npm - foundation-sdk - Versions diffs - 0.2.6 → 0.2.7 - Mend

foundation-sdk 0.2.6 → 0.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/dist/auth-auth0.cjs +1 -1
package/dist/auth-auth0.cjs.map +1 -1
package/dist/auth-auth0.d.cts +5 -1
package/dist/auth-auth0.d.ts +5 -1
package/dist/auth-auth0.js +1 -1
package/dist/auth-auth0.js.map +1 -1
package/dist/auth-cognito.cjs +1 -1
package/dist/auth-cognito.cjs.map +1 -1
package/dist/auth-cognito.d.cts +5 -1
package/dist/auth-cognito.d.ts +5 -1
package/dist/auth-cognito.js +1 -1
package/dist/auth-cognito.js.map +1 -1
package/dist/foundation-sdk.browser.auth0.global.js +1 -1
package/dist/foundation-sdk.browser.auth0.global.js.map +1 -1
package/dist/foundation-sdk.browser.global.js +1 -1
package/dist/foundation-sdk.browser.global.js.map +1 -1
package/dist/index.cjs +1 -1
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +10 -201
package/dist/index.d.ts +10 -201
package/dist/index.js +1 -1
package/dist/index.js.map +1 -1
package/dist/types-HdCjnyCt.d.cts +204 -0
package/dist/types-HdCjnyCt.d.ts +204 -0
package/package.json +3 -1

package/dist/foundation-sdk.browser.global.js CHANGED Viewed

@@ -18,7 +18,7 @@
                 See https://aws-amplify.github.io/docs/js/authentication#amplify-project-setup for more information
             2. This could also be caused by multiple conflicting versions of amplify packages, see (https://docs.amplify.aws/lib/troubleshooting/upgrading/q/platform/js) for help upgrading Amplify packages.
-        `},emptyUsername:{message:q.EMPTY_USERNAME},invalidUsername:{message:q.INVALID_USERNAME},emptyPassword:{message:q.EMPTY_PASSWORD},emptyCode:{message:q.EMPTY_CODE},signUpError:{message:q.SIGN_UP_ERROR,log:"The first parameter should either be non-null string or object"},noMFA:{message:q.NO_MFA},invalidMFA:{message:q.INVALID_MFA},emptyChallengeResponse:{message:q.EMPTY_CHALLENGE},noUserSession:{message:q.NO_USER_SESSION},deviceConfig:{message:q.DEVICE_CONFIG},networkError:{message:q.NETWORK_ERROR},autoSignInError:{message:q.AUTOSIGNIN_ERROR},default:{message:q.DEFAULT_MSG}};var Te=(e,t)=>new g({message:e??"An error has occurred during the oauth process.",name:Ne.OAuthSignInError,recoverySuggestion:t??na.oauthSignInError.log});var or;(function(e){e.NoConfig="noConfig",e.MissingAuthConfig="missingAuthConfig",e.EmptyUsername="emptyUsername",e.InvalidUsername="invalidUsername",e.EmptyPassword="emptyPassword",e.EmptyCode="emptyCode",e.SignUpError="signUpError",e.NoMFA="noMFA",e.InvalidMFA="invalidMFA",e.EmptyChallengeResponse="emptyChallengeResponse",e.NoUserSession="noUserSession",e.Default="default",e.DeviceConfig="deviceConfig",e.NetworkError="networkError",e.AutoSignInError="autoSignInError",e.OAuthSignInError="oauthSignInError"})(or||(or={}));var nu="`signInWithRedirect` has been canceled.",iu="An error occurred while validating the state.",su="Try to initiate an OAuth flow from Amplify",an=async e=>{let t=await z.loadOAuthState(),o=e===t?t:void 0;if(!o)throw new g({name:or.OAuthSignInError,message:e===null?nu:iu,recoverySuggestion:e===null?void 0:su});return o};var rr=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,responseType:n,domain:i,preferPrivateSession:s})=>{let a=new te(e),c=a.searchParams.get("error"),d=a.searchParams.get("error_description");if(c)throw Te(d??c);return n==="code"?au({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:i,preferPrivateSession:s}):cu({currentUrl:e,redirectUri:r,preferPrivateSession:s})},au=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:n,preferPrivateSession:i})=>{let s=new te(e),a=s.searchParams.get("code"),c=s.searchParams.get("state");if(!a||!c)throw Te("User cancelled OAuth flow.");let d=await an(c),u="https://"+n+"/oauth2/token",p=await z.loadPKCE(),l={grant_type:"authorization_code",code:a,client_id:o,redirect_uri:r,...p?{code_verifier:p}:{}},m=Object.entries(l).map(([Ee,F])=>`${encodeURIComponent(Ee)}=${encodeURIComponent(F)}`).join("&"),{access_token:h,refresh_token:I,id_token:A,error:S,error_message:M,token_type:H,expires_in:le}=await(await fetch(u,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",[ur]:t},body:m})).json();if(S)throw Te(M??S);let ie=(h&&Q(h).payload.username)??"username";return await oe({username:ie,AccessToken:h,IdToken:A,RefreshToken:I}),ia({redirectUri:r,state:d,preferPrivateSession:i})},cu=async({currentUrl:e,redirectUri:t,preferPrivateSession:o})=>{let r=new te(e),{id_token:n,access_token:i,state:s,token_type:a,expires_in:c,error_description:d,error:u}=(r.hash??"#").substring(1).split("&").map(m=>m.split("=")).reduce((m,[h,I])=>({...m,[h]:I}),{id_token:void 0,access_token:void 0,state:void 0,token_type:void 0,expires_in:void 0,error_description:void 0,error:void 0});if(u)throw Te(d??u);if(!i)throw Te("No access token returned from OAuth flow.");let p=await an(s),l=(i&&Q(i).payload.username)??"username";return await oe({username:l,AccessToken:i,IdToken:n}),ia({redirectUri:t,state:p,preferPrivateSession:o})},ia=async({redirectUri:e,state:t,preferPrivateSession:o})=>{await D.setOAuthMetadata({oauthSignIn:!0}),await z.clearOAuthData(),await z.storeOAuthSignIn(!0,o),Wo(),pu(e),du(t)&&Z.dispatch("auth",{event:"customOAuthState",data:Hr(uu(t))},"Auth",j),Z.dispatch("auth",{event:"signInWithRedirect"},"Auth",j),await ce()},du=e=>/-/.test(e),uu=e=>e.split("-").splice(1).join("-"),pu=e=>{typeof window<"u"&&typeof window.history<"u"&&window.history.replaceState(window.history.state,"",e)};function Ut(e,t){if(t){let o=e?.find(r=>r===t);if(!o)throw Zi;return o}else{let o=e?.find(lu)??e?.find(mu),r=e?.find(gu)??e?.find(fu);if(o)return o;throw r?Qi:Xi}}var lu=e=>e.startsWith(String(window.location.origin+(window.location.pathname||"/"))),mu=e=>e.includes(String(window.location.hostname)),fu=e=>e.startsWith("http://"),gu=e=>e.startsWith("https://");var Ot=async e=>{Wo(),await z.clearOAuthInflightData(),Z.dispatch("auth",{event:"signInWithRedirect_failure",data:{error:e}},"Auth",j)};var sa=async e=>{try{E(e),Le(e),z.setAuthConfig(e)}catch{return}if(await z.loadOAuthInFlight())try{let t=window.location.href,{loginWith:o,userPoolClientId:r}=e,{domain:n,redirectSignIn:i,responseType:s}=o.oauth,a=Ut(i);await rr({currentUrl:t,clientId:r,domain:n,redirectUri:a,responseType:s,userAgentValue:O(R.SignInWithRedirect)})}catch(t){await Ot(t)}};Ke()&&w[Mt](sa);var aa={Google:"Google",Facebook:"Facebook",Amazon:"LoginWithAmazon",Apple:"SignInWithApple"};var nr=async