{"version":3,"file":"static/chunks/7381-294c15fa641ebba5.js","mappings":"uGAcAA,EACO,SAAAC,UAAAC,CAAA,EACP,GAAAA,EACAF,EAAA,CACA,GAAAE,CAAA,CACAC,OAAAD,EAAAC,MAAA,EAAAC,SAAAD,MAAA,CACAE,QAAAH,EAAAG,OAAA,EAAAD,SAAAC,OAAA,CACAC,MAAAJ,EAAAI,KAAA,EAAAF,SAAAE,KAAA,CACAC,SAAAL,EAAAK,QAAA,EAAAH,SAAAG,QAAA,CACAC,QAAAN,EAAAM,OAAA,EAAAJ,SAAAI,OAAA,EAEAR,EAAAS,KAAA,2BAAAP,QAGA,IAAAF,EACA,4CAGA,OAAAA,CACA,CACO,SAAAU,qBAAAC,CAAA,EACP,IAAYC,OAAAA,CAAA,CAAAC,WAAAA,CAAA,CAAAC,oBAAAA,CAAA,EAA0CC,GA6BtD,iBA7BsDJ,GA6BtD,SA7BsDA,EACtDA,EAAAK,IAAA,CACAL,EACA,oBAAAC,EACA,iFAEA,oBAAAC,EACA,qFAEA,oBAAAC,EACA,8FAOA,OALAb,UAAA,CACAgB,mBAAAL,EACAC,WAAAA,EACAK,SAAAJ,CACA,GACA,CACAK,KAAA,GACAlB,UAAA,CACAgB,mBAAAL,EACAC,WAAAA,EACAK,SAAAJ,EACA,GAAAZ,CAAA,EAGA,CACA,wIAIA,wBAAAkB,cACAC,aAAA,CACA,KAAAC,MAAA,KAAAC,GACA,CACAC,QAAAC,CAAA,EACA,YAAAH,MAAA,CAAAI,GAAA,CAAAD,EACA,CACAE,QAAAF,CAAA,CAAAG,CAAA,EACA,KAAAN,MAAA,CAAAO,GAAA,CAAAJ,EAAAG,EACA,CACAE,WAAAL,CAAA,EACA,KAAAH,MAAA,CAAAS,MAAA,CAAAN,EACA,CACA,EACO,uCAAAO,qCAAAC,MACP,EACA,mBAAA7B,SACA,OAAA8B,gBAAAC,CAAA,EACA,IAAAC,EAAA,IAA4BD,EAAS,uIACrC,WAAAE,MAAA,IAAAC,KAAAA,EAAA,CACAC,QACA,UAAAP,6BAAAI,EACA,EACAV,MACA,UAAAM,6BAAAI,EACA,CACA,EACA,CACA,WAAA/B,SAAA,CACA,gBAAAmC,WAAAC,YAAA,CACAD,WAAAC,YAAA,CACA,IAAArB,aACA,CACA,WAAAjB,QAAA,QACA,SAAAqC,WAAArC,MAAA,CACAqC,WAAArC,MAAA,CACAC,SAAA8B,eAAA,UACA,CACA,WAAA5B,OAAA,QACA,SAAAkC,WAAAlC,KAAA,CACAkC,WAAAlC,KAAA,CACAF,SAAA8B,eAAA,SACA,CACA,WAAA3B,UAAA,QACA,SAAAiC,WAAAjC,QAAA,CACAiC,WAAAjC,QAAA,CACAH,SAAA8B,eAAA,YACA,CACA,WAAA1B,SAAA,QACA,SAAAgC,WAAAhC,OAAA,CACAgC,WAAAhC,OAAA,CACAJ,SAAA8B,eAAA,WACA,CACA,6BSrGAQ,EJAAC,EAOAC,EAwBAC,6IJhDO,eAAeC,mBAAaC,CAAA,EACnC,GAAAA,EAAAC,EAAA,CACA,OAAAD,EAEA,IAAAE,EAAA,MAAAF,EAAAG,IAAA,GACAd,EAAAa,EAAAb,OAAA,CACA,GAAAa,kCAAAA,EAAAE,MAAA,EACA,IAAAC,EAAAH,EAAAb,OAAA,CAAAgB,KAAA,+BACAA,GACAhB,CAAAA,EAAAgB,CAAA,IAEA,CACA,IAAAC,EAAA,MAAAjB,EAEA,OADAiB,EAAAC,IAAA,CAAAL,EAAAE,MAAA,CACAE,CACA,CACO,SAASE,qBAAeC,CAAA,EAC/B,IAAAC,EAAAD,EAAAE,KAAA,MACAC,EAAAF,CAAA,IACA,IAAAE,EACA,2BAEA,OAAAC,KAAAC,KAAA,KAAAC,cAAAC,MAAA,CAAAC,EAAAL,IACA,CAOO,SAAAM,oBAAAC,CAAA,CAAAC,CAAA,EACP,IAAAC,EAAAC,KAAAC,GAAA,GAAAH,EACAI,EAAAC,YAAA,KACAH,KAAAC,GAAA,IAAAF,IACAK,cAAAF,GACAL,IAEA,EAAK,KAKL,MAFA,mBAAAK,EAAAG,KAAA,EACAH,EAAAG,KAAA,GACA,IAAAD,cAAAF,EACA,CACO,SAAAI,kDACP,IAAYpE,SAAAA,CAAA,EAAa,GAAAL,EAAA0E,EAAA,IACzBC,EAAA,IAAAC,IAAAvE,EAAAwE,IAAA,EAEA,OADAF,EAAAG,IAAA,IACAH,EAAAE,IAAA,CA8BA,IAAAE,kBAAA,SAAAC,CAAA,CAAAC,EAAA,IACA,IAAAC,EAAAF,EACAxB,KAAA,KACA2B,MAAA,EAAAC,EAAAC,EAAAC,IAAAC,OAAAC,MAAA,CAAAJ,EAAA,CAA2D,CAAAC,EAAAI,UAAA,KAAAH,CAAA,GAA6B,IACxF,gBAAAI,CAAA,MAKAC,EAAAC,EAAAC,EAAAC,EAJA,IAAAC,EAAAd,EAEAS,EAAAxC,KAAA,gBAAgD+B,EAAQ,GAAGA,EAAQ,UAAAe,MAAA,CACnE,EAEA,OAAAN,EAAAxC,KAAA,YAAmCiC,MAAA,EAAAC,EAAAa,EAAAX,KACnCK,EAAAT,CAAA,CAAAe,EAAAR,UAAA,KACAG,EAAAV,CAAA,CAAAe,EAAAR,UAAA,KACAI,EAAAX,CAAA,CAAAe,EAAAR,UAAA,KACAK,EAAAZ,CAAA,CAAAe,EAAAR,UAAA,KACAL,CAAA,GAAAE,EAAA,MAAAM,GAAA,EACAR,CAAA,GAAAE,EAAA,IAAAM,GAAAA,CAAA,KAAAC,GAAA,EACAT,CAAA,GAAAE,EAAA,IAAAO,EAAAA,CAAA,KAAAC,EACAV,GACS,IAAAc,WAAA,EAAAR,EAAAM,MAAA,GAAAD,GACT,CACA,EACOI,EAAApB,kBAAA,wEACAjB,EAAAiB,kBAAA,oEACPqB,gBAAA,SAAApB,CAAA,CAAAC,EAAA,IACA,IAAAC,EAAAF,EACAxB,KAAA,KACA2B,MAAA,EAAAC,EAAAC,EAAAC,IAAAC,OAAAC,MAAA,CAAAJ,EAAA,CAA2D,CAAAE,EAAA,CAAAD,CAAA,GAAe,IAC1E,gBAAAK,CAAA,EACA,IAAAW,EAAA,GACA,QAAAJ,KAAAK,UAaAC,CAAA,CAAAC,CAAA,EACA,QAAAnC,EAAA,EAAoBA,EAAAkC,EAAAP,MAAA,CAAgB3B,GAAAmC,EACpC,MAAAD,EAAAE,QAAA,CAAApC,EAAAA,EAAAmC,EAEA,EAjBA,IAAAN,WAAAR,GAAA,GACAW,EAAAK,IAAA,CAAAxB,CAAA,CAAAe,CAAA,SACAI,EAAAK,IAAA,CAAAxB,CAAA,EAAAe,EAAAA,CAAA,QAAAA,CAAA,SACAI,EAAAK,IAAA,CAAAT,KAAA7D,IAAA6D,CAAA,IACAf,CAAA,EAAAe,GAAAA,CAAA,QAAAA,CAAA,QACAhB,GACAoB,EAAAK,IAAA,CAAAT,KAAA7D,IAAA6D,CAAA,IAAAf,CAAA,CAAAe,GAAAA,CAAA,KAAAhB,GAEA,OAAAoB,EAAAM,IAAA,IACA,CACA,EACOC,EAAAR,gBAAA,wEACAS,EAAAT,gBAAA,oECzGA,eAAAU,YAAAC,CAAA,EACP,IAAY/F,SAAAA,CAAA,CAAAb,QAAAA,CAAA,EAAsB,GAAAH,EAAA0E,EAAA,IAClC,CAAYsC,IAAAA,CAAA,CAAAC,MAAAA,CAAA,oBAAAC,CAAA,EAA8C7D,qBAAe0D,EAAAI,OAAA,EACzE,CAAYC,MAAAA,CAAA,EAAU/D,qBAAe0D,EAAAM,WAAA,EACrCC,EAAA,kCAA+DtG,EAAS,EACxEuG,EAAA,gBAA4CvG,EAAS,EACrDwG,EAAA,GACAA,EAAAd,IAAA,CAAAvG,EAAAsB,OAAA,IAAqC6F,EAAiB,eAAAJ,IACtDM,EAAAd,IAAA,CAAAvG,EAAAsB,OAAA,IAAqC6F,EAAiB,GAAGJ,EAAS,UAAAH,EAAAI,OAAA,GAClEK,EAAAd,IAAA,CAAAvG,EAAAsB,OAAA,IAAqC6F,EAAiB,GAAGJ,EAAS,cAAAH,EAAAM,WAAA,GAClEN,EAAAU,YAAA,EACAD,EAAAd,IAAA,CAAAvG,EAAAsB,OAAA,IAAyC6F,EAAiB,GAAGJ,EAAS,eAAAH,EAAAU,YAAA,GAEtED,EAAAd,IAAA,CAAAvG,EAAAsB,OAAA,IAAqC6F,EAAiB,GAAGJ,EAAS,WAAAxD,KAAAgE,SAAA,EAClEC,eAAA,CACA,CACAC,KAAA,MACAC,MAAAb,CACA,EACA,CACAY,KAAA,QACAC,MAAAZ,CACA,EACA,CACAa,SAAAZ,CACA,KACAM,EAAAd,IAAA,CAAAvG,EAAAsB,OAAA,IAAqC6F,EAAiB,GAAGJ,EAAS,oBAAAE,IAClEI,EAAAd,IAAA,CAAAvG,EAAAsB,OAAA,IAAqC8F,EAAgB,GAAGL,EAAS,WAAAH,EAAAgB,QAAA,CAAAC,WAAA,KACjE,MAAAC,QAAAC,GAAA,CAAAV,EAAAW,MAAA,MAAAC,GACA,CACO,eAAeC,yBACtB,IAAYrH,SAAAA,CAAA,CAAAb,QAAAA,CAAA,EAAsB,GAAAH,EAAA0E,EAAA,IAClC4C,EAAA,kCAA+DtG,EAAS,EACxEuG,EAAA,gBAA4CvG,EAAS,EACrDkG,EAAA,MAAA/G,EAAAmB,OAAA,IAA8CgG,EAAiB,gBAC/D,IAAAJ,EACA,OAEA,IAAAG,EAAAF,EAAAM,EAAAM,EAAA,OAAAE,QAAAC,GAAA,EACA/H,EAAAmB,OAAA,IAA2BgG,EAAiB,GAAGJ,EAAS,eACxD/G,EAAAmB,OAAA,IAA2BgG,EAAiB,GAAGJ,EAAS,WACxD/G,EAAAmB,OAAA,IAA2BgG,EAAiB,GAAGJ,EAAS,gBACxD/G,EAAAmB,OAAA,IAA2BiG,EAAgB,GAAGL,EAAS,YACvD,EACA,OACAC,QAAAA,GAAA/E,KAAAA,EACAiF,YAAAA,GAAAjF,KAAAA,EACAqF,aAAAA,GAAArF,KAAAA,EACA2F,SAAAA,EAAA,IAAA5D,KAAA4D,GAAA3F,KAAAA,EACA8E,SAAAA,CACA,CACA,CClDA,IAAAoB,EAAA,uBAIO,SAAAC,yBAAAC,CAAA,EACP,GAHA,oBAGAA,GAHA,WAGAA,GAHA,YAGAA,EAAA,CACA,IAAArF,EAAA,OAGA,OAFAA,EAAAC,IAAA,CAAAoF,EAAAvF,MAAA,CACAE,EAAAjB,OAAA,CAAAsG,EAAAtG,OAAA,CACAiB,CACA,CACA,CAWO,SAAAsF,oBAAAD,CAAA,EACP,QAAAA,GACA,iBAAAA,GACA,kBAAAA,GACA,wBAAAA,CACA,CACO,SAAAE,0BAAAF,CAAA,EAGP,GAFAD,yBAAAC,IACAG,SAbOH,CAAA,EACP,GAAAI,wBAAAJ,GACA,iDAEA,EASAA,GACA,CAAAC,oBAAAD,GACA,0CAEA,CACO,SAAAI,wBAAAJ,CAAA,EACP,QAAAA,GAAA,iBAAAA,GAAA,yBAAAA,CACA,CACO,SAAAK,8BAAAL,CAAA,EAGP,GAFAD,yBAAAC,IACAM,SA5BON,CAAA,EACP,GAAAC,oBAAAD,GACA,qCAAiDA,EAAAO,aAAA,CAAkB,EAEnE,EAwBAP,GACA,CAAAI,wBAAAJ,GACA,+CAEA,CACO,SAAAQ,uBAAAR,CAAA,EAEP,GADAD,yBAAAC,GACA,CAAAI,wBAAAJ,IAAA,CAAAC,oBAAAD,GACA,wCAEA,CACO,eAAAS,aAAA,CAA8BC,SAAAA,CAAA,CAAAC,eAAAA,CAAA,CAAAC,eAAAA,CAAA,CAAAC,MAAAA,CAAA,CAAkD,EACvF,IAAYjJ,MAAAA,CAAA,CAAAW,mBAAAA,CAAA,CAAAuI,gBAAAA,CAAA,CAAAtI,SAAAA,CAAA,CAAAuI,aAAAA,CAAA,EAAuE,GAAAvJ,EAAA0E,EAAA,IACnF,OAAAtE,EAAAW,EAAAmC,KAAA,CAAAoF,GACA,uBAAiCvH,EAAmB,iBACpDA,EAAA,CACAyI,OAAAH,EACAI,QAAA,CACA,gEACA,4CACA,GAAAH,CAAA,EAEAI,OAAA,OACAC,KAAAjG,KAAAgE,SAAA,EACAkC,SAAAV,EACAW,SAAA7I,EACA8I,eAAA,CACA,GAAAX,CAAA,CACA,GAAAI,GAAA,CACAQ,YAAA,MAAAC,oBAAAb,EAAAc,QAAA,CACA,CAAiB,EAEjBC,eAAAd,CACA,EACA,GAAKe,IAAA,CAyQL,MAAAtH,IACA,MAAcD,mBAAaC,GAC3B,IAAA8G,EAAA,MAAA9G,EAAAG,IAAA,GAOA,MANAkG,uBA5QKA,EA6QLL,8BAAAc,GAGAX,uBAAAW,GAEAA,CACA,EAlRA,CACO,eAAAS,uBAAA,CAAwCC,cAAAA,CAAA,CAAAC,mBAAAA,CAAA,CAAAC,QAAAA,CAAA,CAAAnB,eAAAA,CAAA,CAAAC,MAAAA,CAAA,CAAoE,EACnH,IAAYjJ,MAAAA,CAAA,CAAAW,mBAAAA,CAAA,CAAAuI,gBAAAA,CAAA,CAAAtI,SAAAA,CAAA,CAAAuI,aAAAA,CAAA,EAAuE,GAAAvJ,EAAA0E,EAAA,IACnF,OAAAtE,EAAAW,EAAAmC,KAAA,CAAAoF,GACA,uBAAiCvH,EAAmB,iBACpDA,EAAA,CACA0I,QAAA,CACA,0EACA,4CACA,GAAAH,CAAA,EAEAI,OAAA,OACAC,KAAAjG,KAAAgE,SAAA,EACAqB,cAAAsB,EACAG,mBAAA,CACA,GAAAF,CAAA,CACA,GAAAf,GAAA,CACAQ,YAAA,MAAAC,oBAAAM,EAAAL,QAAA,CACA,CAAiB,EAEjBJ,SAAA7I,EACAyJ,QAAAF,EACAL,eAAAd,CACA,GACAI,OAAAH,CACA,GAAKc,IAAA,CAAAO,yBACL,CACO,eAAAC,YAAA,CAA6BlD,aAAAA,CAAA,CAAA4B,MAAAA,CAAA,CAAsB,EAC1D,IAAYjJ,MAAAA,CAAA,CAAAW,mBAAAA,CAAA,CAAAuI,gBAAAA,CAAA,CAAAtI,SAAAA,CAAA,EAAyD,GAAAhB,EAAA0E,EAAA,IACrE,OAAAtE,EAAAW,EAAAmC,KAAA,CAAAoF,GACA,uBAAiCvH,EAAmB,iBACpDA,EAAA,CACA0I,QAAA,CACA,+DACA,4CACA,GAAAH,CAAA,EAEAI,OAAA,OACAC,KAAAjG,KAAAgE,SAAA,EACAkD,MAAAnD,EACAoC,SAAA7I,CACA,GACAwI,OAAAH,CACA,GAAKc,IAAA,CAAOvH,mBACZ,CA6KO,eAAAiI,mBAAA,CAAoCC,aAAAA,CAAA,CAAA5D,SAAAA,CAAA,CAAA6D,WAAAA,CAAA,CAAAC,YAAAA,CAAA,CAAAC,sBAAAA,CAAA,CAAA7B,eAAAA,CAAA,CAAAC,MAAAA,CAAA,CAAgG,EAC3I,IAAY9I,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IACtB,OAAW,CACX,GAAAkE,wBAAAkC,GACA,OACA3D,QAAA2D,EAAAI,oBAAA,CAAAC,OAAA,CACA9D,YAAAyD,EAAAI,oBAAA,CAAAE,WAAA,CACArD,SAAA,IAAA5D,KAAAA,KAAAC,GAAA,GAAA0G,IAAAA,EAAAI,oBAAA,CAAAG,SAAA,EACA5D,aAAAqD,EAAAI,oBAAA,CAAAI,YAAA,CACApE,SAAAA,CACA,EAEA,IAAAqE,EAAA,GACA,GAAAT,YAAAA,EAAA/B,aAAA,EACA,IAAAgC,EACA,+BACAQ,CAAAA,EAAAC,YAAA,OAAAT,GACA,MACA,GAAAD,0BAAAA,EAAA/B,aAAA,EACA,IAAAiC,EACA,mCACAO,CAAAA,EAAAE,YAAA,OAAAT,GACA,MACA,GAAAF,qBAAAA,EAAA/B,aAAA,EACA,IAAAkC,EACA,8CACAM,CAAAA,EAAAG,MAAA,OAAAT,GACA,MAEA,sCAAsDH,EAAA/B,aAAA,CAA2B,GAEjFxI,IAAA,uCACA,IAAAoL,EAAA,MAAAvB,uBAAA,CACAC,cAAAS,EAAA/B,aAAA,CACAuB,mBAAA,CACAL,SAAA/C,EACA,GAAAqE,CAAA,EAEAnC,eAAAA,EACAmB,QAAAO,EAAAL,OAAA,CACApB,MAAAA,CACA,GACA9I,IAAA,wCAAAoL,GACAb,EAAAa,CACA,CACA,CAcA,eAAAjB,yBAAA7H,CAAA,EACA,MAAUD,mBAAaC,GACvB,IAAA8G,EAAA,MAAA9G,EAAAG,IAAA,GAEA,OADAgG,uBAAAW,GACAA,CACA,CACA,eAAAK,oBAAA9C,CAAA,EACA,IAAYjH,OAAAA,CAAA,CAAAe,SAAAA,CAAA,CAAAuI,aAAAA,CAAA,EAAmC,GAAAvJ,EAAA0E,EAAA,IAE/C,GADAwC,GAAAA,CAAAA,EAAA,OAAmCmB,wBAAc,GAAAnB,QAAA,EACjD,CAAAA,EACA,wEAEA,IAAA3F,EAAA,MAAAtB,EAAA2L,MAAA,CAAAC,SAAA,WAAAC,cAAAC,MAAA,CAAAxC,GAAA,CAA+FnG,KAAA,OAAA0B,KAAA,WAA+B,sBAC9HkH,EAAA,MAAA/L,EAAA2L,MAAA,CAAAK,IAAA,QAAA1K,EAAA,IAAAuK,cAAAC,MAAA,IAAwF7E,EAAS,EAAElG,EAAS,IAC5G,OAAW4F,EAAcoF,EACzB,CC/XO,IAAAE,EAAA,CACP,2BACA,yBACA,uBACA,8BACA,gCACA,2BACA,sBACA,cACA,CCUO,eAAAC,gBAAA,GAAAC,CAAA,EAIP,OAHA3J,GACAA,CAAAA,EAAA4J,oBAAAD,GAAAE,OAAA,KAAA7J,EAAAL,KAAAA,EAAA,EAEAK,CACA,CAEA,eAAA4J,iBAAA,CAAkChD,MAAAA,CAAA,CAAAkD,SAAAA,CAAA,CAAAC,eAAAA,CAAA,CAAkC,EACpE,IAAYjM,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IACtBhC,MACA,IAAAqE,EAAA,MAAyBsB,yBACzB,GAAAgB,GAAAoD,QACA,OAIA,IAAAC,EAAAC,KAAAC,GAAA,IAAA7F,GAAAgB,UAAA,IAAA5D,IAAA,EAAA0I,OAAA,GACA1I,KAAAC,GAAA,GACA,IACA,CAAAuI,KAAAG,MAAA,YASA,OARAJ,GAAA,KACAnM,IAAA,mCAAmD,CAAAmM,EAAA,KAAAK,OAAA,YAA+B,GAClFrK,EAAgCqB,oBAAmB,IAAAiJ,cAAA,CAAuB3D,MAAAA,EAAAkD,SAAAA,EAAAC,eAAAA,EAAAzF,OAAAA,CAAA,GAAyCkG,KAAA,IAAA1M,IAAA,4BAAA4C,IAAAuJ,GACnHrD,GAAA6D,iBAAA,QAAAxK,IAGAsK,cAAA,CAAwB3D,MAAAA,EAAAkD,SAAAA,EAAAC,eAAAA,EAAAzF,OAAAA,CAAA,GAAyCkG,KAAA,IAAA1M,IAAA,4BAAA4C,IAEjET,CACA,CAEO,eAAAsK,cAAA,GAAAZ,CAAA,EAIP,OAHAzJ,GACAA,CAAAA,EAAAwK,kBAAAf,GAAAE,OAAA,KAAA3J,EAAAP,KAAAA,EAAA,EAEAO,CACA,CACA,IAAAyK,EAAA,IAAAC,IACA,eAAAF,eAAA,CAAgC9D,MAAAA,CAAA,CAAAkD,SAAAA,CAAA,CAAAC,eAAAA,CAAA,CAAAzF,OAAAA,CAAA,CAA0C,EAC1EyF,IAAA,IACA,IACA,IAAgBjM,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAC1BqC,GACAA,CAAAA,EAAA,MAA2BsB,wBAAc,EAEzC,IAAgBZ,aAAAA,CAAA,CAAAP,SAAAA,CAAA,EAAyBH,GAAA,GACzC,IAAAU,GAAA,CAAAP,EACA,iEAEA,GAAAkG,EAAAE,GAAA,CAAA7F,GACA,4EAA4FA,EAAa,GAEzGlH,IAAA,6CACA,IAAAgN,EAAA,MAAiCtE,aAAY,CAC7CC,SAAA,qBACAC,eAAA,CACAqE,cAAA/F,CACA,EACA4B,MAAAA,CACA,GAAS4D,KAAA,KAET,MADAG,EAAAK,GAAA,CAAAhG,GACAtE,CACA,GACAuK,EAAA,CACArG,YAAAkG,EAAArC,oBAAA,CAAAE,WAAA,CACAjE,QAAAoG,EAAArC,oBAAA,CAAAC,OAAA,CACApD,SAAA,IAAA5D,KAAAA,KAAAC,GAAA,GAAAmJ,IAAAA,EAAArC,oBAAA,CAAAG,SAAA,EACAnE,SAAAA,CACA,EAEA,OADA,MAAAqF,IAAAmB,GACAA,CACA,QACA,CACAlB,IAAA,GACA,CACA,CC1EO,IAAAmB,gBAAA,OAAiC5G,OAAAA,CAAA,CAAAsC,MAAAA,CAAA,CAAgB,IACxD,IAAAuE,wBAAA,MAAA7G,IACA,MAAcD,YAAWC,GACjBoF,gBAAe,CACvB9C,MAAAA,EACAkD,SAAA,GAAAsB,GAAAD,wBAAA,CAA4E,GAAA7G,CAAA,IAAA8G,CAAA,EAC5E,GAASZ,KAAA,KACT,IAAoB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAC9BnE,IAAA,sCAAA4C,EACA,EACA,CACA,OAAAyK,wBAAA7G,EACA,EAKO+G,QAAA,IACP,IAAY9M,SAAAA,CAAA,CAAAT,MAAAA,CAAA,CAAAJ,QAAAA,CAAA,EAA6B,GAAAH,EAAA0E,EAAA,IACzC,CAAYqJ,cAAAA,CAAA,CAAAC,SAAAA,CAAA,EAA0BC,GAAA,GACtCF,GAAyB7B,EAASgC,QAAA,CAAAH,IAClCxN,IAAA,sDAAsEwN,EAAc,GAEpFC,IAAA,eACA,IAAA3E,EAAA,IAAA8E,gBACAC,EAAA,WACA,IACA,IAAArH,EAAA,MAAiCsB,yBACjC,GAAAgB,EAAAG,MAAA,CAAAiD,OAAA,EACAlM,IAAA,qBACAwN,GAAAC,IAAAD,GACA,MACA,CACA,IAAAhH,EAAA,CACAxG,IAAA,kCACA0N,GAAAI,2BACAL,IAAA,cACA,MACA,CACA,IAAA1G,EAAA,kCAAuEtG,EAAS,EAChFuG,EAAA,gBAAoDvG,EAAS,QAC7DiH,QAAAC,GAAA,EACA/H,EAAAyB,UAAA,IAAsC0F,EAAiB,GAAGP,EAAAG,QAAA,CAAgB,WAC1E/G,EAAAyB,UAAA,IAAsC0F,EAAiB,GAAGP,EAAAG,QAAA,CAAgB,eAC1E/G,EAAAyB,UAAA,IAAsC0F,EAAiB,GAAGP,EAAAG,QAAA,CAAgB,gBAC1E/G,EAAAyB,UAAA,IAAsC0F,EAAiB,GAAGP,EAAAG,QAAA,CAAgB,qBAC1E/G,EAAAyB,UAAA,IAAsC0F,EAAiB,GAAGP,EAAAG,QAAA,CAAgB,YAC1E/G,EAAAyB,UAAA,IAAsC0F,EAAiB,gBACvDnH,EAAAyB,UAAA,IAAsC2F,EAAgB,GAAGR,EAAAG,QAAA,CAAgB,YACzE/G,EAAAyB,UAAA,iBAAmDZ,EAAS,GAAG+F,EAAAG,QAAA,CAAgB,oBAC/E,EACA+G,GAAAI,2BACAtH,EAAAU,YAAA,EACA,MAAsBkD,YAAW,CACjCtB,MAAAjH,KAAAA,EACAqF,aAAAV,EAAAU,YAAA,GAGAuG,IAAA,aACA,CACA,MAAA7K,EAAA,CACA,GAAAkG,EAAAG,MAAA,CAAAiD,OAAA,CACA,MAEA,OADAsB,GAAAC,IAAAD,GACA5K,CACA,CACA,KACA,OACAiL,UAAAA,EACA/E,MAAA,IAAAA,EAAAA,KAAA,EACA,CACA,ECxEOiF,kBAAA,EAA6BpH,SAAAA,CAAA,CAAAqH,YAAAA,CAAA,CAAAR,cAAAA,CAAA,CAAAC,SAAAA,CAAA,CAAiD,IACrF,IAAYhN,SAAAA,CAAA,CAAAb,QAAAA,CAAA,CAAAI,MAAAA,CAAA,EAA6B,GAAAP,EAAA0E,EAAA,IACzC,GAAAqJ,GAAyB7B,EAASgC,QAAA,CAAAH,GAClC,0DAAsEA,EAAc,GAEpFC,IAAA,0BACA,IAAA3E,EAAA,IAAA8E,gBACAK,EAAA,WACA,IACA,IAAA3L,EAAA,MAA4BoG,aAAY,CACxCC,SAAA,cACAC,eAAA,CACAc,SAAA/C,CACA,EACAmC,MAAAA,EAAAG,MAAA,GAuBA,OArBYd,0BAAyB7F,GACrCqE,EAAArE,EAAA4L,mBAAA,CAAAxE,QAAA,CACApH,EAAA,MAAwBuH,uBAAsB,CAC9CC,cAAA,mBACAC,mBAAA,CACAoB,OAAA,YACAzB,SAAA/C,CACA,EACAkC,eAAA,CACAsF,aAAA,aACAH,YAAAA,GAAgD9J,kDAChDkK,qBAAA,IACA,EACApE,QAAA1H,EAAA4H,OAAA,CACApB,MAAAA,EAAAG,MAAA,GAEYd,0BAAyB7F,GACrCqE,GAAArE,EAAA4H,OAAA,EACA,MAAAtK,EAAAsB,OAAA,iBAAsDT,EAAS,GAAGkG,EAAS,UAAArE,EAAA4H,OAAA,EAE3EuD,IAAA,yBACAnL,EAAA4H,OAAA,CAEA,MAAAtH,EAAA,CAGA,MAFA5C,IAAA4C,GACA4K,GAAAC,IAAA,8BACA7K,CACA,CACA,KACA,OACAqL,oBAAAA,EACAnF,MAAA,IAAAA,EAAAA,KAAA,EACA,CACA,EACAuF,EAAA,IAAAvB,IA8DA,eAAAwB,2BAAA,CAA4C3H,SAAAA,CAAA,CAAA4H,mBAAAA,CAAA,CAAAf,cAAAA,CAAA,CAAA3E,eAAAA,CAAA,CAAAmB,QAAAA,CAAA,CAAAlB,MAAAA,CAAA,CAA8E,MAc1HkE,EAbA,IAAYvM,SAAAA,CAAA,CAAAb,QAAAA,CAAA,CAAAI,MAAAA,CAAA,EAA6B,GAAAP,EAAA0E,EAAA,IACzC,GAAAqJ,GAAyB7B,EAASgC,QAAA,CAAAH,GAClC,4DAAwEA,EAAc,EAEtFxD,CAAAA,GAAAA,CAAAA,EAAA,MAAApK,EAAAmB,OAAA,iBAAiEN,EAAS,GAAGkG,EAAS,YACtF9E,KAAAA,CAAA,EACA,MAAAjC,EAAAyB,UAAA,iBAA6CZ,EAAS,GAAGkG,EAAS,WAClEqD,EAIAhK,IAAA,4CAA4DgK,EAAQ,GAHpEA,EAAA,MAAAwE,aAAA,CAAuC7H,SAAAA,EAAAmC,MAAAA,CAAA,GAMvC,IACAkE,EAAA,MAAAyB,gBAAA,CACA9H,SAAAA,EACA4H,mBAAAA,EACA1F,eAAAA,EACAmB,QAAAA,EACAlB,MAAAA,CACA,EACA,CACA,MAAAlG,EAAA,CACA,GAAAA,aAAApB,OACAoB,EAAAjB,OAAA,CAAA+M,UAAA,iCACA1O,IAAA,oDACAgK,EAAA,MAAAwE,aAAA,CAA2C7H,SAAAA,EAAAmC,MAAAA,CAAA,GAC3CkE,EAAA,MAAAyB,gBAAA,CACA9H,SAAAA,EACA4H,mBAAAA,EACA1F,eAAAA,EACAmB,QAAAA,EACAlB,MAAAA,CACA,QAGA,MAAAlG,CAEA,CAGA,OAFI0F,8BAA6B0E,GACjChN,IAAA,wCAAAgN,GACA,CACAlG,YAAAkG,EAAArC,oBAAA,CAAAE,WAAA,CACAjE,QAAAoG,EAAArC,oBAAA,CAAAC,OAAA,CACA1D,aAAA8F,EAAArC,oBAAA,CAAAI,YAAA,CACAvD,SAAA,IAAA5D,KAAAA,KAAAC,GAAA,GAAAmJ,IAAAA,EAAArC,oBAAA,CAAAG,SAAA,EACAnE,SAAkB7D,qBAAekK,EAAArC,oBAAA,CAAAC,OAAA,sBAEjC,CACA,eAAA4D,aAAA,CAA8B7H,SAAAA,CAAA,CAAAmC,MAAAA,CAAA,CAAkB,EAChD,IAAY9I,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IACtBnE,IAAA,6BACA,IAAA2O,EAAA,MAAmCjG,aAAY,CAC/CC,SAAA,cACAC,eAAA,CACAc,SAAA/C,CACA,EACAmC,MAAAA,CACA,GAGA,OAFIX,0BAAyBwG,GAC7B3O,IAAA,8BAAA2O,GACAA,EAAAzE,OAAA,CAEA,eAAAuE,gBAAA,CAAiC9H,SAAAA,CAAA,CAAA4H,mBAAAA,CAAA,CAAA1F,eAAAA,CAAA,CAAAmB,QAAAA,CAAA,CAAAlB,MAAAA,CAAA,CAA+D,EAChG,IAAY9I,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAEtB,OADAnE,IAAA,uCACW6J,uBAAsB,CACjCC,cAAA,mBACAC,mBAAA,CACAoB,OAAAoD,EACA7E,SAAA/C,CACA,EACAkC,eAAA,CACA,GAAAA,CAAA,CACAsF,aAAA,aACAH,YAAyB9J,kDACzBkK,qBAAA,KACA,EACApE,QAAAA,EACAlB,MAAAA,CACA,EACA,CACO,IAAA8F,eAAA,IACP,IAAY5O,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IACtB2E,EAAA,IAAA8E,gBACA,CAAYH,SAAAA,CAAA,CAAAzB,SAAAA,CAAA,EAAqB0B,GAAA,GACjCmB,EAAA,WACA,IAAAC,EAAAC,eApJAC,EACAT,EAqBA5M,EAvBA,IAAY3B,MAAAA,CAAA,CAAAF,SAAAA,CAAA,EAAoB,GAAAL,EAAA0E,EAAA,IAGhC,IAGA,GAFA6K,EAAA,IAAA3K,IAAAvE,EAAAwE,IAAA,EAEA,CADAiK,CAAAA,EAAAS,EAAAzK,IAAA,EAAA0K,MAAA,IACA,CACAjP,IAAA,mEACA,MACA,CACA,GAAAqO,EAAAtB,GAAA,CAAAwB,GAAA,CACAvO,IAAA,gFACA,MACA,CACA,CACA,MAAAkP,EAAA,CACA,GAAAA,aAAyBzP,EAAA0P,EAA4B,CACrD,MAAAD,EAEAlP,IAAA,+BACA,MACA,CACA,IAAAoP,EAAAb,EAAAtL,KAAA,SAEA,IACAjD,IAAA,6BAAAoP,GACAzN,EAAAwB,KAAAC,KAAA,KAAAC,cAAAC,MAAA,CAAsDC,EAAmB6L,KACzEpP,IAAA,4BAAA2B,GACA0N,SAoBAC,CAAA,EACA,IAAAA,GACA,iBAAAA,GACA,eAAAA,CAAA,GACA,iBAAAA,EAAAC,QAAA,EACA,UAAAD,CAAA,GACA,iBAAAA,EAAAE,GAAA,EACA,UAAAF,CAAA,GACA,iBAAAA,EAAAG,GAAA,CACA,iCAEA,EA/BA9N,EACA,CACA,MAAAiB,EAAA,CACA5C,IAAA,wCACA,MACA,CACA,IAAA2B,EAAA4N,QAAA,mBAAA5N,EAAA4N,QAAA,EACAvP,IAAA,sDAAA2B,EAAA4N,QAAA,EACA,MACA,CACA,IAAA5N,EAAA6N,GAAA,mBAAA7N,EAAA6N,GAAA,EACAxP,IAAA,iDAAA2B,EAAA4N,QAAA,EACA,MACA,CACA,OACA5I,SAAAhF,EAAA4N,QAAA,CACAC,IAAA7N,EAAA6N,GAAA,CACAjB,mBAAAA,CACA,CACA,IAuGA,IAAAO,EAAA,CACArB,IAAA,kBACA,MACA,CACA,GAAAqB,EAAAU,GAAA,CAAA5L,KAAAC,GAAA,QACA4J,IAAA,uBACA,MACA,CACAA,IAAA,wBACA,IACA,IAAAjH,EAAA,MAAA8H,2BAAA,CACA3H,SAAAmI,EAAAnI,QAAA,CACA4H,mBAAAO,EAAAP,kBAAA,CACAvE,QAAA0D,GAAA1D,QACAlB,MAAAA,EAAAG,MAAA,GACayD,KAAA,KACb,GAAA9J,aAAApB,OACAoB,EAAAjB,OAAA,EAAAgM,SAAA,mCACA3N,IAAA4C,GACA6K,IAAA,uBACA,MACA,CACA,MAAA7K,CACA,GACA,IAAA4D,EACA,OAMA,OALYkJ,WNnMZ,IAAY3P,QAAAA,CAAA,EAAY,GAAAN,EAAA0E,EAAA,IACxBpE,EAAA4P,SAAA,OAAAzL,kDACA,IMkMA8H,EACA,MAAAA,EAAAxF,GACA,MAAwB4G,gBAAe,CAAG5G,OAAAA,EAAAsC,MAAAA,EAAAG,MAAA,GAC1CwE,IAAA,uBACAjH,CACA,CACA,MAAA5D,EAAA,CAGA,MAFAyL,EAAAnB,GAAA,CAAA4B,EAAAP,kBAAA,EACAd,IAAA,uBACA7K,CACA,CACA,KACA,OACAiM,SAAAA,EACA/F,MAAA,IAAAA,EAAAA,KAAA,EACA,CACA,ECpPO,eAAA8G,sBAAA,CAAuCC,aAAAA,CAAA,CAAe,EAC7D,IAAY7P,MAAAA,CAAA,CAAA8P,MAAAA,CAAA,EAAiB,GAAArQ,EAAA0E,EAAA,IAC7B4L,EAAA,MAAAC,6BACAC,EAAA,CACA,GAAAF,CAAA,CACAG,GAAA,CACArN,KAAAiN,GAAAI,IAAArN,MAAAkN,EAAAG,EAAA,CAAArN,IAAA,CACAsN,GAAAL,GAAAI,IAAAC,IAAAJ,EAAAG,EAAA,CAAAC,EAAA,EAEAC,YAAAN,GAAAM,YACAC,uBAAAN,EAAAM,sBAAA,EAAAP,GAAAO,uBACAC,WAAAR,GAAAQ,WACAC,QAAAR,EAAAQ,OAAA,EAAAT,GAAAS,QACAC,UAAmBjN,EAAmBwM,EAAAS,SAAA,EACtCC,KAAA,CACA,GAAAV,EAAAU,IAAA,CACAN,GAAAxK,WAAA+K,IAAA,CAAAX,EAAAU,IAAA,CAAAN,EAAA,IAAAQ,EAAAzL,UAAA,IACA,EACA0L,mBAAAb,EAAAa,kBAAA,CAAAjM,GAAA,MACA,GAAAkM,CAAA,CACAV,GAAgB5M,EAAmBsN,EAAAV,EAAA,CACnC,GACA,EACAnQ,IAAA,gCAAAiQ,GACA,IAAAY,EAAA,MAAAC,UAAAC,WAAA,CAAAC,MAAA,EACAf,UAAAA,CACA,GACA,IAAAY,EACA,gCAEA,IAAAA,CAAAA,aAAAI,mBAAA,GACA,CAAAJ,CAAAA,EAAAK,QAAA,YAAAC,gCAAA,EACA,0FAEA,IAAAD,EAAAL,EAAAK,QAAA,CACAlR,IAAA,uBACA6Q,WAAAA,EACAO,cAAAF,EAAAE,aAAA,KACAC,qBAAAH,EAAAG,oBAAA,KACAC,aAAAJ,EAAAI,YAAA,KACAC,sBAAAL,EAAAK,qBAAA,IACA,GACA,IAAAC,EAAA,iBAAA3B,EAAAA,EAAA,MAAAA,IACA,OAAA4B,8BAAA,CACAZ,WAAAA,EACAhB,aAAA2B,CACA,EACA,CACA,SAAAE,gBAAAC,CAAA,EACA,IAAY7B,MAAAA,CAAA,EAAU,GAAArQ,EAAA0E,EAAA,IACtB,IAAA2L,EACA,oCAEA,SAAcA,EAAA8B,OAAA,CAAAC,OAAA,WAAiC,GAAGF,EAAAE,OAAA,WAAwB,EAEnE,eAAA7B,6BACP,IAAYF,MAAAA,CAAA,CAAAjQ,MAAAA,CAAA,CAAAC,SAAAA,CAAA,EAA2B,GAAAL,EAAA0E,EAAA,IACvC,IAAA2L,EACA,oCAEA,IAAYlJ,QAAAA,CAAA,EAAU,MAASkB,0BAAc,GAC7C,IAAAlB,EACA,+CAEA,OAAA/G,EAAA6R,gBAAA,qCAAsE5B,EAAAI,EAAA,EAAAC,IAAArQ,EAAAgS,QAAA,CAAkC,IACxG3I,OAAA,OACAD,QAAA,CACA6I,OAAA,oCACA,iDACAC,cAAA,UAAqCpL,EAAQ,EAE7C,GACAgD,IAAA,CAAcvH,oBACduH,IAAA,IAAAtH,EAAAG,IAAA,GACA,CACO,eAAAgP,8BAAA,CAA+CZ,WAAAA,CAAA,CAAAhB,aAAAA,CAAA,CAA2B,EACjF,IAAYhQ,MAAAA,CAAA,EAAU,GAAAJ,EAAA0E,EAAA,IACtB,CAAYyC,QAAAA,CAAA,EAAU,MAASkB,0BAAc,GAC7C,IAAAlB,EACA,+CAEA,IAAAqL,EAAA,aAAApB,EACA,MAAAqB,sCAAArB,EAAAK,QAAA,EACAL,EACA,OAAAhR,EAAA6R,gBAAA,oCACAtI,KAAAjG,KAAAgE,SAAA,EACA,GAAA8K,CAAA,CACApC,aAAAA,CACA,GACA1G,OAAA,OACAD,QAAA,CACA6I,OAAA,oCACA,iDACAC,cAAA,UAAqCpL,EAAQ,EAE7C,GACAgD,IAAA,CAAcvH,oBACduH,IAAA,IAAAtH,EAAAG,IAAA,IACAmH,IAAA,MACA,GAAAtH,CAAA,CACA6P,UAAA,IAAAvO,KAAAtB,EAAA6P,SAAA,CACA,GACA,CACO,eAAAC,uBACP,IAAYtC,MAAAA,CAAA,CAAAjQ,MAAAA,CAAA,CAAAC,SAAAA,CAAA,EAA2B,GAAAL,EAAA0E,EAAA,IACvC,IAAA2L,EACA,oCAEA,IAAAtJ,EAAA,MAAyBsB,yBACzB,IAAAtB,GAAAI,QACA,+CAEA,OAAA/G,EAAA6R,gBAAA,4BAA6D5B,EAAAI,EAAA,EAAAC,IAAArQ,EAAAgS,QAAA,CAAkC,IAC/F3I,OAAA,OACAD,QAAA,CACA6I,OAAA,oCACA,iDACAC,cAAA,UAAqCxL,EAAAI,OAAA,CAAe,EAEpD,GACAgD,IAAA,CAAcvH,oBACduH,IAAA,IAAAtH,EAAAG,IAAA,IACAmH,IAAA,GAAiByI,eAAAA,CAAA,CAAgB,KACjCA,eAAAA,EAAA1N,GAAA,MACA,GAAA2N,CAAA,CACAH,UAAA,IAAAvO,KAAA0O,EAAAH,SAAA,EACAI,WAAAD,KAAAzQ,IAAAyQ,EAAAC,UAAA,CACA,IAAA3O,KAAA0O,EAAAC,UAAA,EACAD,EAAAC,UAAA,CACA,EACA,GACA,CACO,eAAAC,sBAAA,CAAuCC,aAAAA,CAAA,CAAe,EAC7D,IAAY3C,MAAAA,CAAA,CAAAjQ,MAAAA,CAAA,EAAiB,GAAAJ,EAAA0E,EAAA,IAC7B,IAAA2L,EACA,oCAEA,IAAAtJ,EAAA,MAAyBsB,yBACzB,IAAAtB,GAAAI,QACA,+CAEA,OAAA/G,EAAA6R,gBAAA,0BACAvI,OAAA,OACAC,KAAAjG,KAAAgE,SAAA,EAA+BsL,aAAAA,CAAA,GAC/BvJ,QAAA,CACA6I,OAAA,oCACA,iDACAC,cAAA,UAAqCxL,EAAAI,OAAA,CAAe,EAEpD,GAAKgD,IAAA,CAAOvH,mBACZ,CACO,eAAAqQ,sBAAA,CAAuCD,aAAAA,CAAA,CAAA5C,aAAAA,CAAA,CAA6B,EAC3E,IAAYC,MAAAA,CAAA,CAAAjQ,MAAAA,CAAA,EAAiB,GAAAJ,EAAA0E,EAAA,IAC7B,IAAA2L,EACA,oCAEA,IAAAtJ,EAAA,MAAyBsB,yBACzB,IAAAtB,GAAAI,QACA,+CAEA,OAAA/G,EAAA6R,gBAAA,0BACAvI,OAAA,OACAC,KAAAjG,KAAAgE,SAAA,EAA+BsL,aAAAA,EAAA5C,aAAAA,CAAA,GAC/B3G,QAAA,CACA6I,OAAA,oCACA,iDACAC,cAAA,UAAqCxL,EAAAI,OAAA,CAAe,EAEpD,GAAKgD,IAAA,CAAOvH,mBACZ,CACA,SAAAsQ,qBAAAC,CAAA,EACA,IAAAA,GACA,iBAAAA,GACA,mBAAAA,GAAA,iBAAAA,EAAAC,cAAA,EACA,gBAAAD,CAAAA,GACA,iBAAAA,EAAApC,SAAA,EACA,YAAAoC,GAAA,iBAAAA,EAAArC,OAAA,EACA,qBAAAqC,GAAA,iBAAAA,EAAAE,gBAAA,EACA,gBAAAF,GACA,CAAAG,MAAAC,OAAA,CAAAJ,EAAA7B,WAAA,GACA6B,EAAA7B,WAAA,CAAAkC,KAAA,MAAAtC,GACA,iBAAAA,GACA,OAAAA,GACA,iBAAAA,EAAAR,EAAA,EACA,kBAAAQ,CAAAA,GACAoC,MAAAC,OAAA,CAAArC,EAAAuC,UAAA,GACAvC,EAAAuC,UAAA,CAAAD,KAAA,qBAAAE,EAAA,IACA,IAAgBnT,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,GAG1B,OADAnE,IAAA,0BAA0CmD,KAAAgE,SAAA,CAAAyL,GAAkB,GAC5D,8BACA,CACA,CACA,eAAAQ,mBAAA,CAAoCP,eAAAA,CAAA,CAAArC,UAAAA,CAAA,CAAAO,YAAAA,CAAA,CAAAR,QAAAA,CAAA,CAAAuC,iBAAAA,CAAA,CAAoE,EACxG,IAAY9S,MAAAA,CAAA,CAAA8P,MAAA,CAAgBQ,WAAAA,CAAA,EAAa,IAAS,GAAA7Q,EAAA0E,EAAA,IAClD8L,EAAA,CACAO,UAAmBjN,EAAmBiN,GACtC6C,iBAAAtC,GAAApM,IAAA,KACAwL,GAAgB5M,EAAmBsN,EAAAV,EAAA,EACnC+C,WAAArC,EAAAqC,UAAA,CACAI,KAAA,YACA,IACA/C,QAAAA,EACAuC,iBAAAA,EACAS,KAAAV,EACAvC,WAAAA,CACA,EACAtQ,IAAA,gCAAAiQ,GACA,IAAAY,EAAA,MAAAC,UAAAC,WAAA,CAAA9P,GAAA,EACAgP,UAAAA,CACA,GACA,IAAAY,EACA,wCAEA,IAAAA,CAAAA,aAAAI,mBAAA,GACA,CAAAJ,CAAAA,EAAAK,QAAA,YAAAsC,8BAAA,EACA,wFAGA,OADAxT,IAAA,cAAA6Q,GACA4C,oCAAA5C,EAAA6C,KAAA,CAAA7C,EAAAK,QAAA,CACA,CACA,IAAAgB,sCAAA,MAAAhB,IACA,IAAAyC,EAAAC,EAAA,OAAAlM,QAAAC,GAAA,EACQrB,EAAiB4K,EAAA2C,iBAAA,EACjBvN,EAAiB4K,EAAA4C,cAAA,EACzB,EACAZ,EAAA,CAAAhC,EAAAE,aAAA,UAAAxJ,MAAA,4CAAA+F,QAAA,CAAAoG,IACA,OACAJ,qBAAAA,EACAC,mBAAAA,EACAV,WAAAA,EAAAzN,MAAA,CAAAyN,EAAArR,KAAAA,CACA,CACA,EACA4R,oCAAA,MAAAC,EAAAxC,KACA,IAAA8C,EAAAC,EAAAL,EAAAM,EAAAC,EAAA,OAAAzM,QAAAC,GAAA,EACQrB,EAAiBoN,GACjBpN,EAAiB4K,EAAAkD,iBAAA,EACjB9N,EAAiB4K,EAAA4C,cAAA,EACjBxN,EAAiB4K,EAAAzF,SAAA,EACzByF,EAAAmD,UAAA,EAAAnD,EAAAmD,UAAA,CAAAC,UAAA,GACchO,EAAiB4K,EAAAmD,UAAA,EAC/B,KACA,EACA,OACAL,gBAAAA,EACAC,qBAAAA,EACAL,mBAAAA,EACAM,aAAAA,EACAC,cAAAA,CACA,CACA,EACA,eAAAI,qCACA,IAAYzE,MAAAA,CAAA,CAAAjQ,MAAAA,CAAA,EAAiB,GAAAJ,EAAA0E,EAAA,IAC7B,IAAA2L,EACA,oCAEA,OAAAjQ,EAAA6R,gBAAA,sBACAvI,OAAA,OACAD,QAAA,CACA6I,OAAA,mCACA,CACA,GACAnI,IAAA,CAAcvH,oBACduH,IAAA,IAAAtH,EAAAG,IAAA,GACA,CCzQA,eAAA+R,eACA,IAAAvS,EAAA,CACA,IAAAwS,EAAAC,OAAA,GACAC,EAAAD,OAAA,swBAiBA,CAAgBhV,OAAAA,CAAA,EAAW,GAAAD,EAAA0E,EAAA,IAC3ByQ,EAAAC,oBAAA,MAAAnV,EAAA2L,MAAA,CAAAyJ,MAAA,WAAAC,iBAAA,GAAgGC,OAAAL,EAAAM,QAAA,MAAuB,EAAED,OAAAP,EAAAQ,QAAA,MAAuB,KAChJhT,EAAA,CACAwS,EAAAA,EACAE,EAAAA,EACAC,EAAAA,CACA,CACA,CACA,OAAA3S,CACA,CAOA,SAAAiT,OAAAC,CAAA,CAAA3F,CAAA,CAAA4F,CAAA,MAHAA,EAKA,IAAAtP,EAAA4O,OAAA,GACAW,EALA,GAKAD,EAAAA,CALA,EAKAA,EACA,KAAA5F,EAAAkF,OAAA,IANA,IADAU,EAQAV,OAAA,IAPAU,CAAA,EAAAA,GAQAtP,CAAAA,EARA,GAQAuP,EAAAD,EAAAA,CARA,EAQAA,CAAA,EAEA5F,GAAAkF,OAAA,GACAW,EAXA,GAWAA,EAAAD,EAAAA,CAXA,EAWAA,EAEA,OAAAtP,CACA,CACA,SAAAkP,OAAAM,CAAA,EAGA,OADAA,EAAAC,SAAAD,CADAA,EAAAA,EAAA7P,MAAA,OAAqC6P,EAAO,EAAAA,CAAA,EAC5CrG,KAAA,kBAA0DqG,EAAO,EAAAA,CAEjE,CAOA,eAAAE,mBAAAC,CAAA,EACA,IAAYhB,EAAAA,CAAA,CAAAE,EAAAA,CAAA,EAAO,MAAAH,eACnB,OAAAU,OAAAT,EAAAgB,EAAAd,GAAAM,QAAA,IACA,CACA,eAAAS,sBAAA,CAAuCD,OAAAA,CAAA,CAAAE,UAAAA,CAAA,CAAAC,QAAAA,CAAA,CAAAC,KAAAA,CAAA,CAAAzV,WAAAA,CAAA,CAAAuG,SAAAA,CAAA,CAAAmP,SAAAA,CAAA,CAAAC,YAAAA,CAAA,CAAgF,EACvH,IAAYrW,OAAAA,CAAA,EAAW,GAAAD,EAAA0E,EAAA,IACvB6R,EAAAhB,OAAAW,GAAAX,OAAAY,GACAK,EAAA,MAAAvW,EAAA2L,MAAA,CAAAyJ,MAAA,WAAAC,iBAAAiB,IACA,EAAAE,EAAA,CAAA9V,EAAA6C,KAAA,MACAkT,EAAA,MAAAzW,EAAA2L,MAAA,CAAAyJ,MAAA,eAAAvJ,cAAAC,MAAA,IAAmG0K,EAAa,EAAEvP,EAAS,GAAGmP,EAAS,IACvIT,EAAA,MAAA3V,EAAA2L,MAAA,CAAAyJ,MAAA,qBAAAsB,KAAA,CACArB,iBAAAC,OAAAa,IACAM,EACA,EAAAE,WAAA,IACA,CAAY5B,EAAAA,CAAA,CAAAE,EAAAA,CAAA,CAAAC,EAAAA,CAAA,EAAU,MAAAJ,eACtB8B,EAAApB,OAAAT,EAAAI,oBAAAQ,GAAAV,GACA4B,EAAA7B,OAAA,KAA4BkB,EAAQ,GAAAhB,EAAA0B,EACpCE,EAAAtB,OAAAqB,EAAAd,EAAAZ,oBAAAoB,GAAApB,oBAAAQ,GAAAV,GACA8B,EAAAzB,OAAAwB,EAAAvB,QAAA,MACAyB,EAAA1B,OAAA2B,iBAAAV,IACAW,EAAA,IAAAjR,WAAA,IACA,sBAAA1C,KAAA,KAAA0B,GAAA,IAAAgM,EAAAzL,UAAA,KACA,EACA,EAAA2R,MAAA,CACAC,EAAA,MAAApX,EAAA2L,MAAA,CAAAC,SAAA,OAAAyJ,iBAAA2B,GAAA,CACA7T,KAAA,OACA0B,KAAA,CAAgB1B,KAAA,UAChB,EAAK,aACLkU,EAAA,MAAArX,EAAA2L,MAAA,CAAAK,IAAA,QAAAoL,EAAA/B,iBAAA0B,IACAO,EAAA,MAAAtX,EAAA2L,MAAA,CAAAC,SAAA,OAAAyL,EAAA,CACAlU,KAAA,OACA0B,KAAA,CAAgB1B,KAAA,UAChB,EAAK,aACLoU,EAAA,OAAAvX,EAAA2L,MAAA,CAAAK,IAAA,QAAAsL,EAAAJ,EAAA,EAAA3H,KAAA,OACAiI,EAAAC,SAiCAC,CAAA,EACA,IAAApU,EAAA,IAAAqU,KAAAC,cAAA,gBACAC,QAAA,QACAC,KAAA,UACAC,MAAA,QACAC,IAAA,UACAC,KAAA,UACAC,OAAA,UACAvS,OAAA,UACAwS,SAAA,MACAC,aAAA,QACAC,OAAA,EACA,GAAKC,aAAA,CAAAZ,GACLvP,EAAA,GAAA7E,EAAAiV,IAAA,IAAAC,EAAA5E,IAAA,GAAAA,IAAAnS,MACA,OACA0G,EAAA,WACAA,EAAA,SACAA,EAAA,OACA,CAAAA,EAAA,QAAAA,EAAA,UAAAA,EAAA,WAAAzB,IAAA,MACAyB,EAAA,gBACAA,EAAA,QACA,CAAAzB,IAAA,KACA,EAvDA,IAAAxC,MACAZ,EAAA,CACAkT,EAAAjT,KAAA,KAAA0B,GAAA,IAAAgM,EAAAzL,UAAA,KACAyB,EAAA1D,KAAA,KAAA0B,GAAA,IAAAgM,EAAAzL,UAAA,QACWU,EAAgBmQ,GAC3BmB,EAAAjU,KAAA,KAAA0B,GAAA,IAAAgM,EAAAzL,UAAA,KACA,CAAAiT,IAAA,GACA7I,EAAA,IAAA3J,WAAA3C,GAAA6T,MAAA,CACAuB,EAAA,MAAA1Y,EAAA2L,MAAA,CAAAC,SAAA,OAAA2L,EAAA,CACApU,KAAA,OACA0B,KAAA,CAAgB1B,KAAA,UAChB,EAAK,aACLwV,EAAA,MAAA3Y,EAAA2L,MAAA,CAAAK,IAAA,QAAA0M,EAAA9I,GACA,OACA4H,UAAAA,EACAoB,uBAAgCjS,EAAcgS,EAC9C,CACA,CACA,SAAAtD,iBAAAO,CAAA,EACA,GAAAA,EAAA7P,MAAA,MACA,gEAEA,IAAA8S,EAAAjD,EAAA3S,KAAA,WAAqCgC,GAAA,IAAA4Q,SAAAiD,EAAA,KACrC,WAAA7S,WAAA4S,EACA,CACA,SAAA5B,iBAAA8B,CAAA,EACA,cAAA9S,WAAA8S,GAAA,CACA9T,GAAA,IAAA0Q,EAAAJ,QAAA,KAAAyD,QAAA,SACAtS,IAAA,IACA,CACA,SAAAyO,oBAAA4D,CAAA,EACA,OAAA/D,OAAA,KAAuBiC,iBAAA8B,GAAyB,EAChD,CGtHA,IAAAE,EAA4BC,EAAAC,aAAmB,CAAAhX,KAAAA,GAExC,SAASiX,wBAChB,IAAAC,EAAoB,GAAAH,EAAAI,UAAA,EAAUL,GAC9B,IAAAI,EACA,6GAEA,OAAAA,CACA,CACA,IAAAE,EAA8BL,EAAAC,aAAmB,CAAAhX,KAAAA,GAS1CqX,4BAAA,GACK,GAAAC,EAAAC,GAAA,EAAIT,EAAAU,QAAA,EAAiClY,MAAAmY,WAMjD,IAAAC,EAAAC,EAAA,CAAiD,GAAAZ,EAAAa,QAAA,EAAQ,4BACzD,CAAAC,EAAAC,EAAA,CAA6F,GAAAf,EAAAa,QAAA,EAAQ,IACrG,CAAAjT,EAAAoT,EAAA,CAAiC,GAAAhB,EAAAa,QAAA,IACjC,CAAAI,EAAAC,EAAA,CAA4C,GAAAlB,EAAAa,QAAA,IAC5CM,EAAsB,GAAAnB,EAAAoB,WAAA,EAAW,IACjCJ,EAAA,IACA,IAAAtM,EAAA,mBAAA2M,EACAA,EAAAC,GACAD,EACA,CAAoBrT,QAAAA,CAAA,CAAAE,YAAAA,CAAA,CAAAU,SAAAA,CAAA,EAAiC8F,GAAA,GAWrD,OAVA1G,GAAAE,GAAAU,EACAsS,EAAA,CACAlT,QAA6B9D,qBAAe8D,GAC5CE,YAAiChE,qBAAegE,GAChDU,SAAAA,CACA,GAGAsS,EAAAjY,KAAAA,GAEAyL,CACA,EACA,EAAK,IACL,CAAA6M,EAAAC,EAAA,CAAsC,GAAAxB,EAAAa,QAAA,IACtC,CAAAY,EAAAC,EAAA,CAA2G,GAAA1B,EAAAa,QAAA,IAC3G,CAAAc,EAAAC,EAAA,CAAwD,GAAA5B,EAAAa,QAAA,EAAQ,IAChE,CAAAgB,EAAAC,EAAA,CAAoD,GAAA9B,EAAAa,QAAA,IACpDkB,EAAkC,GAAA/B,EAAAoB,WAAA,EAAW,GAAAU,EAAA,IAC7C,IAAAE,EACA,OAAAA,EACA,IAAA7V,EAAA6V,EAAAC,SAAA,IAAA/W,EAAA2O,YAAA,GAAAqI,EAAArI,YAAA,SACA,KAAA1N,EACA6V,GAEAA,CAAA,CAAA7V,EAAA,EAAyB,GAAA6V,CAAA,CAAA7V,EAAA,IAAA+V,CAAA,EACzB,IAAAF,EAAA,CACA,GAAK,IACLG,EAAkC,GAAAnC,EAAAoB,WAAA,EAAW,GAAAU,EAAA,GAAAE,GAAAhT,OAAA,GAAA6K,IAAAuI,EAAAvI,YAAA,OAC7C,CAAAwI,EAAAC,EAAA,CAA0D,GAAAtC,EAAAa,QAAA,IAC1D,CAAA0B,EAAAC,EAAA,CAAwD,GAAAxC,EAAAa,QAAA,IACxD,CAAA4B,EAAAC,EAAA,CAAoE,GAAA1C,EAAAa,QAAA,EAAQ,IAC5E,CAAA8B,EAAAC,EAAA,CAA0D,GAAA5C,EAAAa,QAAA,EAAQ,GAG9D,GAAAb,EAAA6C,SAAA,EAAS,KACbrB,EAAAvY,KAAAA,GACA,IAAA6Z,EAA0B9M,eAAc,CACxCnB,SAAA+L,EACAxN,SAAA,GAAkCzF,YAAWC,GAAAoD,IAAA,KAAAmQ,EAAAvT,GAC7C,GAEA,OADAkV,EAAA7M,QAAA,CAAAnC,KAAA,CAAA0N,GACAsB,EAAA5S,KAAA,EACK,CAAAiR,EAAA,EACL,IAAA4B,EAAiBhQ,EAASgC,QAAA,CAAA4L,GAE1BrS,EAAAV,GAAAU,aACA0U,EAAApV,GAAAgB,UAAAqU,UACI,GAAAjD,EAAA6C,SAAA,EAAS,KACb,GAAAvU,EAAA,CACA,IAAA4B,EAAA,IAAA8E,gBAYA,OAXYhC,gBAAe,CAC3B9C,MAAAA,EAAAG,MAAA,CACA+C,SAAA,GAAAsB,GACoB/G,YAAW+G,GAAA1D,IAAA,KAAAmQ,EAAA,KAAgD,GAAAvT,CAAA,IAAA8G,CAAA,KAC/ErB,eAAAmP,CACA,GACA1O,KAAA,KACA,IAAwB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAClCnE,IAAA,oCAAA4C,EACA,GACAmJ,OAAA,KAAAmP,EAAA,KACA,IAAApS,EAAAA,KAAA,EACA,CACA,EAAK,CAAAiR,EAAA7S,EAAA0U,EAAA,GAGLpV,GACA,EAAAI,OAAA,EAAAJ,EAAAM,WAAA,EAAAN,EAAAgB,QAAA,EACA2T,GACAF,GACQxO,cAAa,CACrBT,SAAA,GAAAsB,GACgB/G,YAAW+G,GAAA1D,IAAA,KAAAmQ,EAAA,KAAgD,GAAAvT,CAAA,IAAA8G,CAAA,KAC3ErB,eAAAmP,CACA,GAAS1O,KAAA,MACTqN,EAAAlY,KAAAA,EACA,GAGI,GAAA+W,EAAA6C,SAAA,EAAS,KACL3T,yBACR8B,IAAA,CAAAmQ,GACArN,KAAA,KACA,IAAoB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAC9BnE,IAAA,0CAAA4C,EACA,GACAmJ,OAAA,KAAA4N,EAAA,IACA,EAAK,CAAAI,EAAA,EAED,GAAAnB,EAAA6C,SAAA,EAAS,KACb,uBAAAxK,oBAAA,CACA,IAAA6K,EAAA,IAAAlO,gBACAqD,oBAAA8K,6CAAA,GACAnS,IAAA,KACAkS,EAAA7S,MAAA,CAAAiD,OAAA,EACAoO,EAAAhY,GAEA,IAAAwZ,EAAAhT,KAAA,KAEA4D,KAAA,KACA,IAAwB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAClCnE,IAAA,+EAAA4C,EACA,EACA,MAEA0X,EAAA,GAEA,EAAK,IACL,IAAA0B,EAA8B,GAAApD,EAAAoB,WAAA,EAAW,GACzC,EACA,GAAAnJ,CAAA,CACA8K,KAAA,GACAb,OAAA,MAAAA,IACAH,EAAA,CACAlI,aAAA5B,EAAA4B,YAAA,CACAkJ,KAAA,EACA,GACuBjJ,sBAAqB,CAC5C,GAAAoI,CAAA,CACArI,aAAA5B,EAAA4B,YAAA,GAEA/F,KAAA,KAKA,MAJAiO,EAAA,CACAlI,aAAA5B,EAAA4B,YAAA,CACAkJ,KAAA,EACA,GACA/Y,CACA,GACAgH,IAAA,KAAA+Q,EAAA,CACA,GAAAG,CAAA,CACArI,aAAA5B,EAAA4B,YAAA,CACAkJ,KAAA,EACA,KAEAra,OAAA,UACAqZ,EAAA,CACAlI,aAAA5B,EAAA4B,YAAA,CACAkJ,KAAA,EACA,GACuBnJ,sBAAqB,CAC5CC,aAAA5B,EAAA4B,YAAA,GAEA/F,KAAA,KAKA,MAJAiO,EAAA,CACAlI,aAAA5B,EAAA4B,YAAA,CACAkJ,KAAA,EACA,GACA/Y,CACA,GACAgH,IAAA,KAAAmR,EAAAlK,EAAA4B,YAAA,GAEA,GACK,CAAAsI,EAAAJ,EAAA,EAELsB,EAAyB,GAAArD,EAAAsD,OAAA,EAAO,IAEhCrC,GAAAA,EAAArS,QAAA,CAAA8E,OAAA,IAAA1I,KAAAC,GAAA,GACA,YACAgW,GAAAoB,CAAAA,GAAAE,CAAA,EACA,qBACkBxP,EAClB/D,MAAA,gDAAA+F,QAAA,CAAAiN,IACAjN,QAAA,CAAA4L,GACA,aACAG,GACAH,6BAAAA,EACA,WACAA,gBAAAA,EACA,cACA,gBACK,CACLM,EACAoB,EACAE,EACA5B,EACAG,EACA6B,EACA,EAEI,GAAA3C,EAAA6C,SAAA,EAAS,KACb,IAAAjV,GAAAgB,SACA,OACA,IAAA2U,EAAA3V,EAAAgB,QAAA,CAAA8E,OAAA,GAAA1I,KAAAC,GAAA,GACA,IAAAsY,CAAAA,EAAA,GAEA,OAAe3Y,oBAAmB,KAClC,IAAoBxD,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAC9BnE,IAAA,mDAAAwG,EAAAgB,QAAA,EAAAC,eACA+T,EAAA,GAAAhF,EAAA,EACA,EAAS2F,EACT,EAAK,CAAA3V,GAAAgB,SAAA,EAEL,IAAA4U,EAAAH,cAAAA,EAkBA,MADI,GAAArD,EAAA6C,SAAA,EAhBJ,KACA,IAAAK,EAAA,IAAAlO,gBACA,GAAAwO,EAWA,OAVYhK,uBACZxI,IAAA,KACAkS,EAAA7S,MAAA,CAAAiD,OAAA,EACAwO,EAAApY,EAAA+P,cAAA,CAAA1N,GAAA,CAAAqX,GAEA,GACAtP,KAAA,KACA,IAAwB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAClCnE,IAAA,8BAAA4C,EACA,GACA,IAAAkZ,EAAAhT,KAAA,EAEA,EACa,CAAAsT,EAAAJ,EAAA,EACb,CAEAxV,OAAAA,EAEAqT,aAAAA,EAEAsB,mBAAAA,EAEA1O,cAAA,GAAkCA,cAAa,CAC/C3D,MAAAA,EACAkD,SAAA,GAAAsB,GACgB/G,YAAW+G,GAAA1D,IAAA,KAAAmQ,EAAA,KAAgD,GAAAvT,CAAA,IAAA8G,CAAA,KAC3ErB,eAAAmP,CACA,GAEAjB,UAAAA,EAEAZ,gBAAAA,EAEAoC,KAAAA,EAMAM,aAAAA,EAEA5B,4CAAAA,EAEAI,iBAAAA,EAEAF,mBAAAA,EAEA3K,sBAAA,IAAA/D,KACA2O,EAAA,IACmB5K,yBAAqB/D,GACxCjC,IAAA,KACA8Q,EAAA,IACA,IAAA7J,EAAAmL,EAAAK,GACA,OAAAzB,EAAAA,EAAA0B,MAAA,EAAAzL,EAAA,GAAAA,EAAA,GAEAwL,IAEAtQ,OAAA,KAAAyO,EAAA,MAGAjN,QAAA,KACA6M,EAAAvY,KAAAA,GACA,IAAA0a,EAA+BhP,QAAO,CACtCE,SAAA+L,EACA1L,uBAAA,KACAiM,EAAAlY,KAAAA,GACAiY,EAAAjY,KAAAA,GACA6Y,EAAA7Y,KAAAA,EACA,EACA2L,cAAA+L,CACA,GAEA,OADAgD,EAAA1O,SAAA,CAAAnB,KAAA,CAAA0N,GACAmC,CACA,EAEAxO,kBAAA,EAA8BpH,SAAAA,CAAA,CAAAqH,YAAAA,CAAA,CAAwB,IACtDoM,EAAAvY,KAAAA,GACA,IAAA2a,EAA+BzO,kBAAiB,CAChDpH,SAAAA,EACAqH,YAAAA,EACAP,SAAA+L,EACAhM,cAAA+L,CACA,GAEA,OADAiD,EAAAvO,mBAAA,CAAAvB,KAAA,CAAA0N,GACAoC,CACA,EAEAC,sBAAA,EAAkC9V,SAAAA,CAAA,CAAAoK,YAAAA,CAAA,CAAAlI,eAAAA,CAAA,EAAyC,EAAI,IAC/EuR,EAAAvY,KAAAA,GACA,IAAA6a,EAA6BD,SJ9DtB,CAAiC9V,SAAAA,CAAA,CAAAoK,YAAAA,CAAA,CAAA/E,SAAAA,CAAA,CAAAyB,SAAAA,CAAA,CAAAD,cAAAA,CAAA,CAAA3E,eAAAA,CAAA,CAAA8T,iBAAAA,EAAAvJ,kBAAA,CAAkH,EAC1J,GAAA5F,GAAyB7B,EAASgC,QAAA,CAAAH,GAClC,6CAAyDA,EAAc,GAEvE,IAAA1E,EAAA,IAAA8E,gBACAiB,EAAA,eAMA+N,EAAA5S,EALA,IAAgBhK,MAAAA,CAAA,CAAA8P,MAAAA,CAAA,EAAiB,GAAArQ,EAAA0E,EAAA,IACjC,IAAA2L,EACA,oCAEArC,IAAA,+BAEA,IACA,GAAA9G,EAAA,CACA3G,IAAA,6BACA,IAAA2O,EAAA,MAA+CjG,aAAY,CAC3DC,SAAA,cACAC,eAAA,CACAc,SAAA/C,CACA,EACAmC,MAAAA,EAAAG,MAAA,GAIA,GAFAjJ,IAAA,8BAAA2O,GACgBxG,0BAAyBwG,GACzC,CAAAA,EAAAT,mBAAA,CAAA2O,YAAA,CACA,qDAEA,IAAAA,EAAA1Z,KAAAC,KAAA,CAAAuL,EAAAT,mBAAA,CAAA2O,YAAA,EACAlK,qBAAAkK,GACA7c,IAAA,wCAAA6c,GACAD,EAAA,MAAAD,EAAA,CACA,GAAAE,CAAA,CACAhK,eAAA/C,EAAAI,EAAA,EAAAC,IAAA0M,EAAAhK,cAAA,CACAtC,QAAAT,EAAAS,OAAA,EAAAsM,EAAAtM,OAAA,CACAuC,iBAAAhD,EAAAO,sBAAA,EAAAyC,kBACA+J,EAAA/J,gBAAA,CACA/B,YAAA,CAAA8L,EAAA9L,WAAA,MAAAuL,MAAA,CAAAvL,GAAAnJ,OAAA,IAAAiV,EAAA9L,WAAA,EAAAkH,KAAA,GAAA6E,EAAA3M,EAAA,GAAA4M,EAAA5M,EAAA,OACA,GACAnG,EAAA2E,EAAAzE,OAAA,KAEA,CACAlK,IAAA,wCACA,IAAA6c,EAAA,MAAAtI,qCAUA,GATA5B,qBAAAkK,GACA7c,IAAA,6CAAA6c,GAQA,CAAAD,CAPAA,EAAA,MAAAD,EAAA,CACA,GAAAE,CAAA,CACAhK,eAAA/C,EAAAI,EAAA,EAAAC,IAAA0M,EAAAhK,cAAA,CACAtC,QAAAT,EAAAS,OAAA,EAAAsM,EAAAtM,OAAA,CACAuC,iBAAAhD,EAAAO,sBAAA,EAAAyC,kBACA+J,EAAA/J,gBAAA,EACiB,EACjBqB,aAAA,CACA,qDAIA,GAAAxN,CAFAA,EAAA,IAAAtD,cAAAC,MAAA,CAAoDC,EAAmBqZ,EAAAzI,aAAA,IAEvEzF,UAAA,OAEA,MADA1O,IAAA,oKACA,qDAGA2G,EAAAA,EAAAkL,OAAA,YACA7R,IAAA,uDAA+E2G,EAAA,OAAU,EAAQiW,EAAAzI,aAAA,CAA8B,IAC/HnU,IAAA,6BACA,IAAA2O,EAAA,MAA+CjG,aAAY,CAC3DC,SAAA,cACAC,eAAA,CACAc,SAAA/C,CACA,EACAmC,MAAAA,EAAAG,MAAA,GAEAjJ,IAAA,8BAAA2O,GACgBxG,0BAAyBwG,GACzC3E,EAAA2E,EAAAzE,OAAA,CAEAuD,IAAA,iCACAzN,IAAA,uCACA,IAAAgN,EAAA,MAAqCnD,uBAAsB,CAC3DC,cAAA,mBACAC,mBAAA,CACAoB,OAAAhI,KAAAgE,SAAA,CAAAyV,GACAlT,SAAA/C,CACA,EACAkC,eAAA,CACA,GAAAA,CAAA,CACAsF,aAAA,OACA,EACAnE,QAAAA,EACAlB,MAAAA,EAAAG,MAAA,GAEYX,8BAA6B0E,GACzChN,IAAA,wCAAAgN,GACA,IAAAxG,EAAA,CACAM,YAAAkG,EAAArC,oBAAA,CAAAE,WAAA,CACAjE,QAAAoG,EAAArC,oBAAA,CAAAC,OAAA,CACA1D,aAAA8F,EAAArC,oBAAA,CAAAI,YAAA,CACAvD,SAAA,IAAA5D,KAAAA,KAAAC,GAAA,GAAAmJ,IAAAA,EAAArC,oBAAA,CAAAG,SAAA,EACAnE,SAA0B7D,qBAAekK,EAAArC,oBAAA,CAAAC,OAAA,uBAMzC,OAJAoB,EACA,MAAAA,EAAAxF,GACA,MAAwB4G,gBAAe,CAAG5G,OAAAA,EAAAsC,MAAAA,EAAAG,MAAA,GAC1CwE,IAAA,wBACAjH,CACA,CACA,MAAA5D,EAAA,CAEA,MADA6K,IAAA,uBACA7K,CACA,CACA,KACA,OACAiM,SAAAA,EACA/F,MAAA,IAAAA,EAAAA,KAAA,EACA,CACA,EIrDkD,CAClDnC,SAAAA,EACAoK,YAAAA,EACAlI,eAAAA,EACA4E,SAAA+L,EACAxN,SAAA,GAAsCzF,YAAWC,GAAAoD,IAAA,KAAAmQ,EAAAvT,GACjD,GAEA,OADAkW,EAAA7N,QAAA,CAAAnC,KAAA,CAAA0N,GACAsC,CACA,EAEAM,oBAAA,EAAgCrW,SAAAA,CAAA,CAAAmP,SAAAA,CAAA,CAAAtL,WAAAA,CAAA,CAAA3B,eAAAA,CAAA,CAAiD,IACjFuR,EAAAvY,KAAAA,GACA,IAAA6a,EAA6BM,SH/LtB,CAA+BrW,SAAAA,CAAA,CAAAmP,SAAAA,CAAA,CAAAtL,WAAAA,CAAA,CAAAC,YAAAA,CAAA,CAAAC,sBAAAA,CAAA,CAAA/B,SAAAA,EAAA,gBAAAqD,SAAAA,CAAA,CAAAyB,SAAAA,CAAA,CAAA5E,eAAAA,CAAA,CAAqI,EAC3K,IAAYzI,WAAAA,CAAA,CAAAJ,MAAAA,CAAA,EAAsB,GAAAP,EAAA0E,EAAA,IAClC,IAAA/D,EACA,6CAEA,IAAA0I,EAAA,IAAA8E,gBACAiB,EAAA,WACA,IACApB,IAAA,4BACA,IAAAgI,EAAAwH,WAxGA,IAAYvd,OAAAA,CAAA,EAAW,GAAAD,EAAA0E,EAAA,IACvB+Y,EAAA,IAAAvX,WAAA,KAEA,OADAjG,EAAAyd,eAAA,CAAAD,GACArI,oBAAAqI,EAAArG,MAAA,CACA,IAqGAlB,EAAA,MAAAH,mBAAAC,GACAzV,IAAA,6BACA,IAAAwQ,EAAA,MAAoC9H,aAAY,CAChDC,SAAAA,EACAC,eAAA,CACAwU,MAAAzH,EACAjM,SAAA/C,EACA0W,eAAA,OACA,EACAxU,eAAAA,EACAC,MAAAA,EAAAG,MAAA,GAEAjJ,IAAA,8BAAAwQ,GACYrI,0BAAyBqI,GACrC,IAAoB8M,KAAAC,CAAA,CAAAC,MAAA5H,CAAA,CAAA6H,aAAAC,CAAA,CAAAC,gBAAAC,CAAA,EAA8FpN,EAAAtC,mBAAA,CAClH,CAAoBoK,uBAAAA,CAAA,CAAApB,UAAAA,CAAA,EAAoC,MAAAxB,sBAAA,CACxDD,OAAAA,EACAE,UAAAA,EACAC,QAAAA,EACAC,KAAA0H,EACA5W,SAAAiX,EACAxd,WAAAA,EACA0V,SAAAA,EACAC,YAAA2H,CACA,GACA1d,IAAA,uCACA,IAAAgN,EAAA,MAAqCnD,uBAAsB,CAC3DC,cAAA0G,EAAAhI,aAAA,CACAuB,mBAAA,CACAL,SAAA/C,EACAkX,4BAAAH,EACAI,UAAA5G,EACA6G,yBAAAzF,CACA,EACAzP,eAAAA,EACAmB,QAAAwG,EAAAtG,OAAA,CACApB,MAAAA,EAAAG,MAAA,GAEAjJ,IAAA,wCAAAgN,GACA,IAAAxG,EAAA,MAAiC8D,mBAAkB,CACnDC,aAAAyC,EACArG,SAAAA,EACA6D,WAAAA,EACAC,YAAAA,EACAC,sBAAAA,EACA7B,eAAAA,EACAC,MAAAA,EAAAG,MAAA,GAMA,OAJA+C,EACA,MAAAA,EAAAxF,GACA,MAAwB4G,gBAAe,CAAG5G,OAAAA,EAAAsC,MAAAA,EAAAG,MAAA,GAC1CwE,IAAA,2BACAjH,CACA,CACA,MAAA5D,EAAA,CAEA,MADA6K,IAAA,0BACA7K,CACA,CACA,KACA,OACAiM,SAAAA,EACA/F,MAAA,IAAAA,EAAAA,KAAA,EACA,CACA,EGsHgD,CAChDnC,SAAAA,EACAmP,SAAAA,EACAtL,WAAAA,EACA3B,eAAAA,EACA4E,SAAA+L,EACAxN,SAAA,GAAsCzF,YAAWC,GAAAoD,IAAA,KAAAmQ,EAAAvT,GACjD,GAEA,OADAkW,EAAA7N,QAAA,CAAAnC,KAAA,CAAA0N,GACAsC,CACA,EAEAsB,kCAAA,EAA8CrX,SAAAA,CAAA,CAAAmP,SAAAA,CAAA,CAAAtL,WAAAA,CAAA,CAAA3B,eAAAA,CAAA,CAAiD,IAC/FuR,EAAAvY,KAAAA,GACA,IAAA6a,EAA6BsB,SFrWtB,CAA6CrX,SAAAA,CAAA,CAAAmP,SAAAA,CAAA,CAAAtL,WAAAA,CAAA,CAAAC,YAAAA,CAAA,CAAAuB,SAAAA,CAAA,CAAAyB,SAAAA,CAAA,CAAA5E,eAAAA,CAAA,CAAkF,EACtI,IAAYzI,WAAAA,CAAA,CAAAJ,MAAAA,CAAA,EAAsB,GAAAP,EAAA0E,EAAA,IAClC,IAAA/D,EACA,6CAEA,IAAA0I,EAAA,IAAA8E,gBACAiB,EAAA,WACA,IACApB,IAAA,4BACAzN,IAAA,6BACA,IAAAuK,EAAA,MAAuC7B,aAAY,CACnDC,SAAA,qBACAC,eAAA,CAAkCc,SAAA/C,EAAAsX,SAAAnI,CAAA,EAClCjN,eAAAA,CACA,GACA7I,IAAA,8BAAAuK,GACA,IAAA/D,EAAA,MAAiC8D,mBAAkB,CACnDC,aAAAA,EACA5D,SAAAA,EACA6D,WAAAA,EACAC,YAAAA,EACA5B,eAAAA,EACAC,MAAAA,EAAAG,MAAA,EAEA+C,CAAAA,EACA,MAAAA,EAAAxF,GACA,MAAwB4G,gBAAe,CAAG5G,OAAAA,EAAAsC,MAAAA,EAAAG,MAAA,GAC1CwE,IAAA,0BACA,CACA,MAAA7K,EAAA,CAEA,MADA6K,IAAA,0BACA7K,CACA,CACA,KACA,OACAiM,SAAAA,EACA/F,MAAA,IAAAA,EAAAA,KAAA,EACA,CACA,EE+T8D,CAC9DnC,SAAAA,EACAmP,SAAAA,EACAtL,WAAAA,EACA3B,eAAAA,EACA4E,SAAA+L,EACAxN,SAAA,GAAsCzF,YAAWC,GAAAoD,IAAA,KAAAmQ,EAAAvT,GACjD,GAEA,OADAkW,EAAA7N,QAAA,CAAAnC,KAAA,CAAA0N,GACAsC,CACA,EAEAwB,+BAAA,EAA2CvX,SAAAA,CAAA,CAAA6D,WAAAA,CAAA,CAAA3B,eAAAA,CAAA,CAAuC,IAClFuR,EAAAvY,KAAAA,GACA,IAAA6a,EAA6BwB,SDhXtB,CAA0CvX,SAAAA,CAAA,CAAA6D,WAAAA,CAAA,CAAAwB,SAAAA,CAAA,CAAAyB,SAAAA,CAAA,CAAAD,cAAAA,CAAA,CAAA3E,eAAAA,CAAA,CAA0E,EAC3H,GAAA2E,GAAyB7B,EAASgC,QAAA,CAAAH,GAClC,6CAAyDA,EAAc,GAEvE,IAAA1E,EAAA,IAAA8E,gBACAiB,EAAA,WACA,IAAgB7O,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAC1BsJ,IAAA,uBACA,QAKAzD,EAYAmU,EACAnR,EAjBA,IAAoBlG,YAAAA,CAAA,EAAc,MAASgB,0BAAc,GACzD,IAAAhB,EACA,oFAGA9G,IAAA,6BACA,IAAA2O,EAAA,MAA2CjG,aAAY,CACvDC,SAAA,cACAC,eAAA,CACAc,SAAA/C,CACA,EACAmC,MAAAA,EAAAG,MAAA,GAEAjJ,IAAA,8BAAA2O,GACYxG,0BAAyBwG,GACrC3E,EAAA2E,EAAAzE,OAAA,CAGAyE,4BAAAA,EAAAT,mBAAA,CAAAsC,SAAA,EAEAxQ,IAAA,uCACAgN,EAAA,MAAmCnD,uBAAsB,CACzDC,cAAA,mBACAC,mBAAA,CACAoB,OAAA,YACAzB,SAAA/C,CACA,EACAkC,eAAA,CACA,GAAAA,CAAA,CACAsF,aAAA,gBACA,EACAnE,QAAAA,EACAlB,MAAAA,EAAAG,MAAA,GAEgBd,0BAAyB6E,GACzChN,IAAA,wCAAAgN,GACAhD,EAAAgD,EAAA9C,OAAA,CACAiU,EAAAnR,EAAAkB,mBAAA,CAAAkQ,WAAA,EAGAD,EAAAxP,EAAAT,mBAAA,CAAAkQ,WAAA,CAEA,IAAAC,EAAA,EACA,OAAmB,CACnB,IAAAC,EAAA,MAAA9T,EAAA2T,EAAAE,GAmBA,GAlBAre,IAAA,uCACAgN,EAAA,MAAmCnD,uBAAsB,CACzDC,cAAA,mBACAC,mBAAA,CACAoB,OAAAhI,KAAAgE,SAAA,EACApE,IAAA+D,EACAwX,WAAAA,CACA,GACA5U,SAAA/C,CACA,EACAkC,eAAA,CACA,GAAAA,CAAA,CACAsF,aAAA,gBACA,EACAnE,QAAAA,EACAlB,MAAAA,EAAAG,MAAA,GAEAjJ,IAAA,wCAAAgN,GACA,CAAqB9E,oBAAmB8E,GACxC,MAEAhD,EAAAgD,EAAA9C,OAAA,CACAmU,GACA,CACY/V,8BAA6B0E,GACzChN,IAAA,wCAAAgN,GACA,IAAAxG,EAAA,CACAM,YAAAkG,EAAArC,oBAAA,CAAAE,WAAA,CACAjE,QAAAoG,EAAArC,oBAAA,CAAAC,OAAA,CACA1D,aAAA8F,EAAArC,oBAAA,CAAAI,YAAA,CACAvD,SAAA,IAAA5D,KAAAA,KAAAC,GAAA,GAAAmJ,IAAAA,EAAArC,oBAAA,CAAAG,SAAA,EACAnE,SAA0B7D,qBAAekK,EAAArC,oBAAA,CAAAC,OAAA,uBAMzC,OAJAoB,EACA,MAAAA,EAAAxF,GACA,MAAwB4G,gBAAe,CAAG5G,OAAAA,EAAAsC,MAAAA,EAAAG,MAAA,GAC1CwE,IAAA,sBACAjH,CACA,CACA,MAAA5D,EAAA,CAEA,MADA6K,IAAA,0BACA7K,CACA,CACA,KACA,OACAiM,SAAAA,EACA/F,MAAA,IAAAA,EAAAA,KAAA,EACA,CACA,EC0Q2D,CAC3DnC,SAAAA,EACA6D,WAAAA,EACA3B,eAAAA,EACA4E,SAAA+L,EACAxN,SAAA,GAAsCzF,YAAWC,GAAAoD,IAAA,KAAAmQ,EAAAvT,GACjD,GAEA,OADAkW,EAAA7N,QAAA,CAAAnC,KAAA,CAAA0N,GACAsC,CACA,EAEArB,yBAAAA,EAEAkD,+BAAwC,GAAA3F,EAAAoB,WAAA,EAAW,IAAAsB,EAAA,IAAAV,GAAA,GACnD,CACA,IArWiD4D,SAAA9Q,EAAA+Q,oBAAA,CAAmE,GAAAtF,EAAAC,GAAA,EAAIsF,8BAAA,CAAkCF,SAAA9Q,EAAA8Q,QAAA,GAA0B9Q,EAAA8Q,QAAA,GAEpLE,8BAAA,GACY,GAAAvF,EAAAC,GAAA,EAAIH,EAAAI,QAAA,EAAmClY,MAAAwd,WA8XnD,IAAY9E,aAAAA,CAAA,CAAAU,mBAAAA,CAAA,CAAAE,iBAAAA,CAAA,CAAAlB,gBAAAA,CAAA,EAAyET,wBACrFlS,EAAAiT,GAAAjT,QACAgY,EAAAnE,GAAA,EAAAA,EAAAhV,MAAA,CACAoZ,EAAAtF,wBAAAA,EACA,CAAAuF,EAAAC,EAAA,CAAsD,GAAAnG,EAAAa,QAAA,IACtD,CAAAuF,EAAAC,EAAA,CAA0C,GAAArG,EAAAa,QAAA,IAC1C,CAAAyF,EAAAC,EAAA,CAAgE,GAAAvG,EAAAa,QAAA,IAE5D,GAAAb,EAAA6C,SAAA,EAAS,KACb2D,uBACAxV,IAAA,CAAAmV,GACArS,KAAA,KACA,IAAoB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAC9BnE,IAAA,4CAAA4C,EACA,EACA,EAAK,IAED,GAAAgW,EAAA6C,SAAA,EAAS,KACb,IAAA7U,EAAA,CACAqY,EAAApd,KAAAA,GACA,MACA,CACA,IAAA4O,EAAA,CACA9J,SAAAC,CAAA,qBACAF,MAAAE,EAAAF,KAAA,EAAAE,EAAAyY,cAAA,CAAAzY,EAAAF,KAAA,CAAA7E,KAAAA,CACA,EACA,GAAAid,EAAA,CACA,IAAAQ,EAAAR,EAAA7G,IAAA,IAAAsH,EAAA5Y,QAAA,EAAA4Y,EAAA5Y,QAAA,GAAAC,CAAA,sBACA0Y,IACA7O,EAAA+O,OAAA,CAAAF,EAAAE,OAAA,CACA/O,EAAAM,WAAA,CAAAuO,EAAAvO,WAAA,CACAnK,EAAAyY,cAAA,EACA5O,CAAAA,EAAA/J,KAAA,CAAA4Y,EAAA5Y,KAAA,EAGA,CACAuY,EAAA,GAAA9b,KAAAgE,SAAA,CAAAyT,KAAAzX,KAAAgE,SAAA,CAAAsJ,GAAAmK,EAAAnK,EACA,EAAK,CAAAqO,EAAAlY,EAAA,EAED,GAAAgS,EAAA6C,SAAA,EAAS,KACbuD,IACAS,qBAAAT,GAAAtS,KAAA,KACA,IAAwB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAClCnE,IAAA,0CAAA4C,EACA,GACAmc,EAAA,IACA,IAAAjE,EAAA,CAAAkE,EAAA,CACA,QAAAvO,KAAAmK,GAAA,GACAnK,EAAA9J,QAAA,GAAAqY,EAAArY,QAAA,EACAmU,EAAA3U,IAAA,CAAAsK,GAGA,OAAAtN,KAAAgE,SAAA,CAAAyT,KAAAzX,KAAAgE,SAAA,CAAA2T,GACAF,EACAE,CACA,GAEA,EAAK,CAAAkE,EAAA,EACL,IAAAU,EAA0B,GAAA9G,EAAAoB,WAAA,EAAW,IACrC,IAAgBlK,MAAAA,CAAA,EAAU,GAAArQ,EAAA0E,EAAA,WAC1B,EAGAya,KAAA/c,IAAA+c,EACA,gBAEAM,IAGAzO,OAAAA,EAAA+O,OAAA,CACA,EACA,MAEA,KAEA,EACA,MAEAjF,EACA9J,EAAA+O,OAAA,kBAEA,OApBA,IAqBA,EAAK,CACLjF,EACAqE,EACAM,EACAL,EACA,EA2BA,MAzBI,GAAAjG,EAAA6C,SAAA,EAAS,KACb,GAAAuD,EAAA,CACA,IAAAQ,EAAAE,EAAAV,EACA,mBAAAQ,GAEAP,EAAA,IACA,IAAAnE,EAAA,CACA,GAAAkE,CAAA,CACAQ,QAAAA,EACAzO,YAAA0J,GAAA9V,IAAA,KACAwL,GAAAQ,EAAA8B,YAAA,CACAS,WAAAvC,EAAAuC,UAAA,CACA,EACA,EACA,OAAA/P,KAAAgE,SAAA,CAAAyT,KAAAzX,KAAAgE,SAAA,CAAA2T,GACAF,EACAE,CACA,EACA,CACA,EAAK,CAAAkE,EAAAU,EAAAjF,EAAA,EAED,GAAA7B,EAAA6C,SAAA,EAAS,KACbuD,GACAG,EAAAtd,KAAAA,EACA,EAAK,CAAAmd,EAAA,EACL,CAEAA,YAAAA,EAEAW,qBAAA,EAAiCH,QAAAA,CAAA,CAAS,IAC1CL,EAAAK,EACA,EAEAV,kBAAAA,EAEAc,uBAAA,KACAA,yBAAAlT,KAAA,KACA,IAAwB1M,MAAAA,CAAA,EAAU,GAAAP,EAAA0E,EAAA,IAClCnE,IAAA,wCAAA4C,EACA,GACAmc,EAAAld,KAAAA,EACA,CACA,CACA,IAlgBmD2c,SAAA9Q,EAAA8Q,QAAA,GAoWnD,eAAAY,uBACA,IAAY3e,SAAAA,CAAA,CAAAb,QAAAA,CAAA,EAAsB,GAAAH,EAAA0E,EAAA,IAClC0b,EAAA,MAAAjgB,EAAAmB,OAAA,iBAA4DN,EAAS,aACrE,IAAAof,EACA,SACA,IAAAC,EAAA3c,KAAAC,KAAA,CAAAyc,GACA,OAAAC,CACA,CAEA,eAAAF,yBACA,IAAYnf,SAAAA,CAAA,CAAAb,QAAAA,CAAA,EAAsB,GAAAH,EAAA0E,EAAA,GAClC,OAAAvE,EAAAyB,UAAA,iBAA6CZ,EAAS,YACtD,CAEA,eAAAgf,qBAAAhP,CAAA,EACA,IAAYhQ,SAAAA,CAAA,CAAAT,MAAAA,CAAA,CAAAJ,QAAAA,CAAA,EAA6B,GAAAH,EAAA0E,EAAA,IACzCnE,IAAA,gCAA4CmD,KAAAgE,SAAA,CAAAsJ,GAAqB,GACjE,IAAAoP,EAAA,MAAAT,uBACAra,EAAA8a,EAAAhF,SAAA,IAAA0E,EAAA5Y,QAAA,GAAA8J,EAAA9J,QAAA,CACA,MAAA5B,GACA8a,EAAAE,MAAA,CAAAhb,EAAA,GAEA8a,EAAAG,OAAA,CAAAvP,GACA,MAAA7Q,EAAAsB,OAAA,iBAA0CT,EAAS,YAAA0C,KAAAgE,SAAA,CAAA0Y,EAAA5Q,KAAA,QACnD","sources":["webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/config.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/util.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/storage.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/cognito-api.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/model.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/refresh.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/common.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/magic-link.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/fido2.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/srp.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/plaintext.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/sms-otp-stepup.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/react/hooks.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/react/components.js","webpack://_N_E/./node_modules/amazon-cognito-passwordless-auth/dist/client/react/index.js","webpack://_N_E/"],"sourcesContent":["/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nlet config_ = undefined;\nexport function configure(config) {\n if (config) {\n config_ = {\n ...config,\n crypto: config.crypto ?? Defaults.crypto,\n storage: config.storage ?? Defaults.storage,\n fetch: config.fetch ?? Defaults.fetch,\n location: config.location ?? Defaults.location,\n history: config.history ?? Defaults.history,\n };\n config_.debug?.(\"Configuration loaded:\", config);\n }\n else {\n if (!config_) {\n throw new Error(\"Call configure(config) first\");\n }\n }\n return config_;\n}\nexport function configureFromAmplify(amplifyConfig) {\n const { region, userPoolId, userPoolWebClientId } = isAmplifyConfig(amplifyConfig)\n ? amplifyConfig.Auth\n : amplifyConfig;\n if (typeof region !== \"string\") {\n throw new Error(\"Invalid Amplify configuration provided: invalid or missing region\");\n }\n if (typeof userPoolId !== \"string\") {\n throw new Error(\"Invalid Amplify configuration provided: invalid or missing userPoolId\");\n }\n if (typeof userPoolWebClientId !== \"string\") {\n throw new Error(\"Invalid Amplify configuration provided: invalid or missing userPoolWebClientId\");\n }\n configure({\n cognitoIdpEndpoint: region,\n userPoolId,\n clientId: userPoolWebClientId,\n });\n return {\n with: (config) => {\n return configure({\n cognitoIdpEndpoint: region,\n userPoolId,\n clientId: userPoolWebClientId,\n ...config,\n });\n },\n };\n}\nfunction isAmplifyConfig(c) {\n return !!c && typeof c === \"object\" && \"Auth\" in c;\n}\nclass MemoryStorage {\n constructor() {\n this.memory = new Map();\n }\n getItem(key) {\n return this.memory.get(key);\n }\n setItem(key, value) {\n this.memory.set(key, value);\n }\n removeItem(key) {\n this.memory.delete(key);\n }\n}\nexport class UndefinedGlobalVariableError extends Error {\n}\nclass Defaults {\n static getFailingProxy(expected) {\n const message = `\"${expected}\" is not available as a global variable in your JavaScript runtime, so you must configure it explicitly with Passwordless.configure()`;\n return new Proxy((() => undefined), {\n apply() {\n throw new UndefinedGlobalVariableError(message);\n },\n get() {\n throw new UndefinedGlobalVariableError(message);\n },\n });\n }\n static get storage() {\n return typeof globalThis.localStorage !