npm - foundation-sdk - Versions diffs - 0.2.11 → 0.3.0 - Mend

foundation-sdk 0.2.11 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/dist/auth-auth0.cjs +1 -1
package/dist/auth-auth0.cjs.map +1 -1
package/dist/auth-auth0.d.cts +1 -1
package/dist/auth-auth0.d.ts +1 -1
package/dist/auth-auth0.js +1 -1
package/dist/auth-auth0.js.map +1 -1
package/dist/auth-cognito.cjs +1 -1
package/dist/auth-cognito.cjs.map +1 -1
package/dist/auth-cognito.d.cts +1 -1
package/dist/auth-cognito.d.ts +1 -1
package/dist/auth-cognito.js +1 -1
package/dist/auth-cognito.js.map +1 -1
package/dist/foundation-sdk.browser.auth0.global.js +1 -1
package/dist/foundation-sdk.browser.auth0.global.js.map +1 -1
package/dist/foundation-sdk.browser.global.js +1 -1
package/dist/foundation-sdk.browser.global.js.map +1 -1
package/dist/index.cjs +1 -1
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +2 -2
package/dist/index.d.ts +2 -2
package/dist/index.js +1 -1
package/dist/index.js.map +1 -1
package/dist/{types-C9WPa35S.d.cts → types-BiBc2oYU.d.cts} +27 -7
package/dist/{types-C9WPa35S.d.ts → types-BiBc2oYU.d.ts} +27 -7
package/package.json +1 -1

package/dist/foundation-sdk.browser.global.js CHANGED Viewed

@@ -18,7 +18,7 @@
                 See https://aws-amplify.github.io/docs/js/authentication#amplify-project-setup for more information
             2. This could also be caused by multiple conflicting versions of amplify packages, see (https://docs.amplify.aws/lib/troubleshooting/upgrading/q/platform/js) for help upgrading Amplify packages.
-        `},emptyUsername:{message:q.EMPTY_USERNAME},invalidUsername:{message:q.INVALID_USERNAME},emptyPassword:{message:q.EMPTY_PASSWORD},emptyCode:{message:q.EMPTY_CODE},signUpError:{message:q.SIGN_UP_ERROR,log:"The first parameter should either be non-null string or object"},noMFA:{message:q.NO_MFA},invalidMFA:{message:q.INVALID_MFA},emptyChallengeResponse:{message:q.EMPTY_CHALLENGE},noUserSession:{message:q.NO_USER_SESSION},deviceConfig:{message:q.DEVICE_CONFIG},networkError:{message:q.NETWORK_ERROR},autoSignInError:{message:q.AUTOSIGNIN_ERROR},default:{message:q.DEFAULT_MSG}};var Te=(e,t)=>new h({message:e??"An error has occurred during the oauth process.",name:be.OAuthSignInError,recoverySuggestion:t??sa.oauthSignInError.log});var rr;(function(e){e.NoConfig="noConfig",e.MissingAuthConfig="missingAuthConfig",e.EmptyUsername="emptyUsername",e.InvalidUsername="invalidUsername",e.EmptyPassword="emptyPassword",e.EmptyCode="emptyCode",e.SignUpError="signUpError",e.NoMFA="noMFA",e.InvalidMFA="invalidMFA",e.EmptyChallengeResponse="emptyChallengeResponse",e.NoUserSession="noUserSession",e.Default="default",e.DeviceConfig="deviceConfig",e.NetworkError="networkError",e.AutoSignInError="autoSignInError",e.OAuthSignInError="oauthSignInError"})(rr||(rr={}));var iu="`signInWithRedirect` has been canceled.",su="An error occurred while validating the state.",au="Try to initiate an OAuth flow from Amplify",dn=async e=>{let t=await V.loadOAuthState(),o=e===t?t:void 0;if(!o)throw new h({name:rr.OAuthSignInError,message:e===null?iu:su,recoverySuggestion:e===null?void 0:au});return o};var nr=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,responseType:n,domain:i,preferPrivateSession:s})=>{let a=new re(e),c=a.searchParams.get("error"),d=a.searchParams.get("error_description");if(c)throw Te(d??c);return n==="code"?cu({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:i,preferPrivateSession:s}):du({currentUrl:e,redirectUri:r,preferPrivateSession:s})},cu=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:n,preferPrivateSession:i})=>{let s=new re(e),a=s.searchParams.get("code"),c=s.searchParams.get("state");if(!a||!c)throw Te("User cancelled OAuth flow.");let d=await dn(c),u="https://"+n+"/oauth2/token",p=await V.loadPKCE(),l={grant_type:"authorization_code",code:a,client_id:o,redirect_uri:r,...p?{code_verifier:p}:{}},m=Object.entries(l).map(([Ee,F])=>`${encodeURIComponent(Ee)}=${encodeURIComponent(F)}`).join("&"),{access_token:g,refresh_token:E,id_token:A,error:w,error_message:T,token_type:te,expires_in:Q}=await(await fetch(u,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",[lr]:t},body:m})).json();if(w)throw Te(T??w);let ee=(g&&X(g).payload.username)??"username";return await ne({username:ee,AccessToken:g,IdToken:A,RefreshToken:E}),aa({redirectUri:r,state:d,preferPrivateSession:i})},du=async({currentUrl:e,redirectUri:t,preferPrivateSession:o})=>{let r=new re(e),{id_token:n,access_token:i,state:s,token_type:a,expires_in:c,error_description:d,error:u}=(r.hash??"#").substring(1).split("&").map(m=>m.split("=")).reduce((m,[g,E])=>({...m,[g]:E}),{id_token:void 0,access_token:void 0,state:void 0,token_type:void 0,expires_in:void 0,error_description:void 0,error:void 0});if(u)throw Te(d??u);if(!i)throw Te("No access token returned from OAuth flow.");let p=await dn(s),l=(i&&X(i).payload.username)??"username";return await ne({username:l,AccessToken:i,IdToken:n}),aa({redirectUri:t,state:p,preferPrivateSession:o})},aa=async({redirectUri:e,state:t,preferPrivateSession:o})=>{await M.setOAuthMetadata({oauthSignIn:!0}),await V.clearOAuthData(),await V.storeOAuthSignIn(!0,o),Vo(),lu(e),uu(t)&&J.dispatch("auth",{event:"customOAuthState",data:Wr(pu(t))},"Auth",$),J.dispatch("auth",{event:"signInWithRedirect"},"Auth",$),await de()},uu=e=>/-/.test(e),pu=e=>e.split("-").splice(1).join("-"),lu=e=>{typeof window<"u"&&typeof window.history<"u"&&window.history.replaceState(window.history.state,"",e)};function Ot(e,t){if(t){let o=e?.find(r=>r===t);if(!o)throw es;return o}else{let o=e?.find(mu)??e?.find(fu),r=e?.find(gu)??e?.find(hu);if(o)return o;throw r?ts:Qi}}var mu=e=>e.startsWith(String(window.location.origin+(window.location.pathname||"/"))),fu=e=>e.includes(String(window.location.hostname)),hu=e=>e.startsWith("http://"),gu=e=>e.startsWith("https://");var Dt=async e=>{Vo(),await V.clearOAuthInflightData(),J.dispatch("auth",{event:"signInWithRedirect_failure",data:{error:e}},"Auth",$)};var ca=async e=>{try{S(e),Fe(e),V.setAuthConfig(e)}catch{return}if(await V.loadOAuthInFlight())try{let t=window.location.href,{loginWith:o,userPoolClientId:r}=e,{domain:n,redirectSignIn:i,responseType:s}=o.oauth,a=Ot(i);await nr({currentUrl:t,clientId:r,domain:n,redirectUri:a,responseType:s,userAgentValue:D(_.SignInWithRedirect)})}catch(t){await Dt(t)}};He()&&I[kt](ca);var da={Google:"Google",Facebook:"Facebook",Amazon:"LoginWithAmazon",Apple:"SignInWithApple"};var ir=async e=>{window?.location&&(window.location.href=e.replace("http://","https://"))};var ua="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",pa=e=>{let t=new Uint8Array(e);at().getRandomValues(t);let