e=>{window?.location&&(window.location.href=e.replace("http://","https://"))};var ca="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",da=e=>{let t=new Uint8Array(e);st().getRandomValues(t);let o="",r;for(let n of t)o+=ca.charAt(n%ca.length);return{value:o,method:"S256",toCodeChallenge(){return r||(r=hu(o),r)}}};function hu(e){let t=new Be;return t.update(e),yu(fe.convert(t.digestSync(),{urlSafe:!0}))}function yu(e){return e.replace(/=/g,"")}var ua=()=>Br(32);var pa=e=>{async function t(o){if(o.persisted&&await e.loadOAuthInFlight()){let n=Te("User cancelled OAuth flow.");await Ot(n)}window.removeEventListener("pageshow",t)}window.addEventListener("pageshow",t)};async function ir(e){let t=w.getConfig().Auth?.Cognito;E(t),Le(t),z.setAuthConfig(t),e?.options?.prompt||await er();let o="COGNITO",r;return typeof e?.provider=="string"?o=aa[e.provider]:e?.provider?.custom?o=e.provider.custom:e?.provider?.idpIdentifier&&({idpIdentifier:r}=e.provider),Eu({oauthConfig:t.loginWith.oauth,clientId:t.userPoolClientId,provider:o,idpIdentifier:r,customState:e?.customState,preferPrivateSession:e?.options?.preferPrivateSession,options:{loginHint:e?.options?.loginHint,lang:e?.options?.lang,nonce:e?.options?.nonce,prompt:e?.options?.prompt},authSessionOpener:e?.options?.authSessionOpener})}var Eu=async({oauthConfig:e,provider:t,idpIdentifier:o,clientId:r,customState:n,preferPrivateSession:i,options:s,authSessionOpener:a})=>{let{domain:c,redirectSignIn:d,responseType:u,scopes:p}=e,{loginHint:l,lang:m,nonce:h,prompt:I}=s??{},A=ua(),S=a||nr,M=n?`${A}-${Kr(n)}`:A,{value:H,method:le,toCodeChallenge:ie}=da(128),Ee=Ut(e.redirectSignIn);Ke()&&z.storeOAuthInFlight(!0),z.storeOAuthState(M),z.storePKCE(H);let F=new URLSearchParams;F.append("redirect_uri",Ee),F.append("response_type",u),F.append("client_id",r),o?F.append("idp_identifier",o):F.append("identity_provider",t),F.append("scope",p.join(" ")),l&&F.append("login_hint",l),m&&F.append("lang",m),h&&F.append("nonce",h),I&&F.append("prompt",I.toLowerCase()),F.append("state",M),u==="code"&&(F.append("code_challenge",ie()),F.append("code_challenge_method",le));let nt=`https://${c}/oauth2/authorize?${F.toString()}`;pa(z);let{type:de,error:yt,url:Et}=await S(nt,d,i)??{};try{if(de==="error")throw Te(String(yt));if(de==="canceled")throw Te(String(de));de==="success"&&Et&&await rr({currentUrl:Et,clientId:r,domain:c,redirectUri:Ee,responseType:u,userAgentValue:O(R.SignInWithRedirect),preferPrivateSession:i})}catch(Fe){throw await Ot(Fe),Fe}};var la=async e=>{await e.clearOAuthData(),D.clearTokens(),await Ht(),Z.dispatch("auth",{event:"signedOut"},"Auth",j)};var ma=async(e,t=!1,o)=>{Le(e);let{loginWith:r,userPoolClientId:n}=e,{domain:i,redirectSignOut:s}=r.oauth,a=Ut(s,o),c=`https://${i}/logout?${Object.entries({client_id:n,logout_uri:encodeURIComponent(a)}).map(([d,u])=>`${d}=${u}`).join("&")}`;return nr(c)};var fa=async(e,t,o,r)=>{let{isOAuthSignIn:n}=await t.loadOAuthSignIn(),i=await o.getOAuthMetadata();if(await la(t),n||i?.oauthSignIn)return ma(e,!1,r)};var ga=e=>b(W,K("RevokeToken"),G(),{...V,...e});var ha=e=>b(W,K("GlobalSignOut"),G(),{...V,...e});var ya=new C("Auth");async function cn(e){let t=w.getConfig().Auth?.Cognito;E(t),e?.global?await Iu(t):await Su(t);let o;try{Le(t),o=!0}catch{o=!1}if(o){let r=new wt(we);r.setAuthConfig(t);let{type:n}=await fa(t,r,D,e?.oauth?.redirectUrl)??{};if(n==="error")throw new g({name:es,message:"An error occurred when attempting to log out from OAuth provider."})}else D.clearTokens(),await Ht(),Z.dispatch("auth",{event:"signedOut"},"Auth",j)}async function Su(e){try{let{userPoolEndpoint:t,userPoolId:o,userPoolClientId:r}=e,n=await D.getTokenStore().loadTokens();Bo(n),wu(n.accessToken)&&await ga({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:O(R.SignOut)},{ClientId:r,Token:n.refreshToken})}catch{ya.debug("Client signOut error caught but will proceed with token removal")}}async function Iu(e){try{let{userPoolEndpoint:t,userPoolId:o}=e,r=await D.getTokenStore().loadTokens();Lo(r),await ha({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:O(R.SignOut)},{AccessToken:r.accessToken.toString()})}catch{ya.debug("Global signOut error caught but will proceed with token removal")}}var wu=e=>!!e?.payload?.origin_jti;var Ea={identityId:"identityId"};var Au=new C("DefaultIdentityIdStore"),gt=class{setAuthConfig(t){ct(t.Cognito),this.authConfig=t,this._authKeys=xu("Cognito",t.Cognito.identityPoolId)}constructor(t){this._authKeys={},this._hasGuestIdentityId=!1,this.keyValueStorage=t}async loadIdentityId(){ct(this.authConfig?.Cognito);try{if(this._primaryIdentityId)return{id:this._primaryIdentityId,type:"primary"};{let t=await this.keyValueStorage.getItem(this._authKeys.identityId);return t?(this._hasGuestIdentityId=!0,{id:t,type:"guest"}):null}}catch(t){return Au.log("Error getting stored IdentityId.",t),null}}async storeIdentityId(t){ct(this.authConfig?.Cognito),t.type==="guest"?(this.keyValueStorage.setItem(this._authKeys.identityId,t.id),this._primaryIdentityId=void 0,this._hasGuestIdentityId=!0):(this._primaryIdentityId=t.id,this._hasGuestIdentityId&&(this.keyValueStorage.removeItem(this._authKeys.identityId),this._hasGuestIdentityId=!1))}async clearIdentityId(){this._primaryIdentityId=void 0,await this.keyValueStorage.removeItem(this._authKeys.identityId)}},xu=(e,t)=>Zt(Ea)(`com.amplify.${e}`,t);var oo=({endpointOverride:e})=>t=>e?{url:new te(e)}:Mr(t);function sr(e){let t=Q(e).payload.iss,o={};if(!t)throw new g({name:"InvalidIdTokenException",message:"Invalid Idtoken."});let r=t.replace(/(^\w+:|^)\/\//,"");return o[r]=e,o}async function Sa({tokens:e,authConfig:t,identityIdStore:o}){o.setAuthConfig({Cognito:t});let r=await o.loadIdentityId();if(r)return r.id;let n=e?.idToken?sr(e.idToken.toString()):{},i=await Cu(n,t);return o.storeIdentityId({id:i,type:e?"primary":"guest"}),i}async function Cu(e,t){let o=t?.identityPoolId,r=Yt(o),n=Or({endpointResolver:oo({endpointOverride:t.identityPoolEndpoint})}),i;try{i=(await n({region:r},{IdentityPoolId:o,Logins:e})).IdentityId}catch(s){throw B(s),new g(s)}if(!i)throw new g({name:"GetIdResponseException",message:"Received undefined response from getId operation",recoverySuggestion:"Make sure to pass a valid identityPoolId in the configuration."