== \"undefined\"\n ? globalThis.localStorage\n : new MemoryStorage();\n }\n static get crypto() {\n if (typeof globalThis.crypto !== \"undefined\")\n return globalThis.crypto;\n return Defaults.getFailingProxy(\"crypto\");\n }\n static get fetch() {\n if (typeof globalThis.fetch !== \"undefined\")\n return globalThis.fetch;\n return Defaults.getFailingProxy(\"fetch\");\n }\n static get location() {\n if (typeof globalThis.location !== \"undefined\")\n return globalThis.location;\n return Defaults.getFailingProxy(\"location\");\n }\n static get history() {\n if (typeof globalThis.history !== \"undefined\")\n return globalThis.history;\n return Defaults.getFailingProxy(\"history\");\n }\n}\n","import { configure } from \"./config.js\";\nexport async function throwIfNot2xx(res) {\n if (res.ok) {\n return res;\n }\n const detail = (await res.json());\n let message = detail.message;\n if (detail.__type === \"UserLambdaValidationException\") {\n const match = detail.message.match(/^.+failed with error (.+)$/);\n if (match) {\n message = match[1];\n }\n }\n const err = new Error(message);\n err.name = detail.__type;\n throw err;\n}\nexport function parseJwtPayload(jwt) {\n const parts = jwt.split(\".\");\n const payload = parts[1];\n if (!payload) {\n throw new Error(\"Invalid JWT\");\n }\n return JSON.parse(new TextDecoder().decode(bufferFromBase64Url(payload)));\n}\n/**\n * Schedule a callback once, like setTimeout, but count\n * time spent sleeping also as time spent. This way, if the browser tab\n * where this is happening is activated again after sleeping,\n * the callback is run immediately (more precise: within 1 second)\n */\nexport function setTimeoutWallClock(cb, ms) {\n const executeAt = Date.now() + ms;\n const i = setInterval(() => {\n if (Date.now() >= executeAt) {\n clearInterval(i);\n cb();\n }\n }, 1000);\n // unref the interval if we can, so that e.g. when running in Node.js\n // this interval would not block program exit:\n if (typeof i.unref === \"function\")\n i.unref();\n return () => clearInterval(i);\n}\nexport function currentBrowserLocationWithoutFragmentIdentifier() {\n const { location } = configure();\n const current = new URL(location.href);\n current.hash = \"\";\n return current.href;\n}\nexport function removeFragmentIdentifierFromBrowserLocation() {\n const { history } = configure();\n history.pushState(\"\", \"\", currentBrowserLocationWithoutFragmentIdentifier());\n}\nexport function timeAgo(now, historicDate) {\n if (!historicDate)\n return;\n const ranges = {\n years: 3600 * 24 * 365,\n months: 3600 * 24 * 30,\n weeks: 3600 * 24 * 7,\n days: 3600 * 24,\n hours: 3600,\n minutes: 60,\n };\n const secondsElapsed = Math.max((now.valueOf() - historicDate.valueOf()) / 1000, 0);\n const [unit, range] = Object.entries(ranges).find(([, range]) => {\n return range < secondsElapsed;\n }) ?? [\"seconds\", 1];\n const delta = secondsElapsed / range;\n return unit === \"seconds\" && delta < 10\n ? \"Just now\"\n : new Intl.RelativeTimeFormat(\"en\").format(-Math.floor(delta), unit);\n}\n/**\n * Base64 implementations below as atob and btoa don't work with unicode\n * and aren't available in all JS environments to begin with, e.g. React Native\n */\nconst _bufferFromBase64 = function (characters, padChar = \"\") {\n const map = characters\n .split(\"\")\n .reduce((acc, char, index) => Object.assign(acc, { [char.charCodeAt(0)]: index }), {});\n return function (base64) {\n const paddingLength = padChar\n ? // eslint-disable-next-line security/detect-non-literal-regexp\n base64.match(new RegExp(`^.+?(${padChar}?${padChar}?)$`))[1].length\n : 0;\n let first, second, third, fourth;\n return base64.match(/.{1,4}/g).reduce((acc, chunk, index) => {\n first = map[chunk.charCodeAt(0)];\n second = map[chunk.charCodeAt(1)];\n third = map[chunk.charCodeAt(2)];\n fourth = map[chunk.charCodeAt(3)];\n acc[3 * index] = (first << 2) | (second >> 4);\n acc[3 * index + 1] = ((second & 0b1111) << 4) | (third >> 2);\n acc[3 * index + 2] = ((third & 0b11) << 6) | fourth;\n return acc;\n }, new Uint8Array((base64.length * 3) / 4 - paddingLength));\n };\n};\nexport const bufferFromBase64 = _bufferFromBase64(\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\", \"=\");\nexport const bufferFromBase64Url = _bufferFromBase64(\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\");\nconst _bufferToBase64 = function (characters, padChar = \"\") {\n const map = characters\n .split(\"\")\n .reduce((acc, char, index) => Object.assign(acc, { [index]: char }), {});\n return function (base64) {\n const result = [];\n for (const chunk of chunks(new Uint8Array(base64), 3)) {\n result.push(map[chunk[0] >> 2]);\n result.push(map[((chunk[0] & 0b11) << 4) | (chunk[1] >> 4)]);\n result.push(chunk[1] !== undefined\n ? map[((chunk[1] & 0b1111) << 2) | (chunk[2] >> 6)]\n : padChar);\n result.push(chunk[2] !== undefined ? map[chunk[2] & 0b111111] : padChar);\n }\n return result.join(\"\");\n };\n};\nexport const bufferToBase64 = _bufferToBase64(\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\", \"=\");\nexport const bufferToBase64Url = _bufferToBase64(\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\");\nfunction* chunks(arr, n) {\n for (let i = 0; i < arr.length; i += n) {\n yield arr.subarray(i, i + n);\n }\n}\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { parseJwtPayload } from \"./util.js\";\nimport { configure } from \"./config.js\";\nexport async function storeTokens(tokens) {\n const { clientId, storage } = configure();\n const { sub, email, \"cognito:username\": username, } = parseJwtPayload(tokens.idToken);\n const { scope } = parseJwtPayload(tokens.accessToken);\n const amplifyKeyPrefix = `CognitoIdentityServiceProvider.${clientId}`;\n const customKeyPrefix = `Passwordless.${clientId}`;\n const promises = [];\n promises.push(storage.setItem(`${amplifyKeyPrefix}.LastAuthUser`, username));\n promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.idToken`, tokens.idToken));\n promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.accessToken`, tokens.accessToken));\n if (tokens.refreshToken) {\n promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.refreshToken`, tokens.refreshToken));\n }\n promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.userData`, JSON.stringify({\n UserAttributes: [\n {\n Name: \"sub\",\n Value: sub,\n },\n {\n Name: \"email\",\n Value: email,\n },\n ],\n Username: username,\n })));\n promises.push(storage.setItem(`${amplifyKeyPrefix}.${username}.tokenScopesString`, scope));\n promises.push(storage.setItem(`${customKeyPrefix}.${username}.expireAt`, tokens.expireAt.toISOString()));\n await Promise.all(promises.filter((p) => !!p));\n}\nexport async function retrieveTokens() {\n const { clientId, storage } = configure();\n const amplifyKeyPrefix = `CognitoIdentityServiceProvider.${clientId}`;\n const customKeyPrefix = `Passwordless.${clientId}`;\n const username = await storage.getItem(`${amplifyKeyPrefix}.LastAuthUser`);\n if (!username) {\n return;\n }\n const [accessToken, idToken, refreshToken, expireAt] = await Promise.all([\n storage.getItem(`${amplifyKeyPrefix}.${username}.accessToken`),\n storage.getItem(`${amplifyKeyPrefix}.${username}.idToken`),\n storage.getItem(`${amplifyKeyPrefix}.${username}.refreshToken`),\n storage.getItem(`${customKeyPrefix}.