woodsportal-client-sdk 4.0.7-dev.6 → 4.0.7-dev.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. package/dist/adapters/angular/index.js +6 -6
  2. package/dist/adapters/react/index.js +6 -6
  3. package/dist/adapters/vue/index.js +6 -6
  4. package/dist/auth-interceptor-policy-ACKZEQ6J.js +5 -0
  5. package/dist/{auth-interceptor-policy-GISRLYS5.js.map → auth-interceptor-policy-ACKZEQ6J.js.map} +1 -1
  6. package/dist/{auth-utils-TBV525GT.js → auth-utils-CPO4LG4K.js} +5 -5
  7. package/dist/{auth-utils-TBV525GT.js.map → auth-utils-CPO4LG4K.js.map} +1 -1
  8. package/dist/{chunk-G6DE4XWP.js → chunk-6NM2BFOU.js} +8 -8
  9. package/dist/{chunk-G6DE4XWP.js.map → chunk-6NM2BFOU.js.map} +1 -1
  10. package/dist/{chunk-DO3WO2RP.js → chunk-7J265W43.js} +63 -6
  11. package/dist/chunk-7J265W43.js.map +1 -0
  12. package/dist/{chunk-CN4SBWOW.js → chunk-AIQK6XDI.js} +5 -5
  13. package/dist/{chunk-CN4SBWOW.js.map → chunk-AIQK6XDI.js.map} +1 -1
  14. package/dist/{chunk-CCAQQMPV.js → chunk-BGUHACLT.js} +3 -3
  15. package/dist/{chunk-CCAQQMPV.js.map → chunk-BGUHACLT.js.map} +1 -1
  16. package/dist/{chunk-IBLDCOQU.js → chunk-BKDJOWLW.js} +4 -4
  17. package/dist/{chunk-IBLDCOQU.js.map → chunk-BKDJOWLW.js.map} +1 -1
  18. package/dist/{chunk-7JHBCIR5.js → chunk-EFEBZBMU.js} +4 -3
  19. package/dist/chunk-EFEBZBMU.js.map +1 -0
  20. package/dist/{chunk-2WEYX3MP.js → chunk-TYJO2PSR.js} +4 -4
  21. package/dist/{chunk-2WEYX3MP.js.map → chunk-TYJO2PSR.js.map} +1 -1
  22. package/dist/{chunk-AHRXDJPS.js → chunk-VTAZLB5Y.js} +6 -6
  23. package/dist/{chunk-AHRXDJPS.js.map → chunk-VTAZLB5Y.js.map} +1 -1
  24. package/dist/{chunk-NXGSFLJS.js → chunk-WSUXZOHL.js} +3 -3
  25. package/dist/{chunk-NXGSFLJS.js.map → chunk-WSUXZOHL.js.map} +1 -1
  26. package/dist/{chunk-2MVPOZLC.js → chunk-YZPW5F6U.js} +7 -7
  27. package/dist/{chunk-2MVPOZLC.js.map → chunk-YZPW5F6U.js.map} +1 -1
  28. package/dist/{chunk-AHRT7SME.js → chunk-ZQTCAG6K.js} +3 -3
  29. package/dist/{chunk-AHRT7SME.js.map → chunk-ZQTCAG6K.js.map} +1 -1
  30. package/dist/cross-tab-session-AGJVA2UZ.js +9 -0
  31. package/dist/{cross-tab-session-ORPEUNVO.js.map → cross-tab-session-AGJVA2UZ.js.map} +1 -1
  32. package/dist/entries/auth.js +8 -8
  33. package/dist/entries/crm.js +9 -9
  34. package/dist/index.d.ts +1 -0
  35. package/dist/index.js +15 -15
  36. package/dist/storage-migration-CZTBKXQV.js +4 -0
  37. package/dist/{storage-migration-GGAKD4Q3.js.map → storage-migration-CZTBKXQV.js.map} +1 -1
  38. package/package.json +1 -1
  39. package/dist/auth-interceptor-policy-GISRLYS5.js +0 -5
  40. package/dist/chunk-7JHBCIR5.js.map +0 -1
  41. package/dist/chunk-DO3WO2RP.js.map +0 -1
  42. package/dist/cross-tab-session-ORPEUNVO.js +0 -9
  43. package/dist/refresh-lock-H6P2SXGP.js +0 -72
  44. package/dist/refresh-lock-H6P2SXGP.js.map +0 -1
  45. package/dist/storage-migration-GGAKD4Q3.js +0 -4
package/dist/{chunk-7JHBCIR5.js → chunk-EFEBZBMU.js} RENAMED
@@ -26,7 +26,8 @@ var WP_STORAGE_KEYS = {
26
26
  passkey: "wp.c.login.passkey",
27
27
  done: "wp.c.login.done",
28
28
  outcome: "wp.c.login.outcome",
29
- registerPayload: "wp.c.login.registerPayload"
29
+ registerPayload: "wp.c.login.registerPayload",
30
+ returnPath: "wp.c.login.returnPath"
30
31
  },
31
32
  mfa: {
32
33
  methods: "wp.c.mfa.methods",
@@ -165,5 +166,5 @@ var CLIENT_COOKIE_MIGRATIONS = [
165
166
  ];
166
167
 
167
168
  export { CLIENT_COOKIE_MIGRATIONS, CLIENT_SESSION_STORAGE_MIGRATIONS, LEGACY_CLIENT_AUTH_COOKIES, LEGACY_CLIENT_SESSION_EXACT, WP_STORAGE_KEYS, WP_UI_THEME, wpClientIframeRefreshExpKey, wpClientIframeRefreshKey };
168
- //# sourceMappingURL=chunk-7JHBCIR5.js.map
169
- //# sourceMappingURL=chunk-7JHBCIR5.js.map
169
+ //# sourceMappingURL=chunk-EFEBZBMU.js.map
170
+ //# sourceMappingURL=chunk-EFEBZBMU.js.map
package/dist/chunk-EFEBZBMU.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/main/core/utils/wp-storage-keys.ts"],"names":[],"mappings":";AAKO,IAAM,WAAA,GAAc;AAEpB,IAAM,eAAA,GAAkB;AAAA,EAC3B,CAAA,EAAG;AAAA,IACC,GAAA,EAAK,UAAA;AAAA,IACL,IAAA,EAAM;AAAA,MACF,KAAA,EAAO,iBAAA;AAAA,MACP,OAAA,EAAS,mBAAA;AAAA,MACT,MAAA,EAAQ,kBAAA;AAAA,MACR,GAAA,EAAK,eAAA;AAAA,MACL,OAAA,EAAS,mBAAA;AAAA,MACT,GAAA,EAAK,eAAA;AAAA,MACL,gBAAA,EAAkB,4BAAA;AAAA,MAClB,GAAA,EAAK,eAAA;AAAA,MACL,WAAA,EAAa,uBAAA;AAAA,MACb,cAAA,EAAgB;AAAA,KACpB;AAAA,IACA,EAAA,EAAI;AAAA,MACA,GAAA,EAAK,aAAA;AAAA,MACL,IAAA,EAAM,cAAA;AAAA,MACN,KAAA,EAAO;AAAA,KACX;AAAA,IACA,KAAA,EAAO;AAAA,MACH,KAAA,EAAO,kBAAA;AAAA,MACP,KAAA,EAAO,kBAAA;AAAA,MACP,OAAA,EAAS,oBAAA;AAAA,MACT,IAAA,EAAM,iBAAA;AAAA,MACN,OAAA,EAAS,oBAAA;AAAA,MACT,eAAA,EAAiB,4BAAA;AAAA,MACjB,UAAA,EAAY;AAAA,KAChB;AAAA,IACA,GAAA,EAAK;AAAA,MACD,OAAA,EAAS,kBAAA;AAAA,MACT,OAAA,EAAS,kBAAA;AAAA,MACT,GAAA,EAAK,cAAA;AAAA,MACL,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,mBAAA;AAAA,MACV,UAAA,EAAY,qBAAA;AAAA,MACZ,SAAA,EAAW,oBAAA;AAAA,MACX,QAAA,EAAU,mBAAA;AAAA,MACV,OAAA,EAAS,kBAAA;AAAA,MACT,OAAA,EAAS,kBAAA;AAAA,MACT,YAAA,EAAc,uBAAA;AAAA,MACd,eAAA,EAAiB,0BAAA;AAAA,MACjB,OAAA,EAAS;AAAA,KACb;AAAA,IACA,GAAA,EAAK;AAAA,MACD,EAAA,EAAI;AAAA;AACR,GACJ;AAAA,EACA,CAAA,EAAG;AAAA,IACC,IAAA,EAAM;AAAA,MACF,KAAA,EAAO,iBAAA;AAAA,MACP,OAAA,EAAS,mBAAA;AAAA,MACT,GAAA,EAAK,eAAA;AAAA,MACL,QAAA,EAAU,oBAAA;AAAA,MACV,MAAA,EAAQ,kBAAA;AAAA,MACR,IAAA,EAAM,gBAAA;AAAA,MACN,IAAA,EAAM,gBAAA;AAAA,MACN,GAAA,EAAK,eAAA;AAAA,MACL,MAAA,EAAQ,kBAAA;AAAA,MACR,WAAA,EAAa,uBAAA;AAAA,MACb,GAAA,EAAK;AAAA,KACT;AAAA,IACA,GAAA,EAAK;AAAA,MACD,EAAA,EAAI,aAAA;AAAA,MACJ,IAAA,EAAM,eAAA;AAAA,MACN,GAAA,EAAK;AAAA,KACT;AAAA,IACA,IAAA,EAAM;AAAA,MACF,MAAA,EAAQ,kBAAA;AAAA,MACR,KAAA,EAAO,iBAAA;AAAA,MACP,KAAA,EAAO,iBAAA;AAAA,MACP,OAAA,EAAS;AAAA,KACb;AAAA,IACA,EAAA,EAAI;AAAA,MACA,OAAA,EAAS,iBAAA;AAAA,MACT,YAAA,EAAc;AAAA,KAClB;AAAA,IACA,GAAA,EAAK;AAAA,MACD,OAAA,EAAS,kBAAA;AAAA,MACT,OAAA,EAAS,kBAAA;AAAA,MACT,GAAA,EAAK,cAAA;AAAA,MACL,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,mBAAA;AAAA,MACV,UAAA,EAAY,qBAAA;AAAA,MACZ,SAAA,EAAW,oBAAA;AAAA,MACX,QAAA,EAAU,mBAAA;AAAA,MACV,OAAA,EAAS,kBAAA;AAAA,MACT,OAAA,EAAS,kBAAA;AAAA,MACT,YAAA,EAAc,uBAAA;AAAA,MACd,eAAA,EAAiB,0BAAA;AAAA,MACjB,OAAA,EAAS;AAAA,KACb;AAAA,IACA,GAAA,EAAK;AAAA,MACD,QAAA,EAAU;AAAA,KACd;AAAA,IACA,IAAA,EAAM;AAAA,MACF,MAAA,EAAQ;AAAA;AACZ,GACJ;AAAA,EACA,CAAA,EAAG;AAAA,IACC,GAAA,EAAK,UAAA;AAAA,IACL,GAAA,EAAK;AAAA,MACD,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM;AAAA;AACV;AAER;AAGO,SAAS,yBAAyB,KAAA,EAAgC;AACrE,EAAA,OAAO,GAAG,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,cAAc,GAAG,KAAK,CAAA,CAAA;AAC3D;AAEO,SAAS,4BAA4B,KAAA,EAAgC;AACxE,EAAA,OAAO,CAAA,EAAG,wBAAA,CAAyB,KAAK,CAAC,CAAA,IAAA,CAAA;AAC7C;AAWO,IAAM,0BAAA,GAA6B;AAAA,EACtC,mBAAA;AAAA,EACA,kBAAA;AAAA,EACA,qBAAA;AAAA,EACA,oBAAA;AAAA,EACA,0BAAA;AAAA,EACA,wBAAA;AAAA,EACA,wBAAA;AAAA,EACA,8BAAA;AAAA,EACA,0BAAA;AAAA,EACA,iBAAA;AAAA,EACA,cAAA;AAAA,EACA,cAAA;AAAA,EACA,QAAA;AAAA,EACA;AACJ;AAMO,IAAM,2BAAA,GAA8B,CAAC,WAAA,EAAa,wBAAA,EAA0B,aAAa;AAKzF,IAAM,iCAAA,GAA8E;AAAA,EACvF,CAAC,yBAAA,EAA2B,eAAA,CAAgB,CAAA,CAAE,MAAM,KAAK,CAAA;AAAA,EACzD,CAAC,iCAAA,EAAmC,eAAA,CAAgB,CAAA,CAAE,MAAM,KAAK,CAAA;AAAA,EACjE,CAAC,0CAAA,EAA4C,eAAA,CAAgB,CAAA,CAAE,MAAM,OAAO,CAAA;AAAA,EAC5E,CAAC,wCAAA,EAA0C,eAAA,CAAgB,CAAA,CAAE,MAAM,IAAI,CAAA;AAAA,EACvE,CAAC,WAAA,EAAa,eAAA,CAAgB,CAAA,CAAE,KAAK,GAAG,CAAA;AAAA,EACxC,CAAC,wBAAA,EAA0B,eAAA,CAAgB,CAAA,CAAE,IAAI,EAAE,CAAA;AAAA,EACnD,CAAC,yBAAA,EAA2B,eAAA,CAAgB,CAAA,CAAE,IAAI,OAAO,CAAA;AAAA,EACzD,CAAC,+BAAA,EAAiC,eAAA,CAAgB,CAAA,CAAE,IAAI,OAAO,CAAA;AAAA,EAC/D,CAAC,6BAAA,EAA+B,eAAA,CAAgB,CAAA,CAAE,IAAI,GAAG,CAAA;AAAA,EACzD,CAAC,sCAAA,EAAwC,eAAA,CAAgB,CAAA,CAAE,IAAI,GAAG,CAAA;AAAA,EAClE,CAAC,0BAAA,EAA4B,eAAA,CAAgB,CAAA,CAAE,IAAI,KAAK,CAAA;AAAA,EACxD,CAAC,0BAAA,EAA4B,eAAA,CAAgB,CAAA,CAAE,IAAI,QAAQ,CAAA;AAAA,EAC3D,CAAC,4BAAA,EAA8B,eAAA,CAAgB,CAAA,CAAE,IAAI,UAAU,CAAA;AAAA,EAC/D,CAAC,2BAAA,EAA6B,eAAA,CAAgB,CAAA,CAAE,IAAI,SAAS,CAAA;AAAA,EAC7D,CAAC,uCAAA,EAAyC,eAAA,CAAgB,CAAA,CAAE,IAAI,QAAQ,CAAA;AAAA,EACxE,CAAC,4CAAA,EAA8C,eAAA,CAAgB,CAAA,CAAE,IAAI,OAAO,CAAA;AAAA,EAC5E,CAAC,4CAAA,EAA8C,eAAA,CAAgB,CAAA,CAAE,IAAI,OAAO;AAChF;AAGO,IAAM,wBAAA,GAAqE;AAAA,EAC9E,CAAC,mBAAA,EAAqB,eAAA,CAAgB,CAAA,CAAE,KAAK,KAAK,CAAA;AAAA,EAClD,CAAC,cAAA,EAAgB,eAAA,CAAgB,CAAA,CAAE,KAAK,KAAK,CAAA;AAAA,EAC7C,CAAC,kBAAA,EAAoB,eAAA,CAAgB,CAAA,CAAE,KAAK,KAAK,CAAA;AAAA,EACjD,CAAC,qBAAA,EAAuB,eAAA,CAAgB,CAAA,CAAE,KAAK,OAAO,CAAA;AAAA,EACtD,CAAC,cAAA,EAAgB,eAAA,CAAgB,CAAA,CAAE,KAAK,OAAO,CAAA;AAAA,EAC/C,CAAC,oBAAA,EAAsB,eAAA,CAAgB,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,EACpD,CAAC,QAAA,EAAU,eAAA,CAAgB,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,EACxC,CAAC,0BAAA,EAA4B,eAAA,CAAgB,CAAA,CAAE,KAAK,GAAG,CAAA;AAAA,EACvD,CAAC,kBAAA,EAAoB,eAAA,CAAgB,CAAA,CAAE,KAAK,GAAG,CAAA;AAAA,EAC/C,CAAC,wBAAA,EAA0B,eAAA,CAAgB,CAAA,CAAE,GAAG,GAAG,CAAA;AAAA,EACnD,CAAC,wBAAA,EAA0B,eAAA,CAAgB,CAAA,CAAE,GAAG,IAAI,CAAA;AAAA,EACpD,CAAC,8BAAA,EAAgC,eAAA,CAAgB,CAAA,CAAE,GAAG,KAAK,CAAA;AAAA,EAC3D,CAAC,iBAAA,EAAmB,eAAA,CAAgB,CAAA,CAAE,KAAK,OAAO;AACtD","file":"chunk-EFEBZBMU.js","sourcesContent":["/**\n * Canonical WoodsPortal browser storage key names (`wp.{lane}.{domain}.{name}`).\n * Import from here — do not scatter string literals in app code.\n */\n\nexport const WP_UI_THEME = 'wp.ui.theme'\n\nexport const WP_STORAGE_KEYS = {\n c: {\n hub: 'wp.c.hub',\n auth: {\n login: 'wp.c.auth.login',\n refresh: 'wp.c.auth.refresh',\n portal: 'wp.c.auth.portal',\n sub: 'wp.c.auth.sub',\n emailOk: 'wp.c.auth.emailOk',\n err: 'wp.c.auth.err',\n refreshExhausted: 'wp.c.auth.refreshExhausted',\n rev: 'wp.c.auth.rev',\n refreshLock: 'wp.c.auth.refreshLock',\n iframeRtPrefix: 'wp.c.auth.rt.'\n },\n ui: {\n pag: 'wp.c.ui.pag',\n menu: 'wp.c.ui.menu',\n assoc: 'wp.c.ui.assoc'\n },\n login: {\n email: 'wp.c.login.email',\n force: 'wp.c.login.force',\n passkey: 'wp.c.login.passkey',\n done: 'wp.c.login.done',\n outcome: 'wp.c.login.outcome',\n registerPayload: 'wp.c.login.registerPayload',\n returnPath: 'wp.c.login.returnPath'\n },\n mfa: {\n methods: 'wp.c.mfa.methods',\n default: 'wp.c.mfa.default',\n otp: 'wp.c.mfa.otp',\n scope: 'wp.c.mfa.scope',\n portalId: 'wp.c.mfa.portalId',\n portalName: 'wp.c.mfa.portalName',\n portalUrl: 'wp.c.mfa.portalUrl',\n enrolled: 'wp.c.mfa.enrolled',\n emailOk: 'wp.c.mfa.emailOk',\n phoneOk: 'wp.c.mfa.phoneOk',\n pendingToken: 'wp.c.mfa.pendingToken',\n pendingTokenExp: 'wp.c.mfa.pendingTokenExp',\n otpSend: 'wp.c.mfa.otpSend'\n },\n sso: {\n cb: 'wp.c.sso.cb'\n }\n },\n a: {\n auth: {\n login: 'wp.a.auth.login',\n emailOk: 'wp.a.auth.emailOk',\n mfa: 'wp.a.auth.mfa',\n portalId: 'wp.a.auth.portalId',\n portal: 'wp.a.auth.portal',\n accT: 'wp.a.auth.accT',\n sesT: 'wp.a.auth.sesT',\n err: 'wp.a.auth.err',\n noBoot: 'wp.a.auth.noBoot',\n refreshLock: 'wp.a.auth.refreshLock',\n rev: 'wp.a.auth.rev'\n },\n hub: {\n id: 'wp.a.hub.id',\n acct: 'wp.a.hub.acct',\n cfg: 'wp.a.hub.cfg'\n },\n sync: {\n create: 'wp.a.sync.create',\n state: 'wp.a.sync.state',\n jobId: 'wp.a.sync.jobId',\n jobType: 'wp.a.sync.jobType'\n },\n ui: {\n loading: 'wp.a.ui.loading',\n intTabPrefix: 'wp.a.ui.intTab.'\n },\n mfa: {\n methods: 'wp.a.mfa.methods',\n default: 'wp.a.mfa.default',\n otp: 'wp.a.mfa.otp',\n scope: 'wp.a.mfa.scope',\n portalId: 'wp.a.mfa.portalId',\n portalName: 'wp.a.mfa.portalName',\n portalUrl: 'wp.a.mfa.portalUrl',\n enrolled: 'wp.a.mfa.enrolled',\n emailOk: 'wp.a.mfa.emailOk',\n phoneOk: 'wp.a.mfa.phoneOk',\n pendingToken: 'wp.a.mfa.pendingToken',\n pendingTokenExp: 'wp.a.mfa.pendingTokenExp',\n otpSend: 'wp.a.mfa.otpSend'\n },\n sso: {\n cbPrefix: 'wp.a.sso.cb.'\n },\n bill: {\n result: 'wp.a.bill.result'\n }\n },\n d: {\n log: 'wp.d.log',\n cfg: {\n theme: 'wp.d.cfg.theme',\n side: 'wp.d.cfg.side'\n }\n }\n} as const\n\n/** Dynamic iframe refresh localStorage key for a hub. */\nexport function wpClientIframeRefreshKey(hubId: string | number): string {\n return `${WP_STORAGE_KEYS.c.auth.iframeRtPrefix}${hubId}`\n}\n\nexport function wpClientIframeRefreshExpKey(hubId: string | number): string {\n return `${wpClientIframeRefreshKey(hubId)}.exp`\n}\n\nexport function wpAdminIntegrationTabKey(hubId: string | number, portalId: string | number): string {\n return `${WP_STORAGE_KEYS.a.ui.intTabPrefix}${hubId}.${portalId}`\n}\n\nexport function wpAdminSsoCallbackKey(code: string, state: string): string {\n return `${WP_STORAGE_KEYS.a.sso.cbPrefix}${code}.${state}`\n}\n\n/** Legacy client cookie names cleared during logout (two release cycles). */\nexport const LEGACY_CLIENT_AUTH_COOKIES = [\n 'woodsportal_login',\n 'woodsportal_user',\n 'woodsportal_refresh',\n 'woodsportal_portal',\n 'woodsportal_subscription',\n 'woodsportal_pagination',\n 'woodsportal_route_menu',\n 'woodsportal_association_view',\n 'woodsportal_access_token',\n 'IS_EMAIL_VERIFY',\n 'loginDetails',\n 'refreshToken',\n 'portal',\n 'subscriptionType'\n] as const\n\n/** Legacy client localStorage keys. */\nexport const LEGACY_CLIENT_LOCAL_KEYS = ['hubSpotData', 'theme', 'wp_iframe_rt_'] as const\n\n/** Legacy client sessionStorage key prefixes / exact names. */\nexport const LEGACY_CLIENT_SESSION_EXACT = ['authError', 'sso_callback_processed', 'entredEmail'] as const\n\nexport const LEGACY_CLIENT_SESSION_PREFIXES = ['woodsportal.login.', 'woodsportal.mfa.'] as const\n\n/** Pairs of [legacy, canonical] for exact sessionStorage keys. */\nexport const CLIENT_SESSION_STORAGE_MIGRATIONS: ReadonlyArray<readonly [string, string]> = [\n ['woodsportal.login.email', WP_STORAGE_KEYS.c.login.email],\n ['woodsportal.login.forcePreLogin', WP_STORAGE_KEYS.c.login.force],\n ['woodsportal.login.passkeyPrimaryEnrolled', WP_STORAGE_KEYS.c.login.passkey],\n ['woodsportal.login.preLoginCompletedKey', WP_STORAGE_KEYS.c.login.done],\n ['authError', WP_STORAGE_KEYS.c.auth.err],\n ['sso_callback_processed', WP_STORAGE_KEYS.c.sso.cb],\n ['woodsportal.mfa.methods', WP_STORAGE_KEYS.c.mfa.methods],\n ['woodsportal.mfa.defaultMethod', WP_STORAGE_KEYS.c.mfa.default],\n ['woodsportal.mfa.otpDelivery', WP_STORAGE_KEYS.c.mfa.otp],\n ['woodsportal.mfa.otpDestinationMasked', WP_STORAGE_KEYS.c.mfa.otp],\n ['woodsportal.mfa.scopeKey', WP_STORAGE_KEYS.c.mfa.scope],\n ['woodsportal.mfa.portalId', WP_STORAGE_KEYS.c.mfa.portalId],\n ['woodsportal.mfa.portalName', WP_STORAGE_KEYS.c.mfa.portalName],\n ['woodsportal.mfa.portalUrl', WP_STORAGE_KEYS.c.mfa.portalUrl],\n ['woodsportal.mfa.enrolledForThisPortal', WP_STORAGE_KEYS.c.mfa.enrolled],\n ['woodsportal.mfa.emailVerifiedForThisPortal', WP_STORAGE_KEYS.c.mfa.emailOk],\n ['woodsportal.mfa.phoneVerifiedForThisPortal', WP_STORAGE_KEYS.c.mfa.phoneOk]\n]\n\n/** Cookie migration pairs [legacy, canonical]. */\nexport const CLIENT_COOKIE_MIGRATIONS: ReadonlyArray<readonly [string, string]> = [\n ['woodsportal_login', WP_STORAGE_KEYS.c.auth.login],\n ['loginDetails', WP_STORAGE_KEYS.c.auth.login],\n ['woodsportal_user', WP_STORAGE_KEYS.c.auth.login],\n ['woodsportal_refresh', WP_STORAGE_KEYS.c.auth.refresh],\n ['refreshToken', WP_STORAGE_KEYS.c.auth.refresh],\n ['woodsportal_portal', WP_STORAGE_KEYS.c.auth.portal],\n ['portal', WP_STORAGE_KEYS.c.auth.portal],\n ['woodsportal_subscription', WP_STORAGE_KEYS.c.auth.sub],\n ['subscriptionType', WP_STORAGE_KEYS.c.auth.sub],\n ['woodsportal_pagination', WP_STORAGE_KEYS.c.ui.pag],\n ['woodsportal_route_menu', WP_STORAGE_KEYS.c.ui.menu],\n ['woodsportal_association_view', WP_STORAGE_KEYS.c.ui.assoc],\n ['IS_EMAIL_VERIFY', WP_STORAGE_KEYS.c.auth.emailOk]\n]\n"]}
package/dist/{chunk-2WEYX3MP.js → chunk-TYJO2PSR.js} RENAMED
@@ -1,5 +1,5 @@
1
- import { multiObjectStore, actions } from './chunk-CCAQQMPV.js';
2
- import { fileStore, actions7, uploaderStore, actions3, syncStore, actions8, userStore, actions6, emailStore, actions5, noteStore, actions4, tableUiStore, tableUiActions, tableStore, actions2 } from './chunk-IBLDCOQU.js';
1
+ import { multiObjectStore, actions } from './chunk-BGUHACLT.js';
2
+ import { fileStore, actions7, uploaderStore, actions3, syncStore, actions8, userStore, actions6, emailStore, actions5, noteStore, actions4, tableUiStore, tableUiActions, tableStore, actions2 } from './chunk-BKDJOWLW.js';
3
3
 
4
4
  // src/main/adapters/shared/createAdapterHooks.ts
5
5
  function createAdapterHooks(createComposable) {
@@ -17,5 +17,5 @@ function createAdapterHooks(createComposable) {
17
17
  }
18
18
 
19
19
  export { createAdapterHooks };
20
- //# sourceMappingURL=chunk-2WEYX3MP.js.map
21
- //# sourceMappingURL=chunk-2WEYX3MP.js.map
20
+ //# sourceMappingURL=chunk-TYJO2PSR.js.map
21
+ //# sourceMappingURL=chunk-TYJO2PSR.js.map
package/dist/{chunk-2WEYX3MP.js.map → chunk-TYJO2PSR.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/main/adapters/shared/createAdapterHooks.ts"],"names":["actions"],"mappings":";;;;AAmCO,SAAS,mBAAmB,gBAAA,EAAqC;AACpE,EAAA,OAAO;AAAA,IACH,QAAA,EAAU,gBAAA,CAAkD,UAAA,EAAYA,QAAY,CAAA;AAAA,IACpF,UAAA,EAAY,gBAAA,CAAsD,YAAA,EAAc,cAAc,CAAA;AAAA,IAC9F,qBAAA,EAAuB,gBAAA,CAAiB,gBAAA,EAAkBA,OAAkB,CAAA;AAAA,IAC5E,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW,CAAA;AAAA,IAC/E,QAAA,EAAU,gBAAA,CAAkD,UAAA,EAAYA,QAAY,CAAA;AAAA,IACpF,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW,CAAA;AAAA,IAC/E,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW,CAAA;AAAA,IAC/E,WAAA,EAAa,gBAAA,CAAwD,aAAA,EAAeA,QAAe,CAAA;AAAA,IACnG,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW;AAAA,GACnF;AACJ","file":"chunk-2WEYX3MP.js","sourcesContent":["import type { SubscribableStore } from './bindStoreWithActions'\nimport {\n tableStore,\n tableActions,\n type TableState,\n tableUiStore,\n tableUiActions,\n type TableUiState,\n multiObjectStore,\n multiObjectActions,\n noteStore,\n noteActions,\n type NoteState,\n emailStore,\n emailActions,\n type EmailState,\n userStore,\n userActions,\n type UserState,\n syncStore,\n syncActions,\n type SyncState,\n uploaderStore,\n uploaderActions,\n type UploaderState,\n fileStore,\n fileActions,\n type FileState\n} from './stores'\n\ntype ComposableFactory = <TState extends object, TActions extends object>(\n store: SubscribableStore<TState>,\n actions: TActions\n) => () => TState & TActions\n\nexport function createAdapterHooks(createComposable: ComposableFactory) {\n return {\n useTable: createComposable<TableState, typeof tableActions>(tableStore, tableActions),\n useTableUi: createComposable<TableUiState, typeof tableUiActions>(tableUiStore, tableUiActions),\n useMultiObjectActions: createComposable(multiObjectStore, multiObjectActions),\n useNote: createComposable<NoteState, typeof noteActions>(noteStore, noteActions),\n useEmail: createComposable<EmailState, typeof emailActions>(emailStore, emailActions),\n useUser: createComposable<UserState, typeof userActions>(userStore, userActions),\n useSync: createComposable<SyncState, typeof syncActions>(syncStore, syncActions),\n useUploader: createComposable<UploaderState, typeof uploaderActions>(uploaderStore, uploaderActions),\n useFile: createComposable<FileState, typeof fileActions>(fileStore, fileActions)\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/main/adapters/shared/createAdapterHooks.ts"],"names":["actions"],"mappings":";;;;AAmCO,SAAS,mBAAmB,gBAAA,EAAqC;AACpE,EAAA,OAAO;AAAA,IACH,QAAA,EAAU,gBAAA,CAAkD,UAAA,EAAYA,QAAY,CAAA;AAAA,IACpF,UAAA,EAAY,gBAAA,CAAsD,YAAA,EAAc,cAAc,CAAA;AAAA,IAC9F,qBAAA,EAAuB,gBAAA,CAAiB,gBAAA,EAAkBA,OAAkB,CAAA;AAAA,IAC5E,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW,CAAA;AAAA,IAC/E,QAAA,EAAU,gBAAA,CAAkD,UAAA,EAAYA,QAAY,CAAA;AAAA,IACpF,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW,CAAA;AAAA,IAC/E,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW,CAAA;AAAA,IAC/E,WAAA,EAAa,gBAAA,CAAwD,aAAA,EAAeA,QAAe,CAAA;AAAA,IACnG,OAAA,EAAS,gBAAA,CAAgD,SAAA,EAAWA,QAAW;AAAA,GACnF;AACJ","file":"chunk-TYJO2PSR.js","sourcesContent":["import type { SubscribableStore } from './bindStoreWithActions'\nimport {\n tableStore,\n tableActions,\n type TableState,\n tableUiStore,\n tableUiActions,\n type TableUiState,\n multiObjectStore,\n multiObjectActions,\n noteStore,\n noteActions,\n type NoteState,\n emailStore,\n emailActions,\n type EmailState,\n userStore,\n userActions,\n type UserState,\n syncStore,\n syncActions,\n type SyncState,\n uploaderStore,\n uploaderActions,\n type UploaderState,\n fileStore,\n fileActions,\n type FileState\n} from './stores'\n\ntype ComposableFactory = <TState extends object, TActions extends object>(\n store: SubscribableStore<TState>,\n actions: TActions\n) => () => TState & TActions\n\nexport function createAdapterHooks(createComposable: ComposableFactory) {\n return {\n useTable: createComposable<TableState, typeof tableActions>(tableStore, tableActions),\n useTableUi: createComposable<TableUiState, typeof tableUiActions>(tableUiStore, tableUiActions),\n useMultiObjectActions: createComposable(multiObjectStore, multiObjectActions),\n useNote: createComposable<NoteState, typeof noteActions>(noteStore, noteActions),\n useEmail: createComposable<EmailState, typeof emailActions>(emailStore, emailActions),\n useUser: createComposable<UserState, typeof userActions>(userStore, userActions),\n useSync: createComposable<SyncState, typeof syncActions>(syncStore, syncActions),\n useUploader: createComposable<UploaderState, typeof uploaderActions>(uploaderStore, uploaderActions),\n useFile: createComposable<FileState, typeof fileActions>(fileStore, fileActions)\n }\n}\n"]}
package/dist/{chunk-AHRXDJPS.js → chunk-VTAZLB5Y.js} RENAMED
@@ -1,7 +1,7 @@
1
- import { getAuthRefreshToken, createMutation, Client } from './chunk-G6DE4XWP.js';
2
- import { getParam, actions6 } from './chunk-IBLDCOQU.js';
3
- import { hasRefreshSession, isAccessTokenExpired, hydrateSessionRefreshState, clearSessionRefreshExhaustedState, resetSessionAuthState, isRefreshInFlight, isSessionRefreshExhausted, didLastRefreshFail, hasValidAccessToken, isExpiresAccessToken, isAuthenticateApp, isAuthenticated, clearAccessToken, setAccessToken, getAccessToken, refreshSession, getRefreshToken, clearRefreshToken, storeMfaPendingAccessToken, logger, setPortal, setSubscriptionType, setRefreshToken, setLoggedInDetails, setConfig, clearMfaPendingAccessToken } from './chunk-DO3WO2RP.js';
4
- import { isCookieExpired, clearClientAuthCookies } from './chunk-NXGSFLJS.js';
1
+ import { getAuthRefreshToken, createMutation, Client } from './chunk-6NM2BFOU.js';
2
+ import { getParam, actions6 } from './chunk-BKDJOWLW.js';
3
+ import { hasRefreshSession, isAccessTokenExpired, hydrateSessionRefreshState, clearSessionRefreshExhaustedState, resetSessionAuthState, isRefreshInFlight, isSessionRefreshExhausted, didLastRefreshFail, hasValidAccessToken, isExpiresAccessToken, isAuthenticateApp, isAuthenticated, clearAccessToken, setAccessToken, getAccessToken, refreshSession, getRefreshToken, clearRefreshToken, storeMfaPendingAccessToken, logger, setPortal, setSubscriptionType, setRefreshToken, setLoggedInDetails, setConfig, clearMfaPendingAccessToken } from './chunk-7J265W43.js';
4
+ import { isCookieExpired, clearClientAuthCookies } from './chunk-WSUXZOHL.js';
5
5
 
6
6
  // src/main/core/auth/session-contract.ts
7
7
  function hasValidAccess(input) {
@@ -733,5 +733,5 @@ function resolveAuthRouteAction(input) {
733
733
  }
734
734
 
735
735
  export { authApi, hasAuthenticatedAccess, hasValidAccess, isFullyAuthenticated, isMfaPendingSession, recoverMfaGateOnBoot, resolveAuthRouteAction };
736
- //# sourceMappingURL=chunk-AHRXDJPS.js.map
737
- //# sourceMappingURL=chunk-AHRXDJPS.js.map
736
+ //# sourceMappingURL=chunk-VTAZLB5Y.js.map
737
+ //# sourceMappingURL=chunk-VTAZLB5Y.js.map
package/dist/{chunk-AHRXDJPS.js.map → chunk-VTAZLB5Y.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/main/core/auth/session-contract.ts","../src/main/core/http/session-persistence-error.ts","../src/main/core/http/login-session.ts","../src/main/features/auth/api/authentication.ts","../src/main/features/auth/api/mfa.ts","../src/main/features/auth/api/security.ts","../src/main/features/auth/api/login-bootstrap.ts","../src/main/features/auth/api/sso.ts","../src/main/features/auth/api/users.ts","../src/main/api/nested-auth-api.ts","../src/main/core/auth/bootstrap-contract.ts","../src/main/core/auth/route-guard-contract.ts"],"names":["actions"],"mappings":";;;;;;AAgBO,SAAS,eAAe,KAAA,EAAsC;AACjE,EAAA,OAAO,KAAA,CAAM,cAAA,EAAe,IAAK,CAAC,MAAM,oBAAA,EAAqB;AACjE;AAEO,SAAS,qBAAqB,KAAA,EAAsC;AACvE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,KAAA;AAAA,EACX;AACA,EAAA,IAAI,cAAA,CAAe,KAAK,CAAA,EAAG;AACvB,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,OAAO,MAAM,iBAAA,EAAkB;AACnC;AAEO,SAAS,oBAAoB,KAAA,EAAsC;AACtE,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,YAAA,IAAgB,CAAA;AACzC;AAEO,SAAS,uBAAuB,KAAA,EAAsC;AACzE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,cAAA,EAAgB,CAAA;AAAA,EACzC;AACA,EAAA,OAAO,eAAe,KAAK,CAAA;AAC/B;;;ACtCO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/C,YAAY,OAAA,EAAiB;AACzB,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,yBAAA;AAAA,EAChB;AACJ,CAAA;;;ACCA,SAAS,gBAAgB,QAAA,EAAoC;AACzD,EAAA,OAAQ,QAAA,EAAU,IAAA,IAAQ,QAAA,IAAY,EAAC;AAC3C;AAMA,eAAsB,qBAAqB,QAAA,EAA6B;AACpE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,EAAA,MAAM,eAAA,GAAuB,IAAA,EAAM,eAAA,IAAmB,EAAC;AACvD,EAAA,MAAM,aAAA,GAAqB,eAAA,EAAiB,aAAA,IAAiB,EAAC;AAC9D,EAAA,MAAM,eAAA,GAAuB,eAAe,QAAA,IAAY,IAAA;AACxD,EAAA,MAAM,gBAAA,GAAmB,iBAAiB,gBAAA,IAAoB,OAAA;AAE9D,EAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,EAAA,MAAM,eAAe,SAAA,EAAW,YAAA;AAChC,EAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,EAAA,MAAM,mBAAmB,SAAA,EAAW,gBAAA;AACpC,EAAA,MAAM,aAAa,SAAA,EAAW,gBAAA;AAE9B,EAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,EAAU;AACrC,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,oCAAA,EAAsC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AAChG,IAAA,MAAM,IAAI,wBAAwB,oEAAoE,CAAA;AAAA,EAC1G;AAEA,EAAA,IAAI,CAAC,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACnD,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,qCAAA,EAAuC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AACjG,IAAA,MAAM,IAAI,wBAAwB,qEAAqE,CAAA;AAAA,EAC3G;AAEA,EAAA,SAAA,CAAU,aAAa,CAAA;AACvB,EAAA,mBAAA,CAAoB,gBAAgB,CAAA;AACpC,EAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AACrC,EAAA,MAAM,eAAA,CAAgB,YAAA,EAAc,gBAAA,IAAoB,UAAU,CAAA;AAClE,EAAA,MAAM,mBAAmB,IAAI,CAAA;AAC7B,EAAAA,QAAA,CAAY,UAAA,CAAW,UAAU,IAAA,IAAQ,IAAA,GAAO,WAAW,EAAE,IAAA,EAAM,MAAM,CAAA;AAEzE,EAAA,SAAA,CAAU,eAAe,eAAe,CAAA;AAExC,EAAA,0BAAA,CAA2B,GAAG,CAAA;AAE9B,EAAA,OAAO,QAAA;AACX;AAOA,eAAsB,mBAAmB,QAAA,EAA6B;AAClE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,IAAI,IAAA,EAAM,sBAAsB,IAAA,EAAM;AAClC,IAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,IAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,IAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,IAAA,IAAI,KAAA,EAAO;AACP,MAAA,iBAAA,EAAkB;AAClB,MAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AACrC,MAAA,0BAAA,CAA2B,KAAA,EAAO,WAAW,GAAG,CAAA;AAAA,IACpD;AACA,IAAA,OAAO,QAAA;AAAA,EACX;AACA,EAAA,OAAO,qBAAqB,QAAQ,CAAA;AACxC;;;ACvDO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAQO,SAAS,MAAM,OAAA,EAAmD;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAiB;AAClG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,MAAM,OAAO,CAAA;AAC3D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,KAAA,EAAO,MAAA;AAAA,IACP;AAAA,GACJ;AACJ;AAuBO,SAAS,QAAQ,OAAA,EAAmD;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAsD,OAAO,OAAA,KAAY;AACnG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,QAAQ,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAmD;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwD,OAAO,OAAA,KAAmC;AAC5H,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAQ,CAAA;AACpE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwC,OAAO,OAAA,KAAiB;AAC1F,IAAA,MAAM,kBAAA,GAAyC,WAAW,EAAC;AAC3D,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,kBAAA,EAAoB,KAAA,EAAO,kBAAA,CAAmB,KAAA,GAAQ,KAAA;AAC3D,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,kBAAkB,CAAA;AAChF,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;AAEO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqD,OAAO,OAAA,KAAiB;AACvG,IAAA,MAAM,+BAAA,GAAmE,WAAW,EAAC;AACrF,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,+BAAA,EAAiC,KAAA,EAAO,+BAAA,CAAgC,KAAA,GAAQ,KAAA;AACrF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,yBAAyB,+BAA+B,CAAA;AAC1G,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,wBAAA,EAA0B,MAAA;AAAA,IAC1B;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA0C,OAAO,OAAA,KAAiB;AAC5F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAO,CAAA;AACvE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,eAAe,OAAO,CAAA;AACxE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,OAAO,OAAA,EAAqC;AACxD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,IAAI;AACA,MAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,MAAA,EAAO;AACzD,MAAA,OAAO,QAAA;AAAA,IACX,CAAA,SAAE;AACE,MAAA,gBAAA,EAAiB;AACjB,MAAA,sBAAA,EAAuB;AAAA,IAC3B;AAAA,EACJ,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,MAAA,EAAQ,MAAA;AAAA,IACR;AAAA,GACJ;AACJ;AAEO,SAAS,qBAAqB,OAAA,EAAqC;AACtE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,qBAAqB,OAAO,CAAA;AAC9E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,oBAAA,EAAsB,MAAA;AAAA,IACtB;AAAA,GACJ;AACJ;AAEO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,OAAO,CAAA;AACrE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;AChMO,SAAS,UAAU,OAAA,EAAmD;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA4D,OAAO,OAAA,KAAuC;AACpI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,UAAU,OAAQ,CAAA;AAChE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,SAAA,EAAU;AAClD;AAQO,SAAS,WAAW,OAAA,EAAqC;AAC5D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAgC,MAAA,CAAO,GAAA,CAAI,eAAe,OAAQ,CAAA;AAAA,IACzE;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,UAAA,EAAY,QAAQ,SAAA,EAAU;AACpE;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA8C,MAAA,CAAO,GAAA,CAAI,sBAAsB,OAAQ,CAAA;AAAA,IAC9F;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AASO,SAAS,qBAAqB,OAAA,EAAmD;AACpF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA6C;AAChD,MAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,qBAAqB,OAAQ,CAAA;AAChE,MAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,MAAA,OAAO,QAAA;AAAA,IACX,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,EAAQ,SAAA,EAAU;AAC7D;AAQO,SAAS,aAAa,OAAA,EAAqD;AAC9E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAa,MAAM,MAAA,CAAO,GAAA,CAAI,UAAU,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAA,EAAc,QAAQ,SAAA,EAAU;AACxE;AAQO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,cAAA,CAAe,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACvD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAQ,iBAAA,EAAmB,QAAQ,SAAA,EAAU;AAClF;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA8D,OAAO,OAAA,KAAY;AAC3G,IAAA,MAAM,EAAE,UAAU,GAAG,IAAA,KAAS,OAAA,IAAW,EAAE,OAAO,EAAA,EAAG;AACrD,IAAA,OAAO,MAAA,CAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EACxF,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgE,OAAO,OAAA,KAAY;AAC7G,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,WAAW,EAAE,KAAA,EAAO,EAAA,EAAI,IAAA,EAAM,EAAA,EAAG;AAC/D,IAAA,OAAO,MAAA,CAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EAC1F,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,gBAAgB,OAAA,EAAqC;AACjE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,eAAA,CAAgB,OAAO,CAAA,EAAG,OAAO,CAAA;AAE7I,EAAA,OAAO,EAAE,MAAA,EAAQ,eAAA,EAAiB,MAAA,EAAQ,SAAA,EAAU;AACxD;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAsC,MAAA,CAAO,GAAA,CAAI,iBAAiB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyD,OAAO,OAAA,KAAkD;AAC5I,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,WAAA,CAAY,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EACpD,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,SAAA,EAAU;AACpD;AAOO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,aAAA,CAAc,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACtD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,SAAA,EAAU;AACtD;AAOO,SAAS,sBAAsB,OAAA,EAAwD;AAC1F,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA4D;AAC/D,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,qBAAA,CAAsB,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IAC9D,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AAOO,SAAS,UAAU,OAAA,EAAqC;AAC3D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAuD,OAAO,OAAA,KAAgD;AACxI,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EAC/C,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,MAAA,EAAQ,SAAA,EAAW,QAAQ,SAAA,EAAU;AAClE;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,uBAAuB,OAAA,EAAqC;AACxE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,uBAAuB,OAAQ,CAAA;AAAA,IACrF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,sBAAA,EAAwB,MAAA,EAAQ,SAAA,EAAU;AAC/D;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG,OAAO,CAAA;AAEjJ,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAuE;AAC1E,MAAA,MAAM,EAAE,kBAAA,EAAoB,QAAA,EAAS,GAAI,OAAA;AACzC,MAAA,OAAO,OAAO,GAAA,CAAI,wBAAA,CAAyB,kBAAA,EAAoB,EAAE,UAAU,CAAA;AAAA,IAC/E,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,wBAAA,EAA0B,MAAA,EAAQ,SAAA,EAAU;AACjE;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAyC,MAAA,CAAO,GAAA,CAAI,oBAAoB,OAAQ,CAAA;AAAA,IACvF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AASO,SAAS,mBAAmB,OAAA,EAAmD;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA6D,OAAO,OAAA,KAAwC;AACtI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;;;AC7VO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,iBAAiB,OAAO,CAAA;AAAA,IAC3D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,wBAAA,EAA0B,QAAQ,SAAA,EAAU;AAC3F;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA2C,MAAA,CAAO,QAAA,CAAS,cAAc,OAAQ,CAAA;AAAA,IACxF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,qBAAA,EAAuB,QAAQ,SAAA,EAAU;AACrF;AAQO,SAAS,4BAA4B,OAAA,EAAqC;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,mBAAA,CAAoB,SAAS,YAAY,CAAA;AAAA,IAC5E;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,2BAAA,EAA6B,QAAQ,SAAA,EAAU;AACjG;;;AChFO,SAAS,kBAAkB,OAAA,EAA8E;AAC5G,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAoD;AACpG,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;;;ACVO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,aAAA,EAAc;AACrD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,eAAe,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,YAAY,OAAO,CAAA;AAC1D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;ACzCA,IAAI,iBAAA,GAAyC,IAAA;AAE7C,eAAe,WAAA,GAAc;AACzB,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACpB,IAAA,iBAAA,GAAoB,MAAA,CAAO,IAAA,CAAK,EAAA,EAAG,CAAE,QAAQ,MAAM;AAC/C,MAAA,iBAAA,GAAoB,IAAA;AAAA,IACxB,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,iBAAA;AACX;AAEO,SAAS,GAAG,OAAA,EAAqC;AACpD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,WAAA,EAAY;AACxC,IAAAA,QAAA,CAAY,WAAW,QAAQ,CAAA;AAC/B,IAAA,OAAO,QAAA,EAAU,IAAA;AAAA,EACrB,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,EAAA,EAAI,MAAA;AAAA,IACJ;AAAA,GACJ;AACJ;AAEO,SAAS,QAAQ,OAAA,EAAqC;AACzD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,OAAO,CAAA;AACvD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,cAAc,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAKO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,eAAe,OAAO,CAAA;AAC9D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;;;ACMO,IAAM,OAAA,GAAU;AAAA,EACnB,QAAA;AAAA,EACA,KAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EACA,QAAA;AAAA,EACA,WAAA;AAAA,EACA,oBAAA;AAAA,EACA,cAAA;AAAA,EACA,aAAA;AAAA,EACA,wBAAA;AAAA,EACA,iBAAA;AAAA,EACA,WAAA;AAAA,EACA,cAAA;AAAA,EACA,EAAA;AAAA,EACA,OAAA;AAAA,EACA,aAAA,EAAe,aAAA;AAAA,EACf,GAAA,EAAK;AAAA,IACD,SAAA;AAAA,IACA,OAAA,EAAS,UAAA;AAAA,IACT,qBAAA;AAAA,IACA,oBAAA;AAAA,IACA,SAAA,EAAW,YAAA;AAAA,IACX,cAAA,EAAgB,iBAAA;AAAA,IAChB,gBAAA;AAAA,IACA,kBAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,WAAA;AAAA,IACA,aAAA;AAAA,IACA,qBAAA;AAAA,IACA,MAAA,EAAQ,SAAA;AAAA,IACR,SAAA;AAAA,IACA,uBAAA;AAAA,IACA,sBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,uBAAA;AAAA,IACA,wBAAA;AAAA,IACA,mBAAA;AAAA,IACA;AAAA,GACJ;AAAA,EACA,QAAA,EAAU;AAAA,IACN,WAAA,EAAa,mBAAA;AAAA,IACb,gBAAA,EAAkB,wBAAA;AAAA,IAClB,WAAA,EAAa,mBAAA;AAAA,IACb,aAAA,EAAe,qBAAA;AAAA,IACf,mBAAA,EAAqB;AAAA,GACzB;AAAA,EACA,cAAA,EAAgB,iBAAA;AAAA,EAChB,GAAA,EAAK;AAAA,IACD,UAAA,EAAY,aAAA;AAAA,IACZ,WAAA,EAAa,cAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACd;AAAA,EACA,OAAA,EAAS;AAAA,IACL,eAAA;AAAA,IACA,cAAA;AAAA,IACA,kBAAA,EAAoB,mBAAA;AAAA,IACpB,cAAA;AAAA,IACA,cAAA;AAAA,IACA,gBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,oBAAA;AAAA,IACA,oBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,yBAAA;AAAA,IACA,iBAAA;AAAA,IACA,qBAAA;AAAA,IACA,iCAAA;AAAA,IACA,0BAAA;AAAA,IACA,UAAU,OAA6B;AAAA,MACnC,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACJ,CAAA;AAAA,IACA,oBAAA,EAAsB,MAClB,oBAAA,CAA6B;AAAA,MACzB,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,sBAAA,EAAwB,MACpB,sBAAA,CAA+B;AAAA,MAC3B,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,cAAA,EAAgB,MACZ,cAAA,CAAe;AAAA,MACX,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH;AAAA;AAEb;;;ACjKA,eAAsB,qBAAqB,KAAA,EAA6D;AACpG,EAAA,MAAM,UAAA,GAAa,MAAM,aAAA,EAAc;AACvC,EAAA,IAAI,QAAA,GAAW,MAAM,cAAA,EAAe;AACpC,EAAA,MAAM,UAAA,GAAa,MAAM,eAAA,EAAgB;AAEzC,EAAA,IAAI,cAAc,QAAA,EAAU;AACxB,IAAA,OAAO,SAAA;AAAA,EACX;AAEA,EAAA,IAAI,UAAA,IAAc,CAAC,QAAA,EAAU;AACzB,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,wBAAA,IAA2B;AACxD,IAAA,QAAA,GAAW,MAAM,cAAA,EAAe;AAChC,IAAA,IAAI,YAAY,QAAA,EAAU;AACtB,MAAA,OAAO,SAAA;AAAA,IACX;AACA,IAAA,KAAA,CAAM,cAAA,EAAe;AACrB,IAAA,OAAO,gBAAA;AAAA,EACX;AAEA,EAAA,IAAI,QAAA,IAAY,CAAC,UAAA,IAAc,CAAC,UAAA,EAAY;AACxC,IAAA,KAAA,CAAM,qBAAA,EAAsB;AAC5B,IAAA,OAAO,qBAAA;AAAA,EACX;AAEA,EAAA,OAAO,MAAA;AACX;;;ACbO,SAAS,uBAAuB,KAAA,EAAqD;AACxF,EAAA,MAAM;AAAA,IACF,QAAA;AAAA,IACA,iBAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,WAAA,GAAc,KAAA;AAAA,IACd,gBAAA,GAAmB,KAAA;AAAA,IACnB,uBAAA,GAA0B;AAAA,GAC9B,GAAI,KAAA;AAEJ,EAAA,IAAI,WAAA,EAAa;AACb,IAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,EAC3B;AAEA,EAAA,IAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG;AAC9B,IAAA,IAAI,aAAa,QAAA,EAAU;AACvB,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,cAAA,EAAe;AAAA,EAClC;AAEA,EAAA,IAAI,gBAAA,IAAoB,CAAC,uBAAA,EAAyB;AAC9C,IAAA,OAAO,EAAE,MAAM,aAAA,EAAc;AAAA,EACjC;AAEA,EAAA,IAAI,uBAAA,IAA2B,CAAC,cAAA,CAAe,OAAO,CAAA,EAAG;AACrD,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,MAAM,aAAA,GAAgB,qBAAqB,OAAO,CAAA;AAElD,EAAA,IAAI,CAAC,aAAA,EAAe;AAChB,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,IAAI,MAAA,EAAQ;AACR,IAAA,IAAI,MAAA,CAAO,kBAAkB,KAAA,EAAO;AAChC,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,cAAA,EAAe;AAAA,IAC3D;AACA,IAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACf,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,YAAA,EAAa;AAAA,IACzD;AACA,IAAA,IAAI,CAAC,OAAO,QAAA,EAAU;AAClB,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,eAAA,EAAgB;AAAA,IAC5D;AAAA,EACJ;AAEA,EAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAC3B","file":"chunk-AHRXDJPS.js","sourcesContent":["/**\n * Shared session predicates for client and admin portals.\n * Apps supply lane-specific refresh hints (cookie name / timing cookie).\n */\n\nexport type SessionContractInput = {\n /** In-memory access JWT present. */\n hasAccessToken: () => boolean\n /** Access JWT expired or within proactive refresh buffer. */\n isAccessTokenExpired: () => boolean\n /** Refresh session still valid (cookie / timing hint). */\n hasRefreshSession: () => boolean\n /** MFA gate: temp JWT + pending context. */\n isMfaPending?: () => boolean\n}\n\nexport function hasValidAccess(input: SessionContractInput): boolean {\n return input.hasAccessToken() && !input.isAccessTokenExpired()\n}\n\nexport function isFullyAuthenticated(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return false\n }\n if (hasValidAccess(input)) {\n return true\n }\n return input.hasRefreshSession()\n}\n\nexport function isMfaPendingSession(input: SessionContractInput): boolean {\n return Boolean(input.isMfaPending?.())\n}\n\nexport function hasAuthenticatedAccess(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return Boolean(input.hasAccessToken())\n }\n return hasValidAccess(input)\n}\n","/** Thrown when a full login response cannot be persisted (e.g. missing refresh token). */\nexport class SessionPersistenceError extends Error {\n constructor(message: string) {\n super(message)\n this.name = 'SessionPersistenceError'\n }\n}\n","import { setPortal, setSubscriptionType, setAccessToken, setRefreshToken, setLoggedInDetails, clearRefreshToken } from './auth-utils'\nimport { setConfig } from '../utils/hub-context'\nimport { actions as userActions } from '../../state/crm/use-user'\nimport { SessionPersistenceError } from './session-persistence-error'\nimport { logger } from '../logging/logger'\nimport { clearMfaPendingAccessToken, storeMfaPendingAccessToken } from '../auth/mfa-pending-token-storage.js'\n\nfunction unwrapLoginBody(response: any): Record<string, any> {\n return (response?.data ?? response ?? {}) as Record<string, any>\n}\n\n/**\n * Persists a full authenticated session (access + refresh tokens, portal, login details).\n * Use after successful login or MFA verify when `twoFactorRequired` is false.\n */\nexport async function completeLoginSession(response: any): Promise<any> {\n const body = unwrapLoginBody(response)\n const tokenData: any = body?.tokenData || {}\n const loggedInDetails: any = body?.loggedInDetails || {}\n const currentPortal: any = loggedInDetails?.currentPortal || {}\n const currentPortalId: any = currentPortal?.portalId || null\n const subscriptionType = loggedInDetails?.subscriptionType || 'BASIC'\n\n const token = tokenData?.token\n const refreshToken = tokenData?.refreshToken\n const expiresIn = tokenData?.expiresIn\n const refreshExpiresAt = tokenData?.refreshExpiresAt\n const rExpiresIn = tokenData?.refreshExpiresIn\n\n if (!token || typeof token !== 'string') {\n logger.error('auth', 'login session missing access token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing access token in login response')\n }\n\n if (!refreshToken || typeof refreshToken !== 'string') {\n logger.error('auth', 'login session missing refresh token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing refresh token in login response')\n }\n\n setPortal(currentPortal)\n setSubscriptionType(subscriptionType)\n await setAccessToken(token, expiresIn)\n await setRefreshToken(refreshToken, refreshExpiresAt ?? rExpiresIn)\n await setLoggedInDetails(body)\n userActions.setProfile(response?.data != null ? response : { data: body })\n\n setConfig.setDevPortalId(currentPortalId)\n\n clearMfaPendingAccessToken('c')\n\n return response\n}\n\n/**\n * Applies login/MFA-step response token rules:\n * - MFA pending: temp access JWT only (no refresh until verify completes)\n * - Full session: {@link completeLoginSession}\n */\nexport async function applyLoginResponse(response: any): Promise<any> {\n const data = unwrapLoginBody(response)\n if (data?.twoFactorRequired === true) {\n const tokenData: any = data?.tokenData || {}\n const token = tokenData?.token\n const expiresIn = tokenData?.expiresIn\n if (token) {\n clearRefreshToken()\n await setAccessToken(token, expiresIn)\n storeMfaPendingAccessToken(token, expiresIn, 'c')\n }\n return response\n }\n return completeLoginSession(response)\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type {\n LoginPayload,\n LoginResponseData,\n MutationOptions,\n PreLoginPayload,\n ForgetPasswordPayload,\n VerifyEmailPayload,\n ResetPasswordVerifyTokenPayload,\n ResetPasswordPayload\n} from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport { getParam } from '../../../core/utils/param'\nimport { clearClientAuthCookies } from '../../../core/utils/cookie'\nimport { clearAccessToken } from '../../../core/http/token-store'\n\nexport function preLogin(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.preLogin(payload)\n return response\n }, options)\n\n return {\n mutate,\n preLogin: mutate,\n isLoading\n }\n}\n\n/**\n * Password login for the client portal.\n *\n * **API:** `POST /api/auth/login?hubId={hubId}`\n * **Session:** When `twoFactorRequired` is true, stores only the temp access JWT (no refresh until MFA completes).\n */\nexport function login(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<LoginPayload, LoginResponseData>(async (payload: any) => {\n const response = (await Client.authentication.login(payload)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n login: mutate,\n isLoading\n }\n}\n\nexport interface ClientSessionPayload {\n accessToken: string\n refreshToken?: string\n}\n\n/**\n * Exchange a management/deep-link token for a portal client session.\n *\n * **API:** `POST /api/auth/client-session`\n * **Auth:** Bearer access token header; optional refresh token in body.\n */\nexport interface AuthHandoffPayload {\n code: string\n hubId: number\n}\n\n/**\n * Redeem a one-time admin portal handoff code for a full client session.\n *\n * **API:** `POST /api/auth/handoff?hubId={hubId}`\n */\nexport function handoff(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<AuthHandoffPayload, LoginResponseData>(async (payload) => {\n const response = (await Client.authentication.handoff(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n handoff: mutate,\n isLoading\n }\n}\n\nexport function clientSession(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<ClientSessionPayload, LoginResponseData>(async (payload?: ClientSessionPayload) => {\n const response = (await Client.authentication.clientSession(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n clientSession: mutate,\n isLoading\n }\n}\n\nexport function register(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.register(payload)\n return response\n }, options)\n\n return {\n mutate,\n register: mutate,\n isLoading\n }\n}\n\nexport function verifyEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<VerifyEmailPayload, any>(async (payload: any) => {\n const verifyEmailPayload: VerifyEmailPayload = payload || {}\n const token: any = getParam('token')\n if (!verifyEmailPayload?.token) verifyEmailPayload.token = token\n const response: any = await Client.authentication.verifyEmail(verifyEmailPayload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmail: mutate,\n isLoading\n }\n}\n\nexport function resetPasswordVerifyToken(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordVerifyTokenPayload, any>(async (payload: any) => {\n const resetPasswordVerifyTokenPayload: ResetPasswordVerifyTokenPayload = payload || {}\n const token: any = getParam('token')\n if (!resetPasswordVerifyTokenPayload?.token) resetPasswordVerifyTokenPayload.token = token\n const response: any = await Client.authentication.resetPasswordVerifyToken(resetPasswordVerifyTokenPayload)\n return response\n }, options)\n\n return {\n mutate,\n resetPasswordVerifyToken: mutate,\n isLoading\n }\n}\n\nexport function resetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.resetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n resetPassword: mutate,\n isLoading\n }\n}\n\nexport function forgetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ForgetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.forgetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n forgetPassword: mutate,\n isLoading\n }\n}\n\nexport function logout(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n try {\n const response: any = await Client.authentication.logout()\n return response\n } finally {\n clearAccessToken()\n clearClientAuthCookies()\n }\n }, options)\n\n return {\n mutate,\n logout: mutate,\n isLoading\n }\n}\n\nexport function registerExistingUser(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.registerExistingUser(payload)\n return response\n }, options)\n\n return {\n mutate,\n registerExistingUser: mutate,\n isLoading\n }\n}\n\nexport function verifyEmailResend(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.verifyEmailResend(payload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmailResend: mutate,\n isLoading\n }\n}\n\nexport function resendEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.resendEmail(payload)\n return response\n }, options)\n\n return {\n mutate,\n resendEmail: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport type {\n LoginResponseData,\n MfaEnrollmentStatus,\n MfaOtpSendRequest,\n MfaPendingPasskeyOptionsRequest,\n MfaPendingPasskeyVerifyRequest,\n MfaPreferenceRequest,\n MfaStatusQuery,\n MutationOptions,\n PasskeyLoginOptionsRequest,\n PasskeyLoginVerifyRequest,\n PhoneVerifyConfirmRequest,\n PhoneVerifyStartRequest,\n BackupCodesRegenerateRequest,\n MfaBackupCodesResponse,\n MfaOptOutRequest,\n PhoneUnverifyRequest,\n TotpDisableRequest,\n TotpEnrollVerifyRequest,\n TwoFaVerificationRequest,\n WebAuthnVerifyRequest\n} from '../../../core/types'\n\n/**\n * Complete the MFA login step after `api.login()` returned `twoFactorRequired: true`.\n *\n * **API:** `POST /api/auth/verify-otp?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, otp, method }` (`EMAIL_OTP` | `SMS_OTP` | `TOTP` | `BACKUP_CODE`).\n * **Session:** On success persists full access + refresh tokens (skips when still MFA-pending).\n */\nexport function verifyOtp(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<TwoFaVerificationRequest, LoginResponseData>(async (payload?: TwoFaVerificationRequest) => {\n const response = (await Client.authentication.verifyOtp(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, verifyOtp: mutate, isLoading }\n}\n\n/**\n * Resend OTP or switch to email/SMS on the MFA login gate.\n *\n * **API:** `POST /api/auth/mfa/pending/otp/send`\n * **Auth:** Bearer temp JWT; body `{ token, method }`.\n */\nexport function sendMfaOtp(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOtpSendRequest, any>(\n async (payload?: MfaOtpSendRequest) => Client.mfa.sendPendingOtp(payload!),\n options\n )\n\n return { mutate, sendOtp: mutate, sendMfaOtp: mutate, isLoading }\n}\n\n/**\n * Start WebAuthn ceremony for passkey as second factor during login.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/options`\n * **Auth:** Bearer temp JWT; body `{ token, portalId? }`.\n */\nexport function pendingPasskeyOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyOptionsRequest, any>(\n async (payload?: MfaPendingPasskeyOptionsRequest) => Client.mfa.pendingPasskeyOptions(payload!),\n options\n )\n\n return { mutate, pendingPasskeyOptions: mutate, isLoading }\n}\n\n/**\n * Finish passkey MFA-step and complete login when successful.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/verify?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, challengeId, credential, portalId? }`.\n * **Session:** On success persists full access + refresh tokens.\n */\nexport function pendingPasskeyVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyVerifyRequest, LoginResponseData>(\n async (payload?: MfaPendingPasskeyVerifyRequest) => {\n const response = (await Client.mfa.pendingPasskeyVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n },\n options\n )\n\n return { mutate, pendingPasskeyVerify: mutate, isLoading }\n}\n\n/**\n * MFA enrollment and policy snapshot for the security settings UI.\n *\n * **API:** `GET /api/auth/mfa/status?portalId={portalId}`\n * **Auth:** Bearer access JWT (full session).\n */\nexport function getMfaStatus(options?: MutationOptions<MfaEnrollmentStatus, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, MfaEnrollmentStatus>(\n async (payload) => (await Client.mfa.getStatus(payload)) as MfaEnrollmentStatus,\n options\n )\n\n return { mutate, getStatus: mutate, getMfaStatus: mutate, isLoading }\n}\n\n/**\n * Set the user's default MFA method for this hub/portal scope.\n *\n * **API:** `PUT /api/auth/mfa/preferences?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ defaultMethod }`.\n */\nexport function setMfaPreferences(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPreferenceRequest & MfaStatusQuery, any>(\n async (payload?: MfaPreferenceRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.setPreferences(data, { portalId })\n },\n options\n )\n\n return { mutate, setPreferences: mutate, setMfaPreferences: mutate, isLoading }\n}\n\n/**\n * Send OTP to verify the user's phone number (enables SMS OTP at login).\n *\n * **API:** `POST /api/auth/mfa/phone/verify/start?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone }` (E.164, e.g. `+14155552671`).\n */\nexport function startPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyStartRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '' }\n return Client.mfa.startPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, startPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Confirm phone verification with the OTP code.\n *\n * **API:** `POST /api/auth/mfa/phone/verify/confirm?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone, code }`.\n */\nexport function confirmPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyConfirmRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '', code: '' }\n return Client.mfa.confirmPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, confirmPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Start TOTP authenticator enrollment for the current portal scope.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/start?portalId={portalId}`\n * **Auth:** Bearer access JWT. Returns `secret`, `otpauthUri`, `scopeKey`.\n */\nexport function totpEnrollStart(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.totpEnrollStart(payload), options)\n\n return { mutate, totpEnrollStart: mutate, isLoading }\n}\n\n/**\n * Confirm TOTP enrollment and receive one-time backup codes.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ code, portalId? }`.\n */\nexport function totpEnrollVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpEnrollVerifyRequest, any>(\n async (payload?: TotpEnrollVerifyRequest) => Client.mfa.totpEnrollVerify(payload!),\n options\n )\n\n return { mutate, totpEnrollVerify: mutate, isLoading }\n}\n\n/**\n * Disable TOTP for the current scope (requires current password).\n *\n * **API:** `POST /api/auth/mfa/totp/disable`\n * **Auth:** Bearer access JWT; body `{ password }`.\n */\nexport function totpDisable(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpDisableRequest & MfaStatusQuery, any>(async (payload?: TotpDisableRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.totpDisable(data, { portalId })\n }, options)\n\n return { mutate, totpDisable: mutate, isLoading }\n}\n\n/**\n * Remove SMS MFA by clearing phone verification for the current scope.\n *\n * **API:** `POST /api/auth/mfa/phone/unverify?portalId={portalId}`\n */\nexport function phoneUnverify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneUnverifyRequest & MfaStatusQuery, any>(\n async (payload?: PhoneUnverifyRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.phoneUnverify(data, { portalId })\n },\n options\n )\n\n return { mutate, phoneUnverify: mutate, isLoading }\n}\n\n/**\n * Regenerate backup codes (password + TOTP step-up). Plaintext codes returned once.\n *\n * **API:** `POST /api/auth/mfa/backup-codes/regenerate?portalId={portalId}`\n */\nexport function backupCodesRegenerate(options?: MutationOptions<MfaBackupCodesResponse, any>) {\n const { mutate, isLoading } = createMutation<BackupCodesRegenerateRequest & MfaStatusQuery, MfaBackupCodesResponse>(\n async (payload?: BackupCodesRegenerateRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.backupCodesRegenerate(data, { portalId })\n },\n options\n )\n\n return { mutate, backupCodesRegenerate: mutate, isLoading }\n}\n\n/**\n * Turn off all voluntary MFA enrollments when policy allows.\n *\n * **API:** `POST /api/auth/mfa/opt-out?portalId={portalId}`\n */\nexport function mfaOptOut(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOptOutRequest & MfaStatusQuery, any>(async (payload?: MfaOptOutRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.optOut(data, { portalId })\n }, options)\n\n return { mutate, optOut: mutate, mfaOptOut: mutate, isLoading }\n}\n\n/**\n * Start passkey (WebAuthn) registration ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnRegisterOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.webauthnRegisterOptions(payload),\n options\n )\n\n return { mutate, webauthnRegisterOptions: mutate, isLoading }\n}\n\n/**\n * Complete passkey registration after `@simplewebauthn/browser` ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, nickname?, portalId? }`.\n */\nexport function webauthnRegisterVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnRegisterVerify(payload!),\n options\n )\n\n return { mutate, webauthnRegisterVerify: mutate, isLoading }\n}\n\n/**\n * Start passkey authentication ceremony while logged in (re-verify).\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnAuthOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.webauthnAuthOptions(payload), options)\n\n return { mutate, webauthnAuthOptions: mutate, isLoading }\n}\n\n/**\n * Complete logged-in passkey re-verification.\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, portalId? }`.\n */\nexport function webauthnAuthVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnAuthVerify(payload!),\n options\n )\n\n return { mutate, webauthnAuthVerify: mutate, isLoading }\n}\n\n/**\n * List passkeys registered for the portal scope.\n *\n * **API:** `GET /api/auth/mfa/webauthn/credentials?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function listWebauthnCredentials(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.listWebauthnCredentials(payload),\n options\n )\n\n return { mutate, listWebauthnCredentials: mutate, isLoading }\n}\n\n/**\n * Remove a registered passkey.\n *\n * **API:** `DELETE /api/auth/mfa/webauthn/credentials/{credentialRecordId}?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function deleteWebauthnCredential(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ credentialRecordId: string | number } & MfaStatusQuery, any>(\n async (payload?: { credentialRecordId: string | number } & MfaStatusQuery) => {\n const { credentialRecordId, portalId } = payload!\n return Client.mfa.deleteWebauthnCredential(credentialRecordId, { portalId })\n },\n options\n )\n\n return { mutate, deleteWebauthnCredential: mutate, isLoading }\n}\n\n/**\n * Start passwordless passkey login (when `PASSKEY_PRIMARY` is allowed).\n *\n * **API:** `POST /api/auth/passkey/login/options?hubId={hubId}`\n * **Auth:** Public; body `{ email, hubId?, portalId? }`.\n */\nexport function passkeyLoginOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginOptionsRequest, any>(\n async (payload?: PasskeyLoginOptionsRequest) => Client.mfa.passkeyLoginOptions(payload!),\n options\n )\n\n return { mutate, passkeyLoginOptions: mutate, isLoading }\n}\n\n/**\n * Finish passwordless passkey login; may return `twoFactorRequired` if policy requires MFA.\n *\n * **API:** `POST /api/auth/passkey/login/verify?hubId={hubId}`\n * **Auth:** Public; body `{ challengeId, credential, portalId? }`.\n * **Session:** Applies MFA-aware token rules via {@link applyLoginResponse}.\n */\nexport function passkeyLoginVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginVerifyRequest, LoginResponseData>(async (payload?: PasskeyLoginVerifyRequest) => {\n const response = (await Client.mfa.passkeyLoginVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, passkeyLoginVerify: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport type {\n MutationOptions,\n RevokeSecuritySessionPayload,\n SecurityLoginActivityQuery,\n SecurityOverviewQuery,\n SecuritySessionsQuery\n} from '../../../core/types'\n\n/**\n * Security settings overview (password age, MFA methods, policy flags).\n * Use this for the Security page — not `api.me()` + `api.getMfaStatus()`.\n *\n * **API:** `GET /api/auth/security/overview?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityOverview(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityOverviewQuery | undefined, any>(\n async (payload) => Client.security.getOverview(payload),\n options\n )\n\n return { mutate, getOverview: mutate, getSecurityOverview: mutate, isLoading }\n}\n\n/**\n * Paginated login activity for the Security page.\n *\n * **API:** `GET /api/auth/security/login-activity?page=&limit=&sort=`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityLoginActivity(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityLoginActivityQuery | undefined, any>(\n async (payload) => Client.security.getLoginActivity(payload),\n options\n )\n\n return { mutate, getLoginActivity: mutate, getSecurityLoginActivity: mutate, isLoading }\n}\n\n/**\n * List active sessions (refresh-token families) for the Security page.\n *\n * **API:** `GET /api/auth/security/sessions?currentFamilyId=`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header to mark current session.\n */\nexport function getSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecuritySessionsQuery | undefined, any>(\n async (payload) => Client.security.getSessions(payload),\n options\n )\n\n return { mutate, getSessions: mutate, getSecuritySessions: mutate, isLoading }\n}\n\n/**\n * Sign out a single device/session by `familyId`.\n *\n * **API:** `POST /api/auth/security/sessions/{familyId}/revoke`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload.\n */\nexport function revokeSecuritySession(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<RevokeSecuritySessionPayload, any>(\n async (payload?: RevokeSecuritySessionPayload) => Client.security.revokeSession(payload!),\n options\n )\n\n return { mutate, revokeSession: mutate, revokeSecuritySession: mutate, isLoading }\n}\n\n/**\n * Sign out all other devices; keeps the current session when `refreshToken` is provided.\n *\n * **API:** `POST /api/auth/security/sessions/revoke-others`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header.\n */\nexport function revokeOtherSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ refreshToken?: string } | undefined, any>(\n async (payload) => Client.security.revokeOtherSessions(payload?.refreshToken),\n options\n )\n\n return { mutate, revokeOtherSessions: mutate, revokeOtherSecuritySessions: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\n\nexport function getLoginBootstrap(options?: MutationOptions<any, { hubId?: number; portalId?: number } | void>) {\n const { mutate, isLoading } = createMutation(async (payload?: { hubId?: number; portalId?: number }) => {\n const response: any = await Client.authentication.getLoginBootstrap(payload)\n return response\n }, options)\n\n return {\n mutate,\n getLoginBootstrap: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions, PreLoginPayload } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\n\nexport function getSsoDetails(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await Client.sso.getSsoDetails()\n return response\n }, options)\n\n return {\n mutate,\n getDetails: mutate,\n getSsoDetails: mutate,\n isLoading\n }\n}\n\nexport function generateSsoUrl(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.generateSsoUrl(payload)\n return response\n }, options)\n\n return {\n mutate,\n generateUrl: mutate,\n generateSsoUrl: mutate,\n isLoading\n }\n}\n\nexport function ssoCallback(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.ssoCallback(payload)\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n callback: mutate,\n ssoCallback: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { ChangePasswordPayload, MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { actions as userActions } from '../../../state/crm/use-user'\n\nlet meRequestInFlight: Promise<any> | null = null\n\nasync function fetchMeOnce() {\n if (!meRequestInFlight) {\n meRequestInFlight = Client.user.me().finally(() => {\n meRequestInFlight = null\n })\n }\n return meRequestInFlight\n}\n\nexport function me(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await fetchMeOnce()\n userActions.setProfile(response)\n return response?.data\n }, options)\n\n return {\n mutate,\n me: mutate,\n isLoading\n }\n}\n\nexport function profile(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profile(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n profile: mutate,\n isLoading\n }\n}\n\nexport function profileUpdate(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profileUpdate(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n updateProfile: mutate,\n profileUpdate: mutate,\n isLoading\n }\n}\n\n/** @deprecated Use {@link profileUpdate} — same factory; 3.0 nested key is `updateProfile`. */\nexport const updateProfile = profileUpdate\n\nexport function changePassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ChangePasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.user.changePassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n changePassword: mutate,\n isLoading\n }\n}\n","import {\n preLogin,\n login,\n clientSession,\n handoff,\n register,\n verifyEmail,\n forgetPassword,\n logout,\n resetPasswordVerifyToken,\n resetPassword,\n registerExistingUser,\n verifyEmailResend,\n resendEmail\n} from '../features/auth/api/authentication'\nimport {\n verifyOtp,\n sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getMfaStatus,\n setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n} from '../features/auth/api/mfa'\nimport {\n getSecurityOverview,\n getSecurityLoginActivity,\n getSecuritySessions,\n revokeSecuritySession,\n revokeOtherSecuritySessions\n} from '../features/auth/api/security'\nimport { getLoginBootstrap } from '../features/auth/api/login-bootstrap'\nimport { getSsoDetails, generateSsoUrl, ssoCallback } from '../features/auth/api/sso'\nimport { changePassword, me, profile, profileUpdate } from '../features/auth/api/users'\nimport { getRefreshToken, setAccessToken as persistAccessToken } from '../core/http/auth-utils'\nimport { getAuthRefreshToken } from '../core/http/http-client'\nimport {\n clearAccessToken,\n didLastRefreshFail,\n getAccessToken,\n isAuthenticateApp,\n isAuthenticated,\n isExpiresAccessToken,\n isAccessTokenExpired,\n hasRefreshSession,\n hasValidAccessToken,\n isRefreshInFlight,\n isSessionRefreshExhausted,\n refreshSession,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState\n} from '../core/http/token-store'\nimport { isCookieExpired } from '../core/utils/cookie'\nimport {\n hasValidAccess,\n isFullyAuthenticated as isFullyAuthenticatedContract,\n hasAuthenticatedAccess as hasAuthenticatedAccessContract,\n type SessionContractInput\n} from '../core/auth/session-contract'\n\n/** Canonical nested auth API (SDK 3.0). */\nexport const authApi = {\n preLogin,\n login,\n clientSession,\n handoff,\n logout,\n register,\n verifyEmail,\n registerExistingUser,\n forgetPassword,\n resetPassword,\n resetPasswordVerifyToken,\n verifyEmailResend,\n resendEmail,\n changePassword,\n me,\n profile,\n updateProfile: profileUpdate,\n mfa: {\n verifyOtp,\n sendOtp: sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getStatus: getMfaStatus,\n setPreferences: setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n optOut: mfaOptOut,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n },\n security: {\n getOverview: getSecurityOverview,\n getLoginActivity: getSecurityLoginActivity,\n getSessions: getSecuritySessions,\n revokeSession: revokeSecuritySession,\n revokeOtherSessions: revokeOtherSecuritySessions\n },\n loginBootstrap: getLoginBootstrap,\n sso: {\n getDetails: getSsoDetails,\n generateUrl: generateSsoUrl,\n callback: ssoCallback\n },\n session: {\n getRefreshToken,\n refreshSession,\n refreshAccessToken: getAuthRefreshToken,\n getAccessToken,\n setAccessToken: persistAccessToken,\n clearAccessToken,\n isAuthenticated,\n isAuthenticateApp,\n isAccessTokenExpired,\n isExpiresAccessToken,\n isCookieExpired,\n hasRefreshSession,\n hasValidAccessToken,\n didLastRefreshFail,\n isSessionRefreshExhausted,\n isRefreshInFlight,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState,\n contract: (): SessionContractInput => ({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n isFullyAuthenticated: () =>\n isFullyAuthenticatedContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasAuthenticatedAccess: () =>\n hasAuthenticatedAccessContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasValidAccess: () =>\n hasValidAccess({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n })\n }\n}\n","export type MfaBootRecoveryResult = 'pending' | 'orphan_cleared' | 'stale_token_cleared' | 'none'\n\nexport type MfaBootRecoveryInput = {\n hasMfaContext: () => boolean\n hasAccessToken: () => boolean\n hasRefreshToken: () => boolean\n clearMfaOrphan: () => void\n clearStaleAccessToken: () => void\n /** Restore temp MFA JWT from sessionStorage after refresh. Return true when hydrated. */\n tryHydrateMfaAccessToken?: () => boolean | Promise<boolean>\n}\n\n/**\n * Normalize MFA gate state on cold load before the router mounts.\n * When sessionStorage holds a valid temp MFA JWT, hydrates in-memory access token so MFA can resume.\n */\nexport async function recoverMfaGateOnBoot(input: MfaBootRecoveryInput): Promise<MfaBootRecoveryResult> {\n const hasContext = input.hasMfaContext()\n let hasToken = input.hasAccessToken()\n const hasRefresh = input.hasRefreshToken()\n\n if (hasContext && hasToken) {\n return 'pending'\n }\n\n if (hasContext && !hasToken) {\n const hydrated = await input.tryHydrateMfaAccessToken?.()\n hasToken = input.hasAccessToken()\n if (hydrated && hasToken) {\n return 'pending'\n }\n input.clearMfaOrphan()\n return 'orphan_cleared'\n }\n\n if (hasToken && !hasContext && !hasRefresh) {\n input.clearStaleAccessToken()\n return 'stale_token_cleared'\n }\n\n return 'none'\n}\n\nexport type { VisibilityRefreshOptions } from '../http/visibility-refresh-scheduler.js'\nexport { startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler } from '../http/visibility-refresh-scheduler.js'\n","import { hasValidAccess, isFullyAuthenticated, isMfaPendingSession, type SessionContractInput } from './session-contract.js'\n\nexport type AuthRouteAction =\n | { kind: 'allow' }\n | { kind: 'show_loader' }\n | { kind: 'redirect_login'; returnUrl?: string }\n | { kind: 'redirect_mfa' }\n | { kind: 'redirect_funnel'; step: 'email_verify' | 'hub_select' | 'portal_select' }\n\nexport type AuthFunnelState = {\n emailVerified?: boolean\n hubId?: number | string | null\n portalId?: number | string | null\n}\n\nexport type ResolveAuthRouteActionInput = {\n pathname: string\n isPublicAuthRoute: (pathname: string) => boolean\n session: SessionContractInput\n funnel?: AuthFunnelState\n mfaRoute: string\n previewMode?: boolean\n /** When refresh hint exists but access token missing — session restoring. */\n sessionRestoring?: boolean\n /** Refresh already failed — do not show restoring loader; redirect to login. */\n sessionRefreshExhausted?: boolean\n}\n\nexport function resolveAuthRouteAction(input: ResolveAuthRouteActionInput): AuthRouteAction {\n const {\n pathname,\n isPublicAuthRoute,\n session,\n funnel,\n mfaRoute,\n previewMode = false,\n sessionRestoring = false,\n sessionRefreshExhausted = false\n } = input\n\n if (previewMode) {\n return { kind: 'allow' }\n }\n\n if (isMfaPendingSession(session)) {\n if (pathname === mfaRoute) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_mfa' }\n }\n\n if (sessionRestoring && !sessionRefreshExhausted) {\n return { kind: 'show_loader' }\n }\n\n if (sessionRefreshExhausted && !hasValidAccess(session)) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n const authenticated = isFullyAuthenticated(session)\n\n if (!authenticated) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n if (funnel) {\n if (funnel.emailVerified === false) {\n return { kind: 'redirect_funnel', step: 'email_verify' }\n }\n if (!funnel.hubId) {\n return { kind: 'redirect_funnel', step: 'hub_select' }\n }\n if (!funnel.portalId) {\n return { kind: 'redirect_funnel', step: 'portal_select' }\n }\n }\n\n return { kind: 'allow' }\n}\n"]}
1
+ {"version":3,"sources":["../src/main/core/auth/session-contract.ts","../src/main/core/http/session-persistence-error.ts","../src/main/core/http/login-session.ts","../src/main/features/auth/api/authentication.ts","../src/main/features/auth/api/mfa.ts","../src/main/features/auth/api/security.ts","../src/main/features/auth/api/login-bootstrap.ts","../src/main/features/auth/api/sso.ts","../src/main/features/auth/api/users.ts","../src/main/api/nested-auth-api.ts","../src/main/core/auth/bootstrap-contract.ts","../src/main/core/auth/route-guard-contract.ts"],"names":["actions"],"mappings":";;;;;;AAgBO,SAAS,eAAe,KAAA,EAAsC;AACjE,EAAA,OAAO,KAAA,CAAM,cAAA,EAAe,IAAK,CAAC,MAAM,oBAAA,EAAqB;AACjE;AAEO,SAAS,qBAAqB,KAAA,EAAsC;AACvE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,KAAA;AAAA,EACX;AACA,EAAA,IAAI,cAAA,CAAe,KAAK,CAAA,EAAG;AACvB,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,OAAO,MAAM,iBAAA,EAAkB;AACnC;AAEO,SAAS,oBAAoB,KAAA,EAAsC;AACtE,EAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,YAAA,IAAgB,CAAA;AACzC;AAEO,SAAS,uBAAuB,KAAA,EAAsC;AACzE,EAAA,IAAI,KAAA,CAAM,gBAAe,EAAG;AACxB,IAAA,OAAO,OAAA,CAAQ,KAAA,CAAM,cAAA,EAAgB,CAAA;AAAA,EACzC;AACA,EAAA,OAAO,eAAe,KAAK,CAAA;AAC/B;;;ACtCO,IAAM,uBAAA,GAAN,cAAsC,KAAA,CAAM;AAAA,EAC/C,YAAY,OAAA,EAAiB;AACzB,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,yBAAA;AAAA,EAChB;AACJ,CAAA;;;ACCA,SAAS,gBAAgB,QAAA,EAAoC;AACzD,EAAA,OAAQ,QAAA,EAAU,IAAA,IAAQ,QAAA,IAAY,EAAC;AAC3C;AAMA,eAAsB,qBAAqB,QAAA,EAA6B;AACpE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,EAAA,MAAM,eAAA,GAAuB,IAAA,EAAM,eAAA,IAAmB,EAAC;AACvD,EAAA,MAAM,aAAA,GAAqB,eAAA,EAAiB,aAAA,IAAiB,EAAC;AAC9D,EAAA,MAAM,eAAA,GAAuB,eAAe,QAAA,IAAY,IAAA;AACxD,EAAA,MAAM,gBAAA,GAAmB,iBAAiB,gBAAA,IAAoB,OAAA;AAE9D,EAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,EAAA,MAAM,eAAe,SAAA,EAAW,YAAA;AAChC,EAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,EAAA,MAAM,mBAAmB,SAAA,EAAW,gBAAA;AACpC,EAAA,MAAM,aAAa,SAAA,EAAW,gBAAA;AAE9B,EAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,QAAA,EAAU;AACrC,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,oCAAA,EAAsC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AAChG,IAAA,MAAM,IAAI,wBAAwB,oEAAoE,CAAA;AAAA,EAC1G;AAEA,EAAA,IAAI,CAAC,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACnD,IAAA,MAAA,CAAO,MAAM,MAAA,EAAQ,qCAAA,EAAuC,EAAE,SAAA,EAAW,wBAAwB,CAAA;AACjG,IAAA,MAAM,IAAI,wBAAwB,qEAAqE,CAAA;AAAA,EAC3G;AAEA,EAAA,SAAA,CAAU,aAAa,CAAA;AACvB,EAAA,mBAAA,CAAoB,gBAAgB,CAAA;AACpC,EAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AACrC,EAAA,MAAM,eAAA,CAAgB,YAAA,EAAc,gBAAA,IAAoB,UAAU,CAAA;AAClE,EAAA,MAAM,mBAAmB,IAAI,CAAA;AAC7B,EAAAA,QAAA,CAAY,UAAA,CAAW,UAAU,IAAA,IAAQ,IAAA,GAAO,WAAW,EAAE,IAAA,EAAM,MAAM,CAAA;AAEzE,EAAA,SAAA,CAAU,eAAe,eAAe,CAAA;AAExC,EAAA,0BAAA,CAA2B,GAAG,CAAA;AAE9B,EAAA,OAAO,QAAA;AACX;AAOA,eAAsB,mBAAmB,QAAA,EAA6B;AAClE,EAAA,MAAM,IAAA,GAAO,gBAAgB,QAAQ,CAAA;AACrC,EAAA,IAAI,IAAA,EAAM,sBAAsB,IAAA,EAAM;AAClC,IAAA,MAAM,SAAA,GAAiB,IAAA,EAAM,SAAA,IAAa,EAAC;AAC3C,IAAA,MAAM,QAAQ,SAAA,EAAW,KAAA;AACzB,IAAA,MAAM,YAAY,SAAA,EAAW,SAAA;AAC7B,IAAA,IAAI,KAAA,EAAO;AACP,MAAA,iBAAA,EAAkB;AAClB,MAAA,MAAM,cAAA,CAAe,OAAO,SAAS,CAAA;AACrC,MAAA,0BAAA,CAA2B,KAAA,EAAO,WAAW,GAAG,CAAA;AAAA,IACpD;AACA,IAAA,OAAO,QAAA;AAAA,EACX;AACA,EAAA,OAAO,qBAAqB,QAAQ,CAAA;AACxC;;;ACvDO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAQO,SAAS,MAAM,OAAA,EAAmD;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAiB;AAClG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,MAAM,OAAO,CAAA;AAC3D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,KAAA,EAAO,MAAA;AAAA,IACP;AAAA,GACJ;AACJ;AAuBO,SAAS,QAAQ,OAAA,EAAmD;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAsD,OAAO,OAAA,KAAY;AACnG,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,QAAQ,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAmD;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwD,OAAO,OAAA,KAAmC;AAC5H,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAQ,CAAA;AACpE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,SAAS,OAAA,EAAqC;AAC1D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,SAAS,OAAO,CAAA;AAClE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAwC,OAAO,OAAA,KAAiB;AAC1F,IAAA,MAAM,kBAAA,GAAyC,WAAW,EAAC;AAC3D,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,kBAAA,EAAoB,KAAA,EAAO,kBAAA,CAAmB,KAAA,GAAQ,KAAA;AAC3D,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,kBAAkB,CAAA;AAChF,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;AAEO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqD,OAAO,OAAA,KAAiB;AACvG,IAAA,MAAM,+BAAA,GAAmE,WAAW,EAAC;AACrF,IAAA,MAAM,KAAA,GAAa,SAAS,OAAO,CAAA;AACnC,IAAA,IAAI,CAAC,+BAAA,EAAiC,KAAA,EAAO,+BAAA,CAAgC,KAAA,GAAQ,KAAA;AACrF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,yBAAyB,+BAA+B,CAAA;AAC1G,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,wBAAA,EAA0B,MAAA;AAAA,IAC1B;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA0C,OAAO,OAAA,KAAiB;AAC5F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,cAAc,OAAO,CAAA;AACvE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,eAAe,OAAO,CAAA;AACxE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,OAAO,OAAA,EAAqC;AACxD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,IAAI;AACA,MAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,MAAA,EAAO;AACzD,MAAA,OAAO,QAAA;AAAA,IACX,CAAA,SAAE;AACE,MAAA,gBAAA,EAAiB;AACjB,MAAA,sBAAA,EAAuB;AAAA,IAC3B;AAAA,EACJ,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,MAAA,EAAQ,MAAA;AAAA,IACR;AAAA,GACJ;AACJ;AAEO,SAAS,qBAAqB,OAAA,EAAqC;AACtE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,qBAAqB,OAAO,CAAA;AAC9E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,oBAAA,EAAsB,MAAA;AAAA,IACtB;AAAA,GACJ;AACJ;AAEO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyB,OAAO,OAAA,KAAiB;AAC3E,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,YAAY,OAAO,CAAA;AACrE,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;AChMO,SAAS,UAAU,OAAA,EAAmD;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA4D,OAAO,OAAA,KAAuC;AACpI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,cAAA,CAAe,UAAU,OAAQ,CAAA;AAChE,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,SAAA,EAAU;AAClD;AAQO,SAAS,WAAW,OAAA,EAAqC;AAC5D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAgC,MAAA,CAAO,GAAA,CAAI,eAAe,OAAQ,CAAA;AAAA,IACzE;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,UAAA,EAAY,QAAQ,SAAA,EAAU;AACpE;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA8C,MAAA,CAAO,GAAA,CAAI,sBAAsB,OAAQ,CAAA;AAAA,IAC9F;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AASO,SAAS,qBAAqB,OAAA,EAAmD;AACpF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA6C;AAChD,MAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,qBAAqB,OAAQ,CAAA;AAChE,MAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,MAAA,OAAO,QAAA;AAAA,IACX,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,oBAAA,EAAsB,MAAA,EAAQ,SAAA,EAAU;AAC7D;AAQO,SAAS,aAAa,OAAA,EAAqD;AAC9E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAa,MAAM,MAAA,CAAO,GAAA,CAAI,UAAU,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAA,EAAc,QAAQ,SAAA,EAAU;AACxE;AAQO,SAAS,kBAAkB,OAAA,EAAqC;AACnE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,cAAA,CAAe,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACvD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAQ,iBAAA,EAAmB,QAAQ,SAAA,EAAU;AAClF;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA8D,OAAO,OAAA,KAAY;AAC3G,IAAA,MAAM,EAAE,UAAU,GAAG,IAAA,KAAS,OAAA,IAAW,EAAE,OAAO,EAAA,EAAG;AACrD,IAAA,OAAO,MAAA,CAAO,IAAI,gBAAA,CAAiB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EACxF,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgE,OAAO,OAAA,KAAY;AAC7G,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,WAAW,EAAE,KAAA,EAAO,EAAA,EAAI,IAAA,EAAM,EAAA,EAAG;AAC/D,IAAA,OAAO,MAAA,CAAO,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,IAAA,GAAO,EAAE,QAAA,EAAS,GAAI,MAAS,CAAA;AAAA,EAC1F,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,gBAAgB,OAAA,EAAqC;AACjE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,eAAA,CAAgB,OAAO,CAAA,EAAG,OAAO,CAAA;AAE7I,EAAA,OAAO,EAAE,MAAA,EAAQ,eAAA,EAAiB,MAAA,EAAQ,SAAA,EAAU;AACxD;AAQO,SAAS,iBAAiB,OAAA,EAAqC;AAClE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAsC,MAAA,CAAO,GAAA,CAAI,iBAAiB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,SAAA,EAAU;AACzD;AAQO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAyD,OAAO,OAAA,KAAkD;AAC5I,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,WAAA,CAAY,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EACpD,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,SAAA,EAAU;AACpD;AAOO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoD;AACvD,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,aAAA,CAAc,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IACtD,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,SAAA,EAAU;AACtD;AAOO,SAAS,sBAAsB,OAAA,EAAwD;AAC1F,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA4D;AAC/D,MAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,MAAA,OAAO,OAAO,GAAA,CAAI,qBAAA,CAAsB,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,IAC9D,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,qBAAA,EAAuB,MAAA,EAAQ,SAAA,EAAU;AAC9D;AAOO,SAAS,UAAU,OAAA,EAAqC;AAC3D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAuD,OAAO,OAAA,KAAgD;AACxI,IAAA,MAAM,EAAE,QAAA,EAAU,GAAG,IAAA,EAAK,GAAI,OAAA;AAC9B,IAAA,OAAO,OAAO,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,EAAE,UAAU,CAAA;AAAA,EAC/C,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,MAAA,EAAQ,SAAA,EAAW,QAAQ,SAAA,EAAU;AAClE;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,uBAAuB,OAAA,EAAqC;AACxE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,uBAAuB,OAAQ,CAAA;AAAA,IACrF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,sBAAA,EAAwB,MAAA,EAAQ,SAAA,EAAU;AAC/D;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAgD,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG,OAAO,CAAA;AAEjJ,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AAQO,SAAS,mBAAmB,OAAA,EAAqC;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAoC,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAAA,IACjF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;AAQO,SAAS,wBAAwB,OAAA,EAAqC;AACzE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,GAAA,CAAI,wBAAwB,OAAO,CAAA;AAAA,IAC7D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,uBAAA,EAAyB,MAAA,EAAQ,SAAA,EAAU;AAChE;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAuE;AAC1E,MAAA,MAAM,EAAE,kBAAA,EAAoB,QAAA,EAAS,GAAI,OAAA;AACzC,MAAA,OAAO,OAAO,GAAA,CAAI,wBAAA,CAAyB,kBAAA,EAAoB,EAAE,UAAU,CAAA;AAAA,IAC/E,CAAA;AAAA,IACA;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,wBAAA,EAA0B,MAAA,EAAQ,SAAA,EAAU;AACjE;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAyC,MAAA,CAAO,GAAA,CAAI,oBAAoB,OAAQ,CAAA;AAAA,IACvF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,SAAA,EAAU;AAC5D;AASO,SAAS,mBAAmB,OAAA,EAAmD;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA6D,OAAO,OAAA,KAAwC;AACtI,IAAA,MAAM,QAAA,GAAY,MAAM,MAAA,CAAO,GAAA,CAAI,mBAAmB,OAAQ,CAAA;AAC9D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO,EAAE,MAAA,EAAQ,kBAAA,EAAoB,MAAA,EAAQ,SAAA,EAAU;AAC3D;;;AC7VO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,yBAAyB,OAAA,EAAqC;AAC1E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,iBAAiB,OAAO,CAAA;AAAA,IAC3D;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,gBAAA,EAAkB,MAAA,EAAQ,wBAAA,EAA0B,QAAQ,SAAA,EAAU;AAC3F;AAQO,SAAS,oBAAoB,OAAA,EAAqC;AACrE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,YAAY,OAAO,CAAA;AAAA,IACtD;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,mBAAA,EAAqB,QAAQ,SAAA,EAAU;AACjF;AAQO,SAAS,sBAAsB,OAAA,EAAqC;AACvE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAA2C,MAAA,CAAO,QAAA,CAAS,cAAc,OAAQ,CAAA;AAAA,IACxF;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,MAAA,EAAQ,qBAAA,EAAuB,QAAQ,SAAA,EAAU;AACrF;AAQO,SAAS,4BAA4B,OAAA,EAAqC;AAC7E,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA;AAAA,IAC1B,OAAO,OAAA,KAAY,MAAA,CAAO,QAAA,CAAS,mBAAA,CAAoB,SAAS,YAAY,CAAA;AAAA,IAC5E;AAAA,GACJ;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,mBAAA,EAAqB,MAAA,EAAQ,2BAAA,EAA6B,QAAQ,SAAA,EAAU;AACjG;;;AChFO,SAAS,kBAAkB,OAAA,EAA8E;AAC5G,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAoD;AACpG,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,cAAA,CAAe,kBAAkB,OAAO,CAAA;AAC3E,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,iBAAA,EAAmB,MAAA;AAAA,IACnB;AAAA,GACJ;AACJ;;;ACVO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,aAAA,EAAc;AACrD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,UAAA,EAAY,MAAA;AAAA,IACZ,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAEO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,eAAe,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,WAAA,EAAa,MAAA;AAAA,IACb,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;AAEO,SAAS,YAAY,OAAA,EAAqC;AAC7D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAqC,OAAO,OAAA,KAAiB;AACvF,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,GAAA,CAAI,YAAY,OAAO,CAAA;AAC1D,IAAA,MAAM,mBAAmB,QAAQ,CAAA;AACjC,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,QAAA,EAAU,MAAA;AAAA,IACV,WAAA,EAAa,MAAA;AAAA,IACb;AAAA,GACJ;AACJ;;;ACzCA,IAAI,iBAAA,GAAyC,IAAA;AAE7C,eAAe,WAAA,GAAc;AACzB,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACpB,IAAA,iBAAA,GAAoB,MAAA,CAAO,IAAA,CAAK,EAAA,EAAG,CAAE,QAAQ,MAAM;AAC/C,MAAA,iBAAA,GAAoB,IAAA;AAAA,IACxB,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,iBAAA;AACX;AAEO,SAAS,GAAG,OAAA,EAAqC;AACpD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,eAAe,YAAY;AACrD,IAAA,MAAM,QAAA,GAAgB,MAAM,WAAA,EAAY;AACxC,IAAAA,QAAA,CAAY,WAAW,QAAQ,CAAA;AAC/B,IAAA,OAAO,QAAA,EAAU,IAAA;AAAA,EACrB,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,EAAA,EAAI,MAAA;AAAA,IACJ;AAAA,GACJ;AACJ;AAEO,SAAS,QAAQ,OAAA,EAAqC;AACzD,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,OAAO,CAAA;AACvD,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,OAAA,EAAS,MAAA;AAAA,IACT;AAAA,GACJ;AACJ;AAEO,SAAS,cAAc,OAAA,EAAqC;AAC/D,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAAe,OAAO,OAAA,KAAiB;AACjE,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,cAAc,OAAO,CAAA;AAC7D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,aAAA,EAAe,MAAA;AAAA,IACf,aAAA,EAAe,MAAA;AAAA,IACf;AAAA,GACJ;AACJ;AAKO,SAAS,eAAe,OAAA,EAAqC;AAChE,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,cAAA,CAA2C,OAAO,OAAA,KAAiB;AAC7F,IAAA,MAAM,QAAA,GAAgB,MAAM,MAAA,CAAO,IAAA,CAAK,eAAe,OAAO,CAAA;AAC9D,IAAA,OAAO,QAAA;AAAA,EACX,GAAG,OAAO,CAAA;AAEV,EAAA,OAAO;AAAA,IACH,MAAA;AAAA,IACA,cAAA,EAAgB,MAAA;AAAA,IAChB;AAAA,GACJ;AACJ;;;ACMO,IAAM,OAAA,GAAU;AAAA,EACnB,QAAA;AAAA,EACA,KAAA;AAAA,EACA,aAAA;AAAA,EACA,OAAA;AAAA,EACA,MAAA;AAAA,EACA,QAAA;AAAA,EACA,WAAA;AAAA,EACA,oBAAA;AAAA,EACA,cAAA;AAAA,EACA,aAAA;AAAA,EACA,wBAAA;AAAA,EACA,iBAAA;AAAA,EACA,WAAA;AAAA,EACA,cAAA;AAAA,EACA,EAAA;AAAA,EACA,OAAA;AAAA,EACA,aAAA,EAAe,aAAA;AAAA,EACf,GAAA,EAAK;AAAA,IACD,SAAA;AAAA,IACA,OAAA,EAAS,UAAA;AAAA,IACT,qBAAA;AAAA,IACA,oBAAA;AAAA,IACA,SAAA,EAAW,YAAA;AAAA,IACX,cAAA,EAAgB,iBAAA;AAAA,IAChB,gBAAA;AAAA,IACA,kBAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,WAAA;AAAA,IACA,aAAA;AAAA,IACA,qBAAA;AAAA,IACA,MAAA,EAAQ,SAAA;AAAA,IACR,SAAA;AAAA,IACA,uBAAA;AAAA,IACA,sBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,uBAAA;AAAA,IACA,wBAAA;AAAA,IACA,mBAAA;AAAA,IACA;AAAA,GACJ;AAAA,EACA,QAAA,EAAU;AAAA,IACN,WAAA,EAAa,mBAAA;AAAA,IACb,gBAAA,EAAkB,wBAAA;AAAA,IAClB,WAAA,EAAa,mBAAA;AAAA,IACb,aAAA,EAAe,qBAAA;AAAA,IACf,mBAAA,EAAqB;AAAA,GACzB;AAAA,EACA,cAAA,EAAgB,iBAAA;AAAA,EAChB,GAAA,EAAK;AAAA,IACD,UAAA,EAAY,aAAA;AAAA,IACZ,WAAA,EAAa,cAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACd;AAAA,EACA,OAAA,EAAS;AAAA,IACL,eAAA;AAAA,IACA,cAAA;AAAA,IACA,kBAAA,EAAoB,mBAAA;AAAA,IACpB,cAAA;AAAA,IACA,cAAA;AAAA,IACA,gBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,oBAAA;AAAA,IACA,oBAAA;AAAA,IACA,eAAA;AAAA,IACA,iBAAA;AAAA,IACA,mBAAA;AAAA,IACA,kBAAA;AAAA,IACA,yBAAA;AAAA,IACA,iBAAA;AAAA,IACA,qBAAA;AAAA,IACA,iCAAA;AAAA,IACA,0BAAA;AAAA,IACA,UAAU,OAA6B;AAAA,MACnC,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACJ,CAAA;AAAA,IACA,oBAAA,EAAsB,MAClB,oBAAA,CAA6B;AAAA,MACzB,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,sBAAA,EAAwB,MACpB,sBAAA,CAA+B;AAAA,MAC3B,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH,CAAA;AAAA,IACL,cAAA,EAAgB,MACZ,cAAA,CAAe;AAAA,MACX,cAAA,EAAgB,MAAM,OAAA,CAAQ,cAAA,EAAgB,CAAA;AAAA,MAC9C,oBAAA;AAAA,MACA;AAAA,KACH;AAAA;AAEb;;;ACjKA,eAAsB,qBAAqB,KAAA,EAA6D;AACpG,EAAA,MAAM,UAAA,GAAa,MAAM,aAAA,EAAc;AACvC,EAAA,IAAI,QAAA,GAAW,MAAM,cAAA,EAAe;AACpC,EAAA,MAAM,UAAA,GAAa,MAAM,eAAA,EAAgB;AAEzC,EAAA,IAAI,cAAc,QAAA,EAAU;AACxB,IAAA,OAAO,SAAA;AAAA,EACX;AAEA,EAAA,IAAI,UAAA,IAAc,CAAC,QAAA,EAAU;AACzB,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,wBAAA,IAA2B;AACxD,IAAA,QAAA,GAAW,MAAM,cAAA,EAAe;AAChC,IAAA,IAAI,YAAY,QAAA,EAAU;AACtB,MAAA,OAAO,SAAA;AAAA,IACX;AACA,IAAA,KAAA,CAAM,cAAA,EAAe;AACrB,IAAA,OAAO,gBAAA;AAAA,EACX;AAEA,EAAA,IAAI,QAAA,IAAY,CAAC,UAAA,IAAc,CAAC,UAAA,EAAY;AACxC,IAAA,KAAA,CAAM,qBAAA,EAAsB;AAC5B,IAAA,OAAO,qBAAA;AAAA,EACX;AAEA,EAAA,OAAO,MAAA;AACX;;;ACbO,SAAS,uBAAuB,KAAA,EAAqD;AACxF,EAAA,MAAM;AAAA,IACF,QAAA;AAAA,IACA,iBAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,WAAA,GAAc,KAAA;AAAA,IACd,gBAAA,GAAmB,KAAA;AAAA,IACnB,uBAAA,GAA0B;AAAA,GAC9B,GAAI,KAAA;AAEJ,EAAA,IAAI,WAAA,EAAa;AACb,IAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,EAC3B;AAEA,EAAA,IAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG;AAC9B,IAAA,IAAI,aAAa,QAAA,EAAU;AACvB,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,cAAA,EAAe;AAAA,EAClC;AAEA,EAAA,IAAI,gBAAA,IAAoB,CAAC,uBAAA,EAAyB;AAC9C,IAAA,OAAO,EAAE,MAAM,aAAA,EAAc;AAAA,EACjC;AAEA,EAAA,IAAI,uBAAA,IAA2B,CAAC,cAAA,CAAe,OAAO,CAAA,EAAG;AACrD,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,MAAM,aAAA,GAAgB,qBAAqB,OAAO,CAAA;AAElD,EAAA,IAAI,CAAC,aAAA,EAAe;AAChB,IAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC7B,MAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAAA,IAC3B;AACA,IAAA,OAAO,EAAE,MAAM,gBAAA,EAAiB;AAAA,EACpC;AAEA,EAAA,IAAI,MAAA,EAAQ;AACR,IAAA,IAAI,MAAA,CAAO,kBAAkB,KAAA,EAAO;AAChC,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,cAAA,EAAe;AAAA,IAC3D;AACA,IAAA,IAAI,CAAC,OAAO,KAAA,EAAO;AACf,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,YAAA,EAAa;AAAA,IACzD;AACA,IAAA,IAAI,CAAC,OAAO,QAAA,EAAU;AAClB,MAAA,OAAO,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,eAAA,EAAgB;AAAA,IAC5D;AAAA,EACJ;AAEA,EAAA,OAAO,EAAE,MAAM,OAAA,EAAQ;AAC3B","file":"chunk-VTAZLB5Y.js","sourcesContent":["/**\n * Shared session predicates for client and admin portals.\n * Apps supply lane-specific refresh hints (cookie name / timing cookie).\n */\n\nexport type SessionContractInput = {\n /** In-memory access JWT present. */\n hasAccessToken: () => boolean\n /** Access JWT expired or within proactive refresh buffer. */\n isAccessTokenExpired: () => boolean\n /** Refresh session still valid (cookie / timing hint). */\n hasRefreshSession: () => boolean\n /** MFA gate: temp JWT + pending context. */\n isMfaPending?: () => boolean\n}\n\nexport function hasValidAccess(input: SessionContractInput): boolean {\n return input.hasAccessToken() && !input.isAccessTokenExpired()\n}\n\nexport function isFullyAuthenticated(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return false\n }\n if (hasValidAccess(input)) {\n return true\n }\n return input.hasRefreshSession()\n}\n\nexport function isMfaPendingSession(input: SessionContractInput): boolean {\n return Boolean(input.isMfaPending?.())\n}\n\nexport function hasAuthenticatedAccess(input: SessionContractInput): boolean {\n if (input.isMfaPending?.()) {\n return Boolean(input.hasAccessToken())\n }\n return hasValidAccess(input)\n}\n","/** Thrown when a full login response cannot be persisted (e.g. missing refresh token). */\nexport class SessionPersistenceError extends Error {\n constructor(message: string) {\n super(message)\n this.name = 'SessionPersistenceError'\n }\n}\n","import { setPortal, setSubscriptionType, setAccessToken, setRefreshToken, setLoggedInDetails, clearRefreshToken } from './auth-utils'\nimport { setConfig } from '../utils/hub-context'\nimport { actions as userActions } from '../../state/crm/use-user'\nimport { SessionPersistenceError } from './session-persistence-error'\nimport { logger } from '../logging/logger'\nimport { clearMfaPendingAccessToken, storeMfaPendingAccessToken } from '../auth/mfa-pending-token-storage.js'\n\nfunction unwrapLoginBody(response: any): Record<string, any> {\n return (response?.data ?? response ?? {}) as Record<string, any>\n}\n\n/**\n * Persists a full authenticated session (access + refresh tokens, portal, login details).\n * Use after successful login or MFA verify when `twoFactorRequired` is false.\n */\nexport async function completeLoginSession(response: any): Promise<any> {\n const body = unwrapLoginBody(response)\n const tokenData: any = body?.tokenData || {}\n const loggedInDetails: any = body?.loggedInDetails || {}\n const currentPortal: any = loggedInDetails?.currentPortal || {}\n const currentPortalId: any = currentPortal?.portalId || null\n const subscriptionType = loggedInDetails?.subscriptionType || 'BASIC'\n\n const token = tokenData?.token\n const refreshToken = tokenData?.refreshToken\n const expiresIn = tokenData?.expiresIn\n const refreshExpiresAt = tokenData?.refreshExpiresAt\n const rExpiresIn = tokenData?.refreshExpiresIn\n\n if (!token || typeof token !== 'string') {\n logger.error('auth', 'login session missing access token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing access token in login response')\n }\n\n if (!refreshToken || typeof refreshToken !== 'string') {\n logger.error('auth', 'login session missing refresh token', { operation: 'completeLoginSession' })\n throw new SessionPersistenceError('Session persistence failed: missing refresh token in login response')\n }\n\n setPortal(currentPortal)\n setSubscriptionType(subscriptionType)\n await setAccessToken(token, expiresIn)\n await setRefreshToken(refreshToken, refreshExpiresAt ?? rExpiresIn)\n await setLoggedInDetails(body)\n userActions.setProfile(response?.data != null ? response : { data: body })\n\n setConfig.setDevPortalId(currentPortalId)\n\n clearMfaPendingAccessToken('c')\n\n return response\n}\n\n/**\n * Applies login/MFA-step response token rules:\n * - MFA pending: temp access JWT only (no refresh until verify completes)\n * - Full session: {@link completeLoginSession}\n */\nexport async function applyLoginResponse(response: any): Promise<any> {\n const data = unwrapLoginBody(response)\n if (data?.twoFactorRequired === true) {\n const tokenData: any = data?.tokenData || {}\n const token = tokenData?.token\n const expiresIn = tokenData?.expiresIn\n if (token) {\n clearRefreshToken()\n await setAccessToken(token, expiresIn)\n storeMfaPendingAccessToken(token, expiresIn, 'c')\n }\n return response\n }\n return completeLoginSession(response)\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type {\n LoginPayload,\n LoginResponseData,\n MutationOptions,\n PreLoginPayload,\n ForgetPasswordPayload,\n VerifyEmailPayload,\n ResetPasswordVerifyTokenPayload,\n ResetPasswordPayload\n} from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport { getParam } from '../../../core/utils/param'\nimport { clearClientAuthCookies } from '../../../core/utils/cookie'\nimport { clearAccessToken } from '../../../core/http/token-store'\n\nexport function preLogin(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.preLogin(payload)\n return response\n }, options)\n\n return {\n mutate,\n preLogin: mutate,\n isLoading\n }\n}\n\n/**\n * Password login for the client portal.\n *\n * **API:** `POST /api/auth/login?hubId={hubId}`\n * **Session:** When `twoFactorRequired` is true, stores only the temp access JWT (no refresh until MFA completes).\n */\nexport function login(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<LoginPayload, LoginResponseData>(async (payload: any) => {\n const response = (await Client.authentication.login(payload)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n login: mutate,\n isLoading\n }\n}\n\nexport interface ClientSessionPayload {\n accessToken: string\n refreshToken?: string\n}\n\n/**\n * Exchange a management/deep-link token for a portal client session.\n *\n * **API:** `POST /api/auth/client-session`\n * **Auth:** Bearer access token header; optional refresh token in body.\n */\nexport interface AuthHandoffPayload {\n code: string\n hubId: number\n}\n\n/**\n * Redeem a one-time admin portal handoff code for a full client session.\n *\n * **API:** `POST /api/auth/handoff?hubId={hubId}`\n */\nexport function handoff(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<AuthHandoffPayload, LoginResponseData>(async (payload) => {\n const response = (await Client.authentication.handoff(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n handoff: mutate,\n isLoading\n }\n}\n\nexport function clientSession(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<ClientSessionPayload, LoginResponseData>(async (payload?: ClientSessionPayload) => {\n const response = (await Client.authentication.clientSession(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n clientSession: mutate,\n isLoading\n }\n}\n\nexport function register(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.register(payload)\n return response\n }, options)\n\n return {\n mutate,\n register: mutate,\n isLoading\n }\n}\n\nexport function verifyEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<VerifyEmailPayload, any>(async (payload: any) => {\n const verifyEmailPayload: VerifyEmailPayload = payload || {}\n const token: any = getParam('token')\n if (!verifyEmailPayload?.token) verifyEmailPayload.token = token\n const response: any = await Client.authentication.verifyEmail(verifyEmailPayload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmail: mutate,\n isLoading\n }\n}\n\nexport function resetPasswordVerifyToken(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordVerifyTokenPayload, any>(async (payload: any) => {\n const resetPasswordVerifyTokenPayload: ResetPasswordVerifyTokenPayload = payload || {}\n const token: any = getParam('token')\n if (!resetPasswordVerifyTokenPayload?.token) resetPasswordVerifyTokenPayload.token = token\n const response: any = await Client.authentication.resetPasswordVerifyToken(resetPasswordVerifyTokenPayload)\n return response\n }, options)\n\n return {\n mutate,\n resetPasswordVerifyToken: mutate,\n isLoading\n }\n}\n\nexport function resetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ResetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.resetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n resetPassword: mutate,\n isLoading\n }\n}\n\nexport function forgetPassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ForgetPasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.authentication.forgetPassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n forgetPassword: mutate,\n isLoading\n }\n}\n\nexport function logout(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n try {\n const response: any = await Client.authentication.logout()\n return response\n } finally {\n clearAccessToken()\n clearClientAuthCookies()\n }\n }, options)\n\n return {\n mutate,\n logout: mutate,\n isLoading\n }\n}\n\nexport function registerExistingUser(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.registerExistingUser(payload)\n return response\n }, options)\n\n return {\n mutate,\n registerExistingUser: mutate,\n isLoading\n }\n}\n\nexport function verifyEmailResend(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.verifyEmailResend(payload)\n return response\n }, options)\n\n return {\n mutate,\n verifyEmailResend: mutate,\n isLoading\n }\n}\n\nexport function resendEmail(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<any, any>(async (payload: any) => {\n const response: any = await Client.authentication.resendEmail(payload)\n return response\n }, options)\n\n return {\n mutate,\n resendEmail: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\nimport type {\n LoginResponseData,\n MfaEnrollmentStatus,\n MfaOtpSendRequest,\n MfaPendingPasskeyOptionsRequest,\n MfaPendingPasskeyVerifyRequest,\n MfaPreferenceRequest,\n MfaStatusQuery,\n MutationOptions,\n PasskeyLoginOptionsRequest,\n PasskeyLoginVerifyRequest,\n PhoneVerifyConfirmRequest,\n PhoneVerifyStartRequest,\n BackupCodesRegenerateRequest,\n MfaBackupCodesResponse,\n MfaOptOutRequest,\n PhoneUnverifyRequest,\n TotpDisableRequest,\n TotpEnrollVerifyRequest,\n TwoFaVerificationRequest,\n WebAuthnVerifyRequest\n} from '../../../core/types'\n\n/**\n * Complete the MFA login step after `api.login()` returned `twoFactorRequired: true`.\n *\n * **API:** `POST /api/auth/verify-otp?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, otp, method }` (`EMAIL_OTP` | `SMS_OTP` | `TOTP` | `BACKUP_CODE`).\n * **Session:** On success persists full access + refresh tokens (skips when still MFA-pending).\n */\nexport function verifyOtp(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<TwoFaVerificationRequest, LoginResponseData>(async (payload?: TwoFaVerificationRequest) => {\n const response = (await Client.authentication.verifyOtp(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, verifyOtp: mutate, isLoading }\n}\n\n/**\n * Resend OTP or switch to email/SMS on the MFA login gate.\n *\n * **API:** `POST /api/auth/mfa/pending/otp/send`\n * **Auth:** Bearer temp JWT; body `{ token, method }`.\n */\nexport function sendMfaOtp(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOtpSendRequest, any>(\n async (payload?: MfaOtpSendRequest) => Client.mfa.sendPendingOtp(payload!),\n options\n )\n\n return { mutate, sendOtp: mutate, sendMfaOtp: mutate, isLoading }\n}\n\n/**\n * Start WebAuthn ceremony for passkey as second factor during login.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/options`\n * **Auth:** Bearer temp JWT; body `{ token, portalId? }`.\n */\nexport function pendingPasskeyOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyOptionsRequest, any>(\n async (payload?: MfaPendingPasskeyOptionsRequest) => Client.mfa.pendingPasskeyOptions(payload!),\n options\n )\n\n return { mutate, pendingPasskeyOptions: mutate, isLoading }\n}\n\n/**\n * Finish passkey MFA-step and complete login when successful.\n *\n * **API:** `POST /api/auth/mfa/pending/passkey/authenticate/verify?hubId={hubId}`\n * **Auth:** Bearer temp JWT; body `{ token, challengeId, credential, portalId? }`.\n * **Session:** On success persists full access + refresh tokens.\n */\nexport function pendingPasskeyVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<MfaPendingPasskeyVerifyRequest, LoginResponseData>(\n async (payload?: MfaPendingPasskeyVerifyRequest) => {\n const response = (await Client.mfa.pendingPasskeyVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n },\n options\n )\n\n return { mutate, pendingPasskeyVerify: mutate, isLoading }\n}\n\n/**\n * MFA enrollment and policy snapshot for the security settings UI.\n *\n * **API:** `GET /api/auth/mfa/status?portalId={portalId}`\n * **Auth:** Bearer access JWT (full session).\n */\nexport function getMfaStatus(options?: MutationOptions<MfaEnrollmentStatus, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, MfaEnrollmentStatus>(\n async (payload) => (await Client.mfa.getStatus(payload)) as MfaEnrollmentStatus,\n options\n )\n\n return { mutate, getStatus: mutate, getMfaStatus: mutate, isLoading }\n}\n\n/**\n * Set the user's default MFA method for this hub/portal scope.\n *\n * **API:** `PUT /api/auth/mfa/preferences?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ defaultMethod }`.\n */\nexport function setMfaPreferences(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaPreferenceRequest & MfaStatusQuery, any>(\n async (payload?: MfaPreferenceRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.setPreferences(data, { portalId })\n },\n options\n )\n\n return { mutate, setPreferences: mutate, setMfaPreferences: mutate, isLoading }\n}\n\n/**\n * Send OTP to verify the user's phone number (enables SMS OTP at login).\n *\n * **API:** `POST /api/auth/mfa/phone/verify/start?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone }` (E.164, e.g. `+14155552671`).\n */\nexport function startPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyStartRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '' }\n return Client.mfa.startPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, startPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Confirm phone verification with the OTP code.\n *\n * **API:** `POST /api/auth/mfa/phone/verify/confirm?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ phone, code }`.\n */\nexport function confirmPhoneVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneVerifyConfirmRequest & MfaStatusQuery, any>(async (payload) => {\n const { portalId, ...data } = payload ?? { phone: '', code: '' }\n return Client.mfa.confirmPhoneVerify(data, portalId != null ? { portalId } : undefined)\n }, options)\n\n return { mutate, confirmPhoneVerify: mutate, isLoading }\n}\n\n/**\n * Start TOTP authenticator enrollment for the current portal scope.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/start?portalId={portalId}`\n * **Auth:** Bearer access JWT. Returns `secret`, `otpauthUri`, `scopeKey`.\n */\nexport function totpEnrollStart(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.totpEnrollStart(payload), options)\n\n return { mutate, totpEnrollStart: mutate, isLoading }\n}\n\n/**\n * Confirm TOTP enrollment and receive one-time backup codes.\n *\n * **API:** `POST /api/auth/mfa/totp/enroll/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ code, portalId? }`.\n */\nexport function totpEnrollVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpEnrollVerifyRequest, any>(\n async (payload?: TotpEnrollVerifyRequest) => Client.mfa.totpEnrollVerify(payload!),\n options\n )\n\n return { mutate, totpEnrollVerify: mutate, isLoading }\n}\n\n/**\n * Disable TOTP for the current scope (requires current password).\n *\n * **API:** `POST /api/auth/mfa/totp/disable`\n * **Auth:** Bearer access JWT; body `{ password }`.\n */\nexport function totpDisable(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<TotpDisableRequest & MfaStatusQuery, any>(async (payload?: TotpDisableRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.totpDisable(data, { portalId })\n }, options)\n\n return { mutate, totpDisable: mutate, isLoading }\n}\n\n/**\n * Remove SMS MFA by clearing phone verification for the current scope.\n *\n * **API:** `POST /api/auth/mfa/phone/unverify?portalId={portalId}`\n */\nexport function phoneUnverify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PhoneUnverifyRequest & MfaStatusQuery, any>(\n async (payload?: PhoneUnverifyRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.phoneUnverify(data, { portalId })\n },\n options\n )\n\n return { mutate, phoneUnverify: mutate, isLoading }\n}\n\n/**\n * Regenerate backup codes (password + TOTP step-up). Plaintext codes returned once.\n *\n * **API:** `POST /api/auth/mfa/backup-codes/regenerate?portalId={portalId}`\n */\nexport function backupCodesRegenerate(options?: MutationOptions<MfaBackupCodesResponse, any>) {\n const { mutate, isLoading } = createMutation<BackupCodesRegenerateRequest & MfaStatusQuery, MfaBackupCodesResponse>(\n async (payload?: BackupCodesRegenerateRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.backupCodesRegenerate(data, { portalId })\n },\n options\n )\n\n return { mutate, backupCodesRegenerate: mutate, isLoading }\n}\n\n/**\n * Turn off all voluntary MFA enrollments when policy allows.\n *\n * **API:** `POST /api/auth/mfa/opt-out?portalId={portalId}`\n */\nexport function mfaOptOut(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaOptOutRequest & MfaStatusQuery, any>(async (payload?: MfaOptOutRequest & MfaStatusQuery) => {\n const { portalId, ...data } = payload!\n return Client.mfa.optOut(data, { portalId })\n }, options)\n\n return { mutate, optOut: mutate, mfaOptOut: mutate, isLoading }\n}\n\n/**\n * Start passkey (WebAuthn) registration ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnRegisterOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.webauthnRegisterOptions(payload),\n options\n )\n\n return { mutate, webauthnRegisterOptions: mutate, isLoading }\n}\n\n/**\n * Complete passkey registration after `@simplewebauthn/browser` ceremony.\n *\n * **API:** `POST /api/auth/mfa/webauthn/register/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, nickname?, portalId? }`.\n */\nexport function webauthnRegisterVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnRegisterVerify(payload!),\n options\n )\n\n return { mutate, webauthnRegisterVerify: mutate, isLoading }\n}\n\n/**\n * Start passkey authentication ceremony while logged in (re-verify).\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/options?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function webauthnAuthOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(async (payload) => Client.mfa.webauthnAuthOptions(payload), options)\n\n return { mutate, webauthnAuthOptions: mutate, isLoading }\n}\n\n/**\n * Complete logged-in passkey re-verification.\n *\n * **API:** `POST /api/auth/mfa/webauthn/authenticate/verify?portalId={portalId}`\n * **Auth:** Bearer access JWT; body `{ challengeId, credential, portalId? }`.\n */\nexport function webauthnAuthVerify(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<WebAuthnVerifyRequest, any>(\n async (payload?: WebAuthnVerifyRequest) => Client.mfa.webauthnAuthVerify(payload!),\n options\n )\n\n return { mutate, webauthnAuthVerify: mutate, isLoading }\n}\n\n/**\n * List passkeys registered for the portal scope.\n *\n * **API:** `GET /api/auth/mfa/webauthn/credentials?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function listWebauthnCredentials(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<MfaStatusQuery | undefined, any>(\n async (payload) => Client.mfa.listWebauthnCredentials(payload),\n options\n )\n\n return { mutate, listWebauthnCredentials: mutate, isLoading }\n}\n\n/**\n * Remove a registered passkey.\n *\n * **API:** `DELETE /api/auth/mfa/webauthn/credentials/{credentialRecordId}?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function deleteWebauthnCredential(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ credentialRecordId: string | number } & MfaStatusQuery, any>(\n async (payload?: { credentialRecordId: string | number } & MfaStatusQuery) => {\n const { credentialRecordId, portalId } = payload!\n return Client.mfa.deleteWebauthnCredential(credentialRecordId, { portalId })\n },\n options\n )\n\n return { mutate, deleteWebauthnCredential: mutate, isLoading }\n}\n\n/**\n * Start passwordless passkey login (when `PASSKEY_PRIMARY` is allowed).\n *\n * **API:** `POST /api/auth/passkey/login/options?hubId={hubId}`\n * **Auth:** Public; body `{ email, hubId?, portalId? }`.\n */\nexport function passkeyLoginOptions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginOptionsRequest, any>(\n async (payload?: PasskeyLoginOptionsRequest) => Client.mfa.passkeyLoginOptions(payload!),\n options\n )\n\n return { mutate, passkeyLoginOptions: mutate, isLoading }\n}\n\n/**\n * Finish passwordless passkey login; may return `twoFactorRequired` if policy requires MFA.\n *\n * **API:** `POST /api/auth/passkey/login/verify?hubId={hubId}`\n * **Auth:** Public; body `{ challengeId, credential, portalId? }`.\n * **Session:** Applies MFA-aware token rules via {@link applyLoginResponse}.\n */\nexport function passkeyLoginVerify(options?: MutationOptions<LoginResponseData, any>) {\n const { mutate, isLoading } = createMutation<PasskeyLoginVerifyRequest, LoginResponseData>(async (payload?: PasskeyLoginVerifyRequest) => {\n const response = (await Client.mfa.passkeyLoginVerify(payload!)) as LoginResponseData\n await applyLoginResponse(response)\n return response\n }, options)\n\n return { mutate, passkeyLoginVerify: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport type {\n MutationOptions,\n RevokeSecuritySessionPayload,\n SecurityLoginActivityQuery,\n SecurityOverviewQuery,\n SecuritySessionsQuery\n} from '../../../core/types'\n\n/**\n * Security settings overview (password age, MFA methods, policy flags).\n * Use this for the Security page — not `api.me()` + `api.getMfaStatus()`.\n *\n * **API:** `GET /api/auth/security/overview?portalId={portalId}`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityOverview(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityOverviewQuery | undefined, any>(\n async (payload) => Client.security.getOverview(payload),\n options\n )\n\n return { mutate, getOverview: mutate, getSecurityOverview: mutate, isLoading }\n}\n\n/**\n * Paginated login activity for the Security page.\n *\n * **API:** `GET /api/auth/security/login-activity?page=&limit=&sort=`\n * **Auth:** Bearer access JWT.\n */\nexport function getSecurityLoginActivity(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecurityLoginActivityQuery | undefined, any>(\n async (payload) => Client.security.getLoginActivity(payload),\n options\n )\n\n return { mutate, getLoginActivity: mutate, getSecurityLoginActivity: mutate, isLoading }\n}\n\n/**\n * List active sessions (refresh-token families) for the Security page.\n *\n * **API:** `GET /api/auth/security/sessions?currentFamilyId=`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header to mark current session.\n */\nexport function getSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<SecuritySessionsQuery | undefined, any>(\n async (payload) => Client.security.getSessions(payload),\n options\n )\n\n return { mutate, getSessions: mutate, getSecuritySessions: mutate, isLoading }\n}\n\n/**\n * Sign out a single device/session by `familyId`.\n *\n * **API:** `POST /api/auth/security/sessions/{familyId}/revoke`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload.\n */\nexport function revokeSecuritySession(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<RevokeSecuritySessionPayload, any>(\n async (payload?: RevokeSecuritySessionPayload) => Client.security.revokeSession(payload!),\n options\n )\n\n return { mutate, revokeSession: mutate, revokeSecuritySession: mutate, isLoading }\n}\n\n/**\n * Sign out all other devices; keeps the current session when `refreshToken` is provided.\n *\n * **API:** `POST /api/auth/security/sessions/revoke-others`\n * **Auth:** Bearer access JWT; optional `refreshToken` in payload → `X-Refresh-Token` header.\n */\nexport function revokeOtherSecuritySessions(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<{ refreshToken?: string } | undefined, any>(\n async (payload) => Client.security.revokeOtherSessions(payload?.refreshToken),\n options\n )\n\n return { mutate, revokeOtherSessions: mutate, revokeOtherSecuritySessions: mutate, isLoading }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\n\nexport function getLoginBootstrap(options?: MutationOptions<any, { hubId?: number; portalId?: number } | void>) {\n const { mutate, isLoading } = createMutation(async (payload?: { hubId?: number; portalId?: number }) => {\n const response: any = await Client.authentication.getLoginBootstrap(payload)\n return response\n }, options)\n\n return {\n mutate,\n getLoginBootstrap: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { MutationOptions, PreLoginPayload } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { applyLoginResponse } from '../../../core/http/login-session'\n\nexport function getSsoDetails(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await Client.sso.getSsoDetails()\n return response\n }, options)\n\n return {\n mutate,\n getDetails: mutate,\n getSsoDetails: mutate,\n isLoading\n }\n}\n\nexport function generateSsoUrl(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.generateSsoUrl(payload)\n return response\n }, options)\n\n return {\n mutate,\n generateUrl: mutate,\n generateSsoUrl: mutate,\n isLoading\n }\n}\n\nexport function ssoCallback(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<PreLoginPayload, any>(async (payload: any) => {\n const response: any = await Client.sso.ssoCallback(payload)\n await applyLoginResponse(response)\n return response\n }, options)\n\n return {\n mutate,\n callback: mutate,\n ssoCallback: mutate,\n isLoading\n }\n}\n","import { Client } from '../../../core/http/client-assembler'\nimport type { ChangePasswordPayload, MutationOptions } from '../../../core/types'\nimport { createMutation } from '../../../core/mutation/createMutation'\nimport { actions as userActions } from '../../../state/crm/use-user'\n\nlet meRequestInFlight: Promise<any> | null = null\n\nasync function fetchMeOnce() {\n if (!meRequestInFlight) {\n meRequestInFlight = Client.user.me().finally(() => {\n meRequestInFlight = null\n })\n }\n return meRequestInFlight\n}\n\nexport function me(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async () => {\n const response: any = await fetchMeOnce()\n userActions.setProfile(response)\n return response?.data\n }, options)\n\n return {\n mutate,\n me: mutate,\n isLoading\n }\n}\n\nexport function profile(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profile(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n profile: mutate,\n isLoading\n }\n}\n\nexport function profileUpdate(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation(async (paylaod: any) => {\n const response: any = await Client.user.profileUpdate(paylaod)\n return response\n }, options)\n\n return {\n mutate,\n updateProfile: mutate,\n profileUpdate: mutate,\n isLoading\n }\n}\n\n/** @deprecated Use {@link profileUpdate} — same factory; 3.0 nested key is `updateProfile`. */\nexport const updateProfile = profileUpdate\n\nexport function changePassword(options?: MutationOptions<any, any>) {\n const { mutate, isLoading } = createMutation<ChangePasswordPayload, any>(async (payload: any) => {\n const response: any = await Client.user.changePassword(payload)\n return response\n }, options)\n\n return {\n mutate,\n changePassword: mutate,\n isLoading\n }\n}\n","import {\n preLogin,\n login,\n clientSession,\n handoff,\n register,\n verifyEmail,\n forgetPassword,\n logout,\n resetPasswordVerifyToken,\n resetPassword,\n registerExistingUser,\n verifyEmailResend,\n resendEmail\n} from '../features/auth/api/authentication'\nimport {\n verifyOtp,\n sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getMfaStatus,\n setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n} from '../features/auth/api/mfa'\nimport {\n getSecurityOverview,\n getSecurityLoginActivity,\n getSecuritySessions,\n revokeSecuritySession,\n revokeOtherSecuritySessions\n} from '../features/auth/api/security'\nimport { getLoginBootstrap } from '../features/auth/api/login-bootstrap'\nimport { getSsoDetails, generateSsoUrl, ssoCallback } from '../features/auth/api/sso'\nimport { changePassword, me, profile, profileUpdate } from '../features/auth/api/users'\nimport { getRefreshToken, setAccessToken as persistAccessToken } from '../core/http/auth-utils'\nimport { getAuthRefreshToken } from '../core/http/http-client'\nimport {\n clearAccessToken,\n didLastRefreshFail,\n getAccessToken,\n isAuthenticateApp,\n isAuthenticated,\n isExpiresAccessToken,\n isAccessTokenExpired,\n hasRefreshSession,\n hasValidAccessToken,\n isRefreshInFlight,\n isSessionRefreshExhausted,\n refreshSession,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState\n} from '../core/http/token-store'\nimport { isCookieExpired } from '../core/utils/cookie'\nimport {\n hasValidAccess,\n isFullyAuthenticated as isFullyAuthenticatedContract,\n hasAuthenticatedAccess as hasAuthenticatedAccessContract,\n type SessionContractInput\n} from '../core/auth/session-contract'\n\n/** Canonical nested auth API (SDK 3.0). */\nexport const authApi = {\n preLogin,\n login,\n clientSession,\n handoff,\n logout,\n register,\n verifyEmail,\n registerExistingUser,\n forgetPassword,\n resetPassword,\n resetPasswordVerifyToken,\n verifyEmailResend,\n resendEmail,\n changePassword,\n me,\n profile,\n updateProfile: profileUpdate,\n mfa: {\n verifyOtp,\n sendOtp: sendMfaOtp,\n pendingPasskeyOptions,\n pendingPasskeyVerify,\n getStatus: getMfaStatus,\n setPreferences: setMfaPreferences,\n startPhoneVerify,\n confirmPhoneVerify,\n totpEnrollStart,\n totpEnrollVerify,\n totpDisable,\n phoneUnverify,\n backupCodesRegenerate,\n optOut: mfaOptOut,\n mfaOptOut,\n webauthnRegisterOptions,\n webauthnRegisterVerify,\n webauthnAuthOptions,\n webauthnAuthVerify,\n listWebauthnCredentials,\n deleteWebauthnCredential,\n passkeyLoginOptions,\n passkeyLoginVerify\n },\n security: {\n getOverview: getSecurityOverview,\n getLoginActivity: getSecurityLoginActivity,\n getSessions: getSecuritySessions,\n revokeSession: revokeSecuritySession,\n revokeOtherSessions: revokeOtherSecuritySessions\n },\n loginBootstrap: getLoginBootstrap,\n sso: {\n getDetails: getSsoDetails,\n generateUrl: generateSsoUrl,\n callback: ssoCallback\n },\n session: {\n getRefreshToken,\n refreshSession,\n refreshAccessToken: getAuthRefreshToken,\n getAccessToken,\n setAccessToken: persistAccessToken,\n clearAccessToken,\n isAuthenticated,\n isAuthenticateApp,\n isAccessTokenExpired,\n isExpiresAccessToken,\n isCookieExpired,\n hasRefreshSession,\n hasValidAccessToken,\n didLastRefreshFail,\n isSessionRefreshExhausted,\n isRefreshInFlight,\n resetSessionAuthState,\n clearSessionRefreshExhaustedState,\n hydrateSessionRefreshState,\n contract: (): SessionContractInput => ({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n isFullyAuthenticated: () =>\n isFullyAuthenticatedContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasAuthenticatedAccess: () =>\n hasAuthenticatedAccessContract({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n }),\n hasValidAccess: () =>\n hasValidAccess({\n hasAccessToken: () => Boolean(getAccessToken()),\n isAccessTokenExpired: isAccessTokenExpired,\n hasRefreshSession\n })\n }\n}\n","export type MfaBootRecoveryResult = 'pending' | 'orphan_cleared' | 'stale_token_cleared' | 'none'\n\nexport type MfaBootRecoveryInput = {\n hasMfaContext: () => boolean\n hasAccessToken: () => boolean\n hasRefreshToken: () => boolean\n clearMfaOrphan: () => void\n clearStaleAccessToken: () => void\n /** Restore temp MFA JWT from sessionStorage after refresh. Return true when hydrated. */\n tryHydrateMfaAccessToken?: () => boolean | Promise<boolean>\n}\n\n/**\n * Normalize MFA gate state on cold load before the router mounts.\n * When sessionStorage holds a valid temp MFA JWT, hydrates in-memory access token so MFA can resume.\n */\nexport async function recoverMfaGateOnBoot(input: MfaBootRecoveryInput): Promise<MfaBootRecoveryResult> {\n const hasContext = input.hasMfaContext()\n let hasToken = input.hasAccessToken()\n const hasRefresh = input.hasRefreshToken()\n\n if (hasContext && hasToken) {\n return 'pending'\n }\n\n if (hasContext && !hasToken) {\n const hydrated = await input.tryHydrateMfaAccessToken?.()\n hasToken = input.hasAccessToken()\n if (hydrated && hasToken) {\n return 'pending'\n }\n input.clearMfaOrphan()\n return 'orphan_cleared'\n }\n\n if (hasToken && !hasContext && !hasRefresh) {\n input.clearStaleAccessToken()\n return 'stale_token_cleared'\n }\n\n return 'none'\n}\n\nexport type { VisibilityRefreshOptions } from '../http/visibility-refresh-scheduler.js'\nexport { startVisibilityRefreshScheduler, stopVisibilityRefreshScheduler } from '../http/visibility-refresh-scheduler.js'\n","import { hasValidAccess, isFullyAuthenticated, isMfaPendingSession, type SessionContractInput } from './session-contract.js'\n\nexport type AuthRouteAction =\n | { kind: 'allow' }\n | { kind: 'show_loader' }\n | { kind: 'redirect_login'; returnUrl?: string }\n | { kind: 'redirect_mfa' }\n | { kind: 'redirect_funnel'; step: 'email_verify' | 'hub_select' | 'portal_select' }\n\nexport type AuthFunnelState = {\n emailVerified?: boolean\n hubId?: number | string | null\n portalId?: number | string | null\n}\n\nexport type ResolveAuthRouteActionInput = {\n pathname: string\n isPublicAuthRoute: (pathname: string) => boolean\n session: SessionContractInput\n funnel?: AuthFunnelState\n mfaRoute: string\n previewMode?: boolean\n /** When refresh hint exists but access token missing — session restoring. */\n sessionRestoring?: boolean\n /** Refresh already failed — do not show restoring loader; redirect to login. */\n sessionRefreshExhausted?: boolean\n}\n\nexport function resolveAuthRouteAction(input: ResolveAuthRouteActionInput): AuthRouteAction {\n const {\n pathname,\n isPublicAuthRoute,\n session,\n funnel,\n mfaRoute,\n previewMode = false,\n sessionRestoring = false,\n sessionRefreshExhausted = false\n } = input\n\n if (previewMode) {\n return { kind: 'allow' }\n }\n\n if (isMfaPendingSession(session)) {\n if (pathname === mfaRoute) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_mfa' }\n }\n\n if (sessionRestoring && !sessionRefreshExhausted) {\n return { kind: 'show_loader' }\n }\n\n if (sessionRefreshExhausted && !hasValidAccess(session)) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n const authenticated = isFullyAuthenticated(session)\n\n if (!authenticated) {\n if (isPublicAuthRoute(pathname)) {\n return { kind: 'allow' }\n }\n return { kind: 'redirect_login' }\n }\n\n if (funnel) {\n if (funnel.emailVerified === false) {\n return { kind: 'redirect_funnel', step: 'email_verify' }\n }\n if (!funnel.hubId) {\n return { kind: 'redirect_funnel', step: 'hub_select' }\n }\n if (!funnel.portalId) {\n return { kind: 'redirect_funnel', step: 'portal_select' }\n }\n }\n\n return { kind: 'allow' }\n}\n"]}
package/dist/{chunk-NXGSFLJS.js → chunk-WSUXZOHL.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { WP_STORAGE_KEYS, CLIENT_COOKIE_MIGRATIONS, CLIENT_SESSION_STORAGE_MIGRATIONS, LEGACY_CLIENT_AUTH_COOKIES, LEGACY_CLIENT_SESSION_EXACT, wpClientIframeRefreshKey, wpClientIframeRefreshExpKey, WP_UI_THEME } from './chunk-7JHBCIR5.js';
1
+ import { WP_STORAGE_KEYS, CLIENT_COOKIE_MIGRATIONS, CLIENT_SESSION_STORAGE_MIGRATIONS, LEGACY_CLIENT_AUTH_COOKIES, LEGACY_CLIENT_SESSION_EXACT, wpClientIframeRefreshKey, wpClientIframeRefreshExpKey, WP_UI_THEME } from './chunk-EFEBZBMU.js';
2
2
  import Cookies from 'js-cookie';
3
3
 
4
4
  // src/main/core/utils/storage-keys.ts
@@ -305,5 +305,5 @@ function clearStaleIframeRefreshForOtherHubs(activeHubId) {
305
305
  }
306
306
 
307
307
  export { clearClientAuthCookies, clearClientIframeRefreshLocalKeys, clearClientSessionStorageKeys, clearStaleIframeRefreshForOtherHubs, configureStorageKeys, getClientAuthCookieNamesToClear, getCookie, getStorageKeys, isCookieExpired, isCorruptCookieRawValue, migrateLegacyStorageKeys, parseCookieJson, removeCookie, resetStorageKeysForTests, setCookie, stringifyCookieValue };
308
- //# sourceMappingURL=chunk-NXGSFLJS.js.map
309
- //# sourceMappingURL=chunk-NXGSFLJS.js.map
308
+ //# sourceMappingURL=chunk-WSUXZOHL.js.map
309
+ //# sourceMappingURL=chunk-WSUXZOHL.js.map
package/dist/{chunk-NXGSFLJS.js.map → chunk-WSUXZOHL.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/main/core/utils/storage-keys.ts","../src/main/core/utils/cookie.ts","../src/main/core/utils/storage-migration.ts"],"names":["Cookies"],"mappings":";;;;AAcA,IAAM,QAAA,GAAuC;AAAA,EACzC,YAAA,EAAc,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,KAAA;AAAA,EACrC,YAAA,EAAc,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,OAAA;AAAA,EACrC,MAAA,EAAQ,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,MAAA;AAAA,EAC/B,gBAAA,EAAkB,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,GAAA;AAAA,EACzC,QAAA,EAAU,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,KAAA;AAAA,EACjC,UAAA,EAAY,eAAA,CAAgB,CAAA,CAAE,EAAA,CAAG,GAAA;AAAA,EACjC,SAAA,EAAW,eAAA,CAAgB,CAAA,CAAE,EAAA,CAAG,IAAA;AAAA,EAChC,eAAA,EAAiB,eAAA,CAAgB,CAAA,CAAE,EAAA,CAAG,KAAA;AAAA,EACtC,aAAA,EAAe,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK;AAC1C,CAAA;AAEA,IAAI,WAAA,GAA0C,EAAE,GAAG,QAAA,EAAS;AAErD,SAAS,oBAAA,CAAqB,SAAA,GAA8B,EAAC,EAAS;AACzE,EAAA,WAAA,GAAc,EAAE,GAAG,QAAA,EAAU,GAAG,WAAA,EAAa,GAAG,SAAA,EAAU;AAC1D,EAAA,IAAI,SAAA,CAAU,aAAa,MAAA,EAAW;AAClC,IAAA,WAAA,CAAY,WAAW,WAAA,CAAY,YAAA;AAAA,EACvC;AACJ;AAGO,SAAS,wBAAA,GAAiC;AAC7C,EAAA,WAAA,GAAc,EAAE,GAAG,QAAA,EAAS;AAChC;AAEO,SAAS,cAAA,GAAuD;AACnE,EAAA,OAAO,WAAA;AACX;ACvCA,SAAS,gBAAA,GAA4B;AACjC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,OAAO,MAAA,CAAO,SAAS,QAAA,KAAa,QAAA;AACxC;AAGO,SAAS,wBAAwB,GAAA,EAAyC;AAC7E,EAAA,OAAO,OAAO,IAAA,IAAQ,GAAA,KAAQ,EAAA,IAAM,GAAA,KAAQ,eAAe,GAAA,KAAQ,MAAA;AACvE;AAGO,SAAS,qBAAqB,KAAA,EAA+B;AAChE,EAAA,IAAI,KAAA,KAAU,MAAA,IAAa,KAAA,KAAU,IAAA,EAAM;AACvC,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC3B,IAAA,OAAO,uBAAA,CAAwB,KAAK,CAAA,GAAI,IAAA,GAAO,KAAA;AAAA,EACnD;AACA,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,KAAK,CAAA;AACvC,EAAA,IAAI,UAAA,KAAe,MAAA,IAAa,uBAAA,CAAwB,UAAU,CAAA,EAAG;AACjE,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,OAAO,UAAA;AACX;AAEO,IAAM,SAAA,GAAY,CAAC,GAAA,EAAa,KAAA,EAAe,MAAA,KAA2B;AAC7E,EAAA,IAAI,CAAC,GAAA,IAAO,uBAAA,CAAwB,KAAK,CAAA,EAAG;AACxC,IAAA,OAAO,MAAA;AAAA,EACX;AACA,EAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAA,EAAO;AAAA,IAC3B,OAAA,EAAS,MAAA;AAAA,IACT,QAAA,EAAU,gBAAA,EAAiB,GAAI,MAAA,GAAS,KAAA;AAAA,IACxC,QAAQ,gBAAA;AAAiB,GAC5B,CAAA;AACL;AAEO,IAAM,SAAA,GAAiB,CAAC,GAAA,KAAa;AACxC,EAAA,OAAO,OAAA,CAAQ,IAAI,GAAG,CAAA;AAC1B;AAGO,SAAS,gBAA6B,GAAA,EAA0C;AACnF,EAAA,IAAI,GAAA,IAAO,IAAA,IAAQ,GAAA,KAAQ,EAAA,EAAI;AAC3B,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,MAAM,GAAA,GAAM,UAAU,GAAG,CAAA;AACzB,EAAA,IAAI,uBAAA,CAAwB,GAAG,CAAA,EAAG;AAC9B,IAAA,IAAI,GAAA,KAAQ,WAAA,IAAe,GAAA,KAAQ,MAAA,EAAQ;AACvC,MAAA,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,IACtB;AACA,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI;AACA,IAAA,OAAO,IAAA,CAAK,MAAM,GAAG,CAAA;AAAA,EACzB,CAAA,CAAA,MAAQ;AACJ,IAAA,OAAA,CAAQ,OAAO,GAAG,CAAA;AAClB,IAAA,OAAO,IAAA;AAAA,EACX;AACJ;AAEO,IAAM,YAAA,GAAe,CAAC,GAAA,KAAa;AACtC,EAAA,OAAO,OAAA,CAAQ,OAAO,GAAG,CAAA;AAC7B;AAGO,IAAM,yBAAyB,MAAM;AACxC,EAAA,+BAAA,GAAkC,OAAA,CAAQ,CAAC,SAAS,OAAA,CAAQ,MAAA,CAAO,IAAI,CAAC,CAAA;AACxE,EAAA,KAAA,MAAW,YAAA,IAAgB,CAAC,0BAAA,EAA4B,WAAW,CAAA,EAAG;AAClE,IAAA,OAAA,CAAQ,OAAO,YAAY,CAAA;AAAA,EAC/B;AACJ;AAKO,IAAM,eAAA,GAAkB,CAAC,GAAA,KAAyB;AACrD,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAC7B,EAAA,IAAI,UAAU,MAAA,EAAW;AACrB,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI;AACA,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,KAAK,CAAA;AAC/B,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,eAAe,MAAA,EAAQ;AAC/D,MAAA,MAAM,YAAa,MAAA,CAAkC,SAAA;AACrD,MAAA,OAAO,OAAO,SAAA,KAAc,QAAA,IAAY,IAAA,CAAK,KAAI,GAAI,SAAA;AAAA,IACzD;AACA,IAAA,OAAO,KAAA;AAAA,EACX,CAAA,CAAA,MAAQ;AAEJ,IAAA,OAAO,KAAA;AAAA,EACX;AACJ;;;AChFA,SAAS,iBAAA,CAAkB,QAAgB,SAAA,EAAyB;AAChE,EAAA,MAAM,KAAA,GAAQA,OAAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AAChC,EAAA,IAAI,UAAU,MAAA,EAAW;AACrB,IAAA;AAAA,EACJ;AACA,EAAA,IAAI,uBAAA,CAAwB,KAAK,CAAA,EAAG;AAChC,IAAAA,OAAAA,CAAQ,OAAO,MAAM,CAAA;AACrB,IAAA;AAAA,EACJ;AACA,EAAA,IAAI,CAACA,OAAAA,CAAQ,GAAA,CAAI,SAAS,CAAA,EAAG;AACzB,IAAAA,OAAAA,CAAQ,GAAA,CAAI,SAAA,EAAW,KAAK,CAAA;AAAA,EAChC;AACA,EAAAA,OAAAA,CAAQ,OAAO,MAAM,CAAA;AACzB;AAEA,SAAS,uBAAA,CAAwB,QAAgB,SAAA,EAAyB;AACtE,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,MAAM,CAAA;AAChD,IAAA,IAAI,SAAS,IAAA,EAAM;AACf,MAAA;AAAA,IACJ;AACA,IAAA,IAAI,CAAC,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAS,CAAA,EAAG;AACzC,MAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAA,EAAW,KAAK,CAAA;AAAA,IAChD;AACA,IAAA,MAAA,CAAO,YAAA,CAAa,WAAW,MAAM,CAAA;AAAA,EACzC,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,yBAAA,CAA0B,QAAgB,SAAA,EAAyB;AACxE,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,cAAA,EAAgB;AACzD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,cAAA,CAAe,OAAA,CAAQ,MAAM,CAAA;AAClD,IAAA,IAAI,SAAS,IAAA,EAAM;AACf,MAAA;AAAA,IACJ;AACA,IAAA,IAAI,CAAC,MAAA,CAAO,cAAA,CAAe,OAAA,CAAQ,SAAS,CAAA,EAAG;AAC3C,MAAA,MAAA,CAAO,cAAA,CAAe,OAAA,CAAQ,SAAA,EAAW,KAAK,CAAA;AAAA,IAClD;AACA,IAAA,MAAA,CAAO,cAAA,CAAe,WAAW,MAAM,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,wBAAA,GAAiC;AACtC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,UAAA,CAAW,eAAe,CAAC,CAAA;AACzF,IAAA,KAAA,MAAW,aAAa,IAAA,EAAM;AAC1B,MAAA,MAAM,MAAA,GAAS,SAAA,CAAU,KAAA,CAAM,eAAA,CAAgB,MAAM,CAAA;AACrD,MAAA,IAAI,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG;AACzB,QAAA;AAAA,MACJ;AACA,MAAA,MAAM,KAAA,GAAQ,MAAA;AACd,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAS,CAAA;AACnD,MAAA,MAAM,MAAM,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,CAAA,EAAG,SAAS,CAAA,IAAA,CAAM,CAAA;AAC1D,MAAA,MAAM,MAAA,GAAS,yBAAyB,KAAK,CAAA;AAC7C,MAAA,MAAM,SAAA,GAAY,4BAA4B,KAAK,CAAA;AACnD,MAAA,IAAI,SAAS,IAAA,IAAQ,CAAC,OAAO,YAAA,CAAa,OAAA,CAAQ,MAAM,CAAA,EAAG;AACvD,QAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,MAAA,EAAQ,KAAK,CAAA;AAAA,MAC7C;AACA,MAAA,IAAI,OAAO,IAAA,IAAQ,CAAC,OAAO,YAAA,CAAa,OAAA,CAAQ,SAAS,CAAA,EAAG;AACxD,QAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAA,EAAW,GAAG,CAAA;AAAA,MAC9C;AACA,MAAA,MAAA,CAAO,YAAA,CAAa,WAAW,SAAS,CAAA;AACxC,MAAA,MAAA,CAAO,YAAA,CAAa,UAAA,CAAW,CAAA,EAAG,SAAS,CAAA,IAAA,CAAM,CAAA;AAAA,IACrD;AAAA,EACJ,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,8BAAA,GAAuC;AAC5C,EAAA,MAAM,OAAO,cAAA,EAAe;AAC5B,EAAA,MAAM,YAAA,GAAe,CAAC,0BAAA,EAA4B,WAAW,CAAA;AAC7D,EAAA,KAAA,MAAW,QAAQ,YAAA,EAAc;AAC7B,IAAAA,OAAAA,CAAQ,OAAO,IAAI,CAAA;AAAA,EACvB;AACA,EAAA,IAAI,IAAA,CAAK,QAAA,IAAY,IAAA,CAAK,QAAA,KAAa,KAAK,YAAA,EAAc;AAEtD,IAAAA,OAAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA;AAAA,EAChC;AACJ;AAMO,SAAS,wBAAA,GAAiC;AAC7C,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAC/B,IAAA;AAAA,EACJ;AAEA,EAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,SAAS,CAAA,IAAK,wBAAA,EAA0B;AACxD,IAAA,iBAAA,CAAkB,QAAQ,SAAS,CAAA;AAAA,EACvC;AAEA,EAAA,uBAAA,CAAwB,aAAA,EAAe,eAAA,CAAgB,CAAA,CAAE,GAAG,CAAA;AAC5D,EAAA,uBAAA,CAAwB,SAAS,WAAW,CAAA;AAE5C,EAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,SAAS,CAAA,IAAK,iCAAA,EAAmC;AACjE,IAAA,yBAAA,CAA0B,QAAQ,SAAS,CAAA;AAAA,EAC/C;AAEA,EAAA,wBAAA,EAAyB;AACzB,EAAA,8BAAA,EAA+B;AAG/B,EAAA,IAAI;AACA,IAAA,MAAA,CAAO,cAAA,EAAgB,WAAW,aAAa,CAAA;AAAA,EACnD,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAGO,SAAS,+BAAA,GAA4C;AACxD,EAAA,MAAM,OAAO,cAAA,EAAe;AAC5B,EAAA,MAAM,UAAA,GAAa;AAAA,IACf,IAAA,CAAK,YAAA;AAAA,IACL,IAAA,CAAK,YAAA;AAAA,IACL,IAAA,CAAK,MAAA;AAAA,IACL,IAAA,CAAK,gBAAA;AAAA,IACL,IAAA,CAAK,QAAA;AAAA,IACL,IAAA,CAAK,UAAA;AAAA,IACL,IAAA,CAAK,SAAA;AAAA,IACL,IAAA,CAAK,eAAA;AAAA,IACL,IAAA,CAAK;AAAA,IACP,MAAA,CAAO,CAAC,IAAA,KAAyB,OAAA,CAAQ,IAAI,CAAC,CAAA;AAEhD,EAAA,MAAM,SAAA,GAAY;AAAA,IACd,eAAA,CAAgB,EAAE,IAAA,CAAK,KAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,OAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,MAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,GAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,OAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,EAAA,CAAG,GAAA;AAAA,IACrB,eAAA,CAAgB,EAAE,EAAA,CAAG,IAAA;AAAA,IACrB,eAAA,CAAgB,EAAE,EAAA,CAAG;AAAA,GACzB;AAEA,EAAA,OAAO,CAAC,mBAAG,IAAI,GAAA,CAAI,CAAC,GAAG,UAAA,EAAY,GAAG,SAAA,EAAW,GAAG,0BAA0B,CAAC,CAAC,CAAA;AACpF;AAEO,SAAS,6BAAA,GAAsC;AAClD,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,cAAA,EAAgB;AACzD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,SAAS,CAAA,IAAK,iCAAA,EAAmC;AACjE,MAAA,IACI,cAAc,eAAA,CAAgB,CAAA,CAAE,MAAM,KAAA,IACtC,SAAA,KAAc,gBAAgB,CAAA,CAAE,KAAA,CAAM,SACtC,SAAA,KAAc,eAAA,CAAgB,EAAE,KAAA,CAAM,OAAA,IACtC,cAAc,eAAA,CAAgB,CAAA,CAAE,MAAM,IAAA,EACxC;AACE,QAAA;AAAA,MACJ;AACA,MAAA,MAAA,CAAO,cAAA,CAAe,WAAW,MAAM,CAAA;AACvC,MAAA,MAAA,CAAO,cAAA,CAAe,WAAW,SAAS,CAAA;AAAA,IAC9C;AACA,IAAA,KAAA,MAAW,OAAO,2BAAA,EAA6B;AAC3C,MAAA,IAAI,QAAQ,aAAA,EAAe;AACvB,QAAA,MAAA,CAAO,cAAA,CAAe,WAAW,GAAG,CAAA;AAAA,MACxC;AAAA,IACJ;AACA,IAAA,MAAM,kBAAA,uBAAyB,GAAA,CAAI;AAAA,MAC/B,eAAA,CAAgB,EAAE,KAAA,CAAM,KAAA;AAAA,MACxB,eAAA,CAAgB,EAAE,KAAA,CAAM,KAAA;AAAA,MACxB,eAAA,CAAgB,EAAE,KAAA,CAAM,OAAA;AAAA,MACxB,eAAA,CAAgB,EAAE,KAAA,CAAM,IAAA;AAAA,MACxB,yBAAA;AAAA,MACA,iCAAA;AAAA,MACA,0CAAA;AAAA,MACA;AAAA,KACH,CAAA;AACD,IAAA,MAAM,eAAyB,EAAC;AAChC,IAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,cAAA,CAAe,QAAQ,CAAA,EAAA,EAAK;AACnD,MAAA,MAAM,GAAA,GAAM,MAAA,CAAO,cAAA,CAAe,GAAA,CAAI,CAAC,CAAA;AACvC,MAAA,IAAI,CAAC,GAAA,IAAO,kBAAA,CAAmB,GAAA,CAAI,GAAG,CAAA,EAAG;AACzC,MAAA,IAAI,IAAI,UAAA,CAAW,kBAAkB,KAAK,GAAA,CAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AACnE,QAAA,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,MACzB;AACA,MAAA,IAAI,GAAA,KAAQ,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,GAAA,IAAO,GAAA,KAAQ,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,gBAAA,IAAoB,GAAA,KAAQ,WAAA,EAAa;AAC9G,QAAA,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,MACzB;AACA,MAAA,IAAI,QAAQ,eAAA,CAAgB,CAAA,CAAE,GAAA,CAAI,EAAA,IAAM,QAAQ,wBAAA,EAA0B;AACtE,QAAA,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,MACzB;AAAA,IACJ;AACA,IAAA,YAAA,CAAa,QAAQ,CAAC,CAAA,KAAM,OAAO,cAAA,CAAe,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EACnE,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEO,SAAS,iCAAA,GAA0C;AACtD,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,YAAY,CAAA,CAAE,MAAA;AAAA,MAC1C,CAAC,CAAA,KAAM,CAAA,CAAE,UAAA,CAAW,eAAe,CAAA,IAAK,CAAA,CAAE,UAAA,CAAW,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,cAAc;AAAA,KAC9F;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAO,YAAA,CAAa,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEO,SAAS,oCAAoC,WAAA,EAAgD;AAChG,EAAA,IAAI,eAAe,IAAA,IAAQ,OAAO,WAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AAC9E,IAAA;AAAA,EACJ;AACA,EAAA,MAAM,YAAA,GAAe,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,cAAA;AAC5C,EAAA,MAAM,SAAA,GAAY,yBAAyB,WAAW,CAAA;AACtD,EAAA,IAAI;AACA,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,YAAY,CAAA,CAAE,MAAA;AAAA,MAC1C,CAAC,CAAA,KAAA,CAAO,CAAA,CAAE,UAAA,CAAW,eAAe,CAAA,IAAK,CAAA,CAAE,UAAA,CAAW,YAAY,CAAA,KAAM,CAAA,KAAM,SAAA,IAAa,CAAA,KAAM,4BAA4B,WAAW;AAAA,KAC5I;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAO,YAAA,CAAa,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ","file":"chunk-NXGSFLJS.js","sourcesContent":["import { WP_STORAGE_KEYS } from './wp-storage-keys'\n\nexport interface StorageKeyConfig {\n loginDetails?: string\n refreshToken?: string\n portal?: string\n subscriptionType?: string\n authUser?: string\n pagination?: string\n routeMenu?: string\n associationView?: string\n emailVerified?: string\n}\n\nconst defaults: Required<StorageKeyConfig> = {\n loginDetails: WP_STORAGE_KEYS.c.auth.login,\n refreshToken: WP_STORAGE_KEYS.c.auth.refresh,\n portal: WP_STORAGE_KEYS.c.auth.portal,\n subscriptionType: WP_STORAGE_KEYS.c.auth.sub,\n authUser: WP_STORAGE_KEYS.c.auth.login,\n pagination: WP_STORAGE_KEYS.c.ui.pag,\n routeMenu: WP_STORAGE_KEYS.c.ui.menu,\n associationView: WP_STORAGE_KEYS.c.ui.assoc,\n emailVerified: WP_STORAGE_KEYS.c.auth.emailOk\n}\n\nlet runtimeKeys: Required<StorageKeyConfig> = { ...defaults }\n\nexport function configureStorageKeys(overrides: StorageKeyConfig = {}): void {\n runtimeKeys = { ...defaults, ...runtimeKeys, ...overrides }\n if (overrides.authUser === undefined) {\n runtimeKeys.authUser = runtimeKeys.loginDetails\n }\n}\n\n/** Test helper — restore default cookie key names. */\nexport function resetStorageKeysForTests(): void {\n runtimeKeys = { ...defaults }\n}\n\nexport function getStorageKeys(): Readonly<Required<StorageKeyConfig>> {\n return runtimeKeys\n}\n\nexport { WP_STORAGE_KEYS } from './wp-storage-keys'\n","import Cookies from 'js-cookie'\nimport { getClientAuthCookieNamesToClear } from './storage-migration'\n\nfunction cookieSecureFlag(): boolean {\n if (typeof window === 'undefined') return true\n return window.location.protocol === 'https:'\n}\n\n/** Values that must never be persisted in readable cookies. */\nexport function isCorruptCookieRawValue(raw: string | null | undefined): boolean {\n return raw == null || raw === '' || raw === 'undefined' || raw === 'null'\n}\n\n/** Serialize a value for cookie storage; returns null when write should be skipped. */\nexport function stringifyCookieValue(value: unknown): string | null {\n if (value === undefined || value === null) {\n return null\n }\n if (typeof value === 'string') {\n return isCorruptCookieRawValue(value) ? null : value\n }\n const serialized = JSON.stringify(value)\n if (serialized === undefined || isCorruptCookieRawValue(serialized)) {\n return null\n }\n return serialized\n}\n\nexport const setCookie = (key: string, value: string, expire?: number | Date) => {\n if (!key || isCorruptCookieRawValue(value)) {\n return undefined\n }\n return Cookies.set(key, value, {\n expires: expire,\n sameSite: cookieSecureFlag() ? 'none' : 'lax',\n secure: cookieSecureFlag()\n })\n}\n\nexport const getCookie: any = (key: any) => {\n return Cookies.get(key)\n}\n\n/** Parse JSON stored in a cookie; removes corrupt values on read (self-heal). */\nexport function parseCookieJson<T = unknown>(key: string | null | undefined): T | null {\n if (key == null || key === '') {\n return null\n }\n const raw = getCookie(key)\n if (isCorruptCookieRawValue(raw)) {\n if (raw === 'undefined' || raw === 'null') {\n Cookies.remove(key)\n }\n return null\n }\n try {\n return JSON.parse(raw) as T\n } catch {\n Cookies.remove(key)\n return null\n }\n}\n\nexport const removeCookie = (key: any) => {\n return Cookies.remove(key)\n}\n\n/** Clears client-portal session cookies only (does not wipe admin cookies on shared localhost). */\nexport const clearClientAuthCookies = () => {\n getClientAuthCookieNamesToClear().forEach((name) => Cookies.remove(name))\n for (const legacyAccess of ['woodsportal_access_token', 'AUTH_CRED']) {\n Cookies.remove(legacyAccess)\n }\n}\n\n/** @deprecated Prefer {@link clearClientAuthCookies} */\nexport const removeAllCookie = clearClientAuthCookies\n\nexport const isCookieExpired = (key: string): boolean => {\n const value = Cookies.get(key)\n if (value === undefined) {\n return true\n }\n try {\n const parsed = JSON.parse(value)\n if (parsed && typeof parsed === 'object' && 'expiresAt' in parsed) {\n const expiresAt = (parsed as { expiresAt?: number }).expiresAt\n return typeof expiresAt === 'number' && Date.now() > expiresAt\n }\n return false\n } catch {\n // Plain string values (e.g. refresh token) rely on browser cookie expiry.\n return false\n }\n}\n","import Cookies from 'js-cookie'\nimport {\n CLIENT_COOKIE_MIGRATIONS,\n CLIENT_SESSION_STORAGE_MIGRATIONS,\n LEGACY_CLIENT_AUTH_COOKIES,\n LEGACY_CLIENT_SESSION_EXACT,\n WP_STORAGE_KEYS,\n WP_UI_THEME,\n wpClientIframeRefreshKey,\n wpClientIframeRefreshExpKey\n} from './wp-storage-keys'\nimport { getStorageKeys } from './storage-keys'\nimport { isCorruptCookieRawValue } from './cookie'\n\nfunction migrateCookiePair(legacy: string, canonical: string): void {\n const value = Cookies.get(legacy)\n if (value === undefined) {\n return\n }\n if (isCorruptCookieRawValue(value)) {\n Cookies.remove(legacy)\n return\n }\n if (!Cookies.get(canonical)) {\n Cookies.set(canonical, value)\n }\n Cookies.remove(legacy)\n}\n\nfunction migrateLocalStoragePair(legacy: string, canonical: string): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n const value = window.localStorage.getItem(legacy)\n if (value == null) {\n return\n }\n if (!window.localStorage.getItem(canonical)) {\n window.localStorage.setItem(canonical, value)\n }\n window.localStorage.removeItem(legacy)\n } catch {\n // private mode\n }\n}\n\nfunction migrateSessionStoragePair(legacy: string, canonical: string): void {\n if (typeof window === 'undefined' || !window.sessionStorage) {\n return\n }\n try {\n const value = window.sessionStorage.getItem(legacy)\n if (value == null) {\n return\n }\n if (!window.sessionStorage.getItem(canonical)) {\n window.sessionStorage.setItem(canonical, value)\n }\n window.sessionStorage.removeItem(legacy)\n } catch {\n // ignore\n }\n}\n\nfunction migrateIframeRefreshKeys(): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n const keys = Object.keys(window.localStorage).filter((k) => k.startsWith('wp_iframe_rt_'))\n for (const legacyKey of keys) {\n const suffix = legacyKey.slice('wp_iframe_rt_'.length)\n if (suffix.endsWith('_exp')) {\n continue\n }\n const hubId = suffix\n const token = window.localStorage.getItem(legacyKey)\n const exp = window.localStorage.getItem(`${legacyKey}_exp`)\n const newKey = wpClientIframeRefreshKey(hubId)\n const newExpKey = wpClientIframeRefreshExpKey(hubId)\n if (token != null && !window.localStorage.getItem(newKey)) {\n window.localStorage.setItem(newKey, token)\n }\n if (exp != null && !window.localStorage.getItem(newExpKey)) {\n window.localStorage.setItem(newExpKey, exp)\n }\n window.localStorage.removeItem(legacyKey)\n window.localStorage.removeItem(`${legacyKey}_exp`)\n }\n } catch {\n // ignore\n }\n}\n\nfunction removeLegacyAccessTokenCookies(): void {\n const keys = getStorageKeys()\n const legacyAccess = ['woodsportal_access_token', 'AUTH_CRED']\n for (const name of legacyAccess) {\n Cookies.remove(name)\n }\n if (keys.authUser && keys.authUser !== keys.loginDetails) {\n // legacy duplicate profile mirror — uplift handled by migration; drop separate user cookie\n Cookies.remove(keys.authUser)\n }\n}\n\n/**\n * One-time uplift: read legacy browser keys, write canonical `wp.*` keys, delete legacy.\n * Safe to call on every boot (idempotent).\n */\nexport function migrateLegacyStorageKeys(): void {\n if (typeof window === 'undefined') {\n return\n }\n\n for (const [legacy, canonical] of CLIENT_COOKIE_MIGRATIONS) {\n migrateCookiePair(legacy, canonical)\n }\n\n migrateLocalStoragePair('hubSpotData', WP_STORAGE_KEYS.c.hub)\n migrateLocalStoragePair('theme', WP_UI_THEME)\n\n for (const [legacy, canonical] of CLIENT_SESSION_STORAGE_MIGRATIONS) {\n migrateSessionStoragePair(legacy, canonical)\n }\n\n migrateIframeRefreshKeys()\n removeLegacyAccessTokenCookies()\n\n // Drop dead forget-password key\n try {\n window.sessionStorage?.removeItem('entredEmail')\n } catch {\n // ignore\n }\n}\n\n/** All client auth cookie names to remove on logout (canonical + legacy + configured). */\nexport function getClientAuthCookieNamesToClear(): string[] {\n const keys = getStorageKeys()\n const configured = [\n keys.loginDetails,\n keys.refreshToken,\n keys.portal,\n keys.subscriptionType,\n keys.authUser,\n keys.pagination,\n keys.routeMenu,\n keys.associationView,\n keys.emailVerified\n ].filter((name): name is string => Boolean(name))\n\n const canonical = [\n WP_STORAGE_KEYS.c.auth.login,\n WP_STORAGE_KEYS.c.auth.refresh,\n WP_STORAGE_KEYS.c.auth.portal,\n WP_STORAGE_KEYS.c.auth.sub,\n WP_STORAGE_KEYS.c.auth.emailOk,\n WP_STORAGE_KEYS.c.ui.pag,\n WP_STORAGE_KEYS.c.ui.menu,\n WP_STORAGE_KEYS.c.ui.assoc\n ]\n\n return [...new Set([...configured, ...canonical, ...LEGACY_CLIENT_AUTH_COOKIES])]\n}\n\nexport function clearClientSessionStorageKeys(): void {\n if (typeof window === 'undefined' || !window.sessionStorage) {\n return\n }\n try {\n for (const [legacy, canonical] of CLIENT_SESSION_STORAGE_MIGRATIONS) {\n if (\n canonical === WP_STORAGE_KEYS.c.login.email ||\n canonical === WP_STORAGE_KEYS.c.login.force ||\n canonical === WP_STORAGE_KEYS.c.login.passkey ||\n canonical === WP_STORAGE_KEYS.c.login.done\n ) {\n continue\n }\n window.sessionStorage.removeItem(legacy)\n window.sessionStorage.removeItem(canonical)\n }\n for (const key of LEGACY_CLIENT_SESSION_EXACT) {\n if (key === 'entredEmail') {\n window.sessionStorage.removeItem(key)\n }\n }\n const preservedLoginKeys = new Set([\n WP_STORAGE_KEYS.c.login.email,\n WP_STORAGE_KEYS.c.login.force,\n WP_STORAGE_KEYS.c.login.passkey,\n WP_STORAGE_KEYS.c.login.done,\n 'woodsportal.login.email',\n 'woodsportal.login.forcePreLogin',\n 'woodsportal.login.passkeyPrimaryEnrolled',\n 'woodsportal.login.preLoginCompletedKey'\n ])\n const keysToRemove: string[] = []\n for (let i = 0; i < window.sessionStorage.length; i++) {\n const key = window.sessionStorage.key(i)\n if (!key || preservedLoginKeys.has(key)) continue\n if (key.startsWith('woodsportal.mfa.') || key.startsWith('wp.c.mfa.')) {\n keysToRemove.push(key)\n }\n if (key === WP_STORAGE_KEYS.c.auth.err || key === WP_STORAGE_KEYS.c.auth.refreshExhausted || key === 'authError') {\n keysToRemove.push(key)\n }\n if (key === WP_STORAGE_KEYS.c.sso.cb || key === 'sso_callback_processed') {\n keysToRemove.push(key)\n }\n }\n keysToRemove.forEach((k) => window.sessionStorage.removeItem(k))\n } catch {\n // ignore\n }\n}\n\nexport function clearClientIframeRefreshLocalKeys(): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n const keys = Object.keys(window.localStorage).filter(\n (k) => k.startsWith('wp_iframe_rt_') || k.startsWith(WP_STORAGE_KEYS.c.auth.iframeRtPrefix)\n )\n keys.forEach((k) => window.localStorage.removeItem(k))\n } catch {\n // ignore\n }\n}\n\nexport function clearStaleIframeRefreshForOtherHubs(activeHubId: string | number | undefined): void {\n if (activeHubId == null || typeof window === 'undefined' || !window.localStorage) {\n return\n }\n const activePrefix = WP_STORAGE_KEYS.c.auth.iframeRtPrefix\n const activeKey = wpClientIframeRefreshKey(activeHubId)\n try {\n const keys = Object.keys(window.localStorage).filter(\n (k) => (k.startsWith('wp_iframe_rt_') || k.startsWith(activePrefix)) && k !== activeKey && k !== wpClientIframeRefreshExpKey(activeHubId)\n )\n keys.forEach((k) => window.localStorage.removeItem(k))\n } catch {\n // ignore\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/main/core/utils/storage-keys.ts","../src/main/core/utils/cookie.ts","../src/main/core/utils/storage-migration.ts"],"names":["Cookies"],"mappings":";;;;AAcA,IAAM,QAAA,GAAuC;AAAA,EACzC,YAAA,EAAc,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,KAAA;AAAA,EACrC,YAAA,EAAc,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,OAAA;AAAA,EACrC,MAAA,EAAQ,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,MAAA;AAAA,EAC/B,gBAAA,EAAkB,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,GAAA;AAAA,EACzC,QAAA,EAAU,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,KAAA;AAAA,EACjC,UAAA,EAAY,eAAA,CAAgB,CAAA,CAAE,EAAA,CAAG,GAAA;AAAA,EACjC,SAAA,EAAW,eAAA,CAAgB,CAAA,CAAE,EAAA,CAAG,IAAA;AAAA,EAChC,eAAA,EAAiB,eAAA,CAAgB,CAAA,CAAE,EAAA,CAAG,KAAA;AAAA,EACtC,aAAA,EAAe,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK;AAC1C,CAAA;AAEA,IAAI,WAAA,GAA0C,EAAE,GAAG,QAAA,EAAS;AAErD,SAAS,oBAAA,CAAqB,SAAA,GAA8B,EAAC,EAAS;AACzE,EAAA,WAAA,GAAc,EAAE,GAAG,QAAA,EAAU,GAAG,WAAA,EAAa,GAAG,SAAA,EAAU;AAC1D,EAAA,IAAI,SAAA,CAAU,aAAa,MAAA,EAAW;AAClC,IAAA,WAAA,CAAY,WAAW,WAAA,CAAY,YAAA;AAAA,EACvC;AACJ;AAGO,SAAS,wBAAA,GAAiC;AAC7C,EAAA,WAAA,GAAc,EAAE,GAAG,QAAA,EAAS;AAChC;AAEO,SAAS,cAAA,GAAuD;AACnE,EAAA,OAAO,WAAA;AACX;ACvCA,SAAS,gBAAA,GAA4B;AACjC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,OAAO,MAAA,CAAO,SAAS,QAAA,KAAa,QAAA;AACxC;AAGO,SAAS,wBAAwB,GAAA,EAAyC;AAC7E,EAAA,OAAO,OAAO,IAAA,IAAQ,GAAA,KAAQ,EAAA,IAAM,GAAA,KAAQ,eAAe,GAAA,KAAQ,MAAA;AACvE;AAGO,SAAS,qBAAqB,KAAA,EAA+B;AAChE,EAAA,IAAI,KAAA,KAAU,MAAA,IAAa,KAAA,KAAU,IAAA,EAAM;AACvC,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC3B,IAAA,OAAO,uBAAA,CAAwB,KAAK,CAAA,GAAI,IAAA,GAAO,KAAA;AAAA,EACnD;AACA,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,KAAK,CAAA;AACvC,EAAA,IAAI,UAAA,KAAe,MAAA,IAAa,uBAAA,CAAwB,UAAU,CAAA,EAAG;AACjE,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,OAAO,UAAA;AACX;AAEO,IAAM,SAAA,GAAY,CAAC,GAAA,EAAa,KAAA,EAAe,MAAA,KAA2B;AAC7E,EAAA,IAAI,CAAC,GAAA,IAAO,uBAAA,CAAwB,KAAK,CAAA,EAAG;AACxC,IAAA,OAAO,MAAA;AAAA,EACX;AACA,EAAA,OAAO,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAA,EAAO;AAAA,IAC3B,OAAA,EAAS,MAAA;AAAA,IACT,QAAA,EAAU,gBAAA,EAAiB,GAAI,MAAA,GAAS,KAAA;AAAA,IACxC,QAAQ,gBAAA;AAAiB,GAC5B,CAAA;AACL;AAEO,IAAM,SAAA,GAAiB,CAAC,GAAA,KAAa;AACxC,EAAA,OAAO,OAAA,CAAQ,IAAI,GAAG,CAAA;AAC1B;AAGO,SAAS,gBAA6B,GAAA,EAA0C;AACnF,EAAA,IAAI,GAAA,IAAO,IAAA,IAAQ,GAAA,KAAQ,EAAA,EAAI;AAC3B,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,MAAM,GAAA,GAAM,UAAU,GAAG,CAAA;AACzB,EAAA,IAAI,uBAAA,CAAwB,GAAG,CAAA,EAAG;AAC9B,IAAA,IAAI,GAAA,KAAQ,WAAA,IAAe,GAAA,KAAQ,MAAA,EAAQ;AACvC,MAAA,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,IACtB;AACA,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI;AACA,IAAA,OAAO,IAAA,CAAK,MAAM,GAAG,CAAA;AAAA,EACzB,CAAA,CAAA,MAAQ;AACJ,IAAA,OAAA,CAAQ,OAAO,GAAG,CAAA;AAClB,IAAA,OAAO,IAAA;AAAA,EACX;AACJ;AAEO,IAAM,YAAA,GAAe,CAAC,GAAA,KAAa;AACtC,EAAA,OAAO,OAAA,CAAQ,OAAO,GAAG,CAAA;AAC7B;AAGO,IAAM,yBAAyB,MAAM;AACxC,EAAA,+BAAA,GAAkC,OAAA,CAAQ,CAAC,SAAS,OAAA,CAAQ,MAAA,CAAO,IAAI,CAAC,CAAA;AACxE,EAAA,KAAA,MAAW,YAAA,IAAgB,CAAC,0BAAA,EAA4B,WAAW,CAAA,EAAG;AAClE,IAAA,OAAA,CAAQ,OAAO,YAAY,CAAA;AAAA,EAC/B;AACJ;AAKO,IAAM,eAAA,GAAkB,CAAC,GAAA,KAAyB;AACrD,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAC7B,EAAA,IAAI,UAAU,MAAA,EAAW;AACrB,IAAA,OAAO,IAAA;AAAA,EACX;AACA,EAAA,IAAI;AACA,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,KAAK,CAAA;AAC/B,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,eAAe,MAAA,EAAQ;AAC/D,MAAA,MAAM,YAAa,MAAA,CAAkC,SAAA;AACrD,MAAA,OAAO,OAAO,SAAA,KAAc,QAAA,IAAY,IAAA,CAAK,KAAI,GAAI,SAAA;AAAA,IACzD;AACA,IAAA,OAAO,KAAA;AAAA,EACX,CAAA,CAAA,MAAQ;AAEJ,IAAA,OAAO,KAAA;AAAA,EACX;AACJ;;;AChFA,SAAS,iBAAA,CAAkB,QAAgB,SAAA,EAAyB;AAChE,EAAA,MAAM,KAAA,GAAQA,OAAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AAChC,EAAA,IAAI,UAAU,MAAA,EAAW;AACrB,IAAA;AAAA,EACJ;AACA,EAAA,IAAI,uBAAA,CAAwB,KAAK,CAAA,EAAG;AAChC,IAAAA,OAAAA,CAAQ,OAAO,MAAM,CAAA;AACrB,IAAA;AAAA,EACJ;AACA,EAAA,IAAI,CAACA,OAAAA,CAAQ,GAAA,CAAI,SAAS,CAAA,EAAG;AACzB,IAAAA,OAAAA,CAAQ,GAAA,CAAI,SAAA,EAAW,KAAK,CAAA;AAAA,EAChC;AACA,EAAAA,OAAAA,CAAQ,OAAO,MAAM,CAAA;AACzB;AAEA,SAAS,uBAAA,CAAwB,QAAgB,SAAA,EAAyB;AACtE,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,MAAM,CAAA;AAChD,IAAA,IAAI,SAAS,IAAA,EAAM;AACf,MAAA;AAAA,IACJ;AACA,IAAA,IAAI,CAAC,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAS,CAAA,EAAG;AACzC,MAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAA,EAAW,KAAK,CAAA;AAAA,IAChD;AACA,IAAA,MAAA,CAAO,YAAA,CAAa,WAAW,MAAM,CAAA;AAAA,EACzC,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,yBAAA,CAA0B,QAAgB,SAAA,EAAyB;AACxE,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,cAAA,EAAgB;AACzD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,cAAA,CAAe,OAAA,CAAQ,MAAM,CAAA;AAClD,IAAA,IAAI,SAAS,IAAA,EAAM;AACf,MAAA;AAAA,IACJ;AACA,IAAA,IAAI,CAAC,MAAA,CAAO,cAAA,CAAe,OAAA,CAAQ,SAAS,CAAA,EAAG;AAC3C,MAAA,MAAA,CAAO,cAAA,CAAe,OAAA,CAAQ,SAAA,EAAW,KAAK,CAAA;AAAA,IAClD;AACA,IAAA,MAAA,CAAO,cAAA,CAAe,WAAW,MAAM,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,wBAAA,GAAiC;AACtC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,UAAA,CAAW,eAAe,CAAC,CAAA;AACzF,IAAA,KAAA,MAAW,aAAa,IAAA,EAAM;AAC1B,MAAA,MAAM,MAAA,GAAS,SAAA,CAAU,KAAA,CAAM,eAAA,CAAgB,MAAM,CAAA;AACrD,MAAA,IAAI,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG;AACzB,QAAA;AAAA,MACJ;AACA,MAAA,MAAM,KAAA,GAAQ,MAAA;AACd,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAS,CAAA;AACnD,MAAA,MAAM,MAAM,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,CAAA,EAAG,SAAS,CAAA,IAAA,CAAM,CAAA;AAC1D,MAAA,MAAM,MAAA,GAAS,yBAAyB,KAAK,CAAA;AAC7C,MAAA,MAAM,SAAA,GAAY,4BAA4B,KAAK,CAAA;AACnD,MAAA,IAAI,SAAS,IAAA,IAAQ,CAAC,OAAO,YAAA,CAAa,OAAA,CAAQ,MAAM,CAAA,EAAG;AACvD,QAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,MAAA,EAAQ,KAAK,CAAA;AAAA,MAC7C;AACA,MAAA,IAAI,OAAO,IAAA,IAAQ,CAAC,OAAO,YAAA,CAAa,OAAA,CAAQ,SAAS,CAAA,EAAG;AACxD,QAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,SAAA,EAAW,GAAG,CAAA;AAAA,MAC9C;AACA,MAAA,MAAA,CAAO,YAAA,CAAa,WAAW,SAAS,CAAA;AACxC,MAAA,MAAA,CAAO,YAAA,CAAa,UAAA,CAAW,CAAA,EAAG,SAAS,CAAA,IAAA,CAAM,CAAA;AAAA,IACrD;AAAA,EACJ,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEA,SAAS,8BAAA,GAAuC;AAC5C,EAAA,MAAM,OAAO,cAAA,EAAe;AAC5B,EAAA,MAAM,YAAA,GAAe,CAAC,0BAAA,EAA4B,WAAW,CAAA;AAC7D,EAAA,KAAA,MAAW,QAAQ,YAAA,EAAc;AAC7B,IAAAA,OAAAA,CAAQ,OAAO,IAAI,CAAA;AAAA,EACvB;AACA,EAAA,IAAI,IAAA,CAAK,QAAA,IAAY,IAAA,CAAK,QAAA,KAAa,KAAK,YAAA,EAAc;AAEtD,IAAAA,OAAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,QAAQ,CAAA;AAAA,EAChC;AACJ;AAMO,SAAS,wBAAA,GAAiC;AAC7C,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAC/B,IAAA;AAAA,EACJ;AAEA,EAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,SAAS,CAAA,IAAK,wBAAA,EAA0B;AACxD,IAAA,iBAAA,CAAkB,QAAQ,SAAS,CAAA;AAAA,EACvC;AAEA,EAAA,uBAAA,CAAwB,aAAA,EAAe,eAAA,CAAgB,CAAA,CAAE,GAAG,CAAA;AAC5D,EAAA,uBAAA,CAAwB,SAAS,WAAW,CAAA;AAE5C,EAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,SAAS,CAAA,IAAK,iCAAA,EAAmC;AACjE,IAAA,yBAAA,CAA0B,QAAQ,SAAS,CAAA;AAAA,EAC/C;AAEA,EAAA,wBAAA,EAAyB;AACzB,EAAA,8BAAA,EAA+B;AAG/B,EAAA,IAAI;AACA,IAAA,MAAA,CAAO,cAAA,EAAgB,WAAW,aAAa,CAAA;AAAA,EACnD,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAGO,SAAS,+BAAA,GAA4C;AACxD,EAAA,MAAM,OAAO,cAAA,EAAe;AAC5B,EAAA,MAAM,UAAA,GAAa;AAAA,IACf,IAAA,CAAK,YAAA;AAAA,IACL,IAAA,CAAK,YAAA;AAAA,IACL,IAAA,CAAK,MAAA;AAAA,IACL,IAAA,CAAK,gBAAA;AAAA,IACL,IAAA,CAAK,QAAA;AAAA,IACL,IAAA,CAAK,UAAA;AAAA,IACL,IAAA,CAAK,SAAA;AAAA,IACL,IAAA,CAAK,eAAA;AAAA,IACL,IAAA,CAAK;AAAA,IACP,MAAA,CAAO,CAAC,IAAA,KAAyB,OAAA,CAAQ,IAAI,CAAC,CAAA;AAEhD,EAAA,MAAM,SAAA,GAAY;AAAA,IACd,eAAA,CAAgB,EAAE,IAAA,CAAK,KAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,OAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,MAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,GAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,IAAA,CAAK,OAAA;AAAA,IACvB,eAAA,CAAgB,EAAE,EAAA,CAAG,GAAA;AAAA,IACrB,eAAA,CAAgB,EAAE,EAAA,CAAG,IAAA;AAAA,IACrB,eAAA,CAAgB,EAAE,EAAA,CAAG;AAAA,GACzB;AAEA,EAAA,OAAO,CAAC,mBAAG,IAAI,GAAA,CAAI,CAAC,GAAG,UAAA,EAAY,GAAG,SAAA,EAAW,GAAG,0BAA0B,CAAC,CAAC,CAAA;AACpF;AAEO,SAAS,6BAAA,GAAsC;AAClD,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,cAAA,EAAgB;AACzD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,SAAS,CAAA,IAAK,iCAAA,EAAmC;AACjE,MAAA,IACI,cAAc,eAAA,CAAgB,CAAA,CAAE,MAAM,KAAA,IACtC,SAAA,KAAc,gBAAgB,CAAA,CAAE,KAAA,CAAM,SACtC,SAAA,KAAc,eAAA,CAAgB,EAAE,KAAA,CAAM,OAAA,IACtC,cAAc,eAAA,CAAgB,CAAA,CAAE,MAAM,IAAA,EACxC;AACE,QAAA;AAAA,MACJ;AACA,MAAA,MAAA,CAAO,cAAA,CAAe,WAAW,MAAM,CAAA;AACvC,MAAA,MAAA,CAAO,cAAA,CAAe,WAAW,SAAS,CAAA;AAAA,IAC9C;AACA,IAAA,KAAA,MAAW,OAAO,2BAAA,EAA6B;AAC3C,MAAA,IAAI,QAAQ,aAAA,EAAe;AACvB,QAAA,MAAA,CAAO,cAAA,CAAe,WAAW,GAAG,CAAA;AAAA,MACxC;AAAA,IACJ;AACA,IAAA,MAAM,kBAAA,uBAAyB,GAAA,CAAI;AAAA,MAC/B,eAAA,CAAgB,EAAE,KAAA,CAAM,KAAA;AAAA,MACxB,eAAA,CAAgB,EAAE,KAAA,CAAM,KAAA;AAAA,MACxB,eAAA,CAAgB,EAAE,KAAA,CAAM,OAAA;AAAA,MACxB,eAAA,CAAgB,EAAE,KAAA,CAAM,IAAA;AAAA,MACxB,yBAAA;AAAA,MACA,iCAAA;AAAA,MACA,0CAAA;AAAA,MACA;AAAA,KACH,CAAA;AACD,IAAA,MAAM,eAAyB,EAAC;AAChC,IAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,cAAA,CAAe,QAAQ,CAAA,EAAA,EAAK;AACnD,MAAA,MAAM,GAAA,GAAM,MAAA,CAAO,cAAA,CAAe,GAAA,CAAI,CAAC,CAAA;AACvC,MAAA,IAAI,CAAC,GAAA,IAAO,kBAAA,CAAmB,GAAA,CAAI,GAAG,CAAA,EAAG;AACzC,MAAA,IAAI,IAAI,UAAA,CAAW,kBAAkB,KAAK,GAAA,CAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AACnE,QAAA,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,MACzB;AACA,MAAA,IAAI,GAAA,KAAQ,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,GAAA,IAAO,GAAA,KAAQ,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,gBAAA,IAAoB,GAAA,KAAQ,WAAA,EAAa;AAC9G,QAAA,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,MACzB;AACA,MAAA,IAAI,QAAQ,eAAA,CAAgB,CAAA,CAAE,GAAA,CAAI,EAAA,IAAM,QAAQ,wBAAA,EAA0B;AACtE,QAAA,YAAA,CAAa,KAAK,GAAG,CAAA;AAAA,MACzB;AAAA,IACJ;AACA,IAAA,YAAA,CAAa,QAAQ,CAAC,CAAA,KAAM,OAAO,cAAA,CAAe,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EACnE,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEO,SAAS,iCAAA,GAA0C;AACtD,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AACvD,IAAA;AAAA,EACJ;AACA,EAAA,IAAI;AACA,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,YAAY,CAAA,CAAE,MAAA;AAAA,MAC1C,CAAC,CAAA,KAAM,CAAA,CAAE,UAAA,CAAW,eAAe,CAAA,IAAK,CAAA,CAAE,UAAA,CAAW,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,cAAc;AAAA,KAC9F;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAO,YAAA,CAAa,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ;AAEO,SAAS,oCAAoC,WAAA,EAAgD;AAChG,EAAA,IAAI,eAAe,IAAA,IAAQ,OAAO,WAAW,WAAA,IAAe,CAAC,OAAO,YAAA,EAAc;AAC9E,IAAA;AAAA,EACJ;AACA,EAAA,MAAM,YAAA,GAAe,eAAA,CAAgB,CAAA,CAAE,IAAA,CAAK,cAAA;AAC5C,EAAA,MAAM,SAAA,GAAY,yBAAyB,WAAW,CAAA;AACtD,EAAA,IAAI;AACA,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,YAAY,CAAA,CAAE,MAAA;AAAA,MAC1C,CAAC,CAAA,KAAA,CAAO,CAAA,CAAE,UAAA,CAAW,eAAe,CAAA,IAAK,CAAA,CAAE,UAAA,CAAW,YAAY,CAAA,KAAM,CAAA,KAAM,SAAA,IAAa,CAAA,KAAM,4BAA4B,WAAW;AAAA,KAC5I;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAO,YAAA,CAAa,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AAAA,EAER;AACJ","file":"chunk-WSUXZOHL.js","sourcesContent":["import { WP_STORAGE_KEYS } from './wp-storage-keys'\n\nexport interface StorageKeyConfig {\n loginDetails?: string\n refreshToken?: string\n portal?: string\n subscriptionType?: string\n authUser?: string\n pagination?: string\n routeMenu?: string\n associationView?: string\n emailVerified?: string\n}\n\nconst defaults: Required<StorageKeyConfig> = {\n loginDetails: WP_STORAGE_KEYS.c.auth.login,\n refreshToken: WP_STORAGE_KEYS.c.auth.refresh,\n portal: WP_STORAGE_KEYS.c.auth.portal,\n subscriptionType: WP_STORAGE_KEYS.c.auth.sub,\n authUser: WP_STORAGE_KEYS.c.auth.login,\n pagination: WP_STORAGE_KEYS.c.ui.pag,\n routeMenu: WP_STORAGE_KEYS.c.ui.menu,\n associationView: WP_STORAGE_KEYS.c.ui.assoc,\n emailVerified: WP_STORAGE_KEYS.c.auth.emailOk\n}\n\nlet runtimeKeys: Required<StorageKeyConfig> = { ...defaults }\n\nexport function configureStorageKeys(overrides: StorageKeyConfig = {}): void {\n runtimeKeys = { ...defaults, ...runtimeKeys, ...overrides }\n if (overrides.authUser === undefined) {\n runtimeKeys.authUser = runtimeKeys.loginDetails\n }\n}\n\n/** Test helper — restore default cookie key names. */\nexport function resetStorageKeysForTests(): void {\n runtimeKeys = { ...defaults }\n}\n\nexport function getStorageKeys(): Readonly<Required<StorageKeyConfig>> {\n return runtimeKeys\n}\n\nexport { WP_STORAGE_KEYS } from './wp-storage-keys'\n","import Cookies from 'js-cookie'\nimport { getClientAuthCookieNamesToClear } from './storage-migration'\n\nfunction cookieSecureFlag(): boolean {\n if (typeof window === 'undefined') return true\n return window.location.protocol === 'https:'\n}\n\n/** Values that must never be persisted in readable cookies. */\nexport function isCorruptCookieRawValue(raw: string | null | undefined): boolean {\n return raw == null || raw === '' || raw === 'undefined' || raw === 'null'\n}\n\n/** Serialize a value for cookie storage; returns null when write should be skipped. */\nexport function stringifyCookieValue(value: unknown): string | null {\n if (value === undefined || value === null) {\n return null\n }\n if (typeof value === 'string') {\n return isCorruptCookieRawValue(value) ? null : value\n }\n const serialized = JSON.stringify(value)\n if (serialized === undefined || isCorruptCookieRawValue(serialized)) {\n return null\n }\n return serialized\n}\n\nexport const setCookie = (key: string, value: string, expire?: number | Date) => {\n if (!key || isCorruptCookieRawValue(value)) {\n return undefined\n }\n return Cookies.set(key, value, {\n expires: expire,\n sameSite: cookieSecureFlag() ? 'none' : 'lax',\n secure: cookieSecureFlag()\n })\n}\n\nexport const getCookie: any = (key: any) => {\n return Cookies.get(key)\n}\n\n/** Parse JSON stored in a cookie; removes corrupt values on read (self-heal). */\nexport function parseCookieJson<T = unknown>(key: string | null | undefined): T | null {\n if (key == null || key === '') {\n return null\n }\n const raw = getCookie(key)\n if (isCorruptCookieRawValue(raw)) {\n if (raw === 'undefined' || raw === 'null') {\n Cookies.remove(key)\n }\n return null\n }\n try {\n return JSON.parse(raw) as T\n } catch {\n Cookies.remove(key)\n return null\n }\n}\n\nexport const removeCookie = (key: any) => {\n return Cookies.remove(key)\n}\n\n/** Clears client-portal session cookies only (does not wipe admin cookies on shared localhost). */\nexport const clearClientAuthCookies = () => {\n getClientAuthCookieNamesToClear().forEach((name) => Cookies.remove(name))\n for (const legacyAccess of ['woodsportal_access_token', 'AUTH_CRED']) {\n Cookies.remove(legacyAccess)\n }\n}\n\n/** @deprecated Prefer {@link clearClientAuthCookies} */\nexport const removeAllCookie = clearClientAuthCookies\n\nexport const isCookieExpired = (key: string): boolean => {\n const value = Cookies.get(key)\n if (value === undefined) {\n return true\n }\n try {\n const parsed = JSON.parse(value)\n if (parsed && typeof parsed === 'object' && 'expiresAt' in parsed) {\n const expiresAt = (parsed as { expiresAt?: number }).expiresAt\n return typeof expiresAt === 'number' && Date.now() > expiresAt\n }\n return false\n } catch {\n // Plain string values (e.g. refresh token) rely on browser cookie expiry.\n return false\n }\n}\n","import Cookies from 'js-cookie'\nimport {\n CLIENT_COOKIE_MIGRATIONS,\n CLIENT_SESSION_STORAGE_MIGRATIONS,\n LEGACY_CLIENT_AUTH_COOKIES,\n LEGACY_CLIENT_SESSION_EXACT,\n WP_STORAGE_KEYS,\n WP_UI_THEME,\n wpClientIframeRefreshKey,\n wpClientIframeRefreshExpKey\n} from './wp-storage-keys'\nimport { getStorageKeys } from './storage-keys'\nimport { isCorruptCookieRawValue } from './cookie'\n\nfunction migrateCookiePair(legacy: string, canonical: string): void {\n const value = Cookies.get(legacy)\n if (value === undefined) {\n return\n }\n if (isCorruptCookieRawValue(value)) {\n Cookies.remove(legacy)\n return\n }\n if (!Cookies.get(canonical)) {\n Cookies.set(canonical, value)\n }\n Cookies.remove(legacy)\n}\n\nfunction migrateLocalStoragePair(legacy: string, canonical: string): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n const value = window.localStorage.getItem(legacy)\n if (value == null) {\n return\n }\n if (!window.localStorage.getItem(canonical)) {\n window.localStorage.setItem(canonical, value)\n }\n window.localStorage.removeItem(legacy)\n } catch {\n // private mode\n }\n}\n\nfunction migrateSessionStoragePair(legacy: string, canonical: string): void {\n if (typeof window === 'undefined' || !window.sessionStorage) {\n return\n }\n try {\n const value = window.sessionStorage.getItem(legacy)\n if (value == null) {\n return\n }\n if (!window.sessionStorage.getItem(canonical)) {\n window.sessionStorage.setItem(canonical, value)\n }\n window.sessionStorage.removeItem(legacy)\n } catch {\n // ignore\n }\n}\n\nfunction migrateIframeRefreshKeys(): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n const keys = Object.keys(window.localStorage).filter((k) => k.startsWith('wp_iframe_rt_'))\n for (const legacyKey of keys) {\n const suffix = legacyKey.slice('wp_iframe_rt_'.length)\n if (suffix.endsWith('_exp')) {\n continue\n }\n const hubId = suffix\n const token = window.localStorage.getItem(legacyKey)\n const exp = window.localStorage.getItem(`${legacyKey}_exp`)\n const newKey = wpClientIframeRefreshKey(hubId)\n const newExpKey = wpClientIframeRefreshExpKey(hubId)\n if (token != null && !window.localStorage.getItem(newKey)) {\n window.localStorage.setItem(newKey, token)\n }\n if (exp != null && !window.localStorage.getItem(newExpKey)) {\n window.localStorage.setItem(newExpKey, exp)\n }\n window.localStorage.removeItem(legacyKey)\n window.localStorage.removeItem(`${legacyKey}_exp`)\n }\n } catch {\n // ignore\n }\n}\n\nfunction removeLegacyAccessTokenCookies(): void {\n const keys = getStorageKeys()\n const legacyAccess = ['woodsportal_access_token', 'AUTH_CRED']\n for (const name of legacyAccess) {\n Cookies.remove(name)\n }\n if (keys.authUser && keys.authUser !== keys.loginDetails) {\n // legacy duplicate profile mirror — uplift handled by migration; drop separate user cookie\n Cookies.remove(keys.authUser)\n }\n}\n\n/**\n * One-time uplift: read legacy browser keys, write canonical `wp.*` keys, delete legacy.\n * Safe to call on every boot (idempotent).\n */\nexport function migrateLegacyStorageKeys(): void {\n if (typeof window === 'undefined') {\n return\n }\n\n for (const [legacy, canonical] of CLIENT_COOKIE_MIGRATIONS) {\n migrateCookiePair(legacy, canonical)\n }\n\n migrateLocalStoragePair('hubSpotData', WP_STORAGE_KEYS.c.hub)\n migrateLocalStoragePair('theme', WP_UI_THEME)\n\n for (const [legacy, canonical] of CLIENT_SESSION_STORAGE_MIGRATIONS) {\n migrateSessionStoragePair(legacy, canonical)\n }\n\n migrateIframeRefreshKeys()\n removeLegacyAccessTokenCookies()\n\n // Drop dead forget-password key\n try {\n window.sessionStorage?.removeItem('entredEmail')\n } catch {\n // ignore\n }\n}\n\n/** All client auth cookie names to remove on logout (canonical + legacy + configured). */\nexport function getClientAuthCookieNamesToClear(): string[] {\n const keys = getStorageKeys()\n const configured = [\n keys.loginDetails,\n keys.refreshToken,\n keys.portal,\n keys.subscriptionType,\n keys.authUser,\n keys.pagination,\n keys.routeMenu,\n keys.associationView,\n keys.emailVerified\n ].filter((name): name is string => Boolean(name))\n\n const canonical = [\n WP_STORAGE_KEYS.c.auth.login,\n WP_STORAGE_KEYS.c.auth.refresh,\n WP_STORAGE_KEYS.c.auth.portal,\n WP_STORAGE_KEYS.c.auth.sub,\n WP_STORAGE_KEYS.c.auth.emailOk,\n WP_STORAGE_KEYS.c.ui.pag,\n WP_STORAGE_KEYS.c.ui.menu,\n WP_STORAGE_KEYS.c.ui.assoc\n ]\n\n return [...new Set([...configured, ...canonical, ...LEGACY_CLIENT_AUTH_COOKIES])]\n}\n\nexport function clearClientSessionStorageKeys(): void {\n if (typeof window === 'undefined' || !window.sessionStorage) {\n return\n }\n try {\n for (const [legacy, canonical] of CLIENT_SESSION_STORAGE_MIGRATIONS) {\n if (\n canonical === WP_STORAGE_KEYS.c.login.email ||\n canonical === WP_STORAGE_KEYS.c.login.force ||\n canonical === WP_STORAGE_KEYS.c.login.passkey ||\n canonical === WP_STORAGE_KEYS.c.login.done\n ) {\n continue\n }\n window.sessionStorage.removeItem(legacy)\n window.sessionStorage.removeItem(canonical)\n }\n for (const key of LEGACY_CLIENT_SESSION_EXACT) {\n if (key === 'entredEmail') {\n window.sessionStorage.removeItem(key)\n }\n }\n const preservedLoginKeys = new Set([\n WP_STORAGE_KEYS.c.login.email,\n WP_STORAGE_KEYS.c.login.force,\n WP_STORAGE_KEYS.c.login.passkey,\n WP_STORAGE_KEYS.c.login.done,\n 'woodsportal.login.email',\n 'woodsportal.login.forcePreLogin',\n 'woodsportal.login.passkeyPrimaryEnrolled',\n 'woodsportal.login.preLoginCompletedKey'\n ])\n const keysToRemove: string[] = []\n for (let i = 0; i < window.sessionStorage.length; i++) {\n const key = window.sessionStorage.key(i)\n if (!key || preservedLoginKeys.has(key)) continue\n if (key.startsWith('woodsportal.mfa.') || key.startsWith('wp.c.mfa.')) {\n keysToRemove.push(key)\n }\n if (key === WP_STORAGE_KEYS.c.auth.err || key === WP_STORAGE_KEYS.c.auth.refreshExhausted || key === 'authError') {\n keysToRemove.push(key)\n }\n if (key === WP_STORAGE_KEYS.c.sso.cb || key === 'sso_callback_processed') {\n keysToRemove.push(key)\n }\n }\n keysToRemove.forEach((k) => window.sessionStorage.removeItem(k))\n } catch {\n // ignore\n }\n}\n\nexport function clearClientIframeRefreshLocalKeys(): void {\n if (typeof window === 'undefined' || !window.localStorage) {\n return\n }\n try {\n const keys = Object.keys(window.localStorage).filter(\n (k) => k.startsWith('wp_iframe_rt_') || k.startsWith(WP_STORAGE_KEYS.c.auth.iframeRtPrefix)\n )\n keys.forEach((k) => window.localStorage.removeItem(k))\n } catch {\n // ignore\n }\n}\n\nexport function clearStaleIframeRefreshForOtherHubs(activeHubId: string | number | undefined): void {\n if (activeHubId == null || typeof window === 'undefined' || !window.localStorage) {\n return\n }\n const activePrefix = WP_STORAGE_KEYS.c.auth.iframeRtPrefix\n const activeKey = wpClientIframeRefreshKey(activeHubId)\n try {\n const keys = Object.keys(window.localStorage).filter(\n (k) => (k.startsWith('wp_iframe_rt_') || k.startsWith(activePrefix)) && k !== activeKey && k !== wpClientIframeRefreshExpKey(activeHubId)\n )\n keys.forEach((k) => window.localStorage.removeItem(k))\n } catch {\n // ignore\n }\n}\n"]}
package/dist/{chunk-2MVPOZLC.js → chunk-YZPW5F6U.js} RENAMED
@@ -1,8 +1,8 @@
1
- import { multiObjectStore } from './chunk-CCAQQMPV.js';
2
- import { actions2, tableStore, tableUiStore, noteStore, emailStore, userStore, syncStore, formStore, fileStore } from './chunk-IBLDCOQU.js';
3
- import { clearAccessToken, resetSessionAuthState, clearSessionRefreshExhaustedState } from './chunk-DO3WO2RP.js';
4
- import { clearClientAuthCookies, clearClientIframeRefreshLocalKeys } from './chunk-NXGSFLJS.js';
5
- import { WP_STORAGE_KEYS } from './chunk-7JHBCIR5.js';
1
+ import { multiObjectStore } from './chunk-BGUHACLT.js';
2
+ import { actions2, tableStore, tableUiStore, noteStore, emailStore, userStore, syncStore, formStore, fileStore } from './chunk-BKDJOWLW.js';
3
+ import { clearAccessToken, resetSessionAuthState, clearSessionRefreshExhaustedState } from './chunk-7J265W43.js';
4
+ import { clearClientAuthCookies, clearClientIframeRefreshLocalKeys } from './chunk-WSUXZOHL.js';
5
+ import { WP_STORAGE_KEYS } from './chunk-EFEBZBMU.js';
6
6
 
7
7
  // src/main/core/http/session-teardown.ts
8
8
  function resetSessionStores() {
@@ -159,5 +159,5 @@ function resetCrossTabSessionSyncForTests() {
159
159
  }
160
160
 
161
161
  export { applyCrossTabSessionRevocation, clearClientSdkSession, installCrossTabSessionListener, resetCrossTabSessionSyncForTests, resetSessionStores, signalSessionChanged };
162
- //# sourceMappingURL=chunk-2MVPOZLC.js.map
163
- //# sourceMappingURL=chunk-2MVPOZLC.js.map
162
+ //# sourceMappingURL=chunk-YZPW5F6U.js.map
163
+ //# sourceMappingURL=chunk-YZPW5F6U.js.map