@trymellon/js 2.2.0 → 2.3.0

package/dist/ui/index.js

@@ -1,4 +1,4 @@
-function wn(e){if(e.recommendedFlow==="fallback")return e.fallbackType==="email"?"FALLBACK_EMAIL":e.fallbackType==="qr"?"FALLBACK_QR":"FALLBACK";switch(e.mode){case"login":return"READY_LOGIN";case"register":return"READY_REGISTER";default:return"READY"}}function Pn(e){return e==="register"?"READY_REGISTER":"READY_LOGIN"}function re(e,t){if(e==null||t==null||t.type==="RESET")return"IDLE";if(t.type==="TAB_CHANGE"){let r=t.payload?.tab;if(r!=="register"&&r!=="login")return e;let n=Pn(r);switch(e){case"READY":case"READY_REGISTER":case"READY_LOGIN":case"FALLBACK":case"FALLBACK_EMAIL":case"FALLBACK_QR":case"AUTHENTICATING":case"ERROR":return n;default:return e}}switch(e){case"IDLE":if(t.type==="ENV_EVAL_START")return"EVALUATING_ENV";break;case"EVALUATING_ENV":if(t.type==="ENV_RESOLVED")return wn(t.payload);if(t.type==="ENV_DETACH")return"IDLE";if(t.type==="ENV_ERROR")return"ERROR";break;case"READY":case"READY_REGISTER":case"READY_LOGIN":if(t.type==="START_AUTH")return"AUTHENTICATING";break;case"AUTHENTICATING":if(t.type==="AUTH_SUCCESS")return"SUCCESS";if(t.type==="AUTH_ERROR")return"ERROR";if(t.type==="AUTH_FALLBACK")return"FALLBACK";if(t.type==="AUTH_FALLBACK_EMAIL")return"FALLBACK_EMAIL";if(t.type==="AUTH_FALLBACK_QR")return"FALLBACK_QR";break;default:break}return e}var S="IDLE";var lr=["IDLE","EVALUATING_ENV","READY","READY_REGISTER","READY_LOGIN","AUTHENTICATING","SUCCESS","ERROR","FALLBACK","FALLBACK_EMAIL","FALLBACK_QR"],ne=["login","register","auto"],F=["light","dark"],oe=["register","login"],ie=["modal","inline"],se=["email","qr"],ae=["direct-auth","open-modal"],le=["default","pill"],ue=["default","minimal"],ur=["passkey","fallback"];function ct(e){if(e==null||typeof e!="object")return!1;let t=e;return!(typeof t.isPasskeySupported!="boolean"||typeof t.platformAuthenticatorAvailable!="boolean"||t.recommendedFlow!=="passkey"&&t.recommendedFlow!=="fallback")}function C(e,t){return typeof e=="string"&&t.includes(e)}function pt(e){return C(e,lr)}function D(e){return pt(e)?e:S}function K(e){return C(e,ne)}function de(e){return C(e,F)}function ce(e){return C(e,oe)}function Te(e){return C(e,ie)}function mt(e){return C(e,ae)}function ft(e){return C(e,le)}function ht(e){return C(e,ue)}function gt(e){if(e==null||typeof e!="object")return!1;let t=e;return C(t.recommendedFlow,ur)&&K(t.mode)&&(t.fallbackType===void 0||C(t.fallbackType,se))}function Se(e){if(e==null||typeof e!="object")return!1;let t=e,r=t.type;if(typeof r!="string")return!1;switch(r){case"ENV_EVAL_START":case"ENV_DETACH":case"ENV_ERROR":case"RESET":case"START_AUTH":case"AUTH_SUCCESS":case"AUTH_ERROR":case"AUTH_FALLBACK":case"AUTH_FALLBACK_EMAIL":case"AUTH_FALLBACK_QR":return!0;case"ENV_RESOLVED":return gt(t.payload);case"TAB_CHANGE":return t.payload!=null&&typeof t.payload=="object"&&ce(t.payload.tab);default:return!1}}var Ce="login",V="light",Ie="modal",Le="register",Q={register:"Register",login:"Sign in"},Me="open-modal",Oe="default",xe="default",pe={appId:"",publishableKey:"",mode:Ce,externalUserId:null,theme:V,action:Me,triggerOnly:!1,buttonVariant:Oe,buttonLabel:null,buttonAriaLabel:null},bt={open:!1,mode:Ie,tab:Le,tabLabels:Q,theme:V,sessionId:null,onboardingUrl:null,isMobileOverride:null,appId:"",publishableKey:"",appName:null,dialogTitle:null,dialogDescription:null,externalUserId:null,modalVariant:xe};function dr(e){if(e==null||typeof e!="object")return!1;let t=e;return typeof t.appId=="string"&&typeof t.publishableKey=="string"&&K(t.mode)&&(t.externalUserId===null||typeof t.externalUserId=="string")&&de(t.theme)&&mt(t.action)&&typeof t.triggerOnly=="boolean"&&ft(t.buttonVariant)}function cr(e){if(e==null||typeof e!="object")return!1;let t=e;return typeof t.register=="string"&&typeof t.login=="string"}function pr(e){if(e==null||typeof e!="object")return!1;let t=e;return typeof t.open=="boolean"&&Te(t.mode)&&ce(t.tab)&&cr(t.tabLabels)&&de(t.theme)&&(t.sessionId===null||typeof t.sessionId=="string")&&(t.onboardingUrl===null||typeof t.onboardingUrl=="string")&&(t.isMobileOverride===null||typeof t.isMobileOverride=="boolean")&&(t.fallbackType===void 0||t.fallbackType==="email"||t.fallbackType==="qr")&&typeof t.appId=="string"&&typeof t.publishableKey=="string"&&(t.appName==null||typeof t.appName=="string")&&(t.dialogTitle==null||typeof t.dialogTitle=="string")&&(t.dialogDescription==null||typeof t.dialogDescription=="string")&&(t.externalUserId==null||typeof t.externalUserId=="string")&&ht(t.modalVariant)}function mr(){return pe}function fr(){return bt}function Et(e){return dr(e)?e:mr()}function yt(e){return pr(e)?e:fr()}function v(e,t){let r=D(e);return Se(t)?re(r,t):r}function At(e,t,r){return{state:e,theme:t.theme,mode:t.mode,buttonVariant:t.buttonVariant,...t.mode==="register"&&r?.registerSessionReady!==void 0&&{registerSessionReady:r.registerSessionReady},...r?.primaryButtonLabel!==void 0&&{primaryButtonLabel:r.primaryButtonLabel},...r?.primaryButtonAriaLabel!==void 0&&{primaryButtonAriaLabel:r.primaryButtonAriaLabel}}}function _t(e,t,r){return{state:e,theme:t.theme,tab:t.tab,tabLabels:t.tabLabels,...t.tab==="register"&&r?.registerSessionReady!==void 0&&{registerSessionReady:r.registerSessionReady},primaryButtonLabel:r?.primaryButtonLabel??"Try Passkey",primaryButtonAriaLabel:r?.primaryButtonAriaLabel??"Try Passkey, use this device"}}function Nn(e){return typeof e?.getClientStatus=="function"}async function hr(e){if(!Nn(e.envStatusPort))return S;let t=e.envStatusPort,r=D(e.currentState),n=K(e.mode)?e.mode:"login",o=e.isMobileOverride===!0,i=e.fallbackType==="email"||e.fallbackType==="qr"?e.fallbackType:void 0,a=v(r,{type:"ENV_EVAL_START"}),l;try{let h=await t.getClientStatus();if(!ct(h))return v(a,{type:"ENV_ERROR"});l=h}catch{return v(a,{type:"ENV_ERROR"})}let d=o===!0?"fallback":l.recommendedFlow,p={recommendedFlow:d,mode:n,...d==="fallback"&&i!=null&&{fallbackType:i}};return v(a,{type:"ENV_RESOLVED",payload:p})}function gr(e){return v(e,{type:"START_AUTH"})!==e}function Bn(e,t,r,n){let o=v(e,{type:"START_AUTH"});return t==="register"?r.register(n):r.authenticate(n),o}var Fn={email:{type:"AUTH_FALLBACK_EMAIL"},qr:{type:"AUTH_FALLBACK_QR"},generic:{type:"AUTH_FALLBACK"}};function Kn(e,t){return v(e,Fn[t==="email"?"email":t==="qr"?"qr":"generic"])}var R={envEvalStart(e){return v(e,{type:"ENV_EVAL_START"})},evaluateEnv(e){return hr(e)},startAuth(e,t,r,n){return Bn(e,t,r,n)},handleAuthSuccess(e){return v(e,{type:"AUTH_SUCCESS"})},handleAuthError(e){return v(e,{type:"AUTH_ERROR"})},tryHandleAuthSuccess(e){return e!=="AUTHENTICATING"?null:v(e,{type:"AUTH_SUCCESS"})},tryHandleAuthError(e){return e!=="AUTHENTICATING"?null:v(e,{type:"AUTH_ERROR"})},handleFallback(e,t){return Kn(e,t)},tabChange(e,t){return v(e,{type:"TAB_CHANGE",payload:{tab:t}})},reset(e){return v(e,{type:"RESET"})}};function H(e){return e==null||e.trim()===""?"":e.trim()}function T(e){let t=H(e);return t===""?null:t}function ke(e){if(e==null)return!1;let t=e.trim().toLowerCase();return t==="true"||t==="1"||t===""}function br(e){if(e==null||e.trim()==="")return null;let t=e.trim().toLowerCase();return t==="true"||t==="1"?!0:t==="false"||t==="0"?!1:null}function I(e,t,r){if(e==null||e.trim()==="")return r;let n=e.trim().toLowerCase();return t.includes(n)?n:r}function Er(e,t){if(e==null||e.trim()==="")return;let r=e.trim().toLowerCase();if(t.includes(r))return r}function vt(e){let t={appId:H(e.getAttribute("app-id")),publishableKey:H(e.getAttribute("publishable-key")),mode:I(e.getAttribute("mode"),ne,Ce),externalUserId:T(e.getAttribute("external-user-id")),theme:I(e.getAttribute("theme"),F,V),action:I(e.getAttribute("action"),ae,Me),triggerOnly:ke(e.getAttribute("trigger-only")),buttonVariant:I(e.getAttribute("button-variant"),le,Oe),buttonLabel:T(e.getAttribute("button-label")),buttonAriaLabel:T(e.getAttribute("button-aria-label"))};return Et(t)}var q="mellon-root",De=".mellon-btn",we='[data-mellon-action^="fallback"]',Pe="fallback-email",$="fallback-qr",me="TryMellon",Rt="Try Passkey",fe="TryMellon, open authentication",Tt="Try Passkey, use this device",w="http://www.w3.org/2000/svg",St="mellon-modal-wrapper",he="mellon-modal-overlay",Ct="mellon-modal-panel",ge="mellon-modal-tabs",It="mellon-modal-content",j="cross-device",Lt="fallback-cta",Ue="mellon-dialog-title",be="mellon-dialog-desc",yr="TryMellon \u2014 Sign in or register",Ar=e=>`${e} \u2014 Sign in or register`,_r="Pick Register or Sign in to continue.",vr="Or sign in with",M="mellon-cross-device-wrap",Mt="mellon-modal-separator",Ot="mellon-modal-close-btn",Rr="Close dialog",Tr="Try from another device",Sr="mellon-cross-device-cta",Cr="Try with QR",Ir="mellon-cross-device-skeleton",Lr="mellon-cross-device-error",Mr="mellon-cross-device-slot-wrap",Or="Loading QRs",xr="QR could not be loaded. Try again.";function kr(){let e=document.createElementNS(w,"svg");e.setAttribute("viewBox","0 0 24 24"),e.setAttribute("aria-hidden","true"),e.setAttribute("class","mellon-btn-icon"),e.setAttribute("fill","none"),e.setAttribute("stroke","currentColor"),e.setAttribute("stroke-width","2"),e.setAttribute("stroke-linecap","round"),e.setAttribute("stroke-linejoin","round");let t=document.createElementNS(w,"path");t.setAttribute("d","M12 22a10 10 0 0 0 10-10 10 10 0 0 0-20 0 10 10 0 0 0 10 10Z");let r=document.createElementNS(w,"path");r.setAttribute("d","M12 14a2 2 0 0 0 2-2 2 2 0 0 0-2-2 2 2 0 0 0-2 2 2 2 0 0 0 2 2Z");let n=document.createElementNS(w,"path");return n.setAttribute("d","M5 19.05A9 9 0 0 1 3 12a9 9 0 0 1 2-5.05"),e.appendChild(t),e.appendChild(r),e.appendChild(n),e}function Vn(e,t=me,r=fe){let n=document.createElement("button");return n.type="button",n.className="mellon-btn",n.setAttribute("aria-label",r),n.disabled=e,n.appendChild(kr()),n.appendChild(document.createTextNode(t)),n}function Hn(e,t=me,r=fe){let n=document.createElement("button");n.type="button",n.className="mellon-btn mellon-btn-pill",n.setAttribute("aria-label",r),n.disabled=e;let o=document.createElement("span");return o.className="mellon-btn-pill-icon-circle",o.setAttribute("aria-hidden","true"),o.appendChild(kr()),n.appendChild(o),n.appendChild(document.createTextNode(t)),n}function qn(e,t=me,r=fe){return n=>e==="pill"?Hn(n,t,r):Vn(n,t,r)}function jn(e){return{variant:e.buttonVariant??"default",label:e.primaryButtonLabel??me,ariaLabel:e.primaryButtonAriaLabel??fe}}function xt(e){let{variant:t,label:r,ariaLabel:n}=jn(e);return qn(t,r,n)(!1)}function Gn(e){let{shadowRoot:t}=e,r=t.getElementById(q);return r||(r=document.createElement("div"),r.id=q,r.className="mellon-root",t.appendChild(r)),r}function X(e,t){let r=document.createElement("p");return r.className=e,r.textContent=t,r}function Wn(e,t){let r=document.createElement("button");return r.type="button",r.className="mellon-btn mellon-btn-fallback",r.setAttribute("data-mellon-action",e),r.textContent=t,r}var Yn={FALLBACK:{action:"fallback",label:"Continuar"},FALLBACK_EMAIL:{action:Pe,label:"Continuar con email"},FALLBACK_QR:{action:$,label:"Continuar con QR"}};function zn(e){let t=document.createElement("div");t.className="mellon-fallback";let r=document.createElement("p");r.className="mellon-message",r.textContent="Fallback disponible.",t.appendChild(r);let{action:n,label:o}=Yn[e];return t.appendChild(Wn(n,o)),t}function Qn(e,t){let r=document.createDocumentFragment();switch(e){case"IDLE":case"EVALUATING_ENV":r.appendChild(X("mellon-loading","Loading\u2026"));break;case"READY_LOGIN":r.appendChild(xt(t));break;case"READY_REGISTER":t.registerSessionReady===!1?r.appendChild(X("mellon-loading","Preparando registro\u2026")):r.appendChild(xt(t));break;case"READY":r.appendChild(xt(t));break;case"AUTHENTICATING":r.appendChild(X("mellon-loading","Authenticating\u2026"));break;case"SUCCESS":r.appendChild(X("mellon-message","Success."));break;case"ERROR":r.appendChild(X("mellon-message","Something went wrong."));break;case"FALLBACK":case"FALLBACK_EMAIL":case"FALLBACK_QR":r.appendChild(zn(e));break;default:r.appendChild(X("mellon-loading","Loading\u2026"))}return r}function kt(e,t,r={}){let n=D(t),o=Gn(e),i=Qn(n,r);o.replaceChildren(...Array.from(i.childNodes))}function $n(e){return{theme:e.theme,mode:e.mode,buttonVariant:e.buttonVariant,registerSessionReady:e.registerSessionReady,primaryButtonLabel:e.primaryButtonLabel,primaryButtonAriaLabel:e.primaryButtonAriaLabel}}function Xn(e){return{theme:e.theme,mode:e.tab,buttonVariant:"pill",registerSessionReady:e.registerSessionReady,primaryButtonLabel:e.primaryButtonLabel,primaryButtonAriaLabel:e.primaryButtonAriaLabel}}function Dr(e,t){kt(e,t.state,$n(t))}function wr(e,t){kt(e,t.state,Xn(t))}var Pr=".mellon-modal-tabs",Dt="data-tab",Ur='a[href], button:not([disabled]), input:not([disabled]), select:not([disabled]), textarea:not([disabled]), [tabindex]:not([tabindex="-1"])',Nr='[data-mellon-modal-close="true"]';function Br(e){if(e===Pe)return"email";if(e===$)return"qr"}function Fr(e,t){let r=n=>{let o=n.target instanceof Element?n.target:null;if(!o)return;let i=o.closest(we);if(i instanceof HTMLButtonElement){t.onFallbackClick(Br(i.getAttribute("data-mellon-action")));return}o.closest(De)&&t.onPrimaryClick()};return e.addEventListener("click",r),()=>e.removeEventListener("click",r)}function Kr(e,t){let r=n=>{let o=n.target instanceof Element?n.target:null;if(!o)return;if(t.onCloseClick&&o.closest(Nr)instanceof HTMLElement){t.onCloseClick();return}let i=o.closest(we);if(i instanceof HTMLButtonElement){t.onFallbackClick(Br(i.getAttribute("data-mellon-action")));return}if(e.querySelector(Pr)?.contains(o)){let d=o.closest(`[${Dt}]`)?.getAttribute(Dt);if(d==="register"||d==="login"){t.onTabChange(d);return}}if(o.closest(De)){t.onPrimaryClick();return}if(t.onOverlayClick){let l=e.querySelector(`.${he}`);l&&o===l&&t.onOverlayClick()}};return e.addEventListener("click",r),()=>e.removeEventListener("click",r)}var Ee=`
+function io(t){if(t.recommendedFlow==="fallback")return t.fallbackType==="email"?"FALLBACK_EMAIL":t.fallbackType==="qr"?"FALLBACK_QR":"FALLBACK";switch(t.mode){case"login":return"READY_LOGIN";case"register":return"READY_REGISTER";default:return"READY"}}function so(t){return t==="register"?"READY_REGISTER":"READY_LOGIN"}function ae(t,e){if(t==null||e==null||e.type==="RESET")return"IDLE";if(e.type==="TAB_CHANGE"){let r=e.payload?.tab;if(r!=="register"&&r!=="login")return t;let n=so(r);switch(t){case"READY":case"READY_REGISTER":case"READY_LOGIN":case"FALLBACK":case"FALLBACK_EMAIL":case"FALLBACK_QR":case"AUTHENTICATING":case"ERROR":return n;default:return t}}switch(t){case"IDLE":if(e.type==="ENV_EVAL_START")return"EVALUATING_ENV";if(e.type==="ENROLLMENT_READY_SET")return"ENROLLMENT_READY";break;case"EVALUATING_ENV":if(e.type==="ENV_RESOLVED")return io(e.payload);if(e.type==="ENV_DETACH")return"IDLE";if(e.type==="ENV_ERROR")return"ERROR";break;case"READY":case"READY_REGISTER":case"READY_LOGIN":if(e.type==="START_AUTH")return"AUTHENTICATING";break;case"AUTHENTICATING":if(e.type==="AUTH_SUCCESS")return"SUCCESS";if(e.type==="AUTH_ERROR")return"ERROR";if(e.type==="AUTH_FALLBACK")return"FALLBACK";if(e.type==="AUTH_FALLBACK_EMAIL")return"FALLBACK_EMAIL";if(e.type==="AUTH_FALLBACK_QR")return"FALLBACK_QR";break;case"ENROLLMENT_READY":if(e.type==="START_ENROLL")return"ENROLLING";break;case"ENROLLING":if(e.type==="ENROLL_SUCCESS")return"ENROLLMENT_SUCCESS";if(e.type==="ENROLL_ERROR")return"ENROLLMENT_ERROR";break;case"ENROLLMENT_ERROR":if(e.type==="ENROLL_RETRY")return"ENROLLMENT_READY";break;default:break}return t}var k="IDLE";var Cr=["IDLE","EVALUATING_ENV","READY","READY_REGISTER","READY_LOGIN","AUTHENTICATING","SUCCESS","ERROR","FALLBACK","FALLBACK_EMAIL","FALLBACK_QR","ENROLLMENT_READY","ENROLLING","ENROLLMENT_SUCCESS","ENROLLMENT_ERROR"],le=["login","register","auto"],G=["light","dark"],ue=["register","login"],de=["modal","inline"],ce=["email","qr"],pe=["direct-auth","open-modal"],me=["default","pill"],ge=["default","minimal"],Ir=["passkey","fallback"];function Tt(t){if(t==null||typeof t!="object")return!1;let e=t;return!(typeof e.isPasskeySupported!="boolean"||typeof e.platformAuthenticatorAvailable!="boolean"||e.recommendedFlow!=="passkey"&&e.recommendedFlow!=="fallback")}function D(t,e){return typeof t=="string"&&e.includes(t)}function Ct(t){return D(t,Cr)}function B(t){return Ct(t)?t:k}function j(t){return D(t,le)}function fe(t){return D(t,G)}function he(t){return D(t,ue)}function xe(t){return D(t,de)}function It(t){return D(t,pe)}function Lt(t){return D(t,me)}function Mt(t){return D(t,ge)}function Ot(t){if(t==null||typeof t!="object")return!1;let e=t;return D(e.recommendedFlow,Ir)&&j(e.mode)&&(e.fallbackType===void 0||D(e.fallbackType,ce))}function ke(t){if(t==null||typeof t!="object")return!1;let e=t,r=e.type;if(typeof r!="string")return!1;switch(r){case"ENV_EVAL_START":case"ENV_DETACH":case"ENV_ERROR":case"RESET":case"START_AUTH":case"AUTH_SUCCESS":case"AUTH_ERROR":case"AUTH_FALLBACK":case"AUTH_FALLBACK_EMAIL":case"AUTH_FALLBACK_QR":case"ENROLLMENT_READY_SET":case"START_ENROLL":case"ENROLL_SUCCESS":case"ENROLL_ERROR":case"ENROLL_RETRY":return!0;case"ENV_RESOLVED":return Ot(e.payload);case"TAB_CHANGE":return e.payload!=null&&typeof e.payload=="object"&&he(e.payload.tab);default:return!1}}var De="login",Y="light",Ne="modal",Pe="register",J={register:"Register",login:"Sign in"},we="open-modal",Ue="default",Be="default",Ee={appId:"",publishableKey:"",mode:De,externalUserId:null,theme:Y,action:we,triggerOnly:!1,buttonVariant:Ue,buttonLabel:null,buttonAriaLabel:null,ticketId:null},xt={open:!1,mode:Ne,tab:Pe,tabLabels:J,theme:Y,sessionId:null,onboardingUrl:null,isMobileOverride:null,appId:"",publishableKey:"",appName:null,dialogTitle:null,dialogDescription:null,externalUserId:null,modalVariant:Be};function Lr(t){if(t==null||typeof t!="object")return!1;let e=t;return typeof e.appId=="string"&&typeof e.publishableKey=="string"&&j(e.mode)&&(e.externalUserId===null||typeof e.externalUserId=="string")&&fe(e.theme)&&It(e.action)&&typeof e.triggerOnly=="boolean"&&Lt(e.buttonVariant)&&(e.ticketId===void 0||e.ticketId===null||typeof e.ticketId=="string")}function Mr(t){if(t==null||typeof t!="object")return!1;let e=t;return typeof e.register=="string"&&typeof e.login=="string"}function Or(t){if(t==null||typeof t!="object")return!1;let e=t;return typeof e.open=="boolean"&&xe(e.mode)&&he(e.tab)&&Mr(e.tabLabels)&&fe(e.theme)&&(e.sessionId===null||typeof e.sessionId=="string")&&(e.onboardingUrl===null||typeof e.onboardingUrl=="string")&&(e.isMobileOverride===null||typeof e.isMobileOverride=="boolean")&&(e.fallbackType===void 0||e.fallbackType==="email"||e.fallbackType==="qr")&&typeof e.appId=="string"&&typeof e.publishableKey=="string"&&(e.appName==null||typeof e.appName=="string")&&(e.dialogTitle==null||typeof e.dialogTitle=="string")&&(e.dialogDescription==null||typeof e.dialogDescription=="string")&&(e.externalUserId==null||typeof e.externalUserId=="string")&&Mt(e.modalVariant)}function xr(){return Ee}function kr(){return xt}function kt(t){return Lr(t)?t:xr()}function Dt(t){return Or(t)?t:kr()}function S(t,e){let r=B(t);return ke(e)?ae(r,e):r}function Nt(t,e,r){return{state:t,theme:e.theme,mode:e.mode,buttonVariant:e.buttonVariant,...e.mode==="register"&&r?.registerSessionReady!==void 0&&{registerSessionReady:r.registerSessionReady},...r?.primaryButtonLabel!==void 0&&{primaryButtonLabel:r.primaryButtonLabel},...r?.primaryButtonAriaLabel!==void 0&&{primaryButtonAriaLabel:r.primaryButtonAriaLabel}}}function Pt(t,e,r){return{state:t,theme:e.theme,tab:e.tab,tabLabels:e.tabLabels,...e.tab==="register"&&r?.registerSessionReady!==void 0&&{registerSessionReady:r.registerSessionReady},primaryButtonLabel:r?.primaryButtonLabel??"Try Passkey",primaryButtonAriaLabel:r?.primaryButtonAriaLabel??"Try Passkey, use this device"}}function lo(t){return typeof t?.getClientStatus=="function"}async function Dr(t){if(!lo(t.envStatusPort))return k;let e=t.envStatusPort,r=B(t.currentState),n=j(t.mode)?t.mode:"login",o=t.isMobileOverride===!0,i=t.fallbackType==="email"||t.fallbackType==="qr"?t.fallbackType:void 0,a=S(r,{type:"ENV_EVAL_START"}),u;try{let f=await e.getClientStatus();if(!Tt(f))return S(a,{type:"ENV_ERROR"});u=f}catch{return S(a,{type:"ENV_ERROR"})}let p=o===!0?"fallback":u.recommendedFlow,g={recommendedFlow:p,mode:n,...p==="fallback"&&i!=null&&{fallbackType:i}};return S(a,{type:"ENV_RESOLVED",payload:g})}function Pr(t){return S(t,{type:"START_AUTH"})!==t}function uo(t,e,r,n){let o=S(t,{type:"START_AUTH"});return e==="register"?r.register(n):r.authenticate(n),o}function co(t,e,r){let n=t;n!=="ENROLLMENT_READY"&&(n=S(n,{type:"ENROLLMENT_READY_SET",payload:{ticketId:r.ticketId}}));let o=S(n,{type:"START_ENROLL"});return e.enroll(r),o}function Nr(t,e,r,n,o){return t!