});return i}var ar=new C("CognitoCredentialsProvider"),Ia=3e3*1e3,ht=class{constructor(t){this._nextCredentialsRefresh=0,this._identityIdStore=t}async clearCredentialsAndIdentityId(){ar.debug("Clearing out credentials and identityId"),this._credentialsAndIdentityId=void 0,await this._identityIdStore.clearIdentityId()}async clearCredentials(){ar.debug("Clearing out in-memory credentials"),this._credentialsAndIdentityId=void 0}async getCredentialsAndIdentityId(t){let o=t.authenticated,{tokens:r}=t,{authConfig:n}=t;try{ct(n?.Cognito)}catch{return}if(!o&&!n.Cognito.allowGuestAccess)return;let{forceRefresh:i}=t,s=this.hasTokenChanged(r),a=await Sa({tokens:r,authConfig:n.Cognito,identityIdStore:this._identityIdStore});return(i||s)&&this.clearCredentials(),o?(rs(r),this.credsForOIDCTokens(n.Cognito,r,a)):this.getGuestCredentials(a,n.Cognito)}async getGuestCredentials(t,o){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!1)return ar.info("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let r=Yt(o.identityPoolId),n=Ao({endpointResolver:oo({endpointOverride:o.identityPoolEndpoint})}),i;try{i=await n({region:r},{IdentityId:t})}catch(s){throw B(s),new g(s)}if(i?.Credentials?.AccessKeyId&&i?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Ia;let s={credentials:{accessKeyId:i.Credentials.AccessKeyId,secretAccessKey:i.Credentials.SecretKey,sessionToken:i.Credentials.SessionToken,expiration:i.Credentials.Expiration},identityId:t};return i.IdentityId&&(s.identityId=i.IdentityId,this._identityIdStore.storeIdentityId({id:i.IdentityId,type:"guest"})),this._credentialsAndIdentityId={...s,isAuthenticatedCreds:!1},s}else throw new g({name:"CredentialsNotFoundException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}async credsForOIDCTokens(t,o,r){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!0)return ar.debug("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let n=o.idToken?sr(o.idToken.toString()):{},i=Yt(t.identityPoolId),s=Ao({endpointResolver:oo({endpointOverride:t.identityPoolEndpoint})}),a;try{a=await s({region:i},{IdentityId:r,Logins:n})}catch(c){throw B(c),new g(c)}if(a?.Credentials?.AccessKeyId&&a?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Ia;let c={credentials:{accessKeyId:a.Credentials.AccessKeyId,secretAccessKey:a.Credentials.SecretKey,sessionToken:a.Credentials.SessionToken,expiration:a.Credentials.Expiration},identityId:r};return a.IdentityId&&(c.identityId=a.IdentityId,this._identityIdStore.storeIdentityId({id:a.IdentityId,type:"primary"})),this._credentialsAndIdentityId={...c,isAuthenticatedCreds:!0,associatedIdToken:o.idToken?.toString()},c}else throw new g({name:"CredentialsException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}isPastTTL(){return this._nextCredentialsRefresh===void 0?!0:this._nextCredentialsRefresh<=Date.now()}hasTokenChanged(t){return!!t&&!!this._credentialsAndIdentityId?.associatedIdToken&&t.idToken?.toString()!==this._credentialsAndIdentityId.associatedIdToken}};var dn=new ht(new gt(we));var un={configure(e,t){let o=kt(e),r=new $t({sameSite:"lax"}),n=t?.ssr?r:we,i=t?.ssr?new ht(new gt(r)):dn;if(!o.Auth){w.configure(o,t);return}if(t?.Auth){w.configure(o,t);return}if(!w.libraryOptions.Auth){ft.setAuthConfig(o.Auth),ft.setKeyValueStorage(n),w.configure(o,{...t,Auth:{tokenProvider:ft,credentialsProvider:i}});return}if(t){let s=w.libraryOptions.Auth;t.ssr!==void 0&&(ft.setKeyValueStorage(n),s.credentialsProvider=i),w.configure(o,{Auth:s,...t});return}w.configure(o)},getConfig(){return w.getConfig()}};var wa=new Map;function pn(e,t){wa.set(e,t)}pn("none",async()=>({login:async()=>{},logout:async()=>{},getUser:async()=>{},getTokenSilently:async()=>"none",isAuthenticated:async()=>!0}));async function Aa(e){let t=wa.get(e.provider);if(!t)throw new Error(`Auth provider "${e.provider}" not registered. Import "foundation-sdk/${e.provider}" to register it.`);return t(e)}function xa(e){let t=null,o=[];function r(){o.forEach(i=>{try{i(t)}catch{}})}async function n(){let i=await e.getUser();t=i?{id:i.id,email:i.email,name:i.name,picture:i.picture}:null}return{get user(){return t},get isAuthenticated(){return!!t},async getToken(){return e.getTokenSilently()},async login(i){await e.login(i),await n(),r()},async logout(i){await e.logout(i),t=null,r()},async signIn(i,s){if(!e.signIn)throw new Error("signIn not supported by this auth provider");await e.signIn(i,s),await n(),r()},async signUp(i,s,a){if(!e.signUp)throw new Error("signUp not supported by this auth provider");await e.signUp(i,s,a)},async forgotPassword(i){if(!e.forgotPassword)throw new Error("forgotPassword not supported by this auth provider");await e.forgotPassword(i)},async resetPassword(i,s){if(!e.resetPassword)throw new Error("resetPassword not supported by this auth provider");await e.resetPassword(i,s)},onChange(i){return o.length>=100?(console.warn("[Foundation SDK] Auth listener limit reached."),()=>{}):(o.push(i),()=>{let s=o.indexOf(i);s>-1&&o.splice(s,1)})},async _initUser(){await e.isAuthenticated()&&await n()}}}function vu(e){return e?.response!==void 0?e.response:e?.data!==void 0?e.data:e}function Pu(e,t){let o=t?.error;if(o){let n=o.message||"Unknown error",i=o.details;if(i?.length){let s=i.map(a=>a.field?`${a.field}: ${a.message}`:a.message).join(", ");n=n?`${n} ${s}`:s}return Object.assign(new Error(n),{code:o.code,type:o.code,details:i,status:e})}let r=t?.data?.message||t?.message;return r?Object.assign(new Error(r),{status:e}):Object.assign(new Error(`HTTP ${e}`),{status:e})}function Ca(e){function t(n){return{"X-Foundation-Mvp-Application-Id":e.appId,"X-Foundation-Mvp-Tenant-Id":e.tenantId,"X-Foundation-Mvp-Application-Version":e.version,"Content-Type":"application/json",Authorization:`Bearer ${n}`}}async function o(n,i,s,a={}){let c=await e.getToken(),d=t(c),u=`${n}${i}`;if(a.params){let h=new URLSearchParams;for(let[A,S]of Object.entries(a.params))S!=null&&h.set(A,String(S));let I=h.toString();I&&(u+=`?${I}`)}let p={method:s,headers:d};a.body!==void 0&&(p.body=JSON.stringify(a.body));let l=await fetch(u,p);if(!l.ok){let h={};try{h=await l.json()}catch{}throw Pu(l.status,h)}if(l.status===204)return null;let m=await l.json();return vu(m)}async function r(n,i={}){return fetch(n,i)}return{request:o,rawFetch:r,headers:t}}function ln(e){if(!e)throw new Error("Token parsing failed: Missing auth token");try{let[t,o]=e.split("?"),r=t.split(".");if(r.length!==3)throw new Error("Invalid JWT format");let n=atob(r[1]),i=JSON.parse(n);o&&new URLSearchParams(o).forEach((u,p)=>{i[p]=u});let s=i["BaseApplication/apiBaseUrl"];if(!s)throw new Error("Token missing apiBaseUrl");let a=i["BaseApplication/websocketBaseUrl"]||"",c=i["BaseApplication/accountBaseUrl"]||s;return{sub:i.sub||"",apiBaseUrl:s,accountBaseUrl:c,websocketBaseUrl:a,userId:i["BaseApplication/userId"]||"",namespace:i["BaseApplication/namespace"]}}catch(t){if(t instanceof Error&&t.message.startsWith("Token"))throw t;let o=t instanceof Error?t.message:"Failed to parse token";throw new Error(`Token parsing failed: ${o}`)}}async function va(e){let t=e.configUrl,o=e.appId,r=e.tenantId;try{let x=await fetch("/foundation-env.json");if(x.ok){let X=await x.json();X.configUrl&&(t=X.configUrl,o=X.applicationId||o,r=X.applicationTenant||r)}}catch{}if(!t)throw new Error("No configUrl provided and /foundation-env.json not found");let n={Accept:"application/json","Cache-Control":"no-cache"};o&&(n["X-Foundation-Mvp-Application-Id"]=o),r&&(n["X-Foundation-Mvp-Tenant-Id"]=r);let i=await fetch(t,{headers:n});if(!i.ok)throw new Error(`Failed to fetch config: ${i.statusText}`);let s=await i.json(),a=s.data??s,c=a.auth||{provider:"none"},d=e.auth||await Aa(c),p=xa(d);await p._initUser();let l,m;if(e.baseUrl)l=e.baseUrl,m=e.baseUrl;else if(c.apiUrls?.apiBaseUrl){let x=c.apiUrls;l=x.apiBaseUrl,m=x.accountBaseUrl||l}else{let x=await d.getTokenSilently(),X=ln(x);l=X.apiBaseUrl,m=X.accountBaseUrl}let h=o||a.app?.id||a.tenant?.identifier||"",I=r||a.tenant?.identifier||"",A=a.app?.version||a.core?.version||"0.0.0",S=Ca({appId:h,tenantId:I,version:A,getToken:()=>d.getTokenSilently()}),M={};try{M=await S.request(l,"/api/v1/config/init","GET")||{}}catch(x){console.warn("[Foundation SDK] Backend config fetch failed:",x)}let H={...a,...M},le="";try{let x=await d.getTokenSilently();x&&x!=="none"&&(le=ln(x).namespace||"")}catch{}let ie={get app(){let x=H.app||{};return{id:x.id||h,name:x.name||"",version:x.version||A,environment:x.environment||"",...x}},get features(){return H.features||{}},get plans(){return H.plans||[]},get theme(){let x=H.theme||{};return{colors:x.colors||{},dark:x.dark||{},defaultColorScheme:x.defaultColorScheme}},get connectors(){return H.connectors||{}},get resources(){return H.resources||{}},get auth(){let{provider:x,...X}=c;return{provider:x,...X}},get raw(){return H}},Ee=Tu(S,l),F=Ru(S,l,le),nt=_u(S,m),de=Nu(S,l,m,le),yt=bu(S,l),Et=Uu(),Fe=[];return{get ready(){return Promise.resolve()},get isReady(){return!0},auth:p,db:Ee,files:F,integration:de,account:nt,config:ie,openapi:yt,log:Et,on(x,X){return x==="entity.changed"?(Fe.push(X),()=>{let ro=Fe.indexOf(X);ro>-1&&Fe.splice(ro,1)}):()=>{}}}}function Tu(e,t){return{async list(o,r={}){let{filters:n,limit:i,cursor:s,orderBy:a,orderDir:c}=r,d={...n};return i&&(d.limit=i),s&&(d.next=s),a&&(d.orderBy=a),c&&(d.orderDir=c),e.request(t,`/api/v1/core/${o}`,"GET",{params:d})},async get(o,r){return e.request(t,`/api/v1/core/${o}`,"GET",{params:{id:r}})},async create(o,r){return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})},async update(o,r,n){return e.request(t,`/api/v1/core/${o}`,"PUT",{body:{id:r,...n}})},async save(o,r){try{return await e.request(t,`/api/v1/core/${o}`,"PUT",{body:r})}catch{return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})}},async delete(o,r){await e.request(t,`/api/v1/core/${o}`,"DELETE",{body:{id:r}})}}}function Ru(e,t,o){return{async initiate(r){return e.request(t,"/api/v1/core/upload","POST",{body:{...r,__namespace:o}})},async upload(r){let n;r.file instanceof ArrayBuffer?n=r.file:n=await r.file.arrayBuffer();let i=await e.request(t,"/api/v1/core/upload","POST",{body:{name:r.name,contentType:r.contentType,contentLength:n.byteLength,sha256:r.sha256,__namespace:o}});if(!i.signedUrl||!i.signedData)throw new Error("Missing signedUrl or signedData in response");let s=new FormData;Object.entries(i.signedData).forEach(([c,d])=>{s.append(c,d)}),s.append("file",new Blob([n],{type:r.contentType}),r.name);let a=await fetch(i.signedUrl,{method:"POST",body:s});if(a.status!==204)throw new Error(`S3 upload failed: ${a.status}`);return{id:i.id,name:i.name,status:"uploaded",s3UploadComplete:!0}},async get(r){return e.request(t,"/api/v1/core/files","GET",{params:{id:r,__namespace:o}})},async delete(r){await e.request(t,`/api/v1/core/files/${r}`,"DELETE")},async list(r={}){let n={__namespace:o};r.limit&&(n.limit=r.limit),r.cursor&&(n.cursor=r.cursor);let i=await e.request(t,"/api/v1/core/files","GET",{params:n});return{items:i?.items||[],nextCursor:i?.next}}}}function _u(e,t){return{async get(){return e.request(t,"/api/v1/accounts/account","GET")},async update(o){await e.request(t,"/api/v1/accounts/account","PUT",{body:{user:o}})},async usage(){return e.request(t,"/api/v1/accounts/account/usage","GET")},async resendVerification(){await e.request(t,"/api/v1/accounts/account/resend-verification","POST")}}}function Nu(e,t,o,r){let n={async list(){return e.request(t,"/api/v1/config/connectors","GET")},async connections(){return e.request(t,"/api/v1/core/integrations","GET",{params:{query:"default",__namespace:r}})},async all(){let[i,s]=await Promise.all([n.list(),n.connections()]),a=Array.isArray(i)?i:i?.items||[],c=Array.isArray(s)?s:s?.items||[],d=new Map;for(let u of c){let p=u.source||u.id;d.has(p)||d.set(p,[]),d.get(p).push(u)}return a.map(u=>{let p=d.get(u.id)||[];return{...u,connections:p,connected:p.some(l=>l.connected),connectionCount:p.filter(l=>l.connected).length}})},async status(i){let s=await n.connections(),c=(Array.isArray(s)?s:s?.items||[]).filter(d=>d.source===i&&d.connected);return{connected:c.length>0,connections:c}},async connect(i){return e.request(o,`/api/v1/accounts/integrations/${i}/initialize`,"POST",{body:{__namespace:r}})},async disconnect(i,s){await e.request(o,`/api/v1/accounts/integrations/${i}/remove`,"POST",{body:{configurationId:s}})}};return n}function bu(e,t){return{async get(){return e.request(t,"/api/v1/config/openapi","GET")}}}function Uu(){return{info:(e,t)=>console.log(`[Foundation] ${e}`,t??""),warn:(e,t)=>console.warn(`[Foundation] ${e}`,t??""),error:(e,t)=>console.error(`[Foundation] ${e}`,t??""),event:(e,t)=>console.log(`[Foundation Event] ${e}`,t??"")}}pn("cognito",async e=>{let t=e.cognito;if(!t)throw new Error("Cognito config required");return un.configure({Auth:{Cognito:{userPoolId:t.userPoolId,userPoolClientId:t.clientId,loginWith:{oauth:{domain:t.domain.replace("https://",""),scopes:(t.scope||"openid profile email").split(" "),redirectSignIn:[window.location.origin],redirectSignOut:[window.location.origin],responseType:"code"}}}}}),{login:async()=>{await ir()},logout:async()=>{await cn()},getUser:async()=>{try{let o=await Ze();return{id:o.userId,email:o.signInDetails?.loginId||"",name:o.username}}catch{return}},getTokenSilently:async()=>{let r=(await yo()).tokens?.accessToken?.toString();if(!r)throw new Error("No token");return r},isAuthenticated:async()=>{try{return await Ze(),!0}catch{return!1}},signIn:async(o,r)=>{await bt({username:o,password:r})},signUp:async(o,r,n)=>{await rn({username:o,password:r,options:{userAttributes:{email:o,...n}}})},forgotPassword:async o=>{await nn({username:o})},resetPassword:async(o,r)=>{await sn({username:"",confirmationCode:o,newPassword:r})}}});return Fa(Ou);})();
+        `},emptyUsername:{message:q.EMPTY_USERNAME},invalidUsername:{message:q.INVALID_USERNAME},emptyPassword:{message:q.EMPTY_PASSWORD},emptyCode:{message:q.EMPTY_CODE},signUpError:{message:q.SIGN_UP_ERROR,log:"The first parameter should either be non-null string or object"},noMFA:{message:q.NO_MFA},invalidMFA:{message:q.INVALID_MFA},emptyChallengeResponse:{message:q.EMPTY_CHALLENGE},noUserSession:{message:q.NO_USER_SESSION},deviceConfig:{message:q.DEVICE_CONFIG},networkError:{message:q.NETWORK_ERROR},autoSignInError:{message:q.AUTOSIGNIN_ERROR},default:{message:q.DEFAULT_MSG}};var Te=(e,t)=>new g({message:e??"An error has occurred during the oauth process.",name:Ne.OAuthSignInError,recoverySuggestion:t??na.oauthSignInError.log});var or;(function(e){e.NoConfig="noConfig",e.MissingAuthConfig="missingAuthConfig",e.EmptyUsername="emptyUsername",e.InvalidUsername="invalidUsername",e.EmptyPassword="emptyPassword",e.EmptyCode="emptyCode",e.SignUpError="signUpError",e.NoMFA="noMFA",e.InvalidMFA="invalidMFA",e.EmptyChallengeResponse="emptyChallengeResponse",e.NoUserSession="noUserSession",e.Default="default",e.DeviceConfig="deviceConfig",e.NetworkError="networkError",e.AutoSignInError="autoSignInError",e.OAuthSignInError="oauthSignInError"})(or||(or={}));var nu="`signInWithRedirect` has been canceled.",iu="An error occurred while validating the state.",su="Try to initiate an OAuth flow from Amplify",an=async e=>{let t=await z.loadOAuthState(),o=e===t?t:void 0;if(!o)throw new g({name:or.OAuthSignInError,message:e===null?nu:iu,recoverySuggestion:e===null?void 0:su});return o};var rr=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,responseType:n,domain:i,preferPrivateSession:s})=>{let a=new te(e),c=a.searchParams.get("error"),d=a.searchParams.get("error_description");if(c)throw Te(d??c);return n==="code"?au({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:i,preferPrivateSession:s}):cu({currentUrl:e,redirectUri:r,preferPrivateSession:s})},au=async({currentUrl:e,userAgentValue:t,clientId:o,redirectUri:r,domain:n,preferPrivateSession:i})=>{let s=new te(e),a=s.searchParams.get("code"),c=s.searchParams.get("state");if(!a||!c)throw Te("User cancelled OAuth flow.");let d=await an(c),u="https://"+n+"/oauth2/token",p=await z.loadPKCE(),l={grant_type:"authorization_code",code:a,client_id:o,redirect_uri:r,...p?{code_verifier:p}:{}},m=Object.entries(l).map(([Ee,F])=>`${encodeURIComponent(Ee)}=${encodeURIComponent(F)}`).join("&"),{access_token:h,refresh_token:I,id_token:A,error:S,error_message:M,token_type:H,expires_in:le}=await(await fetch(u,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",[ur]:t},body:m})).json();if(S)throw Te(M??S);let ie=(h&&Q(h).payload.username)??"username";return await oe({username:ie,AccessToken:h,IdToken:A,RefreshToken:I}),ia({redirectUri:r,state:d,preferPrivateSession:i})},cu=async({currentUrl:e,redirectUri:t,preferPrivateSession:o})=>{let r=new te(e),{id_token:n,access_token:i,state:s,token_type:a,expires_in:c,error_description:d,error:u}=(r.hash??"#").substring(1).split("&").map(m=>m.split("=")).reduce((m,[h,I])=>({...m,[h]:I}),{id_token:void 0,access_token:void 0,state:void 0,token_type:void 0,expires_in:void 0,error_description:void 0,error:void 0});if(u)throw Te(d??u);if(!i)throw Te("No access token returned from OAuth flow.");let p=await an(s),l=(i&&Q(i).payload.username)??"username";return await oe({username:l,AccessToken:i,IdToken:n}),ia({redirectUri:t,state:p,preferPrivateSession:o})},ia=async({redirectUri:e,state:t,preferPrivateSession:o})=>{await D.setOAuthMetadata({oauthSignIn:!0}),await z.clearOAuthData(),await z.storeOAuthSignIn(!0,o),Wo(),pu(e),du(t)&&Z.dispatch("auth",{event:"customOAuthState",data:Hr(uu(t))},"Auth",j),Z.dispatch("auth",{event:"signInWithRedirect"},"Auth",j),await ce()},du=e=>/-/.test(e),uu=e=>e.split("-").splice(1).join("-"),pu=e=>{typeof window<"u"&&typeof window.history<"u"&&window.history.replaceState(window.history.state,"",e)};function Ut(e,t){if(t){let o=e?.find(r=>r===t);if(!o)throw Zi;return o}else{let o=e?.find(lu)??e?.find(mu),r=e?.find(gu)??e?.find(fu);if(o)return o;throw r?Qi:Xi}}var lu=e=>e.startsWith(String(window.location.origin+(window.location.pathname||"/"))),mu=e=>e.includes(String(window.location.hostname)),fu=e=>e.startsWith("http://"),gu=e=>e.startsWith("https://");var Ot=async e=>{Wo(),await z.clearOAuthInflightData(),Z.dispatch("auth",{event:"signInWithRedirect_failure",data:{error:e}},"Auth",j)};var sa=async e=>{try{E(e),Le(e),z.setAuthConfig(e)}catch{return}if(await z.loadOAuthInFlight())try{let t=window.location.href,{loginWith:o,userPoolClientId:r}=e,{domain:n,redirectSignIn:i,responseType:s}=o.oauth,a=Ut(i);await rr({currentUrl:t,clientId:r,domain:n,redirectUri:a,responseType:s,userAgentValue:O(R.SignInWithRedirect)})}catch(t){await Ot(t)}};Ke()&&w[Mt](sa);var aa={Google:"Google",Facebook:"Facebook",Amazon:"LoginWithAmazon",Apple:"SignInWithApple"};var nr=async e=>{window?.location&&(window.location.href=e.replace("http://","https://"))};var ca="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",da=e=>{let t=new Uint8Array(e);st().getRandomValues(t);let o="",r;for(let n of t)o+=ca.charAt(n%ca.length);return{value:o,method:"S256",toCodeChallenge(){return r||(r=hu(o),r)}}};function hu(e){let t=new Be;return t.update(e),yu(fe.convert(t.digestSync(),{urlSafe:!0}))}function yu(e){return e.replace(/=/g,"")}var ua=()=>Br(32);var pa=e=>{async function t(o){if(o.persisted&&await e.loadOAuthInFlight()){let n=Te("User cancelled OAuth flow.");await Ot(n)}window.removeEventListener("pageshow",t)}window.addEventListener("pageshow",t)};async function ir(e){let t=w.getConfig().Auth?.Cognito;E(t),Le(t),z.setAuthConfig(t),e?.options?.prompt||await er();let o="COGNITO",r;return typeof e?.provider=="string"?o=aa[e.provider]:e?.provider?.custom?o=e.provider.custom:e?.provider?.idpIdentifier&&({idpIdentifier:r}=e.provider),Eu({oauthConfig:t.loginWith.oauth,clientId:t.userPoolClientId,provider:o,idpIdentifier:r,customState:e?.customState,preferPrivateSession:e?.options?.preferPrivateSession,options:{loginHint:e?.options?.loginHint,lang:e?.options?.lang,nonce:e?.options?.nonce,prompt:e?.options?.prompt},authSessionOpener:e?.options?.authSessionOpener})}var Eu=async({oauthConfig:e,provider:t,idpIdentifier:o,clientId:r,customState:n,preferPrivateSession:i,options:s,authSessionOpener:a})=>{let{domain:c,redirectSignIn:d,responseType:u,scopes:p}=e,{loginHint:l,lang:m,nonce:h,prompt:I}=s??{},A=ua(),S=a||nr,M=n?`${A}-${Kr(n)}`:A,{value:H,method:le,toCodeChallenge:ie}=da(128),Ee=Ut(e.redirectSignIn);Ke()&&z.storeOAuthInFlight(!0),z.storeOAuthState(M),z.storePKCE(H);let F=new URLSearchParams;F.append("redirect_uri",Ee),F.append("response_type",u),F.append("client_id",r),o?F.append("idp_identifier",o):F.append("identity_provider",t),F.append("scope",p.join(" ")),l&&F.append("login_hint",l),m&&F.append("lang",m),h&&F.append("nonce",h),I&&F.append("prompt",I.toLowerCase()),F.append("state",M),u==="code"&&(F.append("code_challenge",ie()),F.append("code_challenge_method",le));let nt=`https://${c}/oauth2/authorize?${F.toString()}`;pa(z);let{type:de,error:yt,url:Et}=await S(nt,d,i)??{};try{if(de==="error")throw Te(String(yt));if(de==="canceled")throw Te(String(de));de==="success"&&Et&&await rr({currentUrl:Et,clientId:r,domain:c,redirectUri:Ee,responseType:u,userAgentValue:O(R.SignInWithRedirect),preferPrivateSession:i})}catch(Fe){throw await Ot(Fe),Fe}};var la=async e=>{await e.clearOAuthData(),D.clearTokens(),await Ht(),Z.dispatch("auth",{event:"signedOut"},"Auth",j)};var ma=async(e,t=!1,o)=>{Le(e);let{loginWith:r,userPoolClientId:n}=e,{domain:i,redirectSignOut:s}=r.oauth,a=Ut(s,o),c=`https://${i}/logout?${Object.entries({client_id:n,logout_uri:encodeURIComponent(a)}).map(([d,u])=>`${d}=${u}`).join("&")}`;return nr(c)};var fa=async(e,t,o,r)=>{let{isOAuthSignIn:n}=await t.loadOAuthSignIn(),i=await o.getOAuthMetadata();if(await la(t),n||i?.oauthSignIn)return ma(e,!1,r)};var ga=e=>b(W,K("RevokeToken"),G(),{...V,...e});var ha=e=>b(W,K("GlobalSignOut"),G(),{...V,...e});var ya=new C("Auth");async function cn(e){let t=w.getConfig().Auth?.Cognito;E(t),e?.global?await Iu(t):await Su(t);let o;try{Le(t),o=!0}catch{o=!1}if(o){let r=new wt(we);r.setAuthConfig(t);let{type:n}=await fa(t,r,D,e?.oauth?.redirectUrl)??{};if(n==="error")throw new g({name:es,message:"An error occurred when attempting to log out from OAuth provider."})}else D.clearTokens(),await Ht(),Z.dispatch("auth",{event:"signedOut"},"Auth",j)}async function Su(e){try{let{userPoolEndpoint:t,userPoolId:o,userPoolClientId:r}=e,n=await D.getTokenStore().loadTokens();Bo(n),wu(n.accessToken)&&await ga({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:O(R.SignOut)},{ClientId:r,Token:n.refreshToken})}catch{ya.debug("Client signOut error caught but will proceed with token removal")}}async function Iu(e){try{let{userPoolEndpoint:t,userPoolId:o}=e,r=await D.getTokenStore().loadTokens();Lo(r),await ha({endpointResolver:P({endpointOverride:t})})({region:v(o),userAgentValue:O(R.SignOut)},{AccessToken:r.accessToken.toString()})}catch{ya.debug("Global signOut error caught but will proceed with token removal")}}var wu=e=>!!e?.payload?.origin_jti;var Ea={identityId:"identityId"};var Au=new C("DefaultIdentityIdStore"),gt=class{setAuthConfig(t){ct(t.Cognito),this.authConfig=t,this._authKeys=xu("Cognito",t.Cognito.identityPoolId)}constructor(t){this._authKeys={},this._hasGuestIdentityId=!1,this.keyValueStorage=t}async loadIdentityId(){ct(this.authConfig?.Cognito);try{if(this._primaryIdentityId)return{id:this._primaryIdentityId,type:"primary"};{let t=await this.keyValueStorage.getItem(this._authKeys.identityId);return t?(this._hasGuestIdentityId=!0,{id:t,type:"guest"}):null}}catch(t){return Au.log("Error getting stored IdentityId.",t),null}}async storeIdentityId(t){ct(this.authConfig?.Cognito),t.type==="guest"?(this.keyValueStorage.setItem(this._authKeys.identityId,t.id),this._primaryIdentityId=void 0,this._hasGuestIdentityId=!0):(this._primaryIdentityId=t.id,this._hasGuestIdentityId&&(this.keyValueStorage.removeItem(this._authKeys.identityId),this._hasGuestIdentityId=!1))}async clearIdentityId(){this._primaryIdentityId=void 0,await this.keyValueStorage.removeItem(this._authKeys.identityId)}},xu=(e,t)=>Zt(Ea)(`com.amplify.${e}`,t);var oo=({endpointOverride:e})=>t=>e?{url:new te(e)}:Mr(t);function sr(e){let t=Q(e).payload.iss,o={};if(!t)throw new g({name:"InvalidIdTokenException",message:"Invalid Idtoken."});let r=t.replace(/(^\w+:|^)\/\//,"");return o[r]=e,o}async function Sa({tokens:e,authConfig:t,identityIdStore:o}){o.setAuthConfig({Cognito:t});let r=await o.loadIdentityId();if(r)return r.id;let n=e?.idToken?sr(e.idToken.toString()):{},i=await Cu(n,t);return o.storeIdentityId({id:i,type:e?"primary":"guest"}),i}async function Cu(e,t){let o=t?.identityPoolId,r=Yt(o),n=Or({endpointResolver:oo({endpointOverride:t.identityPoolEndpoint})}),i;try{i=(await n({region:r},{IdentityPoolId:o,Logins:e})).IdentityId}catch(s){throw B(s),new g(s)}if(!i)throw new g({name:"GetIdResponseException",message:"Received undefined response from getId operation",recoverySuggestion:"Make sure to pass a valid identityPoolId in the configuration."});return i}var ar=new C("CognitoCredentialsProvider"),Ia=3e3*1e3,ht=class{constructor(t){this._nextCredentialsRefresh=0,this._identityIdStore=t}async clearCredentialsAndIdentityId(){ar.debug("Clearing out credentials and identityId"),this._credentialsAndIdentityId=void 0,await this._identityIdStore.clearIdentityId()}async clearCredentials(){ar.debug("Clearing out in-memory credentials"),this._credentialsAndIdentityId=void 0}async getCredentialsAndIdentityId(t){let o=t.authenticated,{tokens:r}=t,{authConfig:n}=t;try{ct(n?.Cognito)}catch{return}if(!o&&!n.Cognito.allowGuestAccess)return;let{forceRefresh:i}=t,s=this.hasTokenChanged(r),a=await Sa({tokens:r,authConfig:n.Cognito,identityIdStore:this._identityIdStore});return(i||s)&&this.clearCredentials(),o?(rs(r),this.credsForOIDCTokens(n.Cognito,r,a)):this.getGuestCredentials(a,n.Cognito)}async getGuestCredentials(t,o){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!1)return ar.info("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let r=Yt(o.identityPoolId),n=Ao({endpointResolver:oo({endpointOverride:o.identityPoolEndpoint})}),i;try{i=await n({region:r},{IdentityId:t})}catch(s){throw B(s),new g(s)}if(i?.Credentials?.AccessKeyId&&i?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Ia;let s={credentials:{accessKeyId:i.Credentials.AccessKeyId,secretAccessKey:i.Credentials.SecretKey,sessionToken:i.Credentials.SessionToken,expiration:i.Credentials.Expiration},identityId:t};return i.IdentityId&&(s.identityId=i.IdentityId,this._identityIdStore.storeIdentityId({id:i.IdentityId,type:"guest"})),this._credentialsAndIdentityId={...s,isAuthenticatedCreds:!1},s}else throw new g({name:"CredentialsNotFoundException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}async credsForOIDCTokens(t,o,r){if(this._credentialsAndIdentityId&&!this.isPastTTL()&&this._credentialsAndIdentityId.isAuthenticatedCreds===!0)return ar.debug("returning stored credentials as they neither past TTL nor expired."),this._credentialsAndIdentityId;this.clearCredentials();let n=o.idToken?sr(o.idToken.toString()):{},i=Yt(t.identityPoolId),s=Ao({endpointResolver:oo({endpointOverride:t.identityPoolEndpoint})}),a;try{a=await s({region:i},{IdentityId:r,Logins:n})}catch(c){throw B(c),new g(c)}if(a?.Credentials?.AccessKeyId&&a?.Credentials?.SecretKey){this._nextCredentialsRefresh=new Date().getTime()+Ia;let c={credentials:{accessKeyId:a.Credentials.AccessKeyId,secretAccessKey:a.Credentials.SecretKey,sessionToken:a.Credentials.SessionToken,expiration:a.Credentials.Expiration},identityId:r};return a.IdentityId&&(c.identityId=a.IdentityId,this._identityIdStore.storeIdentityId({id:a.IdentityId,type:"primary"})),this._credentialsAndIdentityId={...c,isAuthenticatedCreds:!0,associatedIdToken:o.idToken?.toString()},c}else throw new g({name:"CredentialsException",message:"Cognito did not respond with either Credentials, AccessKeyId or SecretKey."})}isPastTTL(){return this._nextCredentialsRefresh===void 0?!0:this._nextCredentialsRefresh<=Date.now()}hasTokenChanged(t){return!!t&&!!this._credentialsAndIdentityId?.associatedIdToken&&t.idToken?.toString()!==this._credentialsAndIdentityId.associatedIdToken}};var dn=new ht(new gt(we));var un={configure(e,t){let o=kt(e),r=new $t({sameSite:"lax"}),n=t?.ssr?r:we,i=t?.ssr?new ht(new gt(r)):dn;if(!o.Auth){w.configure(o,t);return}if(t?.Auth){w.configure(o,t);return}if(!w.libraryOptions.Auth){ft.setAuthConfig(o.Auth),ft.setKeyValueStorage(n),w.configure(o,{...t,Auth:{tokenProvider:ft,credentialsProvider:i}});return}if(t){let s=w.libraryOptions.Auth;t.ssr!==void 0&&(ft.setKeyValueStorage(n),s.credentialsProvider=i),w.configure(o,{Auth:s,...t});return}w.configure(o)},getConfig(){return w.getConfig()}};var wa=new Map;function pn(e,t){wa.set(e,t)}pn("none",async()=>({login:async()=>{},logout:async()=>{},getUser:async()=>{},getTokenSilently:async()=>"none",isAuthenticated:async()=>!0}));async function Aa(e){let t=wa.get(e.provider);if(!t)throw new Error(`Auth provider "${e.provider}" not registered. Import "foundation-sdk/${e.provider}" to register it.`);return t(e)}function xa(e){let t=null,o=[];function r(){o.forEach(i=>{try{i(t)}catch{}})}async function n(){let i=await e.getUser();t=i?{id:i.id,email:i.email,name:i.name,picture:i.picture}:null}return{get user(){return t},get isAuthenticated(){return!!t},async getToken(){return e.getTokenSilently()},async login(i){await e.login(i),await n(),r()},async logout(i){await e.logout(i),t=null,r()},async signIn(i,s){if(!e.signIn)throw new Error("signIn not supported by this auth provider");await e.signIn(i,s),await n(),r()},async signUp(i,s,a){if(!e.signUp)throw new Error("signUp not supported by this auth provider");await e.signUp(i,s,a)},async forgotPassword(i){if(!e.forgotPassword)throw new Error("forgotPassword not supported by this auth provider");await e.forgotPassword(i)},async resetPassword(i,s){if(!e.resetPassword)throw new Error("resetPassword not supported by this auth provider");await e.resetPassword(i,s)},onChange(i){return o.length>=100?(console.warn("[Foundation SDK] Auth listener limit reached."),()=>{}):(o.push(i),()=>{let s=o.indexOf(i);s>-1&&o.splice(s,1)})},async _initUser(){await e.isAuthenticated()&&await n()}}}function vu(e){return e?.response!==void 0?e.response:e?.data!==void 0?e.data:e}function Pu(e,t){let o=t?.error;if(o){let n=o.message||"Unknown error",i=o.details;if(i?.length){let s=i.map(a=>a.field?`${a.field}: ${a.message}`:a.message).join(", ");n=n?`${n} ${s}`:s}return Object.assign(new Error(n),{code:o.code,type:o.code,details:i,status:e})}let r=t?.data?.message||t?.message;return r?Object.assign(new Error(r),{status:e}):Object.assign(new Error(`HTTP ${e}`),{status:e})}function Ca(e){function t(n){return{"X-Foundation-Mvp-Application-Id":e.appId,"X-Foundation-Mvp-Tenant-Id":e.tenantId,"X-Foundation-Mvp-Application-Version":e.version,"Content-Type":"application/json",Authorization:`Bearer ${n}`}}async function o(n,i,s,a={}){let c=await e.getToken(),d=t(c),u=`${n}${i}`;if(a.params){let h=new URLSearchParams;for(let[A,S]of Object.entries(a.params))S!=null&&h.set(A,String(S));let I=h.toString();I&&(u+=`?${I}`)}let p={method:s,headers:d};a.body!==void 0&&(p.body=JSON.stringify(a.body));let l=await fetch(u,p);if(!l.ok){let h={};try{h=await l.json()}catch{}throw Pu(l.status,h)}if(l.status===204)return null;let m=await l.json();return vu(m)}async function r(n,i={}){return fetch(n,i)}return{request:o,rawFetch:r,headers:t}}function ln(e){if(!e)throw new Error("Token parsing failed: Missing auth token");try{let[t,o]=e.split("?"),r=t.split(".");if(r.length!==3)throw new Error("Invalid JWT format");let n=atob(r[1]),i=JSON.parse(n);o&&new URLSearchParams(o).forEach((u,p)=>{i[p]=u});let s=i["BaseApplication/apiBaseUrl"];if(!s)throw new Error("Token missing apiBaseUrl");let a=i["BaseApplication/websocketBaseUrl"]||"",c=i["BaseApplication/accountBaseUrl"]||s;return{sub:i.sub||"",apiBaseUrl:s,accountBaseUrl:c,websocketBaseUrl:a,userId:i["BaseApplication/userId"]||"",namespace:i["BaseApplication/namespace"]}}catch(t){if(t instanceof Error&&t.message.startsWith("Token"))throw t;let o=t instanceof Error?t.message:"Failed to parse token";throw new Error(`Token parsing failed: ${o}`)}}async function va(e){let t=e.configUrl,o=e.appId,r=e.tenantId;try{let x=await fetch("/foundation-env.json");if(x.ok){let X=await x.json();X.configUrl&&(t=X.configUrl,o=X.applicationId||o,r=X.applicationTenant||r)}}catch{}if(!t)throw new Error("No configUrl provided and /foundation-env.json not found");let n={Accept:"application/json","Cache-Control":"no-cache"};o&&(n["X-Foundation-Mvp-Application-Id"]=o),r&&(n["X-Foundation-Mvp-Tenant-Id"]=r);let i=await fetch(t,{headers:n});if(!i.ok)throw new Error(`Failed to fetch config: ${i.statusText}`);let s=await i.json(),a=s.data??s,c=a.auth||{provider:"none"},d;e.auth&&typeof e.auth=="function"?d=await e.auth(c):e.auth?d=e.auth:d=await Aa(c);let p=xa(d);await p._initUser();let l,m;if(e.baseUrl)l=e.baseUrl,m=e.baseUrl;else if(c.apiUrls?.apiBaseUrl){let x=c.apiUrls;l=x.apiBaseUrl,m=x.accountBaseUrl||l}else{let x=await d.getTokenSilently(),X=ln(x);l=X.apiBaseUrl,m=X.accountBaseUrl}let h=o||a.app?.id||a.tenant?.identifier||"",I=r||a.tenant?.identifier||"",A=a.app?.version||a.core?.version||"0.0.0",S=Ca({appId:h,tenantId:I,version:A,getToken:()=>d.getTokenSilently()}),M={};try{M=await S.request(l,"/api/v1/config/init","GET")||{}}catch(x){console.warn("[Foundation SDK] Backend config fetch failed:",x)}let H={...a,...M},le="";try{let x=await d.getTokenSilently();x&&x!=="none"&&(le=ln(x).namespace||"")}catch{}let ie={get app(){let x=H.app||{};return{id:x.id||h,name:x.name||"",version:x.version||A,environment:x.environment||"",...x}},get features(){return H.features||{}},get plans(){return H.plans||[]},get theme(){let x=H.theme||{};return{colors:x.colors||{},dark:x.dark||{},defaultColorScheme:x.defaultColorScheme}},get connectors(){return H.connectors||{}},get resources(){return H.resources||{}},get auth(){let{provider:x,...X}=c;return{provider:x,...X}},get raw(){return H}},Ee=Tu(S,l),F=Ru(S,l,le),nt=_u(S,m),de=Nu(S,l,m,le),yt=bu(S,l),Et=Uu(),Fe=[];return{get ready(){return Promise.resolve()},get isReady(){return!0},auth:p,db:Ee,files:F,integration:de,account:nt,config:ie,openapi:yt,log:Et,on(x,X){return x==="entity.changed"?(Fe.push(X),()=>{let ro=Fe.indexOf(X);ro>-1&&Fe.splice(ro,1)}):()=>{}}}}function Tu(e,t){return{async list(o,r={}){let{filters:n,limit:i,cursor:s,orderBy:a,orderDir:c}=r,d={...n};return i&&(d.limit=i),s&&(d.next=s),a&&(d.orderBy=a),c&&(d.orderDir=c),e.request(t,`/api/v1/core/${o}`,"GET",{params:d})},async get(o,r){return e.request(t,`/api/v1/core/${o}`,"GET",{params:{id:r}})},async create(o,r){return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})},async update(o,r,n){return e.request(t,`/api/v1/core/${o}`,"PUT",{body:{id:r,...n}})},async save(o,r){try{return await e.request(t,`/api/v1/core/${o}`,"PUT",{body:r})}catch{return e.request(t,`/api/v1/core/${o}`,"POST",{body:r})}},async delete(o,r){await e.request(t,`/api/v1/core/${o}`,"DELETE",{body:{id:r}})}}}function Ru(e,t,o){return{async initiate(r){return e.request(t,"/api/v1/core/upload","POST",{body:{...r,__namespace:o}})},async upload(r){let n;r.file instanceof ArrayBuffer?n=r.file:n=await r.file.arrayBuffer();let i=await e.request(t,"/api/v1/core/upload","POST",{body:{name:r.name,contentType:r.contentType,contentLength:n.byteLength,sha256:r.sha256,__namespace:o}});if(!i.signedUrl||!i.signedData)throw new Error("Missing signedUrl or signedData in response");let s=new FormData;Object.entries(i.signedData).forEach(([c,d])=>{s.append(c,d)}),s.append("file",new Blob([n],{type:r.contentType}),r.name);let a=await fetch(i.signedUrl,{method:"POST",body:s});if(a.status!==204)throw new Error(`S3 upload failed: ${a.status}`);return{id:i.id,name:i.name,status:"uploaded",s3UploadComplete:!0}},async get(r){return e.request(t,"/api/v1/core/files","GET",{params:{id:r,__namespace:o}})},async delete(r){await e.request(t,`/api/v1/core/files/${r}`,"DELETE")},async list(r={}){let n={__namespace:o};r.limit&&(n.limit=r.limit),r.cursor&&(n.cursor=r.cursor);let i=await e.request(t,"/api/v1/core/files","GET",{params:n});return{items:i?.items||[],nextCursor:i?.next}}}}function _u(e,t){return{async get(){return e.request(t,"/api/v1/accounts/account","GET")},async update(o){await e.request(t,"/api/v1/accounts/account","PUT",{body:{user:o}})},async usage(){return e.request(t,"/api/v1/accounts/account/usage","GET")},async resendVerification(){await e.request(t,"/api/v1/accounts/account/resend-verification","POST")}}}function Nu(e,t,o,r){let n={async list(){return e.request(t,"/api/v1/config/connectors","GET")},async connections(){return e.request(t,"/api/v1/core/integrations","GET",{params:{query:"default",__namespace:r}})},async all(){let[i,s]=await Promise.all([n.list(),n.connections()]),a=Array.isArray(i)?i:i?.items||[],c=Array.isArray(s)?s:s?.items||[],d=new Map;for(let u of c){let p=u.source||u.id;d.has(p)||d.set(p,[]),d.get(p).push(u)}return a.map(u=>{let p=d.get(u.id)||[];return{...u,connections:p,connected:p.some(l=>l.connected),connectionCount:p.filter(l=>l.connected).length}})},async status(i){let s=await n.connections(),c=(Array.isArray(s)?s:s?.items||[]).filter(d=>d.source===i&&d.connected);return{connected:c.length>0,connections:c}},async connect(i){return e.request(o,`/api/v1/accounts/integrations/${i}/initialize`,"POST",{body:{__namespace:r}})},async disconnect(i,s){await e.request(o,`/api/v1/accounts/integrations/${i}/remove`,"POST",{body:{configurationId:s}})}};return n}function bu(e,t){return{async get(){return e.request(t,"/api/v1/config/openapi","GET")}}}function Uu(){return{info:(e,t)=>console.log(`[Foundation] ${e}`,t??""),warn:(e,t)=>console.warn(`[Foundation] ${e}`,t??""),error:(e,t)=>console.error(`[Foundation] ${e}`,t??""),event:(e,t)=>console.log(`[Foundation Event] ${e}`,t??"")}}pn("cognito",async e=>{let t=e.cognito;if(!t)throw new Error("Cognito config required");return un.configure({Auth:{Cognito:{userPoolId:t.userPoolId,userPoolClientId:t.clientId,loginWith:{oauth:{domain:t.domain.replace("https://",""),scopes:(t.scope||"openid profile email").split(" "),redirectSignIn:[window.location.origin],redirectSignOut:[window.location.origin],responseType:"code"}}}}}),{login:async()=>{await ir()},logout:async()=>{await cn()},getUser:async()=>{try{let o=await Ze();return{id:o.userId,email:o.signInDetails?.loginId||"",name:o.username}}catch{return}},getTokenSilently:async()=>{let r=(await yo()).tokens?.accessToken?.toString();if(!r)throw new Error("No token");return r},isAuthenticated:async()=>{try{return await Ze(),!0}catch{return!1}},signIn:async(o,r)=>{await bt({username:o,password:r})},signUp:async(o,r,n)=>{await rn({username:o,password:r,options:{userAttributes:{email:o,...n}}})},forgotPassword:async o=>{await nn({username:o})},resetPassword:async(o,r)=>{await sn({username:"",confirmationCode:o,newPassword:r})}}});return Fa(Ou);})();
 /*! Bundled license information:
 js-cookie/dist/js.cookie.mjs: