exodus-monetization 0.2.0

package/dist/react.cjs

@@ -0,0 +1,394 @@
+"use client";
+'use strict';
+
+var React = require('react');
+
+function _interopNamespace(e) {
+  if (e && e.__esModule) return e;
+  var n = Object.create(null);
+  if (e) {
+    Object.keys(e).forEach(function (k) {
+      if (k !== 'default') {
+        var d = Object.getOwnPropertyDescriptor(e, k);
+        Object.defineProperty(n, k, d.get ? d : {
+          enumerable: true,
+          get: function () { return e[k]; }
+        });
+      }
+    });
+  }
+  n.default = e;
+  return Object.freeze(n);
+}
+
+var React__namespace = /*#__PURE__*/_interopNamespace(React);
+
+// src/react.tsx
+
+// src/errors.ts
+var MonetizationError = class extends Error {
+  constructor(message, code, status, body = null) {
+    super(message);
+    this.name = "MonetizationError";
+    this.code = code;
+    this.status = status;
+    this.body = body;
+  }
+};
+function mapSatIssueError(err) {
+  switch (err) {
+    case "unauthorized":
+      return "unauthorized";
+    case "not_entitled":
+      return "not_entitled";
+    case "rate_limited":
+      return "rate_limited";
+    case "sat_jti_unavailable":
+      return "sat_store_unavailable";
+    default:
+      return "sat_issue_failed";
+  }
+}
+function errorFromSatResponse(status, body) {
+  const err = typeof body?.error === "string" ? body.error : void 0;
+  if (status === 401) {
+    return new MonetizationError("Session requise pour \xE9mettre un SAT.", "unauthorized", 401, body);
+  }
+  if (status === 403) {
+    return new MonetizationError("Action non autoris\xE9e (entitlement ou r\xE8gle serveur).", "forbidden", 403, body);
+  }
+  if (status === 429) {
+    return new MonetizationError("Trop de demandes de SAT.", "rate_limited", 429, body);
+  }
+  if (status === 400) {
+    return new MonetizationError(err || "Requ\xEAte SAT invalide.", "bad_request", 400, body);
+  }
+  if (status === 503) {
+    return new MonetizationError("Stockage SAT indisponible.", "sat_store_unavailable", 503, body);
+  }
+  const code = mapSatIssueError(err);
+  return new MonetizationError(err || "\xC9mission SAT \xE9chou\xE9e.", code, status || 500, body);
+}
+function errorFromEntitlementsResponse(status, body) {
+  if (status === 401) {
+    return new MonetizationError("Non authentifi\xE9.", "unauthorized", 401, body);
+  }
+  return new MonetizationError("Erreur entitlements.", "unknown", status, body);
+}
+function isMintRetryableError(e) {
+  if (e.code === "network") return true;
+  if (e.code === "sat_store_unavailable") return true;
+  if (e.code === "sat_issue_failed" && e.status >= 500) return true;
+  const raw = e.body;
+  const apiErr = typeof raw?.error === "string" ? raw.error : "";
+  if (apiErr === "sat_invalid" || apiErr === "sat_expired") return true;
+  return false;
+}
+
+// src/types.ts
+var SAT_FEATURE_KEYS = [
+  "chat.send",
+  "chat.media",
+  "contacts.view",
+  "whatsapp.handoff",
+  "demo.secure_read"
+];
+
+// src/features.ts
+var KNOWN = new Set(SAT_FEATURE_KEYS);
+function validateFeatureKey(feature) {
+  if (typeof feature !== "string" || !KNOWN.has(feature)) {
+    throw new MonetizationError(
+      `Invalid SAT feature key "${String(feature)}". Expected one of SAT_FEATURE_KEYS.`,
+      "bad_request",
+      400,
+      { feature, allowed: [...SAT_FEATURE_KEYS] }
+    );
+  }
+}
+
+// src/paths.ts
+function pathnameForSat(input) {
+  const raw = (input ?? "").trim();
+  if (!raw) return "";
+  if (raw.startsWith("http://") || raw.startsWith("https://")) {
+    try {
+      return new URL(raw).pathname.replace(/\/{2,}/g, "/");
+    } catch {
+      return "";
+    }
+  }
+  const noHash = raw.split("#")[0] ?? raw;
+  const noQuery = (noHash.split("?")[0] ?? noHash).trim();
+  if (!noQuery.startsWith("/")) return "";
+  if (noQuery.startsWith("//")) return "";
+  if (noQuery.includes("://")) return "";
+  return noQuery.replace(/\/{2,}/g, "/");
+}
+function joinBaseUrl(baseUrl, path) {
+  const b = (baseUrl ?? "").replace(/\/$/, "");
+  const p = path.startsWith("/") ? path : `/${path}`;
+  if (!b) return p;
+  return `${b}${p}`;
+}
+function resolveRequestUrl(input, baseUrl) {
+  if (typeof input === "string") {
+    if (input.startsWith("http://") || input.startsWith("https://")) return input;
+    return joinBaseUrl(baseUrl, input);
+  }
+  if (input instanceof URL) return input.href;
+  return input.url;
+}
+
+// src/client.ts
+function safeEmit(onEvent, e) {
+  try {
+    onEvent?.(e);
+  } catch {
+  }
+}
+async function readJsonBody(res) {
+  return await res.json().catch(() => null);
+}
+function createMonetizationClient(config = {}) {
+  const baseUrl = (config.baseUrl ?? "").trim().replace(/\/$/, "");
+  const credentials = config.credentials ?? "include";
+  const fetchImpl = config.fetchImpl ?? globalThis.fetch.bind(globalThis);
+  const cacheTtl = config.entitlementsCacheTtlMs ?? 12e3;
+  const staleAfterFreshMs = config.entitlementsStaleAfterFreshMs ?? Math.min((cacheTtl > 0 ? cacheTtl : 12e3) * 2, 12e4);
+  let entitlementsCache = null;
+  let inflightRefresh = null;
+  const onEvent = config.onEvent;
+  function mergeHeaders(init) {
+    const h = new Headers(config.defaultHeaders);
+    if (init) new Headers(init).forEach((v, k) => h.set(k, v));
+    return h;
+  }
+  async function fetchEntitlementsFresh() {
+    const url = joinBaseUrl(baseUrl, "/api/entitlements");
+    let res;
+    try {
+      res = await fetchImpl(url, {
+        method: "GET",
+        credentials,
+        cache: "no-store",
+        headers: mergeHeaders()
+      });
+    } catch {
+      throw new MonetizationError("R\xE9seau indisponible.", "network", 0, null);
+    }
+    const body = await res.json().catch(() => null);
+    if (!res.ok || !body || body.ok !== true) {
+      throw errorFromEntitlementsResponse(res.status, body);
+    }
+    return body;
+  }
+  async function getEntitlements(options) {
+    if (options?.skipCache || cacheTtl <= 0) {
+      const data2 = await fetchEntitlementsFresh();
+      if (cacheTtl > 0) entitlementsCache = { data: data2, fetchedAt: Date.now() };
+      return data2;
+    }
+    const now = Date.now();
+    if (!entitlementsCache) {
+      const data2 = await fetchEntitlementsFresh();
+      entitlementsCache = { data: data2, fetchedAt: now };
+      return data2;
+    }
+    const age = now - entitlementsCache.fetchedAt;
+    if (age < cacheTtl) {
+      return entitlementsCache.data;
+    }
+    if (age < cacheTtl + staleAfterFreshMs) {
+      if (!inflightRefresh) {
+        inflightRefresh = fetchEntitlementsFresh().then((data2) => {
+          entitlementsCache = { data: data2, fetchedAt: Date.now() };
+        }).catch(() => {
+        }).finally(() => {
+          inflightRefresh = null;
+        });
+      }
+      return entitlementsCache.data;
+    }
+    const data = await fetchEntitlementsFresh();
+    entitlementsCache = { data, fetchedAt: Date.now() };
+    return data;
+  }
+  function invalidateEntitlementsCache() {
+    entitlementsCache = null;
+    inflightRefresh = null;
+  }
+  async function mintSatOnce(params) {
+    const path = pathnameForSat(params.path);
+    if (!path) {
+      throw new MonetizationError("Chemin SAT invalide.", "bad_request", 400, null);
+    }
+    const url = joinBaseUrl(baseUrl, "/api/sat");
+    const method = params.method.toUpperCase();
+    let res;
+    try {
+      res = await fetchImpl(url, {
+        method: "POST",
+        credentials,
+        headers: mergeHeaders({ "content-type": "application/json" }),
+        body: JSON.stringify({
+          feature: params.feature,
+          method,
+          path
+        })
+      });
+    } catch {
+      throw new MonetizationError("R\xE9seau indisponible.", "network", 0, null);
+    }
+    const body = await res.json().catch(() => null);
+    if (!body || body.ok !== true || typeof body.token !== "string") {
+      throw errorFromSatResponse(res.status, body);
+    }
+    const exp = typeof body.exp === "number" ? body.exp : 0;
+    return { token: body.token, exp };
+  }
+  async function mintSat(params) {
+    validateFeatureKey(params.feature);
+    try {
+      return await mintSatOnce(params);
+    } catch (e) {
+      if (e instanceof MonetizationError && isMintRetryableError(e)) {
+        safeEmit(onEvent, {
+          type: "sat_mint_retried",
+          feature: params.feature,
+          reason: e.code
+        });
+        try {
+          return await mintSatOnce(params);
+        } catch (e2) {
+          if (e2 instanceof MonetizationError) {
+            safeEmit(onEvent, {
+              type: "sat_mint_failed",
+              feature: params.feature,
+              code: e2.code,
+              status: e2.status
+            });
+          }
+          throw e2;
+        }
+      }
+      if (e instanceof MonetizationError) {
+        safeEmit(onEvent, {
+          type: "sat_mint_failed",
+          feature: params.feature,
+          code: e.code,
+          status: e.status
+        });
+      }
+      throw e;
+    }
+  }
+  async function guardedFetch(input, init = {}) {
+    const { feature, ...rest } = init;
+    if (!feature) {
+      if (typeof input === "string") {
+        const u = input.startsWith("http://") || input.startsWith("https://") ? input : joinBaseUrl(baseUrl, input);
+        return fetchImpl(u, {
+          ...rest,
+          credentials: rest.credentials ?? credentials,
+          headers: mergeHeaders(rest.headers)
+        });
+      }
+      if (input instanceof URL) {
+        return fetchImpl(input, {
+          ...rest,
+          credentials: rest.credentials ?? credentials,
+          headers: mergeHeaders(rest.headers)
+        });
+      }
+      return fetchImpl(input, {
+        ...rest,
+        credentials: rest.credentials ?? credentials,
+        headers: mergeHeaders(rest.headers)
+      });
+    }
+    validateFeatureKey(feature);
+    const targetUrl = resolveRequestUrl(input, baseUrl);
+    const method = (rest.method ?? "GET").toUpperCase();
+    const path = pathnameForSat(targetUrl);
+    if (!path) {
+      throw new MonetizationError("Impossible de d\xE9river le path pour le SAT.", "bad_request", 400, null);
+    }
+    async function doFetch(token) {
+      const headers = mergeHeaders(rest.headers);
+      headers.set("X-SAT", token);
+      return fetchImpl(targetUrl, {
+        ...rest,
+        headers,
+        credentials: rest.credentials ?? credentials
+      });
+    }
+    const first = await mintSat({ feature, method, path });
+    let res = await doFetch(first.token);
+    if (res.status === 403) {
+      const j = await readJsonBody(res.clone());
+      const err = j?.error ?? "";
+      if (err === "sat_invalid" || err === "sat_expired") {
+        safeEmit(onEvent, { type: "sat_action_retry", feature, path, reason: err });
+        const second = await mintSat({ feature, method, path });
+        res = await doFetch(second.token);
+      } else if (err === "sat_replay_or_expired" || err === "sat_feature_forbidden" || err === "sat_required") {
+        safeEmit(onEvent, {
+          type: "sat_action_blocked",
+          feature,
+          path,
+          reason: err,
+          status: res.status
+        });
+      }
+    }
+    return res;
+  }
+  async function protect(feature, method, pathOrUrl, run) {
+    validateFeatureKey(feature);
+    const path = pathnameForSat(pathOrUrl);
+    if (!path) {
+      throw new MonetizationError("Chemin SAT invalide.", "bad_request", 400, null);
+    }
+    const { token } = await mintSat({ feature, method: method.toUpperCase(), path });
+    const headers = mergeHeaders();
+    headers.set("X-SAT", token);
+    return run({ headers });
+  }
+  return {
+    config: {
+      baseUrl,
+      credentials,
+      entitlementsCacheTtlMs: cacheTtl,
+      entitlementsStaleAfterFreshMs: staleAfterFreshMs
+    },
+    getEntitlements,
+    invalidateEntitlementsCache,
+    mintSat,
+    guardedFetch,
+    protect
+  };
+}
+
+// src/react.tsx
+function useMonetizationClient(cfg = {}) {
+  const baseUrl = cfg.baseUrl ?? "";
+  const credentials = cfg.credentials ?? "include";
+  const entitlementsCacheTtlMs = cfg.entitlementsCacheTtlMs;
+  const entitlementsStaleAfterFreshMs = cfg.entitlementsStaleAfterFreshMs;
+  const onEvent = cfg.onEvent;
+  return React__namespace.useMemo(
+    () => createMonetizationClient({
+      baseUrl,
+      credentials,
+      entitlementsCacheTtlMs,
+      entitlementsStaleAfterFreshMs,
+      onEvent
+    }),
+    [baseUrl, credentials, entitlementsCacheTtlMs, entitlementsStaleAfterFreshMs, onEvent]
+  );
+}
+
+exports.useMonetizationClient = useMonetizationClient;
+//# sourceMappingURL=react.cjs.map
+//# sourceMappingURL=react.cjs.map

package/dist/react.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/errors.ts","../src/types.ts","../src/features.ts","../src/paths.ts","../src/client.ts","../src/react.tsx"],"names":["data","React"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAWO,IAAM,iBAAA,GAAN,cAAgC,KAAA,CAAM;AAAA,EAK3C,WAAA,CAAY,OAAA,EAAiB,IAAA,EAA6B,MAAA,EAAgB,OAAgB,IAAA,EAAM;AAC9F,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,mBAAA;AACZ,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AACd,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AAAA,EACd;AACF,CAAA;AAEA,SAAS,iBAAiB,GAAA,EAAgD;AACxE,EAAA,QAAQ,GAAA;AAAK,IACX,KAAK,cAAA;AACH,MAAA,OAAO,cAAA;AAAA,IACT,KAAK,cAAA;AACH,MAAA,OAAO,cAAA;AAAA,IACT,KAAK,cAAA;AACH,MAAA,OAAO,cAAA;AAAA,IACT,KAAK,qBAAA;AACH,MAAA,OAAO,uBAAA;AAAA,IACT;AACE,MAAA,OAAO,kBAAA;AAAA;AAEb;AAEO,SAAS,oBAAA,CAAqB,QAAgB,IAAA,EAAyD;AAC5G,EAAA,MAAM,MAAM,OAAO,IAAA,EAAM,KAAA,KAAU,QAAA,GAAW,KAAK,KAAA,GAAQ,MAAA;AAC3D,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,IAAI,iBAAA,CAAkB,yCAAA,EAAwC,cAAA,EAAgB,KAAK,IAAI,CAAA;AAAA,EAChG;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,IAAI,iBAAA,CAAkB,4DAAA,EAAwD,WAAA,EAAa,KAAK,IAAI,CAAA;AAAA,EAC7G;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,IAAI,iBAAA,CAAkB,0BAAA,EAA4B,cAAA,EAAgB,KAAK,IAAI,CAAA;AAAA,EACpF;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,IAAI,iBAAA,CAAkB,GAAA,IAAO,0BAAA,EAAyB,aAAA,EAAe,KAAK,IAAI,CAAA;AAAA,EACvF;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,IAAI,iBAAA,CAAkB,4BAAA,EAA8B,uBAAA,EAAyB,KAAK,IAAI,CAAA;AAAA,EAC/F;AACA,EAAA,MAAM,IAAA,GAAO,iBAAiB,GAAG,CAAA;AACjC,EAAA,OAAO,IAAI,iBAAA,CAAkB,GAAA,IAAO,kCAAyB,IAAA,EAAM,MAAA,IAAU,KAAK,IAAI,CAAA;AACxF;AAEO,SAAS,6BAAA,CAA8B,QAAgB,IAAA,EAAkC;AAC9F,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,IAAI,iBAAA,CAAkB,qBAAA,EAAoB,cAAA,EAAgB,KAAK,IAAI,CAAA;AAAA,EAC5E;AACA,EAAA,OAAO,IAAI,iBAAA,CAAkB,sBAAA,EAAwB,SAAA,EAAW,QAAQ,IAAI,CAAA;AAC9E;AAGO,SAAS,qBAAqB,CAAA,EAA+B;AAClE,EAAA,IAAI,CAAA,CAAE,IAAA,KAAS,SAAA,EAAW,OAAO,IAAA;AACjC,EAAA,IAAI,CAAA,CAAE,IAAA,KAAS,uBAAA,EAAyB,OAAO,IAAA;AAC/C,EAAA,IAAI,EAAE,IAAA,KAAS,kBAAA,IAAsB,CAAA,CAAE,MAAA,IAAU,KAAK,OAAO,IAAA;AAE7D,EAAA,MAAM,MAAM,CAAA,CAAE,IAAA;AACd,EAAA,MAAM,SAAS,OAAO,GAAA,EAAK,KAAA,KAAU,QAAA,GAAW,IAAI,KAAA,GAAQ,EAAA;AAC5D,EAAA,IAAI,MAAA,KAAW,aAAA,IAAiB,MAAA,KAAW,aAAA,EAAe,OAAO,IAAA;AAEjE,EAAA,OAAO,KAAA;AACT;;;AC3EO,IAAM,gBAAA,GAAmB;AAAA,EAC9B,WAAA;AAAA,EACA,YAAA;AAAA,EACA,eAAA;AAAA,EACA,kBAAA;AAAA,EACA;AACF,CAAA;;;ACPA,IAAM,KAAA,GAAQ,IAAI,GAAA,CAAY,gBAAgB,CAAA;AAGvC,SAAS,mBAAmB,OAAA,EAAoD;AACrF,EAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,CAAC,KAAA,CAAM,GAAA,CAAI,OAAO,CAAA,EAAG;AACtD,IAAA,MAAM,IAAI,iBAAA;AAAA,MACR,CAAA,yBAAA,EAA4B,MAAA,CAAO,OAAO,CAAC,CAAA,oCAAA,CAAA;AAAA,MAC3C,aAAA;AAAA,MACA,GAAA;AAAA,MACA,EAAE,OAAA,EAAS,OAAA,EAAS,CAAC,GAAG,gBAAgB,CAAA;AAAE,KAC5C;AAAA,EACF;AACF;;;ACdO,SAAS,eAAe,KAAA,EAAuB;AACpD,EAAA,MAAM,GAAA,GAAA,CAAO,KAAA,IAAS,EAAA,EAAI,IAAA,EAAK;AAC/B,EAAA,IAAI,CAAC,KAAK,OAAO,EAAA;AAEjB,EAAA,IAAI,IAAI,UAAA,CAAW,SAAS,KAAK,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG;AAC3D,IAAA,IAAI;AACF,MAAA,OAAO,IAAI,GAAA,CAAI,GAAG,EAAE,QAAA,CAAS,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,IACrD,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,EAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,MAAM,SAAS,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,IAAK,GAAA;AACpC,EAAA,MAAM,OAAA,GAAA,CAAW,OAAO,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA,IAAK,QAAQ,IAAA,EAAK;AAEtD,EAAA,IAAI,CAAC,OAAA,CAAQ,UAAA,CAAW,GAAG,GAAG,OAAO,EAAA;AACrC,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG,OAAO,EAAA;AACrC,EAAA,IAAI,OAAA,CAAQ,QAAA,CAAS,KAAK,CAAA,EAAG,OAAO,EAAA;AAEpC,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,SAAA,EAAW,GAAG,CAAA;AACvC;AAEO,SAAS,WAAA,CAAY,SAAiB,IAAA,EAAsB;AACjE,EAAA,MAAM,CAAA,GAAA,CAAK,OAAA,IAAW,EAAA,EAAI,OAAA,CAAQ,OAAO,EAAE,CAAA;AAC3C,EAAA,MAAM,IAAI,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,GAAI,IAAA,GAAO,IAAI,IAAI,CAAA,CAAA;AAChD,EAAA,IAAI,CAAC,GAAG,OAAO,CAAA;AACf,EAAA,OAAO,CAAA,EAAG,CAAC,CAAA,EAAG,CAAC,CAAA,CAAA;AACjB;AAEO,SAAS,iBAAA,CAAkB,OAA0B,OAAA,EAAyB;AACnF,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,IAAI,KAAA,CAAM,WAAW,SAAS,CAAA,IAAK,MAAM,UAAA,CAAW,UAAU,GAAG,OAAO,KAAA;AACxE,IAAA,OAAO,WAAA,CAAY,SAAS,KAAK,CAAA;AAAA,EACnC;AACA,EAAA,IAAI,KAAA,YAAiB,GAAA,EAAK,OAAO,KAAA,CAAM,IAAA;AACvC,EAAA,OAAO,KAAA,CAAM,GAAA;AACf;;;ACjBA,SAAS,QAAA,CAAS,SAA8C,CAAA,EAAyB;AACvF,EAAA,IAAI;AACF,IAAA,OAAA,GAAU,CAAC,CAAA;AAAA,EACb,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,eAAe,aAAa,GAAA,EAAmD;AAC7E,EAAA,OAAQ,MAAM,GAAA,CAAI,IAAA,EAAK,CAAE,KAAA,CAAM,MAAM,IAAI,CAAA;AAC3C;AAEO,SAAS,wBAAA,CAAyB,MAAA,GAAmC,EAAC,EAAG;AAC9E,EAAA,MAAM,OAAA,GAAA,CAAW,OAAO,OAAA,IAAW,EAAA,EAAI,MAAK,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AAC/D,EAAA,MAAM,WAAA,GAAc,OAAO,WAAA,IAAe,SAAA;AAC1C,EAAA,MAAM,YAAY,MAAA,CAAO,SAAA,IAAa,UAAA,CAAW,KAAA,CAAM,KAAK,UAAU,CAAA;AACtE,EAAA,MAAM,QAAA,GAAW,OAAO,sBAAA,IAA0B,IAAA;AAClD,EAAA,MAAM,iBAAA,GACJ,MAAA,CAAO,6BAAA,IAAiC,IAAA,CAAK,GAAA,CAAA,CAAK,WAAW,CAAA,GAAI,QAAA,GAAW,IAAA,IAAU,CAAA,EAAG,IAAO,CAAA;AAElG,EAAA,IAAI,iBAAA,GAAiF,IAAA;AACrF,EAAA,IAAI,eAAA,GAAwC,IAAA;AAC5C,EAAA,MAAM,UAAU,MAAA,CAAO,OAAA;AAEvB,EAAA,SAAS,aAAa,IAAA,EAA6B;AACjD,IAAA,MAAM,CAAA,GAAI,IAAI,OAAA,CAAQ,MAAA,CAAO,cAAc,CAAA;AAC3C,IAAA,IAAI,IAAA,EAAM,IAAI,OAAA,CAAQ,IAAI,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAA,EAAG,CAAA,KAAM,CAAA,CAAE,GAAA,CAAI,CAAA,EAAG,CAAC,CAAC,CAAA;AACzD,IAAA,OAAO,CAAA;AAAA,EACT;AAEA,EAAA,eAAe,sBAAA,GAA2D;AACxE,IAAA,MAAM,GAAA,GAAM,WAAA,CAAY,OAAA,EAAS,mBAAmB,CAAA;AACpD,IAAA,IAAI,GAAA;AACJ,IAAA,IAAI;AACF,MAAA,GAAA,GAAM,MAAM,UAAU,GAAA,EAAK;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,WAAA;AAAA,QACA,KAAA,EAAO,UAAA;AAAA,QACP,SAAS,YAAA;AAAa,OACvB,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,IAAI,iBAAA,CAAkB,yBAAA,EAAwB,SAAA,EAAW,GAAG,IAAI,CAAA;AAAA,IACxE;AAEA,IAAA,MAAM,OAAQ,MAAM,GAAA,CAAI,MAAK,CAAE,KAAA,CAAM,MAAM,IAAI,CAAA;AAE/C,IAAA,IAAI,CAAC,GAAA,CAAI,EAAA,IAAM,CAAC,IAAA,IAAS,IAAA,CAA0B,OAAO,IAAA,EAAM;AAC9D,MAAA,MAAM,6BAAA,CAA8B,GAAA,CAAI,MAAA,EAAQ,IAAI,CAAA;AAAA,IACtD;AAEA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,eAAe,gBAAgB,OAAA,EAAqE;AAClG,IAAA,IAAI,OAAA,EAAS,SAAA,IAAa,QAAA,IAAY,CAAA,EAAG;AACvC,MAAA,MAAMA,KAAAA,GAAO,MAAM,sBAAA,EAAuB;AAC1C,MAAA,IAAI,QAAA,GAAW,GAAG,iBAAA,GAAoB,EAAE,MAAAA,KAAAA,EAAM,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,EAAE;AACpE,MAAA,OAAOA,KAAAA;AAAA,IACT;AAEA,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AAErB,IAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,MAAA,MAAMA,KAAAA,GAAO,MAAM,sBAAA,EAAuB;AAC1C,MAAA,iBAAA,GAAoB,EAAE,IAAA,EAAAA,KAAAA,EAAM,SAAA,EAAW,GAAA,EAAI;AAC3C,MAAA,OAAOA,KAAAA;AAAA,IACT;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,iBAAA,CAAkB,SAAA;AAEpC,IAAA,IAAI,MAAM,QAAA,EAAU;AAClB,MAAA,OAAO,iBAAA,CAAkB,IAAA;AAAA,IAC3B;AAEA,IAAA,IAAI,GAAA,GAAM,WAAW,iBAAA,EAAmB;AACtC,MAAA,IAAI,CAAC,eAAA,EAAiB;AACpB,QAAA,eAAA,GAAkB,sBAAA,EAAuB,CACtC,IAAA,CAAK,CAACA,KAAAA,KAAS;AACd,UAAA,iBAAA,GAAoB,EAAE,IAAA,EAAAA,KAAAA,EAAM,SAAA,EAAW,IAAA,CAAK,KAAI,EAAE;AAAA,QACpD,CAAC,CAAA,CACA,KAAA,CAAM,MAAM;AAAA,QAEb,CAAC,CAAA,CACA,OAAA,CAAQ,MAAM;AACb,UAAA,eAAA,GAAkB,IAAA;AAAA,QACpB,CAAC,CAAA;AAAA,MACL;AACA,MAAA,OAAO,iBAAA,CAAkB,IAAA;AAAA,IAC3B;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,sBAAA,EAAuB;AAC1C,IAAA,iBAAA,GAAoB,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,CAAK,KAAI,EAAE;AAClD,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,SAAS,2BAAA,GAA8B;AACrC,IAAA,iBAAA,GAAoB,IAAA;AACpB,IAAA,eAAA,GAAkB,IAAA;AAAA,EACpB;AAEA,EAAA,eAAe,YAAY,MAAA,EAIA;AACzB,IAAA,MAAM,IAAA,GAAO,cAAA,CAAe,MAAA,CAAO,IAAI,CAAA;AACvC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,iBAAA,CAAkB,sBAAA,EAAwB,aAAA,EAAe,KAAK,IAAI,CAAA;AAAA,IAC9E;AAEA,IAAA,MAAM,GAAA,GAAM,WAAA,CAAY,OAAA,EAAS,UAAU,CAAA;AAC3C,IAAA,MAAM,MAAA,GAAS,MAAA,CAAO,MAAA,CAAO,WAAA,EAAY;AAEzC,IAAA,IAAI,GAAA;AACJ,IAAA,IAAI;AACF,MAAA,GAAA,GAAM,MAAM,UAAU,GAAA,EAAK;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA;AAAA,QACA,OAAA,EAAS,YAAA,CAAa,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAAA,QAC5D,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,UACnB,SAAS,MAAA,CAAO,OAAA;AAAA,UAChB,MAAA;AAAA,UACA;AAAA,SACD;AAAA,OACF,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,IAAI,iBAAA,CAAkB,yBAAA,EAAwB,SAAA,EAAW,GAAG,IAAI,CAAA;AAAA,IACxE;AAEA,IAAA,MAAM,OAAQ,MAAM,GAAA,CAAI,MAAK,CAAE,KAAA,CAAM,MAAM,IAAI,CAAA;AAC/C,IAAA,IAAI,CAAC,QAAQ,IAAA,CAAK,EAAA,KAAO,QAAQ,OAAO,IAAA,CAAK,UAAU,QAAA,EAAU;AAC/D,MAAA,MAAM,oBAAA,CAAqB,GAAA,CAAI,MAAA,EAAQ,IAAI,CAAA;AAAA,IAC7C;AAEA,IAAA,MAAM,MAAM,OAAO,IAAA,CAAK,GAAA,KAAQ,QAAA,GAAW,KAAK,GAAA,GAAM,CAAA;AACtD,IAAA,OAAO,EAAE,KAAA,EAAO,IAAA,CAAK,KAAA,EAAO,GAAA,EAAI;AAAA,EAClC;AAEA,EAAA,eAAe,QAAQ,MAAA,EAII;AACzB,IAAA,kBAAA,CAAmB,OAAO,OAAO,CAAA;AACjC,IAAA,IAAI;AACF,MAAA,OAAO,MAAM,YAAY,MAAM,CAAA;AAAA,IACjC,SAAS,CAAA,EAAG;AACV,MAAA,IAAI,CAAA,YAAa,iBAAA,IAAqB,oBAAA,CAAqB,CAAC,CAAA,EAAG;AAC7D,QAAA,QAAA,CAAS,OAAA,EAAS;AAAA,UAChB,IAAA,EAAM,kBAAA;AAAA,UACN,SAAS,MAAA,CAAO,OAAA;AAAA,UAChB,QAAQ,CAAA,CAAE;AAAA,SACX,CAAA;AACD,QAAA,IAAI;AACF,UAAA,OAAO,MAAM,YAAY,MAAM,CAAA;AAAA,QACjC,SAAS,EAAA,EAAI;AACX,UAAA,IAAI,cAAc,iBAAA,EAAmB;AACnC,YAAA,QAAA,CAAS,OAAA,EAAS;AAAA,cAChB,IAAA,EAAM,iBAAA;AAAA,cACN,SAAS,MAAA,CAAO,OAAA;AAAA,cAChB,MAAM,EAAA,CAAG,IAAA;AAAA,cACT,QAAQ,EAAA,CAAG;AAAA,aACZ,CAAA;AAAA,UACH;AACA,UAAA,MAAM,EAAA;AAAA,QACR;AAAA,MACF;AACA,MAAA,IAAI,aAAa,iBAAA,EAAmB;AAClC,QAAA,QAAA,CAAS,OAAA,EAAS;AAAA,UAChB,IAAA,EAAM,iBAAA;AAAA,UACN,SAAS,MAAA,CAAO,OAAA;AAAA,UAChB,MAAM,CAAA,CAAE,IAAA;AAAA,UACR,QAAQ,CAAA,CAAE;AAAA,SACX,CAAA;AAAA,MACH;AACA,MAAA,MAAM,CAAA;AAAA,IACR;AAAA,EACF;AAEA,EAAA,eAAe,YAAA,CAAa,KAAA,EAA0B,IAAA,GAA2B,EAAC,EAAsB;AACtG,IAAA,MAAM,EAAE,OAAA,EAAS,GAAG,IAAA,EAAK,GAAI,IAAA;AAE7B,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,QAAA,MAAM,CAAA,GAAI,KAAA,CAAM,UAAA,CAAW,SAAS,CAAA,IAAK,KAAA,CAAM,UAAA,CAAW,UAAU,CAAA,GAAI,KAAA,GAAQ,WAAA,CAAY,OAAA,EAAS,KAAK,CAAA;AAC1G,QAAA,OAAO,UAAU,CAAA,EAAG;AAAA,UAClB,GAAG,IAAA;AAAA,UACH,WAAA,EAAa,KAAK,WAAA,IAAe,WAAA;AAAA,UACjC,OAAA,EAAS,YAAA,CAAa,IAAA,CAAK,OAAkC;AAAA,SAC9D,CAAA;AAAA,MACH;AACA,MAAA,IAAI,iBAAiB,GAAA,EAAK;AACxB,QAAA,OAAO,UAAU,KAAA,EAAO;AAAA,UACtB,GAAG,IAAA;AAAA,UACH,WAAA,EAAa,KAAK,WAAA,IAAe,WAAA;AAAA,UACjC,OAAA,EAAS,YAAA,CAAa,IAAA,CAAK,OAAkC;AAAA,SAC9D,CAAA;AAAA,MACH;AACA,MAAA,OAAO,UAAU,KAAA,EAAO;AAAA,QACtB,GAAG,IAAA;AAAA,QACH,WAAA,EAAa,KAAK,WAAA,IAAe,WAAA;AAAA,QACjC,OAAA,EAAS,YAAA,CAAa,IAAA,CAAK,OAAkC;AAAA,OAC9D,CAAA;AAAA,IACH;AAEA,IAAA,kBAAA,CAAmB,OAAO,CAAA;AAE1B,IAAA,MAAM,SAAA,GAAY,iBAAA,CAAkB,KAAA,EAAO,OAAO,CAAA;AAClD,IAAA,MAAM,MAAA,GAAA,CAAU,IAAA,CAAK,MAAA,IAAU,KAAA,EAAO,WAAA,EAAY;AAClD,IAAA,MAAM,IAAA,GAAO,eAAe,SAAS,CAAA;AACrC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,iBAAA,CAAkB,+CAAA,EAA8C,aAAA,EAAe,KAAK,IAAI,CAAA;AAAA,IACpG;AAEA,IAAA,eAAe,QAAQ,KAAA,EAAe;AACpC,MAAA,MAAM,OAAA,GAAU,YAAA,CAAa,IAAA,CAAK,OAAkC,CAAA;AACpE,MAAA,OAAA,CAAQ,GAAA,CAAI,SAAS,KAAK,CAAA;AAC1B,MAAA,OAAO,UAAU,SAAA,EAAW;AAAA,QAC1B,GAAG,IAAA;AAAA,QACH,OAAA;AAAA,QACA,WAAA,EAAa,KAAK,WAAA,IAAe;AAAA,OAClC,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,QAAQ,MAAM,OAAA,CAAQ,EAAE,OAAA,EAAS,MAAA,EAAQ,MAAM,CAAA;AACrD,IAAA,IAAI,GAAA,GAAM,MAAM,OAAA,CAAQ,KAAA,CAAM,KAAK,CAAA;AAEnC,IAAA,IAAI,GAAA,CAAI,WAAW,GAAA,EAAK;AACtB,MAAA,MAAM,CAAA,GAAI,MAAM,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AACxC,MAAA,MAAM,GAAA,GAAM,GAAG,KAAA,IAAS,EAAA;AACxB,MAAA,IAAI,GAAA,KAAQ,aAAA,IAAiB,GAAA,KAAQ,aAAA,EAAe;AAClD,QAAA,QAAA,CAAS,OAAA,EAAS,EAAE,IAAA,EAAM,kBAAA,EAAoB,SAAS,IAAA,EAAM,MAAA,EAAQ,KAAK,CAAA;AAC1E,QAAA,MAAM,SAAS,MAAM,OAAA,CAAQ,EAAE,OAAA,EAAS,MAAA,EAAQ,MAAM,CAAA;AACtD,QAAA,GAAA,GAAM,MAAM,OAAA,CAAQ,MAAA,CAAO,KAAK,CAAA;AAAA,MAClC,WAAW,GAAA,KAAQ,uBAAA,IAA2B,GAAA,KAAQ,uBAAA,IAA2B,QAAQ,cAAA,EAAgB;AACvG,QAAA,QAAA,CAAS,OAAA,EAAS;AAAA,UAChB,IAAA,EAAM,oBAAA;AAAA,UACN,OAAA;AAAA,UACA,IAAA;AAAA,UACA,MAAA,EAAQ,GAAA;AAAA,UACR,QAAQ,GAAA,CAAI;AAAA,SACb,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,OAAO,GAAA;AAAA,EACT;AAEA,EAAA,eAAe,OAAA,CACb,OAAA,EACA,MAAA,EACA,SAAA,EACA,GAAA,EACY;AACZ,IAAA,kBAAA,CAAmB,OAAO,CAAA;AAC1B,IAAA,MAAM,IAAA,GAAO,eAAe,SAAS,CAAA;AACrC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,iBAAA,CAAkB,sBAAA,EAAwB,aAAA,EAAe,KAAK,IAAI,CAAA;AAAA,IAC9E;AACA,IAAA,MAAM,EAAE,KAAA,EAAM,GAAI,MAAM,OAAA,CAAQ,EAAE,OAAA,EAAS,MAAA,EAAQ,MAAA,CAAO,WAAA,EAAY,EAAG,IAAA,EAAM,CAAA;AAC/E,IAAA,MAAM,UAAU,YAAA,EAAa;AAC7B,IAAA,OAAA,CAAQ,GAAA,CAAI,SAAS,KAAK,CAAA;AAC1B,IAAA,OAAO,GAAA,CAAI,EAAE,OAAA,EAAS,CAAA;AAAA,EACxB;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ;AAAA,MACN,OAAA;AAAA,MACA,WAAA;AAAA,MACA,sBAAA,EAAwB,QAAA;AAAA,MACxB,6BAAA,EAA+B;AAAA,KACjC;AAAA,IACA,eAAA;AAAA,IACA,2BAAA;AAAA,IACA,OAAA;AAAA,IACA,YAAA;AAAA,IACA;AAAA,GACF;AACF;;;AC7RO,SAAS,qBAAA,CAAsB,GAAA,GAAgC,EAAC,EAAuB;AAC5F,EAAA,MAAM,OAAA,GAAU,IAAI,OAAA,IAAW,EAAA;AAC/B,EAAA,MAAM,WAAA,GAAc,IAAI,WAAA,IAAe,SAAA;AACvC,EAAA,MAAM,yBAAyB,GAAA,CAAI,sBAAA;AACnC,EAAA,MAAM,gCAAgC,GAAA,CAAI,6BAAA;AAC1C,EAAA,MAAM,UAAU,GAAA,CAAI,OAAA;AAEpB,EAAA,OAAaC,gBAAA,CAAA,OAAA;AAAA,IACX,MACE,wBAAA,CAAyB;AAAA,MACvB,OAAA;AAAA,MACA,WAAA;AAAA,MACA,sBAAA;AAAA,MACA,6BAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,IACH,CAAC,OAAA,EAAS,WAAA,EAAa,sBAAA,EAAwB,+BAA+B,OAAO;AAAA,GACvF;AACF","file":"react.cjs","sourcesContent":["export type MonetizationErrorCode =\n  | \"unauthorized\"\n  | \"forbidden\"\n  | \"not_entitled\"\n  | \"rate_limited\"\n  | \"bad_request\"\n  | \"sat_issue_failed\"\n  | \"sat_store_unavailable\"\n  | \"network\"\n  | \"unknown\";\n\nexport class MonetizationError extends Error {\n  readonly code: MonetizationErrorCode;\n  readonly status: number;\n  readonly body: unknown;\n\n  constructor(message: string, code: MonetizationErrorCode, status: number, body: unknown = null) {\n    super(message);\n    this.name = \"MonetizationError\";\n    this.code = code;\n    this.status = status;\n    this.body = body;\n  }\n}\n\nfunction mapSatIssueError(err: string | undefined): MonetizationErrorCode {\n  switch (err) {\n    case \"unauthorized\":\n      return \"unauthorized\";\n    case \"not_entitled\":\n      return \"not_entitled\";\n    case \"rate_limited\":\n      return \"rate_limited\";\n    case \"sat_jti_unavailable\":\n      return \"sat_store_unavailable\";\n    default:\n      return \"sat_issue_failed\";\n  }\n}\n\nexport function errorFromSatResponse(status: number, body: Record<string, unknown> | null): MonetizationError {\n  const err = typeof body?.error === \"string\" ? body.error : undefined;\n  if (status === 401) {\n    return new MonetizationError(\"Session requise pour émettre un SAT.\", \"unauthorized\", 401, body);\n  }\n  if (status === 403) {\n    return new MonetizationError(\"Action non autorisée (entitlement ou règle serveur).\", \"forbidden\", 403, body);\n  }\n  if (status === 429) {\n    return new MonetizationError(\"Trop de demandes de SAT.\", \"rate_limited\", 429, body);\n  }\n  if (status === 400) {\n    return new MonetizationError(err || \"Requête SAT invalide.\", \"bad_request\", 400, body);\n  }\n  if (status === 503) {\n    return new MonetizationError(\"Stockage SAT indisponible.\", \"sat_store_unavailable\", 503, body);\n  }\n  const code = mapSatIssueError(err);\n  return new MonetizationError(err || \"Émission SAT échouée.\", code, status || 500, body);\n}\n\nexport function errorFromEntitlementsResponse(status: number, body: unknown): MonetizationError {\n  if (status === 401) {\n    return new MonetizationError(\"Non authentifié.\", \"unauthorized\", 401, body);\n  }\n  return new MonetizationError(\"Erreur entitlements.\", \"unknown\", status, body);\n}\n\n/** Une seconde tentative de mint SAT est pertinente (transient / horloge / invalid recoverable). */\nexport function isMintRetryableError(e: MonetizationError): boolean {\n  if (e.code === \"network\") return true;\n  if (e.code === \"sat_store_unavailable\") return true;\n  if (e.code === \"sat_issue_failed\" && e.status >= 500) return true;\n\n  const raw = e.body as Record<string, unknown> | null;\n  const apiErr = typeof raw?.error === \"string\" ? raw.error : \"\";\n  if (apiErr === \"sat_invalid\" || apiErr === \"sat_expired\") return true;\n\n  return false;\n}\n","/**\n * Clés acceptées par POST /api/sat côté serveur Exodus (whitelist API).\n * Toute autre valeur est refusée par le serveur.\n */\nexport const SAT_FEATURE_KEYS = [\n  \"chat.send\",\n  \"chat.media\",\n  \"contacts.view\",\n  \"whatsapp.handoff\",\n  \"demo.secure_read\",\n] as const;\n\nexport type SatFeatureKey = (typeof SAT_FEATURE_KEYS)[number];\n\n/** Réponse 200 de GET /api/entitlements */\nexport type EntitlementsGetResponse = {\n  ok: true;\n  claim: {\n    sub: string;\n    plan: { key: string; name: string; active: boolean };\n    features: string[];\n    sid: string;\n    device: string;\n    iat: number;\n    exp: number;\n    jti: string;\n    ver: number;\n    ev?: unknown;\n  };\n  token: string | null;\n};\n\nexport type EntitlementsGetErrorBody = {\n  ok: false;\n  error: string;\n};\n\n/** Observabilité côté client (analytics / debug) — ne remplace pas les logs serveur. */\nexport type MonetizationSdkEvent =\n  | { type: \"sat_mint_failed\"; feature: string; code: string; status: number }\n  | { type: \"sat_mint_retried\"; feature: string; reason: string }\n  | { type: \"sat_action_retry\"; feature: string; path: string; reason: string }\n  | { type: \"sat_action_blocked\"; feature: string; path: string; reason: string; status: number };\n\nexport type MonetizationClientConfig = {\n  /**\n   * Origine de l’app (ex. https://app.exemple.com). Chaîne vide = URLs relatives (même origine).\n   */\n  baseUrl?: string;\n  credentials?: RequestCredentials;\n  /** TTL « frais » cache GET /api/entitlements (0 = pas de cache). */\n  entitlementsCacheTtlMs?: number;\n  /**\n   * Fenêtre stale-after-fresh : pendant ce délai après l’échéance « fraîche »,\n   * la dernière copie est renvoyée immédiatement et un rafraîchissement async part en arrière-plan.\n   * Défaut : min(2 × fresh, 120_000 ms).\n   */\n  entitlementsStaleAfterFreshMs?: number;\n  /** Surcharge fetch (tests, SSR avec cookies explicites). */\n  fetchImpl?: typeof fetch;\n  /** Headers ajoutés à chaque appel (ex. tracing). */\n  defaultHeaders?: HeadersInit;\n  /** Hook optionnel produit / télémétrie (SAT mint échoué, retry, action bloquée). */\n  onEvent?: (event: MonetizationSdkEvent) => void;\n};\n\nexport type MintSatResult = {\n  token: string;\n  exp: number;\n};\n\nexport type GuardedRequestInit = RequestInit & {\n  /** Si défini, un SAT est résolu via POST /api/sat avant la requête. */\n  feature?: SatFeatureKey;\n};\n","import { MonetizationError } from \"./errors\";\nimport { SAT_FEATURE_KEYS, type SatFeatureKey } from \"./types\";\n\nconst KNOWN = new Set<string>(SAT_FEATURE_KEYS);\n\n/** Fail-fast : la clé doit être dans la whitelist alignée sur `POST /api/sat`. */\nexport function validateFeatureKey(feature: unknown): asserts feature is SatFeatureKey {\n  if (typeof feature !== \"string\" || !KNOWN.has(feature)) {\n    throw new MonetizationError(\n      `Invalid SAT feature key \"${String(feature)}\". Expected one of SAT_FEATURE_KEYS.`,\n      \"bad_request\",\n      400,\n      { feature, allowed: [...SAT_FEATURE_KEYS] },\n    );\n  }\n}\n\nexport function isSatFeatureKey(feature: string): feature is SatFeatureKey {\n  return KNOWN.has(feature);\n}\n","/** URL absolue ou chemin relatif → pathname pour contrainte SAT (htu). */\nexport function pathnameForSat(input: string): string {\n  const raw = (input ?? \"\").trim();\n  if (!raw) return \"\";\n\n  if (raw.startsWith(\"http://\") || raw.startsWith(\"https://\")) {\n    try {\n      return new URL(raw).pathname.replace(/\\/{2,}/g, \"/\");\n    } catch {\n      return \"\";\n    }\n  }\n\n  const noHash = raw.split(\"#\")[0] ?? raw;\n  const noQuery = (noHash.split(\"?\")[0] ?? noHash).trim();\n\n  if (!noQuery.startsWith(\"/\")) return \"\";\n  if (noQuery.startsWith(\"//\")) return \"\";\n  if (noQuery.includes(\"://\")) return \"\";\n\n  return noQuery.replace(/\\/{2,}/g, \"/\");\n}\n\nexport function joinBaseUrl(baseUrl: string, path: string): string {\n  const b = (baseUrl ?? \"\").replace(/\\/$/, \"\");\n  const p = path.startsWith(\"/\") ? path : `/${path}`;\n  if (!b) return p;\n  return `${b}${p}`;\n}\n\nexport function resolveRequestUrl(input: RequestInfo | URL, baseUrl: string): string {\n  if (typeof input === \"string\") {\n    if (input.startsWith(\"http://\") || input.startsWith(\"https://\")) return input;\n    return joinBaseUrl(baseUrl, input);\n  }\n  if (input instanceof URL) return input.href;\n  return input.url;\n}\n","import {\n  errorFromEntitlementsResponse,\n  errorFromSatResponse,\n  isMintRetryableError,\n  MonetizationError,\n  type MonetizationErrorCode,\n} from \"./errors\";\nimport { validateFeatureKey } from \"./features\";\nimport { joinBaseUrl, pathnameForSat, resolveRequestUrl } from \"./paths\";\nimport type {\n  EntitlementsGetResponse,\n  GuardedRequestInit,\n  MintSatResult,\n  MonetizationClientConfig,\n  MonetizationSdkEvent,\n  SatFeatureKey,\n} from \"./types\";\n\nexport type MonetizationClient = ReturnType<typeof createMonetizationClient>;\n\nfunction safeEmit(onEvent: MonetizationClientConfig[\"onEvent\"], e: MonetizationSdkEvent) {\n  try {\n    onEvent?.(e);\n  } catch {\n    /* hook ne doit pas casser le client */\n  }\n}\n\nasync function readJsonBody(res: Response): Promise<{ error?: string } | null> {\n  return (await res.json().catch(() => null)) as { error?: string } | null;\n}\n\nexport function createMonetizationClient(config: MonetizationClientConfig = {}) {\n  const baseUrl = (config.baseUrl ?? \"\").trim().replace(/\\/$/, \"\");\n  const credentials = config.credentials ?? \"include\";\n  const fetchImpl = config.fetchImpl ?? globalThis.fetch.bind(globalThis);\n  const cacheTtl = config.entitlementsCacheTtlMs ?? 12_000;\n  const staleAfterFreshMs =\n    config.entitlementsStaleAfterFreshMs ?? Math.min((cacheTtl > 0 ? cacheTtl : 12_000) * 2, 120_000);\n\n  let entitlementsCache: { data: EntitlementsGetResponse; fetchedAt: number } | null = null;\n  let inflightRefresh: Promise<void> | null = null;\n  const onEvent = config.onEvent;\n\n  function mergeHeaders(init?: HeadersInit): Headers {\n    const h = new Headers(config.defaultHeaders);\n    if (init) new Headers(init).forEach((v, k) => h.set(k, v));\n    return h;\n  }\n\n  async function fetchEntitlementsFresh(): Promise<EntitlementsGetResponse> {\n    const url = joinBaseUrl(baseUrl, \"/api/entitlements\");\n    let res: Response;\n    try {\n      res = await fetchImpl(url, {\n        method: \"GET\",\n        credentials,\n        cache: \"no-store\",\n        headers: mergeHeaders(),\n      });\n    } catch {\n      throw new MonetizationError(\"Réseau indisponible.\", \"network\", 0, null);\n    }\n\n    const body = (await res.json().catch(() => null)) as EntitlementsGetResponse | { ok?: boolean; error?: string };\n\n    if (!res.ok || !body || (body as { ok?: boolean }).ok !== true) {\n      throw errorFromEntitlementsResponse(res.status, body);\n    }\n\n    return body as EntitlementsGetResponse;\n  }\n\n  async function getEntitlements(options?: { skipCache?: boolean }): Promise<EntitlementsGetResponse> {\n    if (options?.skipCache || cacheTtl <= 0) {\n      const data = await fetchEntitlementsFresh();\n      if (cacheTtl > 0) entitlementsCache = { data, fetchedAt: Date.now() };\n      return data;\n    }\n\n    const now = Date.now();\n\n    if (!entitlementsCache) {\n      const data = await fetchEntitlementsFresh();\n      entitlementsCache = { data, fetchedAt: now };\n      return data;\n    }\n\n    const age = now - entitlementsCache.fetchedAt;\n\n    if (age < cacheTtl) {\n      return entitlementsCache.data;\n    }\n\n    if (age < cacheTtl + staleAfterFreshMs) {\n      if (!inflightRefresh) {\n        inflightRefresh = fetchEntitlementsFresh()\n          .then((data) => {\n            entitlementsCache = { data, fetchedAt: Date.now() };\n          })\n          .catch(() => {\n            /* garde le snapshot stale */\n          })\n          .finally(() => {\n            inflightRefresh = null;\n          });\n      }\n      return entitlementsCache.data;\n    }\n\n    const data = await fetchEntitlementsFresh();\n    entitlementsCache = { data, fetchedAt: Date.now() };\n    return data;\n  }\n\n  function invalidateEntitlementsCache() {\n    entitlementsCache = null;\n    inflightRefresh = null;\n  }\n\n  async function mintSatOnce(params: {\n    feature: SatFeatureKey;\n    method: string;\n    path: string;\n  }): Promise<MintSatResult> {\n    const path = pathnameForSat(params.path);\n    if (!path) {\n      throw new MonetizationError(\"Chemin SAT invalide.\", \"bad_request\", 400, null);\n    }\n\n    const url = joinBaseUrl(baseUrl, \"/api/sat\");\n    const method = params.method.toUpperCase();\n\n    let res: Response;\n    try {\n      res = await fetchImpl(url, {\n        method: \"POST\",\n        credentials,\n        headers: mergeHeaders({ \"content-type\": \"application/json\" }),\n        body: JSON.stringify({\n          feature: params.feature,\n          method,\n          path,\n        }),\n      });\n    } catch {\n      throw new MonetizationError(\"Réseau indisponible.\", \"network\", 0, null);\n    }\n\n    const body = (await res.json().catch(() => null)) as Record<string, unknown> | null;\n    if (!body || body.ok !== true || typeof body.token !== \"string\") {\n      throw errorFromSatResponse(res.status, body);\n    }\n\n    const exp = typeof body.exp === \"number\" ? body.exp : 0;\n    return { token: body.token, exp };\n  }\n\n  async function mintSat(params: {\n    feature: SatFeatureKey;\n    method: string;\n    path: string;\n  }): Promise<MintSatResult> {\n    validateFeatureKey(params.feature);\n    try {\n      return await mintSatOnce(params);\n    } catch (e) {\n      if (e instanceof MonetizationError && isMintRetryableError(e)) {\n        safeEmit(onEvent, {\n          type: \"sat_mint_retried\",\n          feature: params.feature,\n          reason: e.code,\n        });\n        try {\n          return await mintSatOnce(params);\n        } catch (e2) {\n          if (e2 instanceof MonetizationError) {\n            safeEmit(onEvent, {\n              type: \"sat_mint_failed\",\n              feature: params.feature,\n              code: e2.code,\n              status: e2.status,\n            });\n          }\n          throw e2;\n        }\n      }\n      if (e instanceof MonetizationError) {\n        safeEmit(onEvent, {\n          type: \"sat_mint_failed\",\n          feature: params.feature,\n          code: e.code,\n          status: e.status,\n        });\n      }\n      throw e;\n    }\n  }\n\n  async function guardedFetch(input: RequestInfo | URL, init: GuardedRequestInit = {}): Promise<Response> {\n    const { feature, ...rest } = init;\n\n    if (!feature) {\n      if (typeof input === \"string\") {\n        const u = input.startsWith(\"http://\") || input.startsWith(\"https://\") ? input : joinBaseUrl(baseUrl, input);\n        return fetchImpl(u, {\n          ...rest,\n          credentials: rest.credentials ?? credentials,\n          headers: mergeHeaders(rest.headers as HeadersInit | undefined),\n        });\n      }\n      if (input instanceof URL) {\n        return fetchImpl(input, {\n          ...rest,\n          credentials: rest.credentials ?? credentials,\n          headers: mergeHeaders(rest.headers as HeadersInit | undefined),\n        });\n      }\n      return fetchImpl(input, {\n        ...rest,\n        credentials: rest.credentials ?? credentials,\n        headers: mergeHeaders(rest.headers as HeadersInit | undefined),\n      });\n    }\n\n    validateFeatureKey(feature);\n\n    const targetUrl = resolveRequestUrl(input, baseUrl);\n    const method = (rest.method ?? \"GET\").toUpperCase();\n    const path = pathnameForSat(targetUrl);\n    if (!path) {\n      throw new MonetizationError(\"Impossible de dériver le path pour le SAT.\", \"bad_request\", 400, null);\n    }\n\n    async function doFetch(token: string) {\n      const headers = mergeHeaders(rest.headers as HeadersInit | undefined);\n      headers.set(\"X-SAT\", token);\n      return fetchImpl(targetUrl, {\n        ...rest,\n        headers,\n        credentials: rest.credentials ?? credentials,\n      });\n    }\n\n    const first = await mintSat({ feature, method, path });\n    let res = await doFetch(first.token);\n\n    if (res.status === 403) {\n      const j = await readJsonBody(res.clone());\n      const err = j?.error ?? \"\";\n      if (err === \"sat_invalid\" || err === \"sat_expired\") {\n        safeEmit(onEvent, { type: \"sat_action_retry\", feature, path, reason: err });\n        const second = await mintSat({ feature, method, path });\n        res = await doFetch(second.token);\n      } else if (err === \"sat_replay_or_expired\" || err === \"sat_feature_forbidden\" || err === \"sat_required\") {\n        safeEmit(onEvent, {\n          type: \"sat_action_blocked\",\n          feature,\n          path,\n          reason: err,\n          status: res.status,\n        });\n      }\n    }\n\n    return res;\n  }\n\n  async function protect<T>(\n    feature: SatFeatureKey,\n    method: string,\n    pathOrUrl: string,\n    run: (ctx: { headers: Headers }) => Promise<T>,\n  ): Promise<T> {\n    validateFeatureKey(feature);\n    const path = pathnameForSat(pathOrUrl);\n    if (!path) {\n      throw new MonetizationError(\"Chemin SAT invalide.\", \"bad_request\", 400, null);\n    }\n    const { token } = await mintSat({ feature, method: method.toUpperCase(), path });\n    const headers = mergeHeaders();\n    headers.set(\"X-SAT\", token);\n    return run({ headers });\n  }\n\n  return {\n    config: {\n      baseUrl,\n      credentials,\n      entitlementsCacheTtlMs: cacheTtl,\n      entitlementsStaleAfterFreshMs: staleAfterFreshMs,\n    } as const,\n    getEntitlements,\n    invalidateEntitlementsCache,\n    mintSat,\n    guardedFetch,\n    protect,\n  };\n}\n\nexport function isMonetizationError(e: unknown): e is MonetizationError {\n  return e instanceof MonetizationError;\n}\n\nexport type { MonetizationErrorCode };\n","import * as React from \"react\";\nimport { createMonetizationClient, type MonetizationClient } from \"./client\";\nimport type { MonetizationClientConfig } from \"./types\";\n\ntype StableMonetizationConfig = Pick<\n  MonetizationClientConfig,\n  \"baseUrl\" | \"credentials\" | \"entitlementsCacheTtlMs\" | \"entitlementsStaleAfterFreshMs\" | \"onEvent\"\n>;\n\n/**\n * Stable browser client (primitive config deps only).\n * For custom `defaultHeaders` / `fetchImpl`, use `createMonetizationClient` outside the hook.\n */\nexport function useMonetizationClient(cfg: StableMonetizationConfig = {}): MonetizationClient {\n  const baseUrl = cfg.baseUrl ?? \"\";\n  const credentials = cfg.credentials ?? \"include\";\n  const entitlementsCacheTtlMs = cfg.entitlementsCacheTtlMs;\n  const entitlementsStaleAfterFreshMs = cfg.entitlementsStaleAfterFreshMs;\n  const onEvent = cfg.onEvent;\n\n  return React.useMemo(\n    () =>\n      createMonetizationClient({\n        baseUrl,\n        credentials,\n        entitlementsCacheTtlMs,\n        entitlementsStaleAfterFreshMs,\n        onEvent,\n      }),\n    [baseUrl, credentials, entitlementsCacheTtlMs, entitlementsStaleAfterFreshMs, onEvent],\n  );\n}\n"]}

package/dist/react.d.mts

@@ -0,0 +1,110 @@
+/**
+ * Clés acceptées par POST /api/sat côté serveur Exodus (whitelist API).
+ * Toute autre valeur est refusée par le serveur.
+ */
+declare const SAT_FEATURE_KEYS: readonly ["chat.send", "chat.media", "contacts.view", "whatsapp.handoff", "demo.secure_read"];
+type SatFeatureKey = (typeof SAT_FEATURE_KEYS)[number];
+/** Réponse 200 de GET /api/entitlements */
+type EntitlementsGetResponse = {
+    ok: true;
+    claim: {
+        sub: string;
+        plan: {
+            key: string;
+            name: string;
+            active: boolean;
+        };
+        features: string[];
+        sid: string;
+        device: string;
+        iat: number;
+        exp: number;
+        jti: string;
+        ver: number;
+        ev?: unknown;
+    };
+    token: string | null;
+};
+/** Observabilité côté client (analytics / debug) — ne remplace pas les logs serveur. */
+type MonetizationSdkEvent = {
+    type: "sat_mint_failed";
+    feature: string;
+    code: string;
+    status: number;
+} | {
+    type: "sat_mint_retried";
+    feature: string;
+    reason: string;
+} | {
+    type: "sat_action_retry";
+    feature: string;
+    path: string;
+    reason: string;
+} | {
+    type: "sat_action_blocked";
+    feature: string;
+    path: string;
+    reason: string;
+    status: number;
+};
+type MonetizationClientConfig = {
+    /**
+     * Origine de l’app (ex. https://app.exemple.com). Chaîne vide = URLs relatives (même origine).
+     */
+    baseUrl?: string;
+    credentials?: RequestCredentials;
+    /** TTL « frais » cache GET /api/entitlements (0 = pas de cache). */
+    entitlementsCacheTtlMs?: number;
+    /**
+     * Fenêtre stale-after-fresh : pendant ce délai après l’échéance « fraîche »,
+     * la dernière copie est renvoyée immédiatement et un rafraîchissement async part en arrière-plan.
+     * Défaut : min(2 × fresh, 120_000 ms).
+     */
+    entitlementsStaleAfterFreshMs?: number;
+    /** Surcharge fetch (tests, SSR avec cookies explicites). */
+    fetchImpl?: typeof fetch;
+    /** Headers ajoutés à chaque appel (ex. tracing). */
+    defaultHeaders?: HeadersInit;
+    /** Hook optionnel produit / télémétrie (SAT mint échoué, retry, action bloquée). */
+    onEvent?: (event: MonetizationSdkEvent) => void;
+};
+type MintSatResult = {
+    token: string;
+    exp: number;
+};
+type GuardedRequestInit = RequestInit & {
+    /** Si défini, un SAT est résolu via POST /api/sat avant la requête. */
+    feature?: SatFeatureKey;
+};
+
+type MonetizationClient = ReturnType<typeof createMonetizationClient>;
+declare function createMonetizationClient(config?: MonetizationClientConfig): {
+    config: {
+        readonly baseUrl: string;
+        readonly credentials: RequestCredentials;
+        readonly entitlementsCacheTtlMs: number;
+        readonly entitlementsStaleAfterFreshMs: number;
+    };
+    getEntitlements: (options?: {
+        skipCache?: boolean;
+    }) => Promise<EntitlementsGetResponse>;
+    invalidateEntitlementsCache: () => void;
+    mintSat: (params: {
+        feature: SatFeatureKey;
+        method: string;
+        path: string;
+    }) => Promise<MintSatResult>;
+    guardedFetch: (input: RequestInfo | URL, init?: GuardedRequestInit) => Promise<Response>;
+    protect: <T>(feature: SatFeatureKey, method: string, pathOrUrl: string, run: (ctx: {
+        headers: Headers;
+    }) => Promise<T>) => Promise<T>;
+};
+
+type StableMonetizationConfig = Pick<MonetizationClientConfig, "baseUrl" | "credentials" | "entitlementsCacheTtlMs" | "entitlementsStaleAfterFreshMs" | "onEvent">;
+/**
+ * Stable browser client (primitive config deps only).
+ * For custom `defaultHeaders` / `fetchImpl`, use `createMonetizationClient` outside the hook.
+ */
+declare function useMonetizationClient(cfg?: StableMonetizationConfig): MonetizationClient;
+
+export { useMonetizationClient };

package/dist/react.d.ts

@@ -0,0 +1,110 @@
+/**
+ * Clés acceptées par POST /api/sat côté serveur Exodus (whitelist API).
+ * Toute autre valeur est refusée par le serveur.
+ */
+declare const SAT_FEATURE_KEYS: readonly ["chat.send", "chat.media", "contacts.view", "whatsapp.handoff", "demo.secure_read"];
+type SatFeatureKey = (typeof SAT_FEATURE_KEYS)[number];
+/** Réponse 200 de GET /api/entitlements */
+type EntitlementsGetResponse = {
+    ok: true;
+    claim: {
+        sub: string;
+        plan: {
+            key: string;
+            name: string;
+            active: boolean;
+        };
+        features: string[];
+        sid: string;
+        device: string;
+        iat: number;
+        exp: number;
+        jti: string;
+        ver: number;
+        ev?: unknown;
+    };
+    token: string | null;
+};
+/** Observabilité côté client (analytics / debug) — ne remplace pas les logs serveur. */
+type MonetizationSdkEvent = {
+    type: "sat_mint_failed";
+    feature: string;
+    code: string;
+    status: number;
+} | {
+    type: "sat_mint_retried";
+    feature: string;
+    reason: string;
+} | {
+    type: "sat_action_retry";
+    feature: string;
+    path: string;
+    reason: string;
+} | {
+    type: "sat_action_blocked";
+    feature: string;
+    path: string;
+    reason: string;
+    status: number;
+};
+type MonetizationClientConfig = {
+    /**
+     * Origine de l’app (ex. https://app.exemple.com). Chaîne vide = URLs relatives (même origine).
+     */
+    baseUrl?: string;
+    credentials?: RequestCredentials;
+    /** TTL « frais » cache GET /api/entitlements (0 = pas de cache). */
+    entitlementsCacheTtlMs?: number;
+    /**
+     * Fenêtre stale-after-fresh : pendant ce délai après l’échéance « fraîche »,
+     * la dernière copie est renvoyée immédiatement et un rafraîchissement async part en arrière-plan.
+     * Défaut : min(2 × fresh, 120_000 ms).
+     */
+    entitlementsStaleAfterFreshMs?: number;
+    /** Surcharge fetch (tests, SSR avec cookies explicites). */
+    fetchImpl?: typeof fetch;
+    /** Headers ajoutés à chaque appel (ex. tracing). */
+    defaultHeaders?: HeadersInit;
+    /** Hook optionnel produit / télémétrie (SAT mint échoué, retry, action bloquée). */
+    onEvent?: (event: MonetizationSdkEvent) => void;
+};
+type MintSatResult = {
+    token: string;
+    exp: number;
+};
+type GuardedRequestInit = RequestInit & {
+    /** Si défini, un SAT est résolu via POST /api/sat avant la requête. */
+    feature?: SatFeatureKey;
+};
+
+type MonetizationClient = ReturnType<typeof createMonetizationClient>;
+declare function createMonetizationClient(config?: MonetizationClientConfig): {
+    config: {
+        readonly baseUrl: string;
+        readonly credentials: RequestCredentials;
+        readonly entitlementsCacheTtlMs: number;
+        readonly entitlementsStaleAfterFreshMs: number;
+    };
+    getEntitlements: (options?: {
+        skipCache?: boolean;
+    }) => Promise<EntitlementsGetResponse>;
+    invalidateEntitlementsCache: () => void;
+    mintSat: (params: {
+        feature: SatFeatureKey;
+        method: string;
+        path: string;
+    }) => Promise<MintSatResult>;
+    guardedFetch: (input: RequestInfo | URL, init?: GuardedRequestInit) => Promise<Response>;
+    protect: <T>(feature: SatFeatureKey, method: string, pathOrUrl: string, run: (ctx: {
+        headers: Headers;
+    }) => Promise<T>) => Promise<T>;
+};
+
+type StableMonetizationConfig = Pick<MonetizationClientConfig, "baseUrl" | "credentials" | "entitlementsCacheTtlMs" | "entitlementsStaleAfterFreshMs" | "onEvent">;
+/**
+ * Stable browser client (primitive config deps only).
+ * For custom `defaultHeaders` / `fetchImpl`, use `createMonetizationClient` outside the hook.
+ */
+declare function useMonetizationClient(cfg?: StableMonetizationConfig): MonetizationClient;
+
+export { useMonetizationClient };