postex-auth-sdk-stage 2.1.0 → 2.3.0

package/dist/postex-auth-sdk-stage.es.js

@@ -1,137 +1,137 @@
-function O() {
+function R() {
   return typeof window < "u" && typeof window.PublicKeyCredential < "u" && typeof navigator < "u" && typeof navigator.credentials < "u";
 }
-async function j() {
-  if (!O()) return !1;
+async function M() {
+  if (!R()) return !1;
   try {
     return await PublicKeyCredential.isConditionalMediationAvailable?.() ?? !1;
   } catch {
     return !1;
   }
 }
-function N(s) {
-  const e = new Uint8Array(s);
-  let n = "";
+function O(o) {
+  const e = new Uint8Array(o);
+  let r = "";
   for (let t = 0; t < e.byteLength; t++)
-    n += String.fromCharCode(e[t]);
-  return btoa(n);
+    r += String.fromCharCode(e[t]);
+  return btoa(r);
 }
-function C(s) {
-  if (typeof s != "string" || !s)
+function C(o) {
+  if (typeof o != "string" || !o)
     throw new Error("Invalid base64: expected non-empty string");
-  const e = s.replace(/\s/g, "").replace(/-/g, "+").replace(/_/g, "/"), n = e.length % 4, t = n > 0 ? e + "=".repeat(4 - n) : e;
+  const e = o.replace(/\s/g, "").replace(/-/g, "+").replace(/_/g, "/"), r = e.length % 4, t = r > 0 ? e + "=".repeat(4 - r) : e;
   try {
-    const r = atob(t), o = new Uint8Array(r.length);
-    for (let a = 0; a < r.length; a++)
-      o[a] = r.charCodeAt(a);
-    return o.buffer;
+    const s = atob(t), n = new Uint8Array(s.length);
+    for (let a = 0; a < s.length; a++)
+      n[a] = s.charCodeAt(a);
+    return n.buffer;
   } catch {
     throw new Error(
       "Invalid base64: string is not correctly encoded. Check challenge/credentialId from server."
     );
   }
 }
-function p(s) {
-  return N(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+function h(o) {
+  return O(o).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
 }
-function H(s) {
+function j(o) {
   return /^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$/i.test(
-    s
+    o
   );
 }
-function J(s) {
-  const e = s.replace(/-/g, ""), n = new Uint8Array(e.length / 2);
-  for (let t = 0; t < n.length; t++)
-    n[t] = parseInt(e.substr(t * 2, 2), 16);
-  return n.buffer;
+function H(o) {
+  const e = o.replace(/-/g, ""), r = new Uint8Array(e.length / 2);
+  for (let t = 0; t < r.length; t++)
+    r[t] = parseInt(e.substr(t * 2, 2), 16);
+  return r.buffer;
 }
-function b(s) {
-  if (!s || typeof s != "string")
+function P(o) {
+  if (!o || typeof o != "string")
     throw new Error("Invalid input: expected non-empty string");
-  return H(s) ? J(s) : C(s);
+  return j(o) ? H(o) : C(o);
 }
-function T(s) {
-  return new TextEncoder().encode(s).buffer;
+function k(o) {
+  return new TextEncoder().encode(o).buffer;
 }
-function F(s) {
-  return String.fromCharCode(...s);
+function J(o) {
+  return String.fromCharCode(...o);
 }
-const W = "xpay_webauthn", G = 1, u = "passkey_data", _ = "passkey_email", E = "passkey_mobile_number";
-function f() {
-  return new Promise((s, e) => {
-    const n = indexedDB.open(W, G);
-    n.onerror = () => e(n.error), n.onsuccess = () => s(n.result), n.onupgradeneeded = () => {
-      const t = n.result;
+const F = "xpay_webauthn", W = 1, u = "passkey_data", E = "passkey_email", _ = "passkey_mobile_number";
+function m() {
+  return new Promise((o, e) => {
+    const r = indexedDB.open(F, W);
+    r.onerror = () => e(r.error), r.onsuccess = () => o(r.result), r.onupgradeneeded = () => {
+      const t = r.result;
       t.objectStoreNames.contains(u) || t.createObjectStore(u);
     };
   });
 }
-async function Y() {
+async function G() {
   try {
-    const s = await f();
-    return new Promise((e, n) => {
-      const t = s.transaction(u, "readonly"), o = t.objectStore(u).get(_);
-      o.onerror = () => n(o.error), o.onsuccess = () => e(o.result ?? null), t.oncomplete = () => s.close();
+    const o = await m();
+    return new Promise((e, r) => {
+      const t = o.transaction(u, "readonly"), n = t.objectStore(u).get(E);
+      n.onerror = () => r(n.error), n.onsuccess = () => e(n.result ?? null), t.oncomplete = () => o.close();
     });
   } catch {
     return null;
   }
 }
-async function V(s) {
+async function Y(o) {
   try {
-    const e = await f();
-    return new Promise((n, t) => {
-      const r = e.transaction(u, "readwrite"), a = r.objectStore(u).put(s, _);
-      a.onerror = () => t(a.error), a.onsuccess = () => n(), r.oncomplete = () => e.close();
+    const e = await m();
+    return new Promise((r, t) => {
+      const s = e.transaction(u, "readwrite"), a = s.objectStore(u).put(o, E);
+      a.onerror = () => t(a.error), a.onsuccess = () => r(), s.oncomplete = () => e.close();
     });
   } catch {
   }
 }
-async function X() {
+async function V() {
   try {
-    const s = await f();
-    return new Promise((e, n) => {
-      const t = s.transaction(u, "readwrite"), o = t.objectStore(u).delete(_);
-      o.onerror = () => n(o.error), o.onsuccess = () => e(), t.oncomplete = () => s.close();
+    const o = await m();
+    return new Promise((e, r) => {
+      const t = o.transaction(u, "readwrite"), n = t.objectStore(u).delete(E);
+      n.onerror = () => r(n.error), n.onsuccess = () => e(), t.oncomplete = () => o.close();
     });
   } catch {
   }
 }
-async function Z() {
+async function X() {
   try {
-    const s = await f();
-    return new Promise((e, n) => {
-      const t = s.transaction(u, "readonly"), o = t.objectStore(u).get(E);
-      o.onerror = () => n(o.error), o.onsuccess = () => e(o.result ?? null), t.oncomplete = () => s.close();
+    const o = await m();
+    return new Promise((e, r) => {
+      const t = o.transaction(u, "readonly"), n = t.objectStore(u).get(_);
+      n.onerror = () => r(n.error), n.onsuccess = () => e(n.result ?? null), t.oncomplete = () => o.close();
     });
   } catch {
     return null;
   }
 }
-async function Q(s) {
+async function Z(o) {
   try {
-    const e = await f();
-    return new Promise((n, t) => {
-      const r = e.transaction(u, "readwrite"), a = r.objectStore(u).put(s, E);
-      a.onerror = () => t(a.error), a.onsuccess = () => n(), r.oncomplete = () => e.close();
+    const e = await m();
+    return new Promise((r, t) => {
+      const s = e.transaction(u, "readwrite"), a = s.objectStore(u).put(o, _);
+      a.onerror = () => t(a.error), a.onsuccess = () => r(), s.oncomplete = () => e.close();
     });
   } catch {
   }
 }
-async function ee() {
+async function Q() {
   try {
-    const s = await f();
-    return new Promise((e, n) => {
-      const t = s.transaction(u, "readwrite"), o = t.objectStore(u).delete(E);
-      o.onerror = () => n(o.error), o.onsuccess = () => e(), t.oncomplete = () => s.close();
+    const o = await m();
+    return new Promise((e, r) => {
+      const t = o.transaction(u, "readwrite"), n = t.objectStore(u).delete(_);
+      n.onerror = () => r(n.error), n.onsuccess = () => e(), t.oncomplete = () => o.close();
     });
   } catch {
   }
 }
-const S = "dpop_private_key", I = "dpop_public_key_jwk";
-function K(s) {
-  if (!s || typeof s != "object") return !1;
-  const e = s;
+const S = "dpop_private_key", A = "dpop_public_key_jwk";
+function N(o) {
+  if (!o || typeof o != "object") return !1;
+  const e = o;
   return e.kty === "EC" && e.crv === "P-256" && typeof e.x == "string" && typeof e.y == "string";
 }
 class g extends Error {
@@ -139,84 +139,84 @@ class g extends Error {
     super(e), this.name = "DPoPProofGenerationError";
   }
 }
-function te(s) {
+function ee(o) {
   return {
     kty: "EC",
     crv: "P-256",
-    x: s.x,
-    y: s.y
+    x: o.x,
+    y: o.y
   };
 }
-async function q(s) {
+async function K(o) {
   const e = JSON.stringify({
-    crv: s.crv,
-    kty: s.kty,
-    x: s.x,
-    y: s.y
-  }), n = await crypto.subtle.digest(
+    crv: o.crv,
+    kty: o.kty,
+    x: o.x,
+    y: o.y
+  }), r = await crypto.subtle.digest(
     "SHA-256",
     new TextEncoder().encode(e)
   );
-  return p(n);
+  return h(r);
 }
-async function ne(s) {
+async function te(o) {
   try {
-    const e = await f();
-    return new Promise((n, t) => {
-      const r = e.transaction(u, "readwrite"), a = r.objectStore(u).put(s, S);
-      a.onerror = () => t(a.error), a.onsuccess = () => n(), r.oncomplete = () => e.close();
+    const e = await m();
+    return new Promise((r, t) => {
+      const s = e.transaction(u, "readwrite"), a = s.objectStore(u).put(o, S);
+      a.onerror = () => t(a.error), a.onsuccess = () => r(), s.oncomplete = () => e.close();
     });
   } catch (e) {
     console.error("Failed to store DPoP private key:", e);
   }
 }
-async function oe(s) {
+async function re(o) {
   try {
-    const e = await f();
-    return new Promise((n, t) => {
-      const r = e.transaction(u, "readwrite"), a = r.objectStore(u).put(s, I);
-      a.onerror = () => t(a.error), a.onsuccess = () => n(), r.oncomplete = () => e.close();
+    const e = await m();
+    return new Promise((r, t) => {
+      const s = e.transaction(u, "readwrite"), a = s.objectStore(u).put(o, A);
+      a.onerror = () => t(a.error), a.onsuccess = () => r(), s.oncomplete = () => e.close();
     });
   } catch (e) {
     console.error("Failed to store DPoP public key JWK:", e);
   }
 }
-async function $() {
+async function q() {
   try {
-    const s = await f();
-    return new Promise((e, n) => {
-      const t = s.transaction(u, "readonly"), o = t.objectStore(u).get(S);
-      o.onerror = () => n(o.error), o.onsuccess = () => e(o.result ?? null), t.oncomplete = () => s.close();
+    const o = await m();
+    return new Promise((e, r) => {
+      const t = o.transaction(u, "readonly"), n = t.objectStore(u).get(S);
+      n.onerror = () => r(n.error), n.onsuccess = () => e(n.result ?? null), t.oncomplete = () => o.close();
     });
   } catch {
     return null;
   }
 }
-async function B() {
+async function $() {
   try {
-    const s = await f();
-    return new Promise((e, n) => {
-      const t = s.transaction(u, "readonly"), o = t.objectStore(u).get(I);
-      o.onerror = () => n(o.error), o.onsuccess = () => e(o.result ?? null), t.oncomplete = () => s.close();
+    const o = await m();
+    return new Promise((e, r) => {
+      const t = o.transaction(u, "readonly"), n = t.objectStore(u).get(A);
+      n.onerror = () => r(n.error), n.onsuccess = () => e(n.result ?? null), t.oncomplete = () => o.close();
     });
   } catch {
     return null;
   }
 }
-async function U() {
+async function T() {
   try {
-    const s = await f();
-    return new Promise((e, n) => {
-      const t = s.transaction(u, "readwrite"), r = t.objectStore(u);
-      r.delete(S), r.delete(I), t.onerror = () => n(t.error), t.oncomplete = () => {
-        s.close(), e();
+    const o = await m();
+    return new Promise((e, r) => {
+      const t = o.transaction(u, "readwrite"), s = t.objectStore(u);
+      s.delete(S), s.delete(A), t.onerror = () => r(t.error), t.oncomplete = () => {
+        o.close(), e();
       };
     });
   } catch {
   }
 }
-async function re() {
-  const s = await crypto.subtle.generateKey(
+async function ne() {
+  const o = await crypto.subtle.generateKey(
     {
       name: "ECDSA",
       namedCurve: "P-256"
@@ -224,102 +224,102 @@ async function re() {
     !1,
     // Private key is non-extractable
     ["sign", "verify"]
-  ), e = await crypto.subtle.exportKey("jwk", s.publicKey), n = te(e), t = await q(n);
-  return await ne(s.privateKey), await oe(n), { publicKey: n, thumbprint: t };
+  ), e = await crypto.subtle.exportKey("jwk", o.publicKey), r = ee(e), t = await K(r);
+  return await te(o.privateKey), await re(r), { publicKey: r, thumbprint: t };
 }
 async function se() {
-  const s = await $(), e = await B();
-  return s && K(e) ? {
+  const o = await q(), e = await $();
+  return o && N(e) ? {
     publicKey: e,
-    thumbprint: await q(e)
-  } : ((s || e) && await U(), re());
+    thumbprint: await K(e)
+  } : ((o || e) && await T(), ne());
 }
-async function ae(s, e, n) {
+async function oe(o, e, r) {
   try {
-    const t = await $(), r = await B();
-    if (!t || !K(r))
+    const t = await q(), s = await $();
+    if (!t || !N(s))
       throw new g(
         "DPoP key material is unavailable or invalid"
       );
-    const o = {
+    const n = {
       typ: "dpop+jwt",
       alg: "ES256",
-      jwk: r
+      jwk: s
       // Public key in JWK format
     }, a = new URL(
       e,
       typeof window < "u" ? window.location.origin : void 0
-    ), l = `${a.origin}${a.pathname}`, i = {
+    ), l = `${a.origin}${a.pathname}`, c = {
       jti: crypto.randomUUID(),
-      htm: s.toUpperCase(),
+      htm: o.toUpperCase(),
       htu: l,
       iat: Math.floor(Date.now() / 1e3)
     };
-    if (n) {
-      const k = new TextEncoder().encode(n), z = await crypto.subtle.digest("SHA-256", k);
-      i.ath = p(z);
+    if (r) {
+      const z = new TextEncoder().encode(r), L = await crypto.subtle.digest("SHA-256", z);
+      c.ath = h(L);
     }
-    const d = p(
-      new TextEncoder().encode(JSON.stringify(o)).buffer
-    ), c = p(
-      new TextEncoder().encode(JSON.stringify(i)).buffer
-    ), h = `${d}.${c}`, w = await crypto.subtle.sign(
+    const d = h(
+      new TextEncoder().encode(JSON.stringify(n)).buffer
+    ), i = h(
+      new TextEncoder().encode(JSON.stringify(c)).buffer
+    ), p = `${d}.${i}`, f = await crypto.subtle.sign(
       {
         name: "ECDSA",
         hash: { name: "SHA-256" }
       },
       t,
-      new TextEncoder().encode(h)
-    ), m = p(w);
-    return `${d}.${c}.${m}`;
+      new TextEncoder().encode(p)
+    ), w = h(f);
+    return `${d}.${i}.${w}`;
   } catch (t) {
     throw console.error("Failed to generate DPoP proof:", t), t instanceof g ? t : new g("Failed to generate DPoP proof");
   }
 }
-const L = {
-  isWebAuthnSupported: O,
-  isConditionalUISupported: j,
-  arrayBufferToBase64: N,
+const B = {
+  isWebAuthnSupported: R,
+  isConditionalUISupported: M,
+  arrayBufferToBase64: O,
   base64ToArrayBuffer: C,
-  arrayBufferToBase64url: p,
-  base64urlToArrayBuffer: b,
-  stringToArrayBuffer: T,
-  uint8ArrayToString: F,
-  getPasskeyEmail: Y,
-  setPasskeyEmail: V,
-  clearPasskeyEmail: X,
-  getPasskeyMobileNumber: Z,
-  setPasskeyMobileNumber: Q,
-  clearPasskeyMobileNumber: ee
+  arrayBufferToBase64url: h,
+  base64urlToArrayBuffer: P,
+  stringToArrayBuffer: k,
+  uint8ArrayToString: J,
+  getPasskeyEmail: G,
+  setPasskeyEmail: Y,
+  clearPasskeyEmail: V,
+  getPasskeyMobileNumber: X,
+  setPasskeyMobileNumber: Z,
+  clearPasskeyMobileNumber: Q
 };
-typeof window < "u" && (window.WebAuthn = L);
-const ie = typeof window < "u" ? window : globalThis;
-ie.WebAuthn = L;
-const P = "postex-auth-token", ce = "postexglobal", le = {
+typeof window < "u" && (window.WebAuthn = B);
+const ae = typeof window < "u" ? window : globalThis;
+ae.WebAuthn = B;
+const b = "postex-auth-token", ie = "postexglobal", ce = {
   xstak: "https://auth-stage.xstak.com/public/v1",
   postex: "https://auth-stage.postex.pk/public/v1",
   callcourier: "https://auth-stage.callcourier.com.pk/public/v1",
   postexglobal: "https://auth-stage.postexglobal.com/public/v1",
   postexsa: "https://auth-stage.postex.sa/public/v1"
-}, ue = /^[^\s@]+@[^\s@]+\.[^\s@]{2,}$/, de = /^\+[1-9]\d{6,14}$/, he = /^\d{6}$/, pe = /^[A-Za-z0-9_-]{16,512}$/, ye = /[\u0000-\u001F\u007F-\u009F]/, me = /[A-Za-z]/, fe = /[\u0400-\u04FF]/, x = 254, v = 16, A = 64;
-class we extends Error {
-  constructor(e, n, t) {
-    super(t ?? `Request failed with status ${e}`), this.response = { status: e, data: n }, this.name = "AuthSDKFetchError";
+}, le = /^[^\s@]+@[^\s@]+\.[^\s@]{2,}$/, ue = /^\+[1-9]\d{6,14}$/, de = /^\d{6}$/, he = /^[A-Za-z0-9_-]{16,512}$/, pe = /[\u0000-\u001F\u007F-\u009F]/, ye = /[A-Za-z]/, me = /[\u0400-\u04FF]/, v = 254, x = 16, I = 64;
+class fe extends Error {
+  constructor(e, r, t) {
+    super(t ?? `Request failed with status ${e}`), this.response = { status: e, data: r }, this.name = "AuthSDKFetchError";
   }
 }
 class y extends Error {
-  constructor(e, n, t = "invalid_input") {
-    super(n), this.field = e, this.code = t, this.name = "SDKValidationError";
+  constructor(e, r, t = "invalid_input") {
+    super(r), this.field = e, this.code = t, this.name = "SDKValidationError";
   }
 }
-const D = "auth_sdk_id_token", R = "auth_sdk_refresh_token";
-class M {
+const D = "auth_sdk_refresh_token";
+class U {
   constructor(e) {
     this.config = e, this.dpopInitializationPromise = this.createDPoPInitializationPromise();
   }
   getBaseUrl() {
-    const e = this.config.appId ?? ce;
-    return le[e];
+    const e = this.config.appId ?? ie;
+    return ce[e];
   }
   async initializeDPoPState() {
     await se();
@@ -329,85 +329,86 @@ class M {
   }
   createDPoPInitializationPromise() {
     const e = this.initializeDPoPState();
-    return e.catch(() => {
+    return e.catch((r) => {
+      console.warn("[AuthSDK] DPoP initialization failed:", r);
     }), e;
   }
   resetDPoPInitialization() {
     this.dpopInitializationPromise = this.createDPoPInitializationPromise();
   }
-  async getRequiredDPoPProof(e, n, t) {
-    return await this.ensureDPoPInitialized(), ae(e.toUpperCase(), n, t);
+  async getRequiredDPoPProof(e, r, t) {
+    return await this.ensureDPoPInitialized(), oe(e.toUpperCase(), r, t);
   }
   containsControlChars(e) {
-    return ye.test(e);
+    return pe.test(e);
   }
   hasMixedLatinAndCyrillic(e) {
-    return me.test(e) && fe.test(e);
+    return ye.test(e) && me.test(e);
   }
-  assertNoControlChars(e, n) {
-    if (this.containsControlChars(n))
+  assertNoControlChars(e, r) {
+    if (this.containsControlChars(r))
       throw new y(
         e,
         `${e} must not contain control characters`
       );
   }
-  validateEmail(e, n = "email") {
+  validateEmail(e, r = "email") {
     const t = e.trim();
     if (!t)
-      throw new y(n, `${n} is required`);
-    if (t.length > x)
+      throw new y(r, `${r} is required`);
+    if (t.length > v)
       throw new y(
-        n,
-        `${n} must be ${x} characters or fewer`
+        r,
+        `${r} must be ${v} characters or fewer`
       );
-    this.assertNoControlChars(n, t);
-    const [r = ""] = t.split("@");
-    if (this.hasMixedLatinAndCyrillic(r))
+    this.assertNoControlChars(r, t);
+    const [s = ""] = t.split("@");
+    if (this.hasMixedLatinAndCyrillic(s))
       throw new y(
-        n,
-        `${n} must not mix Latin and Cyrillic characters in the local part`
+        r,
+        `${r} must not mix Latin and Cyrillic characters in the local part`
       );
-    if (!ue.test(t))
-      throw new y(n, `${n} must be a valid email`);
+    if (!le.test(t))
+      throw new y(r, `${r} must be a valid email`);
     return t;
   }
-  validateMobileNumber(e, n = "mobileNumber") {
+  validateMobileNumber(e, r = "mobileNumber") {
     const t = e.trim();
     if (!t)
-      throw new y(n, `${n} is required`);
-    if (t.length > v)
+      throw new y(r, `${r} is required`);
+    if (t.length > x)
       throw new y(
-        n,
-        `${n} must be ${v} characters or fewer`
+        r,
+        `${r} must be ${x} characters or fewer`
       );
-    if (this.assertNoControlChars(n, t), !de.test(t))
-      throw new y(n, `${n} must be in E.164 format`);
+    if (this.assertNoControlChars(r, t), !ue.test(t))
+      throw new y(r, `${r} must be in E.164 format`);
     return t;
   }
-  validateOTP(e, n = "otp") {
+  validateOTP(e, r = "otp") {
     const t = e.trim();
-    if (this.assertNoControlChars(n, t), !he.test(t))
-      throw new y(n, `${n} must be a 6-digit code`);
+    if (this.assertNoControlChars(r, t), !de.test(t))
+      throw new y(r, `${r} must be a 6-digit code`);
     return t;
   }
-  validateMagicLinkToken(e, n = "token") {
+  validateMagicLinkToken(e, r = "token") {
     const t = e.trim();
-    if (this.assertNoControlChars(n, t), !pe.test(t))
+    if (this.assertNoControlChars(r, t), !he.test(t))
       throw new y(
-        n,
-        `${n} must be 16-512 URL-safe characters`
+        r,
+        `${r} must be 16-512 URL-safe characters`
       );
     return t;
   }
   validateRealm(e) {
-    const n = e?.trim();
-    if (n) {
-      if (this.assertNoControlChars("realm", n), n.length > A)
+    const r = e?.trim();
+    if (r) {
+      if (this.assertNoControlChars("realm", r), r.length > I)
         throw new y(
           "realm",
-          `realm must be ${A} characters or fewer`
+          `realm must be ${I} characters or fewer`
         );
-      return n;
+      return r;
     }
   }
   normalizeAndValidateIdentifier(e) {
@@ -419,25 +420,25 @@ class M {
   normalizeAuthIdentifier(e) {
     return this.normalizeAndValidateIdentifier(e);
   }
-  extractRealm(e, n) {
-    const t = n?.realm ?? (e && typeof e != "string" ? e.realm : void 0);
+  extractRealm(e, r) {
+    const t = r?.realm ?? (e && typeof e != "string" ? e.realm : void 0);
     return this.validateRealm(t);
   }
-  buildAuthRequestBody(e, n) {
-    const t = this.normalizeAuthIdentifier(e), r = this.extractRealm(e, n);
+  buildAuthRequestBody(e, r) {
+    const t = this.normalizeAuthIdentifier(e), s = this.extractRealm(e, r);
     return {
       ...t,
-      ...r ? { realm: r } : {}
+      ...s ? { realm: s } : {}
     };
   }
-  buildUrl(e, n) {
-    const t = this.getBaseUrl().replace(/\/$/, ""), r = e.startsWith("/") ? e : `/${e}`, o = `${t}${r}`;
-    if (!n || Object.keys(n).length === 0) return o;
-    const a = new URLSearchParams(n).toString();
-    return `${o}?${a}`;
+  buildUrl(e, r) {
+    const t = this.getBaseUrl().replace(/\/$/, ""), s = e.startsWith("/") ? e : `/${e}`, n = `${t}${s}`;
+    if (!r || Object.keys(r).length === 0) return n;
+    const a = new URLSearchParams(r).toString();
+    return `${n}?${a}`;
   }
-  async request(e, n, t) {
-    const r = this.buildUrl(n, t?.params), o = {
+  async request(e, r, t) {
+    const s = this.buildUrl(r, t?.params), n = {
       "Content-Type": "application/json",
       Accept: "application/json",
       "X-API-Key": this.config.apiKey ?? "",
@@ -445,22 +446,22 @@ class M {
     }, a = {
       method: e,
       credentials: "include",
-      headers: o
+      headers: n
     };
     t?.body !== void 0 && t?.body !== null && (a.body = JSON.stringify(t.body));
-    const l = await fetch(r, a);
+    const l = await fetch(s, a);
     if (!l.ok) {
-      let c;
+      let i;
       try {
-        const h = await l.text();
-        c = h ? JSON.parse(h) : void 0;
+        const p = await l.text();
+        i = p ? JSON.parse(p) : void 0;
       } catch {
-        c = void 0;
+        i = void 0;
       }
-      throw l.status === 401 && await this.clearTokens(), new we(l.status, c);
+      throw l.status === 401 && (await this.clearTokens(), await T(), this.resetDPoPInitialization()), new fe(l.status, i);
     }
-    const i = await l.text();
-    return { data: i ? JSON.parse(i) : {} };
+    const c = await l.text();
+    return { data: c ? JSON.parse(c) : {} };
   }
   /**
    * Returns auth headers (Authorization + DPoP) for the given request.
@@ -468,24 +469,24 @@ class M {
    * @param method - HTTP method (e.g. "GET", "POST")
    * @param url - Full request URL
    */
-  async getRequestAuthHeaders(e, n) {
-    const t = localStorage.getItem(P);
+  async getRequestAuthHeaders(e, r) {
+    const t = localStorage.getItem(b);
     if (!t) return {};
-    const r = n.startsWith("http") ? n : `${this.getBaseUrl()}${n}`, o = await this.getRequiredDPoPProof(e, r, t);
+    const s = r.startsWith("http") ? r : `${this.getBaseUrl()}${r}`, n = await this.getRequiredDPoPProof(e, s, t);
     return {
       Authorization: `Bearer ${t}`,
-      DPoP: o
+      DPoP: n
     };
   }
   /**
    * GET /auth/status - Check if client has trusted device session and what auth method is available.
    * Returns no_session | session_found | webauthn_ready per PostEx Auth BFF spec.
    */
-  async getStatus(e, n) {
-    const t = this.normalizeAuthIdentifier(e), r = this.extractRealm(e, n), o = {};
-    t.email && (o.email = t.email), t.mobileNumber && (o.mobileNumber = t.mobileNumber), r && (o.realm = r);
+  async getStatus(e, r) {
+    const t = this.normalizeAuthIdentifier(e), s = this.extractRealm(e, r), n = {};
+    t.email && (n.email = t.email), t.mobileNumber && (n.mobileNumber = t.mobileNumber), s && (n.realm = s);
     const a = await this.request("GET", "/auth/status", {
-      params: o
+      params: n
     });
     return a.data.data ?? a.data;
   }
@@ -493,30 +494,30 @@ class M {
    * POST /auth/initiate - Unified entry: returns webauthn_challenge or otp_sent.
    * Sets auth_session cookie when otp_sent.
    */
-  async initiateAuth(e, n) {
-    const t = this.buildAuthRequestBody(e, n), r = await this.request("POST", "/auth/initiate", {
+  async initiateAuth(e, r) {
+    const t = this.buildAuthRequestBody(e, r), s = await this.request("POST", "/auth/initiate", {
       body: t
-    }), o = r.data.data ?? r.data;
+    }), n = s.data.data ?? s.data;
     return {
-      status: o.status,
-      challenge: o.challenge,
-      credentialIds: o.credentialIds,
-      rp: o.rp
+      status: n.status,
+      challenge: n.challenge,
+      credentialIds: n.credentialIds,
+      rp: n.rp
     };
   }
   /**
    * POST /otp/initiate - Direct OTP initiation using email or mobile number.
    * Requires at least one identifier: email or mobileNumber.
    */
-  async initiateOTP(e, n) {
-    const t = this.normalizeAuthIdentifier(e), r = this.extractRealm(e, n), o = t.email, a = t.mobileNumber;
-    if (!o && !a)
+  async initiateOTP(e, r) {
+    const t = this.normalizeAuthIdentifier(e), s = this.extractRealm(e, r), n = t.email, a = t.mobileNumber;
+    if (!n && !a)
       throw new y(
         "identifier",
         "Either mobileNumber or email is required"
       );
     const l = {};
-    o && (l.email = o), a && (l.mobileNumber = a), r && (l.realm = r);
+    n && (l.email = n), a && (l.mobileNumber = a), s && (l.realm = s);
     const d = (await this.request("POST", "/otp/initiate", {
       body: l
     })).data;
@@ -529,27 +530,25 @@ class M {
    * Stores tokens from the response.
    */
   async verifyOTP(e) {
-    const n = this.validateOTP(e), t = await this.getRequiredDPoPProof(
+    const r = this.validateOTP(e), t = await this.getRequiredDPoPProof(
       "POST",
       `${this.getBaseUrl()}/otp/verify`
-    ), r = await this.request("POST", "/otp/verify", {
-      body: { otp: n },
+    ), s = await this.request("POST", "/otp/verify", {
+      body: { otp: r },
       headers: { DPoP: t }
-    }), o = r.data.data ?? r.data, a = o.AuthenticationResult ?? o, l = a.access_token ?? a.accessToken ?? a.AccessToken, i = a.refresh_token ?? a.refreshToken ?? a.RefreshToken, d = a.id_token ?? a.idToken ?? a.IdToken, c = a.expires_in ?? a.expiresIn ?? a.ExpiresIn ?? 3600, h = a.token_type ?? a.tokenType ?? a.TokenType ?? "Bearer";
+    }), n = s.data.data ?? s.data, a = n.AuthenticationResult ?? n, l = a.access_token ?? a.accessToken ?? a.AccessToken, c = a.refresh_token ?? a.refreshToken ?? a.RefreshToken, d = a.expires_in ?? a.expiresIn, i = a.token_type ?? a.tokenType;
     return l && await this.storeTokens({
       accessToken: l,
-      refreshToken: i ?? "",
-      idToken: d ?? "",
-      expiresIn: c ?? 3600,
-      tokenType: h ?? "Bearer"
+      refreshToken: c,
+      expiresIn: d,
+      tokenType: i
     }), {
       access_token: l,
-      refresh_token: i ?? "",
-      id_token: d ?? "",
-      expires_in: c,
-      token_type: h,
+      refresh_token: c,
+      expires_in: d,
+      token_type: i,
       verified: a.verified,
-      email: a.email ?? a.Email ?? "",
+      email: a.email ?? a.Email,
       ...a
     };
   }
@@ -558,11 +557,11 @@ class M {
    * No payload required, relies on auth_session cookie.
    */
   async resendOTP() {
-    const e = await this.request("POST", "/otp/resend", {}), n = e.data.data ?? e.data;
+    const e = await this.request("POST", "/otp/resend", {}), r = e.data.data ?? e.data;
     return {
-      success: n.success,
-      message: n.message,
-      ...n
+      success: r.success,
+      message: r.message,
+      ...r
     };
   }
   /**
@@ -571,30 +570,28 @@ class M {
    */
   async verifySignupOTP({
     mobileNumber: e,
-    otp: n
+    otp: r
   }) {
-    const t = this.validateMobileNumber(e), r = this.validateOTP(n), o = await this.getRequiredDPoPProof(
+    const t = this.validateMobileNumber(e), s = this.validateOTP(r), n = await this.getRequiredDPoPProof(
       "POST",
       `${this.getBaseUrl()}/otp/signup/verify`
     ), a = await this.request("POST", "/otp/signup/verify", {
-      body: { mobileNumber: t, otp: r },
-      headers: { DPoP: o }
-    }), l = a.data.data ?? a.data, i = l.AuthenticationResult ?? l, d = i.access_token ?? i.accessToken ?? i.AccessToken, c = i.refresh_token ?? i.refreshToken ?? i.RefreshToken, h = i.id_token ?? i.idToken ?? i.IdToken, w = i.expires_in ?? i.expiresIn ?? i.ExpiresIn ?? 3600, m = i.token_type ?? i.tokenType ?? i.TokenType ?? "Bearer";
+      body: { mobileNumber: t, otp: s },
+      headers: { DPoP: n }
+    }), l = a.data.data ?? a.data, c = l.AuthenticationResult ?? l, d = c.access_token ?? c.accessToken ?? c.AccessToken, i = c.refresh_token ?? c.refreshToken ?? c.RefreshToken, p = c.expires_in ?? c.expiresIn, f = c.token_type ?? c.tokenType;
     return d && await this.storeTokens({
       accessToken: d,
-      refreshToken: c ?? "",
-      idToken: h ?? "",
-      expiresIn: w ?? 3600,
-      tokenType: m ?? "Bearer"
+      refreshToken: i,
+      expiresIn: p,
+      tokenType: f
     }), {
       access_token: d,
-      refresh_token: c ?? "",
-      id_token: h ?? "",
-      expires_in: w,
-      token_type: m,
-      verified: i.verified,
-      email: i.email ?? i.Email ?? "",
-      ...i
+      refresh_token: i,
+      expires_in: p,
+      token_type: f,
+      verified: c.verified,
+      email: c.email ?? c.Email,
+      ...c
     };
   }
   /**
@@ -602,11 +599,11 @@ class M {
    */
   async resendSignupOTP({
     mobileNumber: e,
-    email: n = ""
+    email: r = ""
   }) {
-    const t = this.validateMobileNumber(e), r = n ? this.validateEmail(n) : "", o = await this.request("POST", "/otp/signup/resend", {
-      body: { email: r, mobileNumber: t }
-    }), a = o.data.data ?? o.data;
+    const t = this.validateMobileNumber(e), s = r ? this.validateEmail(r) : "", n = await this.request("POST", "/otp/signup/resend", {
+      body: { email: s, mobileNumber: t }
+    }), a = n.data.data ?? n.data;
     return {
       success: a.success,
       message: a.message,
@@ -618,10 +615,10 @@ class M {
    * Sets auth_session cookie on success.
    */
   async verifyMagicLink(e) {
-    const n = this.validateMagicLinkToken(e);
+    const r = this.validateMagicLinkToken(e);
     await this.request("GET", "/verify/magic-link", {
       params: {
-        token: n,
+        token: r,
         redirect_mode: "frontend"
       }
     });
@@ -638,21 +635,19 @@ class M {
       {
         body: {}
       }
-    ), n = e.data.data ?? e.data, t = n.AuthenticationResult ?? n, r = t.access_token ?? t.accessToken ?? t.AccessToken, o = t.refresh_token ?? t.refreshToken ?? t.RefreshToken, a = t.id_token ?? t.idToken ?? t.IdToken, l = t.expires_in ?? t.expiresIn ?? t.ExpiresIn ?? 3600, i = t.token_type ?? t.tokenType ?? t.TokenType ?? "Bearer";
-    return r && await this.storeTokens({
-      accessToken: r,
-      refreshToken: o ?? "",
-      idToken: a ?? "",
-      expiresIn: l ?? 3600,
-      tokenType: i ?? "Bearer"
+    ), r = e.data.data ?? e.data, t = r.AuthenticationResult ?? r, s = t.access_token ?? t.accessToken ?? t.AccessToken, n = t.refresh_token ?? t.refreshToken ?? t.RefreshToken, a = t.expires_in ?? t.expiresIn, l = t.token_type ?? t.tokenType;
+    return s && await this.storeTokens({
+      accessToken: s,
+      refreshToken: n,
+      expiresIn: a,
+      tokenType: l
     }), {
-      access_token: r,
-      refresh_token: o ?? "",
-      id_token: a ?? "",
-      expires_in: l,
-      token_type: i,
+      access_token: s,
+      refresh_token: n,
+      expires_in: a,
+      token_type: l,
       verified: t.verified,
-      email: t.email ?? t.Email ?? "",
+      email: t.email ?? t.Email,
       ...t
     };
   }
@@ -667,37 +662,37 @@ class M {
     return e.data.data ?? e.data;
   }
   async registerPasskey(e) {
-    const n = this.validateEmail(e), t = await this.initiatePasskeyRegistration();
-    let r;
+    const r = this.validateEmail(e), t = await this.initiatePasskeyRegistration();
+    let s;
     if (t?.user?.id)
       try {
-        r = b(t.user.id);
+        s = P(t.user.id);
       } catch {
-        r = T(t.user.id);
+        s = k(t.user.id);
       }
     else
-      r = T(n);
-    const o = (t.pubKeyCredParams ?? [
+      s = k(r);
+    const n = (t.pubKeyCredParams ?? [
       { type: "public-key", alg: -7 },
       { type: "public-key", alg: -257 }
-    ]).map((m) => ({
+    ]).map((w) => ({
       type: "public-key",
-      alg: m.alg
-    })), a = t.excludeCredentials?.map((m) => ({
+      alg: w.alg
+    })), a = t.excludeCredentials?.map((w) => ({
       type: "public-key",
-      id: b(m)
+      id: P(w)
     })), l = {
-      challenge: b(t.challenge),
+      challenge: P(t.challenge),
       rp: {
         name: t.rp?.name ?? "XPay",
         id: t.rp?.id ?? window.location.hostname
       },
       user: {
-        id: r,
-        name: t.user?.name ?? n,
-        displayName: t.user?.displayName ?? n
+        id: s,
+        name: t.user?.name ?? r,
+        displayName: t.user?.displayName ?? r
       },
-      pubKeyCredParams: o,
+      pubKeyCredParams: n,
       excludeCredentials: a,
       timeout: t.timeout ?? 6e4,
       attestation: "direct",
@@ -706,94 +701,92 @@ class M {
         userVerification: "required",
         authenticatorAttachment: "platform"
       }
-    }, i = await navigator.credentials.create({
+    }, c = await navigator.credentials.create({
       publicKey: l
     });
-    if (!i) throw new Error("Credential creation failed");
-    const d = i.response, c = {
-      clientDataJSON: p(d.clientDataJSON),
-      attestationObject: p(d.attestationObject),
-      rawId: p(i.rawId)
+    if (!c) throw new Error("Credential creation failed");
+    const d = c.response, i = {
+      clientDataJSON: h(d.clientDataJSON),
+      attestationObject: h(d.attestationObject),
+      rawId: h(c.rawId)
     };
-    if (!c.rawId) throw new Error("Raw ID is required");
-    const h = await this.getRequiredDPoPProof(
+    if (!i.rawId) throw new Error("Raw ID is required");
+    const p = await this.getRequiredDPoPProof(
       "POST",
       `${this.getBaseUrl()}/webauthn/register/challenge`
-    ), w = await this.request(
+    ), f = await this.request(
       "POST",
       "/webauthn/register/challenge",
       {
-        body: c,
-        headers: { DPoP: h }
+        body: i,
+        headers: { DPoP: p }
       }
     );
-    return w.data.data ?? w.data;
+    return f.data.data ?? f.data;
   }
   /**
    * POST /webauthn/authenticate/challenge - Authenticate with passkey.
    */
   async authenticateWithPasskey({
     challenge: e,
-    rp: n,
+    rp: r,
     credentialIds: t
   }) {
-    const r = await navigator.credentials.get({
+    const s = await navigator.credentials.get({
       publicKey: {
-        challenge: b(e),
-        rpId: n?.host ?? void 0,
-        allowCredentials: t.map((k) => ({
+        challenge: P(e),
+        rpId: r?.host ?? void 0,
+        allowCredentials: t.map((w) => ({
           type: "public-key",
-          id: b(k),
+          id: P(w),
           transports: ["internal"]
         })),
         timeout: 6e4,
         userVerification: "required"
       }
     });
-    if (!r) throw new Error("Authentication failed");
-    const o = r.response, a = {
-      clientDataJSON: p(o.clientDataJSON),
-      authenticatorData: p(
-        o.authenticatorData
+    if (!s) throw new Error("Authentication failed");
+    const n = s.response, a = {
+      clientDataJSON: h(n.clientDataJSON),
+      authenticatorData: h(
+        n.authenticatorData
       ),
-      signature: p(o.signature),
-      rawId: p(r.rawId),
-      userHandle: o.userHandle ? p(o.userHandle) : ""
+      signature: h(n.signature),
+      rawId: h(s.rawId),
+      userHandle: n.userHandle ? h(n.userHandle) : ""
     }, l = await this.getRequiredDPoPProof(
       "POST",
       `${this.getBaseUrl()}/webauthn/authenticate/challenge`
-    ), i = await this.request(
+    ), c = await this.request(
       "POST",
       "/webauthn/authenticate/challenge",
       {
         body: a,
         headers: { DPoP: l }
       }
-    ), d = i.data.data ?? i.data, c = d.AuthenticationResult ?? d, h = c.AccessToken ?? c.accessToken ?? c.access_token, w = c.RefreshToken ?? c.refreshToken ?? c.refresh_token, m = c.IdToken ?? c.idToken ?? c.id_token;
-    return h && await this.storeTokens({
-      accessToken: h,
-      refreshToken: w ?? "",
-      idToken: m ?? "",
-      expiresIn: c.expiresIn ?? c.ExpiresIn ?? 3600,
-      tokenType: c.tokenType ?? c.token_type ?? "Bearer"
+    ), d = c.data.data ?? c.data, i = d.AuthenticationResult ?? d, p = i.AccessToken ?? i.accessToken ?? i.access_token, f = i.RefreshToken ?? i.refreshToken ?? i.refresh_token;
+    return p && await this.storeTokens({
+      accessToken: p,
+      refreshToken: f,
+      expiresIn: i.expiresIn ?? i.ExpiresIn,
+      tokenType: i.tokenType ?? i.token_type
     }), {
-      access_token: h,
-      refresh_token: w ?? "",
-      id_token: m,
-      email: c.email,
-      name: c.name ?? c.userName,
-      expiresIn: c.expiresIn ?? c.ExpiresIn,
-      tokenType: c.tokenType ?? c.token_type,
-      ...c
+      access_token: p,
+      refresh_token: f,
+      email: i.email,
+      name: i.name ?? i.userName,
+      expiresIn: i.expiresIn ?? i.ExpiresIn,
+      tokenType: i.tokenType ?? i.token_type,
+      ...i
     };
   }
   /**
    * GET /webauthn/credentials/:username - Get user's passkey status.
    */
   async getPasskeyStatus(e) {
-    const t = `/webauthn/credentials/${encodeURIComponent(e)}`, r = await this.signRequest("GET", t), o = await this.request("GET", t, {
-      headers: r.headers
-    }), a = o.data.data ?? o.data;
+    const t = `/webauthn/credentials/${encodeURIComponent(e)}`, s = await this.signRequest("GET", t), n = await this.request("GET", t, {
+      headers: s.headers
+    }), a = n.data.data ?? n.data;
     return {
       ...a,
       hasCredentials: !!(a.hasCredentials ?? a.credentialId)
@@ -803,38 +796,38 @@ class M {
    * DELETE /webauthn/credentials/:username - Remove passkey.
    */
   async removePasskey(e) {
-    const t = `/webauthn/credentials/${encodeURIComponent(e)}`, r = await this.signRequest("DELETE", t);
+    const t = `/webauthn/credentials/${encodeURIComponent(e)}`, s = await this.signRequest("DELETE", t);
     await this.request("DELETE", t, {
-      headers: r.headers
+      headers: s.headers
     });
   }
   /**
    * Signs a request with DPoP and Authorization headers (internal use).
    */
-  async signRequest(e, n, t = {}) {
-    const r = n.startsWith("http") ? n : `${this.getBaseUrl()}${n}`, o = await this.getRequestAuthHeaders(e, r);
-    return { ...t, headers: { ...t.headers, ...o } };
+  async signRequest(e, r, t = {}) {
+    const s = r.startsWith("http") ? r : `${this.getBaseUrl()}${r}`, n = await this.getRequestAuthHeaders(e, s);
+    return { ...t, headers: { ...t.headers, ...n } };
   }
   /**
    * Replaces native fetch or Axios with a DPoP-signed version.
    */
-  async authenticatedFetch(e, n) {
-    const t = typeof e == "string" ? e : e instanceof URL ? e.toString() : e.url, r = n?.method || "GET", o = await this.signRequest(r, t, {
-      headers: n?.headers
+  async authenticatedFetch(e, r) {
+    const t = typeof e == "string" ? e : e instanceof URL ? e.toString() : e.url, s = r?.method || "GET", n = await this.signRequest(s, t, {
+      headers: r?.headers
     });
-    return fetch(e, { ...n, headers: o.headers });
+    return fetch(e, { ...r, headers: n.headers });
   }
   /**
    * Store tokens from /webauthn/authenticate (per spec: sessionStorage preferred).
    */
   async storeTokens(e) {
-    localStorage.setItem(P, e.accessToken), e.refreshToken && localStorage.setItem(R, e.refreshToken), e.idToken && localStorage.setItem(D, e.idToken);
+    localStorage.setItem(b, e.accessToken), e.refreshToken && localStorage.setItem(D, e.refreshToken);
   }
   /**
    * Clear stored tokens (call on logout).
    */
   async clearTokens() {
-    localStorage.removeItem(P), localStorage.removeItem(D), localStorage.removeItem(R);
+    localStorage.removeItem(b), localStorage.removeItem(D);
   }
   /**
    * POST /auth/refresh - Refresh access token using server-stored refresh token.
@@ -842,19 +835,17 @@ class M {
    * Rate limit: 10 requests per minute.
    */
   async refreshToken(e) {
-    const n = this.extractRealm(void 0, e), t = await this.request("POST", "/auth/refresh", {
-      body: n ? { realm: n } : {}
-    }), r = t.data.data ?? t.data, o = r.access_token, a = r.id_token ?? "", l = r.token_type ?? "Bearer", i = r.expires_in ?? 3600;
-    return o && await this.storeTokens({
-      accessToken: o,
-      idToken: a,
-      expiresIn: i,
-      tokenType: l
+    const r = this.extractRealm(void 0, e), t = await this.request("POST", "/auth/refresh", {
+      body: r ? { realm: r } : {}
+    }), s = t.data.data ?? t.data, n = s.access_token, a = s.token_type, l = s.expires_in;
+    return n && await this.storeTokens({
+      accessToken: n,
+      expiresIn: l,
+      tokenType: a
     }), {
-      access_token: o,
-      id_token: a,
-      token_type: l,
-      expires_in: i
+      access_token: n,
+      token_type: a,
+      expires_in: l
     };
   }
   /**
@@ -863,35 +854,35 @@ class M {
    */
   async logout() {
     try {
-      const n = await this.getAccessToken() ? await this.signRequest("POST", "/auth/logout", { body: {} }) : { body: {} };
-      await this.request("POST", "/auth/logout", n), await U(), this.resetDPoPInitialization();
+      const r = await this.getAccessToken() ? await this.signRequest("POST", "/auth/logout", { body: {} }) : { body: {} };
+      await this.request("POST", "/auth/logout", r), await T(), this.resetDPoPInitialization();
     } catch {
     }
     await this.clearTokens();
   }
   async getAccessToken() {
-    return localStorage.getItem(P);
+    return localStorage.getItem(b);
   }
 }
-typeof window < "u" && (window.AuthSDK = M);
-const be = typeof window < "u" ? window : globalThis;
-be.AuthSDK = M;
+typeof window < "u" && (window.AuthSDK = U);
+const we = typeof window < "u" ? window : globalThis;
+we.AuthSDK = U;
 export {
-  M as AuthSDK,
-  we as AuthSDKFetchError,
+  U as AuthSDK,
+  fe as AuthSDKFetchError,
   y as SDKValidationError,
-  N as arrayBufferToBase64,
-  p as arrayBufferToBase64url,
+  O as arrayBufferToBase64,
+  h as arrayBufferToBase64url,
   C as base64ToArrayBuffer,
-  b as base64urlToArrayBuffer,
-  X as clearPasskeyEmail,
-  ee as clearPasskeyMobileNumber,
-  Y as getPasskeyEmail,
-  Z as getPasskeyMobileNumber,
-  j as isConditionalUISupported,
-  O as isWebAuthnSupported,
-  V as setPasskeyEmail,
-  Q as setPasskeyMobileNumber,
-  T as stringToArrayBuffer,
-  F as uint8ArrayToString
+  P as base64urlToArrayBuffer,
+  V as clearPasskeyEmail,
+  Q as clearPasskeyMobileNumber,
+  G as getPasskeyEmail,
+  X as getPasskeyMobileNumber,
+  M as isConditionalUISupported,
+  R as isWebAuthnSupported,
+  Y as setPasskeyEmail,
+  Z as setPasskeyMobileNumber,
+  k as stringToArrayBuffer,
+  J as uint8ArrayToString
 };