o="",r;for(let n of t)o+=ua.charAt(n%ua.length);return{value:o,method:"S256",toCodeChallenge(){return r||(r=yu(o),r)}}};function yu(e){let t=new Le;return t.update(e),Eu(fe.convert(t.digestSync(),{urlSafe:!0}))}function Eu(e){return e.replace(/=/g,"")}var la=()=>Kr(32);var ma=e=>{async function t(o){if(o.persisted&&await e.loadOAuthInFlight()){let n=Te("User cancelled OAuth flow.");await Dt(n)}window.removeEventListener("pageshow",t)}window.addEventListener("pageshow",t)};async function sr(e){let t=I.getConfig().Auth?.Cognito;S(t),Fe(t),V.setAuthConfig(t),e?.options?.prompt||await tr();let o="COGNITO",r;return typeof e?.provider=="string"?o=da[e.provider]:e?.provider?.custom?o=e.provider.custom:e?.provider?.idpIdentifier&&({idpIdentifier:r}=e.provider),Su({oauthConfig:t.loginWith.oauth,clientId:t.userPoolClientId,provider:o,idpIdentifier:r,customState:e?.customState,preferPrivateSession:e?.options?.preferPrivateSession,options:{loginHint:e?.options?.loginHint,lang:e?.options?.lang,nonce:e?.options?.nonce,prompt:e?.options?.prompt},authSessionOpener:e?.options?.authSessionOpener})}var Su=async({oauthConfig:e,provider:t,idpIdentifier:o,clientId:r,customState:n,preferPrivateSession:i,options:s,authSessionOpener:a})=>{let{domain:c,redirectSignIn:d,responseType:u,scopes:p}=e,{loginHint:l,lang:m,nonce:g,prompt:E}=s??{},A=la(),w=a||ir,T=n?`${A}-${Vr(n)}`:A,{value:te,method:Q,toCodeChallenge:ee}=pa(128),Ee=Ot(e.redirectSignIn);He()&&V.storeOAuthInFlight(!0),V.storeOAuthState(T),V.storePKCE(te);let F=new URLSearchParams;F.append("redirect_uri",Ee),F.append("response_type",u),F.append("client_id",r),o?F.append("idp_identifier",o):F.append("identity_provider",t),F.append("scope",p.join(" ")),l&&F.append("login_hint",l),m&&F.append("lang",m),g&&F.append("nonce",g),E&&F.append("prompt",E.toLowerCase()),F.append("state",T),u==="code"&&(F.append("code_challenge",ee()),F.append("code_challenge_method",Q));let rt=`https://${c}/oauth2/authorize?${F.toString()}`;ma(V);let{type:ue,error:Et,url:St}=await w(rt,d,i)??{};try{if(ue==="error")throw Te(String(Et));if(ue==="canceled")throw Te(String(ue));ue==="success"&&St&&await nr({currentUrl:St,clientId:r,domain:c,redirectUri:Ee,responseType:u,userAgentValue:D(_.SignInWithRedirect),preferPrivateSession:i})}catch(nt){throw await Dt(nt),nt}};var fa=async e=>{await e.clearOAuthData(),M.clearTokens(),await Kt(),J.dispatch("auth",{event:"signedOut"},"Auth",$)};var ha=async(e,t=!1,o)=>{Fe(e);let{loginWith:r,userPoolClientId:n}=e,{domain:i,redirectSignOut:s}=r.oauth,a=Ot(s,o),c=`https://${i}/logout?${Object.entries({client_id:n,logout_uri:encodeURIComponent(a)}).map(([d,u])=>`${d}=${u}`).join("&")}`;return ir(c)};var ga=async(e,t,o,r)=>{let{isOAuthSignIn:n}=await t.loadOAuthSignIn(),i=await o.getOAuthMetadata();if(await fa(t),n||i?.oauthSignIn)return ha(e,!1,r)};var ya=e=>U(K,H("RevokeToken"),G(),{...W,...e});var Ea=e=>U(K,H("GlobalSignOut"),G(),{...W,...e});var Sa=new C("Auth");async function un(e){let t=I.getConfig().Auth?.Cognito;S(t),e?.global?await wu(t):await Iu(t);let o;try{Fe(t),o=!0}catch{o=!1}if(o){let r=new At(we);r.setAuthConfig(t);let{type:n}=await ga(t,r,M,e?.oauth?.redirectUrl)??{};if(n==="error")throw new h({name:os,message:"An error occurred when attempting to log out from OAuth provider."})}else M.clearTokens(),await Kt(),J.dispatch("auth",{event:"signedOut"},"Auth",$)}async function Iu(e){try{let{userPoolEndpoint:t,userPoolId:o,userPoolClientId:r}=e,n=await M.getTokenStore().loadTokens();Ho(n),Au(n.accessToken)&&await ya({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:D(_.SignOut)},{ClientId:r,Token:n.refreshToken})}catch{Sa.debug("Client signOut error caught but will proceed with token removal")}}async function wu(e){try{let{userPoolEndpoint:t,userPoolId:o}=e,r=await M.getTokenStore().loadTokens();Bo(r),await Ea({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:D(_.SignOut)},{AccessToken:r.accessToken.toString()})}catch{Sa.debug("Global signOut error caught but will proceed with token removal")}}var Au=e=>!!e?.payload?.origin_jti;var Ia={identityId:"identityId"};var xu=new C("DefaultIdentityIdStore"),gt=class{setAuthConfig(t){dt(t.Cognito),this.authConfig=t,this._authKeys=Cu("Cognito",t.Cognito.identityPoolId)}constructor(t){this._authKeys={},this._hasGuestIdentityId=!1,this.keyValueStorage=t}async loadIdentityId(){dt(this.authConfig?.Cognito);try{if(this._primaryIdentityId)return{id:this._primaryIdentityId,type:"primary"};{let t=await this.keyValueStorage.getItem(this._authKeys.identityId);return t?(this._hasGuestIdentityId=!0,{id:t,type:"guest"}):null}}catch(t){return xu.log("Error getting stored IdentityId.",t),null}}async storeIdentityId(t){dt(this.authConfig?.Cognito),t.type==="guest"?(this.keyValueStorage.setItem(this._authKeys.identityId,t.id),this._primaryIdentityId=void 0,this._hasGuestIdentityId=!0):(this._primaryIdentityId=t.id,this._hasGuestIdentityId&&(this.keyValueStorage.removeItem(this._authKeys.identityId),this._hasGuestIdentityId=!1))}async clearIdentityId(){this._primaryIdentityId=void 0,await this.keyValueStorage.removeItem(this._authKeys.identityId)}},Cu=(e,t)=>Qt(Ia)(`com.amplify.${e}`,t);var ro=({endpointOverride:e})=>t=>e?{url:new re(e)}:Fr(t);function ar(e){let t=X(e).payload.iss,o={};if(!t)throw new h({name:"InvalidIdTokenException",message:"Invalid Idtoken."});let r=t.replace(/(^\w+:|^)\/\//,"");return o[r]=e,o}async function wa({tokens:e,authConfig:t,identityIdStore:o}){o.setAuthConfig({Cognito:t});let r=await o.loadIdentityId();if(r)return r.id;let n=e?.idToken?ar(e.idToken.toString()):{},i=await vu(n,t);return o.storeIdentityId({id:i,type:e?"primary":"guest"}),i}async function vu(e,t){let o=t?.identityPoolId,r=Jt(o),n=Mr({endpointResolver:ro({endpointOverride:t.identityPoolEndpoint})}),i;try{i=(await n({region:r},{IdentityPoolId:o,Logins:e})).IdentityId}catch(s){throw B(s),new h(s)}if(!i)throw new h({name:"GetIdResponseException",message:"Received undefined response from getId operation",recoverySuggestion:"Make sure to pass a valid identityPoolId in the configuration."});return i}var cr=new C("CognitoCredentialsProvider"),Aa=3e3*1e3,yt=class{constructor(t){this._nextCredentialsRefresh=0,this._identityIdStore=t}async clearCredentialsAndIdentityId(){cr.debug("Clearing out credentials and identityId"),this._credentialsAndIdentityId=void 0,await this._identityIdStore.clearIdentityId()}async clearCredentials(){cr.debug("Clearing out in-memory credentials"),this._credentialsAndIdentityId=void 0}async getCredentialsAndIdentityId(t){let o=t.authenticated,{tokens:r}=t,{authConfig:n}=t;try{dt(n?.Cognito)}catch{return}if(!o&&!n.Cognito.allowGuestAccess)return;let{forceRefresh:i}=t,s=this.hasTokenChanged(r),a=await wa({tokens:r,authConfig:n.Cognito,identityIdStore:this._identityIdStore});return(i||s)&&this.clearCredentials(),o?(is(r),this.credsForOIDCTokens(n.Cognito,r,a)):this.getGuestCredentials(a,n.Cognito)}async getGuestCredentials(t,o){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!1)return cr.info("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let r=Jt(o.identityPoolId),n=xo({endpointResolver:ro({endpointOverride:o.identityPoolEndpoint})}),i;try{i=await n({region:r},{IdentityId:t})}catch(s){throw B(s),new h(s)}if(i?.Credentials?.AccessKeyId&&i?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Aa;let s={credentials:{accessKeyId:i.Credentials.AccessKeyId,secretAccessKey:i.Credentials.SecretKey,sessionToken:i.Credentials.SessionToken,expiration:i.Credentials.Expiration},identityId:t};return i.IdentityId&&(s.identityId=i.IdentityId,this._identityIdStore.storeIdentityId({id:i.IdentityId,type:"guest"})),this._credentialsAndIdentityId={...s,isAuthenticatedCreds:!1},s}else throw new h({name:"CredentialsNotFoundException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}async credsForOIDCTokens(t,o,r){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!0)return cr.debug("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let n=o.idToken?ar(o.idToken.toString()):{},i=Jt(t.identityPoolId),s=xo({endpointResolver:ro({endpointOverride:t.identityPoolEndpoint})}),a;try{a=await s({region:i},{IdentityId:r,Logins:n})}catch(c){throw B(c),new h(c)}if(a?.Credentials?.AccessKeyId&&a?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Aa;let c={credentials:{accessKeyId:a.Credentials.AccessKeyId,secretAccessKey:a.Credentials.SecretKey,sessionToken:a.Credentials.SessionToken,expiration:a.Credentials.Expiration},identityId:r};return a.IdentityId&&(c.identityId=a.IdentityId,this._identityIdStore.storeIdentityId({id:a.IdentityId,type:"primary"})),this._credentialsAndIdentityId={...c,isAuthenticatedCreds:!0,associatedIdToken:o.idToken?.toString()},c}else throw new h({name:"CredentialsException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}isPastTTL(){return this._nextCredentialsRefresh===void 0?!0:this._nextCredentialsRefresh<=Date.now()}hasTokenChanged(t){return!!t&&!!this._credentialsAndIdentityId?.associatedIdToken&&t.idToken?.toString()!==this._credentialsAndIdentityId.associatedIdToken}};var pn=new yt(new gt(we));var ln={configure(e,t){let o=Ft(e),r=new Gt({sameSite:"lax"}),n=t?.ssr?r:we,i=t?.ssr?new yt(new gt(r)):pn;if(!o.Auth){I.configure(o,t);return}if(t?.Auth){I.configure(o,t);return}if(!I.libraryOptions.Auth){ht.setAuthConfig(o.Auth),ht.setKeyValueStorage(n),I.configure(o,{...t,Auth:{tokenProvider:ht,credentialsProvider:i}});return}if(t){let s=I.libraryOptions.Auth;t.ssr!==void 0&&(ht.setKeyValueStorage(n),s.credentialsProvider=i),I.configure(o,{Auth:s,...t});return}I.configure(o)},getConfig(){return I.getConfig()}};var xa=new Map;function mn(e,t){xa.set(e,t)}mn("none",async()=>({login:async()=>{},logout:async()=>{},getUser:async()=>{},getTokenSilently:async()=>"none",isAuthenticated:async()=>!0}));async function Ca(e,t){let o=xa.get(e.provider);if(!o)throw new Error(`Auth provider "${e.provider}" not registered. Import "foundation-sdk/${e.provider}" to register it.`);return o(e,t)}function va(e){let t=null,o=[];function r(){o.forEach(i=>{try{i(t)}catch{}})}async function n(){let i=await e.getUser();t=i?{id:i.id,email:i.email,name:i.name,picture:i.picture}:null}return{get user(){return t},get isAuthenticated(){return!!t},async getToken(){return e.getTokenSilently()},async login(i){await e.login(i),await n(),r()},async logout(i){await e.logout(i),t=null,r()},async handleCallback(i){if(!e.handleCallback)throw new Error("handleCallback not supported by this auth provider");await e.handleCallback(i),await n(),r()},async signIn(i,s){if(!e.signIn)throw new Error("signIn not supported by this auth provider");await e.signIn(i,s),await n(),r()},async signUp(i,s,a){if(!e.signUp)throw new Error("signUp not supported by this auth provider");await e.signUp(i,s,a)},async confirmSignUp(i,s){if(!e.confirmSignUp)throw new Error("confirmSignUp not supported by this auth provider");await e.confirmSignUp(i,s)},async resendSignUpCode(i){if(!e.resendSignUpCode)throw new Error("resendSignUpCode not supported by this auth provider");await e.resendSignUpCode(i)},async forgotPassword(i){if(!e.forgotPassword)throw new Error("forgotPassword not supported by this auth provider");await e.forgotPassword(i)},async resetPassword(i,s){if(!e.resetPassword)throw new Error("resetPassword not supported by this auth provider");await e.resetPassword(i,s)},onChange(i){return o.length>=100?(console.warn("[Foundation SDK] Auth listener limit reached."),()=>{}):(o.push(i),()=>{let s=o.indexOf(i);s>-1&&o.splice(s,1)})},async _initUser(){await e.isAuthenticated()&&await n()}}}function Pu(e){return e?.response!==void 0?e.response:e?.data!==void 0?e.data:e}function Tu(e,t){let o=t?.error;if(o){let n=o.message||"Unknown error",i=o.details;if(i?.length){let s=i.map(a=>a.field?`${a.field}: ${a.message}`:a.message).join(", ");n=n?`${n} ${s}`:s}return Object.assign(new Error(n),{code:o.code,type:o.code,details:i,status:e})}let r=t?.data?.message||t?.message;return r?Object.assign(new Error(r),{status:e}):Object.assign(new Error(`HTTP ${e}`),{status:e})}function Pa(e){function t(n){return{"X-Foundation-Mvp-Application-Id":e.appId,"X-Foundation-Mvp-Tenant-Id":e.tenantId,"X-Foundation-Mvp-Application-Version":e.version,"Content-Type":"application/json",Authorization:`Bearer ${n}`}}async function o(n,i,s,a={}){let c=await e.getToken(),d=t(c),u=`${n}${i}`;if(a.params){let g=new URLSearchParams;for(let[A,w]of Object.entries(a.params))w!=null&&g.set(A,String(w));let E=g.toString();E&&(u+=`?${E}`)}let p={method:s,headers:d};a.body!==void 0&&(p.body=JSON.stringify(a.body));let l=await fetch(u,p);if(!l.ok){let g={};try{g=await l.json()}catch{}throw Tu(l.status,g)}if(l.status===204)return null;let m=await l.json();return Pu(m)}async function r(n,i={}){return fetch(n,i)}return{request:o,rawFetch:r,headers:t}}function fn(e){if(!e)throw new Error("Token parsing failed: Missing auth token");try{let[t,o]=e.split("?"),r=t.split(".");if(r.length!==3)throw new Error("Invalid JWT format");let n=atob(r[1]),i=JSON.parse(n);o&&new URLSearchParams(o).forEach((u,p)=>{i[p]=u});let s=i["BaseApplication/apiBaseUrl"];if(!s)throw new Error("Token missing apiBaseUrl");let a=i["BaseApplication/websocketBaseUrl"]||"",c=i["BaseApplication/accountBaseUrl"]||s;return{sub:i.sub||"",apiBaseUrl:s,accountBaseUrl:c,websocketBaseUrl:a,userId:i["BaseApplication/userId"]||"",namespace:i["BaseApplication/namespace"]}}catch(t){if(t instanceof Error&&t.message.startsWith("Token"))throw t;let o=t instanceof Error?t.message:"Failed to parse token";throw new Error(`Token parsing failed: ${o}`)}}async function Ta(e){let t=e.configUrl,o=e.appId,r=e.tenantId;try{let x=await fetch("/foundation-env.json");if(x.ok){let oe=await x.json();oe.configUrl&&(t=oe.configUrl,o=oe.applicationId||o,r=oe.applicationTenant||r,e.baseUrl=void 0)}}catch{}if(!t)throw new Error("No configUrl provided and /foundation-env.json not found");let n={Accept:"application/json","Cache-Control":"no-cache"};o&&(n["X-Foundation-Mvp-Application-Id"]=o),r&&(n["X-Foundation-Mvp-Tenant-Id"]=r);let i=await fetch(t,{headers:n});if(!i.ok)throw new Error(`Failed to fetch config: ${i.statusText}`);let s=await i.json(),a=s.data??s,c=a.auth||{provider:"none"},d=o||a.app?.id||a.tenant?.identifier||"",u=r||a.tenant?.identifier||"",p=a.app?.version||a.core?.version||"0.0.0",l="",m="";if(e.baseUrl)l=e.baseUrl,m=e.baseUrl;else if(c.apiUrls?.apiBaseUrl){let x=c.apiUrls;l=x.apiBaseUrl,m=x.accountBaseUrl||l}let g={apiBaseUrl:l,accountBaseUrl:m,appId:d,tenantId:u,version:p},E;e.auth&&typeof e.auth=="function"?E=await e.auth(c,g):e.auth?E=e.auth:E=await Ca(c,g);let w=va(E);if(await w._initUser(),!l){let x=await E.getTokenSilently(),oe=fn(x);l=oe.apiBaseUrl,m=oe.accountBaseUrl,g.apiBaseUrl=l,g.accountBaseUrl=m}let T=Pa({appId:d,tenantId:u,version:p,getToken:()=>E.getTokenSilently()}),te={};try{te=await T.request(l,"/api/v1/config/init","GET")||{}}catch(x){console.warn("[Foundation SDK] Backend config fetch failed:",x)}let Q={...a,...te},ee="";try{let x=await E.getTokenSilently();x&&x!=="none"&&(ee=fn(x).namespace||"")}catch{}let Ee={get app(){let x=Q.app||{};return{id:x.id||d,name:x.name||"",version:x.version||p,environment:x.environment||"",...x}},get features(){return Q.features||{}},get plans(){return Q.plans||[]},get theme(){let x=Q.theme||{};return{colors:x.colors||{},dark:x.dark||{},defaultColorScheme:x.defaultColorScheme}},get connectors(){return Q.connectors||{}},get resources(){return Q.resources||{}},get auth(){let{provider:x,...oe}=c;return{provider:x,...oe}},get raw(){return Q}},F=Ru(T,l),rt=_u(T,l,ee),ue=bu(T,m),Et=Nu(T,l,m,ee),St=Uu(T,l),nt=Ou(T,l),z=Du(),it=[];return{get ready(){return Promise.resolve()},get isReady(){return!0},auth:w,db:F,files:rt,integration:Et,account:ue,config:Ee,oauth:St,openapi:nt,log:z,on(x,oe){return x==="entity.changed"?(it.push(oe),()=>{let dr=it.indexOf(oe);dr>-1&&it.splice(dr,1)}):()=>{}}}}function Ru(e,t){return{async list(o,r={}){let{filters:n,limit:i,cursor:s,orderBy:a,orderDir:c}=r,d={...n};return i&&(d.limit=i),s&&(d.next=s),a&&(d.orderBy=a),c&&(d.orderDir=c),e.request(t,`/api/v1/core/${o}`,"GET",{params:d})},async get(o,r){return e.request(t,`/api/v1/core/${o}`,"GET",{params:{id:r}})},async create(o,r){return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})},async update(o,r,n){return e.request(t,`/api/v1/core/${o}`,"PUT",{body:{id:r,...n}})},async save(o,r){try{return await e.request(t,`/api/v1/core/${o}`,"PUT",{body:r})}catch{return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})}},async delete(o,r){await e.request(t,`/api/v1/core/${o}`,"DELETE",{body:{id:r}})}}}function _u(e,t,o){return{async initiate(r){return e.request(t,"/api/v1/core/upload","POST",{body:{...r,__namespace:o}})},async upload(r){let n;r.file instanceof ArrayBuffer?n=r.file:n=await r.file.arrayBuffer();let i=await e.request(t,"/api/v1/core/upload","POST",{body:{name:r.name,contentType:r.contentType,contentLength:n.byteLength,sha256:r.sha256,__namespace:o}});if(!i.signedUrl||!i.signedData)throw new Error("Missing signedUrl or signedData in response");let s=new FormData;Object.entries(i.signedData).forEach(([c,d])=>{s.append(c,d)}),s.append("file",new Blob([n],{type:r.contentType}),r.name);let a=await fetch(i.signedUrl,{method:"POST",body:s});if(a.status!==204)throw new Error(`S3 upload failed: ${a.status}`);return{id:i.id,name:i.name,status:"uploaded",s3UploadComplete:!0}},async get(r){return e.request(t,"/api/v1/core/files","GET",{params:{id:r,__namespace:o}})},async delete(r){await e.request(t,`/api/v1/core/files/${r}`,"DELETE")},async list(r={}){let n={__namespace:o};r.limit&&(n.limit=r.limit),r.cursor&&(n.cursor=r.cursor);let i=await e.request(t,"/api/v1/core/files","GET",{params:n});return{items:i?.items||[],nextCursor:i?.next}}}}function bu(e,t){return{async get(){return e.request(t,"/api/v1/accounts/account","GET")},async update(o){await e.request(t,"/api/v1/accounts/account","PUT",{body:{user:o}})},async usage(){return e.request(t,"/api/v1/accounts/account/usage","GET")},async resendVerification(){await e.request(t,"/api/v1/accounts/account/resend-verification","POST")}}}function Nu(e,t,o,r){let n={async list(){return e.request(t,"/api/v1/config/connectors","GET")},async connections(){return e.request(t,"/api/v1/core/integrations","GET",{params:{query:"default",__namespace:r}})},async all(){let[i,s]=await Promise.all([n.list(),n.connections()]),a=Array.isArray(i)?i:i?.items||[],c=Array.isArray(s)?s:s?.items||[],d=new Map;for(let u of c){let p=u.source||u.id;d.has(p)||d.set(p,[]),d.get(p).push(u)}return a.map(u=>{let p=d.get(u.id)||[];return{...u,connections:p,connected:p.some(l=>l.connected),connectionCount:p.filter(l=>l.connected).length}})},async status(i){let s=await n.connections(),c=(Array.isArray(s)?s:s?.items||[]).filter(d=>d.source===i&&d.connected);return{connected:c.length>0,connections:c}},async connect(i){return e.request(o,`/api/v1/accounts/integrations/${i}/initialize`,"POST",{body:{__namespace:r}})},async disconnect(i,s){await e.request(o,`/api/v1/accounts/integrations/${i}/remove`,"POST",{body:{configurationId:s}})}};return n}function Uu(e,t){return{async getClient(o){return e.request(t,"/api/v1/core/oauth-clients","GET",{params:{id:o}})},async authorizeConsent(o){return e.request(t,"/api/v1/oauth/authorize-consent","POST",{body:o})}}}function Ou(e,t){return{async get(){return e.request(t,"/api/v1/config/openapi","GET")}}}function Du(){return{info:(e,t)=>console.log(`[Foundation] ${e}`,t??""),warn:(e,t)=>console.warn(`[Foundation] ${e}`,t??""),error:(e,t)=>console.error(`[Foundation] ${e}`,t??""),event:(e,t)=>console.log(`[Foundation Event] ${e}`,t??"")}}mn("cognito",async e=>{let t=e.cognito;if(!t)throw new Error("Cognito config required");return ln.configure({Auth:{Cognito:{userPoolId:t.userPoolId,userPoolClientId:t.clientId,loginWith:{oauth:{domain:t.domain.replace("https://",""),scopes:(t.scope||"openid profile email").split(" "),redirectSignIn:[window.location.origin],redirectSignOut:[window.location.origin],responseType:"code"}}}}}),{login:async()=>{await sr()},logout:async()=>{await un()},getUser:async()=>{try{let o=await Xe();return{id:o.userId,email:o.signInDetails?.loginId||"",name:o.username}}catch{return}},getTokenSilently:async()=>{let r=(await Eo()).tokens?.accessToken?.toString();if(!r)throw new Error("No token");return r},isAuthenticated:async()=>{try{return await Xe(),!0}catch{return!1}},signIn:async(o,r)=>{await Ut({username:o,password:r})},signUp:async(o,r,n)=>{await sn({username:o,password:r,options:{userAttributes:{email:o,...n}}})},forgotPassword:async o=>{await an({username:o})},resetPassword:async(o,r)=>{await cn({username:"",confirmationCode:o,newPassword:r})}}});return La(Mu);})();
+        `},emptyUsername:{message:q.EMPTY_USERNAME},invalidUsername:{message:q.INVALID_USERNAME},emptyPassword:{message:q.EMPTY_PASSWORD},emptyCode:{message:q.EMPTY_CODE},signUpError:{message:q.SIGN_UP_ERROR,log:"The first parameter should either be non-null string or object"},noMFA:{message:q.NO_MFA},invalidMFA:{message:q.INVALID_MFA},emptyChallengeResponse:{message:q.EMPTY_CHALLENGE},noUserSession:{message:q.NO_USER_SESSION},deviceConfig:{message:q.DEVICE_CONFIG},networkError:{message:q.NETWORK_ERROR},autoSignInError:{message:q.AUTOSIGNIN_ERROR},default:{message:q.DEFAULT_MSG}};var Te=(e,t)=>new h({message:e??"An error has occurred during the oauth process.",name:be.OAuthSignInError,recoverySuggestion:t??sa.oauthSignInError.log});var rr;(function(e){e.NoConfig="noConfig",e.MissingAuthConfig="missingAuthConfig",e.EmptyUsername="emptyUsername",e.InvalidUsername="invalidUsername",e.EmptyPassword="emptyPassword",e.EmptyCode="emptyCode",e.SignUpError="signUpError",e.NoMFA="noMFA",e.InvalidMFA="invalidMFA",e.EmptyChallengeResponse="emptyChallengeResponse",e.NoUserSession="noUserSession",e.Default="default",e.DeviceConfig="deviceConfig",e.NetworkError="networkError",e.AutoSignInError="autoSignInError",e.OAuthSignInError="oauthSignInError"})(rr||(rr={}));var iu="`signInWithRedirect` has been canceled.",su="An error occurred while validating the state.",au="Try to initiate an OAuth flow from Amplify",dn=async e=>{let t=await V.loadOAuthState(),o=e===t?t:void 0;if(!o)throw new h({name:rr.OAuthSignInError,message:e===null?iu:su,recoverySuggestion:e===null?void 0:au});return o};var nr=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,responseType:n,domain:i,preferPrivateSession:s})=>{let a=new re(e),c=a.searchParams.get("error"),d=a.searchParams.get("error_description");if(c)throw Te(d??c);return n==="code"?cu({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:i,preferPrivateSession:s}):du({currentUrl:e,redirectUri:r,preferPrivateSession:s})},cu=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:n,preferPrivateSession:i})=>{let s=new re(e),a=s.searchParams.get("code"),c=s.searchParams.get("state");if(!a||!c)throw Te("User cancelled OAuth flow.");let d=await dn(c),u="https://"+n+"/oauth2/token",p=await V.loadPKCE(),l={grant_type:"authorization_code",code:a,client_id:o,redirect_uri:r,...p?{code_verifier:p}:{}},m=Object.entries(l).map(([Ee,F])=>`${encodeURIComponent(Ee)}=${encodeURIComponent(F)}`).join("&"),{access_token:g,refresh_token:E,id_token:A,error:w,error_message:T,token_type:te,expires_in:Q}=await(await fetch(u,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",[lr]:t},body:m})).json();if(w)throw Te(T??w);let ee=(g&&X(g).payload.username)??"username";return await ne({username:ee,AccessToken:g,IdToken:A,RefreshToken:E}),aa({redirectUri:r,state:d,preferPrivateSession:i})},du=async({currentUrl:e,redirectUri:t,preferPrivateSession:o})=>{let r=new re(e),{id_token:n,access_token:i,state:s,token_type:a,expires_in:c,error_description:d,error:u}=(r.hash??"#").substring(1).split("&").map(m=>m.split("=")).reduce((m,[g,E])=>({...m,[g]:E}),{id_token:void 0,access_token:void 0,state:void 0,token_type:void 0,expires_in:void 0,error_description:void 0,error:void 0});if(u)throw Te(d??u);if(!i)throw Te("No access token returned from OAuth flow.");let p=await dn(s),l=(i&&X(i).payload.username)??"username";return await ne({username:l,AccessToken:i,IdToken:n}),aa({redirectUri:t,state:p,preferPrivateSession:o})},aa=async({redirectUri:e,state:t,preferPrivateSession:o})=>{await M.setOAuthMetadata({oauthSignIn:!0}),await V.clearOAuthData(),await V.storeOAuthSignIn(!0,o),Vo(),lu(e),uu(t)&&J.dispatch("auth",{event:"customOAuthState",data:Wr(pu(t))},"Auth",$),J.dispatch("auth",{event:"signInWithRedirect"},"Auth",$),await de()},uu=e=>/-/.test(e),pu=e=>e.split("-").splice(1).join("-"),lu=e=>{typeof window<"u"&&typeof window.history<"u"&&window.history.replaceState(window.history.state,"",e)};function Ot(e,t){if(t){let o=e?.find(r=>r===t);if(!o)throw es;return o}else{let o=e?.find(mu)??e?.find(fu),r=e?.find(gu)??e?.find(hu);if(o)return o;throw r?ts:Qi}}var mu=e=>e.startsWith(String(window.location.origin+(window.location.pathname||"/"))),fu=e=>e.includes(String(window.location.hostname)),hu=e=>e.startsWith("http://"),gu=e=>e.startsWith("https://");var Dt=async e=>{Vo(),await V.clearOAuthInflightData(),J.dispatch("auth",{event:"signInWithRedirect_failure",data:{error:e}},"Auth",$)};var ca=async e=>{try{S(e),Fe(e),V.setAuthConfig(e)}catch{return}if(await V.loadOAuthInFlight())try{let t=window.location.href,{loginWith:o,userPoolClientId:r}=e,{domain:n,redirectSignIn:i,responseType:s}=o.oauth,a=Ot(i);await nr({currentUrl:t,clientId:r,domain:n,redirectUri:a,responseType:s,userAgentValue:D(_.SignInWithRedirect)})}catch(t){await Dt(t)}};He()&&I[kt](ca);var da={Google:"Google",Facebook:"Facebook",Amazon:"LoginWithAmazon",Apple:"SignInWithApple"};var ir=async e=>{window?.location&&(window.location.href=e.replace("http://","https://"))};var ua="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",pa=e=>{let t=new Uint8Array(e);at().getRandomValues(t);let o="",r;for(let n of t)o+=ua.charAt(n%ua.length);return{value:o,method:"S256",toCodeChallenge(){return r||(r=yu(o),r)}}};function yu(e){let t=new Le;return t.update(e),Eu(fe.convert(t.digestSync(),{urlSafe:!0}))}function Eu(e){return e.replace(/=/g,"")}var la=()=>Kr(32);var ma=e=>{async function t(o){if(o.persisted&&await e.loadOAuthInFlight()){let n=Te("User cancelled OAuth flow.");await Dt(n)}window.removeEventListener("pageshow",t)}window.addEventListener("pageshow",t)};async function sr(e){let t=I.getConfig().Auth?.Cognito;S(t),Fe(t),V.setAuthConfig(t),e?.options?.prompt||await tr();let o="COGNITO",r;return typeof e?.provider=="string"?o=da[e.provider]:e?.provider?.custom?o=e.provider.custom:e?.provider?.idpIdentifier&&({idpIdentifier:r}=e.provider),Su({oauthConfig:t.loginWith.oauth,clientId:t.userPoolClientId,provider:o,idpIdentifier:r,customState:e?.customState,preferPrivateSession:e?.options?.preferPrivateSession,options:{loginHint:e?.options?.loginHint,lang:e?.options?.lang,nonce:e?.options?.nonce,prompt:e?.options?.prompt},authSessionOpener:e?.options?.authSessionOpener})}var Su=async({oauthConfig:e,provider:t,idpIdentifier:o,clientId:r,customState:n,preferPrivateSession:i,options:s,authSessionOpener:a})=>{let{domain:c,redirectSignIn:d,responseType:u,scopes:p}=e,{loginHint:l,lang:m,nonce:g,prompt:E}=s??{},A=la(),w=a||ir,T=n?`${A}-${Vr(n)}`:A,{value:te,method:Q,toCodeChallenge:ee}=pa(128),Ee=Ot(e.redirectSignIn);He()&&V.storeOAuthInFlight(!0),V.storeOAuthState(T),V.storePKCE(te);let F=new URLSearchParams;F.append("redirect_uri",Ee),F.append("response_type",u),F.append("client_id",r),o?F.append("idp_identifier",o):F.append("identity_provider",t),F.append("scope",p.join(" ")),l&&F.append("login_hint",l),m&&F.append("lang",m),g&&F.append("nonce",g),E&&F.append("prompt",E.toLowerCase()),F.append("state",T),u==="code"&&(F.append("code_challenge",ee()),F.append("code_challenge_method",Q));let rt=`https://${c}/oauth2/authorize?${F.toString()}`;ma(V);let{type:ue,error:Et,url:St}=await w(rt,d,i)??{};try{if(ue==="error")throw Te(String(Et));if(ue==="canceled")throw Te(String(ue));ue==="success"&&St&&await nr({currentUrl:St,clientId:r,domain:c,redirectUri:Ee,responseType:u,userAgentValue:D(_.SignInWithRedirect),preferPrivateSession:i})}catch(nt){throw await Dt(nt),nt}};var fa=async e=>{await e.clearOAuthData(),M.clearTokens(),await Kt(),J.dispatch("auth",{event:"signedOut"},"Auth",$)};var ha=async(e,t=!1,o)=>{Fe(e);let{loginWith:r,userPoolClientId:n}=e,{domain:i,redirectSignOut:s}=r.oauth,a=Ot(s,o),c=`https://${i}/logout?${Object.entries({client_id:n,logout_uri:encodeURIComponent(a)}).map(([d,u])=>`${d}=${u}`).join("&")}`;return ir(c)};var ga=async(e,t,o,r)=>{let{isOAuthSignIn:n}=await t.loadOAuthSignIn(),i=await o.getOAuthMetadata();if(await fa(t),n||i?.oauthSignIn)return ha(e,!1,r)};var ya=e=>U(K,H("RevokeToken"),G(),{...W,...e});var Ea=e=>U(K,H("GlobalSignOut"),G(),{...W,...e});var Sa=new C("Auth");async function un(e){let t=I.getConfig().Auth?.Cognito;S(t),e?.global?await wu(t):await Iu(t);let o;try{Fe(t),o=!0}catch{o=!1}if(o){let r=new At(we);r.setAuthConfig(t);let{type:n}=await ga(t,r,M,e?.oauth?.redirectUrl)??{};if(n==="error")throw new h({name:os,message:"An error occurred when attempting to log out from OAuth provider."})}else M.clearTokens(),await Kt(),J.dispatch("auth",{event:"signedOut"},"Auth",$)}async function Iu(e){try{let{userPoolEndpoint:t,userPoolId:o,userPoolClientId:r}=e,n=await M.getTokenStore().loadTokens();Ho(n),Au(n.accessToken)&&await ya({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:D(_.SignOut)},{ClientId:r,Token:n.refreshToken})}catch{Sa.debug("Client signOut error caught but will proceed with token removal")}}async function wu(e){try{let{userPoolEndpoint:t,userPoolId:o}=e,r=await M.getTokenStore().loadTokens();Bo(r),await Ea({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:D(_.SignOut)},{AccessToken:r.accessToken.toString()})}catch{Sa.debug("Global signOut error caught but will proceed with token removal")}}var Au=e=>!!e?.payload?.origin_jti;var Ia={identityId:"identityId"};var xu=new C("DefaultIdentityIdStore"),gt=class{setAuthConfig(t){dt(t.Cognito),this.authConfig=t,this._authKeys=Cu("Cognito",t.Cognito.identityPoolId)}constructor(t){this._authKeys={},this._hasGuestIdentityId=!1,this.keyValueStorage=t}async loadIdentityId(){dt(this.authConfig?.Cognito);try{if(this._primaryIdentityId)return{id:this._primaryIdentityId,type:"primary"};{let t=await this.keyValueStorage.getItem(this._authKeys.identityId);return t?(this._hasGuestIdentityId=!0,{id:t,type:"guest"}):null}}catch(t){return xu.log("Error getting stored IdentityId.",t),null}}async storeIdentityId(t){dt(this.authConfig?.Cognito),t.type==="guest"?(this.keyValueStorage.setItem(this._authKeys.identityId,t.id),this._primaryIdentityId=void 0,this._hasGuestIdentityId=!0):(this._primaryIdentityId=t.id,this._hasGuestIdentityId&&(this.keyValueStorage.removeItem(this._authKeys.identityId),this._hasGuestIdentityId=!1))}async clearIdentityId(){this._primaryIdentityId=void 0,await this.keyValueStorage.removeItem(this._authKeys.identityId)}},Cu=(e,t)=>Qt(Ia)(`com.amplify.${e}`,t);var ro=({endpointOverride:e})=>t=>e?{url:new re(e)}:Fr(t);function ar(e){let t=X(e).payload.iss,o={};if(!t)throw new h({name:"InvalidIdTokenException",message:"Invalid Idtoken."});let r=t.replace(/(^\w+:|^)\/\//,"");return o[r]=e,o}async function wa({tokens:e,authConfig:t,identityIdStore:o}){o.setAuthConfig({Cognito:t});let r=await o.loadIdentityId();if(r)return r.id;let n=e?.idToken?ar(e.idToken.toString()):{},i=await vu(n,t);return o.storeIdentityId({id:i,type:e?"primary":"guest"}),i}async function vu(e,t){let o=t?.identityPoolId,r=Jt(o),n=Mr({endpointResolver:ro({endpointOverride:t.identityPoolEndpoint})}),i;try{i=(await n({region:r},{IdentityPoolId:o,Logins:e})).IdentityId}catch(s){throw B(s),new h(s)}if(!i)throw new h({name:"GetIdResponseException",message:"Received undefined response from getId operation",recoverySuggestion:"Make sure to pass a valid identityPoolId in the configuration."});return i}var cr=new C("CognitoCredentialsProvider"),Aa=3e3*1e3,yt=class{constructor(t){this._nextCredentialsRefresh=0,this._identityIdStore=t}async clearCredentialsAndIdentityId(){cr.debug("Clearing out credentials and identityId"),this._credentialsAndIdentityId=void 0,await this._identityIdStore.clearIdentityId()}async clearCredentials(){cr.debug("Clearing out in-memory credentials"),this._credentialsAndIdentityId=void 0}async getCredentialsAndIdentityId(t){let o=t.authenticated,{tokens:r}=t,{authConfig:n}=t;try{dt(n?.Cognito)}catch{return}if(!o&&!n.Cognito.allowGuestAccess)return;let{forceRefresh:i}=t,s=this.hasTokenChanged(r),a=await wa({tokens:r,authConfig:n.Cognito,identityIdStore:this._identityIdStore});return(i||s)&&this.clearCredentials(),o?(is(r),this.credsForOIDCTokens(n.Cognito,r,a)):this.getGuestCredentials(a,n.Cognito)}async getGuestCredentials(t,o){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!1)return cr.info("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let r=Jt(o.identityPoolId),n=xo({endpointResolver:ro({endpointOverride:o.identityPoolEndpoint})}),i;try{i=await n({region:r},{IdentityId:t})}catch(s){throw B(s),new h(s)}if(i?.Credentials?.AccessKeyId&&i?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Aa;let s={credentials:{accessKeyId:i.Credentials.AccessKeyId,secretAccessKey:i.Credentials.SecretKey,sessionToken:i.Credentials.SessionToken,expiration:i.Credentials.Expiration},identityId:t};return i.IdentityId&&(s.identityId=i.IdentityId,this._identityIdStore.storeIdentityId({id:i.IdentityId,type:"guest"})),this._credentialsAndIdentityId={...s,isAuthenticatedCreds:!1},s}else throw new h({name:"CredentialsNotFoundException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}async credsForOIDCTokens(t,o,r){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!0)return cr.debug("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let n=o.idToken?ar(o.idToken.toString()):{},i=Jt(t.identityPoolId),s=xo({endpointResolver:ro({endpointOverride:t.identityPoolEndpoint})}),a;try{a=await s({region:i},{IdentityId:r,Logins:n})}catch(c){throw B(c),new h(c)}if(a?.Credentials?.AccessKeyId&&a?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Aa;let c={credentials:{accessKeyId:a.Credentials.AccessKeyId,secretAccessKey:a.Credentials.SecretKey,sessionToken:a.Credentials.SessionToken,expiration:a.Credentials.Expiration},identityId:r};return a.IdentityId&&(c.identityId=a.IdentityId,this._identityIdStore.storeIdentityId({id:a.IdentityId,type:"primary"})),this._credentialsAndIdentityId={...c,isAuthenticatedCreds:!0,associatedIdToken:o.idToken?.toString()},c}else throw new h({name:"CredentialsException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}isPastTTL(){return this._nextCredentialsRefresh===void 0?!0:this._nextCredentialsRefresh<=Date.now()}hasTokenChanged(t){return!!t&&!!this._credentialsAndIdentityId?.associatedIdToken&&t.idToken?.toString()!==this._credentialsAndIdentityId.associatedIdToken}};var pn=new yt(new gt(we));var ln={configure(e,t){let o=Ft(e),r=new Gt({sameSite:"lax"}),n=t?.ssr?r:we,i=t?.ssr?new yt(new gt(r)):pn;if(!o.Auth){I.configure(o,t);return}if(t?.Auth){I.configure(o,t);return}if(!I.libraryOptions.Auth){ht.setAuthConfig(o.Auth),ht.setKeyValueStorage(n),I.configure(o,{...t,Auth:{tokenProvider:ht,credentialsProvider:i}});return}if(t){let s=I.libraryOptions.Auth;t.ssr!==void 0&&(ht.setKeyValueStorage(n),s.credentialsProvider=i),I.configure(o,{Auth:s,...t});return}I.configure(o)},getConfig(){return I.getConfig()}};var xa=new Map;function mn(e,t){xa.set(e,t)}mn("none",async()=>({login:async()=>{},logout:async()=>{},getUser:async()=>{},getTokenSilently:async()=>"none",isAuthenticated:async()=>!0}));async function Ca(e,t){let o=xa.get(e.provider);if(!o)throw new Error(`Auth provider "${e.provider}" not registered. Import "foundation-sdk/${e.provider}" to register it.`);return o(e,t)}function va(e){let t=null,o=[];function r(){o.forEach(i=>{try{i(t)}catch{}})}async function n(){let i=await e.getUser();t=i?{id:i.id,email:i.email,name:i.name,picture:i.picture}:null}return{get user(){return t},get isAuthenticated(){return!!t},async getToken(){return e.getTokenSilently()},async login(i){await e.login(i),await n(),r()},async logout(i){await e.logout(i),t=null,r()},async handleCallback(i){if(!e.handleCallback)throw new Error("handleCallback not supported by this auth provider");await e.handleCallback(i),await n(),r()},async signIn(i,s){if(!e.signIn)throw new Error("signIn not supported by this auth provider");let a=await e.signIn(i,s);return a.isSignedIn&&(await n(),r()),a},async signUp(i,s,a){if(!e.signUp)throw new Error("signUp not supported by this auth provider");return e.signUp(i,s,a)},async confirmSignUp(i,s){if(!e.confirmSignUp)throw new Error("confirmSignUp not supported by this auth provider");await e.confirmSignUp(i,s)},async resendSignUpCode(i){if(!e.resendSignUpCode)throw new Error("resendSignUpCode not supported by this auth provider");await e.resendSignUpCode(i)},async forgotPassword(i){if(!e.forgotPassword)throw new Error("forgotPassword not supported by this auth provider");await e.forgotPassword(i)},async resetPassword(i,s){if(!e.resetPassword)throw new Error("resetPassword not supported by this auth provider");await e.resetPassword(i,s)},onChange(i){return o.length>=100?(console.warn("[Foundation SDK] Auth listener limit reached."),()=>{}):(o.push(i),()=>{let s=o.indexOf(i);s>-1&&o.splice(s,1)})},async _initUser(){await e.isAuthenticated()&&await n()}}}function Pu(e){return e?.response!==void 0?e.response:e?.data!==void 0?e.data:e}function Tu(e,t){let o=t?.error;if(o){let n=o.message||"Unknown error",i=o.details;if(i?.length){let s=i.map(a=>a.field?`${a.field}: ${a.message}`:a.message).join(", ");n=n?`${n} ${s}`:s}return Object.assign(new Error(n),{code:o.code,type:o.code,details:i,status:e})}let r=t?.data?.message||t?.message;return r?Object.assign(new Error(r),{status:e}):Object.assign(new Error(`HTTP ${e}`),{status:e})}function Pa(e){function t(n){return{"X-Foundation-Mvp-Application-Id":e.appId,"X-Foundation-Mvp-Tenant-Id":e.tenantId,"X-Foundation-Mvp-Application-Version":e.version,"Content-Type":"application/json",Authorization:`Bearer ${n}`}}async function o(n,i,s,a={}){let c=await e.getToken(),d=t(c),u=`${n}${i}`;if(a.params){let g=new URLSearchParams;for(let[A,w]of Object.entries(a.params))w!=null&&g.set(A,String(w));let E=g.toString();E&&(u+=`?${E}`)}let p={method:s,headers:d};a.body!==void 0&&(p.body=JSON.stringify(a.body));let l=await fetch(u,p);if(!l.ok){let g={};try{g=await l.json()}catch{}throw Tu(l.status,g)}if(l.status===204)return null;let m=await l.json();return Pu(m)}async function r(n,i={}){return fetch(n,i)}return{request:o,rawFetch:r,headers:t}}function fn(e){if(!e)throw new Error("Token parsing failed: Missing auth token");try{let[t,o]=e.split("?"),r=t.split(".");if(r.length!==3)throw new Error("Invalid JWT format");let n=atob(r[1]),i=JSON.parse(n);o&&new URLSearchParams(o).forEach((u,p)=>{i[p]=u});let s=i["BaseApplication/apiBaseUrl"];if(!s)throw new Error("Token missing apiBaseUrl");let a=i["BaseApplication/websocketBaseUrl"]||"",c=i["BaseApplication/accountBaseUrl"]||s;return{sub:i.sub||"",apiBaseUrl:s,accountBaseUrl:c,websocketBaseUrl:a,userId:i["BaseApplication/userId"]||"",namespace:i["BaseApplication/namespace"]}}catch(t){if(t instanceof Error&&t.message.startsWith("Token"))throw t;let o=t instanceof Error?t.message:"Failed to parse token";throw new Error(`Token parsing failed: ${o}`)}}async function Ta(e){let t=e.configUrl,o=e.appId,r=e.tenantId;try{let x=await fetch("/foundation-env.json");if(x.ok){let oe=await x.json();oe.configUrl&&(t=oe.configUrl,o=oe.applicationId||o,r=oe.applicationTenant||r,e.baseUrl=void 0)}}catch{}if(!t)throw new Error("No configUrl provided and /foundation-env.json not found");let n={Accept:"application/json","Cache-Control":"no-cache"};o&&(n["X-Foundation-Mvp-Application-Id"]=o),r&&(n["X-Foundation-Mvp-Tenant-Id"]=r);let i=await fetch(t,{headers:n});if(!i.ok)throw new Error(`Failed to fetch config: ${i.statusText}`);let s=await i.json(),a=s.data??s,c=a.auth||{provider:"none"},d=o||a.app?.id||a.tenant?.identifier||"",u=r||a.tenant?.identifier||"",p=a.app?.version||a.core?.version||"0.0.0",l="",m="";if(e.baseUrl)l=e.baseUrl,m=e.baseUrl;else if(c.apiUrls?.apiBaseUrl){let x=c.apiUrls;l=x.apiBaseUrl,m=x.accountBaseUrl||l}let g={apiBaseUrl:l,accountBaseUrl:m,appId:d,tenantId:u,version:p},E;e.auth&&typeof e.auth=="function"?E=await e.auth(c,g):e.auth?E=e.auth:E=await Ca(c,g);let w=va(E);if(await w._initUser(),!l){let x=await E.getTokenSilently(),oe=fn(x);l=oe.apiBaseUrl,m=oe.accountBaseUrl,g.apiBaseUrl=l,g.accountBaseUrl=m}let T=Pa({appId:d,tenantId:u,version:p,getToken:()=>E.getTokenSilently()}),te={};try{te=await T.request(l,"/api/v1/config/init","GET")||{}}catch(x){console.warn("[Foundation SDK] Backend config fetch failed:",x)}let Q={...a,...te},ee="";try{let x=await E.getTokenSilently();x&&x!=="none"&&(ee=fn(x).namespace||"")}catch{}let Ee={get app(){let x=Q.app||{};return{id:x.id||d,name:x.name||"",version:x.version||p,environment:x.environment||"",...x}},get features(){return Q.features||{}},get plans(){return Q.plans||[]},get theme(){let x=Q.theme||{};return{colors:x.colors||{},dark:x.dark||{},defaultColorScheme:x.defaultColorScheme}},get connectors(){return Q.connectors||{}},get resources(){return Q.resources||{}},get auth(){let{provider:x,...oe}=c;return{provider:x,...oe}},get raw(){return Q}},F=Ru(T,l),rt=_u(T,l,ee),ue=bu(T,m),Et=Nu(T,l,m,ee),St=Uu(T,l),nt=Ou(T,l),z=Du(),it=[];return{get ready(){return Promise.resolve()},get isReady(){return!0},auth:w,db:F,files:rt,integration:Et,account:ue,config:Ee,oauth:St,openapi:nt,log:z,on(x,oe){return x==="entity.changed"?(it.push(oe),()=>{let dr=it.indexOf(oe);dr>-1&&it.splice(dr,1)}):()=>{}}}}function Ru(e,t){return{async list(o,r={}){let{filters:n,limit:i,cursor:s,orderBy:a,orderDir:c}=r,d={...n};return i&&(d.limit=i),s&&(d.next=s),a&&(d.orderBy=a),c&&(d.orderDir=c),e.request(t,`/api/v1/core/${o}`,"GET",{params:d})},async get(o,r){return e.request(t,`/api/v1/core/${o}`,"GET",{params:{id:r}})},async create(o,r){return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})},async update(o,r,n){return e.request(t,`/api/v1/core/${o}`,"PUT",{body:{id:r,...n}})},async save(o,r){try{return await e.request(t,`/api/v1/core/${o}`,"PUT",{body:r})}catch{return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})}},async delete(o,r){await e.request(t,`/api/v1/core/${o}`,"DELETE",{body:{id:r}})}}}function _u(e,t,o){return{async initiate(r){return e.request(t,"/api/v1/core/upload","POST",{body:{...r,__namespace:o}})},async upload(r){let n;r.file instanceof ArrayBuffer?n=r.file:n=await r.file.arrayBuffer();let i=await e.request(t,"/api/v1/core/upload","POST",{body:{name:r.name,contentType:r.contentType,contentLength:n.byteLength,sha256:r.sha256,__namespace:o}});if(!i.signedUrl||!i.signedData)throw new Error("Missing signedUrl or signedData in response");let s=new FormData;Object.entries(i.signedData).forEach(([c,d])=>{s.append(c,d)}),s.append("file",new Blob([n],{type:r.contentType}),r.name);let a=await fetch(i.signedUrl,{method:"POST",body:s});if(a.status!==204)throw new Error(`S3 upload failed: ${a.status}`);return{id:i.id,name:i.name,status:"uploaded",s3UploadComplete:!0}},async get(r){return e.request(t,"/api/v1/core/files","GET",{params:{id:r,__namespace:o}})},async delete(r){await e.request(t,`/api/v1/core/files/${r}`,"DELETE")},async list(r={}){let n={__namespace:o};r.limit&&(n.limit=r.limit),r.cursor&&(n.cursor=r.cursor);let i=await e.request(t,"/api/v1/core/files","GET",{params:n});return{items:i?.items||[],nextCursor:i?.next}}}}function bu(e,t){return{async get(){return e.request(t,"/api/v1/accounts/account","GET")},async update(o){await e.request(t,"/api/v1/accounts/account","PUT",{body:{user:o}})},async usage(){return e.request(t,"/api/v1/accounts/account/usage","GET")},async resendVerification(){await e.request(t,"/api/v1/accounts/account/resend-verification","POST")}}}function Nu(e,t,o,r){let n={async list(){return e.request(t,"/api/v1/config/connectors","GET")},async connections(){return e.request(t,"/api/v1/core/integrations","GET",{params:{query:"default",__namespace:r}})},async all(){let[i,s]=await Promise.all([n.list(),n.connections()]),a=Array.isArray(i)?i:i?.items||[],c=Array.isArray(s)?s:s?.items||[],d=new Map;for(let u of c){let p=u.source||u.id;d.has(p)||d.set(p,[]),d.get(p).push(u)}return a.map(u=>{let p=d.get(u.id)||[];return{...u,connections:p,connected:p.some(l=>l.connected),connectionCount:p.filter(l=>l.connected).length}})},async status(i){let s=await n.connections(),c=(Array.isArray(s)?s:s?.items||[]).filter(d=>d.source===i&&d.connected);return{connected:c.length>0,connections:c}},async connect(i){return e.request(o,`/api/v1/accounts/integrations/${i}/initialize`,"POST",{body:{__namespace:r}})},async disconnect(i,s){await e.request(o,`/api/v1/accounts/integrations/${i}/remove`,"POST",{body:{configurationId:s}})}};return n}function Uu(e,t){return{async getClient(o){return e.request(t,"/api/v1/core/oauth-clients","GET",{params:{id:o}})},async authorizeConsent(o){return e.request(t,"/api/v1/oauth/authorize-consent","POST",{body:o})}}}function Ou(e,t){return{async get(){return e.request(t,"/api/v1/config/openapi","GET")}}}function Du(){return{info:(e,t)=>console.log(`[Foundation] ${e}`,t??""),warn:(e,t)=>console.warn(`[Foundation] ${e}`,t??""),error:(e,t)=>console.error(`[Foundation] ${e}`,t??""),event:(e,t)=>console.log(`[Foundation Event] ${e}`,t??"")}}mn("cognito",async e=>{let t=e.cognito;if(!t)throw new Error("Cognito config required");return ln.configure({Auth:{Cognito:{userPoolId:t.userPoolId,userPoolClientId:t.clientId,loginWith:{oauth:{domain:t.domain.replace("https://",""),scopes:(t.scope||"openid profile email").split(" "),redirectSignIn:[window.location.origin],redirectSignOut:[window.location.origin],responseType:"code"}}}}}),{login:async()=>{await sr()},logout:async()=>{await un()},getUser:async()=>{try{let o=await Xe();return{id:o.userId,email:o.signInDetails?.loginId||"",name:o.username}}catch{return}},getTokenSilently:async()=>{let r=(await Eo()).tokens?.accessToken?.toString();if(!r)throw new Error("No token");return r},isAuthenticated:async()=>{try{return await Xe(),!0}catch{return!1}},signIn:async(o,r)=>{await Ut({username:o,password:r})},signUp:async(o,r,n)=>{await sn({username:o,password:r,options:{userAttributes:{email:o,...n}}})},forgotPassword:async o=>{await an({username:o})},resetPassword:async(o,r)=>{await cn({username:"",confirmationCode:o,newPassword:r})}}});return La(Mu);})();
 /*! Bundled license information:
 js-cookie/dist/js.cookie.mjs: