diff --git a/examples/simple-demo/index.js b/examples/simple-demo/index.js
index a0b2c5e..35533c1 100644
--- a/examples/simple-demo/index.js
+++ b/examples/simple-demo/index.js
@@ -19,7 +19,7 @@ async function enroll (event) {
 }
 
 async function authenticate (cui = false) {
-  const username = document.getElementById('username').value
+  const username = encodeURIComponent(document.getElementById('username').value)
   const authentication = new trusona.WebAuthnAuthentication()
   document.getElementById('credentials').replaceChildren([])
 
@@ -52,7 +52,7 @@ async function authenticate (cui = false) {
 async function jwtApi (username) {
   try {
     // *** DO NOT USE THIS JWT GENERATOR IN A PRODUCTION ENVIRONMENT ***
-    const response = await fetch(`https://jwks-delegate.lab.trusona.net/jwt?sub=${username}`)
+    const response = await fetch(`https://jwks-delegate.lab.trusona.net/jwt?sub=${encodeURIComponent(username)}`)
     const data = await response.json()
     return await Promise.resolve(data.jwt)
   } catch (e) {
diff --git a/examples/simple-demo/trusona-webauthn.standalone.js b/examples/simple-demo/trusona-webauthn.standalone.js
index 2696567..2b38bf2 100644
--- a/examples/simple-demo/trusona-webauthn.standalone.js
+++ b/examples/simple-demo/trusona-webauthn.standalone.js
@@ -1 +1 @@
-(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.trusona=f()}})(function(){var define,module,exports;return function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r}()({1:[function(require,module,exports){"use strict";var __createBinding=this&&this.__createBinding||(Object.create?function(o,m,k,k2){if(k2===undefined)k2=k;var desc=Object.getOwnPropertyDescriptor(m,k);if(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable)){desc={enumerable:true,get:function(){return m[k]}}}Object.defineProperty(o,k2,desc)}:function(o,m,k,k2){if(k2===undefined)k2=k;o[k2]=m[k]});var __exportStar=this&&this.__exportStar||function(m,exports){for(var p in m)if(p!=="default"&&!Object.prototype.hasOwnProperty.call(exports,p))__createBinding(exports,m,p)};Object.defineProperty(exports,"__esModule",{value:true});__exportStar(require("./lib/webauthn/preflight/preflight-checks"),exports);__exportStar(require("./lib/webauthn/core/webauthn.options"),exports);__exportStar(require("./lib/webauthn/core/authentication"),exports);__exportStar(require("./lib/webauthn/core/configuration"),exports);__exportStar(require("./lib/webauthn/core/enrollment"),exports);__exportStar(require("./lib/webauthn/core/passkey-management"),exports);__exportStar(require("./lib/webauthn/utils/strings"),exports);__exportStar(require("./lib/webauthn/utils/errors"),exports);__exportStar(require("./lib/webauthn/known-users/known-users.service"),exports)},{"./lib/webauthn/core/authentication":2,"./lib/webauthn/core/configuration":4,"./lib/webauthn/core/enrollment":5,"./lib/webauthn/core/passkey-management":6,"./lib/webauthn/core/webauthn.options":7,"./lib/webauthn/known-users/known-users.service":8,"./lib/webauthn/preflight/preflight-checks":9,"./lib/webauthn/utils/errors":10,"./lib/webauthn/utils/strings":11}],2:[function(require,module,exports){"use strict";var __extends=this&&this.__extends||function(){var extendStatics=function(d,b){extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(d,b){d.__proto__=b}||function(d,b){for(var p in b)if(Object.prototype.hasOwnProperty.call(b,p))d[p]=b[p]};return extendStatics(d,b)};return function(d,b){if(typeof b!=="function"&&b!==null)throw new TypeError("Class extends value "+String(b)+" is not a constructor or null");extendStatics(d,b);function __(){this.constructor=d}d.prototype=b===null?Object.create(b):(__.prototype=b.prototype,new __)}}();var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.WebAuthnAuthentication=exports.AuthenticationStatus=void 0;var configuration_1=require("./configuration");var webauthn_options_1=require("./webauthn.options");var errors_1=require("../utils/errors");var strings_1=require("../utils/strings");var base_1=require("./base");var known_users_service_1=require("../known-users/known-users.service");var AuthenticationStatus;(function(AuthenticationStatus){AuthenticationStatus["SUCCESS"]="SUCCESS"})(AuthenticationStatus||(exports.AuthenticationStatus=AuthenticationStatus={}));var WebAuthnAuthentication=function(_super){__extends(WebAuthnAuthentication,_super);function WebAuthnAuthentication(webAuthnOptions,knownUsersService){if(webAuthnOptions===void 0){webAuthnOptions=new webauthn_options_1.WebAuthnOptions}if(knownUsersService===void 0){knownUsersService=(0,known_users_service_1.initKnownUsersService)()}var _this=_super.call(this)||this;_this.webAuthnOptions=webAuthnOptions;_this.knownUsersService=knownUsersService;return _this}WebAuthnAuthentication.prototype.lastUserHint=function(){return this.knownUsersService.lastUser()};WebAuthnAuthentication.prototype.cui=function(abortSignal){return __awaiter(this,void 0,void 0,function(){return __generator(this,function(_a){switch(_a.label){case 0:if(!!configuration_1.Initializer.webauthnFeatures.conditionalMediation)return[3,2];return[4,Promise.reject(new Error("This browser is not supported (due to CUI support)"))];case 1:return[2,_a.sent()];case 2:return[4,this.authenticate(abortSignal,undefined,true)];case 3:return[2,_a.sent()]}})})};WebAuthnAuthentication.prototype.authenticate=function(abortSignal_1,userIdentifier_1){return __awaiter(this,arguments,void 0,function(abortSignal,userIdentifier,cui){var challenge,blank;if(cui===void 0){cui=false}return __generator(this,function(_a){switch(_a.label){case 0:if(!!configuration_1.Initializer.webauthnFeatures.platformAuthenticator)return[3,2];return[4,Promise.reject(new Error("This browser is not supported (due to missing platform authenticator)"))];case 1:return[2,_a.sent()];case 2:return[4,this.challenge()];case 3:challenge=_a.sent();if(!(challenge===undefined))return[3,5];return[4,Promise.reject(new Error("Failed to obtain challenge."))];case 4:return[2,_a.sent()];case 5:blank=strings_1.Strings.blank(userIdentifier!==null&&userIdentifier!==void 0?userIdentifier:"");return[4,this.finalize(cui,challenge,abortSignal,blank?undefined:userIdentifier===null||userIdentifier===void 0?void 0:userIdentifier.trim())];case 6:return[2,_a.sent()]}})})};WebAuthnAuthentication.prototype.finalize=function(cui,challenge,abortSignal,userIdentifier){return __awaiter(this,void 0,void 0,function(){var credentialTransaction,credentialUserIdentifier,login,response,map,_a,idToken,accessToken,_b;var _c,_d;return __generator(this,function(_e){switch(_e.label){case 0:return[4,this.webAuthnOptions.getCredential(cui,abortSignal,userIdentifier)];case 1:credentialTransaction=_e.sent();credentialUserIdentifier=window.atob((_d=(_c=credentialTransaction===null||credentialTransaction===void 0?void 0:credentialTransaction.credential)===null||_c===void 0?void 0:_c.response.userHandle)!==null&&_d!==void 0?_d:"");login={method:"PUBLIC_KEY_CREDENTIAL",nextStep:"VERIFY_PUBLIC_KEY_CREDENTIAL",credentialTransaction:credentialTransaction,challenge:challenge,userIdentifier:credentialUserIdentifier,displayName:credentialUserIdentifier,transactionId:credentialTransaction===null||credentialTransaction===void 0?void 0:credentialTransaction.transactionId,response:credentialTransaction===null||credentialTransaction===void 0?void 0:credentialTransaction.credential};return[4,fetch(configuration_1.Initializer.loginsEndpoint,{method:"POST",credentials:"include",body:JSON.stringify(login),headers:configuration_1.Initializer.headers})];case 2:response=_e.sent();if(!response.ok)return[3,4];return[4,response.json()];case 3:_a=_e.sent();return[3,5];case 4:_a=undefined;_e.label=5;case 5:map=_a;idToken=map.idToken;accessToken=map.accessToken;return[4,this.recordEvent(idToken!==undefined?"SIGNIN_SUCCESS":"SIGNIN_FAILED")];case 6:_e.sent();if(idToken!==undefined){this.knownUsersService.add(credentialUserIdentifier)}if(!(idToken!==undefined))return[3,8];return[4,Promise.resolve({status:AuthenticationStatus.SUCCESS,idToken:idToken,accessToken:accessToken})];case 7:_b=_e.sent();return[3,10];case 8:return[4,Promise.reject(new errors_1.FailedAuthenticationError)];case 9:_b=_e.sent();_e.label=10;case 10:return[2,_b]}})})};WebAuthnAuthentication.prototype.challenge=function(){return __awaiter(this,void 0,void 0,function(){var url,response,map;var _a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat((_b=(_a=configuration_1.Initializer.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/login_challenges");return[4,fetch(url,{method:"POST",body:"{}",headers:configuration_1.Initializer.headers})];case 1:response=_c.sent();return[4,response.json()];case 2:map=_c.sent();localStorage.setItem(configuration_1.Initializer._chl,map===null||map===void 0?void 0:map.login_challenge);return[4,Promise.resolve(map===null||map===void 0?void 0:map.login_challenge)];case 3:return[2,_c.sent()]}})})};return WebAuthnAuthentication}(base_1.Base);exports.WebAuthnAuthentication=WebAuthnAuthentication},{"../known-users/known-users.service":8,"../utils/errors":10,"../utils/strings":11,"./base":3,"./configuration":4,"./webauthn.options":7}],3:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.Base=void 0;var configuration_1=require("./configuration");var Base=function(){function Base(){}Base.prototype.recordEvent=function(eventType){return __awaiter(this,void 0,void 0,function(){var sessionId,userIdentifier,event;var _a,_b,_c,_d;return __generator(this,function(_e){sessionId=(_b=(_a=localStorage.getItem(configuration_1.Initializer._chl))===null||_a===void 0?void 0:_a.trim())!==null&&_b!==void 0?_b:"";userIdentifier=(_d=(_c=localStorage.getItem(configuration_1.Initializer._kid))===null||_c===void 0?void 0:_c.trim())!==null&&_d!==void 0?_d:"";if(userIdentifier.length===0||sessionId.length===0){return[2]}event={type:eventType,user_identifier:userIdentifier,session_id:sessionId,source:"sdk"};fetch(configuration_1.Initializer.analyticsEndpoint,{method:"POST",body:JSON.stringify(event),headers:configuration_1.Initializer.headers}).catch(function(_){});return[2]})})};return Base}();exports.Base=Base},{"./configuration":4}],4:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.Initializer=void 0;var preflight_checks_1=require("../preflight/preflight-checks");exports.Initializer={config:{},webauthnFeatures:{},initialize:function(origin){return __awaiter(this,void 0,void 0,function(){var _a,_b,_c;return __generator(this,function(_d){switch(_d.label){case 0:_a=this;return[4,preflight_checks_1.DefaultPreflightChecks.check()];case 1:_a.webauthnFeatures=_d.sent();_b=this;return[4,this.loadConfiguration(origin)];case 2:_b.config=_d.sent();if(!(this.configuration!==undefined))return[3,4];return[4,Promise.resolve()];case 3:_c=_d.sent();return[3,6];case 4:return[4,Promise.reject(new Error("Configuration was not loaded"))];case 5:_c=_d.sent();_d.label=6;case 6:return[2,_c]}})})},get configuration(){return this.config},get headers(){var _a,_b;return{"X-Tenant":(_b=(_a=this.config)===null||_a===void 0?void 0:_a.origin)!==null&&_b!==void 0?_b:"","Content-Type":"application/json"}},loadConfiguration:function(origin){return __awaiter(this,void 0,void 0,function(){var tenantUrl,response,map;return __generator(this,function(_a){switch(_a.label){case 0:tenantUrl=origin==="localhost"?"http://localhost:8080":"https://".concat(origin);return[4,fetch("".concat(tenantUrl,"/configuration"),{headers:{"X-Tenant":origin,"Content-Type":"application/json"}})];case 1:response=_a.sent();if(!response.ok)return[3,4];return[4,response.json()];case 2:map=_a.sent();return[4,Promise.resolve({origin:origin,tenantUrl:tenantUrl,useLocalStorage:map.useLocalStorage,clientId:map.clientId})];case 3:return[2,_a.sent()];case 4:return[4,Promise.resolve(undefined)];case 5:return[2,_a.sent()]}})})},get loginsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/logins")},get assertionOptionsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/v1/assertion/options")},get registrationsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/v1/attestation/registrations")},get credentialsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/credentials")},get credentialsActivityEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/credentials_activity")},get enrollmentsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/v1/attestation/options")},get jwksEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/.well-known/jwks")},get analyticsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/analytics")},get _chl(){return"_chl"},get _kid(){return"_kid"}}},{"../preflight/preflight-checks":9}],5:[function(require,module,exports){"use strict";var __extends=this&&this.__extends||function(){var extendStatics=function(d,b){extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(d,b){d.__proto__=b}||function(d,b){for(var p in b)if(Object.prototype.hasOwnProperty.call(b,p))d[p]=b[p]};return extendStatics(d,b)};return function(d,b){if(typeof b!=="function"&&b!==null)throw new TypeError("Class extends value "+String(b)+" is not a constructor or null");extendStatics(d,b);function __(){this.constructor=d}d.prototype=b===null?Object.create(b):(__.prototype=b.prototype,new __)}}();var __createBinding=this&&this.__createBinding||(Object.create?function(o,m,k,k2){if(k2===undefined)k2=k;var desc=Object.getOwnPropertyDescriptor(m,k);if(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable)){desc={enumerable:true,get:function(){return m[k]}}}Object.defineProperty(o,k2,desc)}:function(o,m,k,k2){if(k2===undefined)k2=k;o[k2]=m[k]});var __setModuleDefault=this&&this.__setModuleDefault||(Object.create?function(o,v){Object.defineProperty(o,"default",{enumerable:true,value:v})}:function(o,v){o["default"]=v});var __importStar=this&&this.__importStar||function(mod){if(mod&&mod.__esModule)return mod;var result={};if(mod!=null)for(var k in mod)if(k!=="default"&&Object.prototype.hasOwnProperty.call(mod,k))__createBinding(result,mod,k);__setModuleDefault(result,mod);return result};var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.WebAuthnEnrollment=exports.EnrollmentStatus=void 0;var errors=__importStar(require("../utils/errors"));var known_users_service_1=require("../known-users/known-users.service");var webauthn_options_1=require("./webauthn.options");var configuration_1=require("./configuration");var strings_1=require("../utils/strings");var base_1=require("./base");var EnrollmentStatus;(function(EnrollmentStatus){EnrollmentStatus["SUCCESS"]="SUCCESS"})(EnrollmentStatus||(exports.EnrollmentStatus=EnrollmentStatus={}));var WebAuthnEnrollment=function(_super){__extends(WebAuthnEnrollment,_super);function WebAuthnEnrollment(webAuthnOptions,knownUsersService){if(webAuthnOptions===void 0){webAuthnOptions=new webauthn_options_1.WebAuthnOptions}if(knownUsersService===void 0){knownUsersService=(0,known_users_service_1.initKnownUsersService)()}var _this=_super.call(this)||this;_this.webAuthnOptions=webAuthnOptions;_this.knownUsersService=knownUsersService;return _this}WebAuthnEnrollment.prototype.enroll=function(token,abortSignal){return __awaiter(this,void 0,void 0,function(){var response,enrollmentOptions,transactionId,credential,_a;return __generator(this,function(_b){switch(_b.label){case 0:if(!!configuration_1.Initializer.webauthnFeatures.platformAuthenticator)return[3,2];return[4,Promise.reject(new Error("This browser is not supported (due to missing platform authenticator)"))];case 1:return[2,_b.sent()];case 2:if(!strings_1.Strings.blank(token))return[3,4];return[4,Promise.reject(new Error("Blank token was provided"))];case 3:return[2,_b.sent()];case 4:return[4,fetch(configuration_1.Initializer.enrollmentsEndpoint,{method:"POST",body:JSON.stringify({token:token}),credentials:"include",headers:configuration_1.Initializer.headers})];case 5:response=_b.sent();return[4,response.json()];case 6:enrollmentOptions=_b.sent();transactionId=enrollmentOptions.enrollment.id;localStorage.setItem(configuration_1.Initializer._kid,enrollmentOptions.enrollment.userIdentifier);return[4,this.webAuthnOptions.createCredential(enrollmentOptions.options,abortSignal)];case 7:credential=_b.sent();if(!response.ok)return[3,9];return[4,this.finalizeEnrollment({credential:credential,transactionId:transactionId})];case 8:_a=_b.sent();return[3,11];case 9:return[4,Promise.reject(new errors.InvalidTokenEnrollmentError)];case 10:_a=_b.sent();_b.label=11;case 11:return[2,_a]}})})};WebAuthnEnrollment.prototype.finalizeEnrollment=function(enrollmentTransaction){return __awaiter(this,void 0,void 0,function(){var json,response,_a;var _b;return __generator(this,function(_c){switch(_c.label){case 0:if(!(enrollmentTransaction.credential===undefined))return[3,2];return[4,Promise.reject(new errors.CancelledEnrollmentError)];case 1:return[2,_c.sent()];case 2:json=JSON.stringify({credential:enrollmentTransaction.credential,transactionId:enrollmentTransaction.transactionId});return[4,fetch(configuration_1.Initializer.registrationsEndpoint,{method:"POST",body:json,credentials:"include",headers:configuration_1.Initializer.headers})];case 3:response=_c.sent();return[4,this.recordEvent(response.ok?"REGISTRATION":"REGISTRATION_FAILED")];case 4:_c.sent();if(response.ok){this.knownUsersService.add((_b=localStorage.getItem(configuration_1.Initializer._kid))!==null&&_b!==void 0?_b:"")}if(!response.ok)return[3,6];return[4,Promise.resolve({status:EnrollmentStatus.SUCCESS})];case 5:_a=_c.sent();return[3,8];case 6:return[4,Promise.reject(new errors.FailedEnrollmentError)];case 7:_a=_c.sent();_c.label=8;case 8:return[2,_a]}})})};return WebAuthnEnrollment}(base_1.Base);exports.WebAuthnEnrollment=WebAuthnEnrollment},{"../known-users/known-users.service":8,"../utils/errors":10,"../utils/strings":11,"./base":3,"./configuration":4,"./webauthn.options":7}],6:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.DefaultPasskeyManagement=exports.CredentialActivityType=exports.CredentialFlag=void 0;var configuration_1=require("./configuration");var CredentialFlag;(function(CredentialFlag){CredentialFlag["BACKUP_STATE"]="BACKUP_STATE";CredentialFlag["USER_PRESENT"]="USER_PRESENT";CredentialFlag["USER_VERIFIED"]="USER_VERIFIED";CredentialFlag["EXTENSION_DATA"]="EXTENSION_DATA";CredentialFlag["BACKUP_ELIGIBILITY"]="BACKUP_ELIGIBILITY"})(CredentialFlag||(exports.CredentialFlag=CredentialFlag={}));var CredentialActivityType;(function(CredentialActivityType){CredentialActivityType["REGISTRATION"]="REGISTRATION";CredentialActivityType["ASSERTION"]="ASSERTION";CredentialActivityType["AUTO_EXPIRATION"]="AUTO_EXPIRATION";CredentialActivityType["MANUAL_EXPIRATION"]="MANUAL_EXPIRATION"})(CredentialActivityType||(exports.CredentialActivityType=CredentialActivityType={}));var DefaultPasskeyManagement=function(){function DefaultPasskeyManagement(accessToken){this.accessToken=accessToken}DefaultPasskeyManagement.prototype.get=function(){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsEndpoint);return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Request failed. Is the provided authentication valid?"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.passkeyActivity=function(){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsActivityEndpoint);return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Request failed. Is the provided authentication valid?"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.latestPasskeyActivity=function(){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsActivityEndpoint,"/latest");return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Request failed. Is the provided authentication valid?"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.deletePasskey=function(id){return __awaiter(this,void 0,void 0,function(){var url,response,_a;return __generator(this,function(_b){switch(_b.label){case 0:url="".concat(configuration_1.Initializer.credentialsEndpoint,"/").concat(id);return[4,fetch(url,this.httpOptions("DELETE"))];case 1:response=_b.sent();if(!response.ok)return[3,3];return[4,Promise.resolve(true)];case 2:_a=_b.sent();return[3,5];case 3:return[4,Promise.reject(new Error("deletion failed or authentication is not valid"))];case 4:_a=_b.sent();_b.label=5;case 5:return[2,_a]}})})};DefaultPasskeyManagement.prototype.getPasskey=function(id){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsEndpoint,"/").concat(id);return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Passkey was not found or authentication is not valid"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.httpOptions=function(method){var _a,_b;return{method:method,headers:{"X-Tenant":(_b=(_a=configuration_1.Initializer.configuration)===null||_a===void 0?void 0:_a.origin)!==null&&_b!==void 0?_b:"",Authorization:"SDK-Bearer ".concat(this.accessToken)}}};return DefaultPasskeyManagement}();exports.DefaultPasskeyManagement=DefaultPasskeyManagement},{"./configuration":4}],7:[function(require,module,exports){"use strict";var __createBinding=this&&this.__createBinding||(Object.create?function(o,m,k,k2){if(k2===undefined)k2=k;var desc=Object.getOwnPropertyDescriptor(m,k);if(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable)){desc={enumerable:true,get:function(){return m[k]}}}Object.defineProperty(o,k2,desc)}:function(o,m,k,k2){if(k2===undefined)k2=k;o[k2]=m[k]});var __setModuleDefault=this&&this.__setModuleDefault||(Object.create?function(o,v){Object.defineProperty(o,"default",{enumerable:true,value:v})}:function(o,v){o["default"]=v});var __importStar=this&&this.__importStar||function(mod){if(mod&&mod.__esModule)return mod;var result={};if(mod!=null)for(var k in mod)if(k!=="default"&&Object.prototype.hasOwnProperty.call(mod,k))__createBinding(result,mod,k);__setModuleDefault(result,mod);return result};var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.WebAuthnOptions=void 0;var configuration_1=require("./configuration");var WebAuthn=__importStar(require("@github/webauthn-json"));var WebAuthnOptions=function(){function WebAuthnOptions(){}WebAuthnOptions.prototype.getCredential=function(){return __awaiter(this,arguments,void 0,function(cui,abortSignal,userIdentifier){var authenticationAssertionTransaction,requestOptions,transactionId,params,credential,_a;if(cui===void 0){cui=false}return __generator(this,function(_b){switch(_b.label){case 0:return[4,this.requestOptions(userIdentifier)];case 1:authenticationAssertionTransaction=_b.sent();requestOptions=authenticationAssertionTransaction.options;transactionId=authenticationAssertionTransaction.transactionId;requestOptions.rpId=window.location.hostname;requestOptions.userVerification="preferred";if(cui&&abortSignal!==undefined&&userIdentifier===undefined){params={publicKey:requestOptions,signal:abortSignal,mediation:"conditional"}}else{params=abortSignal!==undefined?{publicKey:requestOptions,signal:abortSignal}:{publicKey:requestOptions}}return[4,WebAuthn.get(params)];case 2:credential=_b.sent();if(!(requestOptions!==undefined))return[3,4];return[4,Promise.resolve({credential:credential,transactionId:transactionId})];case 3:_a=_b.sent();return[3,6];case 4:return[4,Promise.resolve(undefined)];case 5:_a=_b.sent();_b.label=6;case 6:return[2,_a]}})})};WebAuthnOptions.prototype.createCredential=function(options,abortSignal){return __awaiter(this,void 0,void 0,function(){var _a;return __generator(this,function(_b){switch(_b.label){case 0:if(!(abortSignal!==undefined))return[3,2];return[4,WebAuthn.create({publicKey:options,signal:abortSignal})];case 1:_a=_b.sent();return[3,4];case 2:return[4,WebAuthn.create({publicKey:options})];case 3:_a=_b.sent();_b.label=4;case 4:return[2,_a]}})})};WebAuthnOptions.prototype.requestOptions=function(userIdentifier){return __awaiter(this,void 0,void 0,function(){var url,response,_a;return __generator(this,function(_b){switch(_b.label){case 0:url="".concat(configuration_1.Initializer.assertionOptionsEndpoint,"?userIdentifier=").concat(encodeURIComponent(userIdentifier!==null&&userIdentifier!==void 0?userIdentifier:""));return[4,fetch(url,{credentials:"include",headers:configuration_1.Initializer.headers})];case 1:response=_b.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_b.sent();return[3,5];case 3:return[4,Promise.reject(new Error("Failed to get assertion options."))];case 4:_a=_b.sent();_b.label=5;case 5:return[2,_a]}})})};return WebAuthnOptions}();exports.WebAuthnOptions=WebAuthnOptions},{"./configuration":4,"@github/webauthn-json":12}],8:[function(require,module,exports){"use strict";Object.defineProperty(exports,"__esModule",{value:true});exports.DefaultKnownUsersService=exports.NoOperationKnownUsersService=void 0;exports.initKnownUsersService=initKnownUsersService;var configuration_1=require("../core/configuration");var NoOperationKnownUsersService=function(){function NoOperationKnownUsersService(){}NoOperationKnownUsersService.prototype.knownUser=function(_){return false};NoOperationKnownUsersService.prototype.unknownUser=function(_){return true};NoOperationKnownUsersService.prototype.lastUser=function(){return""};NoOperationKnownUsersService.prototype.add=function(_){};return NoOperationKnownUsersService}();exports.NoOperationKnownUsersService=NoOperationKnownUsersService;var DefaultKnownUsersService=function(){function DefaultKnownUsersService(){this.kid="__kid";this.cid="__cid";this.max=5}DefaultKnownUsersService.prototype.knownUser=function(userIdentifier){return userIdentifier.trim().length>0&&new Set(this.knownUsers()).has(userIdentifier)};DefaultKnownUsersService.prototype.unknownUser=function(userIdentifier){return!this.knownUser(userIdentifier)};DefaultKnownUsersService.prototype.lastUser=function(){var _a;return window.atob((_a=localStorage.getItem(this.cid))!==null&&_a!==void 0?_a:"")};DefaultKnownUsersService.prototype.add=function(userIdentifier){if(userIdentifier.trim().length>0){this.currentUser(userIdentifier);if(this.unknownUser(userIdentifier)){var users=this.knownUsers();users.push(userIdentifier);if(users.length>this.max){var set_1=[];var idx_1=0;users.forEach(function(element){if(idx_1++>0){set_1.push(element)}});this.save(set_1)}else{this.save(users)}}}};DefaultKnownUsersService.prototype.currentUser=function(userIdentifier){localStorage.setItem(this.cid,window.btoa(userIdentifier))};DefaultKnownUsersService.prototype.save=function(users){localStorage.setItem(this.kid,window.btoa(JSON.stringify(users)))};DefaultKnownUsersService.prototype.knownUsers=function(){var _a;try{var json=localStorage.getItem(this.kid);return(_a=JSON.parse(window.atob(json!==null&&json!==void 0?json:"")))!==null&&_a!==void 0?_a:[]}catch(e){return[]}};return DefaultKnownUsersService}();exports.DefaultKnownUsersService=DefaultKnownUsersService;function initKnownUsersService(){var _a;return((_a=configuration_1.Initializer.configuration)===null||_a===void 0?void 0:_a.useLocalStorage)===true?new DefaultKnownUsersService:new NoOperationKnownUsersService}},{"../core/configuration":4}],9:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.DefaultPreflightChecks=void 0;var DefaultPreflightChecks=function(){function DefaultPreflightChecks(){}DefaultPreflightChecks.supported=function(){return __awaiter(this,void 0,void 0,function(){var webauthnStatus;return __generator(this,function(_a){switch(_a.label){case 0:return[4,DefaultPreflightChecks.check()];case 1:webauthnStatus=_a.sent();return[2,webauthnStatus.webauthn&&webauthnStatus.conditionalMediation&&webauthnStatus.platformAuthenticator]}})})};DefaultPreflightChecks.check=function(){return __awaiter(this,void 0,void 0,function(){var instance,v0,v1,_a,v2,_b;return __generator(this,function(_c){switch(_c.label){case 0:instance=new DefaultPreflightChecks;v0=typeof window.PublicKeyCredential!=="undefined";_a=v0;if(!_a)return[3,2];return[4,instance.isConditionalMediationAvailable()];case 1:_a=_c.sent();_c.label=2;case 2:v1=_a;_b=v0;if(!_b)return[3,4];return[4,instance.isUserVerifyingPlatformAuthenticatorAvailable()];case 3:_b=_c.sent();_c.label=4;case 4:v2=_b;return[4,Promise.resolve({platformAuthenticator:v2,conditionalMediation:v1,webauthn:v0})];case 5:return[2,_c.sent()]}})})};DefaultPreflightChecks.prototype.isSupported=function(){return __awaiter(this,void 0,void 0,function(){var value,_a,_b;var _c,_d;return __generator(this,function(_e){switch(_e.label){case 0:_b=typeof window.PublicKeyCredential!=="undefined";if(!_b)return[3,2];return[4,this.isUserVerifyingPlatformAuthenticatorAvailable()];case 1:_b=(_c=_e.sent())===null||_c===void 0?void 0:_c.valueOf();_e.label=2;case 2:_a=_b;if(!_a)return[3,4];return[4,this.isConditionalMediationAvailable()];case 3:_a=(_d=_e.sent())===null||_d===void 0?void 0:_d.valueOf();_e.label=4;case 4:value=_a;return[4,Promise.resolve(value)];case 5:return[2,_e.sent()]}})})};DefaultPreflightChecks.prototype.isConditionalMediationAvailable=function(){return __awaiter(this,void 0,void 0,function(){var _a,_b;return __generator(this,function(_c){switch(_c.label){case 0:return[4,(_b=(_a=window.PublicKeyCredential)===null||_a===void 0?void 0:_a.isConditionalMediationAvailable)===null||_b===void 0?void 0:_b.call(_a)];case 1:return[2,_c.sent()]}})})};DefaultPreflightChecks.prototype.isUserVerifyingPlatformAuthenticatorAvailable=function(){return __awaiter(this,void 0,void 0,function(){var _a,_b;return __generator(this,function(_c){switch(_c.label){case 0:return[4,(_b=(_a=window.PublicKeyCredential)===null||_a===void 0?void 0:_a.isUserVerifyingPlatformAuthenticatorAvailable)===null||_b===void 0?void 0:_b.call(_a)];case 1:return[2,_c.sent()]}})})};return DefaultPreflightChecks}();exports.DefaultPreflightChecks=DefaultPreflightChecks},{}],10:[function(require,module,exports){"use strict";var __extends=this&&this.__extends||function(){var extendStatics=function(d,b){extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(d,b){d.__proto__=b}||function(d,b){for(var p in b)if(Object.prototype.hasOwnProperty.call(b,p))d[p]=b[p]};return extendStatics(d,b)};return function(d,b){if(typeof b!=="function"&&b!==null)throw new TypeError("Class extends value "+String(b)+" is not a constructor or null");extendStatics(d,b);function __(){this.constructor=d}d.prototype=b===null?Object.create(b):(__.prototype=b.prototype,new __)}}();Object.defineProperty(exports,"__esModule",{value:true});exports.FailedAuthenticationError=exports.InvalidTokenEnrollmentError=exports.FailedEnrollmentError=exports.CancelledEnrollmentError=exports.SdkInitializationError=exports.UnsupportedBrowserError=void 0;var UnsupportedBrowserError=function(_super){__extends(UnsupportedBrowserError,_super);function UnsupportedBrowserError(){return _super.call(this,"This browser is not supported")||this}return UnsupportedBrowserError}(Error);exports.UnsupportedBrowserError=UnsupportedBrowserError;var SdkInitializationError=function(_super){__extends(SdkInitializationError,_super);function SdkInitializationError(){return _super.call(this,"The SDK is not yet initialized")||this}return SdkInitializationError}(Error);exports.SdkInitializationError=SdkInitializationError;var CancelledEnrollmentError=function(_super){__extends(CancelledEnrollmentError,_super);function CancelledEnrollmentError(){return _super.call(this,"Enrollment was cancelled")||this}return CancelledEnrollmentError}(Error);exports.CancelledEnrollmentError=CancelledEnrollmentError;var FailedEnrollmentError=function(_super){__extends(FailedEnrollmentError,_super);function FailedEnrollmentError(){return _super.call(this,"Enrollment failed")||this}return FailedEnrollmentError}(Error);exports.FailedEnrollmentError=FailedEnrollmentError;var InvalidTokenEnrollmentError=function(_super){__extends(InvalidTokenEnrollmentError,_super);function InvalidTokenEnrollmentError(){return _super.call(this,"Provided token was not valid.")||this}return InvalidTokenEnrollmentError}(Error);exports.InvalidTokenEnrollmentError=InvalidTokenEnrollmentError;var FailedAuthenticationError=function(_super){__extends(FailedAuthenticationError,_super);function FailedAuthenticationError(){return _super.call(this,"Authentication did not succeed.")||this}return FailedAuthenticationError}(Error);exports.FailedAuthenticationError=FailedAuthenticationError},{}],11:[function(require,module,exports){"use strict";Object.defineProperty(exports,"__esModule",{value:true});exports.Strings=void 0;exports.Strings={blank:function(value){var _a;return value===undefined||!(((_a=value===null||value===void 0?void 0:value.trim())===null||_a===void 0?void 0:_a.length)>0)}}},{}],12:[function(require,module,exports){"use strict";Object.defineProperty(exports,"__esModule",{value:true});exports.create=create;exports.get=get;exports.schema=void 0;exports.supported=supported;function base64urlToBuffer(baseurl64String){const padding="==".slice(0,(4-baseurl64String.length%4)%4);const base64String=baseurl64String.replace(/-/g,"+").replace(/_/g,"/")+padding;const str=atob(base64String);const buffer=new ArrayBuffer(str.length);const byteView=new Uint8Array(buffer);for(let i=0;i<str.length;i++){byteView[i]=str.charCodeAt(i)}return buffer}function bufferToBase64url(buffer){const byteView=new Uint8Array(buffer);let str="";for(const charCode of byteView){str+=String.fromCharCode(charCode)}const base64String=btoa(str);const base64urlString=base64String.replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"");return base64urlString}var copyValue="copy";var convertValue="convert";function convert(conversionFn,schema2,input){if(schema2===copyValue){return input}if(schema2===convertValue){return conversionFn(input)}if(schema2 instanceof Array){return input.map(v=>convert(conversionFn,schema2[0],v))}if(schema2 instanceof Object){const output={};for(const[key,schemaField]of Object.entries(schema2)){if(schemaField.derive){const v=schemaField.derive(input);if(v!==void 0){input[key]=v}}if(!(key in input)){if(schemaField.required){throw new Error(`Missing key: ${key}`)}continue}if(input[key]==null){output[key]=null;continue}output[key]=convert(conversionFn,schemaField.schema,input[key])}return output}}function derived(schema2,derive){return{required:true,schema:schema2,derive:derive}}function required(schema2){return{required:true,schema:schema2}}function optional(schema2){return{required:false,schema:schema2}}var publicKeyCredentialDescriptorSchema={type:required(copyValue),id:required(convertValue),transports:optional(copyValue)};var simplifiedExtensionsSchema={appid:optional(copyValue),appidExclude:optional(copyValue),credProps:optional(copyValue)};var simplifiedClientExtensionResultsSchema={appid:optional(copyValue),appidExclude:optional(copyValue),credProps:optional(copyValue)};var credentialCreationOptions={publicKey:required({rp:required(copyValue),user:required({id:required(convertValue),name:required(copyValue),displayName:required(copyValue)}),challenge:required(convertValue),pubKeyCredParams:required(copyValue),timeout:optional(copyValue),excludeCredentials:optional([publicKeyCredentialDescriptorSchema]),authenticatorSelection:optional(copyValue),attestation:optional(copyValue),extensions:optional(simplifiedExtensionsSchema)}),signal:optional(copyValue)};var publicKeyCredentialWithAttestation={type:required(copyValue),id:required(copyValue),rawId:required(convertValue),authenticatorAttachment:optional(copyValue),response:required({clientDataJSON:required(convertValue),attestationObject:required(convertValue),transports:derived(copyValue,response=>{var _a;return((_a=response.getTransports)==null?void 0:_a.call(response))||[]})}),clientExtensionResults:derived(simplifiedClientExtensionResultsSchema,pkc=>pkc.getClientExtensionResults())};var credentialRequestOptions={mediation:optional(copyValue),publicKey:required({challenge:required(convertValue),timeout:optional(copyValue),rpId:optional(copyValue),allowCredentials:optional([publicKeyCredentialDescriptorSchema]),userVerification:optional(copyValue),extensions:optional(simplifiedExtensionsSchema)}),signal:optional(copyValue)};var publicKeyCredentialWithAssertion={type:required(copyValue),id:required(copyValue),rawId:required(convertValue),authenticatorAttachment:optional(copyValue),response:required({clientDataJSON:required(convertValue),authenticatorData:required(convertValue),signature:required(convertValue),userHandle:required(convertValue)}),clientExtensionResults:derived(simplifiedClientExtensionResultsSchema,pkc=>pkc.getClientExtensionResults())};var schema=exports.schema={credentialCreationOptions:credentialCreationOptions,publicKeyCredentialWithAttestation:publicKeyCredentialWithAttestation,credentialRequestOptions:credentialRequestOptions,publicKeyCredentialWithAssertion:publicKeyCredentialWithAssertion};function createRequestFromJSON(requestJSON){return convert(base64urlToBuffer,credentialCreationOptions,requestJSON)}function createResponseToJSON(credential){return convert(bufferToBase64url,publicKeyCredentialWithAttestation,credential)}async function create(requestJSON){const credential=await navigator.credentials.create(createRequestFromJSON(requestJSON));return createResponseToJSON(credential)}function getRequestFromJSON(requestJSON){return convert(base64urlToBuffer,credentialRequestOptions,requestJSON)}function getResponseToJSON(credential){return convert(bufferToBase64url,publicKeyCredentialWithAssertion,credential)}async function get(requestJSON){const credential=await navigator.credentials.get(getRequestFromJSON(requestJSON));return getResponseToJSON(credential)}function supported(){return!!(navigator.credentials&&navigator.credentials.create&&navigator.credentials.get&&window.PublicKeyCredential)}},{}]},{},[1])(1)});
+(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.trusona=f()}})(function(){var define,module,exports;return function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r}()({1:[function(require,module,exports){"use strict";var __createBinding=this&&this.__createBinding||(Object.create?function(o,m,k,k2){if(k2===undefined)k2=k;var desc=Object.getOwnPropertyDescriptor(m,k);if(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable)){desc={enumerable:true,get:function(){return m[k]}}}Object.defineProperty(o,k2,desc)}:function(o,m,k,k2){if(k2===undefined)k2=k;o[k2]=m[k]});var __exportStar=this&&this.__exportStar||function(m,exports){for(var p in m)if(p!=="default"&&!Object.prototype.hasOwnProperty.call(exports,p))__createBinding(exports,m,p)};Object.defineProperty(exports,"__esModule",{value:true});__exportStar(require("./lib/webauthn/preflight/preflight-checks"),exports);__exportStar(require("./lib/webauthn/core/webauthn.options"),exports);__exportStar(require("./lib/webauthn/core/authentication"),exports);__exportStar(require("./lib/webauthn/core/configuration"),exports);__exportStar(require("./lib/webauthn/core/enrollment"),exports);__exportStar(require("./lib/webauthn/core/passkey-management"),exports);__exportStar(require("./lib/webauthn/utils/strings"),exports);__exportStar(require("./lib/webauthn/utils/errors"),exports);__exportStar(require("./lib/webauthn/known-users/known-users.service"),exports)},{"./lib/webauthn/core/authentication":2,"./lib/webauthn/core/configuration":4,"./lib/webauthn/core/enrollment":5,"./lib/webauthn/core/passkey-management":6,"./lib/webauthn/core/webauthn.options":7,"./lib/webauthn/known-users/known-users.service":8,"./lib/webauthn/preflight/preflight-checks":9,"./lib/webauthn/utils/errors":10,"./lib/webauthn/utils/strings":11}],2:[function(require,module,exports){"use strict";var __extends=this&&this.__extends||function(){var extendStatics=function(d,b){extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(d,b){d.__proto__=b}||function(d,b){for(var p in b)if(Object.prototype.hasOwnProperty.call(b,p))d[p]=b[p]};return extendStatics(d,b)};return function(d,b){if(typeof b!=="function"&&b!==null)throw new TypeError("Class extends value "+String(b)+" is not a constructor or null");extendStatics(d,b);function __(){this.constructor=d}d.prototype=b===null?Object.create(b):(__.prototype=b.prototype,new __)}}();var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.WebAuthnAuthentication=exports.AuthenticationStatus=void 0;var configuration_1=require("./configuration");var webauthn_options_1=require("./webauthn.options");var errors_1=require("../utils/errors");var strings_1=require("../utils/strings");var base_1=require("./base");var known_users_service_1=require("../known-users/known-users.service");var AuthenticationStatus;(function(AuthenticationStatus){AuthenticationStatus["SUCCESS"]="SUCCESS"})(AuthenticationStatus||(exports.AuthenticationStatus=AuthenticationStatus={}));var WebAuthnAuthentication=function(_super){__extends(WebAuthnAuthentication,_super);function WebAuthnAuthentication(webAuthnOptions,knownUsersService){if(webAuthnOptions===void 0){webAuthnOptions=new webauthn_options_1.WebAuthnOptions}if(knownUsersService===void 0){knownUsersService=(0,known_users_service_1.initKnownUsersService)()}var _this=_super.call(this)||this;_this.webAuthnOptions=webAuthnOptions;_this.knownUsersService=knownUsersService;return _this}WebAuthnAuthentication.prototype.lastUserHint=function(){return this.knownUsersService.lastUser()};WebAuthnAuthentication.prototype.cui=function(abortSignal){return __awaiter(this,void 0,void 0,function(){return __generator(this,function(_a){switch(_a.label){case 0:if(!!configuration_1.Initializer.webauthnFeatures.conditionalMediation)return[3,2];return[4,Promise.reject(new Error("This browser is not supported (due to CUI support)"))];case 1:return[2,_a.sent()];case 2:return[4,this.authenticate(abortSignal,undefined,true)];case 3:return[2,_a.sent()]}})})};WebAuthnAuthentication.prototype.authenticate=function(abortSignal_1,userIdentifier_1){return __awaiter(this,arguments,void 0,function(abortSignal,userIdentifier,cui){var challenge,blank;if(cui===void 0){cui=false}return __generator(this,function(_a){switch(_a.label){case 0:if(!!configuration_1.Initializer.webauthnFeatures.platformAuthenticator)return[3,2];return[4,Promise.reject(new Error("This browser is not supported (due to missing platform authenticator)"))];case 1:return[2,_a.sent()];case 2:return[4,this.challenge()];case 3:challenge=_a.sent();if(!(challenge===undefined))return[3,5];return[4,Promise.reject(new Error("Failed to obtain challenge."))];case 4:return[2,_a.sent()];case 5:blank=strings_1.Strings.blank(userIdentifier!==null&&userIdentifier!==void 0?userIdentifier:"");return[4,this.finalize(cui,challenge,abortSignal,blank?undefined:userIdentifier===null||userIdentifier===void 0?void 0:userIdentifier.trim())];case 6:return[2,_a.sent()]}})})};WebAuthnAuthentication.prototype.finalize=function(cui,challenge,abortSignal,userIdentifier){return __awaiter(this,void 0,void 0,function(){var credentialTransaction,credentialUserIdentifier,login,response,map,_a,idToken,accessToken,_b;var _c,_d;return __generator(this,function(_e){switch(_e.label){case 0:return[4,this.webAuthnOptions.getCredential(cui,abortSignal,userIdentifier)];case 1:credentialTransaction=_e.sent();credentialUserIdentifier=window.atob((_d=(_c=credentialTransaction===null||credentialTransaction===void 0?void 0:credentialTransaction.credential)===null||_c===void 0?void 0:_c.response.userHandle)!==null&&_d!==void 0?_d:"");login={method:"PUBLIC_KEY_CREDENTIAL",nextStep:"VERIFY_PUBLIC_KEY_CREDENTIAL",credentialTransaction:credentialTransaction,challenge:challenge,userIdentifier:credentialUserIdentifier,displayName:credentialUserIdentifier,transactionId:credentialTransaction===null||credentialTransaction===void 0?void 0:credentialTransaction.transactionId,response:credentialTransaction===null||credentialTransaction===void 0?void 0:credentialTransaction.credential};return[4,fetch(configuration_1.Initializer.loginsEndpoint,{method:"POST",credentials:"include",body:JSON.stringify(login),headers:configuration_1.Initializer.headers})];case 2:response=_e.sent();if(!response.ok)return[3,4];return[4,response.json()];case 3:_a=_e.sent();return[3,5];case 4:_a=undefined;_e.label=5;case 5:map=_a;idToken=map.idToken;accessToken=map.accessToken;return[4,this.recordEvent(idToken!==undefined?"SIGNIN_SUCCESS":"SIGNIN_FAILED")];case 6:_e.sent();if(idToken!==undefined){this.knownUsersService.add(credentialUserIdentifier)}if(!(idToken!==undefined))return[3,8];return[4,Promise.resolve({status:AuthenticationStatus.SUCCESS,idToken:idToken,accessToken:accessToken})];case 7:_b=_e.sent();return[3,10];case 8:return[4,Promise.reject(new errors_1.FailedAuthenticationError)];case 9:_b=_e.sent();_e.label=10;case 10:return[2,_b]}})})};WebAuthnAuthentication.prototype.challenge=function(){return __awaiter(this,void 0,void 0,function(){var url,response,map;var _a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat((_b=(_a=configuration_1.Initializer.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/login_challenges");return[4,fetch(url,{method:"POST",body:"{}",headers:configuration_1.Initializer.headers})];case 1:response=_c.sent();return[4,response.json()];case 2:map=_c.sent();localStorage.setItem(configuration_1.Initializer._chl,map===null||map===void 0?void 0:map.login_challenge);return[4,Promise.resolve(map===null||map===void 0?void 0:map.login_challenge)];case 3:return[2,_c.sent()]}})})};return WebAuthnAuthentication}(base_1.Base);exports.WebAuthnAuthentication=WebAuthnAuthentication},{"../known-users/known-users.service":8,"../utils/errors":10,"../utils/strings":11,"./base":3,"./configuration":4,"./webauthn.options":7}],3:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.Base=void 0;var configuration_1=require("./configuration");var Base=function(){function Base(){}Base.prototype.recordEvent=function(eventType){return __awaiter(this,void 0,void 0,function(){var sessionId,userIdentifier,event;var _a,_b,_c,_d;return __generator(this,function(_e){sessionId=(_b=(_a=localStorage.getItem(configuration_1.Initializer._chl))===null||_a===void 0?void 0:_a.trim())!==null&&_b!==void 0?_b:"";userIdentifier=(_d=(_c=localStorage.getItem(configuration_1.Initializer._kid))===null||_c===void 0?void 0:_c.trim())!==null&&_d!==void 0?_d:"";if(userIdentifier.length===0||sessionId.length===0){return[2]}event={type:eventType,user_identifier:userIdentifier,session_id:sessionId};fetch(configuration_1.Initializer.analyticsEndpoint,{method:"POST",body:JSON.stringify(event),headers:configuration_1.Initializer.headers}).catch(function(_){});return[2]})})};return Base}();exports.Base=Base},{"./configuration":4}],4:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.Initializer=void 0;var preflight_checks_1=require("../preflight/preflight-checks");exports.Initializer={config:{},webauthnFeatures:{},initialize:function(origin){return __awaiter(this,void 0,void 0,function(){var _a,_b,_c;return __generator(this,function(_d){switch(_d.label){case 0:_a=this;return[4,preflight_checks_1.DefaultPreflightChecks.check()];case 1:_a.webauthnFeatures=_d.sent();_b=this;return[4,this.loadConfiguration(origin)];case 2:_b.config=_d.sent();if(!(this.configuration!==undefined))return[3,4];return[4,Promise.resolve()];case 3:_c=_d.sent();return[3,6];case 4:return[4,Promise.reject(new Error("Configuration was not loaded"))];case 5:_c=_d.sent();_d.label=6;case 6:return[2,_c]}})})},get configuration(){return this.config},get headers(){var _a,_b;return{"X-Tenant":(_b=(_a=this.config)===null||_a===void 0?void 0:_a.origin)!==null&&_b!==void 0?_b:"","Content-Type":"application/json"}},loadConfiguration:function(origin){return __awaiter(this,void 0,void 0,function(){var tenantUrl,response,map;return __generator(this,function(_a){switch(_a.label){case 0:tenantUrl=origin==="localhost"?"http://localhost:8080":"https://".concat(origin);return[4,fetch("".concat(tenantUrl,"/configuration"),{headers:{"X-Tenant":origin,"Content-Type":"application/json"}})];case 1:response=_a.sent();if(!response.ok)return[3,4];return[4,response.json()];case 2:map=_a.sent();return[4,Promise.resolve({origin:origin,tenantUrl:tenantUrl,useLocalStorage:map.useLocalStorage,clientId:map.clientId})];case 3:return[2,_a.sent()];case 4:return[4,Promise.resolve(undefined)];case 5:return[2,_a.sent()]}})})},get loginsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/logins")},get assertionOptionsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/v1/assertion/options")},get registrationsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/v1/attestation/registrations")},get credentialsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/credentials")},get credentialsActivityEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/credentials_activity")},get enrollmentsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/v1/attestation/options")},get jwksEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/.well-known/jwks")},get analyticsEndpoint(){var _a,_b;return"".concat((_b=(_a=this.configuration)===null||_a===void 0?void 0:_a.tenantUrl)!==null&&_b!==void 0?_b:"","/api/analytics")},get _chl(){return"_chl"},get _kid(){return"_kid"}}},{"../preflight/preflight-checks":9}],5:[function(require,module,exports){"use strict";var __extends=this&&this.__extends||function(){var extendStatics=function(d,b){extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(d,b){d.__proto__=b}||function(d,b){for(var p in b)if(Object.prototype.hasOwnProperty.call(b,p))d[p]=b[p]};return extendStatics(d,b)};return function(d,b){if(typeof b!=="function"&&b!==null)throw new TypeError("Class extends value "+String(b)+" is not a constructor or null");extendStatics(d,b);function __(){this.constructor=d}d.prototype=b===null?Object.create(b):(__.prototype=b.prototype,new __)}}();var __createBinding=this&&this.__createBinding||(Object.create?function(o,m,k,k2){if(k2===undefined)k2=k;var desc=Object.getOwnPropertyDescriptor(m,k);if(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable)){desc={enumerable:true,get:function(){return m[k]}}}Object.defineProperty(o,k2,desc)}:function(o,m,k,k2){if(k2===undefined)k2=k;o[k2]=m[k]});var __setModuleDefault=this&&this.__setModuleDefault||(Object.create?function(o,v){Object.defineProperty(o,"default",{enumerable:true,value:v})}:function(o,v){o["default"]=v});var __importStar=this&&this.__importStar||function(mod){if(mod&&mod.__esModule)return mod;var result={};if(mod!=null)for(var k in mod)if(k!=="default"&&Object.prototype.hasOwnProperty.call(mod,k))__createBinding(result,mod,k);__setModuleDefault(result,mod);return result};var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.WebAuthnEnrollment=exports.EnrollmentStatus=void 0;var errors=__importStar(require("../utils/errors"));var known_users_service_1=require("../known-users/known-users.service");var webauthn_options_1=require("./webauthn.options");var configuration_1=require("./configuration");var strings_1=require("../utils/strings");var base_1=require("./base");var EnrollmentStatus;(function(EnrollmentStatus){EnrollmentStatus["SUCCESS"]="SUCCESS"})(EnrollmentStatus||(exports.EnrollmentStatus=EnrollmentStatus={}));var WebAuthnEnrollment=function(_super){__extends(WebAuthnEnrollment,_super);function WebAuthnEnrollment(webAuthnOptions,knownUsersService){if(webAuthnOptions===void 0){webAuthnOptions=new webauthn_options_1.WebAuthnOptions}if(knownUsersService===void 0){knownUsersService=(0,known_users_service_1.initKnownUsersService)()}var _this=_super.call(this)||this;_this.webAuthnOptions=webAuthnOptions;_this.knownUsersService=knownUsersService;return _this}WebAuthnEnrollment.prototype.enroll=function(token,abortSignal){return __awaiter(this,void 0,void 0,function(){var response,enrollmentOptions,transactionId,credential,_a;return __generator(this,function(_b){switch(_b.label){case 0:if(!!configuration_1.Initializer.webauthnFeatures.platformAuthenticator)return[3,2];return[4,Promise.reject(new Error("This browser is not supported (due to missing platform authenticator)"))];case 1:return[2,_b.sent()];case 2:if(!strings_1.Strings.blank(token))return[3,4];return[4,Promise.reject(new Error("Blank token was provided"))];case 3:return[2,_b.sent()];case 4:return[4,fetch(configuration_1.Initializer.enrollmentsEndpoint,{method:"POST",body:JSON.stringify({token:token}),credentials:"include",headers:configuration_1.Initializer.headers})];case 5:response=_b.sent();return[4,response.json()];case 6:enrollmentOptions=_b.sent();transactionId=enrollmentOptions.enrollment.id;localStorage.setItem(configuration_1.Initializer._kid,enrollmentOptions.enrollment.userIdentifier);return[4,this.webAuthnOptions.createCredential(enrollmentOptions.options,abortSignal)];case 7:credential=_b.sent();if(!response.ok)return[3,9];return[4,this.finalizeEnrollment({credential:credential,transactionId:transactionId})];case 8:_a=_b.sent();return[3,11];case 9:return[4,Promise.reject(new errors.InvalidTokenEnrollmentError)];case 10:_a=_b.sent();_b.label=11;case 11:return[2,_a]}})})};WebAuthnEnrollment.prototype.finalizeEnrollment=function(enrollmentTransaction){return __awaiter(this,void 0,void 0,function(){var json,response,_a;var _b;return __generator(this,function(_c){switch(_c.label){case 0:if(!(enrollmentTransaction.credential===undefined))return[3,2];return[4,Promise.reject(new errors.CancelledEnrollmentError)];case 1:return[2,_c.sent()];case 2:json=JSON.stringify({credential:enrollmentTransaction.credential,transactionId:enrollmentTransaction.transactionId});return[4,fetch(configuration_1.Initializer.registrationsEndpoint,{method:"POST",body:json,credentials:"include",headers:configuration_1.Initializer.headers})];case 3:response=_c.sent();return[4,this.recordEvent(response.ok?"REGISTRATION":"REGISTRATION_FAILED")];case 4:_c.sent();if(response.ok){this.knownUsersService.add((_b=localStorage.getItem(configuration_1.Initializer._kid))!==null&&_b!==void 0?_b:"")}if(!response.ok)return[3,6];return[4,Promise.resolve({status:EnrollmentStatus.SUCCESS})];case 5:_a=_c.sent();return[3,8];case 6:return[4,Promise.reject(new errors.FailedEnrollmentError)];case 7:_a=_c.sent();_c.label=8;case 8:return[2,_a]}})})};return WebAuthnEnrollment}(base_1.Base);exports.WebAuthnEnrollment=WebAuthnEnrollment},{"../known-users/known-users.service":8,"../utils/errors":10,"../utils/strings":11,"./base":3,"./configuration":4,"./webauthn.options":7}],6:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.DefaultPasskeyManagement=exports.CredentialActivityType=exports.CredentialFlag=void 0;var configuration_1=require("./configuration");var CredentialFlag;(function(CredentialFlag){CredentialFlag["BACKUP_STATE"]="BACKUP_STATE";CredentialFlag["USER_PRESENT"]="USER_PRESENT";CredentialFlag["USER_VERIFIED"]="USER_VERIFIED";CredentialFlag["EXTENSION_DATA"]="EXTENSION_DATA";CredentialFlag["BACKUP_ELIGIBILITY"]="BACKUP_ELIGIBILITY"})(CredentialFlag||(exports.CredentialFlag=CredentialFlag={}));var CredentialActivityType;(function(CredentialActivityType){CredentialActivityType["REGISTRATION"]="REGISTRATION";CredentialActivityType["ASSERTION"]="ASSERTION";CredentialActivityType["AUTO_EXPIRATION"]="AUTO_EXPIRATION";CredentialActivityType["MANUAL_EXPIRATION"]="MANUAL_EXPIRATION"})(CredentialActivityType||(exports.CredentialActivityType=CredentialActivityType={}));var DefaultPasskeyManagement=function(){function DefaultPasskeyManagement(accessToken){this.accessToken=accessToken}DefaultPasskeyManagement.prototype.get=function(){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsEndpoint);return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Request failed. Is the provided authentication valid?"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.passkeyActivity=function(){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsActivityEndpoint);return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Request failed. Is the provided authentication valid?"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.latestPasskeyActivity=function(){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsActivityEndpoint,"/latest");return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Request failed. Is the provided authentication valid?"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.deletePasskey=function(id){return __awaiter(this,void 0,void 0,function(){var url,response,_a;return __generator(this,function(_b){switch(_b.label){case 0:url="".concat(configuration_1.Initializer.credentialsEndpoint,"/").concat(id);return[4,fetch(url,this.httpOptions("DELETE"))];case 1:response=_b.sent();if(!response.ok)return[3,3];return[4,Promise.resolve(true)];case 2:_a=_b.sent();return[3,5];case 3:return[4,Promise.reject(new Error("deletion failed or authentication is not valid"))];case 4:_a=_b.sent();_b.label=5;case 5:return[2,_a]}})})};DefaultPasskeyManagement.prototype.getPasskey=function(id){return __awaiter(this,void 0,void 0,function(){var url,response,body,_a,_b;return __generator(this,function(_c){switch(_c.label){case 0:url="".concat(configuration_1.Initializer.credentialsEndpoint,"/").concat(id);return[4,fetch(url,this.httpOptions("GET"))];case 1:response=_c.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_c.sent();return[3,4];case 3:_a=undefined;_c.label=4;case 4:body=_a;if(!response.ok)return[3,6];return[4,Promise.resolve(body)];case 5:_b=_c.sent();return[3,8];case 6:return[4,Promise.reject(new Error("Passkey was not found or authentication is not valid"))];case 7:_b=_c.sent();_c.label=8;case 8:return[2,_b]}})})};DefaultPasskeyManagement.prototype.httpOptions=function(method){var _a,_b;return{method:method,headers:{"X-Tenant":(_b=(_a=configuration_1.Initializer.configuration)===null||_a===void 0?void 0:_a.origin)!==null&&_b!==void 0?_b:"",Authorization:"SDK-Bearer ".concat(this.accessToken)}}};return DefaultPasskeyManagement}();exports.DefaultPasskeyManagement=DefaultPasskeyManagement},{"./configuration":4}],7:[function(require,module,exports){"use strict";var __createBinding=this&&this.__createBinding||(Object.create?function(o,m,k,k2){if(k2===undefined)k2=k;var desc=Object.getOwnPropertyDescriptor(m,k);if(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable)){desc={enumerable:true,get:function(){return m[k]}}}Object.defineProperty(o,k2,desc)}:function(o,m,k,k2){if(k2===undefined)k2=k;o[k2]=m[k]});var __setModuleDefault=this&&this.__setModuleDefault||(Object.create?function(o,v){Object.defineProperty(o,"default",{enumerable:true,value:v})}:function(o,v){o["default"]=v});var __importStar=this&&this.__importStar||function(mod){if(mod&&mod.__esModule)return mod;var result={};if(mod!=null)for(var k in mod)if(k!=="default"&&Object.prototype.hasOwnProperty.call(mod,k))__createBinding(result,mod,k);__setModuleDefault(result,mod);return result};var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.WebAuthnOptions=void 0;var configuration_1=require("./configuration");var WebAuthn=__importStar(require("@github/webauthn-json"));var WebAuthnOptions=function(){function WebAuthnOptions(){}WebAuthnOptions.prototype.getCredential=function(){return __awaiter(this,arguments,void 0,function(cui,abortSignal,userIdentifier){var authenticationAssertionTransaction,requestOptions,transactionId,params,credential,_a;if(cui===void 0){cui=false}return __generator(this,function(_b){switch(_b.label){case 0:return[4,this.requestOptions(userIdentifier)];case 1:authenticationAssertionTransaction=_b.sent();requestOptions=authenticationAssertionTransaction.options;transactionId=authenticationAssertionTransaction.transactionId;requestOptions.rpId=window.location.hostname;requestOptions.userVerification="preferred";if(cui&&abortSignal!==undefined&&userIdentifier===undefined){params={publicKey:requestOptions,signal:abortSignal,mediation:"conditional"}}else{params=abortSignal!==undefined?{publicKey:requestOptions,signal:abortSignal}:{publicKey:requestOptions}}return[4,WebAuthn.get(params)];case 2:credential=_b.sent();if(!(requestOptions!==undefined))return[3,4];return[4,Promise.resolve({credential:credential,transactionId:transactionId})];case 3:_a=_b.sent();return[3,6];case 4:return[4,Promise.resolve(undefined)];case 5:_a=_b.sent();_b.label=6;case 6:return[2,_a]}})})};WebAuthnOptions.prototype.createCredential=function(options,abortSignal){return __awaiter(this,void 0,void 0,function(){var _a;return __generator(this,function(_b){switch(_b.label){case 0:if(!(abortSignal!==undefined))return[3,2];return[4,WebAuthn.create({publicKey:options,signal:abortSignal})];case 1:_a=_b.sent();return[3,4];case 2:return[4,WebAuthn.create({publicKey:options})];case 3:_a=_b.sent();_b.label=4;case 4:return[2,_a]}})})};WebAuthnOptions.prototype.requestOptions=function(userIdentifier){return __awaiter(this,void 0,void 0,function(){var url,response,_a;return __generator(this,function(_b){switch(_b.label){case 0:url="".concat(configuration_1.Initializer.assertionOptionsEndpoint,"?userIdentifier=").concat(encodeURIComponent(userIdentifier!==null&&userIdentifier!==void 0?userIdentifier:""));return[4,fetch(url,{credentials:"include",headers:configuration_1.Initializer.headers})];case 1:response=_b.sent();if(!response.ok)return[3,3];return[4,response.json()];case 2:_a=_b.sent();return[3,5];case 3:return[4,Promise.reject(new Error("Failed to get assertion options."))];case 4:_a=_b.sent();_b.label=5;case 5:return[2,_a]}})})};return WebAuthnOptions}();exports.WebAuthnOptions=WebAuthnOptions},{"./configuration":4,"@github/webauthn-json":12}],8:[function(require,module,exports){"use strict";Object.defineProperty(exports,"__esModule",{value:true});exports.DefaultKnownUsersService=exports.NoOperationKnownUsersService=void 0;exports.initKnownUsersService=initKnownUsersService;var configuration_1=require("../core/configuration");var NoOperationKnownUsersService=function(){function NoOperationKnownUsersService(){}NoOperationKnownUsersService.prototype.knownUser=function(_){return false};NoOperationKnownUsersService.prototype.unknownUser=function(_){return true};NoOperationKnownUsersService.prototype.lastUser=function(){return""};NoOperationKnownUsersService.prototype.add=function(_){};return NoOperationKnownUsersService}();exports.NoOperationKnownUsersService=NoOperationKnownUsersService;var DefaultKnownUsersService=function(){function DefaultKnownUsersService(){this.kid="__kid";this.cid="__cid";this.max=5}DefaultKnownUsersService.prototype.knownUser=function(userIdentifier){return userIdentifier.trim().length>0&&new Set(this.knownUsers()).has(userIdentifier)};DefaultKnownUsersService.prototype.unknownUser=function(userIdentifier){return!this.knownUser(userIdentifier)};DefaultKnownUsersService.prototype.lastUser=function(){var _a;return window.atob((_a=localStorage.getItem(this.cid))!==null&&_a!==void 0?_a:"")};DefaultKnownUsersService.prototype.add=function(userIdentifier){if(userIdentifier.trim().length>0){this.currentUser(userIdentifier);if(this.unknownUser(userIdentifier)){var users=this.knownUsers();users.push(userIdentifier);if(users.length>this.max){var set_1=[];var idx_1=0;users.forEach(function(element){if(idx_1++>0){set_1.push(element)}});this.save(set_1)}else{this.save(users)}}}};DefaultKnownUsersService.prototype.currentUser=function(userIdentifier){localStorage.setItem(this.cid,window.btoa(userIdentifier))};DefaultKnownUsersService.prototype.save=function(users){localStorage.setItem(this.kid,window.btoa(JSON.stringify(users)))};DefaultKnownUsersService.prototype.knownUsers=function(){var _a;try{var json=localStorage.getItem(this.kid);return(_a=JSON.parse(window.atob(json!==null&&json!==void 0?json:"")))!==null&&_a!==void 0?_a:[]}catch(e){return[]}};return DefaultKnownUsersService}();exports.DefaultKnownUsersService=DefaultKnownUsersService;function initKnownUsersService(){var _a;return((_a=configuration_1.Initializer.configuration)===null||_a===void 0?void 0:_a.useLocalStorage)===true?new DefaultKnownUsersService:new NoOperationKnownUsersService}},{"../core/configuration":4}],9:[function(require,module,exports){"use strict";var __awaiter=this&&this.__awaiter||function(thisArg,_arguments,P,generator){function adopt(value){return value instanceof P?value:new P(function(resolve){resolve(value)})}return new(P||(P=Promise))(function(resolve,reject){function fulfilled(value){try{step(generator.next(value))}catch(e){reject(e)}}function rejected(value){try{step(generator["throw"](value))}catch(e){reject(e)}}function step(result){result.done?resolve(result.value):adopt(result.value).then(fulfilled,rejected)}step((generator=generator.apply(thisArg,_arguments||[])).next())})};var __generator=this&&this.__generator||function(thisArg,body){var _={label:0,sent:function(){if(t[0]&1)throw t[1];return t[1]},trys:[],ops:[]},f,y,t,g;return g={next:verb(0),throw:verb(1),return:verb(2)},typeof Symbol==="function"&&(g[Symbol.iterator]=function(){return this}),g;function verb(n){return function(v){return step([n,v])}}function step(op){if(f)throw new TypeError("Generator is already executing.");while(g&&(g=0,op[0]&&(_=0)),_)try{if(f=1,y&&(t=op[0]&2?y["return"]:op[0]?y["throw"]||((t=y["return"])&&t.call(y),0):y.next)&&!(t=t.call(y,op[1])).done)return t;if(y=0,t)op=[op[0]&2,t.value];switch(op[0]){case 0:case 1:t=op;break;case 4:_.label++;return{value:op[1],done:false};case 5:_.label++;y=op[1];op=[0];continue;case 7:op=_.ops.pop();_.trys.pop();continue;default:if(!(t=_.trys,t=t.length>0&&t[t.length-1])&&(op[0]===6||op[0]===2)){_=0;continue}if(op[0]===3&&(!t||op[1]>t[0]&&op[1]<t[3])){_.label=op[1];break}if(op[0]===6&&_.label<t[1]){_.label=t[1];t=op;break}if(t&&_.label<t[2]){_.label=t[2];_.ops.push(op);break}if(t[2])_.ops.pop();_.trys.pop();continue}op=body.call(thisArg,_)}catch(e){op=[6,e];y=0}finally{f=t=0}if(op[0]&5)throw op[1];return{value:op[0]?op[1]:void 0,done:true}}};Object.defineProperty(exports,"__esModule",{value:true});exports.DefaultPreflightChecks=void 0;var DefaultPreflightChecks=function(){function DefaultPreflightChecks(){}DefaultPreflightChecks.supported=function(){return __awaiter(this,void 0,void 0,function(){var webauthnStatus;return __generator(this,function(_a){switch(_a.label){case 0:return[4,DefaultPreflightChecks.check()];case 1:webauthnStatus=_a.sent();return[2,webauthnStatus.webauthn&&webauthnStatus.conditionalMediation&&webauthnStatus.platformAuthenticator]}})})};DefaultPreflightChecks.check=function(){return __awaiter(this,void 0,void 0,function(){var instance,v0,v1,_a,v2,_b;return __generator(this,function(_c){switch(_c.label){case 0:instance=new DefaultPreflightChecks;v0=typeof window.PublicKeyCredential!=="undefined";_a=v0;if(!_a)return[3,2];return[4,instance.isConditionalMediationAvailable()];case 1:_a=_c.sent();_c.label=2;case 2:v1=_a;_b=v0;if(!_b)return[3,4];return[4,instance.isUserVerifyingPlatformAuthenticatorAvailable()];case 3:_b=_c.sent();_c.label=4;case 4:v2=_b;return[4,Promise.resolve({platformAuthenticator:v2,conditionalMediation:v1,webauthn:v0})];case 5:return[2,_c.sent()]}})})};DefaultPreflightChecks.prototype.isSupported=function(){return __awaiter(this,void 0,void 0,function(){var value,_a,_b;var _c,_d;return __generator(this,function(_e){switch(_e.label){case 0:_b=typeof window.PublicKeyCredential!=="undefined";if(!_b)return[3,2];return[4,this.isUserVerifyingPlatformAuthenticatorAvailable()];case 1:_b=(_c=_e.sent())===null||_c===void 0?void 0:_c.valueOf();_e.label=2;case 2:_a=_b;if(!_a)return[3,4];return[4,this.isConditionalMediationAvailable()];case 3:_a=(_d=_e.sent())===null||_d===void 0?void 0:_d.valueOf();_e.label=4;case 4:value=_a;return[4,Promise.resolve(value)];case 5:return[2,_e.sent()]}})})};DefaultPreflightChecks.prototype.isConditionalMediationAvailable=function(){return __awaiter(this,void 0,void 0,function(){var _a,_b;return __generator(this,function(_c){switch(_c.label){case 0:return[4,(_b=(_a=window.PublicKeyCredential)===null||_a===void 0?void 0:_a.isConditionalMediationAvailable)===null||_b===void 0?void 0:_b.call(_a)];case 1:return[2,_c.sent()]}})})};DefaultPreflightChecks.prototype.isUserVerifyingPlatformAuthenticatorAvailable=function(){return __awaiter(this,void 0,void 0,function(){var _a,_b;return __generator(this,function(_c){switch(_c.label){case 0:return[4,(_b=(_a=window.PublicKeyCredential)===null||_a===void 0?void 0:_a.isUserVerifyingPlatformAuthenticatorAvailable)===null||_b===void 0?void 0:_b.call(_a)];case 1:return[2,_c.sent()]}})})};return DefaultPreflightChecks}();exports.DefaultPreflightChecks=DefaultPreflightChecks},{}],10:[function(require,module,exports){"use strict";var __extends=this&&this.__extends||function(){var extendStatics=function(d,b){extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(d,b){d.__proto__=b}||function(d,b){for(var p in b)if(Object.prototype.hasOwnProperty.call(b,p))d[p]=b[p]};return extendStatics(d,b)};return function(d,b){if(typeof b!=="function"&&b!==null)throw new TypeError("Class extends value "+String(b)+" is not a constructor or null");extendStatics(d,b);function __(){this.constructor=d}d.prototype=b===null?Object.create(b):(__.prototype=b.prototype,new __)}}();Object.defineProperty(exports,"__esModule",{value:true});exports.FailedAuthenticationError=exports.InvalidTokenEnrollmentError=exports.FailedEnrollmentError=exports.CancelledEnrollmentError=exports.SdkInitializationError=exports.UnsupportedBrowserError=void 0;var UnsupportedBrowserError=function(_super){__extends(UnsupportedBrowserError,_super);function UnsupportedBrowserError(){return _super.call(this,"This browser is not supported")||this}return UnsupportedBrowserError}(Error);exports.UnsupportedBrowserError=UnsupportedBrowserError;var SdkInitializationError=function(_super){__extends(SdkInitializationError,_super);function SdkInitializationError(){return _super.call(this,"The SDK is not yet initialized")||this}return SdkInitializationError}(Error);exports.SdkInitializationError=SdkInitializationError;var CancelledEnrollmentError=function(_super){__extends(CancelledEnrollmentError,_super);function CancelledEnrollmentError(){return _super.call(this,"Enrollment was cancelled")||this}return CancelledEnrollmentError}(Error);exports.CancelledEnrollmentError=CancelledEnrollmentError;var FailedEnrollmentError=function(_super){__extends(FailedEnrollmentError,_super);function FailedEnrollmentError(){return _super.call(this,"Enrollment failed")||this}return FailedEnrollmentError}(Error);exports.FailedEnrollmentError=FailedEnrollmentError;var InvalidTokenEnrollmentError=function(_super){__extends(InvalidTokenEnrollmentError,_super);function InvalidTokenEnrollmentError(){return _super.call(this,"Provided token was not valid.")||this}return InvalidTokenEnrollmentError}(Error);exports.InvalidTokenEnrollmentError=InvalidTokenEnrollmentError;var FailedAuthenticationError=function(_super){__extends(FailedAuthenticationError,_super);function FailedAuthenticationError(){return _super.call(this,"Authentication did not succeed.")||this}return FailedAuthenticationError}(Error);exports.FailedAuthenticationError=FailedAuthenticationError},{}],11:[function(require,module,exports){"use strict";Object.defineProperty(exports,"__esModule",{value:true});exports.Strings=void 0;exports.Strings={blank:function(value){var _a;return value===undefined||!(((_a=value===null||value===void 0?void 0:value.trim())===null||_a===void 0?void 0:_a.length)>0)}}},{}],12:[function(require,module,exports){"use strict";Object.defineProperty(exports,"__esModule",{value:true});exports.create=create;exports.get=get;exports.schema=void 0;exports.supported=supported;function base64urlToBuffer(baseurl64String){const padding="==".slice(0,(4-baseurl64String.length%4)%4);const base64String=baseurl64String.replace(/-/g,"+").replace(/_/g,"/")+padding;const str=atob(base64String);const buffer=new ArrayBuffer(str.length);const byteView=new Uint8Array(buffer);for(let i=0;i<str.length;i++){byteView[i]=str.charCodeAt(i)}return buffer}function bufferToBase64url(buffer){const byteView=new Uint8Array(buffer);let str="";for(const charCode of byteView){str+=String.fromCharCode(charCode)}const base64String=btoa(str);const base64urlString=base64String.replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"");return base64urlString}var copyValue="copy";var convertValue="convert";function convert(conversionFn,schema2,input){if(schema2===copyValue){return input}if(schema2===convertValue){return conversionFn(input)}if(schema2 instanceof Array){return input.map(v=>convert(conversionFn,schema2[0],v))}if(schema2 instanceof Object){const output={};for(const[key,schemaField]of Object.entries(schema2)){if(schemaField.derive){const v=schemaField.derive(input);if(v!==void 0){input[key]=v}}if(!(key in input)){if(schemaField.required){throw new Error(`Missing key: ${key}`)}continue}if(input[key]==null){output[key]=null;continue}output[key]=convert(conversionFn,schemaField.schema,input[key])}return output}}function derived(schema2,derive){return{required:true,schema:schema2,derive:derive}}function required(schema2){return{required:true,schema:schema2}}function optional(schema2){return{required:false,schema:schema2}}var publicKeyCredentialDescriptorSchema={type:required(copyValue),id:required(convertValue),transports:optional(copyValue)};var simplifiedExtensionsSchema={appid:optional(copyValue),appidExclude:optional(copyValue),credProps:optional(copyValue)};var simplifiedClientExtensionResultsSchema={appid:optional(copyValue),appidExclude:optional(copyValue),credProps:optional(copyValue)};var credentialCreationOptions={publicKey:required({rp:required(copyValue),user:required({id:required(convertValue),name:required(copyValue),displayName:required(copyValue)}),challenge:required(convertValue),pubKeyCredParams:required(copyValue),timeout:optional(copyValue),excludeCredentials:optional([publicKeyCredentialDescriptorSchema]),authenticatorSelection:optional(copyValue),attestation:optional(copyValue),extensions:optional(simplifiedExtensionsSchema)}),signal:optional(copyValue)};var publicKeyCredentialWithAttestation={type:required(copyValue),id:required(copyValue),rawId:required(convertValue),authenticatorAttachment:optional(copyValue),response:required({clientDataJSON:required(convertValue),attestationObject:required(convertValue),transports:derived(copyValue,response=>{var _a;return((_a=response.getTransports)==null?void 0:_a.call(response))||[]})}),clientExtensionResults:derived(simplifiedClientExtensionResultsSchema,pkc=>pkc.getClientExtensionResults())};var credentialRequestOptions={mediation:optional(copyValue),publicKey:required({challenge:required(convertValue),timeout:optional(copyValue),rpId:optional(copyValue),allowCredentials:optional([publicKeyCredentialDescriptorSchema]),userVerification:optional(copyValue),extensions:optional(simplifiedExtensionsSchema)}),signal:optional(copyValue)};var publicKeyCredentialWithAssertion={type:required(copyValue),id:required(copyValue),rawId:required(convertValue),authenticatorAttachment:optional(copyValue),response:required({clientDataJSON:required(convertValue),authenticatorData:required(convertValue),signature:required(convertValue),userHandle:required(convertValue)}),clientExtensionResults:derived(simplifiedClientExtensionResultsSchema,pkc=>pkc.getClientExtensionResults())};var schema=exports.schema={credentialCreationOptions:credentialCreationOptions,publicKeyCredentialWithAttestation:publicKeyCredentialWithAttestation,credentialRequestOptions:credentialRequestOptions,publicKeyCredentialWithAssertion:publicKeyCredentialWithAssertion};function createRequestFromJSON(requestJSON){return convert(base64urlToBuffer,credentialCreationOptions,requestJSON)}function createResponseToJSON(credential){return convert(bufferToBase64url,publicKeyCredentialWithAttestation,credential)}async function create(requestJSON){const credential=await navigator.credentials.create(createRequestFromJSON(requestJSON));return createResponseToJSON(credential)}function getRequestFromJSON(requestJSON){return convert(base64urlToBuffer,credentialRequestOptions,requestJSON)}function getResponseToJSON(credential){return convert(bufferToBase64url,publicKeyCredentialWithAssertion,credential)}async function get(requestJSON){const credential=await navigator.credentials.get(getRequestFromJSON(requestJSON));return getResponseToJSON(credential)}function supported(){return!!(navigator.credentials&&navigator.credentials.create&&navigator.credentials.get&&window.PublicKeyCredential)}},{}]},{},[1])(1)});