new ct(t.message):"SecurityError"===t.name?new et(t.message):t===X.AuthenticationAbortedTimeout?new rt:"AbortError"===t.name||t===X.AutofillAuthenticationAborted?new nt:new et("Something went wrong during authentication",{error:t}),t.toRegistrationError=t=>ht(t)?t:"NotAllowedError"===t.name?new st:"SecurityError"===t.name?new at(t.message):"InvalidStateError"===t.name?new ot:t===X.RegistrationAbortedTimeout?new rt:new at("Something went wrong during registration",{error:t})}(ft||(ft={})),function(t){t.processCredentialRequestOptions=t=>l(l({},t),{},{challenge:G.base64ToArrayBuffer(t.challenge),allowCredentials:t.allowCredentials.map((t=>l(l({},t),{},{id:G.base64ToArrayBuffer(t.id)})))}),t.processCredentialCreationOptions=(t,e)=>{var i;const a=JSON.parse(JSON.stringify(t));return a.challenge=G.base64ToArrayBuffer(t.challenge),a.user.id=G.base64ToArrayBuffer(t.user.id),(null==e?void 0:e.limitSingleCredentialToDevice)&&(a.excludeCredentials=null===(i=t.excludeCredentials)||void 0===i?void 0:i.map((t=>l(l({},t),{},{id:G.base64ToArrayBuffer(t.id)})))),(null==e?void 0:e.registerAsDiscoverable)?(a.authenticatorSelection.residentKey="preferred",a.authenticatorSelection.requireResidentKey=!0):(a.authenticatorSelection.residentKey="discouraged",a.authenticatorSelection.requireResidentKey=!1),a.authenticatorSelection.authenticatorAttachment=(null==e?void 0:e.allowCrossPlatformAuthenticators)?void 0:"platform",a},t.encodeAuthenticationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:G.arrayBufferToBase64(t.rawId),response:{authenticatorData:G.arrayBufferToBase64(i.authenticatorData),clientDataJSON:G.arrayBufferToBase64(i.clientDataJSON),signature:G.arrayBufferToBase64(i.signature),userHandle:G.arrayBufferToBase64(i.userHandle)},authenticatorAttachment:e,type:t.type}},t.encodeRegistrationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:G.arrayBufferToBase64(t.rawId),response:{attestationObject:G.arrayBufferToBase64(i.attestationObject),clientDataJSON:G.arrayBufferToBase64(i.clientDataJSON)},authenticatorAttachment:e,type:t.type}}}(wt||(wt={}));class mt{async modal(t){try{const e=await this.performAuthentication(l(l({},t),{},{mediationType:gt.Modal}));return G.jsonToBase64(e)}catch(t){throw ft.toAuthenticationError(t)}}activateAutofill(t,e){const{onSuccess:i,onError:a,onReady:s}=t;this.performAuthentication({username:e,mediationType:gt.InputAutofill,onReady:s}).then((t=>{i(G.jsonToBase64(t))})).catch((t=>{const e=ft.toAuthenticationError(t);if(!a)throw e;a(e)}))}abortAutofill(){this.abortController&&this.abortController.abort(X.AutofillAuthenticationAborted)}abortAuthentication(){this.abortController&&this.abortController.abort(X.AuthenticationAbortedTimeout)}async performAuthentication(t){var e,i;const a="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,timeout:null===(e=t.options)||void 0===e?void 0:e.timeout}),s=a.credential_request_options,n=wt.processCredentialRequestOptions(s),r=this.getMediatedCredentialRequest(n,t.mediationType);t.mediationType===gt.InputAutofill&&(null===(i=t.onReady)||void 0===i||i.call(t));const o=await navigator.credentials.get(r).catch((t=>{throw ft.toAuthenticationError(t)}));return{webauthnSessionId:a.webauthn_session_id,publicKeyCredential:wt.encodeAuthenticationResult(o),userAgent:navigator.userAgent}}getMediatedCredentialRequest(t,e){const i={publicKey:t};return this.abortController=new AbortController,i.signal=this.abortController&&this.abortController.signal,e===gt.InputAutofill?i.mediation="conditional":t.timeout&&setTimeout((()=>{this.abortAuthentication()}),t.timeout),i}}class bt{constructor(t,e){this.handler=t,this.intervalInMs=e}begin(){var t;this.intervalId=window.setInterval((t=this.handler,async function(){t.isRunning||(t.isRunning=!0,await t(...arguments),t.isRunning=!1)}),this.intervalInMs)}stop(){clearInterval(this.intervalId)}}const Dt=/^[A-Za-z0-9\-_.: ]*$/;function St(t){if(t&&(!function(t){return Object.keys(t).length<=10}(t)||!function(t){const e=t=>"string"==typeof t,i=t=>Dt.test(t);return Object.keys(t).every((a=>e(a)&&e(t[a])&&i(a)&&i(t[a])))}(t)))throw Z.error("Failed validating approval data"),new lt("Provided approval data should have 10 properties max. Also, it should contain only \n alphanumeric characters, numbers, and the special characters: '-', '_', '.'")}class At{constructor(t,e,i){this.authenticationHandler=t,this.registrationHandler=e,this.approvalHandler=i,this.init={registration:async t=>(this.ticketStatus=exports.WebauthnCrossDeviceStatus.Pending,this.pollCrossDeviceSession(t.crossDeviceTicketId,t.handlers)),authentication:async t=>{const{username:e}=t,i=(await pt.initCrossDeviceAuthentication(l({},e&&{username:e}))).cross_device_ticket_id;return this.ticketStatus=exports.WebauthnCrossDeviceStatus.Pending,this.pollCrossDeviceSession(i,t.handlers)},approval:async t=>{const{username:e,approvalData:i}=t;St(i);const a=(await pt.initCrossDeviceAuthentication({username:e,approvalData:i})).cross_device_ticket_id;return this.ticketStatus=exports.WebauthnCrossDeviceStatus.Pending,this.pollCrossDeviceSession(a,t.handlers)}},this.authenticate={modal:async t=>this.authenticationHandler.modal({crossDeviceTicketId:t})},this.approve={modal:async t=>this.approvalHandler.modal({crossDeviceTicketId:t})}}async register(t,e){return this.registrationHandler.register({crossDeviceTicketId:t},e)}async attachDevice(t){const e=await pt.attachDeviceToCrossDeviceSession({ticketId:t});return l({status:e.status,startedAt:e.started_at},e.approval_data&&{approvalData:e.approval_data})}async pollCrossDeviceSession(t,e){return this.poller=new bt((async()=>{var i,a;const s=await pt.getCrossDeviceTicketStatus({ticketId:t}),n=s.status;if(n!==this.ticketStatus)switch(this.ticketStatus=n,n){case exports.WebauthnCrossDeviceStatus.Scanned:await e.onDeviceAttach();break;case exports.WebauthnCrossDeviceStatus.Error:case exports.WebauthnCrossDeviceStatus.Timeout:case exports.WebauthnCrossDeviceStatus.Aborted:await e.onFailure(s),null===(i=this.poller)||void 0===i||i.stop();break;case exports.WebauthnCrossDeviceStatus.Success:if("onCredentialRegister"in e)await e.onCredentialRegister();else{if(!s.session_id)throw new dt("Cross device session is complete without returning session_id",s);await e.onCredentialAuthenticate(s.session_id)}null===(a=this.poller)||void 0===a||a.stop()}}),1e3),this.poller.begin(),setTimeout((()=>{var t;null===(t=this.poller)||void 0===t||t.stop(),e.onFailure({status:exports.WebauthnCrossDeviceStatus.Timeout})}),3e5),{crossDeviceTicketId:t,stop:()=>{var t;null===(t=this.poller)||void 0===t||t.stop()}}}}class Ct{async register(t,e){this.abortController=new AbortController;const i=l({allowCrossPlatformAuthenticators:!("crossDeviceTicketId"in t),registerAsDiscoverable:!0},e);try{const a="crossDeviceTicketId"in t?await pt.startCrossDeviceRegistration({ticketId:t.crossDeviceTicketId}):await pt.startRegistration({username:t.username,displayName:(null==e?void 0:e.displayName)||t.username,timeout:null==e?void 0:e.timeout,limitSingleCredentialToDevice:null==e?void 0:e.limitSingleCredentialToDevice}),s=wt.processCredentialCreationOptions(a.credential_creation_options,i);setTimeout((()=>{this.abortRegistration()}),s.timeout);const n=await this.registerCredential(s),r={webauthnSessionId:a.webauthn_session_id,publicKeyCredential:n,userAgent:navigator.userAgent};return G.jsonToBase64(r)}catch(t){throw ft.toRegistrationError(t)}}abortRegistration(){this.abortController&&this.abortController.abort(X.RegistrationAbortedTimeout)}async registerCredential(t){const e=await navigator.credentials.create({publicKey:t,signal:this.abortController&&this.abortController.signal}).catch((t=>{throw ft.toRegistrationError(t)}));return wt.encodeRegistrationResult(e)}}class _t{async modal(t){try{const e=await this.performApproval(t);return G.jsonToBase64(e)}catch(t){throw ft.toAuthenticationError(t)}}async performApproval(t){"approvalData"in t&&St(t.approvalData);const e="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,approvalData:t.approvalData}),i=e.credential_request_options,a=wt.processCredentialRequestOptions(i),s=await navigator.credentials.get({publicKey:a}).catch((t=>{throw ft.toAuthenticationError(t)}));return{webauthnSessionId:e.webauthn_session_id,publicKeyCredential:wt.encodeAuthenticationResult(s),userAgent:navigator.userAgent}}}class Kt{constructor(){this._initialized=!1,this._authenticationHandler=new mt,this._registrationHandler=new Ct,this._approvalHandler=new _t,this._crossDeviceHandler=new At(this._authenticationHandler,this._registrationHandler,this._approvalHandler),this.authenticate={modal:async(t,e)=>(this.initCheck(),this._authenticationHandler.modal({username:t,options:e})),autofill:{activate:(t,e)=>(this.initCheck(),this._authenticationHandler.activateAutofill(t,e)),abort:()=>this._authenticationHandler.abortAutofill()}},this.approve={modal:async(t,e)=>(this.initCheck(),this._approvalHandler.modal({username:t,approvalData:e}))},this.register=async(t,e)=>(this.initCheck(),this._registrationHandler.register({username:t},e)),this.crossDevice={init:{registration:async t=>(this.initCheck(),this._crossDeviceHandler.init.registration(t)),authentication:async t=>(this.initCheck(),this._crossDeviceHandler.init.authentication(t)),approval:async t=>(this.initCheck(),this._crossDeviceHandler.init.approval(t))},authenticate:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.authenticate.modal(t))},approve:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.approve.modal(t))},register:async(t,e)=>(this.initCheck(),this._crossDeviceHandler.register(t,e)),attachDevice:async t=>(this.initCheck(),this._crossDeviceHandler.attachDevice(t))},this.isPlatformAuthenticatorSupported=async()=>{var t;try{return await(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isUserVerifyingPlatformAuthenticatorAvailable())}catch(t){return!1}},this.isAutofillSupported=async()=>{var t,e;return!(!(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isConditionalMediationAvailable)||!await(null===(e=Kt.StaticPublicKeyCredential)||void 0===e?void 0:e.isConditionalMediationAvailable()))}}async init(t,e){try{if(!t)throw new tt("Invalid clientId",{clientId:t});if(e.webauthnApiPaths){const t=pt.getDefaultPaths();if(function(t,e){const i=new Set(t),a=new Set(e);return[...t.filter((t=>!a.has(t))),...e.filter((t=>!i.has(t)))]}(Object.keys(e.webauthnApiPaths),Object.keys(t)).length)throw new tt("Invalid custom paths",{customApiPaths:e.webauthnApiPaths})}pt.init(t,e),this._initialized=!0}catch(t){throw ht(t)?t:new tt("Failed to initialize SDK")}}getDefaultPaths(){return this.initCheck(),pt.getDefaultPaths()}getApiPaths(){return this.initCheck(),pt.getApiPaths()}initCheck(){if(!this._initialized)throw new tt}}Kt.StaticPublicKeyCredential=window.PublicKeyCredential;const kt=new V("webauthn"),Rt=new Kt;kt.events.on(kt.events.MODULE_INITIALIZED,(()=>{var t;const e=kt.moduleMetadata.getInitConfig();if(!(null===(t=null==e?void 0:e.webauthn)||void 0===t?void 0:t.serverPath))return;const{clientId:i,webauthn:a}=e;Rt.init(i,l({},a))}));const Pt={modal:async(t,e)=>(Rt.initCheck(),Rt.authenticate.modal(t,e)),autofill:{activate:(t,e)=>{Rt.initCheck(),Rt.authenticate.autofill.activate(t,e)},abort:()=>{Rt.initCheck(),Rt.authenticate.autofill.abort()}}},Tt={modal:async(t,e)=>(Rt.initCheck(),Rt.approve.modal(t,e))};async function It(t,e){return Rt.initCheck(),Rt.register(t,e)}const{crossDevice:Ot}=Rt,{isPlatformAuthenticatorSupported:xt}=Rt,{isAutofillSupported:jt}=Rt,{getDefaultPaths:Bt}=Rt;window.localWebAuthnSDK=Rt;const Nt={initialize:r,...Object.freeze({__proto__:null,get WebauthnCrossDeviceStatus(){return exports.WebauthnCrossDeviceStatus},approve:Tt,authenticate:Pt,crossDevice:Ot,getDefaultPaths:Bt,isAutofillSupported:jt,isPlatformAuthenticatorSupported:xt,register:It})};exports.PACKAGE_VERSION="1.16.0",exports.approve=Tt,exports.authenticate=Pt,exports.crossDevice=Ot,exports.getDefaultPaths=Bt,exports.initialize=r,exports.isAutofillSupported=jt,exports.isPlatformAuthenticatorSupported=xt,exports.register=It,exports.webauthn=Nt;
1
+ "undefined"==typeof globalThis&&("undefined"!=typeof window?(window.globalThis=window,window.global=window):"undefined"!=typeof self&&(self.globalThis=self,self.global=self));const t=Symbol("MODULE_INITIALIZED"),e=new Map;function i(t,i){var a,s;null===(a=e.get(t))||void 0===a||a.forEach((s=t=>t(i),function(){try{return s(...arguments)}catch(t){console.log(t)}}))}let a=null;function s(t){a=t}var n=Object.freeze({__proto__:null,getInitConfig:function(){return a},get initConfig(){return a},setInitConfig:s});function r(e){s(e),i(t,void 0)}var o=Object.freeze({__proto__:null,initialize:r});function c(t,e){var i=Object.keys(t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(t);e&&(a=a.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),i.push.apply(i,a)}return i}function l(t){for(var e=1;e<arguments.length;e++){var i=null!=arguments[e]?arguments[e]:{};e%2?c(Object(i),!0).forEach((function(e){d(t,e,i[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):c(Object(i)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))}))}return t}function u(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var i=t[Symbol.toPrimitive];if(void 0!==i){var a=i.call(t,e||"default");if("object"!=typeof a)return a;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}function d(t,e,i){return(e=u(e))in t?Object.defineProperty(t,e,{value:i,enumerable:!0,configurable:!0,writable:!0}):t[e]=i,t}function h(t,e){return Object.entries(e).reduce(((e,i)=>{let[a,s]=i;return l(l({},e),{},{[a]:y.isPrototypeOf(s)?new s(t.slug):"function"==typeof s?s.bind(t):"object"==typeof s&&!Array.isArray(s)&&s?h(t,s):s})}),{})}class y{constructor(t){this.slug=t}static create(t){return class extends y{constructor(e){super(e),Object.assign(this,h(this,t(this)))}}}}var p=Object.freeze({__proto__:null,Agent:y}),g=Object.freeze({__proto__:null,MODULE_INITIALIZED:t,emit:i,off:function(t,i){const a=e.get(t);if(!a)return;const s=a.indexOf(i);-1!==s&&a.splice(s,1)},on:function(t,i){var a;e.has(t)?null===(a=e.get(t))||void 0===a||a.push(i):e.set(t,[i])}});function v(t,e){const i=!t||"object"!=typeof t||Array.isArray(t)?{}:t;return[e.reduce(((t,e)=>{if(e in t){const i=t[e];if(null!==i&&"object"==typeof i&&!Array.isArray(i))return i}const i={};return t[e]=i,i}),i),i]}function f(t,e){let i=t;return e.every((t=>!(!i||"object"!=typeof i||Array.isArray(i)||!(t in i))&&(i=i[t],!0)),t)}const w="tsec",m="general";function b(t){return t?m:a.clientId}function D(t){return function(t){if(!t)return{};try{return JSON.parse(t)}catch(t){return{}}}((t?sessionStorage:localStorage).getItem(w))}function S(t,e){const i=t?sessionStorage:localStorage,a=e(D(t));i.setItem(w,JSON.stringify(a))}var A=Object.freeze({__proto__:null,COMMON_STORAGE_KEY:w,GENERAL_ID_KEY:m,getValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly),[s]=v(a,[this.slug.toString(),i]);return s[t]},hasValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly);return f(a,[this.slug.toString(),i,t])},removeValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral);S(!!e.sessionOnly,(e=>{const[a,s]=v(e,[this.slug.toString(),i]);return delete a[t],s}))},setValue:function(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=b(!!i.isGeneral);S(!!i.sessionOnly,(i=>{const[s,n]=v(i,[this.slug.toString(),a]);return s[t]=e,n}))}});const C="RSA-PSS",_=async(t,e)=>await window.crypto.subtle.generateKey({name:t,modulusLength:2048,publicExponent:new Uint8Array([1,0,1]),hash:"SHA-256"},!1,e),K=async()=>await _("RSA-OAEP",["encrypt","decrypt"]),k=async()=>await _(C,["sign"]),R=async(t,e)=>{const i=(new TextEncoder).encode(e);return await window.crypto.subtle.sign({name:C,saltLength:32},t,i)};class P{constructor(t,e,i){this.slug=t,this.dbName=e,this.dbVersion=i}queryObjectStore(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=(window.indexedDB||window.mozIndexedDB||window.webkitIndexedDB||window.msIndexedDB||window.shimIndexedDB).open(`${this.slug}:${this.dbName}`,this.dbVersion||1);a.onupgradeneeded=()=>{var e;const i=a.result;(null===(e=null==i?void 0:i.objectStoreNames)||void 0===e?void 0:e.contains)&&!i.objectStoreNames.contains(t)&&i.createObjectStore(t,{keyPath:"key"})},a.onsuccess=()=>{const s=a.result,n=s.transaction(t,(null==i?void 0:i.operation)||"readwrite"),r=n.objectStore(t);e(r),n.oncomplete=()=>{s.close()}}}put(t,e,i){return new Promise(((a,s)=>{this.queryObjectStore(t,(t=>{const n=t.put({key:e,value:i});n.onsuccess=()=>{a(n.result)},n.onerror=t=>{s("Failed adding item to objectStore, err: "+t)}}))}))}add(t,e,i){return new Promise(((a,s)=>{this.queryObjectStore(t,(t=>{const n=t.add({key:e,value:i});n.onsuccess=()=>{a(n.result)},n.onerror=t=>{const e=t.target.error;s(e)}}))}))}get(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const s=t.get(e);s.onsuccess=()=>{var t;s.result?i(null===(t=s.result)||void 0===t?void 0:t.value):i(void 0)},s.onerror=t=>{a("Failed adding item to objectStore, err: "+t)}}))}))}getAll(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const s=t.getAll(null,e);s.onsuccess=()=>{if(s.result){const t=s.result;(null==t?void 0:t.length)?i(t.map((t=>null==t?void 0:t.value))):i(t)}else i([])},s.onerror=t=>{a("Failed getting items, err: "+t)}}))}))}delete(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const s=t.delete(e);s.onsuccess=()=>{i()},s.onerror=t=>{a(`Failed deleting key: '${e}' from objectStore, err: `+t)}}))}))}clear(t){return new Promise(((e,i)=>{this.queryObjectStore(t,(t=>{const a=t.clear();a.onsuccess=()=>{e()},a.onerror=t=>{i("Failed clearing objectStore, err: "+t)}}))}))}}const T="platform",I="init",O="completed",x="RSA2048",j=[I,O];class B{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"sign",i=arguments.length>2?arguments[2]:void 0;var s,n,r,o;this.agent=t,this.keysType=e,this.options=i,this._extractingKeysPromise=null;const c=!(null===(s=this.options)||void 0===s?void 0:s.productScope);this.keysDatabaseName=c||!(null===(n=this.options)||void 0===n?void 0:n.indexedDBName)?"ts_crypto_binding":this.options.indexedDBName,this.dbVersion=c?1:(null===(r=this.options)||void 0===r?void 0:r.dbVersion)||1,this.keysStoreName=c||!(null===(o=this.options)||void 0===o?void 0:o.keysStoreName)?"identifiers_store":this.options.keysStoreName,this.indexedDBClient=new P(c?T:t.slug,this.keysDatabaseName,this.dbVersion),this.indexedDBClientFallback=new P((c?T:t.slug)+`:${a.clientId}`,this.keysDatabaseName,this.dbVersion)}getKeysRecordKey(){return`${this.keysType}_keys`}getRotatedKeysRecordKey(){return`rotated_${this.keysType}_keys`}getRotatedKeysRecordKeyPending(){return`rotated_pending_${this.keysType}_keys`}arrayBufferToBase64(t){return window.btoa(String.fromCharCode(...new Uint8Array(t)))}async getPKRepresentations(t){const e=await crypto.subtle.exportKey("spki",t);return{arrayBufferKey:e,base64Key:this.arrayBufferToBase64(e)}}async generateKeyPair(){return"sign"==this.keysType?await k():await K()}async calcKeyIdentifier(t){const e=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(e)).map((t=>t.toString(16).padStart(2,"0"))).join("")}async extractKeysData(){if(this._extractingKeysPromise)return this._extractingKeysPromise;this._extractingKeysPromise=(async()=>{var t,e;const i=(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled)?await this.getRotatedKeysData():await this.getKeysData(),{base64Key:a}=await this.getPKRepresentations(i.publicKey);return this.publicKeyBase64=a,this.keyIdentifier=i.keyIdentifier,i})();try{return await this._extractingKeysPromise}finally{this._extractingKeysPromise=null}}async generateKeyPairData(t){const e=await this.generateKeyPair(),{arrayBufferKey:i}=await this.getPKRepresentations(e.publicKey),a=t||await this.calcKeyIdentifier(i);return l(l({},e),{},{keyIdentifier:a,createdDate:Date.now()})}shouldKeyBeRotated(t){var e;const i=null===(e=this.options)||void 0===e?void 0:e.keyRotation;if(!(null==i?void 0:i.isEnabled)||!i.expiryDays||void 0===i.startedAt)return!1;const a=24*i.expiryDays*60*60*1e3,s=t.createdDate&&t.createdDate>=i.startedAt?t.createdDate:i.startedAt;return Date.now()-s>a-2592e6}async extractMainKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getKeysRecordKey())}async extractFallbackMainKeysData(){return await this.indexedDBClientFallback.get(this.keysStoreName,this.getKeysRecordKey())}async extractRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKey())}async extractPendingRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKeyPending())}async saveKeyData(t,e){try{return await this.indexedDBClient.add(this.keysStoreName,t,e),e}catch(e){if(e instanceof DOMException&&"ConstraintError"===e.name){const e=await this.indexedDBClient.get(this.keysStoreName,t);if(e)return e}throw e}}async getKeysData(){const t=this.getKeysRecordKey();let e=await this.extractMainKeysData();if(e)return e;if(e=await this.extractFallbackMainKeysData(),e)return this.saveKeyData(t,e);const i=await this.generateKeyPairData();return this.saveKeyData(t,i)}async getOrCreateRotatedKeys(){let t=await this.extractRotatedKeysData();if(!t){const e=this.getRotatedKeysRecordKey(),i=await this.getKeysData(),a=l(l({},i),{},{createdDate:i.createdDate||Date.now()});t=await this.saveKeyData(e,a)}return t}async getRotatedKeysData(){const t=await this.getOrCreateRotatedKeys();if(this.shouldKeyBeRotated(t)){if(!await this.extractPendingRotatedKeysData()){const e=this.getRotatedKeysRecordKeyPending(),i=await this.generateKeyPairData(t.keyIdentifier);await this.saveKeyData(e,i)}}return t}async getPublicData(){return this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData(),{publicKey:this.publicKeyBase64,keyIdentifier:this.keyIdentifier}}async sign(t){if("sign"==this.keysType){const{privateKey:e}=await this.extractKeysData(),i=await R(e,t);return this.arrayBufferToBase64(i)}throw new Error("keysType must be 'sign' in order to use sign keys")}async clearKeys(){const t=this.getKeysRecordKey();await this.indexedDBClient.delete(this.keysStoreName,t)}getBaseRotationPayload(){return{keyIdentifier:this.keyIdentifier,slot:this.getRotatedKeysRecordKey(),publicKey:this.publicKeyBase64,publicKeyType:x,tenantId:this.options.keyRotation.tenantId}}async getRotationData(){var t,e;if(!(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled))return;this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData();const i=await this.extractPendingRotatedKeysData();if(i){const{base64Key:t}=await this.getPKRepresentations(i.publicKey),{privateKey:e}=await this.extractKeysData(),a=l(l({},this.getBaseRotationPayload()),{},{newPublicKey:t,createdDate:i.createdDate,newPublicKeyType:x}),s=JSON.stringify(a);return{data:s,signature:await this.signPayload(s,e)}}const a=await this.extractRotatedKeysData();if(a&&!1===a.confirmed){await this.extractKeysData();const t=JSON.stringify(this.getBaseRotationPayload());return{data:t,signature:await this.signPayload(t,a.privateKey)}}}async signPayload(t,e){const i=await R(e,t);return this.arrayBufferToBase64(i)}async handleRotateResponse(t){if(j.includes(t))if(t===I){const t=await this.extractPendingRotatedKeysData();if(t){await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKey());const e=l(l({},t),{},{confirmed:!1});await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),e),await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKeyPending());const{base64Key:i}=await this.getPKRepresentations(t.publicKey);this.publicKeyBase64=i,this.keyIdentifier=t.keyIdentifier}}else if(t===O){const t=await this.extractRotatedKeysData();t&&!1===t.confirmed&&await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),l(l({},t),{},{confirmed:!0}))}}}var N=Object.freeze({__proto__:null,createCryptoBinding:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"sign",e=arguments.length>1?arguments[1]:void 0;return new B(this,t,e)},generateRSAKeyPair:K,generateRSASignKeyPair:k,signAssymetric:R,verifyAssymetric:async(t,e,i)=>{const a=(new TextEncoder).encode(e);return await window.crypto.subtle.verify(C,t,i,a)}}),E=Object.freeze({__proto__:null});const H=y.create((t=>{class e extends Error{constructor(e,i){super(`${t.slug}-${e} ${i}`)}}return{TsError:e,TsInternalError:class extends e{constructor(t){super(t,"Internal error")}}}}));var F=y.create((()=>l({exceptions:H},p)));class M{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:[];this.agent=t,this.middlewares=e,this.logs=[]}info(t,e){this.pushLog(3,t,e)}warn(t,e){this.pushLog(4,t,e)}error(t,e){this.pushLog(5,t,e)}pushLog(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};this.logs.push({timestamp:Date.now(),module:this.agent.slug,severity:t,fields:i,message:e});const a=this.middlewares.map((t=>t(this)));Promise.all(a).catch((()=>{}))}}var q=Object.freeze({__proto__:null,consoleMiddleware:function(t){const e=t.logs[t.logs.length-1];console.log(`${e.severity} ${e.message}`,e.fields)},createSdkLogger:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:[];return new M(this,t)}});function z(t,e){if(!(null==t?void 0:t.trim()))return"";if(function(t){try{return new URL(t),!0}catch(t){return!1}}(t))return t;const i="http://mock.com",a=new URL(i);a.search=(null==e?void 0:e.toString())||"",a.pathname=t;return a.href.replace(i,"")}const $={"Content-Type":"application/json","X-TS-client-time":(new Date).toUTCString(),"X-TS-ua":navigator.userAgent};function J(t,e,i){var a;const s=(n=e||{},encodeURI(JSON.stringify(n)).split(/%..|./).length-1);var n;return{method:t,headers:l(l(l({},{"X-TS-body-size":String(s)}),$),i||{}),body:null!==(a=e&&JSON.stringify(e||{}))&&void 0!==a?a:void 0}}function W(t,e,i,a,s){const n=z(t,a),r=J(e,i,s);return fetch(n,r)}async function L(t,e,i,a,s){let n;if(n=await W(t,e,i,a,s),!n.ok)throw new Error("Request failed");return n}var U=Object.freeze({__proto__:null,httpDelete:async function(t,e){const i=await L(t,"DELETE",void 0,void 0,e);return l(l({data:await i.json()},i),{},{headers:i.headers})},httpGet:async function(t,e,i){const a=await L(t,"GET",void 0,e,i);return l(l({data:await a.json()},a),{},{headers:a.headers})},httpPost:async function(t,e,i,a){const s=await L(t,"POST",e,i,a);return l(l({data:await s.json()},s),{},{headers:s.headers})},httpPut:async function(t,e,i,a){const s=await L(t,"PUT",e,i,a);return l(l({data:await s.json()},s),{},{headers:s.headers})},init:J}),V=y.create((()=>({events:g,moduleMetadata:n,mainEntry:o,utils:F,storage:A,crypto:N,indexedDB:E,logger:q,http:U})));class G{static arrayBufferToBase64(t){return btoa(String.fromCharCode(...new Uint8Array(t)))}static base64ToArrayBuffer(t){return Uint8Array.from(atob(t),(t=>t.charCodeAt(0)))}static stringToBase64(t){return btoa(t)}static jsonToBase64(t){const e=JSON.stringify(t);return btoa(e)}static base64ToJson(t){const e=atob(t);return JSON.parse(e)}}const Z={log:console.log,error:console.error};var X,Y;!function(t){t.NotInitialized="not_initialized",t.AuthenticationFailed="authentication_failed",t.AuthenticationAbortedTimeout="authentication_aborted_timeout",t.AuthenticationCanceled="webauthn_authentication_canceled",t.RegistrationFailed="registration_failed",t.AlreadyRegistered="username_already_registered",t.RegistrationAbortedTimeout="registration_aborted_timeout",t.RegistrationCanceled="webauthn_registration_canceled",t.AutofillAuthenticationAborted="autofill_authentication_aborted",t.AuthenticationProcessAlreadyActive="authentication_process_already_active",t.InvalidApprovalData="invalid_approval_data",t.FailedToInitCrossDeviceSession="cross_device_init_failed",t.FailedToGetCrossDeviceStatus="cross_device_status_failed",t.Unknown="unknown"}(X||(X={}));class Q extends Error{constructor(t,e){super(t),this.errorCode=X.NotInitialized,this.data=e}}class tt extends Q{constructor(t,e){super(null!=t?t:"WebAuthnSdk is not initialized",e),this.errorCode=X.NotInitialized}}class et extends Q{constructor(t,e){super(null!=t?t:"Authentication failed with an error",e),this.errorCode=X.AuthenticationFailed}}class it extends Q{constructor(t,e){super(null!=t?t:"Authentication was canceled by the user or got timeout",e),this.errorCode=X.AuthenticationCanceled}}class at extends Q{constructor(t,e){super(null!=t?t:"Registration failed with an error",e),this.errorCode=X.RegistrationFailed}}class st extends Q{constructor(t,e){super(null!=t?t:"Registration was canceled by the user or got timeout",e),this.errorCode=X.RegistrationCanceled}}class nt extends Q{constructor(t){super(null!=t?t:"Autofill flow was aborted"),this.errorCode=X.AutofillAuthenticationAborted}}class rt extends Q{constructor(t){super(null!=t?t:"Operation was aborted by timeout"),this.errorCode=X.AutofillAuthenticationAborted}}class ot extends Q{constructor(t){super(null!=t?t:"Passkey with this username is already registered with the relying party."),this.errorCode=X.AlreadyRegistered}}class ct extends Q{constructor(t,e){super(null!=t?t:"Authentication process is already active",e),this.errorCode=X.AuthenticationProcessAlreadyActive}}class lt extends Q{constructor(t,e){super(null!=t?t:"Invalid approval data",e),this.errorCode=X.InvalidApprovalData}}class ut extends Q{constructor(t,e){super(null!=t?t:"Failed to init cross device authentication",e),this.errorCode=X.FailedToInitCrossDeviceSession}}class dt extends Q{constructor(t,e){super(null!=t?t:"Failed to get cross device status",e),this.errorCode=X.FailedToGetCrossDeviceStatus}}function ht(t){return t.errorCode&&Object.values(X).includes(t.errorCode)}!function(t){t[t.persistent=0]="persistent",t[t.session=1]="session"}(Y||(Y={}));class yt{static get(t){return yt.getStorageMedium(yt.allowedKeys[t]).getItem(yt.getStorageKey(t))||void 0}static set(t,e){return yt.getStorageMedium(yt.allowedKeys[t]).setItem(yt.getStorageKey(t),e)}static remove(t){yt.getStorageMedium(yt.allowedKeys[t]).removeItem(yt.getStorageKey(t))}static clear(t){for(const[e,i]of Object.entries(yt.allowedKeys)){const a=e;t&&this.configurationKeys.includes(a)||yt.getStorageMedium(i).removeItem(yt.getStorageKey(a))}}static getStorageKey(t){return`WebAuthnSdk:${t}`}static getStorageMedium(t){return t===Y.session?sessionStorage:localStorage}}yt.allowedKeys={clientId:Y.session},yt.configurationKeys=["clientId"];class pt{static isNewApiDomain(t){return t&&(this.newApiDomains.includes(t)||t.startsWith("api.")&&t.endsWith(".transmitsecurity.io"))}static dnsPrefetch(t){const e=document.createElement("link");e.rel="dns-prefetch",e.href=t,document.head.appendChild(e)}static preconnect(t,e){const i=document.createElement("link");i.rel="preconnect",i.href=t,e&&(i.crossOrigin="anonymous"),document.head.appendChild(i)}static warmupConnection(t){this.dnsPrefetch(t),this.preconnect(t,!1),this.preconnect(t,!0)}static init(t,e){var i,a;try{this._serverPath=new URL(e.serverPath),this.isNewApiDomain(null===(i=this._serverPath)||void 0===i?void 0:i.hostname)&&this.warmupConnection(this._serverPath.origin),this._apiPaths=null!==(a=e.webauthnApiPaths)&&void 0!==a?a:this.getDefaultPaths(),this._clientId=t,yt.set("clientId",t)}catch(t){throw new tt("Invalid options.serverPath",{error:t})}}static getDefaultPaths(){var t;const e=this.isNewApiDomain(null===(t=this._serverPath)||void 0===t?void 0:t.hostname)?"/cis":"";return{startAuthentication:`${e}/v1/auth/webauthn/authenticate/start`,startRegistration:`${e}/v1/auth/webauthn/register/start`,initCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/init`,startCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/start`,startCrossDeviceRegistration:`${e}/v1/auth/webauthn/cross-device/register/start`,getCrossDeviceTicketStatus:`${e}/v1/auth/webauthn/cross-device/status`,attachDeviceToCrossDeviceSession:`${e}/v1/auth/webauthn/cross-device/attach-device`}}static getApiPaths(){return this._apiPaths}static async sendRequest(t,e,i){Z.log(`[WebAuthn SDK] Calling ${e.method} ${t}...`);const a=new URL(this._serverPath);return a.pathname=t,i&&(a.search=i),fetch(a.toString(),e)}static async startRegistration(t){const e=await this.sendRequest(this._apiPaths.startRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId(),username:t.username,display_name:t.displayName},t.timeout&&{timeout:t.timeout}),t.limitSingleCredentialToDevice&&{limit_single_credential_to_device:t.limitSingleCredentialToDevice}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start registration",null==e?void 0:e.body);return await e.json()}static async startAuthentication(t){const e=await this.sendRequest(this._apiPaths.startAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}),t.timeout&&{timeout:t.timeout}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start authentication",null==e?void 0:e.body);return await e.json()}static async initCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.initCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}))});if(!(null==e?void 0:e.ok))throw new ut(void 0,null==e?void 0:e.body);return await e.json()}static async getCrossDeviceTicketStatus(t){const e=await this.sendRequest(this._apiPaths.getCrossDeviceTicketStatus,{method:"GET"},`cross_device_ticket_id=${t.ticketId}`);if(!(null==e?void 0:e.ok))throw new dt(void 0,null==e?void 0:e.body);return await e.json()}static async startCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new et("Failed to start cross device authentication",null==e?void 0:e.body);return await e.json()}static async startCrossDeviceRegistration(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to start cross device registration",null==e?void 0:e.body);return await e.json()}static async attachDeviceToCrossDeviceSession(t){const e=await this.sendRequest(this._apiPaths.attachDeviceToCrossDeviceSession,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to attach device to cross device session",null==e?void 0:e.body);return await e.json()}static getValidatedClientId(){var t;const e=null!==(t=this._clientId)&&void 0!==t?t:yt.get("clientId");if(!e)throw new tt("Missing clientId");return e}}var gt,vt,ft,wt;pt.newApiDomains=["api.idsec-dev.com","api.idsec-stg.com"],function(t){t.InputAutofill="input-autofill",t.Modal="modal"}(gt||(gt={})),exports.WebauthnCrossDeviceStatus=void 0,(vt=exports.WebauthnCrossDeviceStatus||(exports.WebauthnCrossDeviceStatus={})).Pending="pending",vt.Scanned="scanned",vt.Success="success",vt.Error="error",vt.Timeout="timeout",vt.Aborted="aborted",function(t){t.toAuthenticationError=t=>ht(t)?t:"NotAllowedError"===t.name?new it:"OperationError"===t.name?new ct(t.message):"SecurityError"===t.name?new et(t.message):t===X.AuthenticationAbortedTimeout?new rt:"AbortError"===t.name||t===X.AutofillAuthenticationAborted?new nt:new et("Something went wrong during authentication",{error:t}),t.toRegistrationError=t=>ht(t)?t:"NotAllowedError"===t.name?new st:"SecurityError"===t.name?new at(t.message):"InvalidStateError"===t.name?new ot:t===X.RegistrationAbortedTimeout?new rt:new at("Something went wrong during registration",{error:t})}(ft||(ft={})),function(t){t.processCredentialRequestOptions=t=>l(l({},t),{},{challenge:G.base64ToArrayBuffer(t.challenge),allowCredentials:t.allowCredentials.map((t=>l(l({},t),{},{id:G.base64ToArrayBuffer(t.id)})))}),t.processCredentialCreationOptions=(t,e)=>{var i;const a=JSON.parse(JSON.stringify(t));return a.challenge=G.base64ToArrayBuffer(t.challenge),a.user.id=G.base64ToArrayBuffer(t.user.id),(null==e?void 0:e.limitSingleCredentialToDevice)&&(a.excludeCredentials=null===(i=t.excludeCredentials)||void 0===i?void 0:i.map((t=>l(l({},t),{},{id:G.base64ToArrayBuffer(t.id)})))),(null==e?void 0:e.registerAsDiscoverable)?(a.authenticatorSelection.residentKey="preferred",a.authenticatorSelection.requireResidentKey=!0):(a.authenticatorSelection.residentKey="discouraged",a.authenticatorSelection.requireResidentKey=!1),a.authenticatorSelection.authenticatorAttachment=(null==e?void 0:e.allowCrossPlatformAuthenticators)?void 0:"platform",a},t.encodeAuthenticationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:G.arrayBufferToBase64(t.rawId),response:{authenticatorData:G.arrayBufferToBase64(i.authenticatorData),clientDataJSON:G.arrayBufferToBase64(i.clientDataJSON),signature:G.arrayBufferToBase64(i.signature),userHandle:G.arrayBufferToBase64(i.userHandle)},authenticatorAttachment:e,type:t.type}},t.encodeRegistrationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:G.arrayBufferToBase64(t.rawId),response:{attestationObject:G.arrayBufferToBase64(i.attestationObject),clientDataJSON:G.arrayBufferToBase64(i.clientDataJSON)},authenticatorAttachment:e,type:t.type}}}(wt||(wt={}));class mt{async modal(t){try{const e=await this.performAuthentication(l(l({},t),{},{mediationType:gt.Modal}));return G.jsonToBase64(e)}catch(t){throw ft.toAuthenticationError(t)}}activateAutofill(t,e){const{onSuccess:i,onError:a,onReady:s}=t;this.performAuthentication({username:e,mediationType:gt.InputAutofill,onReady:s}).then((t=>{i(G.jsonToBase64(t))})).catch((t=>{const e=ft.toAuthenticationError(t);if(!a)throw e;a(e)}))}abortAutofill(){this.abortController&&this.abortController.abort(X.AutofillAuthenticationAborted)}abortAuthentication(){this.abortController&&this.abortController.abort(X.AuthenticationAbortedTimeout)}async performAuthentication(t){var e,i;const a="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,timeout:null===(e=t.options)||void 0===e?void 0:e.timeout}),s=a.credential_request_options,n=wt.processCredentialRequestOptions(s),r=this.getMediatedCredentialRequest(n,t.mediationType);t.mediationType===gt.InputAutofill&&(null===(i=t.onReady)||void 0===i||i.call(t));const o=await navigator.credentials.get(r).catch((t=>{throw ft.toAuthenticationError(t)}));return{webauthnSessionId:a.webauthn_session_id,publicKeyCredential:wt.encodeAuthenticationResult(o),userAgent:navigator.userAgent}}getMediatedCredentialRequest(t,e){const i={publicKey:t};return this.abortController=new AbortController,i.signal=this.abortController&&this.abortController.signal,e===gt.InputAutofill?i.mediation="conditional":t.timeout&&setTimeout((()=>{this.abortAuthentication()}),t.timeout),i}}class bt{constructor(t,e){this.handler=t,this.intervalInMs=e}begin(){var t;this.intervalId=window.setInterval((t=this.handler,async function(){t.isRunning||(t.isRunning=!0,await t(...arguments),t.isRunning=!1)}),this.intervalInMs)}stop(){clearInterval(this.intervalId)}}const Dt=/^[A-Za-z0-9\-_.: ]*$/;function St(t){if(t&&(!function(t){return Object.keys(t).length<=10}(t)||!function(t){const e=t=>"string"==typeof t,i=t=>Dt.test(t);return Object.keys(t).every((a=>e(a)&&e(t[a])&&i(a)&&i(t[a])))}(t)))throw Z.error("Failed validating approval data"),new lt("Provided approval data should have 10 properties max. Also, it should contain only \n alphanumeric characters, numbers, and the special characters: '-', '_', '.'")}class At{constructor(t,e,i){this.authenticationHandler=t,this.registrationHandler=e,this.approvalHandler=i,this.init={registration:async t=>(this.ticketStatus=exports.WebauthnCrossDeviceStatus.Pending,this.pollCrossDeviceSession(t.crossDeviceTicketId,t.handlers)),authentication:async t=>{const{username:e}=t,i=(await pt.initCrossDeviceAuthentication(l({},e&&{username:e}))).cross_device_ticket_id;return this.ticketStatus=exports.WebauthnCrossDeviceStatus.Pending,this.pollCrossDeviceSession(i,t.handlers)},approval:async t=>{const{username:e,approvalData:i}=t;St(i);const a=(await pt.initCrossDeviceAuthentication({username:e,approvalData:i})).cross_device_ticket_id;return this.ticketStatus=exports.WebauthnCrossDeviceStatus.Pending,this.pollCrossDeviceSession(a,t.handlers)}},this.authenticate={modal:async t=>this.authenticationHandler.modal({crossDeviceTicketId:t})},this.approve={modal:async t=>this.approvalHandler.modal({crossDeviceTicketId:t})}}async register(t,e){return this.registrationHandler.register({crossDeviceTicketId:t},e)}async attachDevice(t){const e=await pt.attachDeviceToCrossDeviceSession({ticketId:t});return l({status:e.status,startedAt:e.started_at},e.approval_data&&{approvalData:e.approval_data})}async pollCrossDeviceSession(t,e){return this.poller=new bt((async()=>{var i,a;const s=await pt.getCrossDeviceTicketStatus({ticketId:t}),n=s.status;if(n!==this.ticketStatus)switch(this.ticketStatus=n,n){case exports.WebauthnCrossDeviceStatus.Scanned:await e.onDeviceAttach();break;case exports.WebauthnCrossDeviceStatus.Error:case exports.WebauthnCrossDeviceStatus.Timeout:case exports.WebauthnCrossDeviceStatus.Aborted:await e.onFailure(s),null===(i=this.poller)||void 0===i||i.stop();break;case exports.WebauthnCrossDeviceStatus.Success:if("onCredentialRegister"in e)await e.onCredentialRegister();else{if(!s.session_id)throw new dt("Cross device session is complete without returning session_id",s);await e.onCredentialAuthenticate(s.session_id)}null===(a=this.poller)||void 0===a||a.stop()}}),1e3),this.poller.begin(),setTimeout((()=>{var t;null===(t=this.poller)||void 0===t||t.stop(),e.onFailure({status:exports.WebauthnCrossDeviceStatus.Timeout})}),3e5),{crossDeviceTicketId:t,stop:()=>{var t;null===(t=this.poller)||void 0===t||t.stop()}}}}class Ct{async register(t,e){this.abortController=new AbortController;const i=l({allowCrossPlatformAuthenticators:!("crossDeviceTicketId"in t),registerAsDiscoverable:!0},e);try{const a="crossDeviceTicketId"in t?await pt.startCrossDeviceRegistration({ticketId:t.crossDeviceTicketId}):await pt.startRegistration({username:t.username,displayName:(null==e?void 0:e.displayName)||t.username,timeout:null==e?void 0:e.timeout,limitSingleCredentialToDevice:null==e?void 0:e.limitSingleCredentialToDevice}),s=wt.processCredentialCreationOptions(a.credential_creation_options,i);setTimeout((()=>{this.abortRegistration()}),s.timeout);const n=await this.registerCredential(s),r={webauthnSessionId:a.webauthn_session_id,publicKeyCredential:n,userAgent:navigator.userAgent};return G.jsonToBase64(r)}catch(t){throw ft.toRegistrationError(t)}}abortRegistration(){this.abortController&&this.abortController.abort(X.RegistrationAbortedTimeout)}async registerCredential(t){const e=await navigator.credentials.create({publicKey:t,signal:this.abortController&&this.abortController.signal}).catch((t=>{throw ft.toRegistrationError(t)}));return wt.encodeRegistrationResult(e)}}class _t{async modal(t){try{const e=await this.performApproval(t);return G.jsonToBase64(e)}catch(t){throw ft.toAuthenticationError(t)}}async performApproval(t){"approvalData"in t&&St(t.approvalData);const e="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,approvalData:t.approvalData}),i=e.credential_request_options,a=wt.processCredentialRequestOptions(i),s=await navigator.credentials.get({publicKey:a}).catch((t=>{throw ft.toAuthenticationError(t)}));return{webauthnSessionId:e.webauthn_session_id,publicKeyCredential:wt.encodeAuthenticationResult(s),userAgent:navigator.userAgent}}}class Kt{constructor(){this._initialized=!1,this._authenticationHandler=new mt,this._registrationHandler=new Ct,this._approvalHandler=new _t,this._crossDeviceHandler=new At(this._authenticationHandler,this._registrationHandler,this._approvalHandler),this.authenticate={modal:async(t,e)=>(this.initCheck(),this._authenticationHandler.modal({username:t,options:e})),autofill:{activate:(t,e)=>(this.initCheck(),this._authenticationHandler.activateAutofill(t,e)),abort:()=>this._authenticationHandler.abortAutofill()}},this.approve={modal:async(t,e)=>(this.initCheck(),this._approvalHandler.modal({username:t,approvalData:e}))},this.register=async(t,e)=>(this.initCheck(),this._registrationHandler.register({username:t},e)),this.crossDevice={init:{registration:async t=>(this.initCheck(),this._crossDeviceHandler.init.registration(t)),authentication:async t=>(this.initCheck(),this._crossDeviceHandler.init.authentication(t)),approval:async t=>(this.initCheck(),this._crossDeviceHandler.init.approval(t))},authenticate:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.authenticate.modal(t))},approve:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.approve.modal(t))},register:async(t,e)=>(this.initCheck(),this._crossDeviceHandler.register(t,e)),attachDevice:async t=>(this.initCheck(),this._crossDeviceHandler.attachDevice(t))},this.isPlatformAuthenticatorSupported=async()=>{var t;try{return await(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isUserVerifyingPlatformAuthenticatorAvailable())}catch(t){return!1}},this.isAutofillSupported=async()=>{var t,e;return!(!(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isConditionalMediationAvailable)||!await(null===(e=Kt.StaticPublicKeyCredential)||void 0===e?void 0:e.isConditionalMediationAvailable()))}}async init(t,e){try{if(!t)throw new tt("Invalid clientId",{clientId:t});if(e.webauthnApiPaths){const t=pt.getDefaultPaths();if(function(t,e){const i=new Set(t),a=new Set(e);return[...t.filter((t=>!a.has(t))),...e.filter((t=>!i.has(t)))]}(Object.keys(e.webauthnApiPaths),Object.keys(t)).length)throw new tt("Invalid custom paths",{customApiPaths:e.webauthnApiPaths})}pt.init(t,e),this._initialized=!0}catch(t){throw ht(t)?t:new tt("Failed to initialize SDK")}}getDefaultPaths(){return this.initCheck(),pt.getDefaultPaths()}getApiPaths(){return this.initCheck(),pt.getApiPaths()}initCheck(){if(!this._initialized)throw new tt}}Kt.StaticPublicKeyCredential=window.PublicKeyCredential;const kt=new V("webauthn"),Rt=new Kt;kt.events.on(kt.events.MODULE_INITIALIZED,(()=>{var t;const e=kt.moduleMetadata.getInitConfig();if(!(null===(t=null==e?void 0:e.webauthn)||void 0===t?void 0:t.serverPath))return;const{clientId:i,webauthn:a}=e;Rt.init(i,l({},a))}));const Pt={modal:async(t,e)=>(Rt.initCheck(),Rt.authenticate.modal(t,e)),autofill:{activate:(t,e)=>{Rt.initCheck(),Rt.authenticate.autofill.activate(t,e)},abort:()=>{Rt.initCheck(),Rt.authenticate.autofill.abort()}}},Tt={modal:async(t,e)=>(Rt.initCheck(),Rt.approve.modal(t,e))};async function It(t,e){return Rt.initCheck(),Rt.register(t,e)}const{crossDevice:Ot}=Rt,{isPlatformAuthenticatorSupported:xt}=Rt,{isAutofillSupported:jt}=Rt,{getDefaultPaths:Bt}=Rt;window.localWebAuthnSDK=Rt;const Nt={initialize:r,...Object.freeze({__proto__:null,get WebauthnCrossDeviceStatus(){return exports.WebauthnCrossDeviceStatus},approve:Tt,authenticate:Pt,crossDevice:Ot,getDefaultPaths:Bt,isAutofillSupported:jt,isPlatformAuthenticatorSupported:xt,register:It})};exports.PACKAGE_VERSION="1.16.2",exports.approve=Tt,exports.authenticate=Pt,exports.crossDevice=Ot,exports.getDefaultPaths=Bt,exports.initialize=r,exports.isAutofillSupported=jt,exports.isPlatformAuthenticatorSupported=xt,exports.register=It,exports.webauthn=Nt;
package/dist/webauthn.js CHANGED
@@ -1 +1 @@
1
- "undefined"==typeof globalThis&&("undefined"!=typeof window?(window.globalThis=window,window.global=window):"undefined"!=typeof self&&(self.globalThis=self,self.global=self));const t=Symbol("MODULE_INITIALIZED"),e=new Map;function i(t,i){var a,n;null===(a=e.get(t))||void 0===a||a.forEach((n=t=>t(i),function(){try{return n(...arguments)}catch(t){console.log(t)}}))}let a=null;function n(t){a=t}var s=Object.freeze({__proto__:null,getInitConfig:function(){return a},get initConfig(){return a},setInitConfig:n});function r(e){n(e),i(t,void 0)}var o=Object.freeze({__proto__:null,initialize:r});function c(t,e){var i=Object.keys(t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(t);e&&(a=a.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),i.push.apply(i,a)}return i}function l(t){for(var e=1;e<arguments.length;e++){var i=null!=arguments[e]?arguments[e]:{};e%2?c(Object(i),!0).forEach((function(e){u(t,e,i[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):c(Object(i)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))}))}return t}function d(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var i=t[Symbol.toPrimitive];if(void 0!==i){var a=i.call(t,e||"default");if("object"!=typeof a)return a;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}function u(t,e,i){return(e=d(e))in t?Object.defineProperty(t,e,{value:i,enumerable:!0,configurable:!0,writable:!0}):t[e]=i,t}function h(t,e){return Object.entries(e).reduce(((e,i)=>{let[a,n]=i;return l(l({},e),{},{[a]:y.isPrototypeOf(n)?new n(t.slug):"function"==typeof n?n.bind(t):"object"==typeof n&&!Array.isArray(n)&&n?h(t,n):n})}),{})}class y{constructor(t){this.slug=t}static create(t){return class extends y{constructor(e){super(e),Object.assign(this,h(this,t(this)))}}}}var p=Object.freeze({__proto__:null,Agent:y}),g=Object.freeze({__proto__:null,MODULE_INITIALIZED:t,emit:i,off:function(t,i){const a=e.get(t);if(!a)return;const n=a.indexOf(i);-1!==n&&a.splice(n,1)},on:function(t,i){var a;e.has(t)?null===(a=e.get(t))||void 0===a||a.push(i):e.set(t,[i])}});function v(t,e){const i=!t||"object"!=typeof t||Array.isArray(t)?{}:t;return[e.reduce(((t,e)=>{if(e in t){const i=t[e];if(null!==i&&"object"==typeof i&&!Array.isArray(i))return i}const i={};return t[e]=i,i}),i),i]}function w(t,e){let i=t;return e.every((t=>!(!i||"object"!=typeof i||Array.isArray(i)||!(t in i))&&(i=i[t],!0)),t)}const f="tsec",m="general";function b(t){return t?m:a.clientId}function D(t){return function(t){if(!t)return{};try{return JSON.parse(t)}catch(t){return{}}}((t?sessionStorage:localStorage).getItem(f))}function A(t,e){const i=t?sessionStorage:localStorage,a=e(D(t));i.setItem(f,JSON.stringify(a))}var _=Object.freeze({__proto__:null,COMMON_STORAGE_KEY:f,GENERAL_ID_KEY:m,getValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly),[n]=v(a,[this.slug.toString(),i]);return n[t]},hasValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly);return w(a,[this.slug.toString(),i,t])},removeValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral);A(!!e.sessionOnly,(e=>{const[a,n]=v(e,[this.slug.toString(),i]);return delete a[t],n}))},setValue:function(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=b(!!i.isGeneral);A(!!i.sessionOnly,(i=>{const[n,s]=v(i,[this.slug.toString(),a]);return n[t]=e,s}))}});const S="RSA-PSS",C=async(t,e)=>await window.crypto.subtle.generateKey({name:t,modulusLength:2048,publicExponent:new Uint8Array([1,0,1]),hash:"SHA-256"},!1,e),K=async()=>await C("RSA-OAEP",["encrypt","decrypt"]),k=async()=>await C(S,["sign"]),R=async(t,e)=>{const i=(new TextEncoder).encode(e);return await window.crypto.subtle.sign({name:S,saltLength:32},t,i)};class P{constructor(t,e,i){this.slug=t,this.dbName=e,this.dbVersion=i}queryObjectStore(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=(window.indexedDB||window.mozIndexedDB||window.webkitIndexedDB||window.msIndexedDB||window.shimIndexedDB).open(`${this.slug}:${this.dbName}`,this.dbVersion||1);a.onupgradeneeded=()=>{var e;const i=a.result;(null===(e=null==i?void 0:i.objectStoreNames)||void 0===e?void 0:e.contains)&&!i.objectStoreNames.contains(t)&&i.createObjectStore(t,{keyPath:"key"})},a.onsuccess=()=>{const n=a.result,s=n.transaction(t,(null==i?void 0:i.operation)||"readwrite"),r=s.objectStore(t);e(r),s.oncomplete=()=>{n.close()}}}put(t,e,i){return new Promise(((a,n)=>{this.queryObjectStore(t,(t=>{const s=t.put({key:e,value:i});s.onsuccess=()=>{a(s.result)},s.onerror=t=>{n("Failed adding item to objectStore, err: "+t)}}))}))}add(t,e,i){return new Promise(((a,n)=>{this.queryObjectStore(t,(t=>{const s=t.add({key:e,value:i});s.onsuccess=()=>{a(s.result)},s.onerror=t=>{const e=t.target.error;n(e)}}))}))}get(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const n=t.get(e);n.onsuccess=()=>{var t;n.result?i(null===(t=n.result)||void 0===t?void 0:t.value):i(void 0)},n.onerror=t=>{a("Failed adding item to objectStore, err: "+t)}}))}))}getAll(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const n=t.getAll(null,e);n.onsuccess=()=>{if(n.result){const t=n.result;(null==t?void 0:t.length)?i(t.map((t=>null==t?void 0:t.value))):i(t)}else i([])},n.onerror=t=>{a("Failed getting items, err: "+t)}}))}))}delete(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const n=t.delete(e);n.onsuccess=()=>{i()},n.onerror=t=>{a(`Failed deleting key: '${e}' from objectStore, err: `+t)}}))}))}clear(t){return new Promise(((e,i)=>{this.queryObjectStore(t,(t=>{const a=t.clear();a.onsuccess=()=>{e()},a.onerror=t=>{i("Failed clearing objectStore, err: "+t)}}))}))}}const T="platform",I="init",O="completed",j="RSA2048",x=[I,O];class B{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"sign",i=arguments.length>2?arguments[2]:void 0;var n,s,r,o;this.agent=t,this.keysType=e,this.options=i,this._extractingKeysPromise=null;const c=!(null===(n=this.options)||void 0===n?void 0:n.productScope);this.keysDatabaseName=c||!(null===(s=this.options)||void 0===s?void 0:s.indexedDBName)?"ts_crypto_binding":this.options.indexedDBName,this.dbVersion=c?1:(null===(r=this.options)||void 0===r?void 0:r.dbVersion)||1,this.keysStoreName=c||!(null===(o=this.options)||void 0===o?void 0:o.keysStoreName)?"identifiers_store":this.options.keysStoreName,this.indexedDBClient=new P(c?T:t.slug,this.keysDatabaseName,this.dbVersion),this.indexedDBClientFallback=new P((c?T:t.slug)+`:${a.clientId}`,this.keysDatabaseName,this.dbVersion)}getKeysRecordKey(){return`${this.keysType}_keys`}getRotatedKeysRecordKey(){return`rotated_${this.keysType}_keys`}getRotatedKeysRecordKeyPending(){return`rotated_pending_${this.keysType}_keys`}arrayBufferToBase64(t){return window.btoa(String.fromCharCode(...new Uint8Array(t)))}async getPKRepresentations(t){const e=await crypto.subtle.exportKey("spki",t);return{arrayBufferKey:e,base64Key:this.arrayBufferToBase64(e)}}async generateKeyPair(){return"sign"==this.keysType?await k():await K()}async calcKeyIdentifier(t){const e=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(e)).map((t=>t.toString(16).padStart(2,"0"))).join("")}async extractKeysData(){if(this._extractingKeysPromise)return this._extractingKeysPromise;this._extractingKeysPromise=(async()=>{var t,e;const i=(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled)?await this.getRotatedKeysData():await this.getKeysData(),{base64Key:a}=await this.getPKRepresentations(i.publicKey);return this.publicKeyBase64=a,this.keyIdentifier=i.keyIdentifier,i})();try{return await this._extractingKeysPromise}finally{this._extractingKeysPromise=null}}async generateKeyPairData(t){const e=await this.generateKeyPair(),{arrayBufferKey:i}=await this.getPKRepresentations(e.publicKey),a=t||await this.calcKeyIdentifier(i);return l(l({},e),{},{keyIdentifier:a,createdDate:Date.now()})}shouldKeyBeRotated(t){var e;const i=null===(e=this.options)||void 0===e?void 0:e.keyRotation;if(!(null==i?void 0:i.isEnabled)||!i.expiryDays||void 0===i.startedAt)return!1;const a=24*i.expiryDays*60*60*1e3,n=t.createdDate&&t.createdDate>=i.startedAt?t.createdDate:i.startedAt;return Date.now()-n>a-2592e6}async extractMainKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getKeysRecordKey())}async extractFallbackMainKeysData(){return await this.indexedDBClientFallback.get(this.keysStoreName,this.getKeysRecordKey())}async extractRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKey())}async extractPendingRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKeyPending())}async saveKeyData(t,e){try{return await this.indexedDBClient.add(this.keysStoreName,t,e),e}catch(e){if(e instanceof DOMException&&"ConstraintError"===e.name){const e=await this.indexedDBClient.get(this.keysStoreName,t);if(e)return e}throw e}}async getKeysData(){const t=this.getKeysRecordKey();let e=await this.extractMainKeysData();if(e)return e;if(e=await this.extractFallbackMainKeysData(),e)return this.saveKeyData(t,e);const i=await this.generateKeyPairData();return this.saveKeyData(t,i)}async getOrCreateRotatedKeys(){let t=await this.extractRotatedKeysData();if(!t){const e=this.getRotatedKeysRecordKey(),i=await this.getKeysData(),a=l(l({},i),{},{createdDate:i.createdDate||Date.now()});t=await this.saveKeyData(e,a)}return t}async getRotatedKeysData(){const t=await this.getOrCreateRotatedKeys();if(this.shouldKeyBeRotated(t)){if(!await this.extractPendingRotatedKeysData()){const e=this.getRotatedKeysRecordKeyPending(),i=await this.generateKeyPairData(t.keyIdentifier);await this.saveKeyData(e,i)}}return t}async getPublicData(){return this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData(),{publicKey:this.publicKeyBase64,keyIdentifier:this.keyIdentifier}}async sign(t){if("sign"==this.keysType){const{privateKey:e}=await this.extractKeysData(),i=await R(e,t);return this.arrayBufferToBase64(i)}throw new Error("keysType must be 'sign' in order to use sign keys")}async clearKeys(){const t=this.getKeysRecordKey();await this.indexedDBClient.delete(this.keysStoreName,t)}getBaseRotationPayload(){return{keyIdentifier:this.keyIdentifier,slot:this.getRotatedKeysRecordKey(),publicKey:this.publicKeyBase64,publicKeyType:j,tenantId:this.options.keyRotation.tenantId}}async getRotationData(){var t,e;if(!(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled))return;this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData();const i=await this.extractPendingRotatedKeysData();if(i){const{base64Key:t}=await this.getPKRepresentations(i.publicKey),{privateKey:e}=await this.extractKeysData(),a=l(l({},this.getBaseRotationPayload()),{},{newPublicKey:t,createdDate:i.createdDate,newPublicKeyType:j}),n=JSON.stringify(a);return{data:n,signature:await this.signPayload(n,e)}}const a=await this.extractRotatedKeysData();if(a&&!1===a.confirmed){await this.extractKeysData();const t=JSON.stringify(this.getBaseRotationPayload());return{data:t,signature:await this.signPayload(t,a.privateKey)}}}async signPayload(t,e){const i=await R(e,t);return this.arrayBufferToBase64(i)}async handleRotateResponse(t){if(x.includes(t))if(t===I){const t=await this.extractPendingRotatedKeysData();if(t){await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKey());const e=l(l({},t),{},{confirmed:!1});await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),e),await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKeyPending());const{base64Key:i}=await this.getPKRepresentations(t.publicKey);this.publicKeyBase64=i,this.keyIdentifier=t.keyIdentifier}}else if(t===O){const t=await this.extractRotatedKeysData();t&&!1===t.confirmed&&await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),l(l({},t),{},{confirmed:!0}))}}}var N=Object.freeze({__proto__:null,createCryptoBinding:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"sign",e=arguments.length>1?arguments[1]:void 0;return new B(this,t,e)},generateRSAKeyPair:K,generateRSASignKeyPair:k,signAssymetric:R,verifyAssymetric:async(t,e,i)=>{const a=(new TextEncoder).encode(e);return await window.crypto.subtle.verify(S,t,i,a)}}),E=Object.freeze({__proto__:null});const H=y.create((t=>{class e extends Error{constructor(e,i){super(`${t.slug}-${e} ${i}`)}}return{TsError:e,TsInternalError:class extends e{constructor(t){super(t,"Internal error")}}}}));var F=y.create((()=>l({exceptions:H},p)));class M{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:[];this.agent=t,this.middlewares=e,this.logs=[]}info(t,e){this.pushLog(3,t,e)}warn(t,e){this.pushLog(4,t,e)}error(t,e){this.pushLog(5,t,e)}pushLog(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};this.logs.push({timestamp:Date.now(),module:this.agent.slug,severity:t,fields:i,message:e});const a=this.middlewares.map((t=>t(this)));Promise.all(a).catch((()=>{}))}}var q=Object.freeze({__proto__:null,consoleMiddleware:function(t){const e=t.logs[t.logs.length-1];console.log(`${e.severity} ${e.message}`,e.fields)},createSdkLogger:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:[];return new M(this,t)}});function z(t,e){if(!(null==t?void 0:t.trim()))return"";if(function(t){try{return new URL(t),!0}catch(t){return!1}}(t))return t;const i="http://mock.com",a=new URL(i);a.search=(null==e?void 0:e.toString())||"",a.pathname=t;return a.href.replace(i,"")}const $={"Content-Type":"application/json","X-TS-client-time":(new Date).toUTCString(),"X-TS-ua":navigator.userAgent};function J(t,e,i){var a;const n=(s=e||{},encodeURI(JSON.stringify(s)).split(/%..|./).length-1);var s;return{method:t,headers:l(l(l({},{"X-TS-body-size":String(n)}),$),i||{}),body:null!==(a=e&&JSON.stringify(e||{}))&&void 0!==a?a:void 0}}function L(t,e,i,a,n){const s=z(t,a),r=J(e,i,n);return fetch(s,r)}async function U(t,e,i,a,n){let s;if(s=await L(t,e,i,a,n),!s.ok)throw new Error("Request failed");return s}var V=Object.freeze({__proto__:null,httpDelete:async function(t,e){const i=await U(t,"DELETE",void 0,void 0,e);return l(l({data:await i.json()},i),{},{headers:i.headers})},httpGet:async function(t,e,i){const a=await U(t,"GET",void 0,e,i);return l(l({data:await a.json()},a),{},{headers:a.headers})},httpPost:async function(t,e,i,a){const n=await U(t,"POST",e,i,a);return l(l({data:await n.json()},n),{},{headers:n.headers})},httpPut:async function(t,e,i,a){const n=await U(t,"PUT",e,i,a);return l(l({data:await n.json()},n),{},{headers:n.headers})},init:J}),G=y.create((()=>({events:g,moduleMetadata:s,mainEntry:o,utils:F,storage:_,crypto:N,indexedDB:E,logger:q,http:V})));class W{static arrayBufferToBase64(t){return btoa(String.fromCharCode(...new Uint8Array(t)))}static base64ToArrayBuffer(t){return Uint8Array.from(atob(t),(t=>t.charCodeAt(0)))}static stringToBase64(t){return btoa(t)}static jsonToBase64(t){const e=JSON.stringify(t);return btoa(e)}static base64ToJson(t){const e=atob(t);return JSON.parse(e)}}const Z={log:console.log,error:console.error};var X,Y;!function(t){t.NotInitialized="not_initialized",t.AuthenticationFailed="authentication_failed",t.AuthenticationAbortedTimeout="authentication_aborted_timeout",t.AuthenticationCanceled="webauthn_authentication_canceled",t.RegistrationFailed="registration_failed",t.AlreadyRegistered="username_already_registered",t.RegistrationAbortedTimeout="registration_aborted_timeout",t.RegistrationCanceled="webauthn_registration_canceled",t.AutofillAuthenticationAborted="autofill_authentication_aborted",t.AuthenticationProcessAlreadyActive="authentication_process_already_active",t.InvalidApprovalData="invalid_approval_data",t.FailedToInitCrossDeviceSession="cross_device_init_failed",t.FailedToGetCrossDeviceStatus="cross_device_status_failed",t.Unknown="unknown"}(X||(X={}));class Q extends Error{constructor(t,e){super(t),this.errorCode=X.NotInitialized,this.data=e}}class tt extends Q{constructor(t,e){super(null!=t?t:"WebAuthnSdk is not initialized",e),this.errorCode=X.NotInitialized}}class et extends Q{constructor(t,e){super(null!=t?t:"Authentication failed with an error",e),this.errorCode=X.AuthenticationFailed}}class it extends Q{constructor(t,e){super(null!=t?t:"Authentication was canceled by the user or got timeout",e),this.errorCode=X.AuthenticationCanceled}}class at extends Q{constructor(t,e){super(null!=t?t:"Registration failed with an error",e),this.errorCode=X.RegistrationFailed}}class nt extends Q{constructor(t,e){super(null!=t?t:"Registration was canceled by the user or got timeout",e),this.errorCode=X.RegistrationCanceled}}class st extends Q{constructor(t){super(null!=t?t:"Autofill flow was aborted"),this.errorCode=X.AutofillAuthenticationAborted}}class rt extends Q{constructor(t){super(null!=t?t:"Operation was aborted by timeout"),this.errorCode=X.AutofillAuthenticationAborted}}class ot extends Q{constructor(t){super(null!=t?t:"Passkey with this username is already registered with the relying party."),this.errorCode=X.AlreadyRegistered}}class ct extends Q{constructor(t,e){super(null!=t?t:"Authentication process is already active",e),this.errorCode=X.AuthenticationProcessAlreadyActive}}class lt extends Q{constructor(t,e){super(null!=t?t:"Invalid approval data",e),this.errorCode=X.InvalidApprovalData}}class dt extends Q{constructor(t,e){super(null!=t?t:"Failed to init cross device authentication",e),this.errorCode=X.FailedToInitCrossDeviceSession}}class ut extends Q{constructor(t,e){super(null!=t?t:"Failed to get cross device status",e),this.errorCode=X.FailedToGetCrossDeviceStatus}}function ht(t){return t.errorCode&&Object.values(X).includes(t.errorCode)}!function(t){t[t.persistent=0]="persistent",t[t.session=1]="session"}(Y||(Y={}));class yt{static get(t){return yt.getStorageMedium(yt.allowedKeys[t]).getItem(yt.getStorageKey(t))||void 0}static set(t,e){return yt.getStorageMedium(yt.allowedKeys[t]).setItem(yt.getStorageKey(t),e)}static remove(t){yt.getStorageMedium(yt.allowedKeys[t]).removeItem(yt.getStorageKey(t))}static clear(t){for(const[e,i]of Object.entries(yt.allowedKeys)){const a=e;t&&this.configurationKeys.includes(a)||yt.getStorageMedium(i).removeItem(yt.getStorageKey(a))}}static getStorageKey(t){return`WebAuthnSdk:${t}`}static getStorageMedium(t){return t===Y.session?sessionStorage:localStorage}}yt.allowedKeys={clientId:Y.session},yt.configurationKeys=["clientId"];class pt{static isNewApiDomain(t){return t&&(this.newApiDomains.includes(t)||t.startsWith("api.")&&t.endsWith(".transmitsecurity.io"))}static dnsPrefetch(t){const e=document.createElement("link");e.rel="dns-prefetch",e.href=t,document.head.appendChild(e)}static preconnect(t,e){const i=document.createElement("link");i.rel="preconnect",i.href=t,e&&(i.crossOrigin="anonymous"),document.head.appendChild(i)}static warmupConnection(t){this.dnsPrefetch(t),this.preconnect(t,!1),this.preconnect(t,!0)}static init(t,e){var i,a;try{this._serverPath=new URL(e.serverPath),this.isNewApiDomain(null===(i=this._serverPath)||void 0===i?void 0:i.hostname)&&this.warmupConnection(this._serverPath.origin),this._apiPaths=null!==(a=e.webauthnApiPaths)&&void 0!==a?a:this.getDefaultPaths(),this._clientId=t,yt.set("clientId",t)}catch(t){throw new tt("Invalid options.serverPath",{error:t})}}static getDefaultPaths(){var t;const e=this.isNewApiDomain(null===(t=this._serverPath)||void 0===t?void 0:t.hostname)?"/cis":"";return{startAuthentication:`${e}/v1/auth/webauthn/authenticate/start`,startRegistration:`${e}/v1/auth/webauthn/register/start`,initCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/init`,startCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/start`,startCrossDeviceRegistration:`${e}/v1/auth/webauthn/cross-device/register/start`,getCrossDeviceTicketStatus:`${e}/v1/auth/webauthn/cross-device/status`,attachDeviceToCrossDeviceSession:`${e}/v1/auth/webauthn/cross-device/attach-device`}}static getApiPaths(){return this._apiPaths}static async sendRequest(t,e,i){Z.log(`[WebAuthn SDK] Calling ${e.method} ${t}...`);const a=new URL(this._serverPath);return a.pathname=t,i&&(a.search=i),fetch(a.toString(),e)}static async startRegistration(t){const e=await this.sendRequest(this._apiPaths.startRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId(),username:t.username,display_name:t.displayName},t.timeout&&{timeout:t.timeout}),t.limitSingleCredentialToDevice&&{limit_single_credential_to_device:t.limitSingleCredentialToDevice}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start registration",null==e?void 0:e.body);return await e.json()}static async startAuthentication(t){const e=await this.sendRequest(this._apiPaths.startAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}),t.timeout&&{timeout:t.timeout}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start authentication",null==e?void 0:e.body);return await e.json()}static async initCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.initCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}))});if(!(null==e?void 0:e.ok))throw new dt(void 0,null==e?void 0:e.body);return await e.json()}static async getCrossDeviceTicketStatus(t){const e=await this.sendRequest(this._apiPaths.getCrossDeviceTicketStatus,{method:"GET"},`cross_device_ticket_id=${t.ticketId}`);if(!(null==e?void 0:e.ok))throw new ut(void 0,null==e?void 0:e.body);return await e.json()}static async startCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new et("Failed to start cross device authentication",null==e?void 0:e.body);return await e.json()}static async startCrossDeviceRegistration(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to start cross device registration",null==e?void 0:e.body);return await e.json()}static async attachDeviceToCrossDeviceSession(t){const e=await this.sendRequest(this._apiPaths.attachDeviceToCrossDeviceSession,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to attach device to cross device session",null==e?void 0:e.body);return await e.json()}static getValidatedClientId(){var t;const e=null!==(t=this._clientId)&&void 0!==t?t:yt.get("clientId");if(!e)throw new tt("Missing clientId");return e}}var gt,vt,wt,ft;pt.newApiDomains=["api.idsec-dev.com","api.idsec-stg.com"],function(t){t.InputAutofill="input-autofill",t.Modal="modal"}(gt||(gt={})),function(t){t.Pending="pending",t.Scanned="scanned",t.Success="success",t.Error="error",t.Timeout="timeout",t.Aborted="aborted"}(vt||(vt={})),function(t){t.toAuthenticationError=t=>ht(t)?t:"NotAllowedError"===t.name?new it:"OperationError"===t.name?new ct(t.message):"SecurityError"===t.name?new et(t.message):t===X.AuthenticationAbortedTimeout?new rt:"AbortError"===t.name||t===X.AutofillAuthenticationAborted?new st:new et("Something went wrong during authentication",{error:t}),t.toRegistrationError=t=>ht(t)?t:"NotAllowedError"===t.name?new nt:"SecurityError"===t.name?new at(t.message):"InvalidStateError"===t.name?new ot:t===X.RegistrationAbortedTimeout?new rt:new at("Something went wrong during registration",{error:t})}(wt||(wt={})),function(t){t.processCredentialRequestOptions=t=>l(l({},t),{},{challenge:W.base64ToArrayBuffer(t.challenge),allowCredentials:t.allowCredentials.map((t=>l(l({},t),{},{id:W.base64ToArrayBuffer(t.id)})))}),t.processCredentialCreationOptions=(t,e)=>{var i;const a=JSON.parse(JSON.stringify(t));return a.challenge=W.base64ToArrayBuffer(t.challenge),a.user.id=W.base64ToArrayBuffer(t.user.id),(null==e?void 0:e.limitSingleCredentialToDevice)&&(a.excludeCredentials=null===(i=t.excludeCredentials)||void 0===i?void 0:i.map((t=>l(l({},t),{},{id:W.base64ToArrayBuffer(t.id)})))),(null==e?void 0:e.registerAsDiscoverable)?(a.authenticatorSelection.residentKey="preferred",a.authenticatorSelection.requireResidentKey=!0):(a.authenticatorSelection.residentKey="discouraged",a.authenticatorSelection.requireResidentKey=!1),a.authenticatorSelection.authenticatorAttachment=(null==e?void 0:e.allowCrossPlatformAuthenticators)?void 0:"platform",a},t.encodeAuthenticationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:W.arrayBufferToBase64(t.rawId),response:{authenticatorData:W.arrayBufferToBase64(i.authenticatorData),clientDataJSON:W.arrayBufferToBase64(i.clientDataJSON),signature:W.arrayBufferToBase64(i.signature),userHandle:W.arrayBufferToBase64(i.userHandle)},authenticatorAttachment:e,type:t.type}},t.encodeRegistrationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:W.arrayBufferToBase64(t.rawId),response:{attestationObject:W.arrayBufferToBase64(i.attestationObject),clientDataJSON:W.arrayBufferToBase64(i.clientDataJSON)},authenticatorAttachment:e,type:t.type}}}(ft||(ft={}));class mt{async modal(t){try{const e=await this.performAuthentication(l(l({},t),{},{mediationType:gt.Modal}));return W.jsonToBase64(e)}catch(t){throw wt.toAuthenticationError(t)}}activateAutofill(t,e){const{onSuccess:i,onError:a,onReady:n}=t;this.performAuthentication({username:e,mediationType:gt.InputAutofill,onReady:n}).then((t=>{i(W.jsonToBase64(t))})).catch((t=>{const e=wt.toAuthenticationError(t);if(!a)throw e;a(e)}))}abortAutofill(){this.abortController&&this.abortController.abort(X.AutofillAuthenticationAborted)}abortAuthentication(){this.abortController&&this.abortController.abort(X.AuthenticationAbortedTimeout)}async performAuthentication(t){var e,i;const a="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,timeout:null===(e=t.options)||void 0===e?void 0:e.timeout}),n=a.credential_request_options,s=ft.processCredentialRequestOptions(n),r=this.getMediatedCredentialRequest(s,t.mediationType);t.mediationType===gt.InputAutofill&&(null===(i=t.onReady)||void 0===i||i.call(t));const o=await navigator.credentials.get(r).catch((t=>{throw wt.toAuthenticationError(t)}));return{webauthnSessionId:a.webauthn_session_id,publicKeyCredential:ft.encodeAuthenticationResult(o),userAgent:navigator.userAgent}}getMediatedCredentialRequest(t,e){const i={publicKey:t};return this.abortController=new AbortController,i.signal=this.abortController&&this.abortController.signal,e===gt.InputAutofill?i.mediation="conditional":t.timeout&&setTimeout((()=>{this.abortAuthentication()}),t.timeout),i}}class bt{constructor(t,e){this.handler=t,this.intervalInMs=e}begin(){var t;this.intervalId=window.setInterval((t=this.handler,async function(){t.isRunning||(t.isRunning=!0,await t(...arguments),t.isRunning=!1)}),this.intervalInMs)}stop(){clearInterval(this.intervalId)}}const Dt=/^[A-Za-z0-9\-_.: ]*$/;function At(t){if(t&&(!function(t){return Object.keys(t).length<=10}(t)||!function(t){const e=t=>"string"==typeof t,i=t=>Dt.test(t);return Object.keys(t).every((a=>e(a)&&e(t[a])&&i(a)&&i(t[a])))}(t)))throw Z.error("Failed validating approval data"),new lt("Provided approval data should have 10 properties max. Also, it should contain only \n alphanumeric characters, numbers, and the special characters: '-', '_', '.'")}class _t{constructor(t,e,i){this.authenticationHandler=t,this.registrationHandler=e,this.approvalHandler=i,this.init={registration:async t=>(this.ticketStatus=vt.Pending,this.pollCrossDeviceSession(t.crossDeviceTicketId,t.handlers)),authentication:async t=>{const{username:e}=t,i=(await pt.initCrossDeviceAuthentication(l({},e&&{username:e}))).cross_device_ticket_id;return this.ticketStatus=vt.Pending,this.pollCrossDeviceSession(i,t.handlers)},approval:async t=>{const{username:e,approvalData:i}=t;At(i);const a=(await pt.initCrossDeviceAuthentication({username:e,approvalData:i})).cross_device_ticket_id;return this.ticketStatus=vt.Pending,this.pollCrossDeviceSession(a,t.handlers)}},this.authenticate={modal:async t=>this.authenticationHandler.modal({crossDeviceTicketId:t})},this.approve={modal:async t=>this.approvalHandler.modal({crossDeviceTicketId:t})}}async register(t,e){return this.registrationHandler.register({crossDeviceTicketId:t},e)}async attachDevice(t){const e=await pt.attachDeviceToCrossDeviceSession({ticketId:t});return l({status:e.status,startedAt:e.started_at},e.approval_data&&{approvalData:e.approval_data})}async pollCrossDeviceSession(t,e){return this.poller=new bt((async()=>{var i,a;const n=await pt.getCrossDeviceTicketStatus({ticketId:t}),s=n.status;if(s!==this.ticketStatus)switch(this.ticketStatus=s,s){case vt.Scanned:await e.onDeviceAttach();break;case vt.Error:case vt.Timeout:case vt.Aborted:await e.onFailure(n),null===(i=this.poller)||void 0===i||i.stop();break;case vt.Success:if("onCredentialRegister"in e)await e.onCredentialRegister();else{if(!n.session_id)throw new ut("Cross device session is complete without returning session_id",n);await e.onCredentialAuthenticate(n.session_id)}null===(a=this.poller)||void 0===a||a.stop()}}),1e3),this.poller.begin(),setTimeout((()=>{var t;null===(t=this.poller)||void 0===t||t.stop(),e.onFailure({status:vt.Timeout})}),3e5),{crossDeviceTicketId:t,stop:()=>{var t;null===(t=this.poller)||void 0===t||t.stop()}}}}class St{async register(t,e){this.abortController=new AbortController;const i=l({allowCrossPlatformAuthenticators:!("crossDeviceTicketId"in t),registerAsDiscoverable:!0},e);try{const a="crossDeviceTicketId"in t?await pt.startCrossDeviceRegistration({ticketId:t.crossDeviceTicketId}):await pt.startRegistration({username:t.username,displayName:(null==e?void 0:e.displayName)||t.username,timeout:null==e?void 0:e.timeout,limitSingleCredentialToDevice:null==e?void 0:e.limitSingleCredentialToDevice}),n=ft.processCredentialCreationOptions(a.credential_creation_options,i);setTimeout((()=>{this.abortRegistration()}),n.timeout);const s=await this.registerCredential(n),r={webauthnSessionId:a.webauthn_session_id,publicKeyCredential:s,userAgent:navigator.userAgent};return W.jsonToBase64(r)}catch(t){throw wt.toRegistrationError(t)}}abortRegistration(){this.abortController&&this.abortController.abort(X.RegistrationAbortedTimeout)}async registerCredential(t){const e=await navigator.credentials.create({publicKey:t,signal:this.abortController&&this.abortController.signal}).catch((t=>{throw wt.toRegistrationError(t)}));return ft.encodeRegistrationResult(e)}}class Ct{async modal(t){try{const e=await this.performApproval(t);return W.jsonToBase64(e)}catch(t){throw wt.toAuthenticationError(t)}}async performApproval(t){"approvalData"in t&&At(t.approvalData);const e="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,approvalData:t.approvalData}),i=e.credential_request_options,a=ft.processCredentialRequestOptions(i),n=await navigator.credentials.get({publicKey:a}).catch((t=>{throw wt.toAuthenticationError(t)}));return{webauthnSessionId:e.webauthn_session_id,publicKeyCredential:ft.encodeAuthenticationResult(n),userAgent:navigator.userAgent}}}class Kt{constructor(){this._initialized=!1,this._authenticationHandler=new mt,this._registrationHandler=new St,this._approvalHandler=new Ct,this._crossDeviceHandler=new _t(this._authenticationHandler,this._registrationHandler,this._approvalHandler),this.authenticate={modal:async(t,e)=>(this.initCheck(),this._authenticationHandler.modal({username:t,options:e})),autofill:{activate:(t,e)=>(this.initCheck(),this._authenticationHandler.activateAutofill(t,e)),abort:()=>this._authenticationHandler.abortAutofill()}},this.approve={modal:async(t,e)=>(this.initCheck(),this._approvalHandler.modal({username:t,approvalData:e}))},this.register=async(t,e)=>(this.initCheck(),this._registrationHandler.register({username:t},e)),this.crossDevice={init:{registration:async t=>(this.initCheck(),this._crossDeviceHandler.init.registration(t)),authentication:async t=>(this.initCheck(),this._crossDeviceHandler.init.authentication(t)),approval:async t=>(this.initCheck(),this._crossDeviceHandler.init.approval(t))},authenticate:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.authenticate.modal(t))},approve:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.approve.modal(t))},register:async(t,e)=>(this.initCheck(),this._crossDeviceHandler.register(t,e)),attachDevice:async t=>(this.initCheck(),this._crossDeviceHandler.attachDevice(t))},this.isPlatformAuthenticatorSupported=async()=>{var t;try{return await(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isUserVerifyingPlatformAuthenticatorAvailable())}catch(t){return!1}},this.isAutofillSupported=async()=>{var t,e;return!(!(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isConditionalMediationAvailable)||!await(null===(e=Kt.StaticPublicKeyCredential)||void 0===e?void 0:e.isConditionalMediationAvailable()))}}async init(t,e){try{if(!t)throw new tt("Invalid clientId",{clientId:t});if(e.webauthnApiPaths){const t=pt.getDefaultPaths();if(function(t,e){const i=new Set(t),a=new Set(e);return[...t.filter((t=>!a.has(t))),...e.filter((t=>!i.has(t)))]}(Object.keys(e.webauthnApiPaths),Object.keys(t)).length)throw new tt("Invalid custom paths",{customApiPaths:e.webauthnApiPaths})}pt.init(t,e),this._initialized=!0}catch(t){throw ht(t)?t:new tt("Failed to initialize SDK")}}getDefaultPaths(){return this.initCheck(),pt.getDefaultPaths()}getApiPaths(){return this.initCheck(),pt.getApiPaths()}initCheck(){if(!this._initialized)throw new tt}}Kt.StaticPublicKeyCredential=window.PublicKeyCredential;const kt=new G("webauthn"),Rt=new Kt;kt.events.on(kt.events.MODULE_INITIALIZED,(()=>{var t;const e=kt.moduleMetadata.getInitConfig();if(!(null===(t=null==e?void 0:e.webauthn)||void 0===t?void 0:t.serverPath))return;const{clientId:i,webauthn:a}=e;Rt.init(i,l({},a))}));const Pt={modal:async(t,e)=>(Rt.initCheck(),Rt.authenticate.modal(t,e)),autofill:{activate:(t,e)=>{Rt.initCheck(),Rt.authenticate.autofill.activate(t,e)},abort:()=>{Rt.initCheck(),Rt.authenticate.autofill.abort()}}},Tt={modal:async(t,e)=>(Rt.initCheck(),Rt.approve.modal(t,e))};async function It(t,e){return Rt.initCheck(),Rt.register(t,e)}const{crossDevice:Ot}=Rt,{isPlatformAuthenticatorSupported:jt}=Rt,{isAutofillSupported:xt}=Rt,{getDefaultPaths:Bt}=Rt;window.localWebAuthnSDK=Rt;const Nt="1.16.0",Et={initialize:r,...Object.freeze({__proto__:null,get WebauthnCrossDeviceStatus(){return vt},approve:Tt,authenticate:Pt,crossDevice:Ot,getDefaultPaths:Bt,isAutofillSupported:xt,isPlatformAuthenticatorSupported:jt,register:It})};export{Nt as PACKAGE_VERSION,vt as WebauthnCrossDeviceStatus,Tt as approve,Pt as authenticate,Ot as crossDevice,Bt as getDefaultPaths,r as initialize,xt as isAutofillSupported,jt as isPlatformAuthenticatorSupported,It as register,Et as webauthn};
1
+ "undefined"==typeof globalThis&&("undefined"!=typeof window?(window.globalThis=window,window.global=window):"undefined"!=typeof self&&(self.globalThis=self,self.global=self));const t=Symbol("MODULE_INITIALIZED"),e=new Map;function i(t,i){var a,n;null===(a=e.get(t))||void 0===a||a.forEach((n=t=>t(i),function(){try{return n(...arguments)}catch(t){console.log(t)}}))}let a=null;function n(t){a=t}var s=Object.freeze({__proto__:null,getInitConfig:function(){return a},get initConfig(){return a},setInitConfig:n});function r(e){n(e),i(t,void 0)}var o=Object.freeze({__proto__:null,initialize:r});function c(t,e){var i=Object.keys(t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(t);e&&(a=a.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),i.push.apply(i,a)}return i}function l(t){for(var e=1;e<arguments.length;e++){var i=null!=arguments[e]?arguments[e]:{};e%2?c(Object(i),!0).forEach((function(e){u(t,e,i[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(i)):c(Object(i)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(i,e))}))}return t}function d(t){var e=function(t,e){if("object"!=typeof t||!t)return t;var i=t[Symbol.toPrimitive];if(void 0!==i){var a=i.call(t,e||"default");if("object"!=typeof a)return a;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}function u(t,e,i){return(e=d(e))in t?Object.defineProperty(t,e,{value:i,enumerable:!0,configurable:!0,writable:!0}):t[e]=i,t}function h(t,e){return Object.entries(e).reduce(((e,i)=>{let[a,n]=i;return l(l({},e),{},{[a]:y.isPrototypeOf(n)?new n(t.slug):"function"==typeof n?n.bind(t):"object"==typeof n&&!Array.isArray(n)&&n?h(t,n):n})}),{})}class y{constructor(t){this.slug=t}static create(t){return class extends y{constructor(e){super(e),Object.assign(this,h(this,t(this)))}}}}var p=Object.freeze({__proto__:null,Agent:y}),g=Object.freeze({__proto__:null,MODULE_INITIALIZED:t,emit:i,off:function(t,i){const a=e.get(t);if(!a)return;const n=a.indexOf(i);-1!==n&&a.splice(n,1)},on:function(t,i){var a;e.has(t)?null===(a=e.get(t))||void 0===a||a.push(i):e.set(t,[i])}});function v(t,e){const i=!t||"object"!=typeof t||Array.isArray(t)?{}:t;return[e.reduce(((t,e)=>{if(e in t){const i=t[e];if(null!==i&&"object"==typeof i&&!Array.isArray(i))return i}const i={};return t[e]=i,i}),i),i]}function w(t,e){let i=t;return e.every((t=>!(!i||"object"!=typeof i||Array.isArray(i)||!(t in i))&&(i=i[t],!0)),t)}const f="tsec",m="general";function b(t){return t?m:a.clientId}function D(t){return function(t){if(!t)return{};try{return JSON.parse(t)}catch(t){return{}}}((t?sessionStorage:localStorage).getItem(f))}function A(t,e){const i=t?sessionStorage:localStorage,a=e(D(t));i.setItem(f,JSON.stringify(a))}var _=Object.freeze({__proto__:null,COMMON_STORAGE_KEY:f,GENERAL_ID_KEY:m,getValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly),[n]=v(a,[this.slug.toString(),i]);return n[t]},hasValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral),a=D(!!e.sessionOnly);return w(a,[this.slug.toString(),i,t])},removeValue:function(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const i=b(!!e.isGeneral);A(!!e.sessionOnly,(e=>{const[a,n]=v(e,[this.slug.toString(),i]);return delete a[t],n}))},setValue:function(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=b(!!i.isGeneral);A(!!i.sessionOnly,(i=>{const[n,s]=v(i,[this.slug.toString(),a]);return n[t]=e,s}))}});const S="RSA-PSS",C=async(t,e)=>await window.crypto.subtle.generateKey({name:t,modulusLength:2048,publicExponent:new Uint8Array([1,0,1]),hash:"SHA-256"},!1,e),K=async()=>await C("RSA-OAEP",["encrypt","decrypt"]),k=async()=>await C(S,["sign"]),R=async(t,e)=>{const i=(new TextEncoder).encode(e);return await window.crypto.subtle.sign({name:S,saltLength:32},t,i)};class P{constructor(t,e,i){this.slug=t,this.dbName=e,this.dbVersion=i}queryObjectStore(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};const a=(window.indexedDB||window.mozIndexedDB||window.webkitIndexedDB||window.msIndexedDB||window.shimIndexedDB).open(`${this.slug}:${this.dbName}`,this.dbVersion||1);a.onupgradeneeded=()=>{var e;const i=a.result;(null===(e=null==i?void 0:i.objectStoreNames)||void 0===e?void 0:e.contains)&&!i.objectStoreNames.contains(t)&&i.createObjectStore(t,{keyPath:"key"})},a.onsuccess=()=>{const n=a.result,s=n.transaction(t,(null==i?void 0:i.operation)||"readwrite"),r=s.objectStore(t);e(r),s.oncomplete=()=>{n.close()}}}put(t,e,i){return new Promise(((a,n)=>{this.queryObjectStore(t,(t=>{const s=t.put({key:e,value:i});s.onsuccess=()=>{a(s.result)},s.onerror=t=>{n("Failed adding item to objectStore, err: "+t)}}))}))}add(t,e,i){return new Promise(((a,n)=>{this.queryObjectStore(t,(t=>{const s=t.add({key:e,value:i});s.onsuccess=()=>{a(s.result)},s.onerror=t=>{const e=t.target.error;n(e)}}))}))}get(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const n=t.get(e);n.onsuccess=()=>{var t;n.result?i(null===(t=n.result)||void 0===t?void 0:t.value):i(void 0)},n.onerror=t=>{a("Failed adding item to objectStore, err: "+t)}}))}))}getAll(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const n=t.getAll(null,e);n.onsuccess=()=>{if(n.result){const t=n.result;(null==t?void 0:t.length)?i(t.map((t=>null==t?void 0:t.value))):i(t)}else i([])},n.onerror=t=>{a("Failed getting items, err: "+t)}}))}))}delete(t,e){return new Promise(((i,a)=>{this.queryObjectStore(t,(t=>{const n=t.delete(e);n.onsuccess=()=>{i()},n.onerror=t=>{a(`Failed deleting key: '${e}' from objectStore, err: `+t)}}))}))}clear(t){return new Promise(((e,i)=>{this.queryObjectStore(t,(t=>{const a=t.clear();a.onsuccess=()=>{e()},a.onerror=t=>{i("Failed clearing objectStore, err: "+t)}}))}))}}const T="platform",I="init",O="completed",j="RSA2048",x=[I,O];class B{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"sign",i=arguments.length>2?arguments[2]:void 0;var n,s,r,o;this.agent=t,this.keysType=e,this.options=i,this._extractingKeysPromise=null;const c=!(null===(n=this.options)||void 0===n?void 0:n.productScope);this.keysDatabaseName=c||!(null===(s=this.options)||void 0===s?void 0:s.indexedDBName)?"ts_crypto_binding":this.options.indexedDBName,this.dbVersion=c?1:(null===(r=this.options)||void 0===r?void 0:r.dbVersion)||1,this.keysStoreName=c||!(null===(o=this.options)||void 0===o?void 0:o.keysStoreName)?"identifiers_store":this.options.keysStoreName,this.indexedDBClient=new P(c?T:t.slug,this.keysDatabaseName,this.dbVersion),this.indexedDBClientFallback=new P((c?T:t.slug)+`:${a.clientId}`,this.keysDatabaseName,this.dbVersion)}getKeysRecordKey(){return`${this.keysType}_keys`}getRotatedKeysRecordKey(){return`rotated_${this.keysType}_keys`}getRotatedKeysRecordKeyPending(){return`rotated_pending_${this.keysType}_keys`}arrayBufferToBase64(t){return window.btoa(String.fromCharCode(...new Uint8Array(t)))}async getPKRepresentations(t){const e=await crypto.subtle.exportKey("spki",t);return{arrayBufferKey:e,base64Key:this.arrayBufferToBase64(e)}}async generateKeyPair(){return"sign"==this.keysType?await k():await K()}async calcKeyIdentifier(t){const e=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(e)).map((t=>t.toString(16).padStart(2,"0"))).join("")}async extractKeysData(){if(this._extractingKeysPromise)return this._extractingKeysPromise;this._extractingKeysPromise=(async()=>{var t,e;const i=(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled)?await this.getRotatedKeysData():await this.getKeysData(),{base64Key:a}=await this.getPKRepresentations(i.publicKey);return this.publicKeyBase64=a,this.keyIdentifier=i.keyIdentifier,i})();try{return await this._extractingKeysPromise}finally{this._extractingKeysPromise=null}}async generateKeyPairData(t){const e=await this.generateKeyPair(),{arrayBufferKey:i}=await this.getPKRepresentations(e.publicKey),a=t||await this.calcKeyIdentifier(i);return l(l({},e),{},{keyIdentifier:a,createdDate:Date.now()})}shouldKeyBeRotated(t){var e;const i=null===(e=this.options)||void 0===e?void 0:e.keyRotation;if(!(null==i?void 0:i.isEnabled)||!i.expiryDays||void 0===i.startedAt)return!1;const a=24*i.expiryDays*60*60*1e3,n=t.createdDate&&t.createdDate>=i.startedAt?t.createdDate:i.startedAt;return Date.now()-n>a-2592e6}async extractMainKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getKeysRecordKey())}async extractFallbackMainKeysData(){return await this.indexedDBClientFallback.get(this.keysStoreName,this.getKeysRecordKey())}async extractRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKey())}async extractPendingRotatedKeysData(){return await this.indexedDBClient.get(this.keysStoreName,this.getRotatedKeysRecordKeyPending())}async saveKeyData(t,e){try{return await this.indexedDBClient.add(this.keysStoreName,t,e),e}catch(e){if(e instanceof DOMException&&"ConstraintError"===e.name){const e=await this.indexedDBClient.get(this.keysStoreName,t);if(e)return e}throw e}}async getKeysData(){const t=this.getKeysRecordKey();let e=await this.extractMainKeysData();if(e)return e;if(e=await this.extractFallbackMainKeysData(),e)return this.saveKeyData(t,e);const i=await this.generateKeyPairData();return this.saveKeyData(t,i)}async getOrCreateRotatedKeys(){let t=await this.extractRotatedKeysData();if(!t){const e=this.getRotatedKeysRecordKey(),i=await this.getKeysData(),a=l(l({},i),{},{createdDate:i.createdDate||Date.now()});t=await this.saveKeyData(e,a)}return t}async getRotatedKeysData(){const t=await this.getOrCreateRotatedKeys();if(this.shouldKeyBeRotated(t)){if(!await this.extractPendingRotatedKeysData()){const e=this.getRotatedKeysRecordKeyPending(),i=await this.generateKeyPairData(t.keyIdentifier);await this.saveKeyData(e,i)}}return t}async getPublicData(){return this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData(),{publicKey:this.publicKeyBase64,keyIdentifier:this.keyIdentifier}}async sign(t){if("sign"==this.keysType){const{privateKey:e}=await this.extractKeysData(),i=await R(e,t);return this.arrayBufferToBase64(i)}throw new Error("keysType must be 'sign' in order to use sign keys")}async clearKeys(){const t=this.getKeysRecordKey();await this.indexedDBClient.delete(this.keysStoreName,t)}getBaseRotationPayload(){return{keyIdentifier:this.keyIdentifier,slot:this.getRotatedKeysRecordKey(),publicKey:this.publicKeyBase64,publicKeyType:j,tenantId:this.options.keyRotation.tenantId}}async getRotationData(){var t,e;if(!(null===(e=null===(t=this.options)||void 0===t?void 0:t.keyRotation)||void 0===e?void 0:e.isEnabled))return;this.publicKeyBase64&&this.keyIdentifier||await this.extractKeysData();const i=await this.extractPendingRotatedKeysData();if(i){const{base64Key:t}=await this.getPKRepresentations(i.publicKey),{privateKey:e}=await this.extractKeysData(),a=l(l({},this.getBaseRotationPayload()),{},{newPublicKey:t,createdDate:i.createdDate,newPublicKeyType:j}),n=JSON.stringify(a);return{data:n,signature:await this.signPayload(n,e)}}const a=await this.extractRotatedKeysData();if(a&&!1===a.confirmed){await this.extractKeysData();const t=JSON.stringify(this.getBaseRotationPayload());return{data:t,signature:await this.signPayload(t,a.privateKey)}}}async signPayload(t,e){const i=await R(e,t);return this.arrayBufferToBase64(i)}async handleRotateResponse(t){if(x.includes(t))if(t===I){const t=await this.extractPendingRotatedKeysData();if(t){await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKey());const e=l(l({},t),{},{confirmed:!1});await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),e),await this.indexedDBClient.delete(this.keysStoreName,this.getRotatedKeysRecordKeyPending());const{base64Key:i}=await this.getPKRepresentations(t.publicKey);this.publicKeyBase64=i,this.keyIdentifier=t.keyIdentifier}}else if(t===O){const t=await this.extractRotatedKeysData();t&&!1===t.confirmed&&await this.indexedDBClient.put(this.keysStoreName,this.getRotatedKeysRecordKey(),l(l({},t),{},{confirmed:!0}))}}}var N=Object.freeze({__proto__:null,createCryptoBinding:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:"sign",e=arguments.length>1?arguments[1]:void 0;return new B(this,t,e)},generateRSAKeyPair:K,generateRSASignKeyPair:k,signAssymetric:R,verifyAssymetric:async(t,e,i)=>{const a=(new TextEncoder).encode(e);return await window.crypto.subtle.verify(S,t,i,a)}}),E=Object.freeze({__proto__:null});const H=y.create((t=>{class e extends Error{constructor(e,i){super(`${t.slug}-${e} ${i}`)}}return{TsError:e,TsInternalError:class extends e{constructor(t){super(t,"Internal error")}}}}));var F=y.create((()=>l({exceptions:H},p)));class M{constructor(t){let e=arguments.length>1&&void 0!==arguments[1]?arguments[1]:[];this.agent=t,this.middlewares=e,this.logs=[]}info(t,e){this.pushLog(3,t,e)}warn(t,e){this.pushLog(4,t,e)}error(t,e){this.pushLog(5,t,e)}pushLog(t,e){let i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};this.logs.push({timestamp:Date.now(),module:this.agent.slug,severity:t,fields:i,message:e});const a=this.middlewares.map((t=>t(this)));Promise.all(a).catch((()=>{}))}}var q=Object.freeze({__proto__:null,consoleMiddleware:function(t){const e=t.logs[t.logs.length-1];console.log(`${e.severity} ${e.message}`,e.fields)},createSdkLogger:function(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:[];return new M(this,t)}});function z(t,e){if(!(null==t?void 0:t.trim()))return"";if(function(t){try{return new URL(t),!0}catch(t){return!1}}(t))return t;const i="http://mock.com",a=new URL(i);a.search=(null==e?void 0:e.toString())||"",a.pathname=t;return a.href.replace(i,"")}const $={"Content-Type":"application/json","X-TS-client-time":(new Date).toUTCString(),"X-TS-ua":navigator.userAgent};function J(t,e,i){var a;const n=(s=e||{},encodeURI(JSON.stringify(s)).split(/%..|./).length-1);var s;return{method:t,headers:l(l(l({},{"X-TS-body-size":String(n)}),$),i||{}),body:null!==(a=e&&JSON.stringify(e||{}))&&void 0!==a?a:void 0}}function L(t,e,i,a,n){const s=z(t,a),r=J(e,i,n);return fetch(s,r)}async function U(t,e,i,a,n){let s;if(s=await L(t,e,i,a,n),!s.ok)throw new Error("Request failed");return s}var V=Object.freeze({__proto__:null,httpDelete:async function(t,e){const i=await U(t,"DELETE",void 0,void 0,e);return l(l({data:await i.json()},i),{},{headers:i.headers})},httpGet:async function(t,e,i){const a=await U(t,"GET",void 0,e,i);return l(l({data:await a.json()},a),{},{headers:a.headers})},httpPost:async function(t,e,i,a){const n=await U(t,"POST",e,i,a);return l(l({data:await n.json()},n),{},{headers:n.headers})},httpPut:async function(t,e,i,a){const n=await U(t,"PUT",e,i,a);return l(l({data:await n.json()},n),{},{headers:n.headers})},init:J}),G=y.create((()=>({events:g,moduleMetadata:s,mainEntry:o,utils:F,storage:_,crypto:N,indexedDB:E,logger:q,http:V})));class W{static arrayBufferToBase64(t){return btoa(String.fromCharCode(...new Uint8Array(t)))}static base64ToArrayBuffer(t){return Uint8Array.from(atob(t),(t=>t.charCodeAt(0)))}static stringToBase64(t){return btoa(t)}static jsonToBase64(t){const e=JSON.stringify(t);return btoa(e)}static base64ToJson(t){const e=atob(t);return JSON.parse(e)}}const Z={log:console.log,error:console.error};var X,Y;!function(t){t.NotInitialized="not_initialized",t.AuthenticationFailed="authentication_failed",t.AuthenticationAbortedTimeout="authentication_aborted_timeout",t.AuthenticationCanceled="webauthn_authentication_canceled",t.RegistrationFailed="registration_failed",t.AlreadyRegistered="username_already_registered",t.RegistrationAbortedTimeout="registration_aborted_timeout",t.RegistrationCanceled="webauthn_registration_canceled",t.AutofillAuthenticationAborted="autofill_authentication_aborted",t.AuthenticationProcessAlreadyActive="authentication_process_already_active",t.InvalidApprovalData="invalid_approval_data",t.FailedToInitCrossDeviceSession="cross_device_init_failed",t.FailedToGetCrossDeviceStatus="cross_device_status_failed",t.Unknown="unknown"}(X||(X={}));class Q extends Error{constructor(t,e){super(t),this.errorCode=X.NotInitialized,this.data=e}}class tt extends Q{constructor(t,e){super(null!=t?t:"WebAuthnSdk is not initialized",e),this.errorCode=X.NotInitialized}}class et extends Q{constructor(t,e){super(null!=t?t:"Authentication failed with an error",e),this.errorCode=X.AuthenticationFailed}}class it extends Q{constructor(t,e){super(null!=t?t:"Authentication was canceled by the user or got timeout",e),this.errorCode=X.AuthenticationCanceled}}class at extends Q{constructor(t,e){super(null!=t?t:"Registration failed with an error",e),this.errorCode=X.RegistrationFailed}}class nt extends Q{constructor(t,e){super(null!=t?t:"Registration was canceled by the user or got timeout",e),this.errorCode=X.RegistrationCanceled}}class st extends Q{constructor(t){super(null!=t?t:"Autofill flow was aborted"),this.errorCode=X.AutofillAuthenticationAborted}}class rt extends Q{constructor(t){super(null!=t?t:"Operation was aborted by timeout"),this.errorCode=X.AutofillAuthenticationAborted}}class ot extends Q{constructor(t){super(null!=t?t:"Passkey with this username is already registered with the relying party."),this.errorCode=X.AlreadyRegistered}}class ct extends Q{constructor(t,e){super(null!=t?t:"Authentication process is already active",e),this.errorCode=X.AuthenticationProcessAlreadyActive}}class lt extends Q{constructor(t,e){super(null!=t?t:"Invalid approval data",e),this.errorCode=X.InvalidApprovalData}}class dt extends Q{constructor(t,e){super(null!=t?t:"Failed to init cross device authentication",e),this.errorCode=X.FailedToInitCrossDeviceSession}}class ut extends Q{constructor(t,e){super(null!=t?t:"Failed to get cross device status",e),this.errorCode=X.FailedToGetCrossDeviceStatus}}function ht(t){return t.errorCode&&Object.values(X).includes(t.errorCode)}!function(t){t[t.persistent=0]="persistent",t[t.session=1]="session"}(Y||(Y={}));class yt{static get(t){return yt.getStorageMedium(yt.allowedKeys[t]).getItem(yt.getStorageKey(t))||void 0}static set(t,e){return yt.getStorageMedium(yt.allowedKeys[t]).setItem(yt.getStorageKey(t),e)}static remove(t){yt.getStorageMedium(yt.allowedKeys[t]).removeItem(yt.getStorageKey(t))}static clear(t){for(const[e,i]of Object.entries(yt.allowedKeys)){const a=e;t&&this.configurationKeys.includes(a)||yt.getStorageMedium(i).removeItem(yt.getStorageKey(a))}}static getStorageKey(t){return`WebAuthnSdk:${t}`}static getStorageMedium(t){return t===Y.session?sessionStorage:localStorage}}yt.allowedKeys={clientId:Y.session},yt.configurationKeys=["clientId"];class pt{static isNewApiDomain(t){return t&&(this.newApiDomains.includes(t)||t.startsWith("api.")&&t.endsWith(".transmitsecurity.io"))}static dnsPrefetch(t){const e=document.createElement("link");e.rel="dns-prefetch",e.href=t,document.head.appendChild(e)}static preconnect(t,e){const i=document.createElement("link");i.rel="preconnect",i.href=t,e&&(i.crossOrigin="anonymous"),document.head.appendChild(i)}static warmupConnection(t){this.dnsPrefetch(t),this.preconnect(t,!1),this.preconnect(t,!0)}static init(t,e){var i,a;try{this._serverPath=new URL(e.serverPath),this.isNewApiDomain(null===(i=this._serverPath)||void 0===i?void 0:i.hostname)&&this.warmupConnection(this._serverPath.origin),this._apiPaths=null!==(a=e.webauthnApiPaths)&&void 0!==a?a:this.getDefaultPaths(),this._clientId=t,yt.set("clientId",t)}catch(t){throw new tt("Invalid options.serverPath",{error:t})}}static getDefaultPaths(){var t;const e=this.isNewApiDomain(null===(t=this._serverPath)||void 0===t?void 0:t.hostname)?"/cis":"";return{startAuthentication:`${e}/v1/auth/webauthn/authenticate/start`,startRegistration:`${e}/v1/auth/webauthn/register/start`,initCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/init`,startCrossDeviceAuthentication:`${e}/v1/auth/webauthn/cross-device/authenticate/start`,startCrossDeviceRegistration:`${e}/v1/auth/webauthn/cross-device/register/start`,getCrossDeviceTicketStatus:`${e}/v1/auth/webauthn/cross-device/status`,attachDeviceToCrossDeviceSession:`${e}/v1/auth/webauthn/cross-device/attach-device`}}static getApiPaths(){return this._apiPaths}static async sendRequest(t,e,i){Z.log(`[WebAuthn SDK] Calling ${e.method} ${t}...`);const a=new URL(this._serverPath);return a.pathname=t,i&&(a.search=i),fetch(a.toString(),e)}static async startRegistration(t){const e=await this.sendRequest(this._apiPaths.startRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId(),username:t.username,display_name:t.displayName},t.timeout&&{timeout:t.timeout}),t.limitSingleCredentialToDevice&&{limit_single_credential_to_device:t.limitSingleCredentialToDevice}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start registration",null==e?void 0:e.body);return await e.json()}static async startAuthentication(t){const e=await this.sendRequest(this._apiPaths.startAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}),t.timeout&&{timeout:t.timeout}))});if(!(null==e?void 0:e.ok))throw new et("Failed to start authentication",null==e?void 0:e.body);return await e.json()}static async initCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.initCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(l(l({client_id:this.getValidatedClientId()},t.username&&{username:t.username}),t.approvalData&&{approval_data:t.approvalData}))});if(!(null==e?void 0:e.ok))throw new dt(void 0,null==e?void 0:e.body);return await e.json()}static async getCrossDeviceTicketStatus(t){const e=await this.sendRequest(this._apiPaths.getCrossDeviceTicketStatus,{method:"GET"},`cross_device_ticket_id=${t.ticketId}`);if(!(null==e?void 0:e.ok))throw new ut(void 0,null==e?void 0:e.body);return await e.json()}static async startCrossDeviceAuthentication(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceAuthentication,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new et("Failed to start cross device authentication",null==e?void 0:e.body);return await e.json()}static async startCrossDeviceRegistration(t){const e=await this.sendRequest(this._apiPaths.startCrossDeviceRegistration,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to start cross device registration",null==e?void 0:e.body);return await e.json()}static async attachDeviceToCrossDeviceSession(t){const e=await this.sendRequest(this._apiPaths.attachDeviceToCrossDeviceSession,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({cross_device_ticket_id:t.ticketId})});if(!(null==e?void 0:e.ok))throw new at("Failed to attach device to cross device session",null==e?void 0:e.body);return await e.json()}static getValidatedClientId(){var t;const e=null!==(t=this._clientId)&&void 0!==t?t:yt.get("clientId");if(!e)throw new tt("Missing clientId");return e}}var gt,vt,wt,ft;pt.newApiDomains=["api.idsec-dev.com","api.idsec-stg.com"],function(t){t.InputAutofill="input-autofill",t.Modal="modal"}(gt||(gt={})),function(t){t.Pending="pending",t.Scanned="scanned",t.Success="success",t.Error="error",t.Timeout="timeout",t.Aborted="aborted"}(vt||(vt={})),function(t){t.toAuthenticationError=t=>ht(t)?t:"NotAllowedError"===t.name?new it:"OperationError"===t.name?new ct(t.message):"SecurityError"===t.name?new et(t.message):t===X.AuthenticationAbortedTimeout?new rt:"AbortError"===t.name||t===X.AutofillAuthenticationAborted?new st:new et("Something went wrong during authentication",{error:t}),t.toRegistrationError=t=>ht(t)?t:"NotAllowedError"===t.name?new nt:"SecurityError"===t.name?new at(t.message):"InvalidStateError"===t.name?new ot:t===X.RegistrationAbortedTimeout?new rt:new at("Something went wrong during registration",{error:t})}(wt||(wt={})),function(t){t.processCredentialRequestOptions=t=>l(l({},t),{},{challenge:W.base64ToArrayBuffer(t.challenge),allowCredentials:t.allowCredentials.map((t=>l(l({},t),{},{id:W.base64ToArrayBuffer(t.id)})))}),t.processCredentialCreationOptions=(t,e)=>{var i;const a=JSON.parse(JSON.stringify(t));return a.challenge=W.base64ToArrayBuffer(t.challenge),a.user.id=W.base64ToArrayBuffer(t.user.id),(null==e?void 0:e.limitSingleCredentialToDevice)&&(a.excludeCredentials=null===(i=t.excludeCredentials)||void 0===i?void 0:i.map((t=>l(l({},t),{},{id:W.base64ToArrayBuffer(t.id)})))),(null==e?void 0:e.registerAsDiscoverable)?(a.authenticatorSelection.residentKey="preferred",a.authenticatorSelection.requireResidentKey=!0):(a.authenticatorSelection.residentKey="discouraged",a.authenticatorSelection.requireResidentKey=!1),a.authenticatorSelection.authenticatorAttachment=(null==e?void 0:e.allowCrossPlatformAuthenticators)?void 0:"platform",a},t.encodeAuthenticationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:W.arrayBufferToBase64(t.rawId),response:{authenticatorData:W.arrayBufferToBase64(i.authenticatorData),clientDataJSON:W.arrayBufferToBase64(i.clientDataJSON),signature:W.arrayBufferToBase64(i.signature),userHandle:W.arrayBufferToBase64(i.userHandle)},authenticatorAttachment:e,type:t.type}},t.encodeRegistrationResult=t=>{const{authenticatorAttachment:e}=t,i=t.response;return{id:t.id,rawId:W.arrayBufferToBase64(t.rawId),response:{attestationObject:W.arrayBufferToBase64(i.attestationObject),clientDataJSON:W.arrayBufferToBase64(i.clientDataJSON)},authenticatorAttachment:e,type:t.type}}}(ft||(ft={}));class mt{async modal(t){try{const e=await this.performAuthentication(l(l({},t),{},{mediationType:gt.Modal}));return W.jsonToBase64(e)}catch(t){throw wt.toAuthenticationError(t)}}activateAutofill(t,e){const{onSuccess:i,onError:a,onReady:n}=t;this.performAuthentication({username:e,mediationType:gt.InputAutofill,onReady:n}).then((t=>{i(W.jsonToBase64(t))})).catch((t=>{const e=wt.toAuthenticationError(t);if(!a)throw e;a(e)}))}abortAutofill(){this.abortController&&this.abortController.abort(X.AutofillAuthenticationAborted)}abortAuthentication(){this.abortController&&this.abortController.abort(X.AuthenticationAbortedTimeout)}async performAuthentication(t){var e,i;const a="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,timeout:null===(e=t.options)||void 0===e?void 0:e.timeout}),n=a.credential_request_options,s=ft.processCredentialRequestOptions(n),r=this.getMediatedCredentialRequest(s,t.mediationType);t.mediationType===gt.InputAutofill&&(null===(i=t.onReady)||void 0===i||i.call(t));const o=await navigator.credentials.get(r).catch((t=>{throw wt.toAuthenticationError(t)}));return{webauthnSessionId:a.webauthn_session_id,publicKeyCredential:ft.encodeAuthenticationResult(o),userAgent:navigator.userAgent}}getMediatedCredentialRequest(t,e){const i={publicKey:t};return this.abortController=new AbortController,i.signal=this.abortController&&this.abortController.signal,e===gt.InputAutofill?i.mediation="conditional":t.timeout&&setTimeout((()=>{this.abortAuthentication()}),t.timeout),i}}class bt{constructor(t,e){this.handler=t,this.intervalInMs=e}begin(){var t;this.intervalId=window.setInterval((t=this.handler,async function(){t.isRunning||(t.isRunning=!0,await t(...arguments),t.isRunning=!1)}),this.intervalInMs)}stop(){clearInterval(this.intervalId)}}const Dt=/^[A-Za-z0-9\-_.: ]*$/;function At(t){if(t&&(!function(t){return Object.keys(t).length<=10}(t)||!function(t){const e=t=>"string"==typeof t,i=t=>Dt.test(t);return Object.keys(t).every((a=>e(a)&&e(t[a])&&i(a)&&i(t[a])))}(t)))throw Z.error("Failed validating approval data"),new lt("Provided approval data should have 10 properties max. Also, it should contain only \n alphanumeric characters, numbers, and the special characters: '-', '_', '.'")}class _t{constructor(t,e,i){this.authenticationHandler=t,this.registrationHandler=e,this.approvalHandler=i,this.init={registration:async t=>(this.ticketStatus=vt.Pending,this.pollCrossDeviceSession(t.crossDeviceTicketId,t.handlers)),authentication:async t=>{const{username:e}=t,i=(await pt.initCrossDeviceAuthentication(l({},e&&{username:e}))).cross_device_ticket_id;return this.ticketStatus=vt.Pending,this.pollCrossDeviceSession(i,t.handlers)},approval:async t=>{const{username:e,approvalData:i}=t;At(i);const a=(await pt.initCrossDeviceAuthentication({username:e,approvalData:i})).cross_device_ticket_id;return this.ticketStatus=vt.Pending,this.pollCrossDeviceSession(a,t.handlers)}},this.authenticate={modal:async t=>this.authenticationHandler.modal({crossDeviceTicketId:t})},this.approve={modal:async t=>this.approvalHandler.modal({crossDeviceTicketId:t})}}async register(t,e){return this.registrationHandler.register({crossDeviceTicketId:t},e)}async attachDevice(t){const e=await pt.attachDeviceToCrossDeviceSession({ticketId:t});return l({status:e.status,startedAt:e.started_at},e.approval_data&&{approvalData:e.approval_data})}async pollCrossDeviceSession(t,e){return this.poller=new bt((async()=>{var i,a;const n=await pt.getCrossDeviceTicketStatus({ticketId:t}),s=n.status;if(s!==this.ticketStatus)switch(this.ticketStatus=s,s){case vt.Scanned:await e.onDeviceAttach();break;case vt.Error:case vt.Timeout:case vt.Aborted:await e.onFailure(n),null===(i=this.poller)||void 0===i||i.stop();break;case vt.Success:if("onCredentialRegister"in e)await e.onCredentialRegister();else{if(!n.session_id)throw new ut("Cross device session is complete without returning session_id",n);await e.onCredentialAuthenticate(n.session_id)}null===(a=this.poller)||void 0===a||a.stop()}}),1e3),this.poller.begin(),setTimeout((()=>{var t;null===(t=this.poller)||void 0===t||t.stop(),e.onFailure({status:vt.Timeout})}),3e5),{crossDeviceTicketId:t,stop:()=>{var t;null===(t=this.poller)||void 0===t||t.stop()}}}}class St{async register(t,e){this.abortController=new AbortController;const i=l({allowCrossPlatformAuthenticators:!("crossDeviceTicketId"in t),registerAsDiscoverable:!0},e);try{const a="crossDeviceTicketId"in t?await pt.startCrossDeviceRegistration({ticketId:t.crossDeviceTicketId}):await pt.startRegistration({username:t.username,displayName:(null==e?void 0:e.displayName)||t.username,timeout:null==e?void 0:e.timeout,limitSingleCredentialToDevice:null==e?void 0:e.limitSingleCredentialToDevice}),n=ft.processCredentialCreationOptions(a.credential_creation_options,i);setTimeout((()=>{this.abortRegistration()}),n.timeout);const s=await this.registerCredential(n),r={webauthnSessionId:a.webauthn_session_id,publicKeyCredential:s,userAgent:navigator.userAgent};return W.jsonToBase64(r)}catch(t){throw wt.toRegistrationError(t)}}abortRegistration(){this.abortController&&this.abortController.abort(X.RegistrationAbortedTimeout)}async registerCredential(t){const e=await navigator.credentials.create({publicKey:t,signal:this.abortController&&this.abortController.signal}).catch((t=>{throw wt.toRegistrationError(t)}));return ft.encodeRegistrationResult(e)}}class Ct{async modal(t){try{const e=await this.performApproval(t);return W.jsonToBase64(e)}catch(t){throw wt.toAuthenticationError(t)}}async performApproval(t){"approvalData"in t&&At(t.approvalData);const e="crossDeviceTicketId"in t?await pt.startCrossDeviceAuthentication({ticketId:t.crossDeviceTicketId}):await pt.startAuthentication({username:t.username,approvalData:t.approvalData}),i=e.credential_request_options,a=ft.processCredentialRequestOptions(i),n=await navigator.credentials.get({publicKey:a}).catch((t=>{throw wt.toAuthenticationError(t)}));return{webauthnSessionId:e.webauthn_session_id,publicKeyCredential:ft.encodeAuthenticationResult(n),userAgent:navigator.userAgent}}}class Kt{constructor(){this._initialized=!1,this._authenticationHandler=new mt,this._registrationHandler=new St,this._approvalHandler=new Ct,this._crossDeviceHandler=new _t(this._authenticationHandler,this._registrationHandler,this._approvalHandler),this.authenticate={modal:async(t,e)=>(this.initCheck(),this._authenticationHandler.modal({username:t,options:e})),autofill:{activate:(t,e)=>(this.initCheck(),this._authenticationHandler.activateAutofill(t,e)),abort:()=>this._authenticationHandler.abortAutofill()}},this.approve={modal:async(t,e)=>(this.initCheck(),this._approvalHandler.modal({username:t,approvalData:e}))},this.register=async(t,e)=>(this.initCheck(),this._registrationHandler.register({username:t},e)),this.crossDevice={init:{registration:async t=>(this.initCheck(),this._crossDeviceHandler.init.registration(t)),authentication:async t=>(this.initCheck(),this._crossDeviceHandler.init.authentication(t)),approval:async t=>(this.initCheck(),this._crossDeviceHandler.init.approval(t))},authenticate:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.authenticate.modal(t))},approve:{modal:async t=>(this.initCheck(),this._crossDeviceHandler.approve.modal(t))},register:async(t,e)=>(this.initCheck(),this._crossDeviceHandler.register(t,e)),attachDevice:async t=>(this.initCheck(),this._crossDeviceHandler.attachDevice(t))},this.isPlatformAuthenticatorSupported=async()=>{var t;try{return await(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isUserVerifyingPlatformAuthenticatorAvailable())}catch(t){return!1}},this.isAutofillSupported=async()=>{var t,e;return!(!(null===(t=Kt.StaticPublicKeyCredential)||void 0===t?void 0:t.isConditionalMediationAvailable)||!await(null===(e=Kt.StaticPublicKeyCredential)||void 0===e?void 0:e.isConditionalMediationAvailable()))}}async init(t,e){try{if(!t)throw new tt("Invalid clientId",{clientId:t});if(e.webauthnApiPaths){const t=pt.getDefaultPaths();if(function(t,e){const i=new Set(t),a=new Set(e);return[...t.filter((t=>!a.has(t))),...e.filter((t=>!i.has(t)))]}(Object.keys(e.webauthnApiPaths),Object.keys(t)).length)throw new tt("Invalid custom paths",{customApiPaths:e.webauthnApiPaths})}pt.init(t,e),this._initialized=!0}catch(t){throw ht(t)?t:new tt("Failed to initialize SDK")}}getDefaultPaths(){return this.initCheck(),pt.getDefaultPaths()}getApiPaths(){return this.initCheck(),pt.getApiPaths()}initCheck(){if(!this._initialized)throw new tt}}Kt.StaticPublicKeyCredential=window.PublicKeyCredential;const kt=new G("webauthn"),Rt=new Kt;kt.events.on(kt.events.MODULE_INITIALIZED,(()=>{var t;const e=kt.moduleMetadata.getInitConfig();if(!(null===(t=null==e?void 0:e.webauthn)||void 0===t?void 0:t.serverPath))return;const{clientId:i,webauthn:a}=e;Rt.init(i,l({},a))}));const Pt={modal:async(t,e)=>(Rt.initCheck(),Rt.authenticate.modal(t,e)),autofill:{activate:(t,e)=>{Rt.initCheck(),Rt.authenticate.autofill.activate(t,e)},abort:()=>{Rt.initCheck(),Rt.authenticate.autofill.abort()}}},Tt={modal:async(t,e)=>(Rt.initCheck(),Rt.approve.modal(t,e))};async function It(t,e){return Rt.initCheck(),Rt.register(t,e)}const{crossDevice:Ot}=Rt,{isPlatformAuthenticatorSupported:jt}=Rt,{isAutofillSupported:xt}=Rt,{getDefaultPaths:Bt}=Rt;window.localWebAuthnSDK=Rt;const Nt="1.16.2",Et={initialize:r,...Object.freeze({__proto__:null,get WebauthnCrossDeviceStatus(){return vt},approve:Tt,authenticate:Pt,crossDevice:Ot,getDefaultPaths:Bt,isAutofillSupported:xt,isPlatformAuthenticatorSupported:jt,register:It})};export{Nt as PACKAGE_VERSION,vt as WebauthnCrossDeviceStatus,Tt as approve,Pt as authenticate,Ot as crossDevice,Bt as getDefaultPaths,r as initialize,xt as isAutofillSupported,jt as isPlatformAuthenticatorSupported,It as register,Et as webauthn};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@transmitsecurity/platform-web-sdk",
3
- "version": "1.16.0",
3
+ "version": "1.16.2",
4
4
  "license": "SEE LICENSE IN LICENSE",
5
5
  "private": false,
6
6
  "main": "dist/index.cjs",
@@ -95,5 +95,6 @@
95
95
  "security",
96
96
  "identity"
97
97
  ],
98
- "description": "Transmit Security Web SDK - Browser-only authentication and identity verification"
98
+ "description": "Transmit Security Web SDK - Browser-only authentication and identity verification",
99
+ "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e"
99
100
  }