woodsportal-client-sdk 4.0.7-dev.1 → 4.0.7-dev.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (24) hide show
  1. package/dist/adapters/angular/index.js +3 -3
  2. package/dist/adapters/react/index.js +3 -3
  3. package/dist/adapters/vue/index.js +3 -3
  4. package/dist/{chunk-PFOSN7EB.js → chunk-4DP7JV7Q.js} +5 -3
  5. package/dist/chunk-4DP7JV7Q.js.map +1 -0
  6. package/dist/{chunk-FJAOCLB4.js → chunk-BYJ7ZV6J.js} +5 -5
  7. package/dist/{chunk-FJAOCLB4.js.map → chunk-BYJ7ZV6J.js.map} +1 -1
  8. package/dist/{chunk-BURJ2NUL.js → chunk-EFX2ISVS.js} +3 -3
  9. package/dist/{chunk-BURJ2NUL.js.map → chunk-EFX2ISVS.js.map} +1 -1
  10. package/dist/{chunk-OFPD644E.js → chunk-FWXC23QP.js} +4 -4
  11. package/dist/{chunk-OFPD644E.js.map → chunk-FWXC23QP.js.map} +1 -1
  12. package/dist/{chunk-WNE4LSVH.js → chunk-V32OMFDK.js} +4 -4
  13. package/dist/{chunk-WNE4LSVH.js.map → chunk-V32OMFDK.js.map} +1 -1
  14. package/dist/{chunk-HAXXPW65.js → chunk-VKXFR4EZ.js} +4 -4
  15. package/dist/{chunk-HAXXPW65.js.map → chunk-VKXFR4EZ.js.map} +1 -1
  16. package/dist/{chunk-6YOL5LPB.js → chunk-YOSZWNJA.js} +4 -4
  17. package/dist/{chunk-6YOL5LPB.js.map → chunk-YOSZWNJA.js.map} +1 -1
  18. package/dist/{cross-tab-session-TUFJ6KU7.js → cross-tab-session-HYXWGZSD.js} +5 -5
  19. package/dist/{cross-tab-session-TUFJ6KU7.js.map → cross-tab-session-HYXWGZSD.js.map} +1 -1
  20. package/dist/entries/auth.js +4 -4
  21. package/dist/entries/crm.js +4 -4
  22. package/dist/index.js +8 -8
  23. package/package.json +1 -1
  24. package/dist/chunk-PFOSN7EB.js.map +0 -1
package/dist/{chunk-HAXXPW65.js → chunk-VKXFR4EZ.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { getAuthRefreshToken, createMutation, Client } from './chunk-WNE4LSVH.js';
2
- import { getParam, actions6 } from './chunk-PFOSN7EB.js';
1
+ import { getAuthRefreshToken, createMutation, Client } from './chunk-V32OMFDK.js';
2
+ import { getParam, actions6 } from './chunk-4DP7JV7Q.js';
3
3
  import { hasRefreshSession, isAccessTokenExpired, hydrateSessionRefreshState, clearSessionRefreshExhaustedState, resetSessionAuthState, isRefreshInFlight, isSessionRefreshExhausted, didLastRefreshFail, hasValidAccessToken, isExpiresAccessToken, isAuthenticateApp, isAuthenticated, clearAccessToken, getAccessToken, refreshSession, getRefreshToken, setAccessToken, logger, setPortal, setSubscriptionType, setRefreshToken, setLoggedInDetails, setConfig } from './chunk-B2OVKOJU.js';
4
4
  import { isCookieExpired, clearClientAuthCookies } from './chunk-YNOZWRK3.js';
5
5
 
@@ -724,5 +724,5 @@ function resolveAuthRouteAction(input) {
724
724
  }
725
725
 
726
726
  export { authApi, hasAuthenticatedAccess, hasValidAccess, isFullyAuthenticated, isMfaPendingSession, recoverMfaGateOnBoot, resolveAuthRouteAction };
727
- //# sourceMappingURL=chunk-HAXXPW65.js.map
728
- //# sourceMappingURL=chunk-HAXXPW65.js.map
727
+ //# sourceMappingURL=chunk-VKXFR4EZ.js.map
728
+ //# sourceMappingURL=chunk-VKXFR4EZ.js.map
package/dist/{chunk-HAXXPW65.js.map → chunk-VKXFR4EZ.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/main/core/auth/session-contract.ts","../src/main/core/http/session-persistence-error.ts","../src/main/core/http/login-session.ts","../src/main/features/auth/api/authentication.ts","../src/main/features/auth/api/mfa.ts","../src/main/features/auth/api/security.ts","../src/main/features/auth/api/login-bootstrap.ts","../src/main/features/auth/api/sso.ts","../src/main/features/auth/api/users.ts","../src/main/api/nested-auth-api.ts","../src/main/core/auth/bootstrap-contract.ts","../src/main/core/auth/route-guard-contract.ts"],"names":["actions"],"mappings":";;;;;;AAgBO,SAAS,eAAe,KAAA,EAAsC;AACjE,EAAA,OAAO,KAAA,CAAM,cAAA,EAAe,IAAK,CAAC,MAAM,oBAAA,EAAqB;AACjE;AAEO,SAAS,qBAAqB,KAAA,EAAsC;AACvE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,KAAA;AAAA,EACX;AACA,EAAA,IAAI,cAAA,CAAe,KAAK,CAAA,EAAG;AACvB,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,OAAO,MAAM,iBAAA,EAAkB;AACnC;AAEO,SAAS,oBAAoB,KAAA,EAAsC;AACtE,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,YAAA,IAAgB,CAAA;AACzC;AAEO,SAAS,uBAAuB,KAAA,EAAsC;AACzE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,cAAA,EAAgB,CAAA;AAAA,EACzC;AACA,EAAA,OAAO,eAAe,KAAK,CAAA;AAC/B;;;ACtCO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/C,YAAY,OAAA,EAAiB;AACzB,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,yBAAA;AAAA,EAChB;AACJ,CAAA;;;ACAA,SAAS,gBAAgB,QAAA,EAAoC;AACzD,EAAA,OAAQ,QAAA,EAAU,IAAA,IAAQ,QAAA,IAAY,EAAC;AAC3C;AAMA,eAAsB,qBAAqB,QAAA,EAA6B;AACpE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,EAAA,MAAM,eAAA,GAAuB,IAAA,EAAM,eAAA,IAAmB,EAAC;AACvD,EAAA,MAAM,aAAA,GAAqB,eAAA,EAAiB,aAAA,IAAiB,EAAC;AAC9D,EAAA,MAAM,eAAA,GAAuB,eAAe,QAAA,IAAY,IAAA;AACxD,EAAA,MAAM,gBAAA,GAAmB,iBAAiB,gBAAA,IAAoB,OAAA;AAE9D,EAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,EAAA,MAAM,eAAe,SAAA,EAAW,YAAA;AAChC,EAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,EAAA,MAAM,mBAAmB,SAAA,EAAW,gBAAA;AACpC,EAAA,MAAM,aAAa,SAAA,EAAW,gBAAA;AAE9B,EAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,EAAU;AACrC,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,oCAAA,EAAsC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AAChG,IAAA,MAAM,IAAI,wBAAwB,oEAAoE,CAAA;AAAA,EAC1G;AAEA,EAAA,IAAI,CAAC,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACnD,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,qCAAA,EAAuC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AACjG,IAAA,MAAM,IAAI,wBAAwB,qEAAqE,CAAA;AAAA,EAC3G;AAEA,EAAA,SAAA,CAAU,aAAa,CAAA;AACvB,EAAA,mBAAA,CAAoB,gBAAgB,CAAA;AACpC,EAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AACrC,EAAA,MAAM,eAAA,CAAgB,YAAA,EAAc,gBAAA,IAAoB,UAAU,CAAA;AAClE,EAAA,MAAM,mBAAmB,IAAI,CAAA;AAC7B,EAAAA,QAAA,CAAY,UAAA,CAAW,UAAU,IAAA,IAAQ,IAAA,GAAO,WAAW,EAAE,IAAA,EAAM,MAAM,CAAA;AAEzE,EAAA,SAAA,CAAU,eAAe,eAAe,CAAA;AAExC,EAAA,OAAO,QAAA;AACX;AAOA,eAAsB,mBAAmB,QAAA,EAA6B;AAClE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,IAAI,IAAA,EAAM,sBAAsB,IAAA,EAAM;AAClC,IAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,IAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,IAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,IAAA,IAAI,KAAA,EAAO;AACP,MAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AAAA,IACzC;AACA,IAAA,OAAO,QAAA;AAAA,EACX;AACA,EAAA,OAAO,qBAAqB,QAAQ,CAAA;AACxC;;;AClDO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAQO,SAAS,MAAM,OAAA,EAAmD;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAiB;AAClG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,MAAM,OAAO,CAAA;AAC3D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,KAAA,EAAO,MAAA;AAAA,IACP;AAAA,GACJ;AACJ;AAuBO,SAAS,QAAQ,OAAA,EAAmD;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAsD,OAAO,OAAA,KAAY;AACnG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,QAAQ,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAmD;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwD,OAAO,OAAA,KAAmC;AAC5H,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAQ,CAAA;AACpE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwC,OAAO,OAAA,KAAiB;AAC1F,IAAA,MAAM,kBAAA,GAAyC,WAAW,EAAC;AAC3D,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,kBAAA,EAAoB,KAAA,EAAO,kBAAA,CAAmB,KAAA,GAAQ,KAAA;AAC3D,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,kBAAkB,CAAA;AAChF,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;AAEO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqD,OAAO,OAAA,KAAiB;AACvG,IAAA,MAAM,+BAAA,GAAmE,WAAW,EAAC;AACrF,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,+BAAA,EAAiC,KAAA,EAAO,+BAAA,CAAgC,KAAA,GAAQ,KAAA;AACrF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,yBAAyB,+BAA+B,CAAA;AAC1G,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,wBAAA,EAA0B,MAAA;AAAA,IAC1B;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA0C,OAAO,OAAA,KAAiB;AAC5F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAO,CAAA;AACvE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,eAAe,OAAO,CAAA;AACxE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,OAAO,OAAA,EAAqC;AACxD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,IAAI;AACA,MAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,MAAA,EAAO;AACzD,MAAA,OAAO,QAAA;AAAA,IACX,CAAA,SAAE;AACE,MAAA,gBAAA,EAAiB;AACjB,MAAA,sBAAA,EAAuB;AAAA,IAC3B;AAAA,EACJ,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,MAAA,EAAQ,MAAA;AAAA,IACR;AAAA,GACJ;AACJ;AAEO,SAAS,qBAAqB,OAAA,EAAqC;AACtE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,qBAAqB,OAAO,CAAA;AAC9E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,oBAAA,EAAsB,MAAA;AAAA,IACtB;AAAA,GACJ;AACJ;AAEO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,OAAO,CAAA;AACrE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;AChMO,SAAS,UAAU,OAAA,EAAmD;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA4D,OAAO,OAAA,KAAuC;AACpI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,UAAU,OAAQ,CAAA;AAChE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,SAAA,EAAU;AAClD;AAQO,SAAS,WAAW,OAAA,EAAqC;AAC5D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAgC,MAAA,CAAO,GAAA,CAAI,eAAe,OAAQ,CAAA;AAAA,IACzE;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,UAAA,EAAY,QAAQ,SAAA,EAAU;AACpE;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA8C,MAAA,CAAO,GAAA,CAAI,sBAAsB,OAAQ,CAAA;AAAA,IAC9F;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AASO,SAAS,qBAAqB,OAAA,EAAmD;AACpF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA6C;AAChD,MAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,qBAAqB,OAAQ,CAAA;AAChE,MAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,MAAA,OAAO,QAAA;AAAA,IACX,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,EAAQ,SAAA,EAAU;AAC7D;AAQO,SAAS,aAAa,OAAA,EAAqD;AAC9E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAa,MAAM,MAAA,CAAO,GAAA,CAAI,UAAU,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAA,EAAc,QAAQ,SAAA,EAAU;AACxE;AAQO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,cAAA,CAAe,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACvD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAQ,iBAAA,EAAmB,QAAQ,SAAA,EAAU;AAClF;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA8D,OAAO,OAAA,KAAY;AAC3G,IAAA,MAAM,EAAE,UAAU,GAAG,IAAA,KAAS,OAAA,IAAW,EAAE,OAAO,EAAA,EAAG;AACrD,IAAA,OAAO,MAAA,CAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EACxF,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgE,OAAO,OAAA,KAAY;AAC7G,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,WAAW,EAAE,KAAA,EAAO,EAAA,EAAI,IAAA,EAAM,EAAA,EAAG;AAC/D,IAAA,OAAO,MAAA,CAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EAC1F,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,gBAAgB,OAAA,EAAqC;AACjE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,eAAA,CAAgB,OAAO,CAAA,EAAG,OAAO,CAAA;AAE7I,EAAA,OAAO,EAAE,MAAA,EAAQ,eAAA,EAAiB,MAAA,EAAQ,SAAA,EAAU;AACxD;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAsC,MAAA,CAAO,GAAA,CAAI,iBAAiB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyD,OAAO,OAAA,KAAkD;AAC5I,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,WAAA,CAAY,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EACpD,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,SAAA,EAAU;AACpD;AAOO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,aAAA,CAAc,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACtD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,SAAA,EAAU;AACtD;AAOO,SAAS,sBAAsB,OAAA,EAAwD;AAC1F,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA4D;AAC/D,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,qBAAA,CAAsB,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IAC9D,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AAOO,SAAS,UAAU,OAAA,EAAqC;AAC3D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAuD,OAAO,OAAA,KAAgD;AACxI,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EAC/C,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,MAAA,EAAQ,SAAA,EAAW,QAAQ,SAAA,EAAU;AAClE;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,uBAAuB,OAAA,EAAqC;AACxE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,uBAAuB,OAAQ,CAAA;AAAA,IACrF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,sBAAA,EAAwB,MAAA,EAAQ,SAAA,EAAU;AAC/D;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG,OAAO,CAAA;AAEjJ,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAuE;AAC1E,MAAA,MAAM,EAAE,kBAAA,EAAoB,QAAA,EAAS,GAAI,OAAA;AACzC,MAAA,OAAO,OAAO,GAAA,CAAI,wBAAA,CAAyB,kBAAA,EAAoB,EAAE,UAAU,CAAA;AAAA,IAC/E,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,wBAAA,EAA0B,MAAA,EAAQ,SAAA,EAAU;AACjE;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAyC,MAAA,CAAO,GAAA,CAAI,oBAAoB,OAAQ,CAAA;AAAA,IACvF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AASO,SAAS,mBAAmB,OAAA,EAAmD;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA6D,OAAO,OAAA,KAAwC;AACtI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;;;AC7VO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,iBAAiB,OAAO,CAAA;AAAA,IAC3D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,wBAAA,EAA0B,QAAQ,SAAA,EAAU;AAC3F;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA2C,MAAA,CAAO,QAAA,CAAS,cAAc,OAAQ,CAAA;AAAA,IACxF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,qBAAA,EAAuB,QAAQ,SAAA,EAAU;AACrF;AAQO,SAAS,4BAA4B,OAAA,EAAqC;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,mBAAA,CAAoB,SAAS,YAAY,CAAA;AAAA,IAC5E;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,2BAAA,EAA6B,QAAQ,SAAA,EAAU;AACjG;;;AChFO,SAAS,kBAAkB,OAAA,EAA8E;AAC5G,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAoD;AACpG,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;;;ACVO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,aAAA,EAAc;AACrD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,eAAe,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,YAAY,OAAO,CAAA;AAC1D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;ACzCA,IAAI,iBAAA,GAAyC,IAAA;AAE7C,eAAe,WAAA,GAAc;AACzB,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACpB,IAAA,iBAAA,GAAoB,MAAA,CAAO,IAAA,CAAK,EAAA,EAAG,CAAE,QAAQ,MAAM;AAC/C,MAAA,iBAAA,GAAoB,IAAA;AAAA,IACxB,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,iBAAA;AACX;AAEO,SAAS,GAAG,OAAA,EAAqC;AACpD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,WAAA,EAAY;AACxC,IAAAA,QAAA,CAAY,WAAW,QAAQ,CAAA;AAC/B,IAAA,OAAO,QAAA,EAAU,IAAA;AAAA,EACrB,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,EAAA,EAAI,MAAA;AAAA,IACJ;AAAA,GACJ;AACJ;AAEO,SAAS,QAAQ,OAAA,EAAqC;AACzD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,OAAO,CAAA;AACvD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,cAAc,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAKO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,eAAe,OAAO,CAAA;AAC9D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;;;ACMO,IAAM,OAAA,GAAU;AAAA,EACnB,QAAA;AAAA,EACA,KAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EACA,QAAA;AAAA,EACA,WAAA;AAAA,EACA,oBAAA;AAAA,EACA,cAAA;AAAA,EACA,aAAA;AAAA,EACA,wBAAA;AAAA,EACA,iBAAA;AAAA,EACA,WAAA;AAAA,EACA,cAAA;AAAA,EACA,EAAA;AAAA,EACA,OAAA;AAAA,EACA,aAAA,EAAe,aAAA;AAAA,EACf,GAAA,EAAK;AAAA,IACD,SAAA;AAAA,IACA,OAAA,EAAS,UAAA;AAAA,IACT,qBAAA;AAAA,IACA,oBAAA;AAAA,IACA,SAAA,EAAW,YAAA;AAAA,IACX,cAAA,EAAgB,iBAAA;AAAA,IAChB,gBAAA;AAAA,IACA,kBAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,WAAA;AAAA,IACA,aAAA;AAAA,IACA,qBAAA;AAAA,IACA,MAAA,EAAQ,SAAA;AAAA,IACR,SAAA;AAAA,IACA,uBAAA;AAAA,IACA,sBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,uBAAA;AAAA,IACA,wBAAA;AAAA,IACA,mBAAA;AAAA,IACA;AAAA,GACJ;AAAA,EACA,QAAA,EAAU;AAAA,IACN,WAAA,EAAa,mBAAA;AAAA,IACb,gBAAA,EAAkB,wBAAA;AAAA,IAClB,WAAA,EAAa,mBAAA;AAAA,IACb,aAAA,EAAe,qBAAA;AAAA,IACf,mBAAA,EAAqB;AAAA,GACzB;AAAA,EACA,cAAA,EAAgB,iBAAA;AAAA,EAChB,GAAA,EAAK;AAAA,IACD,UAAA,EAAY,aAAA;AAAA,IACZ,WAAA,EAAa,cAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACd;AAAA,EACA,OAAA,EAAS;AAAA,IACL,eAAA;AAAA,IACA,cAAA;AAAA,IACA,kBAAA,EAAoB,mBAAA;AAAA,IACpB,cAAA;AAAA,IACA,gBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,oBAAA;AAAA,IACA,oBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,yBAAA;AAAA,IACA,iBAAA;AAAA,IACA,qBAAA;AAAA,IACA,iCAAA;AAAA,IACA,0BAAA;AAAA,IACA,UAAU,OAA6B;AAAA,MACnC,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACJ,CAAA;AAAA,IACA,oBAAA,EAAsB,MAClB,oBAAA,CAA6B;AAAA,MACzB,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,sBAAA,EAAwB,MACpB,sBAAA,CAA+B;AAAA,MAC3B,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,cAAA,EAAgB,MACZ,cAAA,CAAe;AAAA,MACX,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH;AAAA;AAEb;;;AClKO,SAAS,qBAAqB,KAAA,EAAoD;AACrF,EAAA,MAAM,UAAA,GAAa,MAAM,aAAA,EAAc;AACvC,EAAA,MAAM,QAAA,GAAW,MAAM,cAAA,EAAe;AACtC,EAAA,MAAM,UAAA,GAAa,MAAM,eAAA,EAAgB;AAEzC,EAAA,IAAI,cAAc,QAAA,EAAU;AACxB,IAAA,OAAO,SAAA;AAAA,EACX;AAEA,EAAA,IAAI,UAAA,IAAc,CAAC,QAAA,EAAU;AACzB,IAAA,KAAA,CAAM,cAAA,EAAe;AACrB,IAAA,OAAO,gBAAA;AAAA,EACX;AAEA,EAAA,IAAI,QAAA,IAAY,CAAC,UAAA,IAAc,CAAC,UAAA,EAAY;AACxC,IAAA,KAAA,CAAM,qBAAA,EAAsB;AAC5B,IAAA,OAAO,qBAAA;AAAA,EACX;AAEA,EAAA,OAAO,MAAA;AACX;;;ACNO,SAAS,uBAAuB,KAAA,EAAqD;AACxF,EAAA,MAAM;AAAA,IACF,QAAA;AAAA,IACA,iBAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,WAAA,GAAc,KAAA;AAAA,IACd,gBAAA,GAAmB,KAAA;AAAA,IACnB,uBAAA,GAA0B;AAAA,GAC9B,GAAI,KAAA;AAEJ,EAAA,IAAI,WAAA,EAAa;AACb,IAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,EAC3B;AAEA,EAAA,IAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG;AAC9B,IAAA,IAAI,aAAa,QAAA,EAAU;AACvB,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,cAAA,EAAe;AAAA,EAClC;AAEA,EAAA,IAAI,gBAAA,IAAoB,CAAC,uBAAA,EAAyB;AAC9C,IAAA,OAAO,EAAE,MAAM,aAAA,EAAc;AAAA,EACjC;AAEA,EAAA,IAAI,uBAAA,IAA2B,CAAC,cAAA,CAAe,OAAO,CAAA,EAAG;AACrD,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,MAAM,aAAA,GAAgB,qBAAqB,OAAO,CAAA;AAElD,EAAA,IAAI,CAAC,aAAA,EAAe;AAChB,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,IAAI,MAAA,EAAQ;AACR,IAAA,IAAI,MAAA,CAAO,kBAAkB,KAAA,EAAO;AAChC,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,cAAA,EAAe;AAAA,IAC3D;AACA,IAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACf,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,YAAA,EAAa;AAAA,IACzD;AACA,IAAA,IAAI,CAAC,OAAO,QAAA,EAAU;AAClB,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,eAAA,EAAgB;AAAA,IAC5D;AAAA,EACJ;AAEA,EAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAC3B","file":"chunk-HAXXPW65.js","sourcesContent":["/**\n * Shared session predicates for client and admin portals.\n * Apps supply lane-specific refresh hints (cookie name / timing cookie).\n */\n\nexport type SessionContractInput = {\n /** In-memory access JWT present. */\n hasAccessToken: () => boolean\n /** Access JWT expired or within proactive refresh buffer. */\n isAccessTokenExpired: () => boolean\n /** Refresh session still valid (cookie / timing hint). */\n hasRefreshSession: () => boolean\n /** MFA gate: temp JWT + pending context. */\n isMfaPending?: () => boolean\n}\n\nexport function hasValidAccess(input: SessionContractInput): boolean {\n return input.hasAccessToken() && !input.isAccessTokenExpired()\n}\n\nexport function isFullyAuthenticated(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return false\n }\n if (hasValidAccess(input)) {\n return true\n }\n return input.hasRefreshSession()\n}\n\nexport function isMfaPendingSession(input: SessionContractInput): boolean {\n return Boolean(input.isMfaPending?.())\n}\n\nexport function hasAuthenticatedAccess(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return Boolean(input.hasAccessToken())\n }\n return hasValidAccess(input)\n}\n","/** Thrown when a full login response cannot be persisted (e.g. missing refresh token). */\nexport class SessionPersistenceError extends Error {\n constructor(message: string) {\n super(message)\n this.name = 'SessionPersistenceError'\n }\n}\n","import { setPortal, setSubscriptionType, setAccessToken, setRefreshToken, setLoggedInDetails } from './auth-utils'\nimport { setConfig } from '../utils/hub-context'\nimport { actions as userActions } from '../../state/crm/use-user'\nimport { SessionPersistenceError } from './session-persistence-error'\nimport { logger } from '../logging/logger'\n\nfunction unwrapLoginBody(response: any): Record<string, any> {\n return (response?.data ?? response ?? {}) as Record<string, any>\n}\n\n/**\n * Persists a full authenticated session (access + refresh tokens, portal, login details).\n * Use after successful login or MFA verify when `twoFactorRequired` is false.\n */\nexport async function completeLoginSession(response: any): Promise<any> {\n const body = unwrapLoginBody(response)\n const tokenData: any = body?.tokenData || {}\n const loggedInDetails: any = body?.loggedInDetails || {}\n const currentPortal: any = loggedInDetails?.currentPortal || {}\n const currentPortalId: any = currentPortal?.portalId || null\n const subscriptionType = loggedInDetails?.subscriptionType || 'BASIC'\n\n const token = tokenData?.token\n const refreshToken = tokenData?.refreshToken\n const expiresIn = tokenData?.expiresIn\n const refreshExpiresAt = tokenData?.refreshExpiresAt\n const rExpiresIn = tokenData?.refreshExpiresIn\n\n if (!token || typeof token !== 'string') {\n logger.error('auth', 'login session missing access token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing access token in login response')\n }\n\n if (!refreshToken || typeof refreshToken !== 'string') {\n logger.error('auth', 'login session missing refresh token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing refresh token in login response')\n }\n\n setPortal(currentPortal)\n setSubscriptionType(subscriptionType)\n await setAccessToken(token, expiresIn)\n await setRefreshToken(refreshToken, refreshExpiresAt ?? rExpiresIn)\n await setLoggedInDetails(body)\n userActions.setProfile(response?.data != null ? response : { data: body })\n\n setConfig.setDevPortalId(currentPortalId)\n\n return response\n}\n\n/**\n * Applies login/MFA-step response token rules:\n * - MFA pending: temp access JWT only (no refresh until verify completes)\n * - Full session: {@link completeLoginSession}\n */\nexport async function applyLoginResponse(response: any): Promise<any> {\n const data = unwrapLoginBody(response)\n if (data?.twoFactorRequired === true) {\n const tokenData: any = data?.tokenData || {}\n const token = tokenData?.token\n const expiresIn = tokenData?.expiresIn\n if (token) {\n await setAccessToken(token, expiresIn)\n }\n return response\n }\n return completeLoginSession(response)\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type {\n LoginPayload,\n LoginResponseData,\n MutationOptions,\n PreLoginPayload,\n ForgetPasswordPayload,\n VerifyEmailPayload,\n ResetPasswordVerifyTokenPayload,\n ResetPasswordPayload\n} from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport { getParam } from '../../../core/utils/param'\nimport { clearClientAuthCookies } from '../../../core/utils/cookie'\nimport { clearAccessToken } from '../../../core/http/token-store'\n\nexport function preLogin(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.preLogin(payload)\n return response\n }, options)\n\n return {\n mutate,\n preLogin: mutate,\n isLoading\n }\n}\n\n/**\n * Password login for the client portal.\n *\n * **API:** `POST /api/auth/login?hubId={hubId}`\n * **Session:** When `twoFactorRequired` is true, stores only the temp access JWT (no refresh until MFA completes).\n */\nexport function login(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<LoginPayload, LoginResponseData>(async (payload: any) => {\n const response = (await Client.authentication.login(payload)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n login: mutate,\n isLoading\n }\n}\n\nexport interface ClientSessionPayload {\n accessToken: string\n refreshToken?: string\n}\n\n/**\n * Exchange a management/deep-link token for a portal client session.\n *\n * **API:** `POST /api/auth/client-session`\n * **Auth:** Bearer access token header; optional refresh token in body.\n */\nexport interface AuthHandoffPayload {\n code: string\n hubId: number\n}\n\n/**\n * Redeem a one-time admin portal handoff code for a full client session.\n *\n * **API:** `POST /api/auth/handoff?hubId={hubId}`\n */\nexport function handoff(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<AuthHandoffPayload, LoginResponseData>(async (payload) => {\n const response = (await Client.authentication.handoff(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n handoff: mutate,\n isLoading\n }\n}\n\nexport function clientSession(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<ClientSessionPayload, LoginResponseData>(async (payload?: ClientSessionPayload) => {\n const response = (await Client.authentication.clientSession(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n clientSession: mutate,\n isLoading\n }\n}\n\nexport function register(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.register(payload)\n return response\n }, options)\n\n return {\n mutate,\n register: mutate,\n isLoading\n }\n}\n\nexport function verifyEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<VerifyEmailPayload, any>(async (payload: any) => {\n const verifyEmailPayload: VerifyEmailPayload = payload || {}\n const token: any = getParam('token')\n if (!verifyEmailPayload?.token) verifyEmailPayload.token = token\n const response: any = await Client.authentication.verifyEmail(verifyEmailPayload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmail: mutate,\n isLoading\n }\n}\n\nexport function resetPasswordVerifyToken(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordVerifyTokenPayload, any>(async (payload: any) => {\n const resetPasswordVerifyTokenPayload: ResetPasswordVerifyTokenPayload = payload || {}\n const token: any = getParam('token')\n if (!resetPasswordVerifyTokenPayload?.token) resetPasswordVerifyTokenPayload.token = token\n const response: any = await Client.authentication.resetPasswordVerifyToken(resetPasswordVerifyTokenPayload)\n return response\n }, options)\n\n return {\n mutate,\n resetPasswordVerifyToken: mutate,\n isLoading\n }\n}\n\nexport function resetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.resetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n resetPassword: mutate,\n isLoading\n }\n}\n\nexport function forgetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ForgetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.forgetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n forgetPassword: mutate,\n isLoading\n }\n}\n\nexport function logout(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n try {\n const response: any = await Client.authentication.logout()\n return response\n } finally {\n clearAccessToken()\n clearClientAuthCookies()\n }\n }, options)\n\n return {\n mutate,\n logout: mutate,\n isLoading\n }\n}\n\nexport function registerExistingUser(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.registerExistingUser(payload)\n return response\n }, options)\n\n return {\n mutate,\n registerExistingUser: mutate,\n isLoading\n }\n}\n\nexport function verifyEmailResend(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.verifyEmailResend(payload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmailResend: mutate,\n isLoading\n }\n}\n\nexport function resendEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.resendEmail(payload)\n return response\n }, options)\n\n return {\n mutate,\n resendEmail: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport type {\n LoginResponseData,\n MfaEnrollmentStatus,\n MfaOtpSendRequest,\n MfaPendingPasskeyOptionsRequest,\n MfaPendingPasskeyVerifyRequest,\n MfaPreferenceRequest,\n MfaStatusQuery,\n MutationOptions,\n PasskeyLoginOptionsRequest,\n PasskeyLoginVerifyRequest,\n PhoneVerifyConfirmRequest,\n PhoneVerifyStartRequest,\n BackupCodesRegenerateRequest,\n MfaBackupCodesResponse,\n MfaOptOutRequest,\n PhoneUnverifyRequest,\n TotpDisableRequest,\n TotpEnrollVerifyRequest,\n TwoFaVerificationRequest,\n WebAuthnVerifyRequest\n} from '../../../core/types'\n\n/**\n * Complete the MFA login step after `api.login()` returned `twoFactorRequired: true`.\n *\n * **API:** `POST /api/auth/verify-otp?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, otp, method }` (`EMAIL_OTP` | `SMS_OTP` | `TOTP` | `BACKUP_CODE`).\n * **Session:** On success persists full access + refresh tokens (skips when still MFA-pending).\n */\nexport function verifyOtp(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<TwoFaVerificationRequest, LoginResponseData>(async (payload?: TwoFaVerificationRequest) => {\n const response = (await Client.authentication.verifyOtp(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, verifyOtp: mutate, isLoading }\n}\n\n/**\n * Resend OTP or switch to email/SMS on the MFA login gate.\n *\n * **API:** `POST /api/auth/mfa/pending/otp/send`\n * **Auth:** Bearer temp JWT; body `{ token, method }`.\n */\nexport function sendMfaOtp(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOtpSendRequest, any>(\n async (payload?: MfaOtpSendRequest) => Client.mfa.sendPendingOtp(payload!),\n options\n )\n\n return { mutate, sendOtp: mutate, sendMfaOtp: mutate, isLoading }\n}\n\n/**\n * Start WebAuthn ceremony for passkey as second factor during login.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/options`\n * **Auth:** Bearer temp JWT; body `{ token, portalId? }`.\n */\nexport function pendingPasskeyOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyOptionsRequest, any>(\n async (payload?: MfaPendingPasskeyOptionsRequest) => Client.mfa.pendingPasskeyOptions(payload!),\n options\n )\n\n return { mutate, pendingPasskeyOptions: mutate, isLoading }\n}\n\n/**\n * Finish passkey MFA-step and complete login when successful.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/verify?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, challengeId, credential, portalId? }`.\n * **Session:** On success persists full access + refresh tokens.\n */\nexport function pendingPasskeyVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyVerifyRequest, LoginResponseData>(\n async (payload?: MfaPendingPasskeyVerifyRequest) => {\n const response = (await Client.mfa.pendingPasskeyVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n },\n options\n )\n\n return { mutate, pendingPasskeyVerify: mutate, isLoading }\n}\n\n/**\n * MFA enrollment and policy snapshot for the security settings UI.\n *\n * **API:** `GET /api/auth/mfa/status?portalId={portalId}`\n * **Auth:** Bearer access JWT (full session).\n */\nexport function getMfaStatus(options?: MutationOptions<MfaEnrollmentStatus, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, MfaEnrollmentStatus>(\n async (payload) => (await Client.mfa.getStatus(payload)) as MfaEnrollmentStatus,\n options\n )\n\n return { mutate, getStatus: mutate, getMfaStatus: mutate, isLoading }\n}\n\n/**\n * Set the user's default MFA method for this hub/portal scope.\n *\n * **API:** `PUT /api/auth/mfa/preferences?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ defaultMethod }`.\n */\nexport function setMfaPreferences(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPreferenceRequest & MfaStatusQuery, any>(\n async (payload?: MfaPreferenceRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.setPreferences(data, { portalId })\n },\n options\n )\n\n return { mutate, setPreferences: mutate, setMfaPreferences: mutate, isLoading }\n}\n\n/**\n * Send OTP to verify the user's phone number (enables SMS OTP at login).\n *\n * **API:** `POST /api/auth/mfa/phone/verify/start?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone }` (E.164, e.g. `+14155552671`).\n */\nexport function startPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyStartRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '' }\n return Client.mfa.startPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, startPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Confirm phone verification with the OTP code.\n *\n * **API:** `POST /api/auth/mfa/phone/verify/confirm?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone, code }`.\n */\nexport function confirmPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyConfirmRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '', code: '' }\n return Client.mfa.confirmPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, confirmPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Start TOTP authenticator enrollment for the current portal scope.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/start?portalId={portalId}`\n * **Auth:** Bearer access JWT. Returns `secret`, `otpauthUri`, `scopeKey`.\n */\nexport function totpEnrollStart(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.totpEnrollStart(payload), options)\n\n return { mutate, totpEnrollStart: mutate, isLoading }\n}\n\n/**\n * Confirm TOTP enrollment and receive one-time backup codes.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ code, portalId? }`.\n */\nexport function totpEnrollVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpEnrollVerifyRequest, any>(\n async (payload?: TotpEnrollVerifyRequest) => Client.mfa.totpEnrollVerify(payload!),\n options\n )\n\n return { mutate, totpEnrollVerify: mutate, isLoading }\n}\n\n/**\n * Disable TOTP for the current scope (requires current password).\n *\n * **API:** `POST /api/auth/mfa/totp/disable`\n * **Auth:** Bearer access JWT; body `{ password }`.\n */\nexport function totpDisable(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpDisableRequest & MfaStatusQuery, any>(async (payload?: TotpDisableRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.totpDisable(data, { portalId })\n }, options)\n\n return { mutate, totpDisable: mutate, isLoading }\n}\n\n/**\n * Remove SMS MFA by clearing phone verification for the current scope.\n *\n * **API:** `POST /api/auth/mfa/phone/unverify?portalId={portalId}`\n */\nexport function phoneUnverify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneUnverifyRequest & MfaStatusQuery, any>(\n async (payload?: PhoneUnverifyRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.phoneUnverify(data, { portalId })\n },\n options\n )\n\n return { mutate, phoneUnverify: mutate, isLoading }\n}\n\n/**\n * Regenerate backup codes (password + TOTP step-up). Plaintext codes returned once.\n *\n * **API:** `POST /api/auth/mfa/backup-codes/regenerate?portalId={portalId}`\n */\nexport function backupCodesRegenerate(options?: MutationOptions<MfaBackupCodesResponse, any>) {\n const { mutate, isLoading } = createMutation<BackupCodesRegenerateRequest & MfaStatusQuery, MfaBackupCodesResponse>(\n async (payload?: BackupCodesRegenerateRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.backupCodesRegenerate(data, { portalId })\n },\n options\n )\n\n return { mutate, backupCodesRegenerate: mutate, isLoading }\n}\n\n/**\n * Turn off all voluntary MFA enrollments when policy allows.\n *\n * **API:** `POST /api/auth/mfa/opt-out?portalId={portalId}`\n */\nexport function mfaOptOut(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOptOutRequest & MfaStatusQuery, any>(async (payload?: MfaOptOutRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.optOut(data, { portalId })\n }, options)\n\n return { mutate, optOut: mutate, mfaOptOut: mutate, isLoading }\n}\n\n/**\n * Start passkey (WebAuthn) registration ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnRegisterOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.webauthnRegisterOptions(payload),\n options\n )\n\n return { mutate, webauthnRegisterOptions: mutate, isLoading }\n}\n\n/**\n * Complete passkey registration after `@simplewebauthn/browser` ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, nickname?, portalId? }`.\n */\nexport function webauthnRegisterVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnRegisterVerify(payload!),\n options\n )\n\n return { mutate, webauthnRegisterVerify: mutate, isLoading }\n}\n\n/**\n * Start passkey authentication ceremony while logged in (re-verify).\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnAuthOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.webauthnAuthOptions(payload), options)\n\n return { mutate, webauthnAuthOptions: mutate, isLoading }\n}\n\n/**\n * Complete logged-in passkey re-verification.\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, portalId? }`.\n */\nexport function webauthnAuthVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnAuthVerify(payload!),\n options\n )\n\n return { mutate, webauthnAuthVerify: mutate, isLoading }\n}\n\n/**\n * List passkeys registered for the portal scope.\n *\n * **API:** `GET /api/auth/mfa/webauthn/credentials?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function listWebauthnCredentials(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.listWebauthnCredentials(payload),\n options\n )\n\n return { mutate, listWebauthnCredentials: mutate, isLoading }\n}\n\n/**\n * Remove a registered passkey.\n *\n * **API:** `DELETE /api/auth/mfa/webauthn/credentials/{credentialRecordId}?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function deleteWebauthnCredential(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ credentialRecordId: string | number } & MfaStatusQuery, any>(\n async (payload?: { credentialRecordId: string | number } & MfaStatusQuery) => {\n const { credentialRecordId, portalId } = payload!\n return Client.mfa.deleteWebauthnCredential(credentialRecordId, { portalId })\n },\n options\n )\n\n return { mutate, deleteWebauthnCredential: mutate, isLoading }\n}\n\n/**\n * Start passwordless passkey login (when `PASSKEY_PRIMARY` is allowed).\n *\n * **API:** `POST /api/auth/passkey/login/options?hubId={hubId}`\n * **Auth:** Public; body `{ email, hubId?, portalId? }`.\n */\nexport function passkeyLoginOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginOptionsRequest, any>(\n async (payload?: PasskeyLoginOptionsRequest) => Client.mfa.passkeyLoginOptions(payload!),\n options\n )\n\n return { mutate, passkeyLoginOptions: mutate, isLoading }\n}\n\n/**\n * Finish passwordless passkey login; may return `twoFactorRequired` if policy requires MFA.\n *\n * **API:** `POST /api/auth/passkey/login/verify?hubId={hubId}`\n * **Auth:** Public; body `{ challengeId, credential, portalId? }`.\n * **Session:** Applies MFA-aware token rules via {@link applyLoginResponse}.\n */\nexport function passkeyLoginVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginVerifyRequest, LoginResponseData>(async (payload?: PasskeyLoginVerifyRequest) => {\n const response = (await Client.mfa.passkeyLoginVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, passkeyLoginVerify: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport type {\n MutationOptions,\n RevokeSecuritySessionPayload,\n SecurityLoginActivityQuery,\n SecurityOverviewQuery,\n SecuritySessionsQuery\n} from '../../../core/types'\n\n/**\n * Security settings overview (password age, MFA methods, policy flags).\n * Use this for the Security page — not `api.me()` + `api.getMfaStatus()`.\n *\n * **API:** `GET /api/auth/security/overview?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityOverview(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityOverviewQuery | undefined, any>(\n async (payload) => Client.security.getOverview(payload),\n options\n )\n\n return { mutate, getOverview: mutate, getSecurityOverview: mutate, isLoading }\n}\n\n/**\n * Paginated login activity for the Security page.\n *\n * **API:** `GET /api/auth/security/login-activity?page=&limit=&sort=`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityLoginActivity(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityLoginActivityQuery | undefined, any>(\n async (payload) => Client.security.getLoginActivity(payload),\n options\n )\n\n return { mutate, getLoginActivity: mutate, getSecurityLoginActivity: mutate, isLoading }\n}\n\n/**\n * List active sessions (refresh-token families) for the Security page.\n *\n * **API:** `GET /api/auth/security/sessions?currentFamilyId=`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header to mark current session.\n */\nexport function getSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecuritySessionsQuery | undefined, any>(\n async (payload) => Client.security.getSessions(payload),\n options\n )\n\n return { mutate, getSessions: mutate, getSecuritySessions: mutate, isLoading }\n}\n\n/**\n * Sign out a single device/session by `familyId`.\n *\n * **API:** `POST /api/auth/security/sessions/{familyId}/revoke`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload.\n */\nexport function revokeSecuritySession(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<RevokeSecuritySessionPayload, any>(\n async (payload?: RevokeSecuritySessionPayload) => Client.security.revokeSession(payload!),\n options\n )\n\n return { mutate, revokeSession: mutate, revokeSecuritySession: mutate, isLoading }\n}\n\n/**\n * Sign out all other devices; keeps the current session when `refreshToken` is provided.\n *\n * **API:** `POST /api/auth/security/sessions/revoke-others`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header.\n */\nexport function revokeOtherSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ refreshToken?: string } | undefined, any>(\n async (payload) => Client.security.revokeOtherSessions(payload?.refreshToken),\n options\n )\n\n return { mutate, revokeOtherSessions: mutate, revokeOtherSecuritySessions: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\n\nexport function getLoginBootstrap(options?: MutationOptions<any, { hubId?: number; portalId?: number } | void>) {\n const { mutate, isLoading } = createMutation(async (payload?: { hubId?: number; portalId?: number }) => {\n const response: any = await Client.authentication.getLoginBootstrap(payload)\n return response\n }, options)\n\n return {\n mutate,\n getLoginBootstrap: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions, PreLoginPayload } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\n\nexport function getSsoDetails(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await Client.sso.getSsoDetails()\n return response\n }, options)\n\n return {\n mutate,\n getDetails: mutate,\n getSsoDetails: mutate,\n isLoading\n }\n}\n\nexport function generateSsoUrl(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.generateSsoUrl(payload)\n return response\n }, options)\n\n return {\n mutate,\n generateUrl: mutate,\n generateSsoUrl: mutate,\n isLoading\n }\n}\n\nexport function ssoCallback(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.ssoCallback(payload)\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n callback: mutate,\n ssoCallback: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { ChangePasswordPayload, MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { actions as userActions } from '../../../state/crm/use-user'\n\nlet meRequestInFlight: Promise<any> | null = null\n\nasync function fetchMeOnce() {\n if (!meRequestInFlight) {\n meRequestInFlight = Client.user.me().finally(() => {\n meRequestInFlight = null\n })\n }\n return meRequestInFlight\n}\n\nexport function me(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await fetchMeOnce()\n userActions.setProfile(response)\n return response?.data\n }, options)\n\n return {\n mutate,\n me: mutate,\n isLoading\n }\n}\n\nexport function profile(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profile(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n profile: mutate,\n isLoading\n }\n}\n\nexport function profileUpdate(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profileUpdate(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n updateProfile: mutate,\n profileUpdate: mutate,\n isLoading\n }\n}\n\n/** @deprecated Use {@link profileUpdate} — same factory; 3.0 nested key is `updateProfile`. */\nexport const updateProfile = profileUpdate\n\nexport function changePassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ChangePasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.user.changePassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n changePassword: mutate,\n isLoading\n }\n}\n","import {\n preLogin,\n login,\n clientSession,\n handoff,\n register,\n verifyEmail,\n forgetPassword,\n logout,\n resetPasswordVerifyToken,\n resetPassword,\n registerExistingUser,\n verifyEmailResend,\n resendEmail\n} from '../features/auth/api/authentication'\nimport {\n verifyOtp,\n sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getMfaStatus,\n setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n} from '../features/auth/api/mfa'\nimport {\n getSecurityOverview,\n getSecurityLoginActivity,\n getSecuritySessions,\n revokeSecuritySession,\n revokeOtherSecuritySessions\n} from '../features/auth/api/security'\nimport { getLoginBootstrap } from '../features/auth/api/login-bootstrap'\nimport { getSsoDetails, generateSsoUrl, ssoCallback } from '../features/auth/api/sso'\nimport { changePassword, me, profile, profileUpdate } from '../features/auth/api/users'\nimport { getRefreshToken } from '../core/http/auth-utils'\nimport { getAuthRefreshToken } from '../core/http/http-client'\nimport {\n clearAccessToken,\n didLastRefreshFail,\n getAccessToken,\n isAuthenticateApp,\n isAuthenticated,\n isExpiresAccessToken,\n isAccessTokenExpired,\n hasRefreshSession,\n hasValidAccessToken,\n isRefreshInFlight,\n isSessionRefreshExhausted,\n refreshSession,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState\n} from '../core/http/token-store'\nimport { isCookieExpired } from '../core/utils/cookie'\nimport {\n hasValidAccess,\n isFullyAuthenticated as isFullyAuthenticatedContract,\n hasAuthenticatedAccess as hasAuthenticatedAccessContract,\n type SessionContractInput\n} from '../core/auth/session-contract'\n\n/** Canonical nested auth API (SDK 3.0). */\nexport const authApi = {\n preLogin,\n login,\n clientSession,\n handoff,\n logout,\n register,\n verifyEmail,\n registerExistingUser,\n forgetPassword,\n resetPassword,\n resetPasswordVerifyToken,\n verifyEmailResend,\n resendEmail,\n changePassword,\n me,\n profile,\n updateProfile: profileUpdate,\n mfa: {\n verifyOtp,\n sendOtp: sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getStatus: getMfaStatus,\n setPreferences: setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n optOut: mfaOptOut,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n },\n security: {\n getOverview: getSecurityOverview,\n getLoginActivity: getSecurityLoginActivity,\n getSessions: getSecuritySessions,\n revokeSession: revokeSecuritySession,\n revokeOtherSessions: revokeOtherSecuritySessions\n },\n loginBootstrap: getLoginBootstrap,\n sso: {\n getDetails: getSsoDetails,\n generateUrl: generateSsoUrl,\n callback: ssoCallback\n },\n session: {\n getRefreshToken,\n refreshSession,\n refreshAccessToken: getAuthRefreshToken,\n getAccessToken,\n clearAccessToken,\n isAuthenticated,\n isAuthenticateApp,\n isAccessTokenExpired,\n isExpiresAccessToken,\n isCookieExpired,\n hasRefreshSession,\n hasValidAccessToken,\n didLastRefreshFail,\n isSessionRefreshExhausted,\n isRefreshInFlight,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState,\n contract: (): SessionContractInput => ({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n isFullyAuthenticated: () =>\n isFullyAuthenticatedContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasAuthenticatedAccess: () =>\n hasAuthenticatedAccessContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasValidAccess: () =>\n hasValidAccess({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n })\n }\n}\n","export type MfaBootRecoveryResult = 'pending' | 'orphan_cleared' | 'stale_token_cleared' | 'none'\n\nexport type MfaBootRecoveryInput = {\n hasMfaContext: () => boolean\n hasAccessToken: () => boolean\n hasRefreshToken: () => boolean\n clearMfaOrphan: () => void\n clearStaleAccessToken: () => void\n}\n\n/**\n * Normalize MFA gate state on cold load before the router mounts.\n * Temp JWT is in-memory only — mid-MFA page refresh cannot resume without re-login.\n */\nexport function recoverMfaGateOnBoot(input: MfaBootRecoveryInput): MfaBootRecoveryResult {\n const hasContext = input.hasMfaContext()\n const hasToken = input.hasAccessToken()\n const hasRefresh = input.hasRefreshToken()\n\n if (hasContext && hasToken) {\n return 'pending'\n }\n\n if (hasContext && !hasToken) {\n input.clearMfaOrphan()\n return 'orphan_cleared'\n }\n\n if (hasToken && !hasContext && !hasRefresh) {\n input.clearStaleAccessToken()\n return 'stale_token_cleared'\n }\n\n return 'none'\n}\n\nexport type { VisibilityRefreshOptions } from '../http/visibility-refresh-scheduler.js'\nexport { startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler } from '../http/visibility-refresh-scheduler.js'\n","import { hasValidAccess, isFullyAuthenticated, isMfaPendingSession, type SessionContractInput } from './session-contract.js'\n\nexport type AuthRouteAction =\n | { kind: 'allow' }\n | { kind: 'show_loader' }\n | { kind: 'redirect_login'; returnUrl?: string }\n | { kind: 'redirect_mfa' }\n | { kind: 'redirect_funnel'; step: 'email_verify' | 'hub_select' | 'portal_select' }\n\nexport type AuthFunnelState = {\n emailVerified?: boolean\n hubId?: number | string | null\n portalId?: number | string | null\n}\n\nexport type ResolveAuthRouteActionInput = {\n pathname: string\n isPublicAuthRoute: (pathname: string) => boolean\n session: SessionContractInput\n funnel?: AuthFunnelState\n mfaRoute: string\n previewMode?: boolean\n /** When refresh hint exists but access token missing — session restoring. */\n sessionRestoring?: boolean\n /** Refresh already failed — do not show restoring loader; redirect to login. */\n sessionRefreshExhausted?: boolean\n}\n\nexport function resolveAuthRouteAction(input: ResolveAuthRouteActionInput): AuthRouteAction {\n const {\n pathname,\n isPublicAuthRoute,\n session,\n funnel,\n mfaRoute,\n previewMode = false,\n sessionRestoring = false,\n sessionRefreshExhausted = false\n } = input\n\n if (previewMode) {\n return { kind: 'allow' }\n }\n\n if (isMfaPendingSession(session)) {\n if (pathname === mfaRoute) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_mfa' }\n }\n\n if (sessionRestoring && !sessionRefreshExhausted) {\n return { kind: 'show_loader' }\n }\n\n if (sessionRefreshExhausted && !hasValidAccess(session)) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n const authenticated = isFullyAuthenticated(session)\n\n if (!authenticated) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n if (funnel) {\n if (funnel.emailVerified === false) {\n return { kind: 'redirect_funnel', step: 'email_verify' }\n }\n if (!funnel.hubId) {\n return { kind: 'redirect_funnel', step: 'hub_select' }\n }\n if (!funnel.portalId) {\n return { kind: 'redirect_funnel', step: 'portal_select' }\n }\n }\n\n return { kind: 'allow' }\n}\n"]}
1
+ {"version":3,"sources":["../src/main/core/auth/session-contract.ts","../src/main/core/http/session-persistence-error.ts","../src/main/core/http/login-session.ts","../src/main/features/auth/api/authentication.ts","../src/main/features/auth/api/mfa.ts","../src/main/features/auth/api/security.ts","../src/main/features/auth/api/login-bootstrap.ts","../src/main/features/auth/api/sso.ts","../src/main/features/auth/api/users.ts","../src/main/api/nested-auth-api.ts","../src/main/core/auth/bootstrap-contract.ts","../src/main/core/auth/route-guard-contract.ts"],"names":["actions"],"mappings":";;;;;;AAgBO,SAAS,eAAe,KAAA,EAAsC;AACjE,EAAA,OAAO,KAAA,CAAM,cAAA,EAAe,IAAK,CAAC,MAAM,oBAAA,EAAqB;AACjE;AAEO,SAAS,qBAAqB,KAAA,EAAsC;AACvE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,KAAA;AAAA,EACX;AACA,EAAA,IAAI,cAAA,CAAe,KAAK,CAAA,EAAG;AACvB,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,OAAO,MAAM,iBAAA,EAAkB;AACnC;AAEO,SAAS,oBAAoB,KAAA,EAAsC;AACtE,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,YAAA,IAAgB,CAAA;AACzC;AAEO,SAAS,uBAAuB,KAAA,EAAsC;AACzE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,cAAA,EAAgB,CAAA;AAAA,EACzC;AACA,EAAA,OAAO,eAAe,KAAK,CAAA;AAC/B;;;ACtCO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/C,YAAY,OAAA,EAAiB;AACzB,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,yBAAA;AAAA,EAChB;AACJ,CAAA;;;ACAA,SAAS,gBAAgB,QAAA,EAAoC;AACzD,EAAA,OAAQ,QAAA,EAAU,IAAA,IAAQ,QAAA,IAAY,EAAC;AAC3C;AAMA,eAAsB,qBAAqB,QAAA,EAA6B;AACpE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,EAAA,MAAM,eAAA,GAAuB,IAAA,EAAM,eAAA,IAAmB,EAAC;AACvD,EAAA,MAAM,aAAA,GAAqB,eAAA,EAAiB,aAAA,IAAiB,EAAC;AAC9D,EAAA,MAAM,eAAA,GAAuB,eAAe,QAAA,IAAY,IAAA;AACxD,EAAA,MAAM,gBAAA,GAAmB,iBAAiB,gBAAA,IAAoB,OAAA;AAE9D,EAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,EAAA,MAAM,eAAe,SAAA,EAAW,YAAA;AAChC,EAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,EAAA,MAAM,mBAAmB,SAAA,EAAW,gBAAA;AACpC,EAAA,MAAM,aAAa,SAAA,EAAW,gBAAA;AAE9B,EAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,EAAU;AACrC,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,oCAAA,EAAsC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AAChG,IAAA,MAAM,IAAI,wBAAwB,oEAAoE,CAAA;AAAA,EAC1G;AAEA,EAAA,IAAI,CAAC,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACnD,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,qCAAA,EAAuC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AACjG,IAAA,MAAM,IAAI,wBAAwB,qEAAqE,CAAA;AAAA,EAC3G;AAEA,EAAA,SAAA,CAAU,aAAa,CAAA;AACvB,EAAA,mBAAA,CAAoB,gBAAgB,CAAA;AACpC,EAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AACrC,EAAA,MAAM,eAAA,CAAgB,YAAA,EAAc,gBAAA,IAAoB,UAAU,CAAA;AAClE,EAAA,MAAM,mBAAmB,IAAI,CAAA;AAC7B,EAAAA,QAAA,CAAY,UAAA,CAAW,UAAU,IAAA,IAAQ,IAAA,GAAO,WAAW,EAAE,IAAA,EAAM,MAAM,CAAA;AAEzE,EAAA,SAAA,CAAU,eAAe,eAAe,CAAA;AAExC,EAAA,OAAO,QAAA;AACX;AAOA,eAAsB,mBAAmB,QAAA,EAA6B;AAClE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,IAAI,IAAA,EAAM,sBAAsB,IAAA,EAAM;AAClC,IAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,IAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,IAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,IAAA,IAAI,KAAA,EAAO;AACP,MAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AAAA,IACzC;AACA,IAAA,OAAO,QAAA;AAAA,EACX;AACA,EAAA,OAAO,qBAAqB,QAAQ,CAAA;AACxC;;;AClDO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAQO,SAAS,MAAM,OAAA,EAAmD;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAiB;AAClG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,MAAM,OAAO,CAAA;AAC3D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,KAAA,EAAO,MAAA;AAAA,IACP;AAAA,GACJ;AACJ;AAuBO,SAAS,QAAQ,OAAA,EAAmD;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAsD,OAAO,OAAA,KAAY;AACnG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,QAAQ,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAmD;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwD,OAAO,OAAA,KAAmC;AAC5H,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAQ,CAAA;AACpE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwC,OAAO,OAAA,KAAiB;AAC1F,IAAA,MAAM,kBAAA,GAAyC,WAAW,EAAC;AAC3D,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,kBAAA,EAAoB,KAAA,EAAO,kBAAA,CAAmB,KAAA,GAAQ,KAAA;AAC3D,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,kBAAkB,CAAA;AAChF,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;AAEO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqD,OAAO,OAAA,KAAiB;AACvG,IAAA,MAAM,+BAAA,GAAmE,WAAW,EAAC;AACrF,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,+BAAA,EAAiC,KAAA,EAAO,+BAAA,CAAgC,KAAA,GAAQ,KAAA;AACrF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,yBAAyB,+BAA+B,CAAA;AAC1G,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,wBAAA,EAA0B,MAAA;AAAA,IAC1B;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA0C,OAAO,OAAA,KAAiB;AAC5F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAO,CAAA;AACvE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,eAAe,OAAO,CAAA;AACxE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,OAAO,OAAA,EAAqC;AACxD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,IAAI;AACA,MAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,MAAA,EAAO;AACzD,MAAA,OAAO,QAAA;AAAA,IACX,CAAA,SAAE;AACE,MAAA,gBAAA,EAAiB;AACjB,MAAA,sBAAA,EAAuB;AAAA,IAC3B;AAAA,EACJ,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,MAAA,EAAQ,MAAA;AAAA,IACR;AAAA,GACJ;AACJ;AAEO,SAAS,qBAAqB,OAAA,EAAqC;AACtE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,qBAAqB,OAAO,CAAA;AAC9E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,oBAAA,EAAsB,MAAA;AAAA,IACtB;AAAA,GACJ;AACJ;AAEO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,OAAO,CAAA;AACrE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;AChMO,SAAS,UAAU,OAAA,EAAmD;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA4D,OAAO,OAAA,KAAuC;AACpI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,UAAU,OAAQ,CAAA;AAChE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,SAAA,EAAU;AAClD;AAQO,SAAS,WAAW,OAAA,EAAqC;AAC5D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAgC,MAAA,CAAO,GAAA,CAAI,eAAe,OAAQ,CAAA;AAAA,IACzE;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,UAAA,EAAY,QAAQ,SAAA,EAAU;AACpE;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA8C,MAAA,CAAO,GAAA,CAAI,sBAAsB,OAAQ,CAAA;AAAA,IAC9F;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AASO,SAAS,qBAAqB,OAAA,EAAmD;AACpF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA6C;AAChD,MAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,qBAAqB,OAAQ,CAAA;AAChE,MAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,MAAA,OAAO,QAAA;AAAA,IACX,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,EAAQ,SAAA,EAAU;AAC7D;AAQO,SAAS,aAAa,OAAA,EAAqD;AAC9E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAa,MAAM,MAAA,CAAO,GAAA,CAAI,UAAU,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAA,EAAc,QAAQ,SAAA,EAAU;AACxE;AAQO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,cAAA,CAAe,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACvD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAQ,iBAAA,EAAmB,QAAQ,SAAA,EAAU;AAClF;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA8D,OAAO,OAAA,KAAY;AAC3G,IAAA,MAAM,EAAE,UAAU,GAAG,IAAA,KAAS,OAAA,IAAW,EAAE,OAAO,EAAA,EAAG;AACrD,IAAA,OAAO,MAAA,CAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EACxF,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgE,OAAO,OAAA,KAAY;AAC7G,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,WAAW,EAAE,KAAA,EAAO,EAAA,EAAI,IAAA,EAAM,EAAA,EAAG;AAC/D,IAAA,OAAO,MAAA,CAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EAC1F,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,gBAAgB,OAAA,EAAqC;AACjE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,eAAA,CAAgB,OAAO,CAAA,EAAG,OAAO,CAAA;AAE7I,EAAA,OAAO,EAAE,MAAA,EAAQ,eAAA,EAAiB,MAAA,EAAQ,SAAA,EAAU;AACxD;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAsC,MAAA,CAAO,GAAA,CAAI,iBAAiB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyD,OAAO,OAAA,KAAkD;AAC5I,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,WAAA,CAAY,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EACpD,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,SAAA,EAAU;AACpD;AAOO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,aAAA,CAAc,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACtD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,SAAA,EAAU;AACtD;AAOO,SAAS,sBAAsB,OAAA,EAAwD;AAC1F,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA4D;AAC/D,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,qBAAA,CAAsB,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IAC9D,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AAOO,SAAS,UAAU,OAAA,EAAqC;AAC3D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAuD,OAAO,OAAA,KAAgD;AACxI,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EAC/C,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,MAAA,EAAQ,SAAA,EAAW,QAAQ,SAAA,EAAU;AAClE;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,uBAAuB,OAAA,EAAqC;AACxE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,uBAAuB,OAAQ,CAAA;AAAA,IACrF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,sBAAA,EAAwB,MAAA,EAAQ,SAAA,EAAU;AAC/D;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG,OAAO,CAAA;AAEjJ,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAuE;AAC1E,MAAA,MAAM,EAAE,kBAAA,EAAoB,QAAA,EAAS,GAAI,OAAA;AACzC,MAAA,OAAO,OAAO,GAAA,CAAI,wBAAA,CAAyB,kBAAA,EAAoB,EAAE,UAAU,CAAA;AAAA,IAC/E,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,wBAAA,EAA0B,MAAA,EAAQ,SAAA,EAAU;AACjE;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAyC,MAAA,CAAO,GAAA,CAAI,oBAAoB,OAAQ,CAAA;AAAA,IACvF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AASO,SAAS,mBAAmB,OAAA,EAAmD;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA6D,OAAO,OAAA,KAAwC;AACtI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;;;AC7VO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,iBAAiB,OAAO,CAAA;AAAA,IAC3D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,wBAAA,EAA0B,QAAQ,SAAA,EAAU;AAC3F;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA2C,MAAA,CAAO,QAAA,CAAS,cAAc,OAAQ,CAAA;AAAA,IACxF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,qBAAA,EAAuB,QAAQ,SAAA,EAAU;AACrF;AAQO,SAAS,4BAA4B,OAAA,EAAqC;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,mBAAA,CAAoB,SAAS,YAAY,CAAA;AAAA,IAC5E;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,2BAAA,EAA6B,QAAQ,SAAA,EAAU;AACjG;;;AChFO,SAAS,kBAAkB,OAAA,EAA8E;AAC5G,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAoD;AACpG,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;;;ACVO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,aAAA,EAAc;AACrD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,eAAe,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,YAAY,OAAO,CAAA;AAC1D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;ACzCA,IAAI,iBAAA,GAAyC,IAAA;AAE7C,eAAe,WAAA,GAAc;AACzB,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACpB,IAAA,iBAAA,GAAoB,MAAA,CAAO,IAAA,CAAK,EAAA,EAAG,CAAE,QAAQ,MAAM;AAC/C,MAAA,iBAAA,GAAoB,IAAA;AAAA,IACxB,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,iBAAA;AACX;AAEO,SAAS,GAAG,OAAA,EAAqC;AACpD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,WAAA,EAAY;AACxC,IAAAA,QAAA,CAAY,WAAW,QAAQ,CAAA;AAC/B,IAAA,OAAO,QAAA,EAAU,IAAA;AAAA,EACrB,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,EAAA,EAAI,MAAA;AAAA,IACJ;AAAA,GACJ;AACJ;AAEO,SAAS,QAAQ,OAAA,EAAqC;AACzD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,OAAO,CAAA;AACvD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,cAAc,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAKO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,eAAe,OAAO,CAAA;AAC9D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;;;ACMO,IAAM,OAAA,GAAU;AAAA,EACnB,QAAA;AAAA,EACA,KAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EACA,QAAA;AAAA,EACA,WAAA;AAAA,EACA,oBAAA;AAAA,EACA,cAAA;AAAA,EACA,aAAA;AAAA,EACA,wBAAA;AAAA,EACA,iBAAA;AAAA,EACA,WAAA;AAAA,EACA,cAAA;AAAA,EACA,EAAA;AAAA,EACA,OAAA;AAAA,EACA,aAAA,EAAe,aAAA;AAAA,EACf,GAAA,EAAK;AAAA,IACD,SAAA;AAAA,IACA,OAAA,EAAS,UAAA;AAAA,IACT,qBAAA;AAAA,IACA,oBAAA;AAAA,IACA,SAAA,EAAW,YAAA;AAAA,IACX,cAAA,EAAgB,iBAAA;AAAA,IAChB,gBAAA;AAAA,IACA,kBAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,WAAA;AAAA,IACA,aAAA;AAAA,IACA,qBAAA;AAAA,IACA,MAAA,EAAQ,SAAA;AAAA,IACR,SAAA;AAAA,IACA,uBAAA;AAAA,IACA,sBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,uBAAA;AAAA,IACA,wBAAA;AAAA,IACA,mBAAA;AAAA,IACA;AAAA,GACJ;AAAA,EACA,QAAA,EAAU;AAAA,IACN,WAAA,EAAa,mBAAA;AAAA,IACb,gBAAA,EAAkB,wBAAA;AAAA,IAClB,WAAA,EAAa,mBAAA;AAAA,IACb,aAAA,EAAe,qBAAA;AAAA,IACf,mBAAA,EAAqB;AAAA,GACzB;AAAA,EACA,cAAA,EAAgB,iBAAA;AAAA,EAChB,GAAA,EAAK;AAAA,IACD,UAAA,EAAY,aAAA;AAAA,IACZ,WAAA,EAAa,cAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACd;AAAA,EACA,OAAA,EAAS;AAAA,IACL,eAAA;AAAA,IACA,cAAA;AAAA,IACA,kBAAA,EAAoB,mBAAA;AAAA,IACpB,cAAA;AAAA,IACA,gBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,oBAAA;AAAA,IACA,oBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,yBAAA;AAAA,IACA,iBAAA;AAAA,IACA,qBAAA;AAAA,IACA,iCAAA;AAAA,IACA,0BAAA;AAAA,IACA,UAAU,OAA6B;AAAA,MACnC,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACJ,CAAA;AAAA,IACA,oBAAA,EAAsB,MAClB,oBAAA,CAA6B;AAAA,MACzB,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,sBAAA,EAAwB,MACpB,sBAAA,CAA+B;AAAA,MAC3B,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,cAAA,EAAgB,MACZ,cAAA,CAAe;AAAA,MACX,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH;AAAA;AAEb;;;AClKO,SAAS,qBAAqB,KAAA,EAAoD;AACrF,EAAA,MAAM,UAAA,GAAa,MAAM,aAAA,EAAc;AACvC,EAAA,MAAM,QAAA,GAAW,MAAM,cAAA,EAAe;AACtC,EAAA,MAAM,UAAA,GAAa,MAAM,eAAA,EAAgB;AAEzC,EAAA,IAAI,cAAc,QAAA,EAAU;AACxB,IAAA,OAAO,SAAA;AAAA,EACX;AAEA,EAAA,IAAI,UAAA,IAAc,CAAC,QAAA,EAAU;AACzB,IAAA,KAAA,CAAM,cAAA,EAAe;AACrB,IAAA,OAAO,gBAAA;AAAA,EACX;AAEA,EAAA,IAAI,QAAA,IAAY,CAAC,UAAA,IAAc,CAAC,UAAA,EAAY;AACxC,IAAA,KAAA,CAAM,qBAAA,EAAsB;AAC5B,IAAA,OAAO,qBAAA;AAAA,EACX;AAEA,EAAA,OAAO,MAAA;AACX;;;ACNO,SAAS,uBAAuB,KAAA,EAAqD;AACxF,EAAA,MAAM;AAAA,IACF,QAAA;AAAA,IACA,iBAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,WAAA,GAAc,KAAA;AAAA,IACd,gBAAA,GAAmB,KAAA;AAAA,IACnB,uBAAA,GAA0B;AAAA,GAC9B,GAAI,KAAA;AAEJ,EAAA,IAAI,WAAA,EAAa;AACb,IAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,EAC3B;AAEA,EAAA,IAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG;AAC9B,IAAA,IAAI,aAAa,QAAA,EAAU;AACvB,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,cAAA,EAAe;AAAA,EAClC;AAEA,EAAA,IAAI,gBAAA,IAAoB,CAAC,uBAAA,EAAyB;AAC9C,IAAA,OAAO,EAAE,MAAM,aAAA,EAAc;AAAA,EACjC;AAEA,EAAA,IAAI,uBAAA,IAA2B,CAAC,cAAA,CAAe,OAAO,CAAA,EAAG;AACrD,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,MAAM,aAAA,GAAgB,qBAAqB,OAAO,CAAA;AAElD,EAAA,IAAI,CAAC,aAAA,EAAe;AAChB,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,IAAI,MAAA,EAAQ;AACR,IAAA,IAAI,MAAA,CAAO,kBAAkB,KAAA,EAAO;AAChC,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,cAAA,EAAe;AAAA,IAC3D;AACA,IAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACf,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,YAAA,EAAa;AAAA,IACzD;AACA,IAAA,IAAI,CAAC,OAAO,QAAA,EAAU;AAClB,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,eAAA,EAAgB;AAAA,IAC5D;AAAA,EACJ;AAEA,EAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAC3B","file":"chunk-VKXFR4EZ.js","sourcesContent":["/**\n * Shared session predicates for client and admin portals.\n * Apps supply lane-specific refresh hints (cookie name / timing cookie).\n */\n\nexport type SessionContractInput = {\n /** In-memory access JWT present. */\n hasAccessToken: () => boolean\n /** Access JWT expired or within proactive refresh buffer. */\n isAccessTokenExpired: () => boolean\n /** Refresh session still valid (cookie / timing hint). */\n hasRefreshSession: () => boolean\n /** MFA gate: temp JWT + pending context. */\n isMfaPending?: () => boolean\n}\n\nexport function hasValidAccess(input: SessionContractInput): boolean {\n return input.hasAccessToken() && !input.isAccessTokenExpired()\n}\n\nexport function isFullyAuthenticated(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return false\n }\n if (hasValidAccess(input)) {\n return true\n }\n return input.hasRefreshSession()\n}\n\nexport function isMfaPendingSession(input: SessionContractInput): boolean {\n return Boolean(input.isMfaPending?.())\n}\n\nexport function hasAuthenticatedAccess(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return Boolean(input.hasAccessToken())\n }\n return hasValidAccess(input)\n}\n","/** Thrown when a full login response cannot be persisted (e.g. missing refresh token). */\nexport class SessionPersistenceError extends Error {\n constructor(message: string) {\n super(message)\n this.name = 'SessionPersistenceError'\n }\n}\n","import { setPortal, setSubscriptionType, setAccessToken, setRefreshToken, setLoggedInDetails } from './auth-utils'\nimport { setConfig } from '../utils/hub-context'\nimport { actions as userActions } from '../../state/crm/use-user'\nimport { SessionPersistenceError } from './session-persistence-error'\nimport { logger } from '../logging/logger'\n\nfunction unwrapLoginBody(response: any): Record<string, any> {\n return (response?.data ?? response ?? {}) as Record<string, any>\n}\n\n/**\n * Persists a full authenticated session (access + refresh tokens, portal, login details).\n * Use after successful login or MFA verify when `twoFactorRequired` is false.\n */\nexport async function completeLoginSession(response: any): Promise<any> {\n const body = unwrapLoginBody(response)\n const tokenData: any = body?.tokenData || {}\n const loggedInDetails: any = body?.loggedInDetails || {}\n const currentPortal: any = loggedInDetails?.currentPortal || {}\n const currentPortalId: any = currentPortal?.portalId || null\n const subscriptionType = loggedInDetails?.subscriptionType || 'BASIC'\n\n const token = tokenData?.token\n const refreshToken = tokenData?.refreshToken\n const expiresIn = tokenData?.expiresIn\n const refreshExpiresAt = tokenData?.refreshExpiresAt\n const rExpiresIn = tokenData?.refreshExpiresIn\n\n if (!token || typeof token !== 'string') {\n logger.error('auth', 'login session missing access token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing access token in login response')\n }\n\n if (!refreshToken || typeof refreshToken !== 'string') {\n logger.error('auth', 'login session missing refresh token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing refresh token in login response')\n }\n\n setPortal(currentPortal)\n setSubscriptionType(subscriptionType)\n await setAccessToken(token, expiresIn)\n await setRefreshToken(refreshToken, refreshExpiresAt ?? rExpiresIn)\n await setLoggedInDetails(body)\n userActions.setProfile(response?.data != null ? response : { data: body })\n\n setConfig.setDevPortalId(currentPortalId)\n\n return response\n}\n\n/**\n * Applies login/MFA-step response token rules:\n * - MFA pending: temp access JWT only (no refresh until verify completes)\n * - Full session: {@link completeLoginSession}\n */\nexport async function applyLoginResponse(response: any): Promise<any> {\n const data = unwrapLoginBody(response)\n if (data?.twoFactorRequired === true) {\n const tokenData: any = data?.tokenData || {}\n const token = tokenData?.token\n const expiresIn = tokenData?.expiresIn\n if (token) {\n await setAccessToken(token, expiresIn)\n }\n return response\n }\n return completeLoginSession(response)\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type {\n LoginPayload,\n LoginResponseData,\n MutationOptions,\n PreLoginPayload,\n ForgetPasswordPayload,\n VerifyEmailPayload,\n ResetPasswordVerifyTokenPayload,\n ResetPasswordPayload\n} from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport { getParam } from '../../../core/utils/param'\nimport { clearClientAuthCookies } from '../../../core/utils/cookie'\nimport { clearAccessToken } from '../../../core/http/token-store'\n\nexport function preLogin(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.preLogin(payload)\n return response\n }, options)\n\n return {\n mutate,\n preLogin: mutate,\n isLoading\n }\n}\n\n/**\n * Password login for the client portal.\n *\n * **API:** `POST /api/auth/login?hubId={hubId}`\n * **Session:** When `twoFactorRequired` is true, stores only the temp access JWT (no refresh until MFA completes).\n */\nexport function login(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<LoginPayload, LoginResponseData>(async (payload: any) => {\n const response = (await Client.authentication.login(payload)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n login: mutate,\n isLoading\n }\n}\n\nexport interface ClientSessionPayload {\n accessToken: string\n refreshToken?: string\n}\n\n/**\n * Exchange a management/deep-link token for a portal client session.\n *\n * **API:** `POST /api/auth/client-session`\n * **Auth:** Bearer access token header; optional refresh token in body.\n */\nexport interface AuthHandoffPayload {\n code: string\n hubId: number\n}\n\n/**\n * Redeem a one-time admin portal handoff code for a full client session.\n *\n * **API:** `POST /api/auth/handoff?hubId={hubId}`\n */\nexport function handoff(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<AuthHandoffPayload, LoginResponseData>(async (payload) => {\n const response = (await Client.authentication.handoff(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n handoff: mutate,\n isLoading\n }\n}\n\nexport function clientSession(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<ClientSessionPayload, LoginResponseData>(async (payload?: ClientSessionPayload) => {\n const response = (await Client.authentication.clientSession(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n clientSession: mutate,\n isLoading\n }\n}\n\nexport function register(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.register(payload)\n return response\n }, options)\n\n return {\n mutate,\n register: mutate,\n isLoading\n }\n}\n\nexport function verifyEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<VerifyEmailPayload, any>(async (payload: any) => {\n const verifyEmailPayload: VerifyEmailPayload = payload || {}\n const token: any = getParam('token')\n if (!verifyEmailPayload?.token) verifyEmailPayload.token = token\n const response: any = await Client.authentication.verifyEmail(verifyEmailPayload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmail: mutate,\n isLoading\n }\n}\n\nexport function resetPasswordVerifyToken(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordVerifyTokenPayload, any>(async (payload: any) => {\n const resetPasswordVerifyTokenPayload: ResetPasswordVerifyTokenPayload = payload || {}\n const token: any = getParam('token')\n if (!resetPasswordVerifyTokenPayload?.token) resetPasswordVerifyTokenPayload.token = token\n const response: any = await Client.authentication.resetPasswordVerifyToken(resetPasswordVerifyTokenPayload)\n return response\n }, options)\n\n return {\n mutate,\n resetPasswordVerifyToken: mutate,\n isLoading\n }\n}\n\nexport function resetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.resetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n resetPassword: mutate,\n isLoading\n }\n}\n\nexport function forgetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ForgetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.forgetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n forgetPassword: mutate,\n isLoading\n }\n}\n\nexport function logout(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n try {\n const response: any = await Client.authentication.logout()\n return response\n } finally {\n clearAccessToken()\n clearClientAuthCookies()\n }\n }, options)\n\n return {\n mutate,\n logout: mutate,\n isLoading\n }\n}\n\nexport function registerExistingUser(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.registerExistingUser(payload)\n return response\n }, options)\n\n return {\n mutate,\n registerExistingUser: mutate,\n isLoading\n }\n}\n\nexport function verifyEmailResend(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.verifyEmailResend(payload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmailResend: mutate,\n isLoading\n }\n}\n\nexport function resendEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.resendEmail(payload)\n return response\n }, options)\n\n return {\n mutate,\n resendEmail: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport type {\n LoginResponseData,\n MfaEnrollmentStatus,\n MfaOtpSendRequest,\n MfaPendingPasskeyOptionsRequest,\n MfaPendingPasskeyVerifyRequest,\n MfaPreferenceRequest,\n MfaStatusQuery,\n MutationOptions,\n PasskeyLoginOptionsRequest,\n PasskeyLoginVerifyRequest,\n PhoneVerifyConfirmRequest,\n PhoneVerifyStartRequest,\n BackupCodesRegenerateRequest,\n MfaBackupCodesResponse,\n MfaOptOutRequest,\n PhoneUnverifyRequest,\n TotpDisableRequest,\n TotpEnrollVerifyRequest,\n TwoFaVerificationRequest,\n WebAuthnVerifyRequest\n} from '../../../core/types'\n\n/**\n * Complete the MFA login step after `api.login()` returned `twoFactorRequired: true`.\n *\n * **API:** `POST /api/auth/verify-otp?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, otp, method }` (`EMAIL_OTP` | `SMS_OTP` | `TOTP` | `BACKUP_CODE`).\n * **Session:** On success persists full access + refresh tokens (skips when still MFA-pending).\n */\nexport function verifyOtp(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<TwoFaVerificationRequest, LoginResponseData>(async (payload?: TwoFaVerificationRequest) => {\n const response = (await Client.authentication.verifyOtp(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, verifyOtp: mutate, isLoading }\n}\n\n/**\n * Resend OTP or switch to email/SMS on the MFA login gate.\n *\n * **API:** `POST /api/auth/mfa/pending/otp/send`\n * **Auth:** Bearer temp JWT; body `{ token, method }`.\n */\nexport function sendMfaOtp(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOtpSendRequest, any>(\n async (payload?: MfaOtpSendRequest) => Client.mfa.sendPendingOtp(payload!),\n options\n )\n\n return { mutate, sendOtp: mutate, sendMfaOtp: mutate, isLoading }\n}\n\n/**\n * Start WebAuthn ceremony for passkey as second factor during login.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/options`\n * **Auth:** Bearer temp JWT; body `{ token, portalId? }`.\n */\nexport function pendingPasskeyOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyOptionsRequest, any>(\n async (payload?: MfaPendingPasskeyOptionsRequest) => Client.mfa.pendingPasskeyOptions(payload!),\n options\n )\n\n return { mutate, pendingPasskeyOptions: mutate, isLoading }\n}\n\n/**\n * Finish passkey MFA-step and complete login when successful.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/verify?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, challengeId, credential, portalId? }`.\n * **Session:** On success persists full access + refresh tokens.\n */\nexport function pendingPasskeyVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyVerifyRequest, LoginResponseData>(\n async (payload?: MfaPendingPasskeyVerifyRequest) => {\n const response = (await Client.mfa.pendingPasskeyVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n },\n options\n )\n\n return { mutate, pendingPasskeyVerify: mutate, isLoading }\n}\n\n/**\n * MFA enrollment and policy snapshot for the security settings UI.\n *\n * **API:** `GET /api/auth/mfa/status?portalId={portalId}`\n * **Auth:** Bearer access JWT (full session).\n */\nexport function getMfaStatus(options?: MutationOptions<MfaEnrollmentStatus, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, MfaEnrollmentStatus>(\n async (payload) => (await Client.mfa.getStatus(payload)) as MfaEnrollmentStatus,\n options\n )\n\n return { mutate, getStatus: mutate, getMfaStatus: mutate, isLoading }\n}\n\n/**\n * Set the user's default MFA method for this hub/portal scope.\n *\n * **API:** `PUT /api/auth/mfa/preferences?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ defaultMethod }`.\n */\nexport function setMfaPreferences(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPreferenceRequest & MfaStatusQuery, any>(\n async (payload?: MfaPreferenceRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.setPreferences(data, { portalId })\n },\n options\n )\n\n return { mutate, setPreferences: mutate, setMfaPreferences: mutate, isLoading }\n}\n\n/**\n * Send OTP to verify the user's phone number (enables SMS OTP at login).\n *\n * **API:** `POST /api/auth/mfa/phone/verify/start?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone }` (E.164, e.g. `+14155552671`).\n */\nexport function startPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyStartRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '' }\n return Client.mfa.startPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, startPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Confirm phone verification with the OTP code.\n *\n * **API:** `POST /api/auth/mfa/phone/verify/confirm?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone, code }`.\n */\nexport function confirmPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyConfirmRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '', code: '' }\n return Client.mfa.confirmPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, confirmPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Start TOTP authenticator enrollment for the current portal scope.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/start?portalId={portalId}`\n * **Auth:** Bearer access JWT. Returns `secret`, `otpauthUri`, `scopeKey`.\n */\nexport function totpEnrollStart(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.totpEnrollStart(payload), options)\n\n return { mutate, totpEnrollStart: mutate, isLoading }\n}\n\n/**\n * Confirm TOTP enrollment and receive one-time backup codes.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ code, portalId? }`.\n */\nexport function totpEnrollVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpEnrollVerifyRequest, any>(\n async (payload?: TotpEnrollVerifyRequest) => Client.mfa.totpEnrollVerify(payload!),\n options\n )\n\n return { mutate, totpEnrollVerify: mutate, isLoading }\n}\n\n/**\n * Disable TOTP for the current scope (requires current password).\n *\n * **API:** `POST /api/auth/mfa/totp/disable`\n * **Auth:** Bearer access JWT; body `{ password }`.\n */\nexport function totpDisable(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpDisableRequest & MfaStatusQuery, any>(async (payload?: TotpDisableRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.totpDisable(data, { portalId })\n }, options)\n\n return { mutate, totpDisable: mutate, isLoading }\n}\n\n/**\n * Remove SMS MFA by clearing phone verification for the current scope.\n *\n * **API:** `POST /api/auth/mfa/phone/unverify?portalId={portalId}`\n */\nexport function phoneUnverify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneUnverifyRequest & MfaStatusQuery, any>(\n async (payload?: PhoneUnverifyRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.phoneUnverify(data, { portalId })\n },\n options\n )\n\n return { mutate, phoneUnverify: mutate, isLoading }\n}\n\n/**\n * Regenerate backup codes (password + TOTP step-up). Plaintext codes returned once.\n *\n * **API:** `POST /api/auth/mfa/backup-codes/regenerate?portalId={portalId}`\n */\nexport function backupCodesRegenerate(options?: MutationOptions<MfaBackupCodesResponse, any>) {\n const { mutate, isLoading } = createMutation<BackupCodesRegenerateRequest & MfaStatusQuery, MfaBackupCodesResponse>(\n async (payload?: BackupCodesRegenerateRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.backupCodesRegenerate(data, { portalId })\n },\n options\n )\n\n return { mutate, backupCodesRegenerate: mutate, isLoading }\n}\n\n/**\n * Turn off all voluntary MFA enrollments when policy allows.\n *\n * **API:** `POST /api/auth/mfa/opt-out?portalId={portalId}`\n */\nexport function mfaOptOut(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOptOutRequest & MfaStatusQuery, any>(async (payload?: MfaOptOutRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.optOut(data, { portalId })\n }, options)\n\n return { mutate, optOut: mutate, mfaOptOut: mutate, isLoading }\n}\n\n/**\n * Start passkey (WebAuthn) registration ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnRegisterOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.webauthnRegisterOptions(payload),\n options\n )\n\n return { mutate, webauthnRegisterOptions: mutate, isLoading }\n}\n\n/**\n * Complete passkey registration after `@simplewebauthn/browser` ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, nickname?, portalId? }`.\n */\nexport function webauthnRegisterVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnRegisterVerify(payload!),\n options\n )\n\n return { mutate, webauthnRegisterVerify: mutate, isLoading }\n}\n\n/**\n * Start passkey authentication ceremony while logged in (re-verify).\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnAuthOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.webauthnAuthOptions(payload), options)\n\n return { mutate, webauthnAuthOptions: mutate, isLoading }\n}\n\n/**\n * Complete logged-in passkey re-verification.\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, portalId? }`.\n */\nexport function webauthnAuthVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnAuthVerify(payload!),\n options\n )\n\n return { mutate, webauthnAuthVerify: mutate, isLoading }\n}\n\n/**\n * List passkeys registered for the portal scope.\n *\n * **API:** `GET /api/auth/mfa/webauthn/credentials?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function listWebauthnCredentials(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.listWebauthnCredentials(payload),\n options\n )\n\n return { mutate, listWebauthnCredentials: mutate, isLoading }\n}\n\n/**\n * Remove a registered passkey.\n *\n * **API:** `DELETE /api/auth/mfa/webauthn/credentials/{credentialRecordId}?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function deleteWebauthnCredential(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ credentialRecordId: string | number } & MfaStatusQuery, any>(\n async (payload?: { credentialRecordId: string | number } & MfaStatusQuery) => {\n const { credentialRecordId, portalId } = payload!\n return Client.mfa.deleteWebauthnCredential(credentialRecordId, { portalId })\n },\n options\n )\n\n return { mutate, deleteWebauthnCredential: mutate, isLoading }\n}\n\n/**\n * Start passwordless passkey login (when `PASSKEY_PRIMARY` is allowed).\n *\n * **API:** `POST /api/auth/passkey/login/options?hubId={hubId}`\n * **Auth:** Public; body `{ email, hubId?, portalId? }`.\n */\nexport function passkeyLoginOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginOptionsRequest, any>(\n async (payload?: PasskeyLoginOptionsRequest) => Client.mfa.passkeyLoginOptions(payload!),\n options\n )\n\n return { mutate, passkeyLoginOptions: mutate, isLoading }\n}\n\n/**\n * Finish passwordless passkey login; may return `twoFactorRequired` if policy requires MFA.\n *\n * **API:** `POST /api/auth/passkey/login/verify?hubId={hubId}`\n * **Auth:** Public; body `{ challengeId, credential, portalId? }`.\n * **Session:** Applies MFA-aware token rules via {@link applyLoginResponse}.\n */\nexport function passkeyLoginVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginVerifyRequest, LoginResponseData>(async (payload?: PasskeyLoginVerifyRequest) => {\n const response = (await Client.mfa.passkeyLoginVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, passkeyLoginVerify: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport type {\n MutationOptions,\n RevokeSecuritySessionPayload,\n SecurityLoginActivityQuery,\n SecurityOverviewQuery,\n SecuritySessionsQuery\n} from '../../../core/types'\n\n/**\n * Security settings overview (password age, MFA methods, policy flags).\n * Use this for the Security page — not `api.me()` + `api.getMfaStatus()`.\n *\n * **API:** `GET /api/auth/security/overview?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityOverview(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityOverviewQuery | undefined, any>(\n async (payload) => Client.security.getOverview(payload),\n options\n )\n\n return { mutate, getOverview: mutate, getSecurityOverview: mutate, isLoading }\n}\n\n/**\n * Paginated login activity for the Security page.\n *\n * **API:** `GET /api/auth/security/login-activity?page=&limit=&sort=`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityLoginActivity(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityLoginActivityQuery | undefined, any>(\n async (payload) => Client.security.getLoginActivity(payload),\n options\n )\n\n return { mutate, getLoginActivity: mutate, getSecurityLoginActivity: mutate, isLoading }\n}\n\n/**\n * List active sessions (refresh-token families) for the Security page.\n *\n * **API:** `GET /api/auth/security/sessions?currentFamilyId=`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header to mark current session.\n */\nexport function getSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecuritySessionsQuery | undefined, any>(\n async (payload) => Client.security.getSessions(payload),\n options\n )\n\n return { mutate, getSessions: mutate, getSecuritySessions: mutate, isLoading }\n}\n\n/**\n * Sign out a single device/session by `familyId`.\n *\n * **API:** `POST /api/auth/security/sessions/{familyId}/revoke`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload.\n */\nexport function revokeSecuritySession(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<RevokeSecuritySessionPayload, any>(\n async (payload?: RevokeSecuritySessionPayload) => Client.security.revokeSession(payload!),\n options\n )\n\n return { mutate, revokeSession: mutate, revokeSecuritySession: mutate, isLoading }\n}\n\n/**\n * Sign out all other devices; keeps the current session when `refreshToken` is provided.\n *\n * **API:** `POST /api/auth/security/sessions/revoke-others`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header.\n */\nexport function revokeOtherSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ refreshToken?: string } | undefined, any>(\n async (payload) => Client.security.revokeOtherSessions(payload?.refreshToken),\n options\n )\n\n return { mutate, revokeOtherSessions: mutate, revokeOtherSecuritySessions: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\n\nexport function getLoginBootstrap(options?: MutationOptions<any, { hubId?: number; portalId?: number } | void>) {\n const { mutate, isLoading } = createMutation(async (payload?: { hubId?: number; portalId?: number }) => {\n const response: any = await Client.authentication.getLoginBootstrap(payload)\n return response\n }, options)\n\n return {\n mutate,\n getLoginBootstrap: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions, PreLoginPayload } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\n\nexport function getSsoDetails(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await Client.sso.getSsoDetails()\n return response\n }, options)\n\n return {\n mutate,\n getDetails: mutate,\n getSsoDetails: mutate,\n isLoading\n }\n}\n\nexport function generateSsoUrl(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.generateSsoUrl(payload)\n return response\n }, options)\n\n return {\n mutate,\n generateUrl: mutate,\n generateSsoUrl: mutate,\n isLoading\n }\n}\n\nexport function ssoCallback(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.ssoCallback(payload)\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n callback: mutate,\n ssoCallback: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { ChangePasswordPayload, MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { actions as userActions } from '../../../state/crm/use-user'\n\nlet meRequestInFlight: Promise<any> | null = null\n\nasync function fetchMeOnce() {\n if (!meRequestInFlight) {\n meRequestInFlight = Client.user.me().finally(() => {\n meRequestInFlight = null\n })\n }\n return meRequestInFlight\n}\n\nexport function me(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await fetchMeOnce()\n userActions.setProfile(response)\n return response?.data\n }, options)\n\n return {\n mutate,\n me: mutate,\n isLoading\n }\n}\n\nexport function profile(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profile(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n profile: mutate,\n isLoading\n }\n}\n\nexport function profileUpdate(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profileUpdate(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n updateProfile: mutate,\n profileUpdate: mutate,\n isLoading\n }\n}\n\n/** @deprecated Use {@link profileUpdate} — same factory; 3.0 nested key is `updateProfile`. */\nexport const updateProfile = profileUpdate\n\nexport function changePassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ChangePasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.user.changePassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n changePassword: mutate,\n isLoading\n }\n}\n","import {\n preLogin,\n login,\n clientSession,\n handoff,\n register,\n verifyEmail,\n forgetPassword,\n logout,\n resetPasswordVerifyToken,\n resetPassword,\n registerExistingUser,\n verifyEmailResend,\n resendEmail\n} from '../features/auth/api/authentication'\nimport {\n verifyOtp,\n sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getMfaStatus,\n setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n} from '../features/auth/api/mfa'\nimport {\n getSecurityOverview,\n getSecurityLoginActivity,\n getSecuritySessions,\n revokeSecuritySession,\n revokeOtherSecuritySessions\n} from '../features/auth/api/security'\nimport { getLoginBootstrap } from '../features/auth/api/login-bootstrap'\nimport { getSsoDetails, generateSsoUrl, ssoCallback } from '../features/auth/api/sso'\nimport { changePassword, me, profile, profileUpdate } from '../features/auth/api/users'\nimport { getRefreshToken } from '../core/http/auth-utils'\nimport { getAuthRefreshToken } from '../core/http/http-client'\nimport {\n clearAccessToken,\n didLastRefreshFail,\n getAccessToken,\n isAuthenticateApp,\n isAuthenticated,\n isExpiresAccessToken,\n isAccessTokenExpired,\n hasRefreshSession,\n hasValidAccessToken,\n isRefreshInFlight,\n isSessionRefreshExhausted,\n refreshSession,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState\n} from '../core/http/token-store'\nimport { isCookieExpired } from '../core/utils/cookie'\nimport {\n hasValidAccess,\n isFullyAuthenticated as isFullyAuthenticatedContract,\n hasAuthenticatedAccess as hasAuthenticatedAccessContract,\n type SessionContractInput\n} from '../core/auth/session-contract'\n\n/** Canonical nested auth API (SDK 3.0). */\nexport const authApi = {\n preLogin,\n login,\n clientSession,\n handoff,\n logout,\n register,\n verifyEmail,\n registerExistingUser,\n forgetPassword,\n resetPassword,\n resetPasswordVerifyToken,\n verifyEmailResend,\n resendEmail,\n changePassword,\n me,\n profile,\n updateProfile: profileUpdate,\n mfa: {\n verifyOtp,\n sendOtp: sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getStatus: getMfaStatus,\n setPreferences: setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n optOut: mfaOptOut,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n },\n security: {\n getOverview: getSecurityOverview,\n getLoginActivity: getSecurityLoginActivity,\n getSessions: getSecuritySessions,\n revokeSession: revokeSecuritySession,\n revokeOtherSessions: revokeOtherSecuritySessions\n },\n loginBootstrap: getLoginBootstrap,\n sso: {\n getDetails: getSsoDetails,\n generateUrl: generateSsoUrl,\n callback: ssoCallback\n },\n session: {\n getRefreshToken,\n refreshSession,\n refreshAccessToken: getAuthRefreshToken,\n getAccessToken,\n clearAccessToken,\n isAuthenticated,\n isAuthenticateApp,\n isAccessTokenExpired,\n isExpiresAccessToken,\n isCookieExpired,\n hasRefreshSession,\n hasValidAccessToken,\n didLastRefreshFail,\n isSessionRefreshExhausted,\n isRefreshInFlight,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState,\n contract: (): SessionContractInput => ({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n isFullyAuthenticated: () =>\n isFullyAuthenticatedContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasAuthenticatedAccess: () =>\n hasAuthenticatedAccessContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasValidAccess: () =>\n hasValidAccess({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n })\n }\n}\n","export type MfaBootRecoveryResult = 'pending' | 'orphan_cleared' | 'stale_token_cleared' | 'none'\n\nexport type MfaBootRecoveryInput = {\n hasMfaContext: () => boolean\n hasAccessToken: () => boolean\n hasRefreshToken: () => boolean\n clearMfaOrphan: () => void\n clearStaleAccessToken: () => void\n}\n\n/**\n * Normalize MFA gate state on cold load before the router mounts.\n * Temp JWT is in-memory only — mid-MFA page refresh cannot resume without re-login.\n */\nexport function recoverMfaGateOnBoot(input: MfaBootRecoveryInput): MfaBootRecoveryResult {\n const hasContext = input.hasMfaContext()\n const hasToken = input.hasAccessToken()\n const hasRefresh = input.hasRefreshToken()\n\n if (hasContext && hasToken) {\n return 'pending'\n }\n\n if (hasContext && !hasToken) {\n input.clearMfaOrphan()\n return 'orphan_cleared'\n }\n\n if (hasToken && !hasContext && !hasRefresh) {\n input.clearStaleAccessToken()\n return 'stale_token_cleared'\n }\n\n return 'none'\n}\n\nexport type { VisibilityRefreshOptions } from '../http/visibility-refresh-scheduler.js'\nexport { startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler } from '../http/visibility-refresh-scheduler.js'\n","import { hasValidAccess, isFullyAuthenticated, isMfaPendingSession, type SessionContractInput } from './session-contract.js'\n\nexport type AuthRouteAction =\n | { kind: 'allow' }\n | { kind: 'show_loader' }\n | { kind: 'redirect_login'; returnUrl?: string }\n | { kind: 'redirect_mfa' }\n | { kind: 'redirect_funnel'; step: 'email_verify' | 'hub_select' | 'portal_select' }\n\nexport type AuthFunnelState = {\n emailVerified?: boolean\n hubId?: number | string | null\n portalId?: number | string | null\n}\n\nexport type ResolveAuthRouteActionInput = {\n pathname: string\n isPublicAuthRoute: (pathname: string) => boolean\n session: SessionContractInput\n funnel?: AuthFunnelState\n mfaRoute: string\n previewMode?: boolean\n /** When refresh hint exists but access token missing — session restoring. */\n sessionRestoring?: boolean\n /** Refresh already failed — do not show restoring loader; redirect to login. */\n sessionRefreshExhausted?: boolean\n}\n\nexport function resolveAuthRouteAction(input: ResolveAuthRouteActionInput): AuthRouteAction {\n const {\n pathname,\n isPublicAuthRoute,\n session,\n funnel,\n mfaRoute,\n previewMode = false,\n sessionRestoring = false,\n sessionRefreshExhausted = false\n } = input\n\n if (previewMode) {\n return { kind: 'allow' }\n }\n\n if (isMfaPendingSession(session)) {\n if (pathname === mfaRoute) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_mfa' }\n }\n\n if (sessionRestoring && !sessionRefreshExhausted) {\n return { kind: 'show_loader' }\n }\n\n if (sessionRefreshExhausted && !hasValidAccess(session)) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n const authenticated = isFullyAuthenticated(session)\n\n if (!authenticated) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n if (funnel) {\n if (funnel.emailVerified === false) {\n return { kind: 'redirect_funnel', step: 'email_verify' }\n }\n if (!funnel.hubId) {\n return { kind: 'redirect_funnel', step: 'hub_select' }\n }\n if (!funnel.portalId) {\n return { kind: 'redirect_funnel', step: 'portal_select' }\n }\n }\n\n return { kind: 'allow' }\n}\n"]}
package/dist/{chunk-6YOL5LPB.js → chunk-YOSZWNJA.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { multiObjectStore } from './chunk-BURJ2NUL.js';
2
- import { actions2, tableStore, tableUiStore, noteStore, emailStore, userStore, syncStore, formStore, fileStore } from './chunk-PFOSN7EB.js';
1
+ import { multiObjectStore } from './chunk-EFX2ISVS.js';
2
+ import { actions2, tableStore, tableUiStore, noteStore, emailStore, userStore, syncStore, formStore, fileStore } from './chunk-4DP7JV7Q.js';
3
3
  import { clearAccessToken, resetSessionAuthState, clearSessionRefreshExhaustedState } from './chunk-B2OVKOJU.js';
4
4
  import { clearClientAuthCookies, clearClientIframeRefreshLocalKeys } from './chunk-YNOZWRK3.js';
5
5
  import { WP_STORAGE_KEYS } from './chunk-BKT4MFQM.js';
@@ -159,5 +159,5 @@ function resetCrossTabSessionSyncForTests() {
159
159
  }
160
160
 
161
161
  export { applyCrossTabSessionRevocation, clearClientSdkSession, installCrossTabSessionListener, resetCrossTabSessionSyncForTests, resetSessionStores, signalSessionChanged };
162
- //# sourceMappingURL=chunk-6YOL5LPB.js.map
163
- //# sourceMappingURL=chunk-6YOL5LPB.js.map
162
+ //# sourceMappingURL=chunk-YOSZWNJA.js.map
163
+ //# sourceMappingURL=chunk-YOSZWNJA.js.map
package/dist/{chunk-6YOL5LPB.js.map → chunk-YOSZWNJA.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/main/core/http/session-teardown.ts","../src/main/core/http/cross-tab-session.ts"],"names":["actions"],"mappings":";;;;;;;AAiBO,SAAS,kBAAA,GAA2B;AACvC,EAAAA,QAAA,CAAa,qBAAA,EAAsB;AACnC,EAAA,UAAA,CAAW,QAAA,CAAS;AAAA,IAChB,WAAA,EAAa,IAAA;AAAA,IACb,yBAAyB,EAAC;AAAA,IAC1B,WAAA,EAAa,IAAA;AAAA,IACb,WAAW,EAAC;AAAA,IACZ,kBAAkB,EAAC;AAAA,IACnB,mBAAA,EAAqB,EAAA;AAAA,IACrB,gBAAA,EAAkB,EAAA;AAAA,IAClB,QAAA,EAAU;AAAA,GACb,CAAA;AACD,EAAA,YAAA,CAAa,QAAA,CAAS;AAAA,IAClB,aAAA,EAAe,IAAA;AAAA,IACf,UAAU,EAAC;AAAA,IACX,IAAA,EAAM,gBAAA;AAAA,IACN,KAAA,EAAO,EAAA;AAAA,IACP,KAAA,EAAO,EAAA;AAAA,IACP,IAAA,EAAM,CAAA;AAAA,IACN,QAAA,EAAU,CAAA;AAAA,IACV,OAAA,EAAS,EAAA;AAAA,IACT,UAAA,EAAY,CAAA;AAAA,IACZ,UAAA,EAAY,CAAA;AAAA,IACZ,WAAA,EAAa,CAAA;AAAA,IACb,MAAA,EAAQ,EAAA;AAAA,IACR,kBAAA,EAAoB,aAAA;AAAA,IACpB,cAAA,EAAgB,IAAA;AAAA,IAChB,WAAA,EAAa,EAAA;AAAA,IACb,gBAAA,EAAkB,IAAA;AAAA,IAClB,IAAA,EAAM,IAAA;AAAA,IACN,gBAAA,EAAkB,EAAA;AAAA,IAClB,YAAY,EAAC;AAAA,IACb,qBAAqB;AAAC,GACzB,CAAA;AACD,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,KAAA,EAAO,EAAC,EAAG,YAAA,EAAc,EAAC,EAAG,EAAA,EAAI,EAAA,EAAI,WAAA,EAAa,IAAA,EAAM,CAAA;AAC7E,EAAA,UAAA,CAAW,QAAA,CAAS,EAAE,MAAA,EAAQ,EAAC,EAAG,aAAA,EAAe,EAAC,EAAG,EAAA,EAAI,EAAA,EAAI,WAAA,EAAa,IAAA,EAAM,CAAA;AAChF,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA;AACpC,EAAA,SAAA,CAAU,QAAA,CAAS;AAAA,IACf,OAAA,EAAS,KAAA;AAAA,IACT,IAAA,EAAM,KAAA;AAAA,IACN,aAAA,EAAe,KAAA;AAAA,IACf,aAAA,EAAe;AAAA,GAClB,CAAA;AACD,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,IAAA,EAAM,IAAA,EAAM,CAAA;AACjC,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,KAAA,EAAO,IAAA,EAAM,IAAI,EAAA,EAAI,WAAA,EAAa,MAAM,CAAA;AAC7D,EAAA,gBAAA,CAAiB,QAAA,CAAS,EAAE,OAAA,EAAS,EAAC,EAAG,kBAAA,EAAoB,EAAC,EAAG,IAAA,EAAM,EAAC,EAAG,CAAA;AAC/E;AAMO,SAAS,qBAAA,GAA8B;AAC1C,EAAA,sBAAA,EAAuB;AACvB,EAAA,iCAAA,EAAkC;AAClC,EAAA,gBAAA,EAAiB;AACjB,EAAA,kBAAA,EAAmB;AACnB,EAAA,qBAAA,EAAsB;AACtB,EAAA,iCAAA,EAAkC;AACtC;;;ACxEA,IAAM,OAAA,GAAU,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,GAAA;AACvC,IAAM,YAAA,GAAe,0BAAA;AAIrB,SAAS,cAAA,GAAuB;AAC5B,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAA,CAAO,aAAa,OAAA,CAAQ,OAAA,EAAS,OAAO,IAAA,CAAK,GAAA,EAAK,CAAC,CAAA;AAAA,EAC3D,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,mBAAA,GAA+C;AACpD,EAAA,IAAI,OAAO,qBAAqB,WAAA,EAAa;AACzC,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI;AACA,IAAA,OAAO,IAAI,iBAAiB,YAAY,CAAA;AAAA,EAC5C,CAAA,CAAA,MAAQ;AACJ,IAAA,OAAO,IAAA;AAAA,EACX;AACJ;AAGO,SAAS,oBAAA,CAAqB,OAAwB,KAAA,EAAa;AACtE,EAAA,cAAA,EAAe;AACf,EAAA,MAAM,UAAU,mBAAA,EAAoB;AACpC,EAAA,IAAI,OAAA,EAAS;AACT,IAAA,MAAM,UAA8B,EAAE,IAAA,EAAM,MAAM,EAAA,EAAI,IAAA,CAAK,KAAI,EAAE;AACjE,IAAA,OAAA,CAAQ,YAAY,OAAO,CAAA;AAC3B,IAAA,OAAA,CAAQ,KAAA,EAAM;AAAA,EAClB;AACJ;AAIA,IAAI,iBAAA,GAAoB,KAAA;AACxB,IAAI,gBAAA,GAA4C,IAAA;AAChD,IAAM,SAAA,uBAAgB,GAAA,EAAyB;AAE/C,SAAS,SAAS,IAAA,EAA6B;AAC3C,EAAA,SAAA,CAAU,OAAA,CAAQ,CAAC,EAAA,KAAO;AACtB,IAAA,IAAI;AACA,MAAA,EAAA,CAAG,IAAI,CAAA;AAAA,IACX,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACJ,CAAC,CAAA;AACL;AAEA,SAAS,0BAA0B,IAAA,EAA6B;AAC5D,EAAA,IAAI,SAAS,KAAA,EAAO;AAChB,IAAA,gBAAA,EAAiB;AAAA,EACrB;AACA,EAAA,QAAA,CAAS,IAAI,CAAA;AACjB;AAMO,SAAS,+BAA+B,QAAA,EAA4C;AACvF,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAC/B,IAAA,OAAO,MAAM,MAAA;AAAA,EACjB;AAEA,EAAA,IAAI,QAAA,EAAU;AACV,IAAA,SAAA,CAAU,IAAI,QAAQ,CAAA;AAAA,EAC1B;AAEA,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACpB,IAAA,iBAAA,GAAoB,IAAA;AAEpB,IAAA,MAAA,CAAO,gBAAA,CAAiB,SAAA,EAAW,CAAC,KAAA,KAAU;AAC1C,MAAA,IAAI,KAAA,CAAM,GAAA,KAAQ,OAAA,IAAW,KAAA,CAAM,YAAY,IAAA,EAAM;AACjD,QAAA;AAAA,MACJ;AACA,MAAA,yBAAA,CAA0B,KAAK,CAAA;AAAA,IACnC,CAAC,CAAA;AAED,IAAA,IAAI;AACA,MAAA,gBAAA,EAAkB,KAAA,EAAM;AACxB,MAAA,gBAAA,GAAmB,IAAI,iBAAiB,YAAY,CAAA;AACpD,MAAA,gBAAA,CAAiB,SAAA,GAAY,CAAC,KAAA,KAA4C;AACtE,QAAA,MAAM,IAAA,GAAO,KAAA,CAAM,IAAA,EAAM,IAAA,KAAS,UAAU,OAAA,GAAU,KAAA;AACtD,QAAA,yBAAA,CAA0B,IAAI,CAAA;AAAA,MAClC,CAAA;AAAA,IACJ,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,MAAA,CAAO,gBAAA,CAAiB,UAAA,EAAY,CAAC,KAAA,KAAU;AAC3C,MAAA,IAAI,MAAM,SAAA,EAAW;AACjB,QAAA,yBAAA,CAA0B,KAAK,CAAA;AAAA,MACnC;AAAA,IACJ,CAAC,CAAA;AAAA,EACL;AAEA,EAAA,OAAO,MAAM;AACT,IAAA,IAAI,QAAA,EAAU;AACV,MAAA,SAAA,CAAU,OAAO,QAAQ,CAAA;AAAA,IAC7B;AAAA,EACJ,CAAA;AACJ;AAGO,SAAS,8BAAA,GAAuC;AACnD,EAAA,qBAAA,EAAsB;AAC1B;AAGO,SAAS,gCAAA,GAAyC;AACrD,EAAA,IAAI;AACA,IAAA,gBAAA,EAAkB,KAAA,EAAM;AAAA,EAC5B,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,gBAAA,GAAmB,IAAA;AACnB,EAAA,iBAAA,GAAoB,KAAA;AACpB,EAAA,SAAA,CAAU,KAAA,EAAM;AACpB","file":"chunk-6YOL5LPB.js","sourcesContent":["import { clearAccessToken, clearSessionRefreshExhaustedState, resetSessionAuthState } from './token-store'\nimport { clearClientAuthCookies } from '../utils/cookie'\nimport { clearClientIframeRefreshLocalKeys } from '../utils/storage-migration'\nimport {\n tableStore,\n tableActions,\n tableUiStore,\n noteStore,\n emailStore,\n userStore,\n syncStore,\n formStore,\n fileStore,\n multiObjectStore\n} from '../../state/index.js'\n\n/** Reset CRM nanostores to empty session state (logout / forced 401). */\nexport function resetSessionStores(): void {\n tableActions.clearTablePrependData()\n tableStore.setState({\n queryParams: null,\n multiObjectsQueryParams: {},\n objectsData: null,\n tableData: [],\n tablePrependData: [],\n hubspotObjectTypeId: '',\n selectedPipeline: '',\n viewType: ''\n })\n tableUiStore.setState({\n tableUniqueId: null,\n gridData: [],\n sort: '-hs_createdate',\n limit: 10,\n after: '',\n page: 1,\n nextPage: 1,\n stageId: '',\n totalItems: 1,\n numOfPages: 1,\n currentPage: 1,\n search: '',\n filterPropertyName: 'hs_pipeline',\n filterOperator: 'eq',\n filterValue: '',\n isPrimaryCompany: null,\n view: null,\n selectedPipeline: '',\n tableParam: {},\n tableDefPermissions: {}\n })\n noteStore.setState({ notes: [], prependNotes: [], id: '', queryParams: null })\n emailStore.setState({ emails: [], prependEmails: [], id: '', queryParams: null })\n userStore.setState({ profile: null })\n syncStore.setState({\n apiSync: false,\n sync: false,\n isSyncLoading: false,\n isSyncDisable: false\n })\n formStore.setState({ form: null })\n fileStore.setState({ files: null, id: '', queryParams: null })\n multiObjectStore.setState({ objects: {}, objectsPrependData: {}, meta: {} })\n}\n\n/**\n * Full client SDK session teardown (cookies, sessionStorage, iframe keys, memory token, CRM stores).\n * Consumer apps should also clear TanStack Query + local UI state after calling this.\n */\nexport function clearClientSdkSession(): void {\n clearClientAuthCookies()\n clearClientIframeRefreshLocalKeys()\n clearAccessToken()\n resetSessionStores()\n resetSessionAuthState()\n clearSessionRefreshExhaustedState()\n}\n","import { WP_STORAGE_KEYS } from '../utils/wp-storage-keys'\nimport { clearClientSdkSession } from './session-teardown'\nimport { clearAccessToken } from './token-store'\n\nconst REV_KEY = WP_STORAGE_KEYS.c.auth.rev\nconst CHANNEL_NAME = 'woodsportal:session-sync'\n\ntype SessionSyncMessage = { type: 'rev' | 'login'; ts: number }\n\nfunction writeRevSignal(): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n window.localStorage.setItem(REV_KEY, String(Date.now()))\n } catch {\n // ignore\n }\n}\n\nfunction getBroadcastChannel(): BroadcastChannel | null {\n if (typeof BroadcastChannel === 'undefined') {\n return null\n }\n try {\n return new BroadcastChannel(CHANNEL_NAME)\n } catch {\n return null\n }\n}\n\n/** Notify other tabs that session ended or restarted. */\nexport function signalSessionChanged(kind: 'rev' | 'login' = 'rev'): void {\n writeRevSignal()\n const channel = getBroadcastChannel()\n if (channel) {\n const message: SessionSyncMessage = { type: kind, ts: Date.now() }\n channel.postMessage(message)\n channel.close()\n }\n}\n\nexport type SessionSyncListener = (kind: 'rev' | 'login') => void\n\nlet listenerInstalled = false\nlet broadcastChannel: BroadcastChannel | null = null\nconst listeners = new Set<SessionSyncListener>()\n\nfunction dispatch(kind: 'rev' | 'login'): void {\n listeners.forEach((fn) => {\n try {\n fn(kind)\n } catch {\n // consumer error\n }\n })\n}\n\nfunction handleRemoteSessionChange(kind: 'rev' | 'login'): void {\n if (kind === 'rev') {\n clearAccessToken()\n }\n dispatch(kind)\n}\n\n/**\n * Listen for logout/login in other tabs (localStorage + BroadcastChannel).\n * Returns unsubscribe function.\n */\nexport function installCrossTabSessionListener(onChange?: SessionSyncListener): () => void {\n if (typeof window === 'undefined') {\n return () => undefined\n }\n\n if (onChange) {\n listeners.add(onChange)\n }\n\n if (!listenerInstalled) {\n listenerInstalled = true\n\n window.addEventListener('storage', (event) => {\n if (event.key !== REV_KEY || event.newValue == null) {\n return\n }\n handleRemoteSessionChange('rev')\n })\n\n try {\n broadcastChannel?.close()\n broadcastChannel = new BroadcastChannel(CHANNEL_NAME)\n broadcastChannel.onmessage = (event: MessageEvent<SessionSyncMessage>) => {\n const kind = event.data?.type === 'login' ? 'login' : 'rev'\n handleRemoteSessionChange(kind)\n }\n } catch {\n // BroadcastChannel unavailable\n }\n\n window.addEventListener('pageshow', (event) => {\n if (event.persisted) {\n handleRemoteSessionChange('rev')\n }\n })\n }\n\n return () => {\n if (onChange) {\n listeners.delete(onChange)\n }\n }\n}\n\n/** Remote tab signalled logout — clear readable session artifacts. */\nexport function applyCrossTabSessionRevocation(): void {\n clearClientSdkSession()\n}\n\n/** Test-only: close BroadcastChannel and allow listener reinstall (prevents open-handle hangs). */\nexport function resetCrossTabSessionSyncForTests(): void {\n try {\n broadcastChannel?.close()\n } catch {\n // ignore\n }\n broadcastChannel = null\n listenerInstalled = false\n listeners.clear()\n}\n"]}
1
+ {"version":3,"sources":["../src/main/core/http/session-teardown.ts","../src/main/core/http/cross-tab-session.ts"],"names":["actions"],"mappings":";;;;;;;AAiBO,SAAS,kBAAA,GAA2B;AACvC,EAAAA,QAAA,CAAa,qBAAA,EAAsB;AACnC,EAAA,UAAA,CAAW,QAAA,CAAS;AAAA,IAChB,WAAA,EAAa,IAAA;AAAA,IACb,yBAAyB,EAAC;AAAA,IAC1B,WAAA,EAAa,IAAA;AAAA,IACb,WAAW,EAAC;AAAA,IACZ,kBAAkB,EAAC;AAAA,IACnB,mBAAA,EAAqB,EAAA;AAAA,IACrB,gBAAA,EAAkB,EAAA;AAAA,IAClB,QAAA,EAAU;AAAA,GACb,CAAA;AACD,EAAA,YAAA,CAAa,QAAA,CAAS;AAAA,IAClB,aAAA,EAAe,IAAA;AAAA,IACf,UAAU,EAAC;AAAA,IACX,IAAA,EAAM,gBAAA;AAAA,IACN,KAAA,EAAO,EAAA;AAAA,IACP,KAAA,EAAO,EAAA;AAAA,IACP,IAAA,EAAM,CAAA;AAAA,IACN,QAAA,EAAU,CAAA;AAAA,IACV,OAAA,EAAS,EAAA;AAAA,IACT,UAAA,EAAY,CAAA;AAAA,IACZ,UAAA,EAAY,CAAA;AAAA,IACZ,WAAA,EAAa,CAAA;AAAA,IACb,MAAA,EAAQ,EAAA;AAAA,IACR,kBAAA,EAAoB,aAAA;AAAA,IACpB,cAAA,EAAgB,IAAA;AAAA,IAChB,WAAA,EAAa,EAAA;AAAA,IACb,gBAAA,EAAkB,IAAA;AAAA,IAClB,IAAA,EAAM,IAAA;AAAA,IACN,gBAAA,EAAkB,EAAA;AAAA,IAClB,YAAY,EAAC;AAAA,IACb,qBAAqB;AAAC,GACzB,CAAA;AACD,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,KAAA,EAAO,EAAC,EAAG,YAAA,EAAc,EAAC,EAAG,EAAA,EAAI,EAAA,EAAI,WAAA,EAAa,IAAA,EAAM,CAAA;AAC7E,EAAA,UAAA,CAAW,QAAA,CAAS,EAAE,MAAA,EAAQ,EAAC,EAAG,aAAA,EAAe,EAAC,EAAG,EAAA,EAAI,EAAA,EAAI,WAAA,EAAa,IAAA,EAAM,CAAA;AAChF,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA;AACpC,EAAA,SAAA,CAAU,QAAA,CAAS;AAAA,IACf,OAAA,EAAS,KAAA;AAAA,IACT,IAAA,EAAM,KAAA;AAAA,IACN,aAAA,EAAe,KAAA;AAAA,IACf,aAAA,EAAe;AAAA,GAClB,CAAA;AACD,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,IAAA,EAAM,IAAA,EAAM,CAAA;AACjC,EAAA,SAAA,CAAU,QAAA,CAAS,EAAE,KAAA,EAAO,IAAA,EAAM,IAAI,EAAA,EAAI,WAAA,EAAa,MAAM,CAAA;AAC7D,EAAA,gBAAA,CAAiB,QAAA,CAAS,EAAE,OAAA,EAAS,EAAC,EAAG,kBAAA,EAAoB,EAAC,EAAG,IAAA,EAAM,EAAC,EAAG,CAAA;AAC/E;AAMO,SAAS,qBAAA,GAA8B;AAC1C,EAAA,sBAAA,EAAuB;AACvB,EAAA,iCAAA,EAAkC;AAClC,EAAA,gBAAA,EAAiB;AACjB,EAAA,kBAAA,EAAmB;AACnB,EAAA,qBAAA,EAAsB;AACtB,EAAA,iCAAA,EAAkC;AACtC;;;ACxEA,IAAM,OAAA,GAAU,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,GAAA;AACvC,IAAM,YAAA,GAAe,0BAAA;AAIrB,SAAS,cAAA,GAAuB;AAC5B,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAA,CAAO,aAAa,OAAA,CAAQ,OAAA,EAAS,OAAO,IAAA,CAAK,GAAA,EAAK,CAAC,CAAA;AAAA,EAC3D,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,mBAAA,GAA+C;AACpD,EAAA,IAAI,OAAO,qBAAqB,WAAA,EAAa;AACzC,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI;AACA,IAAA,OAAO,IAAI,iBAAiB,YAAY,CAAA;AAAA,EAC5C,CAAA,CAAA,MAAQ;AACJ,IAAA,OAAO,IAAA;AAAA,EACX;AACJ;AAGO,SAAS,oBAAA,CAAqB,OAAwB,KAAA,EAAa;AACtE,EAAA,cAAA,EAAe;AACf,EAAA,MAAM,UAAU,mBAAA,EAAoB;AACpC,EAAA,IAAI,OAAA,EAAS;AACT,IAAA,MAAM,UAA8B,EAAE,IAAA,EAAM,MAAM,EAAA,EAAI,IAAA,CAAK,KAAI,EAAE;AACjE,IAAA,OAAA,CAAQ,YAAY,OAAO,CAAA;AAC3B,IAAA,OAAA,CAAQ,KAAA,EAAM;AAAA,EAClB;AACJ;AAIA,IAAI,iBAAA,GAAoB,KAAA;AACxB,IAAI,gBAAA,GAA4C,IAAA;AAChD,IAAM,SAAA,uBAAgB,GAAA,EAAyB;AAE/C,SAAS,SAAS,IAAA,EAA6B;AAC3C,EAAA,SAAA,CAAU,OAAA,CAAQ,CAAC,EAAA,KAAO;AACtB,IAAA,IAAI;AACA,MAAA,EAAA,CAAG,IAAI,CAAA;AAAA,IACX,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACJ,CAAC,CAAA;AACL;AAEA,SAAS,0BAA0B,IAAA,EAA6B;AAC5D,EAAA,IAAI,SAAS,KAAA,EAAO;AAChB,IAAA,gBAAA,EAAiB;AAAA,EACrB;AACA,EAAA,QAAA,CAAS,IAAI,CAAA;AACjB;AAMO,SAAS,+BAA+B,QAAA,EAA4C;AACvF,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAC/B,IAAA,OAAO,MAAM,MAAA;AAAA,EACjB;AAEA,EAAA,IAAI,QAAA,EAAU;AACV,IAAA,SAAA,CAAU,IAAI,QAAQ,CAAA;AAAA,EAC1B;AAEA,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACpB,IAAA,iBAAA,GAAoB,IAAA;AAEpB,IAAA,MAAA,CAAO,gBAAA,CAAiB,SAAA,EAAW,CAAC,KAAA,KAAU;AAC1C,MAAA,IAAI,KAAA,CAAM,GAAA,KAAQ,OAAA,IAAW,KAAA,CAAM,YAAY,IAAA,EAAM;AACjD,QAAA;AAAA,MACJ;AACA,MAAA,yBAAA,CAA0B,KAAK,CAAA;AAAA,IACnC,CAAC,CAAA;AAED,IAAA,IAAI;AACA,MAAA,gBAAA,EAAkB,KAAA,EAAM;AACxB,MAAA,gBAAA,GAAmB,IAAI,iBAAiB,YAAY,CAAA;AACpD,MAAA,gBAAA,CAAiB,SAAA,GAAY,CAAC,KAAA,KAA4C;AACtE,QAAA,MAAM,IAAA,GAAO,KAAA,CAAM,IAAA,EAAM,IAAA,KAAS,UAAU,OAAA,GAAU,KAAA;AACtD,QAAA,yBAAA,CAA0B,IAAI,CAAA;AAAA,MAClC,CAAA;AAAA,IACJ,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,MAAA,CAAO,gBAAA,CAAiB,UAAA,EAAY,CAAC,KAAA,KAAU;AAC3C,MAAA,IAAI,MAAM,SAAA,EAAW;AACjB,QAAA,yBAAA,CAA0B,KAAK,CAAA;AAAA,MACnC;AAAA,IACJ,CAAC,CAAA;AAAA,EACL;AAEA,EAAA,OAAO,MAAM;AACT,IAAA,IAAI,QAAA,EAAU;AACV,MAAA,SAAA,CAAU,OAAO,QAAQ,CAAA;AAAA,IAC7B;AAAA,EACJ,CAAA;AACJ;AAGO,SAAS,8BAAA,GAAuC;AACnD,EAAA,qBAAA,EAAsB;AAC1B;AAGO,SAAS,gCAAA,GAAyC;AACrD,EAAA,IAAI;AACA,IAAA,gBAAA,EAAkB,KAAA,EAAM;AAAA,EAC5B,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,gBAAA,GAAmB,IAAA;AACnB,EAAA,iBAAA,GAAoB,KAAA;AACpB,EAAA,SAAA,CAAU,KAAA,EAAM;AACpB","file":"chunk-YOSZWNJA.js","sourcesContent":["import { clearAccessToken, clearSessionRefreshExhaustedState, resetSessionAuthState } from './token-store'\nimport { clearClientAuthCookies } from '../utils/cookie'\nimport { clearClientIframeRefreshLocalKeys } from '../utils/storage-migration'\nimport {\n tableStore,\n tableActions,\n tableUiStore,\n noteStore,\n emailStore,\n userStore,\n syncStore,\n formStore,\n fileStore,\n multiObjectStore\n} from '../../state/index.js'\n\n/** Reset CRM nanostores to empty session state (logout / forced 401). */\nexport function resetSessionStores(): void {\n tableActions.clearTablePrependData()\n tableStore.setState({\n queryParams: null,\n multiObjectsQueryParams: {},\n objectsData: null,\n tableData: [],\n tablePrependData: [],\n hubspotObjectTypeId: '',\n selectedPipeline: '',\n viewType: ''\n })\n tableUiStore.setState({\n tableUniqueId: null,\n gridData: [],\n sort: '-hs_createdate',\n limit: 10,\n after: '',\n page: 1,\n nextPage: 1,\n stageId: '',\n totalItems: 1,\n numOfPages: 1,\n currentPage: 1,\n search: '',\n filterPropertyName: 'hs_pipeline',\n filterOperator: 'eq',\n filterValue: '',\n isPrimaryCompany: null,\n view: null,\n selectedPipeline: '',\n tableParam: {},\n tableDefPermissions: {}\n })\n noteStore.setState({ notes: [], prependNotes: [], id: '', queryParams: null })\n emailStore.setState({ emails: [], prependEmails: [], id: '', queryParams: null })\n userStore.setState({ profile: null })\n syncStore.setState({\n apiSync: false,\n sync: false,\n isSyncLoading: false,\n isSyncDisable: false\n })\n formStore.setState({ form: null })\n fileStore.setState({ files: null, id: '', queryParams: null })\n multiObjectStore.setState({ objects: {}, objectsPrependData: {}, meta: {} })\n}\n\n/**\n * Full client SDK session teardown (cookies, sessionStorage, iframe keys, memory token, CRM stores).\n * Consumer apps should also clear TanStack Query + local UI state after calling this.\n */\nexport function clearClientSdkSession(): void {\n clearClientAuthCookies()\n clearClientIframeRefreshLocalKeys()\n clearAccessToken()\n resetSessionStores()\n resetSessionAuthState()\n clearSessionRefreshExhaustedState()\n}\n","import { WP_STORAGE_KEYS } from '../utils/wp-storage-keys'\nimport { clearClientSdkSession } from './session-teardown'\nimport { clearAccessToken } from './token-store'\n\nconst REV_KEY = WP_STORAGE_KEYS.c.auth.rev\nconst CHANNEL_NAME = 'woodsportal:session-sync'\n\ntype SessionSyncMessage = { type: 'rev' | 'login'; ts: number }\n\nfunction writeRevSignal(): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n window.localStorage.setItem(REV_KEY, String(Date.now()))\n } catch {\n // ignore\n }\n}\n\nfunction getBroadcastChannel(): BroadcastChannel | null {\n if (typeof BroadcastChannel === 'undefined') {\n return null\n }\n try {\n return new BroadcastChannel(CHANNEL_NAME)\n } catch {\n return null\n }\n}\n\n/** Notify other tabs that session ended or restarted. */\nexport function signalSessionChanged(kind: 'rev' | 'login' = 'rev'): void {\n writeRevSignal()\n const channel = getBroadcastChannel()\n if (channel) {\n const message: SessionSyncMessage = { type: kind, ts: Date.now() }\n channel.postMessage(message)\n channel.close()\n }\n}\n\nexport type SessionSyncListener = (kind: 'rev' | 'login') => void\n\nlet listenerInstalled = false\nlet broadcastChannel: BroadcastChannel | null = null\nconst listeners = new Set<SessionSyncListener>()\n\nfunction dispatch(kind: 'rev' | 'login'): void {\n listeners.forEach((fn) => {\n try {\n fn(kind)\n } catch {\n // consumer error\n }\n })\n}\n\nfunction handleRemoteSessionChange(kind: 'rev' | 'login'): void {\n if (kind === 'rev') {\n clearAccessToken()\n }\n dispatch(kind)\n}\n\n/**\n * Listen for logout/login in other tabs (localStorage + BroadcastChannel).\n * Returns unsubscribe function.\n */\nexport function installCrossTabSessionListener(onChange?: SessionSyncListener): () => void {\n if (typeof window === 'undefined') {\n return () => undefined\n }\n\n if (onChange) {\n listeners.add(onChange)\n }\n\n if (!listenerInstalled) {\n listenerInstalled = true\n\n window.addEventListener('storage', (event) => {\n if (event.key !== REV_KEY || event.newValue == null) {\n return\n }\n handleRemoteSessionChange('rev')\n })\n\n try {\n broadcastChannel?.close()\n broadcastChannel = new BroadcastChannel(CHANNEL_NAME)\n broadcastChannel.onmessage = (event: MessageEvent<SessionSyncMessage>) => {\n const kind = event.data?.type === 'login' ? 'login' : 'rev'\n handleRemoteSessionChange(kind)\n }\n } catch {\n // BroadcastChannel unavailable\n }\n\n window.addEventListener('pageshow', (event) => {\n if (event.persisted) {\n handleRemoteSessionChange('rev')\n }\n })\n }\n\n return () => {\n if (onChange) {\n listeners.delete(onChange)\n }\n }\n}\n\n/** Remote tab signalled logout — clear readable session artifacts. */\nexport function applyCrossTabSessionRevocation(): void {\n clearClientSdkSession()\n}\n\n/** Test-only: close BroadcastChannel and allow listener reinstall (prevents open-handle hangs). */\nexport function resetCrossTabSessionSyncForTests(): void {\n try {\n broadcastChannel?.close()\n } catch {\n // ignore\n }\n broadcastChannel = null\n listenerInstalled = false\n listeners.clear()\n}\n"]}
package/dist/{cross-tab-session-TUFJ6KU7.js → cross-tab-session-HYXWGZSD.js} RENAMED
@@ -1,9 +1,9 @@
1
- export { applyCrossTabSessionRevocation, installCrossTabSessionListener, resetCrossTabSessionSyncForTests, signalSessionChanged } from './chunk-6YOL5LPB.js';
1
+ export { applyCrossTabSessionRevocation, installCrossTabSessionListener, resetCrossTabSessionSyncForTests, signalSessionChanged } from './chunk-YOSZWNJA.js';
2
2
  import './chunk-55MIERLJ.js';
3
- import './chunk-BURJ2NUL.js';
4
- import './chunk-PFOSN7EB.js';
3
+ import './chunk-EFX2ISVS.js';
4
+ import './chunk-4DP7JV7Q.js';
5
5
  import './chunk-B2OVKOJU.js';
6
6
  import './chunk-YNOZWRK3.js';
7
7
  import './chunk-BKT4MFQM.js';
8
- //# sourceMappingURL=cross-tab-session-TUFJ6KU7.js.map
9
- //# sourceMappingURL=cross-tab-session-TUFJ6KU7.js.map
8
+ //# sourceMappingURL=cross-tab-session-HYXWGZSD.js.map
9
+ //# sourceMappingURL=cross-tab-session-HYXWGZSD.js.map
package/dist/{cross-tab-session-TUFJ6KU7.js.map → cross-tab-session-HYXWGZSD.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":[],"names":[],"mappings":"","file":"cross-tab-session-TUFJ6KU7.js"}
1
+ {"version":3,"sources":[],"names":[],"mappings":"","file":"cross-tab-session-HYXWGZSD.js"}
package/dist/entries/auth.js CHANGED
@@ -1,8 +1,8 @@
1
- import { authApi } from '../chunk-HAXXPW65.js';
2
- export { hasAuthenticatedAccess, hasValidAccess, isFullyAuthenticated, isMfaPendingSession, recoverMfaGateOnBoot, resolveAuthRouteAction } from '../chunk-HAXXPW65.js';
1
+ import { authApi } from '../chunk-VKXFR4EZ.js';
2
+ export { hasAuthenticatedAccess, hasValidAccess, isFullyAuthenticated, isMfaPendingSession, recoverMfaGateOnBoot, resolveAuthRouteAction } from '../chunk-VKXFR4EZ.js';
3
3
  export { isOptionalAuthFailureUrl, isSessionProbeUrl, persistAuthError, readPersistedAuthError, resolveAuthErrorAction } from '../chunk-GUYIJ4ZE.js';
4
- export { SERVICE_UNAVAILABLE_MESSAGE, classifyHttpError, getFieldErrors, getFormErrors, getHttpErrorMessage, initializeHttpClient, isServiceUnavailableError, setEditorPreviewMockHandler, startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler } from '../chunk-WNE4LSVH.js';
5
- import '../chunk-PFOSN7EB.js';
4
+ export { SERVICE_UNAVAILABLE_MESSAGE, classifyHttpError, getFieldErrors, getFormErrors, getHttpErrorMessage, initializeHttpClient, isServiceUnavailableError, setEditorPreviewMockHandler, startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler } from '../chunk-V32OMFDK.js';
5
+ import '../chunk-4DP7JV7Q.js';
6
6
  export { setSessionLifecycleListener } from '../chunk-B2OVKOJU.js';
7
7
  export { AuthErrorCode, getUnauthorizedPageCopy, parseApiErrorPayload } from '../chunk-COHBSTHF.js';
8
8
  import '../chunk-YNOZWRK3.js';
package/dist/entries/crm.js CHANGED
@@ -1,8 +1,8 @@
1
- import { crmApi } from '../chunk-FJAOCLB4.js';
1
+ import { crmApi } from '../chunk-BYJ7ZV6J.js';
2
2
  import '../chunk-55MIERLJ.js';
3
- import { navigationApi } from '../chunk-WNE4LSVH.js';
4
- import '../chunk-BURJ2NUL.js';
5
- import { actions8, syncStore, actions5, emailStore, actions4, noteStore, actions6, userStore, actions2, tableStore, tableUiActions, tableUiStore } from '../chunk-PFOSN7EB.js';
3
+ import { navigationApi } from '../chunk-V32OMFDK.js';
4
+ import '../chunk-EFX2ISVS.js';
5
+ import { actions8, syncStore, actions5, emailStore, actions4, noteStore, actions6, userStore, actions2, tableStore, tableUiActions, tableUiStore } from '../chunk-4DP7JV7Q.js';
6
6
  import { storage } from '../chunk-B2OVKOJU.js';
7
7
  import '../chunk-COHBSTHF.js';
8
8
  import '../chunk-YNOZWRK3.js';
package/dist/index.js CHANGED
@@ -1,13 +1,13 @@
1
- export { applyCrossTabSessionRevocation, clearClientSdkSession, installCrossTabSessionListener, resetSessionStores, signalSessionChanged } from './chunk-6YOL5LPB.js';
2
- import { authApi } from './chunk-HAXXPW65.js';
3
- export { hasAuthenticatedAccess, hasValidAccess, isFullyAuthenticated, isMfaPendingSession, recoverMfaGateOnBoot, resolveAuthRouteAction } from './chunk-HAXXPW65.js';
1
+ export { applyCrossTabSessionRevocation, clearClientSdkSession, installCrossTabSessionListener, resetSessionStores, signalSessionChanged } from './chunk-YOSZWNJA.js';
2
+ import { authApi } from './chunk-VKXFR4EZ.js';
3
+ export { hasAuthenticatedAccess, hasValidAccess, isFullyAuthenticated, isMfaPendingSession, recoverMfaGateOnBoot, resolveAuthRouteAction } from './chunk-VKXFR4EZ.js';
4
4
  export { isOptionalAuthFailureUrl, isSessionProbeUrl, persistAuthError, readPersistedAuthError, resolveAuthErrorAction } from './chunk-GUYIJ4ZE.js';
5
- import { crmApi } from './chunk-FJAOCLB4.js';
5
+ import { crmApi } from './chunk-BYJ7ZV6J.js';
6
6
  import './chunk-55MIERLJ.js';
7
- import { navigationApi } from './chunk-WNE4LSVH.js';
8
- export { Client, SERVICE_UNAVAILABLE_MESSAGE, buildCachePurgeRequest, buildCrmListPurgeTarget, buildCrmSinglePurgeTarget, buildEngagementPurgeTarget, buildPortalConfigPurgeTarget, buildUserSessionPurgeTarget, classifyHttpError, createCachePurgeJob, extractEngagementItemIdFromWriteResponse, extractHubspotRecordIdFromWriteResponse, getFieldErrors, getFormErrors, getHttpErrorMessage, initializeHttpClient, isServiceUnavailableError, mergePurgeTargets, purgeCrmCombined, purgeCrmDetailAndListAfterCrmWrite, purgeCrmListCache, purgeCrmListCacheAfterCrmWrite, purgeCrmObjectDataCache, purgeCrmRecordCache, purgeEngagementCaches, purgeEngagementCachesAfterCrmWrite, resolveCrmListPurgeQuery, startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler, toCachePurgeListQuery } from './chunk-WNE4LSVH.js';
9
- import './chunk-BURJ2NUL.js';
10
- import { actions8, syncStore, actions5, emailStore, actions4, noteStore, actions6, userStore, actions2, tableStore, tableUiActions, tableUiStore } from './chunk-PFOSN7EB.js';
7
+ import { navigationApi } from './chunk-V32OMFDK.js';
8
+ export { Client, SERVICE_UNAVAILABLE_MESSAGE, buildCachePurgeRequest, buildCrmListPurgeTarget, buildCrmSinglePurgeTarget, buildEngagementPurgeTarget, buildPortalConfigPurgeTarget, buildUserSessionPurgeTarget, classifyHttpError, createCachePurgeJob, extractEngagementItemIdFromWriteResponse, extractHubspotRecordIdFromWriteResponse, getFieldErrors, getFormErrors, getHttpErrorMessage, initializeHttpClient, isServiceUnavailableError, mergePurgeTargets, purgeCrmCombined, purgeCrmDetailAndListAfterCrmWrite, purgeCrmListCache, purgeCrmListCacheAfterCrmWrite, purgeCrmObjectDataCache, purgeCrmRecordCache, purgeEngagementCaches, purgeEngagementCachesAfterCrmWrite, resolveCrmListPurgeQuery, startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler, toCachePurgeListQuery } from './chunk-V32OMFDK.js';
9
+ import './chunk-EFX2ISVS.js';
10
+ import { actions8, syncStore, actions5, emailStore, actions4, noteStore, actions6, userStore, actions2, tableStore, tableUiActions, tableUiStore } from './chunk-4DP7JV7Q.js';
11
11
  import { storage } from './chunk-B2OVKOJU.js';
12
12
  export { configureLogger, config as hubContext, setConfig as setHubContext, setSessionLifecycleListener } from './chunk-B2OVKOJU.js';
13
13
  export { AuthErrorCode, getUnauthorizedPageCopy, parseApiErrorPayload } from './chunk-COHBSTHF.js';
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "woodsportal-client-sdk",
3
- "version": "4.0.7-dev.1",
3
+ "version": "4.0.7-dev.2",
4
4
  "description": "Official TypeScript/JavaScript SDK for WoodsPortal API - Authentication, user management, pipelines, and more",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",