==e?null:S(t,{type:o==="success"?r:n})}var po={email:{type:"AUTH_FALLBACK_EMAIL"},qr:{type:"AUTH_FALLBACK_QR"},generic:{type:"AUTH_FALLBACK"}};function mo(t,e){return S(t,po[e==="email"?"email":e==="qr"?"qr":"generic"])}var I={envEvalStart(t){return S(t,{type:"ENV_EVAL_START"})},evaluateEnv(t){return Dr(t)},startAuth(t,e,r,n){return uo(t,e,r,n)},handleAuthOutcome(t,e){return Nr(t,"AUTHENTICATING","AUTH_SUCCESS","AUTH_ERROR",e)},handleFallback(t,e){return mo(t,e)},tabChange(t,e){return S(t,{type:"TAB_CHANGE",payload:{tab:e}})},reset(t){return S(t,{type:"RESET"})},startEnrollment(t,e,r){return co(t,e,r)},handleEnrollOutcome(t,e){return Nr(t,"ENROLLING","ENROLL_SUCCESS","ENROLL_ERROR",e)},enrollRetry(t){return S(t,{type:"ENROLL_RETRY"})}};function W(t){return t==null||t.trim()===""?"":t.trim()}function M(t){let e=W(t);return e===""?null:e}function Fe(t){if(t==null)return!1;let e=t.trim().toLowerCase();return e==="true"||e==="1"||e===""}function wr(t){if(t==null||t.trim()==="")return null;let e=t.trim().toLowerCase();return e==="true"||e==="1"?!0:e==="false"||e==="0"?!1:null}function N(t,e,r){if(t==null||t.trim()==="")return r;let n=t.trim().toLowerCase();return e.includes(n)?n:r}function Ur(t,e){if(t==null||t.trim()==="")return;let r=t.trim().toLowerCase();if(e.includes(r))return r}function wt(t){let e={appId:W(t.getAttribute("app-id")),publishableKey:W(t.getAttribute("publishable-key")),mode:N(t.getAttribute("mode"),le,De),externalUserId:M(t.getAttribute("external-user-id")),theme:N(t.getAttribute("theme"),G,Y),action:N(t.getAttribute("action"),pe,we),triggerOnly:Fe(t.getAttribute("trigger-only")),buttonVariant:N(t.getAttribute("button-variant"),me,Ue),buttonLabel:M(t.getAttribute("button-label")),buttonAriaLabel:M(t.getAttribute("button-aria-label")),ticketId:M(t.getAttribute("ticket-id"))};return kt(e)}var $="mellon-root",Ke=".mellon-btn",Ve='[data-mellon-action^="fallback"]',He="fallback-email",Z="fallback-qr",be="TryMellon",Ut="Try Passkey",ye="TryMellon, open authentication",Bt="Try Passkey, use this device",F="http://www.w3.org/2000/svg",_e="mellon-modal-wrapper",z="mellon-modal-overlay",Re="mellon-modal-panel",Ae="mellon-modal-tabs",Ft="mellon-modal-content",K="cross-device",Kt="fallback-cta",qe="mellon-dialog-title",ve="mellon-dialog-desc",Br="TryMellon \u2014 Sign in or register",Fr=t=>`${t} \u2014 Sign in or register`,Kr="Pick Register or Sign in to continue.",Vr="Or sign in with",w="mellon-cross-device-wrap",Vt="mellon-modal-separator",Ht="mellon-modal-close-btn",Hr="Close dialog",qr="Try from another device",Gr="mellon-cross-device-cta",jr="Try with QR",Yr="mellon-cross-device-skeleton",Wr="mellon-cross-device-error",$r="mellon-cross-device-slot-wrap",zr="Loading QRs",Xr="QR could not be loaded. Try again.";function Qr(){let t=document.createElementNS(F,"svg");t.setAttribute("viewBox","0 0 24 24"),t.setAttribute("aria-hidden","true"),t.setAttribute("class","mellon-btn-icon"),t.setAttribute("fill","none"),t.setAttribute("stroke","currentColor"),t.setAttribute("stroke-width","2"),t.setAttribute("stroke-linecap","round"),t.setAttribute("stroke-linejoin","round");let e=document.createElementNS(F,"path");e.setAttribute("d","M12 22a10 10 0 0 0 10-10 10 10 0 0 0-20 0 10 10 0 0 0 10 10Z");let r=document.createElementNS(F,"path");r.setAttribute("d","M12 14a2 2 0 0 0 2-2 2 2 0 0 0-2-2 2 2 0 0 0-2 2 2 2 0 0 0 2 2Z");let n=document.createElementNS(F,"path");return n.setAttribute("d","M5 19.05A9 9 0 0 1 3 12a9 9 0 0 1 2-5.05"),t.appendChild(e),t.appendChild(r),t.appendChild(n),t}function go(t,e=be,r=ye){let n=document.createElement("button");return n.type="button",n.className="mellon-btn",n.setAttribute("aria-label",r),n.disabled=t,n.appendChild(Qr()),n.appendChild(document.createTextNode(e)),n}function fo(t,e=be,r=ye){let n=document.createElement("button");n.type="button",n.className="mellon-btn mellon-btn-pill",n.setAttribute("aria-label",r),n.disabled=t;let o=document.createElement("span");return o.className="mellon-btn-pill-icon-circle",o.setAttribute("aria-hidden","true"),o.appendChild(Qr()),n.appendChild(o),n.appendChild(document.createTextNode(e)),n}function ho(t,e=be,r=ye){return n=>t==="pill"?fo(n,e,r):go(n,e,r)}function Eo(t){return{variant:t.buttonVariant??"default",label:t.primaryButtonLabel??be,ariaLabel:t.primaryButtonAriaLabel??ye}}function qt(t){let{variant:e,label:r,ariaLabel:n}=Eo(t);return ho(e,r,n)(!1)}function bo(t){let{shadowRoot:e}=t,r=e.getElementById($);return r||(r=document.createElement("div"),r.id=$,r.className="mellon-root",e.appendChild(r)),r}function ee(t,e){let r=document.createElement("p");return r.className=t,r.textContent=e,r}function yo(t,e){let r=document.createElement("button");return r.type="button",r.className="mellon-btn mellon-btn-fallback",r.setAttribute("data-mellon-action",t),r.textContent=e,r}var _o={FALLBACK:{action:"fallback",label:"Continuar"},FALLBACK_EMAIL:{action:He,label:"Continuar con email"},FALLBACK_QR:{action:Z,label:"Continuar con QR"}};function Ro(t){let e=document.createElement("div");e.className="mellon-fallback";let r=document.createElement("p");r.className="mellon-message",r.textContent="Fallback disponible.",e.appendChild(r);let{action:n,label:o}=_o[t];return e.appendChild(yo(n,o)),e}function Ao(t,e){let r=document.createDocumentFragment();switch(t){case"IDLE":case"EVALUATING_ENV":r.appendChild(ee("mellon-loading","Loading\u2026"));break;case"READY_LOGIN":r.appendChild(qt(e));break;case"READY_REGISTER":e.registerSessionReady===!1?r.appendChild(ee("mellon-loading","Preparando registro\u2026")):r.appendChild(qt(e));break;case"READY":r.appendChild(qt(e));break;case"AUTHENTICATING":r.appendChild(ee("mellon-loading","Authenticating\u2026"));break;case"SUCCESS":r.appendChild(ee("mellon-message","Success."));break;case"ERROR":r.appendChild(ee("mellon-message","Something went wrong."));break;case"FALLBACK":case"FALLBACK_EMAIL":case"FALLBACK_QR":r.appendChild(Ro(t));break;default:r.appendChild(ee("mellon-loading","Loading\u2026"))}return r}function Gt(t,e,r={}){let n=B(e),o=bo(t),i=Ao(n,r);o.replaceChildren(...Array.from(i.childNodes))}function vo(t){return{theme:t.theme,mode:t.mode,buttonVariant:t.buttonVariant,registerSessionReady:t.registerSessionReady,primaryButtonLabel:t.primaryButtonLabel,primaryButtonAriaLabel:t.primaryButtonAriaLabel}}function So(t){return{theme:t.theme,mode:t.tab,buttonVariant:"pill",registerSessionReady:t.registerSessionReady,primaryButtonLabel:t.primaryButtonLabel,primaryButtonAriaLabel:t.primaryButtonAriaLabel}}function Jr(t,e){Gt(t,e.state,vo(e))}function Zr(t,e){Gt(t,e.state,So(e))}var en=".mellon-modal-tabs",jt="data-tab",tn='a[href], button:not([disabled]), input:not([disabled]), select:not([disabled]), textarea:not([disabled]), [tabindex]:not([tabindex="-1"])',rn='[data-mellon-modal-close="true"]';function nn(t){if(t===He)return"email";if(t===Z)return"qr"}function on(t,e){let r=n=>{let o=n.target instanceof Element?n.target:null;if(!o)return;let i=o.closest(Ve);if(i instanceof HTMLButtonElement){e.onFallbackClick(nn(i.getAttribute("data-mellon-action")));return}o.closest(Ke)&&e.onPrimaryClick()};return t.addEventListener("click",r),()=>t.removeEventListener("click",r)}function sn(t,e){let r=n=>{let o=n.target instanceof Element?n.target:null;if(!o)return;if(e.onCloseClick&&o.closest(rn)instanceof HTMLElement){e.onCloseClick();return}let i=o.closest(Ve);if(i instanceof HTMLButtonElement){e.onFallbackClick(nn(i.getAttribute("data-mellon-action")));return}if(t.querySelector(en)?.contains(o)){let p=o.closest(`[${jt}]`)?.getAttribute(jt);if(p==="register"||p==="login"){e.onTabChange(p);return}}if(o.closest(Ke)){e.onPrimaryClick();return}if(e.onOverlayClick){let u=t.querySelector(`.${z}`);u&&o===u&&e.onOverlayClick()}};return t.addEventListener("click",r),()=>t.removeEventListener("click",r)}var Se=`
 :host {
   display: block;
   max-width: 100%;
@@ -113,7 +113,7 @@ function wn(e){if(e.recommendedFlow==="fallback")return e.fallbackType==="email"
 @media (prefers-reduced-motion: reduce) {
   .mellon-btn, .mellon-modal-wrapper { transition: none; }
 }
-`.trim(),Vr=typeof ShadowRoot<"u"&&"adoptedStyleSheets"in ShadowRoot.prototype&&typeof CSSStyleSheet<"u"&&"replaceSync"in CSSStyleSheet.prototype;function wt(){if(!Vr)return null;try{let e=new CSSStyleSheet;return e.replaceSync(Ee),e}catch{return null}}function Pt(){return Ee}var Hr=`
+`.trim(),an=typeof ShadowRoot<"u"&&"adoptedStyleSheets"in ShadowRoot.prototype&&typeof CSSStyleSheet<"u"&&"replaceSync"in CSSStyleSheet.prototype;function Yt(){if(!an)return null;try{let t=new CSSStyleSheet;return t.replaceSync(Se),t}catch{return null}}function Wt(){return Se}var ln=`
 /* Host: full viewport when open, no border (only the inner panel has border). */
 :host {
   border: none;
@@ -486,7 +486,7 @@ function wn(e){if(e.recommendedFlow==="fallback")return e.fallbackType==="email"
     max-height: calc(100dvh - 4rem);
   }
 }
-`.trim();function qr(){return Ee+`
-`+Hr}function jr(){if(!Vr)return null;try{let e=new CSSStyleSheet;return e.replaceSync(Ee+`
-`+Hr),e}catch{return null}}var f=e=>({ok:!0,value:e}),c=e=>({ok:!1,error:e});var Ne=class e extends Error{code;details;isTryMellonError=!0;constructor(t,r,n){super(r),this.name="TryMellonError",this.code=t,this.details=n,Error.captureStackTrace&&Error.captureStackTrace(this,e)}},Jn={NOT_SUPPORTED:"WebAuthn is not supported in this environment",USER_CANCELLED:"User cancelled the operation",PASSKEY_NOT_FOUND:"Passkey not found",SESSION_EXPIRED:"Session has expired",NETWORK_FAILURE:"Network request failed",INVALID_ARGUMENT:"Invalid argument provided",TIMEOUT:"Operation timed out",ABORTED:"Operation was aborted",ABORT_ERROR:"Operation aborted by user or timeout",CHALLENGE_MISMATCH:"This link was already used or expired. Please try again from your computer.",UNKNOWN_ERROR:"An unknown error occurred"};function b(e,t,r){return new Ne(e,t??Jn[e],r)}function Ut(e){return e instanceof Ne||typeof e=="object"&&e!==null&&"isTryMellonError"in e&&e.isTryMellonError===!0}function Gr(){return b("NOT_SUPPORTED")}function A(e,t){return b("INVALID_ARGUMENT",`Invalid argument: ${e} - ${t}`,{field:e,reason:t})}function Wr(e){return b("UNKNOWN_ERROR",`Failed to ${e} credential`,{operation:e})}function Nt(e){return b("NOT_SUPPORTED",`No base64 ${e==="encode"?"encoding":"decoding"} available`,{type:e})}function Bt(e,t){try{let r=new URL(e);if(r.protocol!=="https:"&&r.protocol!=="http:")throw A(t,"must use http or https protocol")}catch(r){throw Ut(r)?r:A(t,"must be a valid URL")}}function G(e,t,r,n){if(!Number.isFinite(e))throw A(t,"must be a finite number");if(e<r||e>n)throw A(t,`must be between ${r} and ${n}`)}function Be(e,t){if(typeof e!="string"||e.length===0)throw A(t,"must be a non-empty string");if(!/^[A-Za-z0-9_-]+$/.test(e))throw A(t,"must be a valid base64url string")}var Zn={NotAllowedError:"USER_CANCELLED",AbortError:"ABORTED",NotSupportedError:"NOT_SUPPORTED",SecurityError:"NOT_SUPPORTED",InvalidStateError:"UNKNOWN_ERROR",UnknownError:"UNKNOWN_ERROR"};function ye(e){if(typeof e!="string")return"UNKNOWN_ERROR";let t=e.toLowerCase().trim();return{challenge_mismatch:"CHALLENGE_MISMATCH",session_expired:"SESSION_EXPIRED",unauthorized:"SESSION_EXPIRED",validation_error:"INVALID_ARGUMENT",invalid_argument:"INVALID_ARGUMENT",user_not_found:"SESSION_EXPIRED",passkey_not_found:"PASSKEY_NOT_FOUND"}[t]??"UNKNOWN_ERROR"}function _(e){if(e instanceof DOMException){let t=e.name,r=e.message||"WebAuthn operation failed",n=Zn[t]??"UNKNOWN_ERROR";return b(n,r,{originalError:e})}return e instanceof Error?b("UNKNOWN_ERROR",e.message,{originalError:e}):b("UNKNOWN_ERROR","An unknown error occurred",{originalError:e})}function g(e){return typeof e=="object"&&e!==null&&!Array.isArray(e)}function u(e){return typeof e=="string"}function P(e){return typeof e=="number"&&Number.isFinite(e)}function Fe(e){return typeof e=="boolean"}function J(e){return Array.isArray(e)}function s(e,t){return c(b("UNKNOWN_ERROR",e,{...t,originalData:t?.originalData}))}function m(e,t){return e[t]}function Yr(e,t){return!g(e)||!u(e.name)||!u(e.id)?s("Invalid API response: challenge.rp must have name and id strings",{originalData:t}):f(!0)}function zr(e,t){return!g(e)||!u(e.id)||!u(e.name)||!u(e.displayName)?s("Invalid API response: challenge.user must have id, name, displayName strings",{originalData:t}):f(!0)}function Qr(e,t){if(!J(e))return s("Invalid API response: challenge.pubKeyCredParams must be array",{originalData:t});for(let r of e)if(!g(r)||r.type!=="public-key"||!P(r.alg))return s("Invalid API response: pubKeyCredParams items must have type and alg",{originalData:t});return f(!0)}function Ft(e,t){if(!g(e))return s("Invalid API response: user must be object",{field:"user",originalData:t});let r=m(e,"user_id"),n=m(e,"external_user_id");if(!u(r)||!u(n))return s("Invalid API response: user must have user_id and external_user_id strings",{originalData:t});let o=e.email,i=e.metadata;return o!==void 0&&!u(o)?s("Invalid API response: user.email must be string",{originalData:t}):i!==void 0&&(typeof i!="object"||i===null)?s("Invalid API response: user.metadata must be object",{originalData:t}):f({user_id:r,external_user_id:n,...o!==void 0&&{email:o},...i!==void 0&&{metadata:i}})}function Kt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"session_id");if(!u(t))return s("Invalid API response: session_id must be string",{field:"session_id",originalData:e});let r=m(e,"challenge");if(!g(r))return s("Invalid API response: challenge must be object",{field:"challenge",originalData:e});let n=Yr(m(r,"rp"),e);if(!n.ok)return n;let o=zr(m(r,"user"),e);if(!o.ok)return o;let i=m(r,"challenge");if(!u(i))return s("Invalid API response: challenge.challenge must be string",{originalData:e});let a=Qr(m(r,"pubKeyCredParams"),e);if(!a.ok)return a;let l=r.timeout;if(l!==void 0&&!P(l))return s("Invalid API response: challenge.timeout must be number",{originalData:e});let d=r.excludeCredentials;if(d!==void 0){if(!J(d))return s("Invalid API response: excludeCredentials must be array",{originalData:e});for(let h of d)if(!g(h)||h.type!=="public-key"||!u(h.id))return s("Invalid API response: excludeCredentials items must have id and type",{originalData:e})}let p=r.authenticatorSelection;return p!==void 0&&!g(p)?s("Invalid API response: authenticatorSelection must be object",{originalData:e}):f({session_id:t,challenge:{rp:r.rp,user:r.user,challenge:i,pubKeyCredParams:r.pubKeyCredParams,...l!==void 0&&{timeout:l},...d!==void 0&&{excludeCredentials:d},...p!==void 0&&{authenticatorSelection:p}}})}function Vt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"session_id");if(!u(t))return s("Invalid API response: session_id must be string",{field:"session_id",originalData:e});let r=m(e,"challenge");if(!g(r))return s("Invalid API response: challenge must be object",{field:"challenge",originalData:e});let n=m(r,"challenge"),o=m(r,"rpId"),i=r.allowCredentials;if(!u(n))return s("Invalid API response: challenge.challenge must be string",{originalData:e});if(!u(o))return s("Invalid API response: challenge.rpId must be string",{originalData:e});if(i!==void 0&&!J(i))return s("Invalid API response: allowCredentials must be array",{originalData:e});if(i){for(let d of i)if(!g(d)||d.type!=="public-key"||!u(d.id))return s("Invalid API response: allowCredentials items must have id and type",{originalData:e})}let a=r.timeout;if(a!==void 0&&!P(a))return s("Invalid API response: challenge.timeout must be number",{originalData:e});let l=r.userVerification;return l!==void 0&&!["required","preferred","discouraged"].includes(String(l))?s("Invalid API response: userVerification must be required|preferred|discouraged",{originalData:e}):f({session_id:t,challenge:{challenge:n,rpId:o,allowCredentials:i??[],...a!==void 0&&{timeout:a},...l!==void 0&&{userVerification:l}}})}function Ht(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"credential_id"),r=m(e,"status"),n=m(e,"session_token"),o=m(e,"user");if(!u(t))return s("Invalid API response: credential_id must be string",{field:"credential_id",originalData:e});if(!u(r))return s("Invalid API response: status must be string",{field:"status",originalData:e});if(!u(n))return s("Invalid API response: session_token must be string",{field:"session_token",originalData:e});let i=Ft(o,e);if(!i.ok)return s(i.error.message,{originalData:e});let a=e.redirect_url;return a!==void 0&&!u(a)?s("Invalid API response: redirect_url must be string",{originalData:e}):f({credential_id:t,status:r,session_token:n,user:i.value,...a!==void 0&&{redirect_url:a}})}function qt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"authenticated"),r=m(e,"session_token"),n=m(e,"user"),o=m(e,"signals");if(!Fe(t))return s("Invalid API response: authenticated must be boolean",{field:"authenticated",originalData:e});if(!u(r))return s("Invalid API response: session_token must be string",{field:"session_token",originalData:e});let i=Ft(n,e);if(!i.ok)return s(i.error.message,{originalData:e});if(o!==void 0&&!g(o))return s("Invalid API response: signals must be object",{originalData:e});let a=e.redirect_url;return a!==void 0&&!u(a)?s("Invalid API response: redirect_url must be string",{originalData:e}):f({authenticated:t,session_token:r,user:i.value,signals:o,...a!==void 0&&{redirect_url:a}})}function jt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"valid"),r=m(e,"user_id"),n=m(e,"external_user_id"),o=m(e,"tenant_id"),i=m(e,"app_id");return Fe(t)?u(r)?u(n)?u(o)?u(i)?f({valid:t,user_id:r,external_user_id:n,tenant_id:o,app_id:i}):s("Invalid API response: app_id must be string",{field:"app_id",originalData:e}):s("Invalid API response: tenant_id must be string",{field:"tenant_id",originalData:e}):s("Invalid API response: external_user_id must be string",{field:"external_user_id",originalData:e}):s("Invalid API response: user_id must be string",{field:"user_id",originalData:e}):s("Invalid API response: valid must be boolean",{field:"valid",originalData:e})}function Gt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=e.session_token??e.sessionToken;if(!u(t))return s("Invalid API response: session_token/sessionToken must be string",{field:"session_token",originalData:e});let r=e.redirect_url;return r!==void 0&&!u(r)?s("Invalid API response: redirect_url must be string",{originalData:e}):f({sessionToken:t,...r!==void 0&&{redirectUrl:r}})}var eo=["pending_passkey","pending_data","completed"],to=["pending_data","completed"];function Wt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"session_id"),r=m(e,"onboarding_url"),n=m(e,"expires_in");return u(t)?u(r)?P(n)?f({session_id:t,onboarding_url:r,expires_in:n}):s("Invalid API response: expires_in must be number",{field:"expires_in",originalData:e}):s("Invalid API response: onboarding_url must be string",{field:"onboarding_url",originalData:e}):s("Invalid API response: session_id must be string",{field:"session_id",originalData:e})}function Yt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"status"),r=m(e,"onboarding_url"),n=m(e,"expires_in");return!u(t)||!eo.includes(t)?s("Invalid API response: status must be pending_passkey|pending_data|completed",{field:"status",originalData:e}):u(r)?P(n)?f({status:t,onboarding_url:r,expires_in:n}):s("Invalid API response: expires_in must be number",{originalData:e}):s("Invalid API response: onboarding_url must be string",{originalData:e})}function zt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"session_id"),r=m(e,"status"),n=m(e,"onboarding_url");if(!u(t))return s("Invalid API response: session_id must be string",{field:"session_id",originalData:e});if(r!=="pending_passkey")return s("Invalid API response: status must be pending_passkey",{field:"status",originalData:e});if(!u(n))return s("Invalid API response: onboarding_url must be string",{originalData:e});let o=e.challenge,i;if(o!==void 0){let a=ro(o);if(!a.ok)return a;i=a.value}return f({session_id:t,status:"pending_passkey",onboarding_url:n,...i!==void 0&&{challenge:i}})}function ro(e){if(!g(e))return s("Invalid API response: challenge must be object",{originalData:e});let t=m(e,"rp"),r=m(e,"user"),n=m(e,"challenge"),o=m(e,"pubKeyCredParams");if(!g(t)||!u(t.name)||!u(t.id))return s("Invalid API response: challenge.rp must have name and id",{originalData:e});if(!g(r)||!u(r.id)||!u(r.name)||!u(r.displayName))return s("Invalid API response: challenge.user must have id, name, displayName",{originalData:e});if(!u(n))return s("Invalid API response: challenge.challenge must be string",{originalData:e});if(!J(o))return s("Invalid API response: challenge.pubKeyCredParams must be array",{originalData:e});for(let i of o)if(!g(i)||i.type!=="public-key"||!P(i.alg))return s("Invalid API response: pubKeyCredParams items must have type and alg",{originalData:e});return f({rp:t,user:r,challenge:n,pubKeyCredParams:o})}function Qt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"session_id"),r=m(e,"status"),n=m(e,"user_id"),o=m(e,"tenant_id");return u(t)?!u(r)||!to.includes(r)?s("Invalid API response: status must be pending_data|completed",{originalData:e}):u(n)?u(o)?f({session_id:t,status:r,user_id:n,tenant_id:o}):s("Invalid API response: tenant_id must be string",{originalData:e}):s("Invalid API response: user_id must be string",{originalData:e}):s("Invalid API response: session_id must be string",{originalData:e})}function $t(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"session_id"),r=m(e,"status"),n=m(e,"user_id"),o=m(e,"tenant_id"),i=m(e,"session_token");return u(t)?r!=="completed"?s("Invalid API response: status must be completed",{originalData:e}):!u(n)||!u(o)||!u(i)?s("Invalid API response: user_id, tenant_id, session_token must be strings",{originalData:e}):f({session_id:t,status:"completed",user_id:n,tenant_id:o,session_token:i}):s("Invalid API response: session_id must be string",{originalData:e})}function Ke(e){return e==null?f(void 0):g(e)&&Object.keys(e).length===0?f(void 0):s("Invalid API response: expected empty body (204)",{originalData:e})}function no(e){if(!e||typeof e!="object")return!1;let t=e;return typeof t.challenge=="string"&&t.rp!=null&&typeof t.rp=="object"&&t.user!=null&&typeof t.user=="object"&&Array.isArray(t.pubKeyCredParams)}function oo(e){if(!e||typeof e!="object")return!1;let t=e;return typeof t.challenge=="string"&&typeof t.rpId=="string"}function Ve(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t="resultado"in e&&g(e.resultado)?e.resultado:e,r=t.session_id,n=t.qr_url,o=t.expires_at,i=t.polling_token;if(!u(r)||!u(n)||!u(o)||!u(i))return s("Invalid API response: missing required fields",{originalData:e});let a={session_id:r,qr_url:n,expires_at:o,polling_token:i};return t.external_user_id!==void 0&&u(t.external_user_id)&&(a.external_user_id=t.external_user_id),f(a)}function Xt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t="resultado"in e&&g(e.resultado)?e.resultado:e,r=t.status;if(!u(r)||!["pending","authenticated","completed"].includes(r))return s("Invalid API response: invalid status",{originalData:e});let n=t.user_id,o=t.session_token,i=t.redirect_url;return n!==void 0&&!u(n)?s("Invalid API response: user_id must be a string when present",{originalData:e}):o!==void 0&&!u(o)?s("Invalid API response: session_token must be a string when present",{originalData:e}):i!==void 0&&!u(i)?s("Invalid API response: redirect_url must be a string when present",{originalData:e}):f({status:r,user_id:n,session_token:o,redirect_url:i})}function Jt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=e.type,r=t==="registration"?"registration":"auth",n=e.options;if(!g(n))return s("Invalid API response: options are required",{originalData:e});let o=200,i=$r(e.approval_context,o),a=$r(e.application_name,o);if(i===!1||a===!1)return s("Invalid API response: approval_context/application_name must be string max 200 chars",{originalData:e});let l={};return typeof i=="string"&&(l.approval_context=i),typeof a=="string"&&(l.application_name=a),r==="registration"?no(n)?f({type:"registration",options:n,...l}):s("Invalid API response: registration options must have challenge, rp, user, pubKeyCredParams",{originalData:e}):oo(n)?f({type:"auth",options:n,...l}):s("Invalid API response: auth options must have challenge and rpId",{originalData:e})}function $r(e,t){if(e!=null)return typeof e!="string"||e.length>t?!1:e}function Zt(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"challenge"),r=m(e,"recovery_session_id");return g(t)?u(r)?f({challenge:t,recovery_session_id:r}):s("Invalid API response: recovery_session_id must be string",{field:"recovery_session_id",originalData:e}):s("Invalid API response: challenge must be object",{field:"challenge",originalData:e})}function er(e){if(!g(e))return s("Invalid API response: expected object",{originalData:e});let t=m(e,"status"),r=m(e,"session_token"),n=m(e,"user"),o=m(e,"credential_id");if(!u(t))return s("Invalid API response: status must be string",{field:"status",originalData:e});if(!u(r))return s("Invalid API response: session_token must be string",{field:"session_token",originalData:e});if(!u(o))return s("Invalid API response: credential_id must be string",{field:"credential_id",originalData:e});if(!g(n))return s("Invalid API response: user must be object",{field:"user",originalData:e});let i=m(n,"user_id");if(!u(i))return s("Invalid API response: user.user_id must be string",{field:"user.user_id",originalData:e});let l=e.redirect_url;if(l!==void 0&&!u(l))return s("Invalid API response: redirect_url must be string",{field:"redirect_url",originalData:e});let d=n;return f({status:t,session_token:r,credential_id:o,user:{user_id:i,external_user_id:u(d.external_user_id)?d.external_user_id:void 0,email:u(d.email)?d.email:void 0,metadata:g(d.metadata)?d.metadata:void 0},...l!==void 0&&{redirect_url:l}})}var He=class{constructor(t,r,n={}){this.httpClient=t;this.baseUrl=r;this.defaultHeaders=n}mergeHeaders(t){return{...this.defaultHeaders,...t}}async post(t,r,n){let o=`${this.baseUrl}${t}`,i=await this.httpClient.post(o,r,this.mergeHeaders());return i.ok?n(i.value):c(i.error)}async get(t,r,n){let o=`${this.baseUrl}${t}`,i=await this.httpClient.get(o,this.mergeHeaders(n));return i.ok?r(i.value):c(i.error)}async startRegister(t){return this.post("/v1/passkeys/register/start",t,Kt)}async startAuth(t){return this.post("/v1/passkeys/auth/start",t,Vt)}async finishRegister(t){return this.post("/v1/passkeys/register/finish",t,Ht)}async finishAuthentication(t){return this.post("/v1/passkeys/auth/finish",t,qt)}async validateSession(t){return this.get("/v1/sessions/validate",jt,{Authorization:`Bearer ${t}`})}async startEmailFallback(t){let r=`${this.baseUrl}/v1/fallback/email/start`,n=await this.httpClient.post(r,{userId:t.userId,email:t.email},this.mergeHeaders());return n.ok?f(void 0):c(n.error)}async verifyEmailCode(t){let r={userId:t.userId,code:t.code};return t.successUrl&&(r.success_url=t.successUrl),this.post("/v1/fallback/email/verify",r,Gt)}async startOnboarding(t){return this.post("/v1/onboarding/start",t,Wt)}async getOnboardingStatus(t){return this.get(`/v1/onboarding/${t}/status`,Yt)}async getOnboardingRegister(t){return this.get(`/v1/onboarding/${t}/register`,zt)}async registerOnboardingPasskey(t,r){return this.post(`/v1/onboarding/${t}/register-passkey`,r,Qt)}async completeOnboarding(t,r){return this.post(`/v1/onboarding/${t}/complete`,r,$t)}async initCrossDeviceAuth(){return this.post("/v1/auth/cross-device/init",{},Ve)}async initCrossDeviceRegistration(t){let r=typeof t?.externalUserId=="string"?t.externalUserId.trim():"",n=r.length>0?{external_user_id:r}:{};return this.post("/v1/auth/cross-device/init-registration",n,Ve)}async getCrossDeviceStatus(t,r){let n={};return typeof r=="string"&&r.length>0&&(n["X-Polling-Token"]=r),this.get(`/v1/auth/cross-device/status/${t}`,Xt,Object.keys(n).length>0?n:void 0)}async getCrossDeviceContext(t){return this.get(`/v1/auth/cross-device/context/${t}`,Jt)}async verifyCrossDeviceAuth(t){return this.post("/v1/auth/cross-device/verify",t,Ke)}async verifyCrossDeviceRegistration(t){return this.post("/v1/auth/cross-device/verify-registration",t,Ke)}async verifyAccountRecoveryOtp(t,r){return this.post("/v1/users/recovery/verify",{external_id:t,otp:r},Zt)}async completeAccountRecovery(t,r){return this.post("/v1/users/recovery/complete",{recovery_session_id:t,credential:r},er)}};function io(e){return typeof e=="object"&&e!==null&&e.ok===!0&&"resultado"in e}function Zr(e){if(typeof e!="object"||e===null)return!1;let t=e;if(t.ok!==!1||!t.error||typeof t.error!="object")return!1;let r=t.error;return typeof r.code=="string"&&typeof r.message=="string"}function Xr(e,t){if(Zr(e))return{message:e.error.message,code:ye(e.error.code)};let r=e,n=r?.error;if(typeof n=="object"&&n!==null&&"code"in n&&typeof n.code=="string")return{message:n.message??r?.message??t,code:ye(n.code)};let o=r?.message??t,i=r?.error,a=typeof i=="string"?ye(i):i===void 0?"NETWORK_FAILURE":ye(String(i));return{message:o,code:a}}var so=3e4;function ao(){if(typeof globalThis.crypto<"u"&&typeof globalThis.crypto.randomUUID=="function")return globalThis.crypto.randomUUID();throw new Error("Web Crypto API is required but not available.")}function Jr(e,t){let r=t*Math.pow(2,e);return Math.min(r,so)}function lo(e,t){return e!=="GET"?!1:t>=500||t===429}var qe=class{constructor(t,r=0,n=1e3,o){this.timeoutMs=t;this.maxRetries=r;this.retryDelayMs=n;this.logger=o}async get(t,r){return this.request(t,{method:"GET",headers:r})}async post(t,r,n){return this.request(t,{method:"POST",body:JSON.stringify(r),headers:{"Content-Type":"application/json",...n}})}async request(t,r){let n=(r.method??"GET").toUpperCase(),o=ao(),i=new Headers(r.headers);i.set("X-Request-Id",o),this.logger&&this.logger.debug("request",{requestId:o,url:t,method:n});let a;for(let l=0;l<=this.maxRetries;l++)try{let d=new AbortController,p=setTimeout(()=>d.abort(),this.timeoutMs);try{let h=await fetch(t,{...r,headers:i,signal:d.signal});if(!h.ok){let x;try{x=await h.json()}catch{}let{message:z,code:ar}=Xr(x,h.statusText),k=b(ar,z,{requestId:o,status:h.status,statusText:h.statusText,data:x});if(lo(n,h.status)&&l<this.maxRetries){a=k,clearTimeout(p),await new Promise(Dn=>setTimeout(Dn,Jr(l,this.retryDelayMs)));continue}return c(k)}if(h.status===204)return f(void 0);if(h.headers.get("content-length")==="0")return f(void 0);let y=await h.json();if(io(y))return f(y.resultado);let L=y;if(typeof y=="object"&&y!==null&&L.ok===!0&&!("resultado"in L))return f(void 0);if(Zr(y)){let{message:x,code:z}=Xr(y,h.statusText);return c(b(z,x,{requestId:o,status:h.status,statusText:h.statusText,data:y}))}return f(y)}finally{clearTimeout(p)}}catch(d){if(a=d,n==="GET"&&l<this.maxRetries)await new Promise(h=>setTimeout(h,Jr(l,this.retryDelayMs)));else break}return a instanceof Error&&a.name==="AbortError"?c(b("TIMEOUT","Request timed out",{requestId:o})):c(b("NETWORK_FAILURE",a instanceof Error?a.message:"Request failed",{requestId:o,cause:a}))}};function O(e){let t=new Uint8Array(e),r=Array.from(t,o=>String.fromCharCode(o)).join("");if(typeof globalThis.btoa>"u")throw Nt("encode");return globalThis.btoa(r).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function uo(e){if(typeof globalThis.atob>"u")throw Nt("decode");let t=e.replace(/-/g,"+").replace(/_/g,"/"),r=t.length%4,n=r===0?t:t+"=".repeat(4-r),o=globalThis.atob(n);return Uint8Array.from(o,i=>i.charCodeAt(0))}function Z(e){let t=uo(e),r=new ArrayBuffer(t.length);return new Uint8Array(r).set(t),r}function en(e){return e!==null&&typeof e=="object"&&"clientDataJSON"in e&&e.clientDataJSON instanceof ArrayBuffer}function U(e){if(!e.response)throw b("UNKNOWN_ERROR","Credential response is missing",{credential:e});let t=e.response;if(!en(t))throw b("UNKNOWN_ERROR","Invalid credential response structure",{response:t});if(!("attestationObject"in t))throw b("UNKNOWN_ERROR","Invalid credential response structure for register: attestationObject is missing",{response:t});let r=t.clientDataJSON,n=t.attestationObject;return{id:e.id,rawId:O(e.rawId),response:{clientDataJSON:O(r),attestationObject:O(n)},type:"public-key"}}function je(e){if(!e.response)throw b("UNKNOWN_ERROR","Credential response is missing",{credential:e});let t=e.response;if(!en(t))throw b("UNKNOWN_ERROR","Invalid credential response structure",{response:t});if(!("authenticatorData"in t)||!("signature"in t))throw b("UNKNOWN_ERROR","Invalid credential response structure for auth: authenticatorData or signature is missing",{response:t});let r=t.clientDataJSON,n=t.authenticatorData,o=t.signature,i=t.userHandle;return{id:e.id,rawId:O(e.rawId),response:{authenticatorData:O(n),clientDataJSON:O(r),signature:O(o),...i&&{userHandle:O(i)}},type:"public-key"}}function ee(){try{return!(typeof navigator>"u"||!navigator.credentials||typeof PublicKeyCredential>"u")}catch{return!1}}async function co(){try{return!ee()||typeof PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable!="function"?!1:await PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function Ge(){let e=ee(),t=await co();return{isPasskeySupported:e,platformAuthenticatorAvailable:t,recommendedFlow:e?"passkey":"fallback"}}function W(e,t="create"){if(!e||typeof e!="object"||!("id"in e)||!("rawId"in e)||!("response"in e))throw Wr(t)}async function Ae(e){let{operation:t,eventEmitter:r,start:n,createOptions:o,invoke:i,finish:a}=e;try{if(r.emit("start",{type:"start",operation:t}),!ee()){let E=Gr();return r.emit("error",{type:"error",error:E}),c(E)}let l=await n();if(!l.ok)return r.emit("error",{type:"error",error:l.error}),c(l.error);let d=o(l.value);if(!d.ok)return r.emit("error",{type:"error",error:d.error}),c(d.error);let p=await i(d.value);if(!p){let E=A("credential",`${t==="register"?"creation":"retrieval"} failed`);return r.emit("error",{type:"error",error:E}),c(E)}try{W(p)}catch(E){let y=_(E);return r.emit("error",{type:"error",error:y}),c(y)}let h=await a(l.value,p);return h.ok?f(h.value):(r.emit("error",{type:"error",error:h.error}),c(h.error))}catch(l){let d=_(l);return r.emit("error",{type:"error",error:d}),c(d)}}function Y(e,t){try{Be(e.challenge,"challenge"),Be(e.user.id,"user.id");let r=Z(e.challenge),n=Z(e.user.id),o={userVerification:"preferred"};e.authenticatorSelection&&(o={...e.authenticatorSelection}),t&&(o={...o,authenticatorAttachment:t});let i={rp:{id:e.rp.id,name:e.rp.name},user:{id:n,name:e.user.name,displayName:e.user.displayName},challenge:r,pubKeyCredParams:e.pubKeyCredParams,...e.timeout!==void 0&&{timeout:e.timeout},attestation:"none",authenticatorSelection:o,...e.excludeCredentials&&{excludeCredentials:e.excludeCredentials.map(a=>({id:Z(a.id),type:a.type,...a.transports&&{transports:a.transports}}))}};return f({publicKey:i})}catch(r){return c(_(r))}}function tr(e,t){try{Be(e.challenge,"challenge");let r=Z(e.challenge);return f({publicKey:{challenge:r,rpId:e.rpId,...e.timeout!==void 0&&{timeout:e.timeout},userVerification:e.userVerification??"preferred",...e.allowCredentials&&{allowCredentials:e.allowCredentials.map(n=>({id:Z(n.id),type:n.type,...n.transports&&{transports:n.transports}}))}},...t!==void 0&&{mediation:t}})}catch(r){return c(_(r))}}async function tn(e,t,r){let n=e.externalUserId??e.external_user_id;if(!n||typeof n!="string"||n.trim()===""){let i=A("externalUserId","must be a non-empty string");return r.emit("error",{type:"error",error:i}),c(i)}let o=await Ae({operation:"register",eventEmitter:r,start:()=>t.startRegister({external_user_id:n}),createOptions:i=>Y(i.challenge,e.authenticatorType),invoke:async i=>{let a={...i,...e.signal&&{signal:e.signal}};return navigator.credentials.create(a)},finish:async(i,a)=>{let l=await t.finishRegister({session_id:i.session_id,credential:U(a),...e.successUrl&&{success_url:e.successUrl}});return l.ok?f({success:!0,credentialId:l.value.credential_id,credential_id:l.value.credential_id,status:l.value.status,sessionToken:l.value.session_token,user:{userId:l.value.user.user_id,externalUserId:l.value.user.external_user_id,email:l.value.user.email,metadata:l.value.user.metadata},...l.value.redirect_url&&{redirectUrl:l.value.redirect_url}}):c(l.error)}});return o.ok&&r.emit("success",{type:"success",operation:"register",token:o.value.sessionToken,user:o.value.user}),o}async function rn(e,t,r){let n=e.externalUserId??e.external_user_id,o=n!==void 0&&typeof n=="string"&&n.trim()!=="",i=await Ae({operation:"authenticate",eventEmitter:r,start:()=>t.startAuth(o?{external_user_id:n.trim()}:{}),createOptions:a=>tr(a.challenge,e.mediation),invoke:async a=>{let l={...a,...e.signal&&{signal:e.signal}};return navigator.credentials.get(l)},finish:async(a,l)=>{let d=await t.finishAuthentication({session_id:a.session_id,credential:je(l),...e.successUrl&&{success_url:e.successUrl}});return d.ok?f({authenticated:d.value.authenticated,sessionToken:d.value.session_token,user:{userId:d.value.user.user_id,externalUserId:d.value.user.external_user_id,email:d.value.user.email,metadata:d.value.user.metadata},signals:d.value.signals,...d.value.redirect_url&&{redirectUrl:d.value.redirect_url}}):c(d.error)}});return i.ok&&r.emit("success",{type:"success",operation:"authenticate",token:i.value.sessionToken,user:i.value.user}),i}async function We(e,t){return t?t.aborted?"aborted":new Promise(r=>{let n=()=>{o(),r("aborted")},o=()=>{clearTimeout(i),t.removeEventListener("abort",n)},i=setTimeout(()=>{o(),r("completed")},e);t.addEventListener("abort",n)}):(await new Promise(r=>setTimeout(r,e)),"completed")}var po=2e3,mo=60,Ye=class{constructor(t){this.apiClient=t}async startFlow(t,r){let n=await this.apiClient.startOnboarding({user_role:t.user_role});if(!n.ok)return c(n.error);let{session_id:o}=n.value;for(let i=0;i<mo;i++){if(r?.aborted)return c(b("ABORT_ERROR","Operation aborted by user or timeout"));if(await We(po,r)==="aborted")return c(b("ABORT_ERROR","Operation aborted by user or timeout"));let l=await this.apiClient.getOnboardingStatus(o);if(!l.ok)return c(l.error);let d=l.value.status,p=l.value.onboarding_url;if(d==="pending_passkey"){let h=await this.apiClient.getOnboardingRegister(o);if(!h.ok)return c(h.error);let E=h.value;if(!E.challenge)return c(b("NOT_SUPPORTED","Onboarding requires user action - complete passkey registration at the provided onboarding_url",{onboarding_url:p}));let y=Y(E.challenge);if(!y.ok)return c(y.error);let L;try{L=await navigator.credentials.create(y.value)}catch(k){return c(_(k))}try{W(L,"create")}catch(k){return c(_(k))}let x;try{x=U(L)}catch(k){return c(_(k))}let z=await this.apiClient.registerOnboardingPasskey(o,{credential:x,challenge:E.challenge.challenge});return z.ok?await this.apiClient.completeOnboarding(o,{company_name:t.company_name}):c(z.error)}if(d==="completed")return await this.apiClient.completeOnboarding(o,{company_name:t.company_name})}return c(b("TIMEOUT","Onboarding timed out"))}};var fo=2e3,ho=60,ze=class{constructor(t){this.apiClient=t}async init(){return this.apiClient.initCrossDeviceAuth()}async initRegistration(t){return this.apiClient.initCrossDeviceRegistration(t)}async waitForSession(t,r,n){if(r?.aborted)return c(b("ABORT_ERROR","Operation aborted by user or timeout"));for(let o=0;o<ho;o++){let i=await this.apiClient.getCrossDeviceStatus(t,n);if(!i.ok)return c(i.error);if(i.value.status==="completed"){if(!i.value.session_token||!i.value.user_id)return c(b("UNKNOWN_ERROR","Missing data in completed session"));let l=i.value.redirect_url!=null&&i.value.redirect_url!==""?i.value.redirect_url:void 0;return f({session_token:i.value.session_token,user_id:i.value.user_id,...l!==void 0&&{redirectUrl:l}})}if(await We(fo,r)==="aborted")return c(b("ABORT_ERROR","Operation aborted by user or timeout"))}return c(b("TIMEOUT","Cross-device authentication timed out"))}async approve(t){let r=await this.apiClient.getCrossDeviceContext(t);if(!r.ok)return c(r.error);let n=r.value;return n.type==="registration"?this.executeRegistrationApproval(t,n):this.executeAuthApproval(t,n)}async executeRegistrationApproval(t,r){let n=Y(r.options);if(!n.ok)return c(n.error);let o;try{o=await navigator.credentials.create(n.value)}catch(a){return c(_(a))}try{W(o,"create")}catch(a){return c(_(a))}let i;try{i=U(o)}catch(a){return c(_(a))}return this.apiClient.verifyCrossDeviceRegistration({session_id:t,credential:i})}async executeAuthApproval(t,r){let n=tr(r.options);if(!n.ok)return c(n.error);let o;try{o=await navigator.credentials.get(n.value)}catch(a){return c(_(a))}try{W(o,"get")}catch(a){return c(_(a))}let i;try{i=je(o)}catch(a){return c(_(a))}return this.apiClient.verifyCrossDeviceAuth({session_id:t,credential:i})}};var Qe=class{handlers;constructor(){this.handlers=new Map}on(t,r){let n=this.handlers.get(t);return n||(n=new Set,this.handlers.set(t,n)),n.add(r),()=>{this.off(t,r)}}off(t,r){let n=this.handlers.get(t);n&&(n.delete(r),n.size===0&&this.handlers.delete(t))}emit(t,r){let n=this.handlers.get(t);if(n)for(let o of n)try{o(r)}catch{}}removeAllListeners(){this.handlers.clear()}};var rr="https://api.trymellonauth.com",nn="https://api.trymellonauth.com/v1/telemetry";var on="trymellon_sandbox_session_token_v1";function sn(e){return{async send(t){let r=JSON.stringify(t);if(typeof navigator<"u"&&typeof navigator.sendBeacon=="function"){navigator.sendBeacon(e,r);return}typeof fetch<"u"&&await fetch(e,{method:"POST",body:r,headers:{"Content-Type":"application/json"},keepalive:!0})}}}function nr(e,t){return{event:e,latencyMs:t,ok:!0}}var $e=class{constructor(t,r,n,o,i){this.apiClient=t;this.eventEmitter=r;this.sandbox=n;this.sandboxToken=o;this.telemetrySender=i}async sandboxAuthResult(t,r){let n="externalUserId"in r?r.externalUserId??r.external_user_id??"sandbox":r.external_user_id??r.externalUserId??"sandbox",o=typeof n=="string"?n:"sandbox";return t==="register"?Promise.resolve(f({success:!0,credentialId:"",status:"sandbox",sessionToken:this.sandboxToken,user:{userId:"sandbox-user",externalUserId:o}})):Promise.resolve(f({authenticated:!0,sessionToken:this.sandboxToken,user:{userId:"sandbox-user",externalUserId:o}}))}async register(t){if(this.sandbox){let o=await this.sandboxAuthResult("register",t);return o.ok&&this.eventEmitter.emit("success",{type:"success",operation:"register",token:o.value.sessionToken,user:o.value.user}),o}let r=Date.now(),n=await tn(t,this.apiClient,this.eventEmitter);return n.ok&&this.telemetrySender&&this.telemetrySender.send(nr("register",Date.now()-r)).catch(()=>{}),n}async authenticate(t){if(this.sandbox){let o=await this.sandboxAuthResult("authenticate",t);return o.ok&&this.eventEmitter.emit("success",{type:"success",operation:"authenticate",token:o.value.sessionToken,user:o.value.user}),o}let r=Date.now(),n=await rn(t,this.apiClient,this.eventEmitter);return n.ok&&this.telemetrySender&&this.telemetrySender.send(nr("authenticate",Date.now()-r)).catch(()=>{}),n}};async function an(e,t,r){let n=e.externalUserId??e.external_user_id;if(!n||typeof n!="string"||n.trim()===""){let i=A("externalUserId","must be a non-empty string");return r.emit("error",{type:"error",error:i}),c(i)}if(!e.otp||typeof e.otp!="string"||e.otp.trim().length!==6){let i=A("otp","must be a 6-digit string");return r.emit("error",{type:"error",error:i}),c(i)}let o=await Ae({operation:"register",eventEmitter:r,start:()=>t.verifyAccountRecoveryOtp(n,e.otp),createOptions:i=>Y(i.challenge),invoke:async i=>navigator.credentials.create(i),finish:async(i,a)=>{let l=await t.completeAccountRecovery(i.recovery_session_id,U(a));if(!l.ok)return c(l.error);let{credential_id:d,status:p,session_token:h,user:E,redirect_url:y}=l.value;return f({success:!0,credentialId:d,status:p,sessionToken:h,user:{userId:E.user_id,externalUserId:E.external_user_id,email:E.email,metadata:E.metadata},...y!==void 0&&{redirectUrl:y}})}});return o.ok&&r.emit("success",{type:"success",operation:"register",token:o.value.sessionToken,user:o.value.user}),o}var Xe=class{constructor(t,r){this.apiClient=t;this.eventEmitter=r}recover(t){return an(t,this.apiClient,this.eventEmitter)}};var Je=class e{sandbox;sandboxToken;apiClient;eventEmitter;telemetrySender;crossDeviceManager;authService;recoveryService;onboarding;static create(t){try{let r=t.appId,n=t.publishableKey;if(!r||typeof r!="string"||r.trim()==="")return c(A("appId","must be a non-empty string"));if(!n||typeof n!="string"||n.trim()==="")return c(A("publishableKey","must be a non-empty string"));let o=t.apiBaseUrl??rr;Bt(o,"apiBaseUrl");let i=t.timeoutMs??3e4;return G(i,"timeoutMs",1e3,3e5),t.maxRetries!==void 0&&G(t.maxRetries,"maxRetries",0,10),t.retryDelayMs!==void 0&&G(t.retryDelayMs,"retryDelayMs",100,1e4),f(new e(t))}catch(r){return Ut(r)?c(r):c(A("config",r.message))}}constructor(t){this.sandbox=t.sandbox===!0,this.sandboxToken=this.sandbox&&t.sandboxToken!=null&&t.sandboxToken!==""?t.sandboxToken:on;let r=t.appId,n=t.publishableKey;if(!r||typeof r!="string"||r.trim()==="")throw A("appId","must be a non-empty string");if(!n||typeof n!="string"||n.trim()==="")throw A("publishableKey","must be a non-empty string");let o=t.apiBaseUrl??rr;Bt(o,"apiBaseUrl");let i=t.timeoutMs??3e4;G(i,"timeoutMs",1e3,3e5),t.maxRetries!==void 0&&G(t.maxRetries,"maxRetries",0,10),t.retryDelayMs!==void 0&&G(t.retryDelayMs,"retryDelayMs",100,1e4);let a=t.maxRetries??3,l=t.retryDelayMs??1e3,d=new qe(i,a,l,t.logger),p=t.origin??(typeof window<"u"&&window?.location?.origin?window.location.origin:void 0),h={"X-App-Id":r.trim(),Authorization:`Bearer ${n.trim()}`,...p&&{Origin:p}};this.apiClient=new He(d,o,h),this.eventEmitter=new Qe,t.enableTelemetry&&(this.telemetrySender=t.telemetrySender??sn(t.telemetryEndpoint??nn)),this.authService=new $e(this.apiClient,this.eventEmitter,this.sandbox,this.sandboxToken,this.telemetrySender),this.recoveryService=new Xe(this.apiClient,this.eventEmitter),this.onboarding=new Ye(this.apiClient),this.crossDeviceManager=new ze(this.apiClient)}static isSupported(){return ee()}async register(t){return this.authService.register(t)}async authenticate(t){return this.authService.authenticate(t)}async validateSession(t){return this.sandbox&&t===this.sandboxToken?Promise.resolve(f({valid:!0,user_id:"sandbox-user",external_user_id:"sandbox",tenant_id:"sandbox-tenant",app_id:"sandbox-app"})):this.apiClient.validateSession(t)}async getStatus(){return Ge()}on(t,r){return this.eventEmitter.on(t,r)}version(){return"2.2.0"}fallback={email:{start:async t=>this.apiClient.startEmailFallback(t),verify:async t=>{let r=await this.apiClient.verifyEmailCode({userId:t.userId,code:t.code,...t.successUrl&&{successUrl:t.successUrl}});return r.ok?f({sessionToken:r.value.sessionToken,...r.value.redirectUrl&&{redirectUrl:r.value.redirectUrl}}):r}}};auth={crossDevice:{init:()=>this.crossDeviceManager.init(),initRegistration:t=>this.crossDeviceManager.initRegistration(t??{}),waitForSession:(t,r,n)=>this.crossDeviceManager.waitForSession(t,r,n),getContext:t=>this.apiClient.getCrossDeviceContext(t),approve:t=>this.crossDeviceManager.approve(t)},recoverAccount:t=>this.recoveryService.recover(t)}};function or(e){let t=Je.create({appId:e.appId,publishableKey:e.publishableKey});return!t.ok||t.value==null?null:t.value}function hn(e){if(e==null||typeof e!="object")return!1;let t=e,r=typeof t.authenticate=="function",n=typeof t.register=="function",o=typeof t.on=="function";return r&&n&&o}function gn(e){return e?{externalUserId:e}:{}}var Ze="mellon:open",_e="mellon:open-request",N="mellon:close",B="mellon:success",et="mellon:error",tt="mellon:start",ve="mellon:cancelled",rt="mellon:fallback",nt="mellon:tab-change";function ot(e,t,r,n){e.dispatchEvent(new CustomEvent(t,{detail:r,bubbles:n.bubbles,composed:n.composed}))}function it(e){return e==="authenticate"?"login":"register"}function Eo(e){if(e==null||typeof e!="object")return;let t=e,r=t.userId;if(typeof r!="string"||r.length===0)return;let n={userId:r};return typeof t.externalUserId=="string"&&(n.externalUserId=t.externalUserId),typeof t.email=="string"&&(n.email=t.email),t.metadata!=null&&typeof t.metadata=="object"&&!Array.isArray(t.metadata)&&(n.metadata=t.metadata),n}function yo(e){return e!=null&&typeof e=="object"&&e.type==="start"&&(e.operation==="register"||e.operation==="authenticate")}function Ao(e){let t=e;return e!=null&&typeof e=="object"&&t.type==="success"&&typeof t.token=="string"&&(t.operation==="register"||t.operation==="authenticate")}function _o(e){return e!=null&&typeof e=="object"&&e.type==="error"}function vo(e){return e!=null&&typeof e=="object"&&e.type==="cancelled"&&(e.operation==="register"||e.operation==="authenticate")}var ir={subscribe(e,t){if(e==null||t==null)throw new TypeError("eventBridgeAdapter.subscribe: core and host are required");let r=[],n="authenticate",o=!1,i=e.on("start",p=>{if(!yo(p))return;n=p.operation,o=!1;let h={operation:it(p.operation),...typeof p.nonce=="string"&&{nonce:p.nonce}};ot(t,tt,h,{bubbles:!0,composed:!0})});r.push(i);let a=e.on("success",p=>{if(!Ao(p)||o||p.token.length===0)return;o=!0;let h=Eo(p.user),E={operation:it(p.operation),token:p.token,...typeof p.nonce=="string"&&{nonce:p.nonce},...h!==void 0&&{user:h},...typeof p.redirectUrl=="string"&&{redirectUrl:p.redirectUrl}};ot(t,B,E,{bubbles:!1,composed:!0})});r.push(a);let l=e.on("error",p=>{if(!_o(p)||o)return;let h=p.error?.code??"UNKNOWN_ERROR",E={operation:it(p.operation??n),code:h,message:typeof p.error?.message=="string"?p.error.message:"Unknown error",...typeof p.nonce=="string"&&{nonce:p.nonce}};ot(t,et,E,{bubbles:!0,composed:!0})});r.push(l);let d=e.on("cancelled",p=>{if(!vo(p))return;let h={operation:it(p.operation),...typeof p.nonce=="string"&&{nonce:p.nonce}};ot(t,ve,h,{bubbles:!0,composed:!0})});return r.push(d),function(){for(let h of r)h()}}};function bn(e){return{isPasskeySupported:e.isPasskeySupported,platformAuthenticatorAvailable:e.platformAuthenticatorAvailable,recommendedFlow:e.recommendedFlow}}function Ro(){return{getClientStatus:async()=>{let e=await Ge();return bn(e)}}}function En(e){let t=e;if(typeof t.getStatus!="function")return Ro();let r=t.getStatus;return{getClientStatus:async()=>{let n=await r();return bn(n)}}}function yn(e){return new CustomEvent(Ze,{detail:e,bubbles:!0,composed:!0})}function An(e){return new CustomEvent(N,{detail:e,bubbles:!0,composed:!0})}function _n(e){return new CustomEvent(ve,{detail:e,bubbles:!0,composed:!0})}function vn(e){return new CustomEvent(rt,{detail:e,bubbles:!0,composed:!0})}function Rn(e){return new CustomEvent(nt,{detail:e,bubbles:!0,composed:!0})}var st=class{_currentState=S;_lastRenderedState=null;_renderDirty=!0;_pendingOperation="authenticate";_currentNonce=void 0;_envEvalRequestId=0;get currentState(){return this._currentState}setState(t){this._currentState=t,this._renderDirty=!0}invalidateRender(){this._renderDirty=!0}consumeRenderDecision(){return!this._renderDirty&&this._currentState===this._lastRenderedState?!1:(this._lastRenderedState=this._currentState,this._renderDirty=!1,!0)}setPendingOperationFromTab(t){this._pendingOperation=t==="login"?"authenticate":"register"}get pendingOperation(){return this._pendingOperation}setNonce(t){this._currentNonce=t}consumeCancelledDetailIfAuthenticating(){if(this._currentState!=="AUTHENTICATING")return null;let t={operation:this._pendingOperation==="authenticate"?"login":this._pendingOperation,...this._currentNonce!==void 0&&{nonce:this._currentNonce}};return this._currentNonce=void 0,t}handleAuthSuccess(){let t=R.tryHandleAuthSuccess(this._currentState);t!==null&&this.setState(t)}handleAuthError(){let t=R.tryHandleAuthError(this._currentState);t!==null&&this.setState(t)}onStartEvent(t){t?.nonce!==void 0&&(this._currentNonce=t.nonce)}startAuthFromClick(t,r,n){if(!t||!gr(this._currentState))return;this.setPendingOperationFromTab(r);let o=R.startAuth(this._currentState,r,t,n);this.setState(o)}async runEnvEval(t){let r=++this._envEvalRequestId;this.setState(R.envEvalStart(this._currentState));let n=await R.evaluateEnv({...t,currentState:this._currentState});return r!==this._envEvalRequestId?null:n}reset(){this._currentState=R.reset(this._currentState),this._lastRenderedState=null,this._renderDirty=!0,this._currentNonce=void 0}setStateForRender(t){this._currentState=t,this._renderDirty=!0}};var te=class extends HTMLElement{_controller=new st;_unsubscribeBridge=null;_core=null;_lastCoreConfig=null;setState(t){this._controller.setState(t),this.scheduleRenderIfNeeded()}invalidateRender(){this._controller.invalidateRender(),this.scheduleRenderIfNeeded()}scheduleRenderIfNeeded(){this.shadowRoot&&this._controller.consumeRenderDecision()&&this._render()}_emitCancelledIfAuthenticating(){let t=this._controller.consumeCancelledDetailIfAuthenticating();return t?(this.dispatchEvent(_n(t)),!0):!1}attachCore(t){if(this._core!==null&&this._teardownCore(),t==null){this._core=null,this._controller.reset(),this.scheduleRenderIfNeeded();return}if(!hn(t))throw new Error("[trymellon-auth] attachCore requires a CoreAuthPort-compatible instance.");this._core=t,this._unsubscribeBridge=ir.subscribe(this._core,this),this._attachHostListeners(),this._runEnvEval()}_teardownCore(){this._unsubscribeBridge?.(),this._unsubscribeBridge=null,this.removeEventListener("mellon:start",this._onMellonStart),this.removeEventListener("mellon:success",this._onMellonSuccess),this.removeEventListener("mellon:error",this._onMellonError),this._core=null}_attachHostListeners(){this.removeEventListener("mellon:start",this._onMellonStart),this.removeEventListener("mellon:success",this._onMellonSuccess),this.removeEventListener("mellon:error",this._onMellonError),this.addEventListener("mellon:start",this._onMellonStart),this.addEventListener("mellon:success",this._onMellonSuccess),this.addEventListener("mellon:error",this._onMellonError)}_onMellonSuccess=()=>{this._controller.handleAuthSuccess(),this.scheduleRenderIfNeeded()};_onMellonError=()=>{this._controller.handleAuthError(),this.scheduleRenderIfNeeded()};_onMellonStart=t=>{let r=t.detail;this._controller.onStartEvent(r)};startAuthFromClick(){this._core&&this.canStartAuth()&&(this._controller.startAuthFromClick(this._core,this.getTabKind(),this.getCoreAuthOptions()),this.scheduleRenderIfNeeded())}dispatchFallback(t){let r=t!==void 0?{...this.getFallbackDetail(),fallbackType:t}:this.getFallbackDetail();this.dispatchEvent(vn(r))}async _runEnvEval(){if(!this._core)return;let t={...this.getEnvEvalParams(),envStatusPort:En(this._core)},r=await this._controller.runEnvEval(t);r!==null&&(!this._core||!this.isConnected||this.setState(r))}_maybeAutoCreateCoreAndRunEnvEval(){if(this._core!==null)return;let t=this.getCoreConfig();if(!t)return;let r=or(t);if(!r){this.attachCore(null);return}this.attachCore(r)}_reconcileCoreFromConfig(){let t=this.getCoreConfig();if(this._lastCoreConfig===null&&t===null||this._lastCoreConfig!==null&&t!==null&&this._lastCoreConfig.appId===t.appId&&this._lastCoreConfig.publishableKey===t.publishableKey)return;if(this._lastCoreConfig=t,t===null){this.attachCore(null);return}let n=or(t);this.attachCore(n??null)}disconnectedCallback(){this._teardownCore()}get currentState(){return this._controller.currentState}reset(){this._emitCancelledIfAuthenticating(),this._controller.reset(),this.scheduleRenderIfNeeded()}setStateForRender(t){this._controller.setStateForRender(t),this.scheduleRenderIfNeeded()}};function To(e){if(e==null||e.trim()==="")return Q;let t=e.split(",").map(o=>o.trim()),r=t[0]??Q.register,n=t[1]??Q.login;return{register:r,login:n}}function at(e){let t={open:ke(e.getAttribute("open")),mode:I(e.getAttribute("mode"),ie,Ie),tab:I(e.getAttribute("tab"),oe,Le),tabLabels:To(e.getAttribute("tab-labels")),theme:I(e.getAttribute("theme"),F,V),sessionId:T(e.getAttribute("session-id")),onboardingUrl:T(e.getAttribute("onboarding-url")),isMobileOverride:br(e.getAttribute("is-mobile-override")),fallbackType:Er(e.getAttribute("fallback-type"),se),appId:H(e.getAttribute("app-id")),publishableKey:H(e.getAttribute("publishable-key")),appName:T(e.getAttribute("app-name")),dialogTitle:T(e.getAttribute("dialog-title")),dialogDescription:T(e.getAttribute("dialog-description")),externalUserId:T(e.getAttribute("external-user-id")),modalVariant:I(e.getAttribute("modal-variant"),ue,xe)};return yt(t)}function So(e){let t=e.querySelector(`.${St}`);return t||(t=document.createElement("div"),t.className=St,e.appendChild(t)),t}function Co(e){let t=e.querySelector(`.${he}`);return t||(t=document.createElement("div"),t.className=he,t.setAttribute("aria-hidden","true"),e.appendChild(t)),t}function Io(e){let t=e.querySelector(`.${Ct}`);return t||(t=document.createElement("div"),t.className=Ct,e.appendChild(t)),t}function Lo(e,t){e.setAttribute("role","dialog"),e.setAttribute("aria-modal",t==="modal"?"true":"false"),e.setAttribute("aria-labelledby",Ue),e.setAttribute("aria-describedby",be)}function Mo(e,t){let r=e.querySelector(`#${Ue}`);r||(r=document.createElement("h2"),r.id=Ue,r.className="mellon-dialog-title",e.insertBefore(r,e.firstChild));let n=t.dialogTitle?.trim()??(t.appName?.trim()?Ar(t.appName.trim()):yr);r.textContent=n;let o=e.querySelector(`#${be}`);o||(o=document.createElement("p"),o.id=be,o.className="mellon-dialog-desc",e.insertBefore(o,r.nextSibling)),o.textContent=t.dialogDescription?.trim()??_r}function Oo(e){let t=e.querySelector(`.${Ot}`);t||(t=document.createElement("button"),t.type="button",t.className=Ot,t.setAttribute("aria-label",Rr),t.setAttribute("data-mellon-modal-close","true"),t.textContent="\xD7",e.appendChild(t))}function xo(e,t){let r=e.querySelector(`.${ge}`);if(!r){r=document.createElement("div"),r.className=ge,r.setAttribute("role","tablist");let i=document.createElement("button");i.type="button",i.setAttribute("data-tab","register"),i.setAttribute("role","tab");let a=document.createElement("button");a.type="button",a.setAttribute("data-tab","login"),a.setAttribute("role","tab"),r.appendChild(i),r.appendChild(a);let l=e.querySelector(`#${be}`);e.insertBefore(r,l?l.nextSibling:e.firstChild)}let[n,o]=r.querySelectorAll("button");return n&&(n.textContent=t.register),o&&(o.textContent=t.login),r}function sr(e){let t=e.querySelector(`.${It}`);if(!t){t=document.createElement("div"),t.className=It;let r=e.querySelector(`.${ge}`);e.insertBefore(t,r?r.nextSibling:e.firstChild)}return t}function ko(){let e=document.createElementNS(w,"svg");e.setAttribute("viewBox","0 0 24 24"),e.setAttribute("aria-hidden","true"),e.setAttribute("class","mellon-qr-icon"),e.setAttribute("fill","currentColor");let t=document.createElementNS(w,"path");return t.setAttribute("d","M3 3h6v6H3V3zm2 2v2h2V5H5zm8-2h6v6h-6V3zm2 2v2h2V5h-2zM3 15h6v6H3v-6zm2 2v2h2v-2H5zm8-2h6v6h-6v-6zm2 2v2h2v-2h-2zm4-12h2v2h-2V5zm0 8h2v2h-2v-2zm-4 4h2v2h-2v-2zm0-8h2v2h-2V9zm0 4h2v2h-2v-2z"),e.appendChild(t),e}function Tn(){let e=document.createDocumentFragment(),t=document.createElement("div");t.className=Sr;let r=document.createElement("p");r.className="mellon-cross-device-cta-text",r.textContent=Tr,t.appendChild(r);let n=document.createElement("button");return n.type="button",n.className="mellon-btn mellon-btn-qr-icon",n.setAttribute("data-mellon-action",$),n.setAttribute("aria-label",Cr),n.appendChild(ko()),t.appendChild(n),e.appendChild(t),e}function Do(){let e=document.createElement("div");e.className=Ir,e.setAttribute("aria-live","polite");let t=document.createElement("span");t.textContent=Or;let r=document.createElement("span");return r.className="mellon-qr-dots",r.setAttribute("aria-hidden","true"),e.appendChild(t),e.appendChild(r),e}function wo(){let e=document.createElement("div");return e.className=Lr,e.setAttribute("aria-live","polite"),e.textContent=xr,e}function Po(e){let t=sr(e),r=t.querySelector(`.${M}`);if(!r){r=document.createElement("div"),r.className=M,r.setAttribute("data-qr-area-state","default"),r.appendChild(Do()),r.appendChild(wo());let o=document.createElement("div");o.className=Mr;let i=document.createElement("slot");i.name=j,i.appendChild(Tn()),o.appendChild(i),r.appendChild(o),t.appendChild(r)}let n=r.querySelector(`slot[name="${j}"]`);if(!n){let o=document.createElement("slot");return o.name=j,o.appendChild(Tn()),r.appendChild(o),o}return n}function Uo(e){let t=sr(e);if(t.querySelector(`.${Mt}`))return;let r=document.createElement("div");r.className=Mt,r.setAttribute("aria-hidden","true");let n=document.createElement("span");n.className="mellon-separator-text",n.textContent=vr,r.appendChild(n);let o=t.querySelector(`.${M}`);t.insertBefore(r,o?o.nextSibling:t.firstChild)}function No(e){let t=sr(e),r=t.querySelector("slot:not([name])");if(!r){r=document.createElement("slot");let o=document.createElement("div");o.id=q,o.className="mellon-root",r.appendChild(o),t.appendChild(r)}let n=e.querySelector(`#${q}`);return n||(n=document.createElement("div"),n.id=q,n.className="mellon-root",r.appendChild(n)),n}function Bo(e){let t=e.querySelector(`slot[name="${Lt}"]`);return t||(t=document.createElement("slot"),t.name=Lt,e.appendChild(t)),t}function Fo(e,t){let r=e.querySelector(`.${ge}`);if(!r)return;let n=r.querySelector('[data-tab="register"]'),o=r.querySelector('[data-tab="login"]');n&&n.setAttribute("aria-selected",String(t==="register")),o&&o.setAttribute("aria-selected",String(t==="login"))}function Re(e,t){if(e==null||t==null)return;let r=So(e);r.setAttribute("data-mellon-modal-variant",t.modalVariant),t.mode==="modal"&&Co(r);let n=Io(r);Lo(n,t.mode),Mo(n,t),Oo(n),xo(n,t.tabLabels),Po(n),Uo(n),No(n),Bo(n),Fo(n,t.tab)}function Ko(e){return!(e.hidden===!0||e.getAttribute("aria-hidden")==="true")}function Sn(e){return Array.from(e.querySelectorAll(Ur)).filter(r=>Ko(r))}function Cn(e){let t=null,r=null,n=!1;function o(l){if(l.key!=="Tab")return;let d=Sn(e);if(d.length===0)return;let p=l.target instanceof Node?l.target:null,h=p?d.indexOf(p):-1,E=d.length-1,y;l.shiftKey?y=h<=0?E:h-1:y=h>=E?0:h+1;let L=d[y];L&&(l.preventDefault(),L.focus())}function i(){if(n)return;t=document.activeElement;let d=Sn(e)[0];d&&d.focus(),r=o,e.addEventListener("keydown",r,!0),n=!0}function a(){if(!n)return;r&&(e.removeEventListener("keydown",r,!0),r=null),n=!1;let l=e.getRootNode()?.ownerDocument??document,d=t instanceof HTMLElement&&l.body.contains(t)?t:null;if(d)d.focus();else{let p=l.body,h=p.getAttribute("tabindex");p.setAttribute("tabindex","-1"),p.focus(),h===null?p.removeAttribute("tabindex"):p.setAttribute("tabindex",h)}t=null}return{activate:i,deactivate:a}}var Vo="mellon-modal-wrapper",Ho="mellon-modal-overlay",qo="mellon-modal-panel",In=["app-id","publishable-key","mode","external-user-id","theme","action","trigger-only","button-variant","button-label","button-aria-label"],Ln=["open","mode","tab","tab-labels","theme","session-id","onboarding-url","is-mobile-override","fallback-type","app-id","publishable-key","app-name","dialog-title","dialog-description","external-user-id","modal-variant","qr-load-timeout-ms"],lt={wrapper:`.${Vo}`,overlay:`.${Ho}`,panel:`.${qo}`},Mn="user";var jo={SUCCESS:{reason:"success"},AUTHENTICATING:{reason:"cancel"},ERROR:{reason:"error"}};function Go(e){return jo[e]??{reason:Mn}}var ut=class extends te{static get observedAttributes(){return[...Ln]}_parsed=at(this);_focusTrap=null;_unregisterInteractions=null;_generatedExternalUserId=null;_qrLoadTimeoutId=null;_qrSlotChangeBound=null;_boundEscapeKeydown=t=>{t.key==="Escape"&&this._parsed.open&&(t.preventDefault(),this.open=!1)};connectedCallback(){if(this.addEventListener("keydown",this._boundEscapeKeydown,!0),this.shadowRoot){this._registerInteractions(),this._core!==null&&this._unsubscribeBridge===null&&this.attachCore(this._core);return}let t=this.attachShadow({mode:"open"}),r=jr();if(r)t.adoptedStyleSheets=[r];else{let n=document.createElement("style");n.textContent=qr(),t.appendChild(n)}this._parsed=at(this),Re(t,this._parsed),this._registerInteractions(),this._render(),this._applyModalVisibility(),this._maybeAutoCreateCoreAndRunEnvEval()}_registerInteractions(){this.shadowRoot&&(this._unregisterInteractions?.(),this._unregisterInteractions=Kr(this.shadowRoot,{onTabChange:t=>{this.dispatchEvent(Rn({tab:t})),this.setAttribute("tab",t)},onPrimaryClick:()=>this.startAuthFromClick(),onFallbackClick:t=>this.dispatchFallback(t),onOverlayClick:()=>{this.open=!1},onCloseClick:()=>{this.open=!1}}))}attributeChangedCallback(t,r,n){if(this.shadowRoot){if(this._parsed=at(this),t==="open"){if(this._parsed.open&&r!=="true"){let o={timestamp:Date.now()};this.dispatchEvent(yn(o)),this._startQrLoadWait()}if(!this._parsed.open){this._clearQrLoadWait(),this._transitionToIdle();return}}t==="tab"&&(this._emitCancelledIfAuthenticating(),this.setState(R.tabChange(this.currentState,this._parsed.tab))),(t==="app-id"||t==="publishable-key")&&this._reconcileCoreFromConfig(),Re(this.shadowRoot,this._parsed),this._render(),this._applyModalVisibility()}}_startQrLoadWait(){let t=this.shadowRoot;if(!t)return;let r=t.querySelector(`.${M}`),n=t.querySelector(`slot[name="${j}"]`);if(!r||!n)return;r.setAttribute("data-qr-area-state","waiting");let o=Math.max(1e3,parseInt(this.getAttribute("qr-load-timeout-ms")??String(12e3),10)||12e3);this._qrLoadTimeoutId=window.setTimeout(()=>{if(this._qrLoadTimeoutId=null,!this.shadowRoot)return;let a=this.shadowRoot.querySelector(`.${M}`);a?.getAttribute("data-qr-area-state")==="waiting"&&a.setAttribute("data-qr-area-state","timeout")},o);let i=()=>{if(n.assignedNodes().length>0){this._clearQrLoadWait();let a=this.shadowRoot?.querySelector(`.${M}`);a&&a.setAttribute("data-qr-area-state","loaded")}};this._qrSlotChangeBound=i,n.addEventListener("slotchange",i),n.assignedNodes().length>0&&i()}_clearQrLoadWait(){this._qrLoadTimeoutId!=null&&(clearTimeout(this._qrLoadTimeoutId),this._qrLoadTimeoutId=null);let t=this.shadowRoot;if(!t)return;let r=t.querySelector(`slot[name="${j}"]`);r&&this._qrSlotChangeBound&&(r.removeEventListener("slotchange",this._qrSlotChangeBound),this._qrSlotChangeBound=null);let n=t.querySelector(`.${M}`);n&&n.setAttribute("data-qr-area-state","default")}_transitionToIdle(){this._generatedExternalUserId=null;let r={reason:Go(this.currentState).reason,timestamp:Date.now()};this.dispatchEvent(An(r)),this._emitCancelledIfAuthenticating(),this.setState(R.reset(this.currentState)),this.shadowRoot&&(Re(this.shadowRoot,this._parsed),this.scheduleRenderIfNeeded(),this._applyModalVisibility())}get open(){return this._parsed.open}set open(t){this.setAttribute("open",t?"true":"false")}get mode(){return this._parsed.mode}set mode(t){this.setAttribute("mode",t)}get tab(){return this._parsed.tab}set tab(t){this.setAttribute("tab",t)}get tabLabels(){return`${this._parsed.tabLabels.register},${this._parsed.tabLabels.login}`}set tabLabels(t){t==null||t===""?this.removeAttribute("tab-labels"):this.setAttribute("tab-labels",t)}get theme(){return this._parsed.theme}set theme(t){this.setAttribute("theme",t)}get sessionId(){return this._parsed.sessionId}set sessionId(t){t==null?this.removeAttribute("session-id"):this.setAttribute("session-id",t)}get onboardingUrl(){return this._parsed.onboardingUrl}set onboardingUrl(t){t==null?this.removeAttribute("onboarding-url"):this.setAttribute("onboarding-url",t)}get isMobileOverride(){return this._parsed.isMobileOverride}set isMobileOverride(t){t==null?this.removeAttribute("is-mobile-override"):this.setAttribute("is-mobile-override",t?"true":"false")}get fallbackType(){return this._parsed.fallbackType}set fallbackType(t){t==null?this.removeAttribute("fallback-type"):this.setAttribute("fallback-type",t)}get appId(){return this._parsed.appId}set appId(t){this.setAttribute("app-id",t??"")}get publishableKey(){return this._parsed.publishableKey}set publishableKey(t){this.setAttribute("publishable-key",t??"")}get appName(){return this._parsed.appName}set appName(t){t==null?this.removeAttribute("app-name"):this.setAttribute("app-name",t)}get dialogTitle(){return this._parsed.dialogTitle}set dialogTitle(t){t==null?this.removeAttribute("dialog-title"):this.setAttribute("dialog-title",t)}get dialogDescription(){return this._parsed.dialogDescription}set dialogDescription(t){t==null?this.removeAttribute("dialog-description"):this.setAttribute("dialog-description",t)}get externalUserId(){return this._parsed.externalUserId}set externalUserId(t){t==null?this.removeAttribute("external-user-id"):this.setAttribute("external-user-id",t)}disconnectedCallback(){this._unregisterInteractions?.(),this._unregisterInteractions=null,this.removeEventListener("keydown",this._boundEscapeKeydown,!0),super.disconnectedCallback()}reset(){this._transitionToIdle()}getTabKind(){return this._parsed.tab}getCoreAuthOptions(){let t=this._resolveExternalUserId();return t?{externalUserId:t}:{}}_resolveExternalUserId(){let t=this._parsed.externalUserId?.trim();return t||(this.getTabKind()!=="register"?null:(this._generatedExternalUserId??=typeof crypto<"u"&&typeof crypto.randomUUID=="function"?crypto.randomUUID():null,this._generatedExternalUserId))}canStartAuth(){return!0}getEnvEvalParams(){return{mode:this._parsed.tab,isMobileOverride:this._parsed.isMobileOverride??void 0,fallbackType:this._parsed.fallbackType}}getCoreConfig(){return!this._parsed.appId||!this._parsed.publishableKey?null:{appId:this._parsed.appId,publishableKey:this._parsed.publishableKey}}getFallbackDetail(){return{operation:this._parsed.tab}}_applyModalVisibility(){if(!this.shadowRoot)return;let t=this.shadowRoot.querySelector(lt.wrapper);t&&(t.hidden=!this._parsed.open);let r=this.shadowRoot.querySelector(lt.overlay);r&&(r.hidden=this._parsed.mode!=="modal");let n=this.shadowRoot.querySelector(lt.panel);n&&n.setAttribute("aria-hidden",String(!this._parsed.open)),this._parsed.open&&t?(this._focusTrap||(this._focusTrap=Cn(t)),this._focusTrap.activate()):this._focusTrap?.deactivate()}_render(){if(!this.shadowRoot)return;Re(this.shadowRoot,this._parsed),this._applyModalVisibility();let t=_t(this.currentState,this._parsed,{registerSessionReady:this._parsed.tab==="register"?this.canStartAuth():void 0,primaryButtonLabel:Rt,primaryButtonAriaLabel:Tt}),r={shadowRoot:this.shadowRoot};wr(r,t)}};var dt=class extends te{static get observedAttributes(){return[...In]}_parsed={...pe};_internalModal=null;_focusRestoreTarget=null;_unregisterInteractions=null;_onInternalModalClose=()=>{this._internalModal&&(this._internalModal.open=!1),this._restoreFocusToTrigger()};_onInternalModalSuccess=t=>{let r=t;this.dispatchEvent(new CustomEvent(B,{detail:r.detail,bubbles:!1,composed:!0}))};_restoreFocusToTrigger(){let t=this._focusRestoreTarget;this._focusRestoreTarget=null,!(!t?.isConnected||typeof t.focus!="function")&&t.focus()}connectedCallback(){if(this.shadowRoot){this._registerInteractions(),this._core!==null&&this._unsubscribeBridge===null&&this.attachCore(this._core),this._syncInternalModalAttributes(),this._ensureInternalModal();return}let t=this.attachShadow({mode:"open"}),r=wt();if(r)t.adoptedStyleSheets=[r];else{let n=document.createElement("style");n.textContent=Pt(),t.appendChild(n)}this._parsed=vt(this),this._syncThemeAttribute(),this._registerInteractions(),this._render(),this._reconcileCoreFromConfig(),this._ensureInternalModal()}_registerInteractions(){this.shadowRoot&&(this._unregisterInteractions?.(),this._unregisterInteractions=Fr(this.shadowRoot,{onPrimaryClick:()=>this._onPrimaryClick(),onFallbackClick:t=>this.dispatchFallback(t)}))}attributeChangedCallback(t,r,n){if(!this.shadowRoot)return;let o=this._parsed.mode;if(this._parsed=vt(this),(t==="button-variant"||t==="theme")&&this.invalidateRender(),(t==="app-id"||t==="publishable-key")&&this._reconcileCoreFromConfig(),t==="mode"&&(this._parsed.mode==="register"||this._parsed.mode==="login")){let i=this._parsed.mode;o!==i&&(this._emitCancelledIfAuthenticating(),this.setState(R.tabChange(this.currentState,i)))}this._syncThemeAttribute(),this.scheduleRenderIfNeeded(),this._syncInternalModalAttributes(),this._ensureInternalModal()}_onPrimaryClick(){if(this._parsed.action==="open-modal"){this._focusRestoreTarget=document.activeElement instanceof Element?document.activeElement:null,this.dispatchEvent(new CustomEvent(_e,{detail:{},bubbles:!0,composed:!0})),!this._parsed.triggerOnly&&this._internalModal&&(this._internalModal.open=!0);return}this.startAuthFromClick()}getTabKind(){return this._parsed.mode==="auto"?"login":this._parsed.mode}getCoreAuthOptions(){return gn(this._parsed.externalUserId)}canStartAuth(){return!0}getEnvEvalParams(){return{mode:this._parsed.mode}}getCoreConfig(){return!this._parsed.appId||!this._parsed.publishableKey?null:{appId:this._parsed.appId,publishableKey:this._parsed.publishableKey}}getFallbackDetail(){let t=this._parsed.mode==="login"||this._parsed.mode==="register"?this._parsed.mode:void 0;return t!==void 0?{operation:t}:{}}_render(){if(!this.shadowRoot)return;let t=At(this.currentState,this._parsed,{registerSessionReady:this._parsed.mode==="register"?this.canStartAuth():void 0,primaryButtonLabel:this._parsed.buttonLabel??void 0,primaryButtonAriaLabel:this._parsed.buttonAriaLabel??void 0}),r={shadowRoot:this.shadowRoot};Dr(r,t)}_syncThemeAttribute(){this.getAttribute("theme")!==this._parsed.theme&&this.setAttribute("theme",this._parsed.theme)}_syncInternalModalAttributes(){if(!this._internalModal)return;this._internalModal.setAttribute("app-id",this._parsed.appId??""),this._internalModal.setAttribute("publishable-key",this._parsed.publishableKey??""),this._internalModal.setAttribute("theme",this._parsed.theme);let t=this._parsed.mode==="auto"?"login":this._parsed.mode;this._internalModal.setAttribute("tab",t),this._internalModal.setAttribute("modal-variant","minimal")}_ensureInternalModal(){if(this._parsed.action!=="open-modal"||!this.shadowRoot)return;if(this._parsed.triggerOnly){this._internalModal?.isConnected&&(this._internalModal.removeEventListener(N,this._onInternalModalClose),this._internalModal.remove(),this._internalModal=null);return}if(this._internalModal?.isConnected){this._syncInternalModalAttributes();return}let t=document.createElement("trymellon-auth-modal");this._internalModal=t,this._syncInternalModalAttributes(),t.addEventListener(N,this._onInternalModalClose),t.addEventListener(B,this._onInternalModalSuccess),typeof document<"u"&&document.body?document.body.appendChild(t):this.shadowRoot.appendChild(t)}disconnectedCallback(){this._unregisterInteractions?.(),this._unregisterInteractions=null,this._internalModal?.isConnected&&(this._internalModal.removeEventListener(N,this._onInternalModalClose),this._internalModal.removeEventListener(B,this._onInternalModalSuccess),this._internalModal.remove(),this._internalModal=null),super.disconnectedCallback()}};var Kl="0.1.0",xn="trymellon-auth",kn="trymellon-auth-modal";typeof customElements<"u"&&!customElements.get(xn)&&customElements.define(xn,dt);typeof customElements<"u"&&!customElements.get(kn)&&customElements.define(kn,ut);export{Ee as BASE_STYLES,S as INITIAL_UI_STATE,ve as MELLON_CANCELLED,N as MELLON_CLOSE,et as MELLON_ERROR,rt as MELLON_FALLBACK,Ze as MELLON_OPEN,_e as MELLON_OPEN_REQUEST,tt as MELLON_START,B as MELLON_SUCCESS,nt as MELLON_TAB_CHANGE,kn as TRYMELLON_AUTH_MODAL_TAG,xn as TRYMELLON_AUTH_TAG,dt as TryMellonAuthElement,ut as TryMellonAuthModalElement,Kl as UI_VERSION,wt as createConstructableStylesheet,ir as eventBridgeAdapter,re as getNextState,Pt as getStylesFallback};
+`.trim();function un(){return Se+`
+`+ln}function dn(){if(!an)return null;try{let t=new CSSStyleSheet;return t.replaceSync(Se+`
+`+ln),t}catch{return null}}var $t="https://api.trymellonauth.com",cn="https://api.trymellonauth.com/v1/telemetry";var pn="trymellon_sandbox_session_token_v1",mn="/v1/enrollment-bridge",gn="/v1/auth-bridge";var c=t=>({ok:!0,value:t}),l=t=>({ok:!1,error:t});var Ge=class t extends Error{code;details;isTryMellonError=!0;constructor(e,r,n){super(r),this.name="TryMellonError",this.code=e,this.details=n,Error.captureStackTrace&&Error.captureStackTrace(this,t)}},To={NOT_SUPPORTED:"WebAuthn is not supported in this environment",USER_CANCELLED:"User cancelled the operation",PASSKEY_NOT_FOUND:"Passkey not found",SESSION_EXPIRED:"Session has expired",NETWORK_FAILURE:"Network request failed",INVALID_ARGUMENT:"Invalid argument provided",TIMEOUT:"Operation timed out",ABORTED:"Operation was aborted",ABORT_ERROR:"Operation aborted by user or timeout",CHALLENGE_MISMATCH:"This link was already used or expired. Please try again from your computer.",TICKET_NOT_FOUND:"Enrollment ticket not found or invalid",TICKET_EXPIRED:"Enrollment ticket has expired",TICKET_ALREADY_USED:"Enrollment ticket was already used",PIN_MISMATCH:"PIN does not match",PIN_LOCKED:"PIN is locked due to too many failed attempts",BRIDGE_SESSION_EXPIRED:"Bridge session has expired",UNKNOWN_ERROR:"An unknown error occurred"};function E(t,e,r){return new Ge(t,e??To[t],r)}function zt(t){return t instanceof Ge||typeof t=="object"&&t!==null&&"isTryMellonError"in t&&t.isTryMellonError===!0}function fn(){return E("NOT_SUPPORTED")}function R(t,e){return E("INVALID_ARGUMENT",`Invalid argument: ${t} - ${e}`,{field:t,reason:e})}function hn(t){return E("UNKNOWN_ERROR",`Failed to ${t} credential`,{operation:t})}function Xt(t){return E("NOT_SUPPORTED",`No base64 ${t==="encode"?"encoding":"decoding"} available`,{type:t})}function Qt(t,e){try{let r=new URL(t);if(r.protocol!=="https:"&&r.protocol!=="http:")throw R(e,"must use http or https protocol")}catch(r){throw zt(r)?r:R(e,"must be a valid URL")}}function X(t,e,r,n){if(!Number.isFinite(t))throw R(e,"must be a finite number");if(t<r||t>n)throw R(e,`must be between ${r} and ${n}`)}function je(t,e){if(typeof t!="string"||t.length===0)throw R(e,"must be a non-empty string");if(!/^[A-Za-z0-9_-]+$/.test(t))throw R(e,"must be a valid base64url string")}var Co={NotAllowedError:"USER_CANCELLED",AbortError:"ABORTED",NotSupportedError:"NOT_SUPPORTED",SecurityError:"NOT_SUPPORTED",InvalidStateError:"UNKNOWN_ERROR",UnknownError:"UNKNOWN_ERROR"};function Q(t){if(typeof t!="string")return"UNKNOWN_ERROR";let e=t.toLowerCase().trim();return{challenge_mismatch:"CHALLENGE_MISMATCH",session_expired:"SESSION_EXPIRED",unauthorized:"SESSION_EXPIRED",validation_error:"INVALID_ARGUMENT",invalid_argument:"INVALID_ARGUMENT",user_not_found:"SESSION_EXPIRED",passkey_not_found:"PASSKEY_NOT_FOUND",ticket_not_found:"TICKET_NOT_FOUND",ticket_expired:"TICKET_EXPIRED",ticket_already_consumed:"TICKET_ALREADY_USED",not_found:"TICKET_NOT_FOUND",expired:"TICKET_EXPIRED",already_consumed:"TICKET_ALREADY_USED",context_mismatch:"CHALLENGE_MISMATCH",challenge_not_found:"CHALLENGE_MISMATCH",invalid_ticket_id:"INVALID_ARGUMENT",invalid_context_hash:"INVALID_ARGUMENT",invalid_ticket_status:"INVALID_ARGUMENT",invalid_config:"INVALID_ARGUMENT",enrollment_not_enabled:"INVALID_ARGUMENT",pin_mismatch:"PIN_MISMATCH",pin_locked:"PIN_LOCKED",bridge_not_enabled:"UNKNOWN_ERROR",bridge_session_expired:"BRIDGE_SESSION_EXPIRED",session_not_found:"BRIDGE_SESSION_EXPIRED"}[e]??"UNKNOWN_ERROR"}function _(t){if(t instanceof DOMException){let e=t.name,r=t.message||"WebAuthn operation failed",n=Co[e]??"UNKNOWN_ERROR";return E(n,r,{originalError:t})}return t instanceof Error?E("UNKNOWN_ERROR",t.message,{originalError:t}):E("UNKNOWN_ERROR","An unknown error occurred",{originalError:t})}function h(t){return typeof t=="object"&&t!==null&&!Array.isArray(t)}function d(t){return typeof t=="string"}function V(t){return typeof t=="number"&&Number.isFinite(t)}function Ye(t){return typeof t=="boolean"}function te(t){return Array.isArray(t)}function s(t,e){return l(E("UNKNOWN_ERROR",t,{...e,originalData:e?.originalData}))}function m(t,e){return t[e]}function Io(t,e){return!h(t)||!d(t.name)||!d(t.id)?s("Invalid API response: challenge.rp must have name and id strings",{originalData:e}):c(!0)}function Lo(t,e){return!h(t)||!d(t.id)||!d(t.name)||!d(t.displayName)?s("Invalid API response: challenge.user must have id, name, displayName strings",{originalData:e}):c(!0)}function Mo(t,e){if(!te(t))return s("Invalid API response: challenge.pubKeyCredParams must be array",{originalData:e});for(let r of t)if(!h(r)||r.type!=="public-key"||!V(r.alg))return s("Invalid API response: pubKeyCredParams items must have type and alg",{originalData:e});return c(!0)}function We(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"session_id");if(!d(e))return s("Invalid API response: session_id must be string",{field:"session_id",originalData:t});let r=m(t,"challenge");if(!h(r))return s("Invalid API response: challenge must be object",{field:"challenge",originalData:t});let n=Io(m(r,"rp"),t);if(!n.ok)return n;let o=Lo(m(r,"user"),t);if(!o.ok)return o;let i=m(r,"challenge");if(!d(i))return s("Invalid API response: challenge.challenge must be string",{originalData:t});let a=Mo(m(r,"pubKeyCredParams"),t);if(!a.ok)return a;let u=r.timeout;if(u!==void 0&&!V(u))return s("Invalid API response: challenge.timeout must be number",{originalData:t});let p=r.excludeCredentials;if(p!==void 0){if(!te(p))return s("Invalid API response: excludeCredentials must be array",{originalData:t});for(let f of p)if(!h(f)||f.type!=="public-key"||!d(f.id))return s("Invalid API response: excludeCredentials items must have id and type",{originalData:t})}let g=r.authenticatorSelection;return g!==void 0&&!h(g)?s("Invalid API response: authenticatorSelection must be object",{originalData:t}):c({session_id:e,challenge:{rp:r.rp,user:r.user,challenge:i,pubKeyCredParams:r.pubKeyCredParams,...u!==void 0&&{timeout:u},...p!==void 0&&{excludeCredentials:p},...g!==void 0&&{authenticatorSelection:g}}})}function Jt(t,e){if(!h(t))return s("Invalid API response: user must be object",{field:"user",originalData:e});let r=m(t,"user_id"),n=m(t,"external_user_id");if(!d(r)||!d(n))return s("Invalid API response: user must have user_id and external_user_id strings",{originalData:e});let o=t.email,i=t.metadata;return o!==void 0&&!d(o)?s("Invalid API response: user.email must be string",{originalData:e}):i!==void 0&&(typeof i!="object"||i===null)?s("Invalid API response: user.metadata must be object",{originalData:e}):c({user_id:r,external_user_id:n,...o!==void 0&&{email:o},...i!==void 0&&{metadata:i}})}function Zt(t){let e=We(t);return e.ok?c({session_id:e.value.session_id,challenge:e.value.challenge}):e}function er(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"session_id");if(!d(e))return s("Invalid API response: session_id must be string",{field:"session_id",originalData:t});let r=m(t,"challenge");if(!h(r))return s("Invalid API response: challenge must be object",{field:"challenge",originalData:t});let n=m(r,"challenge"),o=m(r,"rpId"),i=r.allowCredentials;if(!d(n))return s("Invalid API response: challenge.challenge must be string",{originalData:t});if(!d(o))return s("Invalid API response: challenge.rpId must be string",{originalData:t});if(i!==void 0&&!te(i))return s("Invalid API response: allowCredentials must be array",{originalData:t});if(i){for(let p of i)if(!h(p)||p.type!=="public-key"||!d(p.id))return s("Invalid API response: allowCredentials items must have id and type",{originalData:t})}let a=r.timeout;if(a!==void 0&&!V(a))return s("Invalid API response: challenge.timeout must be number",{originalData:t});let u=r.userVerification;return u!==void 0&&!["required","preferred","discouraged"].includes(String(u))?s("Invalid API response: userVerification must be required|preferred|discouraged",{originalData:t}):c({session_id:e,challenge:{challenge:n,rpId:o,allowCredentials:i??[],...a!==void 0&&{timeout:a},...u!==void 0&&{userVerification:u}}})}function tr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"credential_id"),r=m(t,"status"),n=m(t,"session_token"),o=m(t,"user");if(!d(e))return s("Invalid API response: credential_id must be string",{field:"credential_id",originalData:t});if(!d(r))return s("Invalid API response: status must be string",{field:"status",originalData:t});if(!d(n))return s("Invalid API response: session_token must be string",{field:"session_token",originalData:t});let i=Jt(o,t);if(!i.ok)return l(i.error);let a=t.redirect_url;return a!==void 0&&!d(a)?s("Invalid API response: redirect_url must be string",{originalData:t}):c({credential_id:e,status:r,session_token:n,user:i.value,...a!==void 0&&{redirect_url:a}})}function rr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"authenticated"),r=m(t,"session_token"),n=m(t,"user"),o=m(t,"signals");if(!Ye(e))return s("Invalid API response: authenticated must be boolean",{field:"authenticated",originalData:t});if(!d(r))return s("Invalid API response: session_token must be string",{field:"session_token",originalData:t});let i=Jt(n,t);if(!i.ok)return l(i.error);if(o!==void 0&&!h(o))return s("Invalid API response: signals must be object",{originalData:t});let a=t.redirect_url;return a!==void 0&&!d(a)?s("Invalid API response: redirect_url must be string",{originalData:t}):c({authenticated:e,session_token:r,user:i.value,signals:o,...a!==void 0&&{redirect_url:a}})}function nr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"valid"),r=m(t,"user_id"),n=m(t,"external_user_id"),o=m(t,"tenant_id"),i=m(t,"app_id");return Ye(e)?d(r)?d(n)?d(o)?d(i)?c({valid:e,user_id:r,external_user_id:n,tenant_id:o,app_id:i}):s("Invalid API response: app_id must be string",{field:"app_id",originalData:t}):s("Invalid API response: tenant_id must be string",{field:"tenant_id",originalData:t}):s("Invalid API response: external_user_id must be string",{field:"external_user_id",originalData:t}):s("Invalid API response: user_id must be string",{field:"user_id",originalData:t}):s("Invalid API response: valid must be boolean",{field:"valid",originalData:t})}function or(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=t.session_token??t.sessionToken;if(!d(e))return s("Invalid API response: session_token/sessionToken must be string",{field:"session_token",originalData:t});let r=t.redirect_url;return r!==void 0&&!d(r)?s("Invalid API response: redirect_url must be string",{originalData:t}):c({sessionToken:e,...r!==void 0&&{redirectUrl:r}})}var Oo=["pending_passkey","pending_data","completed"],xo=["pending_data","completed"];function ir(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"session_id"),r=m(t,"onboarding_url"),n=m(t,"expires_in");return d(e)?d(r)?V(n)?c({session_id:e,onboarding_url:r,expires_in:n}):s("Invalid API response: expires_in must be number",{field:"expires_in",originalData:t}):s("Invalid API response: onboarding_url must be string",{field:"onboarding_url",originalData:t}):s("Invalid API response: session_id must be string",{field:"session_id",originalData:t})}function sr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"status"),r=m(t,"onboarding_url"),n=m(t,"expires_in");return!d(e)||!Oo.includes(e)?s("Invalid API response: status must be pending_passkey|pending_data|completed",{field:"status",originalData:t}):d(r)?V(n)?c({status:e,onboarding_url:r,expires_in:n}):s("Invalid API response: expires_in must be number",{originalData:t}):s("Invalid API response: onboarding_url must be string",{originalData:t})}function ar(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"session_id"),r=m(t,"status"),n=m(t,"onboarding_url");if(!d(e))return s("Invalid API response: session_id must be string",{field:"session_id",originalData:t});if(r!=="pending_passkey")return s("Invalid API response: status must be pending_passkey",{field:"status",originalData:t});if(!d(n))return s("Invalid API response: onboarding_url must be string",{originalData:t});let o=t.challenge,i;if(o!==void 0){let a=ko(o);if(!a.ok)return a;i=a.value}return c({session_id:e,status:"pending_passkey",onboarding_url:n,...i!==void 0&&{challenge:i}})}function ko(t){if(!h(t))return s("Invalid API response: challenge must be object",{originalData:t});let e=m(t,"rp"),r=m(t,"user"),n=m(t,"challenge"),o=m(t,"pubKeyCredParams");if(!h(e)||!d(e.name)||!d(e.id))return s("Invalid API response: challenge.rp must have name and id",{originalData:t});if(!h(r)||!d(r.id)||!d(r.name)||!d(r.displayName))return s("Invalid API response: challenge.user must have id, name, displayName",{originalData:t});if(!d(n))return s("Invalid API response: challenge.challenge must be string",{originalData:t});if(!te(o))return s("Invalid API response: challenge.pubKeyCredParams must be array",{originalData:t});for(let i of o)if(!h(i)||i.type!=="public-key"||!V(i.alg))return s("Invalid API response: pubKeyCredParams items must have type and alg",{originalData:t});return c({rp:e,user:r,challenge:n,pubKeyCredParams:o})}function lr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"session_id"),r=m(t,"status"),n=m(t,"user_id"),o=m(t,"tenant_id");return d(e)?!d(r)||!xo.includes(r)?s("Invalid API response: status must be pending_data|completed",{originalData:t}):d(n)?d(o)?c({session_id:e,status:r,user_id:n,tenant_id:o}):s("Invalid API response: tenant_id must be string",{originalData:t}):s("Invalid API response: user_id must be string",{originalData:t}):s("Invalid API response: session_id must be string",{originalData:t})}function ur(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"session_id"),r=m(t,"status"),n=m(t,"user_id"),o=m(t,"tenant_id"),i=m(t,"session_token");return d(e)?r!=="completed"?s("Invalid API response: status must be completed",{originalData:t}):!d(n)||!d(o)||!d(i)?s("Invalid API response: user_id, tenant_id, session_token must be strings",{originalData:t}):c({session_id:e,status:"completed",user_id:n,tenant_id:o,session_token:i}):s("Invalid API response: session_id must be string",{originalData:t})}function $e(t){return t==null?c(void 0):h(t)&&Object.keys(t).length===0?c(void 0):s("Invalid API response: expected empty body (204)",{originalData:t})}function Do(t){if(!t||typeof t!="object")return!1;let e=t;return typeof e.challenge=="string"&&e.rp!=null&&typeof e.rp=="object"&&e.user!=null&&typeof e.user=="object"&&Array.isArray(e.pubKeyCredParams)}function No(t){if(!t||typeof t!="object")return!1;let e=t;return typeof e.challenge=="string"&&typeof e.rpId=="string"}function ze(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e="resultado"in t&&h(t.resultado)?t.resultado:t,r=e.session_id,n=e.qr_url,o=e.expires_at,i=e.polling_token;if(!d(r)||!d(n)||!d(o)||!d(i))return s("Invalid API response: missing required fields",{originalData:t});let a={session_id:r,qr_url:n,expires_at:o,polling_token:i};return e.external_user_id!==void 0&&d(e.external_user_id)&&(a.external_user_id=e.external_user_id),c(a)}function dr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e="resultado"in t&&h(t.resultado)?t.resultado:t,r=e.status;if(!d(r)||!["pending","authenticated","completed"].includes(r))return s("Invalid API response: invalid status",{originalData:t});let n=e.user_id,o=e.session_token,i=e.redirect_url;return n!==void 0&&!d(n)?s("Invalid API response: user_id must be a string when present",{originalData:t}):o!==void 0&&!d(o)?s("Invalid API response: session_token must be a string when present",{originalData:t}):i!==void 0&&!d(i)?s("Invalid API response: redirect_url must be a string when present",{originalData:t}):c({status:r,user_id:n,session_token:o,redirect_url:i})}function cr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=t.type,r=e==="registration"?"registration":"auth",n=t.options;if(!h(n))return s("Invalid API response: options are required",{originalData:t});let o=200,i=En(t.approval_context,o),a=En(t.application_name,o);if(i===!1||a===!1)return s("Invalid API response: approval_context/application_name must be string max 200 chars",{originalData:t});let u={};return typeof i=="string"&&(u.approval_context=i),typeof a=="string"&&(u.application_name=a),r==="registration"?Do(n)?c({type:"registration",options:n,...u}):s("Invalid API response: registration options must have challenge, rp, user, pubKeyCredParams",{originalData:t}):No(n)?c({type:"auth",options:n,...u}):s("Invalid API response: auth options must have challenge and rpId",{originalData:t})}function En(t,e){if(t!=null)return typeof t!="string"||t.length>e?!1:t}function pr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"challenge"),r=m(t,"recovery_session_id");return h(e)?d(r)?c({challenge:e,recovery_session_id:r}):s("Invalid API response: recovery_session_id must be string",{field:"recovery_session_id",originalData:t}):s("Invalid API response: challenge must be object",{field:"challenge",originalData:t})}function mr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"status"),r=m(t,"session_token"),n=m(t,"user"),o=m(t,"credential_id");if(!d(e))return s("Invalid API response: status must be string",{field:"status",originalData:t});if(!d(r))return s("Invalid API response: session_token must be string",{field:"session_token",originalData:t});if(!d(o))return s("Invalid API response: credential_id must be string",{field:"credential_id",originalData:t});if(!h(n))return s("Invalid API response: user must be object",{field:"user",originalData:t});let i=m(n,"user_id");if(!d(i))return s("Invalid API response: user.user_id must be string",{field:"user.user_id",originalData:t});let u=t.redirect_url;if(u!==void 0&&!d(u))return s("Invalid API response: redirect_url must be string",{field:"redirect_url",originalData:t});let p=n;return c({status:e,session_token:r,credential_id:o,user:{user_id:i,external_user_id:d(p.external_user_id)?p.external_user_id:void 0,email:d(p.email)?p.email:void 0,metadata:h(p.metadata)?p.metadata:void 0},...u!==void 0&&{redirect_url:u}})}function gr(t){let e=We(t);return e.ok?c({session_id:e.value.session_id,challenge:e.value.challenge}):e}function Po(t,e){if(!h(t))return s("Invalid API response: user must be object",{field:"user",originalData:e});let r=m(t,"user_id");if(!d(r))return s("Invalid API response: user.user_id must be string",{originalData:e});let n=t.external_user_id;if(n!==void 0&&!d(n))return s("Invalid API response: user.external_user_id must be string",{originalData:e});let o=t.email;if(o!==void 0&&!d(o))return s("Invalid API response: user.email must be string",{originalData:e});let i=t.metadata;return i!==void 0&&(typeof i!="object"||i===null)?s("Invalid API response: user.metadata must be object",{originalData:e}):c({user_id:r,...n!==void 0&&{external_user_id:n},...o!==void 0&&{email:o},...i!==void 0&&{metadata:i}})}function fr(t){if(!h(t))return s("Invalid API response: expected object",{originalData:t});let e=m(t,"credential_id"),r=m(t,"status"),n=m(t,"session_token"),o=m(t,"user");if(!d(e))return s("Invalid API response: credential_id must be string",{field:"credential_id",originalData:t});if(!d(r))return s("Invalid API response: status must be string",{field:"status",originalData:t});if(!d(n))return s("Invalid API response: session_token must be string",{field:"session_token",originalData:t});let i=Po(o,t);return i.ok?c({credential_id:e,status:r,session_token:n,user:i.value}):i}var wo=["pending","pin_verified","pin_locked","completed"];function hr(t){if(!h(t))return s("Invalid bridge context response: expected object",{originalData:t});let e=m(t,"type");if(e!=="auth"&&e!=="registration")return s('Invalid bridge context response: type must be "auth" or "registration"',{field:"type",expected:"auth | registration",originalData:t});let r=m(t,"options");if(!h(r))return s("Invalid bridge context response: options must be object",{field:"options",originalData:t});let n=t.application_name;return n!==void 0&&!d(n)?s("Invalid bridge context response: application_name must be string",{field:"application_name",originalData:t}):c({type:e,options:r,...n!==void 0&&{application_name:n}})}function Er(t){if(!h(t))return s("Invalid bridge verify response: expected object",{originalData:t});let e=m(t,"session_id");if(!d(e)||e.trim()==="")return s("Invalid bridge verify response: session_id must be non-empty string (UUID expected)",{field:"session_id",originalData:t});let r=t.challenge;if(r!==void 0&&!d(r))return s("Invalid bridge verify response: challenge must be string when present",{field:"challenge",originalData:t});let n=t.registration_options;if(n!==void 0&&!h(n))return s("Invalid bridge verify response: registration_options must be object when present",{field:"registration_options",originalData:t});let o=t.authentication_options;return o!==void 0&&!h(o)?s("Invalid bridge verify response: authentication_options must be object when present",{field:"authentication_options",originalData:t}):c({session_id:e,...r!==void 0&&{challenge:r},...n!==void 0&&{registration_options:n},...o!==void 0&&{authentication_options:o}})}function br(t){if(!h(t))return s("Invalid bridge complete enrollment response: expected object",{originalData:t});let e=m(t,"credential_id"),r=m(t,"entity_id"),n=m(t,"user_id"),o=m(t,"session_token");return d(e)?d(r)?d(n)?d(o)?c({credential_id:e,entity_id:r,user_id:n,session_token:o}):s("Invalid bridge complete enrollment response: session_token must be string",{field:"session_token",originalData:t}):s("Invalid bridge complete enrollment response: user_id must be string",{field:"user_id",originalData:t}):s("Invalid bridge complete enrollment response: entity_id must be string",{field:"entity_id",originalData:t}):s("Invalid bridge complete enrollment response: credential_id must be string",{field:"credential_id",originalData:t})}function yr(t){if(!h(t))return s("Invalid bridge complete auth response: expected object",{originalData:t});let e=m(t,"session_token");return d(e)?c({session_token:e}):s("Invalid bridge complete auth response: session_token must be string",{field:"session_token",originalData:t})}function _r(t){if(!h(t))return s("Invalid bridge status response: expected object",{originalData:t});let e=m(t,"status");if(typeof e!="string"||!wo.includes(e))return s("Invalid bridge status response: status must be one of pending, pin_verified, pin_locked, completed",{field:"status",originalData:t});let r=t.ts;return r!==void 0&&!d(r)?s("Invalid bridge status response: ts must be string when present",{field:"ts",originalData:t}):c({status:e,...r!==void 0&&{ts:r}})}var Xe=class{constructor(e,r,n={}){this.httpClient=e;this.baseUrl=r;this.defaultHeaders=n}mergeHeaders(e){return{...this.defaultHeaders,...e}}async post(e,r,n,o){let i=`${this.baseUrl}${e}`,a=await this.httpClient.post(i,r,this.mergeHeaders(o));return a.ok?n(a.value):l(a.error)}async get(e,r,n){let o=`${this.baseUrl}${e}`,i=await this.httpClient.get(o,this.mergeHeaders(n));return i.ok?r(i.value):l(i.error)}async startRegister(e){return this.post("/v1/passkeys/register/start",e,Zt)}async startAuth(e){return this.post("/v1/passkeys/auth/start",e,er)}async finishRegister(e){return this.post("/v1/passkeys/register/finish",e,tr)}async finishAuthentication(e){return this.post("/v1/passkeys/auth/finish",e,rr)}async validateSession(e){return this.get("/v1/sessions/validate",nr,{Authorization:`Bearer ${e}`})}async startEmailFallback(e){let r=`${this.baseUrl}/v1/fallback/email/start`,n=await this.httpClient.post(r,{userId:e.userId,email:e.email},this.mergeHeaders());return n.ok?c(void 0):l(n.error)}async verifyEmailCode(e){let r={userId:e.userId,code:e.code};return e.successUrl&&(r.success_url=e.successUrl),this.post("/v1/fallback/email/verify",r,or)}async startOnboarding(e){return this.post("/v1/onboarding/start",e,ir)}async getOnboardingStatus(e){return this.get(`/v1/onboarding/${e}/status`,sr)}async getOnboardingRegister(e){return this.get(`/v1/onboarding/${e}/register`,ar)}async registerOnboardingPasskey(e,r){return this.post(`/v1/onboarding/${e}/register-passkey`,r,lr)}async completeOnboarding(e,r){return this.post(`/v1/onboarding/${e}/complete`,r,ur)}async initCrossDeviceAuth(){return this.post("/v1/auth/cross-device/init",{},ze)}async initCrossDeviceRegistration(e){let r=typeof e?.externalUserId=="string"?e.externalUserId.trim():"",n=r.length>0?{external_user_id:r}:{};return this.post("/v1/auth/cross-device/init-registration",n,ze)}async getCrossDeviceStatus(e,r){let n={};return typeof r=="string"&&r.length>0&&(n["X-Polling-Token"]=r),this.get(`/v1/auth/cross-device/status/${e}`,dr,Object.keys(n).length>0?n:void 0)}async getCrossDeviceContext(e){return this.get(`/v1/auth/cross-device/context/${e}`,cr)}async verifyCrossDeviceAuth(e){return this.post("/v1/auth/cross-device/verify",e,$e)}async verifyCrossDeviceRegistration(e){return this.post("/v1/auth/cross-device/verify-registration",e,$e)}async verifyAccountRecoveryOtp(e,r){return this.post("/v1/users/recovery/verify",{external_id:e,otp:r},pr)}async completeAccountRecovery(e,r){return this.post("/v1/users/recovery/complete",{recovery_session_id:e,credential:r},mr)}async startEnrollment(e,r,n){return this.post("/v1/enrollment/register/options",{ticket_id:e,context_hash:r},gr,n)}async finishEnrollment(e,r,n){return this.post("/v1/enrollment/register",{...r,ticket_id:e},fr,n)}bridgePrefix(e){return e==="enrollment"?mn:gn}async getBridgeContext(e,r,n){return this.get(`${this.bridgePrefix(r)}/context/${e}`,hr,n)}async verifyBridgePin(e,r,n,o){return this.post(`${this.bridgePrefix(n)}/verify/${e}`,{pin:r},Er,o)}async completeBridgeEnrollment(e,r){return this.post(`${this.bridgePrefix("enrollment")}/complete`,e,br,r)}async completeBridgeAuth(e,r){return this.post(`${this.bridgePrefix("auth")}/complete`,e,yr,r)}getBridgeStatusUrl(e,r){return`${this.baseUrl}${this.bridgePrefix(r)}/status/${e}`}async getBridgeStatus(e,r,n){return this.get(`${this.bridgePrefix(r)}/status/${e}`,_r,n)}};function Uo(t){return typeof t=="object"&&t!==null&&t.ok===!0&&"resultado"in t}function _n(t){if(typeof t!="object"||t===null)return!1;let e=t;if(e.ok!==!1||!e.error||typeof e.error!="object")return!1;let r=e.error;return typeof r.code=="string"&&typeof r.message=="string"}function bn(t,e){if(_n(t))return{message:t.error.message,code:Q(t.error.code)};let r=t,n=r?.error;if(typeof n=="object"&&n!==null&&"code"in n&&typeof n.code=="string")return{message:n.message??r?.message??e,code:Q(n.code)};let o=r?.message??e,i=r?.error,a=typeof i=="string"?Q(i):i===void 0?"NETWORK_FAILURE":Q(String(i));return{message:o,code:a}}function Bo(){if(typeof globalThis.crypto<"u"&&typeof globalThis.crypto.randomUUID=="function")return globalThis.crypto.randomUUID();throw new Error("Web Crypto API is required but not available.")}function yn(t,e){let r=e*Math.pow(2,t);return Math.min(r,3e4)}function Fo(t,e){return t!=="GET"?!1:e>=500||e===429}var Qe=class{constructor(e,r=0,n=1e3,o){this.timeoutMs=e;this.maxRetries=r;this.retryDelayMs=n;this.logger=o}async get(e,r){return this.request(e,{method:"GET",headers:r})}async post(e,r,n){return this.request(e,{method:"POST",body:JSON.stringify(r),headers:{"Content-Type":"application/json",...n}})}async request(e,r){let n=(r.method??"GET").toUpperCase(),o=Bo(),i=new Headers(r.headers);i.set("X-Request-Id",o),this.logger&&this.logger.debug("request",{requestId:o,url:e,method:n});let a;for(let u=0;u<=this.maxRetries;u++)try{let p=new AbortController,g=setTimeout(()=>p.abort(),this.timeoutMs);try{let f=await fetch(e,{...r,headers:i,signal:p.signal});if(!f.ok){let T;try{T=await f.json()}catch{}let{message:v,code:L}=bn(T,f.statusText),C=E(L,v,{requestId:o,status:f.status,statusText:f.statusText,data:T});if(Fo(n,f.status)&&u<this.maxRetries){a=C,clearTimeout(g),await new Promise(Rt=>setTimeout(Rt,yn(u,this.retryDelayMs)));continue}return l(C)}if(f.status===204)return c(void 0);if(f.headers.get("content-length")==="0")return c(void 0);let b=await f.json();if(Uo(b))return c(b.resultado);let A=b;if(typeof b=="object"&&b!==null&&A.ok===!0&&!("resultado"in A))return c(void 0);if(_n(b)){let{message:T,code:v}=bn(b,f.statusText);return l(E(v,T,{requestId:o,status:f.status,statusText:f.statusText,data:b}))}return c(b)}finally{clearTimeout(g)}}catch(p){if(a=p,n==="GET"&&u<this.maxRetries)await new Promise(f=>setTimeout(f,yn(u,this.retryDelayMs)));else break}return a instanceof Error&&a.name==="AbortError"?l(E("TIMEOUT","Request timed out",{requestId:o})):l(E("NETWORK_FAILURE",a instanceof Error?a.message:"Request failed",{requestId:o,cause:a}))}};function U(t){let e=new Uint8Array(t),r=Array.from(e,o=>String.fromCharCode(o)).join("");if(typeof globalThis.btoa>"u")throw Xt("encode");return globalThis.btoa(r).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function Ko(t){if(typeof globalThis.atob>"u")throw Xt("decode");let e=t.replace(/-/g,"+").replace(/_/g,"/"),r=e.length%4,n=r===0?e:e+"=".repeat(4-r),o=globalThis.atob(n);return Uint8Array.from(o,i=>i.charCodeAt(0))}function re(t){let e=Ko(t),r=new ArrayBuffer(e.length);return new Uint8Array(r).set(e),r}function Rn(t){return t!==null&&typeof t=="object"&&"clientDataJSON"in t&&t.clientDataJSON instanceof ArrayBuffer}function x(t){if(!t.response)throw E("UNKNOWN_ERROR","Credential response is missing",{credential:t});let e=t.response;if(!Rn(e))throw E("UNKNOWN_ERROR","Invalid credential response structure",{response:e});if(!("attestationObject"in e))throw E("UNKNOWN_ERROR","Invalid credential response structure for register: attestationObject is missing",{response:e});let r=e.clientDataJSON,n=e.attestationObject;return{id:t.id,rawId:U(t.rawId),response:{clientDataJSON:U(r),attestationObject:U(n)},type:"public-key"}}function ne(t){if(!t.response)throw E("UNKNOWN_ERROR","Credential response is missing",{credential:t});let e=t.response;if(!Rn(e))throw E("UNKNOWN_ERROR","Invalid credential response structure",{response:e});if(!("authenticatorData"in e)||!("signature"in e))throw E("UNKNOWN_ERROR","Invalid credential response structure for auth: authenticatorData or signature is missing",{response:e});let r=e.clientDataJSON,n=e.authenticatorData,o=e.signature,i=e.userHandle;return{id:t.id,rawId:U(t.rawId),response:{authenticatorData:U(n),clientDataJSON:U(r),signature:U(o),...i&&{userHandle:U(i)}},type:"public-key"}}function O(t,e="create"){if(!t||typeof t!="object"||!("id"in t)||!("rawId"in t)||!("response"in t))throw hn(e)}function oe(){try{return!(typeof navigator>"u"||!navigator.credentials||typeof PublicKeyCredential>"u")}catch{return!1}}async function Vo(){try{return!oe()||typeof PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable!="function"?!1:await PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()}catch{return!1}}async function Je(){let t=oe(),e=await Vo();return{isPasskeySupported:t,platformAuthenticatorAvailable:e,recommendedFlow:t?"passkey":"fallback"}}async function Te(t){let{operation:e,eventEmitter:r,start:n,createOptions:o,invoke:i,finish:a}=t;try{if(r.emit("start",{type:"start",operation:e}),!oe()){let y=fn();return r.emit("error",{type:"error",error:y}),l(y)}let u=await n();if(!u.ok)return r.emit("error",{type:"error",error:u.error}),l(u.error);let p=o(u.value);if(!p.ok)return r.emit("error",{type:"error",error:p.error}),l(p.error);let g=await i(p.value);if(!g){let y=R("credential",`${e==="register"?"creation":"retrieval"} failed`);return r.emit("error",{type:"error",error:y}),l(y)}try{O(g)}catch(y){let b=_(y);return r.emit("error",{type:"error",error:b}),l(b)}let f=await a(u.value,g);return f.ok?c(f.value):(r.emit("error",{type:"error",error:f.error}),l(f.error))}catch(u){let p=_(u);return r.emit("error",{type:"error",error:p}),l(p)}}function P(t,e){try{je(t.challenge,"challenge"),je(t.user.id,"user.id");let r=re(t.challenge),n=re(t.user.id),o={userVerification:"preferred"};t.authenticatorSelection&&(o={...t.authenticatorSelection}),e&&(o={...o,authenticatorAttachment:e});let i={rp:{id:t.rp.id,name:t.rp.name},user:{id:n,name:t.user.name,displayName:t.user.displayName},challenge:r,pubKeyCredParams:t.pubKeyCredParams,...t.timeout!==void 0&&{timeout:t.timeout},attestation:"none",authenticatorSelection:o,...t.excludeCredentials&&{excludeCredentials:t.excludeCredentials.map(a=>({id:re(a.id),type:a.type,...a.transports&&{transports:a.transports}}))}};return c({publicKey:i})}catch(r){return l(_(r))}}async function An(t,e){let r=P(t);if(!r.ok)return l(r.error);let n={...r.value,...e!==void 0&&{signal:e}},o;try{o=await navigator.credentials.create(n)}catch(i){return l(_(i))}try{O(o,"create")}catch(i){return l(_(i))}try{return c(x(o))}catch(i){return l(_(i))}}function Ce(t,e){try{je(t.challenge,"challenge");let r=re(t.challenge);return c({publicKey:{challenge:r,rpId:t.rpId,...t.timeout!==void 0&&{timeout:t.timeout},userVerification:t.userVerification??"preferred",...t.allowCredentials&&{allowCredentials:t.allowCredentials.map(n=>({id:re(n.id),type:n.type,...n.transports&&{transports:n.transports}}))}},...e!==void 0&&{mediation:e}})}catch(r){return l(_(r))}}async function vn(t,e,r){let n=t.externalUserId??t.external_user_id;if(!n||typeof n!="string"||n.trim()===""){let i=R("externalUserId","must be a non-empty string");return r.emit("error",{type:"error",error:i}),l(i)}let o=await Te({operation:"register",eventEmitter:r,start:()=>e.startRegister({external_user_id:n}),createOptions:i=>P(i.challenge,t.authenticatorType),invoke:async i=>{let a={...i,...t.signal&&{signal:t.signal}};return navigator.credentials.create(a)},finish:async(i,a)=>{let u=await e.finishRegister({session_id:i.session_id,credential:x(a),...t.successUrl&&{success_url:t.successUrl}});return u.ok?c({success:!0,credentialId:u.value.credential_id,credential_id:u.value.credential_id,status:u.value.status,sessionToken:u.value.session_token,user:{userId:u.value.user.user_id,externalUserId:u.value.user.external_user_id,email:u.value.user.email,metadata:u.value.user.metadata},...u.value.redirect_url&&{redirectUrl:u.value.redirect_url}}):l(u.error)}});return o.ok&&r.emit("success",{type:"success",operation:"register",token:o.value.sessionToken,user:o.value.user}),o}async function Sn(t,e,r){let n=t.externalUserId??t.external_user_id,o=n!==void 0&&typeof n=="string"&&n.trim()!=="",i=await Te({operation:"authenticate",eventEmitter:r,start:()=>e.startAuth(o?{external_user_id:n.trim()}:{}),createOptions:a=>Ce(a.challenge,t.mediation),invoke:async a=>{let u={...a,...t.signal&&{signal:t.signal}};return navigator.credentials.get(u)},finish:async(a,u)=>{let p=await e.finishAuthentication({session_id:a.session_id,credential:ne(u),...t.successUrl&&{success_url:t.successUrl}});return p.ok?c({authenticated:p.value.authenticated,sessionToken:p.value.session_token,user:{userId:p.value.user.user_id,externalUserId:p.value.user.external_user_id,email:p.value.user.email,metadata:p.value.user.metadata},signals:p.value.signals,...p.value.redirect_url&&{redirectUrl:p.value.redirect_url}}):l(p.error)}});return i.ok&&r.emit("success",{type:"success",operation:"authenticate",token:i.value.sessionToken,user:i.value.user}),i}async function Ze(t,e){return e?e.aborted?"aborted":new Promise(r=>{let n=()=>{o(),r("aborted")},o=()=>{clearTimeout(i),e.removeEventListener("abort",n)},i=setTimeout(()=>{o(),r("completed")},t);e.addEventListener("abort",n)}):(await new Promise(r=>setTimeout(r,t)),"completed")}var Ho=2e3,qo=60,et=class{constructor(e){this.apiClient=e}async startFlow(e,r){let n=await this.apiClient.startOnboarding({user_role:e.user_role});if(!n.ok)return l(n.error);let{session_id:o}=n.value;for(let i=0;i<qo;i++){if(r?.aborted)return l(E("ABORT_ERROR","Operation aborted by user or timeout"));if(await Ze(Ho,r)==="aborted")return l(E("ABORT_ERROR","Operation aborted by user or timeout"));let u=await this.apiClient.getOnboardingStatus(o);if(!u.ok)return l(u.error);let p=u.value.status,g=u.value.onboarding_url;if(p==="pending_passkey"){let f=await this.apiClient.getOnboardingRegister(o);if(!f.ok)return l(f.error);let y=f.value;if(!y.challenge)return l(E("NOT_SUPPORTED","Onboarding requires user action - complete passkey registration at the provided onboarding_url",{onboarding_url:g}));let b=P(y.challenge);if(!b.ok)return l(b.error);let A;try{A=await navigator.credentials.create(b.value)}catch(C){return l(_(C))}try{O(A,"create")}catch(C){return l(_(C))}let T;try{T=x(A)}catch(C){return l(_(C))}let v=await this.apiClient.registerOnboardingPasskey(o,{credential:T,challenge:y.challenge.challenge});return v.ok?await this.apiClient.completeOnboarding(o,{company_name:e.company_name}):l(v.error)}if(p==="completed")return await this.apiClient.completeOnboarding(o,{company_name:e.company_name})}return l(E("TIMEOUT","Onboarding timed out"))}};var Tn="trymellon_context_hash";var Go=/^[a-f0-9]{64}$/;function jo(t){return typeof t=="string"&&Go.test(t)}function Yo(){let t=new Uint8Array(32);if(typeof crypto<"u"&&crypto.getRandomValues)crypto.getRandomValues(t);else throw new Error("crypto.getRandomValues is not available");return Array.from(t).map(r=>r.toString(16).padStart(2,"0")).join("")}function Wo(){let t=null;return{getItem(){return t},setItem(e,r){t=r}}}var Cn=Wo();function In(t){let e=t.getItem(Tn);if(e&&jo(e))return e;let r=Yo();return t.setItem(Tn,r),r}function ie(t){let e=t??Cn;try{return In(e)}catch{return In(Cn)}}var tt=class{constructor(e,r){this.apiClient=e;this.storage=r}async enroll(e){if(e.signal?.aborted)return l(E("ABORT_ERROR","Operation aborted by user or timeout"));let r=this.storage??(typeof sessionStorage<"u"?sessionStorage:void 0),n=ie(r),o=await this.apiClient.startEnrollment(e.ticketId,n);if(!o.ok)return l(o.error);let i=await An(o.value.challenge,e.signal);if(!i.ok)return l(i.error);let a=await this.apiClient.finishEnrollment(e.ticketId,{credential:i.value,context_hash:n});return a.ok?c({sessionToken:a.value.session_token}):l(a.error)}};var $o=2e3,zo=60,rt=class{constructor(e){this.apiClient=e}async init(){return this.apiClient.initCrossDeviceAuth()}async initRegistration(e){return this.apiClient.initCrossDeviceRegistration(e)}async waitForSession(e,r,n){if(r?.aborted)return l(E("ABORT_ERROR","Operation aborted by user or timeout"));for(let o=0;o<zo;o++){let i=await this.apiClient.getCrossDeviceStatus(e,n);if(!i.ok)return l(i.error);if(i.value.status==="completed"){if(!i.value.session_token||!i.value.user_id)return l(E("UNKNOWN_ERROR","Missing data in completed session"));let u=i.value.redirect_url!=null&&i.value.redirect_url!==""?i.value.redirect_url:void 0;return c({session_token:i.value.session_token,user_id:i.value.user_id,...u!==void 0&&{redirectUrl:u}})}if(await Ze($o,r)==="aborted")return l(E("ABORT_ERROR","Operation aborted by user or timeout"))}return l(E("TIMEOUT","Cross-device authentication timed out"))}async approve(e){let r=await this.apiClient.getCrossDeviceContext(e);if(!r.ok)return l(r.error);let n=r.value;return n.type==="registration"?this.executeRegistrationApproval(e,n):this.executeAuthApproval(e,n)}async executeRegistrationApproval(e,r){let n=P(r.options);if(!n.ok)return l(n.error);let o;try{o=await navigator.credentials.create(n.value)}catch(a){return l(_(a))}try{O(o,"create")}catch(a){return l(_(a))}let i;try{i=x(o)}catch(a){return l(_(a))}return this.apiClient.verifyCrossDeviceRegistration({session_id:e,credential:i})}async executeAuthApproval(e,r){let n=Ce(r.options);if(!n.ok)return l(n.error);let o;try{o=await navigator.credentials.get(n.value)}catch(a){return l(_(a))}try{O(o,"get")}catch(a){return l(_(a))}let i;try{i=ne(o)}catch(a){return l(_(a))}return this.apiClient.verifyCrossDeviceAuth({session_id:e,credential:i})}};var Xo=new Set(["pin_verified","pin_locked","completed"]),Qo=1500,Jo=3e5;function Ln(t){return Xo.has(t)}function nt(t){return t==null||typeof t!="string"||t.trim()===""?l(R("sessionId","must be a non-empty string")):c(t.trim())}function Zo(t){return{sessionToken:t.session_token,credentialId:t.credential_id,userId:t.user_id,entityId:t.entity_id}}function ei(t){return{sessionToken:t.session_token}}async function ti(t,e,r,n){let i=(n.presencePin!=null&&n.presencePin!==""?n.presencePin:null)??(typeof n.onPinRequired=="function"?await n.onPinRequired():null);return i==null||i===""?l(E("INVALID_ARGUMENT","Bridge requires PIN: provide presencePin or onPinRequired in options")):t.verifyBridgePin(e,i,r)}var ot=class{constructor(e,r){this.apiClient=e;this.storage=r}async waitForResult(e,r){let n=nt(e);if(!n.ok)return l(n.error);let o=r?.kind??"enrollment",i=r?.useSse!==!1,a=r?.timeoutMs??Jo,u=async p=>{for(;;){let g=await this.apiClient.getBridgeStatus(n.value,o);if(!g.ok)return l(g.error);if(Ln(g.value.status))return c(g.value);if(Date.now()-p>=a)return l(E("TIMEOUT","Bridge status wait timed out"));await new Promise(f=>setTimeout(f,Qo))}};return i&&typeof EventSource<"u"?new Promise(p=>{let g=this.apiClient.getBridgeStatusUrl(n.value,o),f=!1,y=A=>{if(!f){f=!0;try{b.close()}catch{}p(A)}},b;try{b=new EventSource(g)}catch{u(Date.now()).then(y);return}b.onmessage=A=>{try{let T=typeof A.data=="string"?A.data:String(A.data),v=JSON.parse(T);if(v!==null&&typeof v=="object"&&"status"in v&&typeof v.status=="string"){let L=v.status;if(Ln(L)){let C=v.ts;y(c({status:L,...typeof C=="string"&&{ts:C}}))}}}catch{}},b.onerror=()=>{if(!f){try{b.close()}catch{}u(Date.now()).then(y)}}}):u(Date.now())}async getContext(e,r){let n=nt(e);return n.ok?this.apiClient.getBridgeContext(n.value,r):l(n.error)}async verifyPin(e,r,n){let o=nt(e);return o.ok?r==null||typeof r!="string"||r===""?l(R("pin","must be a non-empty string")):this.apiClient.verifyBridgePin(o.value,r,n):l(o.error)}async complete(e,r){let n=nt(e);if(!n.ok)return l(n.error);let o=r?.kind??"enrollment",i=await this.apiClient.getBridgeContext(n.value,o);if(!i.ok)return l(i.error);let a=i.value,u=await ti(this.apiClient,n.value,o,r??{kind:o});if(!u.ok)return l(u.error);let p=u.value;if(r?.signal?.aborted)return l(E("ABORT_ERROR","Operation aborted by user or timeout"));let g=a.type==="registration"?"enrollment":"auth";if(o!==g)return l(E("INVALID_ARGUMENT",`Bridge context type "${a.type}" does not match kind "${o}"`));if(a.type==="registration"){if(!r?.ticketId?.trim()||!r?.entityId?.trim())return l(R("ticketId/entityId","required for enrollment bridge complete"));let L=p.registration_options;if(!L||typeof L!="object")return l(E("UNKNOWN_ERROR","Bridge verify response missing registration_options"));let C=P(L);if(!C.ok)return l(C.error);let Rt={...C.value,...r.signal!==void 0&&{signal:r.signal}},At;try{At=await navigator.credentials.create(Rt)}catch(St){return l(_(St))}try{O(At,"create")}catch(St){return l(_(St))}let Oe=x(At),no=this.storage??(typeof sessionStorage<"u"?sessionStorage:void 0),oo=ie(no),vt=await this.apiClient.completeBridgeEnrollment({session_id:n.value,ticket_id:r.ticketId,entity_id:r.entityId,context_hash:oo,registration_response:{id:Oe.id,rawId:Oe.rawId,response:Oe.response,type:Oe.type}});return vt.ok?c(Zo(vt.value)):l(vt.error)}let f=p.authentication_options;if(!f||typeof f!="object")return l(E("UNKNOWN_ERROR","Bridge verify response missing authentication_options"));let y=Ce(f);if(!y.ok)return l(y.error);let b={...y.value,...r?.signal!==void 0&&{signal:r.signal}},A;try{A=await navigator.credentials.get(b)}catch(L){return l(_(L))}try{O(A,"get")}catch(L){return l(_(L))}let T=ne(A),v=await this.apiClient.completeBridgeAuth({session_id:n.value,credential:{id:T.id,rawId:T.rawId,response:T.response,type:T.type}});return v.ok?c(ei(v.value)):l(v.error)}};var it=class{handlers;constructor(){this.handlers=new Map}on(e,r){let n=this.handlers.get(e);return n||(n=new Set,this.handlers.set(e,n)),n.add(r),()=>{this.off(e,r)}}off(e,r){let n=this.handlers.get(e);n&&(n.delete(r),n.size===0&&this.handlers.delete(e))}emit(e,r){let n=this.handlers.get(e);if(n)for(let o of n)try{o(r)}catch{}}removeAllListeners(){this.handlers.clear()}};function Mn(t){return{async send(e){let r=JSON.stringify(e);if(typeof navigator<"u"&&typeof navigator.sendBeacon=="function"){navigator.sendBeacon(t,r);return}typeof fetch<"u"&&await fetch(t,{method:"POST",body:r,headers:{"Content-Type":"application/json"},keepalive:!0})}}}function Rr(t,e){return{event:t,latencyMs:e,ok:!0}}var st=class{constructor(e,r,n,o,i){this.apiClient=e;this.eventEmitter=r;this.sandbox=n;this.sandboxToken=o;this.telemetrySender=i}async sandboxAuthResult(e,r){let n="externalUserId"in r?r.externalUserId??r.external_user_id??"sandbox":r.external_user_id??r.externalUserId??"sandbox",o=typeof n=="string"?n:"sandbox";return e==="register"?Promise.resolve(c({success:!0,credentialId:"",status:"sandbox",sessionToken:this.sandboxToken,user:{userId:"sandbox-user",externalUserId:o}})):Promise.resolve(c({authenticated:!0,sessionToken:this.sandboxToken,user:{userId:"sandbox-user",externalUserId:o}}))}async register(e){if(this.sandbox){let o=await this.sandboxAuthResult("register",e);return o.ok&&this.eventEmitter.emit("success",{type:"success",operation:"register",token:o.value.sessionToken,user:o.value.user}),o}let r=Date.now(),n=await vn(e,this.apiClient,this.eventEmitter);return n.ok&&this.telemetrySender&&this.telemetrySender.send(Rr("register",Date.now()-r)).catch(()=>{}),n}async authenticate(e){if(this.sandbox){let o=await this.sandboxAuthResult("authenticate",e);return o.ok&&this.eventEmitter.emit("success",{type:"success",operation:"authenticate",token:o.value.sessionToken,user:o.value.user}),o}let r=Date.now(),n=await Sn(e,this.apiClient,this.eventEmitter);return n.ok&&this.telemetrySender&&this.telemetrySender.send(Rr("authenticate",Date.now()-r)).catch(()=>{}),n}};async function On(t,e,r){let n=t.externalUserId??t.external_user_id;if(!n||typeof n!="string"||n.trim()===""){let i=R("externalUserId","must be a non-empty string");return r.emit("error",{type:"error",error:i}),l(i)}if(!t.otp||typeof t.otp!="string"||t.otp.trim().length!==6){let i=R("otp","must be a 6-digit string");return r.emit("error",{type:"error",error:i}),l(i)}let o=await Te({operation:"register",eventEmitter:r,start:()=>e.verifyAccountRecoveryOtp(n,t.otp),createOptions:i=>P(i.challenge),invoke:async i=>navigator.credentials.create(i),finish:async(i,a)=>{let u=await e.completeAccountRecovery(i.recovery_session_id,x(a));if(!u.ok)return l(u.error);let{credential_id:p,status:g,session_token:f,user:y,redirect_url:b}=u.value;return c({success:!0,credentialId:p,status:g,sessionToken:f,user:{userId:y.user_id,externalUserId:y.external_user_id,email:y.email,metadata:y.metadata},...b!==void 0&&{redirectUrl:b}})}});return o.ok&&r.emit("success",{type:"success",operation:"register",token:o.value.sessionToken,user:o.value.user}),o}var at=class{constructor(e,r){this.apiClient=e;this.eventEmitter=r}recover(e){return On(e,this.apiClient,this.eventEmitter)}};var lt=class t{sandbox;sandboxToken;apiClient;eventEmitter;telemetrySender;crossDeviceManager;authService;recoveryService;onboarding;enrollmentManager;bridgeManager;contextHashStorage;static create(e){try{let r=e.appId,n=e.publishableKey;if(!r||typeof r!="string"||r.trim()==="")return l(R("appId","must be a non-empty string"));if(!n||typeof n!="string"||n.trim()==="")return l(R("publishableKey","must be a non-empty string"));let o=e.apiBaseUrl??$t;Qt(o,"apiBaseUrl");let i=e.timeoutMs??3e4;return X(i,"timeoutMs",1e3,3e5),e.maxRetries!==void 0&&X(e.maxRetries,"maxRetries",0,10),e.retryDelayMs!==void 0&&X(e.retryDelayMs,"retryDelayMs",100,1e4),c(new t(e))}catch(r){return zt(r)?l(r):l(R("config",r.message))}}constructor(e){this.sandbox=e.sandbox===!0,this.sandboxToken=this.sandbox&&e.sandboxToken!=null&&e.sandboxToken!==""?e.sandboxToken:pn;let r=e.appId,n=e.publishableKey;if(!r||typeof r!="string"||r.trim()==="")throw R("appId","must be a non-empty string");if(!n||typeof n!="string"||n.trim()==="")throw R("publishableKey","must be a non-empty string");let o=e.apiBaseUrl??$t;Qt(o,"apiBaseUrl");let i=e.timeoutMs??3e4;X(i,"timeoutMs",1e3,3e5),e.maxRetries!==void 0&&X(e.maxRetries,"maxRetries",0,10),e.retryDelayMs!==void 0&&X(e.retryDelayMs,"retryDelayMs",100,1e4);let a=e.maxRetries??3,u=e.retryDelayMs??1e3,p=new Qe(i,a,u,e.logger),g=e.origin??(typeof window<"u"&&window?.location?.origin?window.location.origin:void 0),f={"X-App-Id":r.trim(),Authorization:`Bearer ${n.trim()}`,...g&&{Origin:g}};this.apiClient=new Xe(p,o,f),this.eventEmitter=new it,e.enableTelemetry&&(this.telemetrySender=e.telemetrySender??Mn(e.telemetryEndpoint??cn)),this.authService=new st(this.apiClient,this.eventEmitter,this.sandbox,this.sandboxToken,this.telemetrySender),this.recoveryService=new at(this.apiClient,this.eventEmitter),this.contextHashStorage=e.contextHashStorage,this.onboarding=new et(this.apiClient),this.enrollmentManager=new tt(this.apiClient,this.contextHashStorage),this.crossDeviceManager=new rt(this.apiClient),this.bridgeManager=new ot(this.apiClient,this.contextHashStorage)}get bridge(){return{getContext:(e,r)=>this.bridgeManager.getContext(e,r),verifyPin:(e,r,n)=>this.bridgeManager.verifyPin(e,r,n),complete:(e,r)=>this.bridgeManager.complete(e,r),waitForResult:(e,r)=>this.bridgeManager.waitForResult(e,r)}}static isSupported(){return oe()}async register(e){return this.authService.register(e)}async authenticate(e){return this.authService.authenticate(e)}async enroll(e){this.eventEmitter.emit("start",{type:"start",operation:"enroll"});let r=await this.enrollmentManager.enroll(e);return r.ok?this.eventEmitter.emit("success",{type:"success",operation:"enroll",token:r.value.sessionToken}):this.eventEmitter.emit("error",{type:"error",operation:"enroll",error:r.error}),r}getContextHash(){let e=this.contextHashStorage??(typeof sessionStorage<"u"?sessionStorage:void 0);return ie(e)}async validateSession(e){return this.sandbox&&e===this.sandboxToken?Promise.resolve(c({valid:!0,user_id:"sandbox-user",external_user_id:"sandbox",tenant_id:"sandbox-tenant",app_id:"sandbox-app"})):this.apiClient.validateSession(e)}async getStatus(){return Je()}on(e,r){return this.eventEmitter.on(e,r)}version(){return"2.3.0"}fallback={email:{start:async e=>this.apiClient.startEmailFallback(e),verify:async e=>{let r=await this.apiClient.verifyEmailCode({userId:e.userId,code:e.code,...e.successUrl&&{successUrl:e.successUrl}});return r.ok?c({sessionToken:r.value.sessionToken,...r.value.redirectUrl&&{redirectUrl:r.value.redirectUrl}}):r}}};auth={crossDevice:{init:()=>this.crossDeviceManager.init(),initRegistration:e=>this.crossDeviceManager.initRegistration(e??{}),waitForSession:(e,r,n)=>this.crossDeviceManager.waitForSession(e,r,n),getContext:e=>this.apiClient.getCrossDeviceContext(e),approve:e=>this.crossDeviceManager.approve(e)},recoverAccount:e=>this.recoveryService.recover(e)}};function Ar(t){let e=lt.create({appId:t.appId,publishableKey:t.publishableKey});return!e.ok||e.value==null?null:e.value}function Bn(t){if(t==null||typeof t!="object")return!1;let e=t,r=typeof e.authenticate=="function",n=typeof e.register=="function",o=typeof e.on=="function",i=typeof e.enroll=="function",a=typeof e.getContextHash=="function";return r&&n&&o&&i&&a}function Fn(t){return t?{externalUserId:t}:{}}var ut="mellon:open",Ie="mellon:open-request",H="mellon:close",q="mellon:success",dt="mellon:error",ct="mellon:start",Le="mellon:cancelled",pt="mellon:fallback",mt="mellon:tab-change",vr="mellon:context-ready";function gt(t,e,r,n){t.dispatchEvent(new CustomEvent(e,{detail:r,bubbles:n.bubbles,composed:n.composed}))}function ft(t){return t==="authenticate"?"login":t==="enroll"?"enroll":"register"}function oi(t){if(t==null||typeof t!="object")return;let e=t,r=e.userId;if(typeof r!="string"||r.length===0)return;let n={userId:r};return typeof e.externalUserId=="string"&&(n.externalUserId=e.externalUserId),typeof e.email=="string"&&(n.email=e.email),e.metadata!=null&&typeof e.metadata=="object"&&!Array.isArray(e.metadata)&&(n.metadata=e.metadata),n}function ii(t){return t!=null&&typeof t=="object"&&t.type==="start"&&(t.operation==="register"||t.operation==="authenticate"||t.operation==="enroll")}function si(t){let e=t;return t!=null&&typeof t=="object"&&e.type==="success"&&typeof e.token=="string"&&(e.operation==="register"||e.operation==="authenticate"||e.operation==="enroll")}function ai(t){return t!=null&&typeof t=="object"&&t.type==="error"}function li(t){return t!=null&&typeof t=="object"&&t.type==="cancelled"&&(t.operation==="register"||t.operation==="authenticate"||t.operation==="enroll")}var Sr={subscribe(t,e){if(t==null||e==null)throw new TypeError("eventBridgeAdapter.subscribe: core and host are required");let r=[],n="authenticate",o=!1,i=t.on("start",g=>{if(!ii(g))return;n=g.operation,o=!1;let f={operation:ft(g.operation),...typeof g.nonce=="string"&&{nonce:g.nonce}};gt(e,ct,f,{bubbles:!0,composed:!0})});r.push(i);let a=t.on("success",g=>{if(!si(g)||o||g.token.length===0)return;o=!0;let f=oi(g.user),y={operation:ft(g.operation),token:g.token,...typeof g.nonce=="string"&&{nonce:g.nonce},...f!==void 0&&{user:f},...typeof g.redirectUrl=="string"&&{redirectUrl:g.redirectUrl}};gt(e,q,y,{bubbles:!1,composed:!0})});r.push(a);let u=t.on("error",g=>{if(!ai(g)||o)return;let f=g.error?.code??"UNKNOWN_ERROR",y=Q(typeof f=="string"?f:String(f)),b={operation:ft(g.operation??n),code:y,message:typeof g.error?.message=="string"?g.error.message:"Unknown error",...typeof g.nonce=="string"&&{nonce:g.nonce}};gt(e,dt,b,{bubbles:!0,composed:!0})});r.push(u);let p=t.on("cancelled",g=>{if(!li(g))return;let f={operation:ft(g.operation),...typeof g.nonce=="string"&&{nonce:g.nonce}};gt(e,Le,f,{bubbles:!0,composed:!0})});return r.push(p),function(){for(let f of r)f()}}};function Kn(t){return{isPasskeySupported:t.isPasskeySupported,platformAuthenticatorAvailable:t.platformAuthenticatorAvailable,recommendedFlow:t.recommendedFlow}}function ui(){return{getClientStatus:async()=>{let t=await Je();return Kn(t)}}}function Vn(t){let e=t;if(typeof e.getStatus!="function")return ui();let r=e.getStatus;return{getClientStatus:async()=>{let n=await r();return Kn(n)}}}function Hn(t){return new CustomEvent(ut,{detail:t,bubbles:!0,composed:!0})}function qn(t){return new CustomEvent(H,{detail:t,bubbles:!0,composed:!0})}function Gn(t){return new CustomEvent(Le,{detail:t,bubbles:!0,composed:!0})}function jn(t){return new CustomEvent(pt,{detail:t,bubbles:!0,composed:!0})}function Yn(t){return new CustomEvent(mt,{detail:t,bubbles:!0,composed:!0})}function Wn(t){return new CustomEvent(vr,{detail:t,bubbles:!1,composed:!0})}var ht=class{_currentState=k;_lastRenderedState=null;_renderDirty=!0;_pendingOperation="authenticate";_currentNonce=void 0;_envEvalRequestId=0;get currentState(){return this._currentState}setState(e){this._currentState=e,this._renderDirty=!0}invalidateRender(){this._renderDirty=!0}consumeRenderDecision(){return!this._renderDirty&&this._currentState===this._lastRenderedState?!1:(this._lastRenderedState=this._currentState,this._renderDirty=!1,!0)}setPendingOperationFromTab(e){this._pendingOperation=e==="login"?"authenticate":"register"}get pendingOperation(){return this._pendingOperation}setNonce(e){this._currentNonce=e}consumeCancelledDetailIfAuthenticating(){if(this._currentState!=="AUTHENTICATING")return null;let e={operation:this._pendingOperation==="authenticate"?"login":this._pendingOperation,...this._currentNonce!==void 0&&{nonce:this._currentNonce}};return this._currentNonce=void 0,e}handleAuthSuccess(){let e=I.handleAuthOutcome(this._currentState,"success");e!==null&&this.setState(e)}handleAuthError(){let e=I.handleAuthOutcome(this._currentState,"error");e!==null&&this.setState(e)}handleEnrollSuccess(){let e=I.handleEnrollOutcome(this._currentState,"success");e!==null&&this.setState(e)}handleEnrollError(){let e=I.handleEnrollOutcome(this._currentState,"error");e!==null&&this.setState(e)}onStartEvent(e){e?.nonce!==void 0&&(this._currentNonce=e.nonce)}startAuthFromClick(e,r,n){if(!e||!Pr(this._currentState))return;this.setPendingOperationFromTab(r);let o=I.startAuth(this._currentState,r,e,n);this.setState(o)}startEnrollment(e,r){if(!e)return;let n=I.startEnrollment(this._currentState,e,r);this.setState(n)}async runEnvEval(e){let r=++this._envEvalRequestId;this.setState(I.envEvalStart(this._currentState));let n=await I.evaluateEnv({...e,currentState:this._currentState});return r!==this._envEvalRequestId?null:n}reset(){this._currentState=I.reset(this._currentState),this._lastRenderedState=null,this._renderDirty=!0,this._currentNonce=void 0}setStateForRender(e){this._currentState=e,this._renderDirty=!0}};var se=class extends HTMLElement{_controller=new ht;_unsubscribeBridge=null;_core=null;_lastCoreConfig=null;setState(e){this._controller.setState(e),this.scheduleRenderIfNeeded()}invalidateRender(){this._controller.invalidateRender(),this.scheduleRenderIfNeeded()}scheduleRenderIfNeeded(){this.shadowRoot&&this._controller.consumeRenderDecision()&&this._render()}_emitCancelledIfAuthenticating(){let e=this._controller.consumeCancelledDetailIfAuthenticating();return e?(this.dispatchEvent(Gn(e)),!0):!1}attachCore(e){if(this._core!==null&&this._teardownCore(),e==null){this._core=null,this._controller.reset(),this.scheduleRenderIfNeeded();return}if(!Bn(e))throw new Error("[trymellon-auth] attachCore requires a CoreAuthPort-compatible instance.");this._core=e,this._unsubscribeBridge=Sr.subscribe(this._core,this),this._attachHostListeners(),this._runEnvEval()}_teardownCore(){this._unsubscribeBridge?.(),this._unsubscribeBridge=null,this.removeEventListener("mellon:start",this._onMellonStart),this.removeEventListener("mellon:success",this._onMellonSuccess),this.removeEventListener("mellon:error",this._onMellonError),this._core=null}_attachHostListeners(){this.removeEventListener("mellon:start",this._onMellonStart),this.removeEventListener("mellon:success",this._onMellonSuccess),this.removeEventListener("mellon:error",this._onMellonError),this.addEventListener("mellon:start",this._onMellonStart),this.addEventListener("mellon:success",this._onMellonSuccess),this.addEventListener("mellon:error",this._onMellonError)}_onMellonSuccess=()=>{this._controller.currentState==="ENROLLING"?this._controller.handleEnrollSuccess():this._controller.handleAuthSuccess(),this.scheduleRenderIfNeeded()};_onMellonError=()=>{this._controller.currentState==="ENROLLING"?this._controller.handleEnrollError():this._controller.handleAuthError(),this.scheduleRenderIfNeeded()};_onMellonStart=e=>{let r=e.detail;this._controller.onStartEvent(r)};startAuthFromClick(){this._core&&this.canStartAuth()&&(this._controller.startAuthFromClick(this._core,this.getTabKind(),this.getCoreAuthOptions()),this.scheduleRenderIfNeeded())}dispatchFallback(e){let r=e!==void 0?{...this.getFallbackDetail(),fallbackType:e}:this.getFallbackDetail();this.dispatchEvent(jn(r))}async _runEnvEval(){if(!this._core)return;let e={...this.getEnvEvalParams(),envStatusPort:Vn(this._core)},r=await this._controller.runEnvEval(e);r!==null&&(!this._core||!this.isConnected||this.setState(r))}_maybeAutoCreateCoreAndRunEnvEval(){if(this._core!==null)return;let e=this.getCoreConfig();if(!e)return;let r=Ar(e);if(!r){this.attachCore(null);return}this.attachCore(r)}_reconcileCoreFromConfig(){let e=this.getCoreConfig();if(this._lastCoreConfig===null&&e===null||this._lastCoreConfig!==null&&e!==null&&this._lastCoreConfig.appId===e.appId&&this._lastCoreConfig.publishableKey===e.publishableKey)return;if(this._lastCoreConfig=e,e===null){this.attachCore(null);return}let n=Ar(e);this.attachCore(n??null)}disconnectedCallback(){this._teardownCore()}get currentState(){return this._controller.currentState}reset(){this._emitCancelledIfAuthenticating(),this._controller.reset(),this.scheduleRenderIfNeeded()}setStateForRender(e){this._controller.setStateForRender(e),this.scheduleRenderIfNeeded()}};function di(t){if(t==null||t.trim()==="")return J;let e=t.split(",").map(o=>o.trim()),r=e[0]??J.register,n=e[1]??J.login;return{register:r,login:n}}function Et(t){let e={open:Fe(t.getAttribute("open")),mode:N(t.getAttribute("mode"),de,Ne),tab:N(t.getAttribute("tab"),ue,Pe),tabLabels:di(t.getAttribute("tab-labels")),theme:N(t.getAttribute("theme"),G,Y),sessionId:M(t.getAttribute("session-id")),onboardingUrl:M(t.getAttribute("onboarding-url")),isMobileOverride:wr(t.getAttribute("is-mobile-override")),fallbackType:Ur(t.getAttribute("fallback-type"),ce),appId:W(t.getAttribute("app-id")),publishableKey:W(t.getAttribute("publishable-key")),appName:M(t.getAttribute("app-name")),dialogTitle:M(t.getAttribute("dialog-title")),dialogDescription:M(t.getAttribute("dialog-description")),externalUserId:M(t.getAttribute("external-user-id")),modalVariant:N(t.getAttribute("modal-variant"),ge,Be)};return Dt(e)}function ci(t){let e=t.querySelector(`.${_e}`);return e||(e=document.createElement("div"),e.className=_e,t.appendChild(e)),e}function pi(t){let e=t.querySelector(`.${z}`);return e||(e=document.createElement("div"),e.className=z,e.setAttribute("aria-hidden","true"),t.appendChild(e)),e}function mi(t){let e=t.querySelector(`.${Re}`);return e||(e=document.createElement("div"),e.className=Re,t.appendChild(e)),e}function gi(t,e){t.setAttribute("role","dialog"),t.setAttribute("aria-modal",e==="modal"?"true":"false"),t.setAttribute("aria-labelledby",qe),t.setAttribute("aria-describedby",ve)}function fi(t,e){let r=t.querySelector(`#${qe}`);r||(r=document.createElement("h2"),r.id=qe,r.className="mellon-dialog-title",t.insertBefore(r,t.firstChild));let n=e.dialogTitle?.trim()??(e.appName?.trim()?Fr(e.appName.trim()):Br);r.textContent=n;let o=t.querySelector(`#${ve}`);o||(o=document.createElement("p"),o.id=ve,o.className="mellon-dialog-desc",t.insertBefore(o,r.nextSibling)),o.textContent=e.dialogDescription?.trim()??Kr}function hi(t){let e=t.querySelector(`.${Ht}`);e||(e=document.createElement("button"),e.type="button",e.className=Ht,e.setAttribute("aria-label",Hr),e.setAttribute("data-mellon-modal-close","true"),e.textContent="\xD7",t.appendChild(e))}function Ei(t,e){let r=t.querySelector(`.${Ae}`);if(!r){r=document.createElement("div"),r.className=Ae,r.setAttribute("role","tablist");let i=document.createElement("button");i.type="button",i.setAttribute("data-tab","register"),i.setAttribute("role","tab");let a=document.createElement("button");a.type="button",a.setAttribute("data-tab","login"),a.setAttribute("role","tab"),r.appendChild(i),r.appendChild(a);let u=t.querySelector(`#${ve}`);t.insertBefore(r,u?u.nextSibling:t.firstChild)}let[n,o]=r.querySelectorAll("button");return n&&(n.textContent=e.register),o&&(o.textContent=e.login),r}function Tr(t){let e=t.querySelector(`.${Ft}`);if(!e){e=document.createElement("div"),e.className=Ft;let r=t.querySelector(`.${Ae}`);t.insertBefore(e,r?r.nextSibling:t.firstChild)}return e}function bi(){let t=document.createElementNS(F,"svg");t.setAttribute("viewBox","0 0 24 24"),t.setAttribute("aria-hidden","true"),t.setAttribute("class","mellon-qr-icon"),t.setAttribute("fill","currentColor");let e=document.createElementNS(F,"path");return e.setAttribute("d","M3 3h6v6H3V3zm2 2v2h2V5H5zm8-2h6v6h-6V3zm2 2v2h2V5h-2zM3 15h6v6H3v-6zm2 2v2h2v-2H5zm8-2h6v6h-6v-6zm2 2v2h2v-2h-2zm4-12h2v2h-2V5zm0 8h2v2h-2v-2zm-4 4h2v2h-2v-2zm0-8h2v2h-2V9zm0 4h2v2h-2v-2z"),t.appendChild(e),t}function $n(){let t=document.createDocumentFragment(),e=document.createElement("div");e.className=Gr;let r=document.createElement("p");r.className="mellon-cross-device-cta-text",r.textContent=qr,e.appendChild(r);let n=document.createElement("button");return n.type="button",n.className="mellon-btn mellon-btn-qr-icon",n.setAttribute("data-mellon-action",Z),n.setAttribute("aria-label",jr),n.appendChild(bi()),e.appendChild(n),t.appendChild(e),t}function yi(){let t=document.createElement("div");t.className=Yr,t.setAttribute("aria-live","polite");let e=document.createElement("span");e.textContent=zr;let r=document.createElement("span");return r.className="mellon-qr-dots",r.setAttribute("aria-hidden","true"),t.appendChild(e),t.appendChild(r),t}function _i(){let t=document.createElement("div");return t.className=Wr,t.setAttribute("aria-live","polite"),t.textContent=Xr,t}function Ri(t){let e=Tr(t),r=e.querySelector(`.${w}`);if(!r){r=document.createElement("div"),r.className=w,r.setAttribute("data-qr-area-state","default"),r.appendChild(yi()),r.appendChild(_i());let o=document.createElement("div");o.className=$r;let i=document.createElement("slot");i.name=K,i.appendChild($n()),o.appendChild(i),r.appendChild(o),e.appendChild(r)}let n=r.querySelector(`slot[name="${K}"]`);if(!n){let o=document.createElement("slot");return o.name=K,o.appendChild($n()),r.appendChild(o),o}return n}function Ai(t){let e=Tr(t);if(e.querySelector(`.${Vt}`))return;let r=document.createElement("div");r.className=Vt,r.setAttribute("aria-hidden","true");let n=document.createElement("span");n.className="mellon-separator-text",n.textContent=Vr,r.appendChild(n);let o=e.querySelector(`.${w}`);e.insertBefore(r,o?o.nextSibling:e.firstChild)}function vi(t){let e=Tr(t),r=e.querySelector("slot:not([name])");if(!r){r=document.createElement("slot");let o=document.createElement("div");o.id=$,o.className="mellon-root",r.appendChild(o),e.appendChild(r)}let n=t.querySelector(`#${$}`);return n||(n=document.createElement("div"),n.id=$,n.className="mellon-root",r.appendChild(n)),n}function Si(t){let e=t.querySelector(`slot[name="${Kt}"]`);return e||(e=document.createElement("slot"),e.name=Kt,t.appendChild(e)),e}function Ti(t,e){let r=t.querySelector(`.${Ae}`);if(!r)return;let n=r.querySelector('[data-tab="register"]'),o=r.querySelector('[data-tab="login"]');n&&n.setAttribute("aria-selected",String(e==="register")),o&&o.setAttribute("aria-selected",String(e==="login"))}function Me(t,e){if(t==null||e==null)return;let r=ci(t);r.setAttribute("data-mellon-modal-variant",e.modalVariant),e.mode==="modal"&&pi(r);let n=mi(r);gi(n,e.mode),fi(n,e),hi(n),Ei(n,e.tabLabels),Ri(n),Ai(n),vi(n),Si(n),Ti(n,e.tab)}function Ci(t){return!(t.hidden===!0||t.getAttribute("aria-hidden")==="true")}function zn(t){return Array.from(t.querySelectorAll(tn)).filter(r=>Ci(r))}function Xn(t){let e=null,r=null,n=!1;function o(u){if(u.key!=="Tab")return;let p=zn(t);if(p.length===0)return;let g=u.target instanceof Node?u.target:null,f=g?p.indexOf(g):-1,y=p.length-1,b;u.shiftKey?b=f<=0?y:f-1:b=f>=y?0:f+1;let A=p[b];A&&(u.preventDefault(),A.focus())}function i(){if(n)return;e=document.activeElement;let p=zn(t)[0];p&&p.focus(),r=o,t.addEventListener("keydown",r,!0),n=!0}function a(){if(!n)return;r&&(t.removeEventListener("keydown",r,!0),r=null),n=!1;let u=t.getRootNode()?.ownerDocument??document,p=e instanceof HTMLElement&&u.body.contains(e)?e:null;if(p)p.focus();else{let g=u.body,f=g.getAttribute("tabindex");g.setAttribute("tabindex","-1"),g.focus(),f===null?g.removeAttribute("tabindex"):g.setAttribute("tabindex",f)}e=null}return{activate:i,deactivate:a}}var Qn=["app-id","publishable-key","mode","external-user-id","theme","action","trigger-only","button-variant","button-label","button-aria-label","ticket-id"],Jn=["open","mode","tab","tab-labels","theme","session-id","onboarding-url","is-mobile-override","fallback-type","app-id","publishable-key","app-name","dialog-title","dialog-description","external-user-id","modal-variant","qr-load-timeout-ms"],bt={wrapper:`.${_e}`,overlay:`.${z}`,panel:`.${Re}`},Zn="user";var Ii={SUCCESS:{reason:"success"},AUTHENTICATING:{reason:"cancel"},ERROR:{reason:"error"}};function Li(t){return Ii[t]??{reason:Zn}}var yt=class extends se{static get observedAttributes(){return[...Jn]}_parsed=Et(this);_focusTrap=null;_unregisterInteractions=null;_generatedExternalUserId=null;_qrLoadTimeoutId=null;_qrSlotChangeBound=null;_boundEscapeKeydown=e=>{e.key==="Escape"&&this._parsed.open&&(e.preventDefault(),this.open=!1)};connectedCallback(){if(this.addEventListener("keydown",this._boundEscapeKeydown,!0),this.shadowRoot){this._registerInteractions(),this._core!==null&&this._unsubscribeBridge===null&&this.attachCore(this._core);return}let e=this.attachShadow({mode:"open"}),r=dn();if(r)e.adoptedStyleSheets=[r];else{let n=document.createElement("style");n.textContent=un(),e.appendChild(n)}this._parsed=Et(this),Me(e,this._parsed),this._registerInteractions(),this._render(),this._applyModalVisibility(),this._maybeAutoCreateCoreAndRunEnvEval()}_registerInteractions(){this.shadowRoot&&(this._unregisterInteractions?.(),this._unregisterInteractions=sn(this.shadowRoot,{onTabChange:e=>{this.dispatchEvent(Yn({tab:e})),this.setAttribute("tab",e)},onPrimaryClick:()=>this.startAuthFromClick(),onFallbackClick:e=>this.dispatchFallback(e),onOverlayClick:()=>{this.open=!1},onCloseClick:()=>{this.open=!1}}))}attributeChangedCallback(e,r,n){if(this.shadowRoot){if(this._parsed=Et(this),e==="open"){if(this._parsed.open&&r!=="true"){this._clearCrossDeviceSlot();let o={timestamp:Date.now()};this.dispatchEvent(Hn(o)),this._startQrLoadWait()}if(!this._parsed.open){this._clearQrLoadWait(),this._transitionToIdle();return}}e==="tab"&&(this._emitCancelledIfAuthenticating(),this.setState(I.tabChange(this.currentState,this._parsed.tab))),(e==="app-id"||e==="publishable-key")&&this._reconcileCoreFromConfig(),Me(this.shadowRoot,this._parsed),this._render(),this._applyModalVisibility()}}_clearCrossDeviceSlot(){this.querySelectorAll(`[slot="${K}"]`).forEach(e=>e.remove())}_startQrLoadWait(){let e=this.shadowRoot;if(!e)return;let r=e.querySelector(`.${w}`),n=e.querySelector(`slot[name="${K}"]`);if(!r||!n)return;r.setAttribute("data-qr-area-state","waiting");let o=Math.max(1e3,parseInt(this.getAttribute("qr-load-timeout-ms")??String(12e3),10)||12e3);this._qrLoadTimeoutId=window.setTimeout(()=>{if(this._qrLoadTimeoutId=null,!this.shadowRoot)return;let a=this.shadowRoot.querySelector(`.${w}`);a?.getAttribute("data-qr-area-state")==="waiting"&&a.setAttribute("data-qr-area-state","timeout")},o);let i=()=>{if(n.assignedNodes().length>0){this._clearQrLoadWait();let a=this.shadowRoot?.querySelector(`.${w}`);a&&a.setAttribute("data-qr-area-state","loaded")}};this._qrSlotChangeBound=i,n.addEventListener("slotchange",i),n.assignedNodes().length>0&&i()}_clearQrLoadWait(){this._qrLoadTimeoutId!=null&&(clearTimeout(this._qrLoadTimeoutId),this._qrLoadTimeoutId=null);let e=this.shadowRoot;if(!e)return;let r=e.querySelector(`slot[name="${K}"]`);r&&this._qrSlotChangeBound&&(r.removeEventListener("slotchange",this._qrSlotChangeBound),this._qrSlotChangeBound=null);let n=e.querySelector(`.${w}`);n&&n.setAttribute("data-qr-area-state","default")}_transitionToIdle(){this._generatedExternalUserId=null;let r={reason:Li(this.currentState).reason,timestamp:Date.now()};this.dispatchEvent(qn(r)),this._emitCancelledIfAuthenticating(),this.setState(I.reset(this.currentState)),this.shadowRoot&&(Me(this.shadowRoot,this._parsed),this.scheduleRenderIfNeeded(),this._applyModalVisibility())}get open(){return this._parsed.open}set open(e){this.setAttribute("open",e?"true":"false")}get mode(){return this._parsed.mode}set mode(e){this.setAttribute("mode",e)}get tab(){return this._parsed.tab}set tab(e){this.setAttribute("tab",e)}get tabLabels(){return`${this._parsed.tabLabels.register},${this._parsed.tabLabels.login}`}set tabLabels(e){e==null||e===""?this.removeAttribute("tab-labels"):this.setAttribute("tab-labels",e)}get theme(){return this._parsed.theme}set theme(e){this.setAttribute("theme",e)}get sessionId(){return this._parsed.sessionId}set sessionId(e){e==null?this.removeAttribute("session-id"):this.setAttribute("session-id",e)}get onboardingUrl(){return this._parsed.onboardingUrl}set onboardingUrl(e){e==null?this.removeAttribute("onboarding-url"):this.setAttribute("onboarding-url",e)}get isMobileOverride(){return this._parsed.isMobileOverride}set isMobileOverride(e){e==null?this.removeAttribute("is-mobile-override"):this.setAttribute("is-mobile-override",e?"true":"false")}get fallbackType(){return this._parsed.fallbackType}set fallbackType(e){e==null?this.removeAttribute("fallback-type"):this.setAttribute("fallback-type",e)}get appId(){return this._parsed.appId}set appId(e){this.setAttribute("app-id",e??"")}get publishableKey(){return this._parsed.publishableKey}set publishableKey(e){this.setAttribute("publishable-key",e??"")}get appName(){return this._parsed.appName}set appName(e){e==null?this.removeAttribute("app-name"):this.setAttribute("app-name",e)}get dialogTitle(){return this._parsed.dialogTitle}set dialogTitle(e){e==null?this.removeAttribute("dialog-title"):this.setAttribute("dialog-title",e)}get dialogDescription(){return this._parsed.dialogDescription}set dialogDescription(e){e==null?this.removeAttribute("dialog-description"):this.setAttribute("dialog-description",e)}get externalUserId(){return this._parsed.externalUserId}set externalUserId(e){e==null?this.removeAttribute("external-user-id"):this.setAttribute("external-user-id",e)}disconnectedCallback(){this._unregisterInteractions?.(),this._unregisterInteractions=null,this.removeEventListener("keydown",this._boundEscapeKeydown,!0),super.disconnectedCallback()}reset(){this._transitionToIdle()}getTabKind(){return this._parsed.tab}getCoreAuthOptions(){let e=this._resolveExternalUserId();return e?{externalUserId:e}:{}}_resolveExternalUserId(){let e=this._parsed.externalUserId?.trim();return e||(this.getTabKind()!=="register"?null:(this._generatedExternalUserId??=typeof crypto<"u"&&typeof crypto.randomUUID=="function"?crypto.randomUUID():null,this._generatedExternalUserId))}canStartAuth(){return!0}getEnvEvalParams(){return{mode:this._parsed.tab,isMobileOverride:this._parsed.isMobileOverride??void 0,fallbackType:this._parsed.fallbackType}}getCoreConfig(){return!this._parsed.appId||!this._parsed.publishableKey?null:{appId:this._parsed.appId,publishableKey:this._parsed.publishableKey}}getFallbackDetail(){return{operation:this._parsed.tab}}_applyModalVisibility(){if(!this.shadowRoot)return;let e=this.shadowRoot.querySelector(bt.wrapper);e&&(e.hidden=!this._parsed.open);let r=this.shadowRoot.querySelector(bt.overlay);r&&(r.hidden=this._parsed.mode!=="modal");let n=this.shadowRoot.querySelector(bt.panel);n&&n.setAttribute("aria-hidden",String(!this._parsed.open)),this._parsed.open&&e?(this._focusTrap||(this._focusTrap=Xn(e)),this._focusTrap.activate()):this._focusTrap?.deactivate()}_render(){if(!this.shadowRoot)return;Me(this.shadowRoot,this._parsed),this._applyModalVisibility();let e=Pt(this.currentState,this._parsed,{registerSessionReady:this._parsed.tab==="register"?this.canStartAuth():void 0,primaryButtonLabel:Ut,primaryButtonAriaLabel:Bt}),r={shadowRoot:this.shadowRoot};Zr(r,e)}};var _t=class extends se{static get observedAttributes(){return[...Qn]}_parsed={...Ee};get ticketId(){let e=this._parsed.ticketId;return e===void 0?null:e}_internalModal=null;_focusRestoreTarget=null;_unregisterInteractions=null;_onInternalModalClose=()=>{this._internalModal&&(this._internalModal.open=!1),this._restoreFocusToTrigger()};_onInternalModalSuccess=e=>{let r=e;this.dispatchEvent(new CustomEvent(q,{detail:r.detail,bubbles:!1,composed:!0}))};_restoreFocusToTrigger(){let e=this._focusRestoreTarget;this._focusRestoreTarget=null,!(!e?.isConnected||typeof e.focus!="function")&&e.focus()}_emitContextReadyIfEnrollment(){!this._core||!this.ticketId||this.dispatchEvent(Wn({contextHash:this._core.getContextHash()}))}enroll(){let e=this.ticketId;!e||!this._core||this._controller.startEnrollment(this._core,{ticketId:e})}connectedCallback(){if(this.shadowRoot){this._registerInteractions(),this._core!==null&&this._unsubscribeBridge===null&&this.attachCore(this._core),this._emitContextReadyIfEnrollment(),this._syncInternalModalAttributes(),this._ensureInternalModal();return}let e=this.attachShadow({mode:"open"}),r=Yt();if(r)e.adoptedStyleSheets=[r];else{let n=document.createElement("style");n.textContent=Wt(),e.appendChild(n)}this._parsed=wt(this),this._syncThemeAttribute(),this._registerInteractions(),this._render(),this._reconcileCoreFromConfig(),this._emitContextReadyIfEnrollment(),this._ensureInternalModal()}_registerInteractions(){this.shadowRoot&&(this._unregisterInteractions?.(),this._unregisterInteractions=on(this.shadowRoot,{onPrimaryClick:()=>this._onPrimaryClick(),onFallbackClick:e=>this.dispatchFallback(e)}))}attributeChangedCallback(e,r,n){if(!this.shadowRoot)return;let o=this._parsed.mode;if(this._parsed=wt(this),(e==="button-variant"||e==="theme")&&this.invalidateRender(),(e==="app-id"||e==="publishable-key")&&this._reconcileCoreFromConfig(),(e==="ticket-id"||e==="app-id"||e==="publishable-key")&&this._emitContextReadyIfEnrollment(),e==="mode"&&(this._parsed.mode==="register"||this._parsed.mode==="login")){let i=this._parsed.mode;o!==i&&(this._emitCancelledIfAuthenticating(),this.setState(I.tabChange(this.currentState,i)))}this._syncThemeAttribute(),this.scheduleRenderIfNeeded(),this._syncInternalModalAttributes(),this._ensureInternalModal()}_onPrimaryClick(){if(this._parsed.action==="open-modal"){this._focusRestoreTarget=document.activeElement instanceof Element?document.activeElement:null,this.dispatchEvent(new CustomEvent(Ie,{detail:{},bubbles:!0,composed:!0})),!this._parsed.triggerOnly&&this._internalModal&&(this._internalModal.open=!0);return}this.startAuthFromClick()}getTabKind(){return this._parsed.mode==="auto"?"login":this._parsed.mode}getCoreAuthOptions(){return Fn(this._parsed.externalUserId)}canStartAuth(){return!0}getEnvEvalParams(){return{mode:this._parsed.mode}}getCoreConfig(){return!this._parsed.appId||!this._parsed.publishableKey?null:{appId:this._parsed.appId,publishableKey:this._parsed.publishableKey}}getFallbackDetail(){let e=this._parsed.mode==="login"||this._parsed.mode==="register"?this._parsed.mode:void 0;return e!==void 0?{operation:e}:{}}_render(){if(!this.shadowRoot)return;let e=Nt(this.currentState,this._parsed,{registerSessionReady:this._parsed.mode==="register"?this.canStartAuth():void 0,primaryButtonLabel:this._parsed.buttonLabel??void 0,primaryButtonAriaLabel:this._parsed.buttonAriaLabel??void 0}),r={shadowRoot:this.shadowRoot};Jr(r,e)}_syncThemeAttribute(){this.getAttribute("theme")!==this._parsed.theme&&this.setAttribute("theme",this._parsed.theme)}_syncInternalModalAttributes(){if(!this._internalModal)return;this._internalModal.setAttribute("app-id",this._parsed.appId??""),this._internalModal.setAttribute("publishable-key",this._parsed.publishableKey??""),this._internalModal.setAttribute("theme",this._parsed.theme);let e=this._parsed.mode==="auto"?"login":this._parsed.mode;this._internalModal.setAttribute("tab",e),this._internalModal.setAttribute("modal-variant","minimal")}_ensureInternalModal(){if(this._parsed.action!=="open-modal"||!this.shadowRoot)return;if(this._parsed.triggerOnly){this._internalModal?.isConnected&&(this._internalModal.removeEventListener(H,this._onInternalModalClose),this._internalModal.remove(),this._internalModal=null);return}if(this._internalModal?.isConnected){this._syncInternalModalAttributes();return}let e=document.createElement("trymellon-auth-modal");this._internalModal=e,this._syncInternalModalAttributes(),e.addEventListener(H,this._onInternalModalClose),e.addEventListener(q,this._onInternalModalSuccess),typeof document<"u"&&document.body?document.body.appendChild(e):this.shadowRoot.appendChild(e)}disconnectedCallback(){this._unregisterInteractions?.(),this._unregisterInteractions=null,this._internalModal?.isConnected&&(this._internalModal.removeEventListener(H,this._onInternalModalClose),this._internalModal.removeEventListener(q,this._onInternalModalSuccess),this._internalModal.remove(),this._internalModal=null),super.disconnectedCallback()}};var Ju="0.1.0",to="trymellon-auth",ro="trymellon-auth-modal";typeof customElements<"u"&&!customElements.get(to)&&customElements.define(to,_t);typeof customElements<"u"&&!customElements.get(ro)&&customElements.define(ro,yt);export{Se as BASE_STYLES,k as INITIAL_UI_STATE,Le as MELLON_CANCELLED,H as MELLON_CLOSE,dt as MELLON_ERROR,pt as MELLON_FALLBACK,ut as MELLON_OPEN,Ie as MELLON_OPEN_REQUEST,ct as MELLON_START,q as MELLON_SUCCESS,mt as MELLON_TAB_CHANGE,ro as TRYMELLON_AUTH_MODAL_TAG,to as TRYMELLON_AUTH_TAG,_t as TryMellonAuthElement,yt as TryMellonAuthModalElement,Ju as UI_VERSION,Yt as createConstructableStylesheet,Sr as eventBridgeAdapter,ae as getNextState,Wt as getStylesFallback};
 //# sourceMappingURL=index.js.map