${username}.expireAt`),\n ]);\n return {\n idToken: idToken ?? undefined,\n accessToken: accessToken ?? undefined,\n refreshToken: refreshToken ?? undefined,\n expireAt: expireAt ? new Date(expireAt) : undefined,\n username,\n };\n}\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { parseJwtPayload, throwIfNot2xx, bufferToBase64 } from \"./util.js\";\nimport { configure } from \"./config.js\";\nimport { retrieveTokens } from \"./storage.js\";\nconst AWS_REGION_REGEXP = /^[a-z]{2}-[a-z]+-\\d$/;\nexport function isErrorResponse(obj) {\n return (!!obj && typeof obj === \"object\" && \"__type\" in obj && \"message\" in obj);\n}\nexport function assertIsNotErrorResponse(obj) {\n if (isErrorResponse(obj)) {\n const err = new Error();\n err.name = obj.__type;\n err.message = obj.message;\n throw err;\n }\n}\nexport function assertIsNotChallengeResponse(obj) {\n if (isChallengeResponse(obj)) {\n throw new Error(`Unexpected challenge: ${obj.ChallengeName}`);\n }\n}\nexport function assertIsNotAuthenticatedResponse(obj) {\n if (isAuthenticatedResponse(obj)) {\n throw new Error(\"Unexpected authentication response\");\n }\n}\nexport function isChallengeResponse(obj) {\n return (!!obj &&\n typeof obj === \"object\" &&\n \"ChallengeName\" in obj &&\n \"ChallengeParameters\" in obj);\n}\nexport function assertIsChallengeResponse(obj) {\n assertIsNotErrorResponse(obj);\n assertIsNotAuthenticatedResponse(obj);\n if (!isChallengeResponse(obj)) {\n throw new Error(\"Expected challenge response\");\n }\n}\nexport function isAuthenticatedResponse(obj) {\n return !!obj && typeof obj === \"object\" && \"AuthenticationResult\" in obj;\n}\nexport function assertIsAuthenticatedResponse(obj) {\n assertIsNotErrorResponse(obj);\n assertIsNotChallengeResponse(obj);\n if (!isAuthenticatedResponse(obj)) {\n throw new Error(\"Expected authentication response\");\n }\n}\nexport function assertIsSignInResponse(obj) {\n assertIsNotErrorResponse(obj);\n if (!isAuthenticatedResponse(obj) && !isChallengeResponse(obj)) {\n throw new Error(\"Expected sign-in response\");\n }\n}\nexport async function initiateAuth({ authflow, authParameters, clientMetadata, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders, clientId, clientSecret } = configure();\n return fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n signal: abort,\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.InitiateAuth\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n AuthFlow: authflow,\n ClientId: clientId,\n AuthParameters: {\n ...authParameters,\n ...(clientSecret && {\n SECRET_HASH: await calculateSecretHash(authParameters.USERNAME),\n }),\n },\n ClientMetadata: clientMetadata,\n }),\n }).then(extractInitiateAuthResponse(authflow));\n}\nexport async function respondToAuthChallenge({ challengeName, challengeResponses, session, clientMetadata, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders, clientId, clientSecret } = configure();\n return fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.RespondToAuthChallenge\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n ChallengeName: challengeName,\n ChallengeResponses: {\n ...challengeResponses,\n ...(clientSecret && {\n SECRET_HASH: await calculateSecretHash(challengeResponses.USERNAME),\n }),\n },\n ClientId: clientId,\n Session: session,\n ClientMetadata: clientMetadata,\n }),\n signal: abort,\n }).then(extractChallengeResponse);\n}\nexport async function revokeToken({ refreshToken, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders, clientId } = configure();\n return fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.RevokeToken\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n Token: refreshToken,\n ClientId: clientId,\n }),\n signal: abort,\n }).then(throwIfNot2xx);\n}\nexport async function getId({ identityPoolId, abort, }) {\n const { fetch } = configure();\n const identityPoolRegion = identityPoolId.split(\":\")[0];\n const { idToken } = (await retrieveTokens()) ?? {};\n if (!idToken) {\n throw new Error(\"Missing ID token\");\n }\n const iss = new URL(parseJwtPayload(idToken)[\"iss\"]);\n return fetch(`https://cognito-identity.${identityPoolRegion}.amazonaws.com/`, {\n signal: abort,\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityService.GetId\",\n \"content-type\": \"application/x-amz-json-1.1\",\n },\n method: \"POST\",\n body: JSON.stringify({\n IdentityPoolId: identityPoolId,\n Logins: {\n [`${iss.hostname}${iss.pathname}`]: idToken,\n },\n }),\n })\n .then(throwIfNot2xx)\n .then((res) => res.json());\n}\nexport async function getCredentialsForIdentity({ identityId, abort, }) {\n const { fetch } = configure();\n const identityPoolRegion = identityId.split(\":\")[0];\n const { idToken } = (await retrieveTokens()) ?? {};\n if (!idToken) {\n throw new Error(\"Missing ID token\");\n }\n const iss = new URL(parseJwtPayload(idToken)[\"iss\"]);\n return fetch(`https://cognito-identity.${identityPoolRegion}.amazonaws.com/`, {\n signal: abort,\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityService.GetCredentialsForIdentity\",\n \"content-type\": \"application/x-amz-json-1.1\",\n },\n method: \"POST\",\n body: JSON.stringify({\n IdentityId: identityId,\n Logins: {\n [`${iss.hostname}${iss.pathname}`]: idToken,\n },\n }),\n })\n .then(throwIfNot2xx)\n .then((res) => res.json());\n}\nexport async function signUp({ username, password, userAttributes, clientMetadata, validationData, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders, clientId, clientSecret } = configure();\n return fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.SignUp\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n Username: username,\n Password: password,\n UserAttributes: userAttributes &&\n userAttributes.map(({ name, value }) => ({\n Name: name,\n Value: value,\n })),\n ValidationData: validationData &&\n validationData.map(({ name, value }) => ({\n Name: name,\n Value: value,\n })),\n ClientMetadata: clientMetadata,\n ClientId: clientId,\n ...(clientSecret && {\n SecretHash: await calculateSecretHash(username),\n }),\n }),\n signal: abort,\n }).then(throwIfNot2xx);\n}\nexport async function updateUserAttributes({ clientMetadata, userAttributes, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders } = configure();\n const tokens = await retrieveTokens();\n await fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.UpdateUserAttributes\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n AccessToken: tokens?.accessToken,\n ClientMetadata: clientMetadata,\n UserAttributes: userAttributes.map(({ name, value }) => ({\n Name: name,\n Value: value,\n })),\n }),\n signal: abort,\n }).then(throwIfNot2xx);\n}\nexport async function getUserAttributeVerificationCode({ attributeName, clientMetadata, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders } = configure();\n const tokens = await retrieveTokens();\n await fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.GetUserAttributeVerificationCode\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n AccessToken: tokens?.accessToken,\n ClientMetadata: clientMetadata,\n AttributeName: attributeName,\n }),\n signal: abort,\n }).then(throwIfNot2xx);\n}\nexport async function verifyUserAttribute({ attributeName, code, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders } = configure();\n const tokens = await retrieveTokens();\n await fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.VerifyUserAttribute\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n AccessToken: tokens?.accessToken,\n AttributeName: attributeName,\n Code: code,\n }),\n signal: abort,\n }).then(throwIfNot2xx);\n}\nexport async function setUserMFAPreference({ smsMfaSettings, softwareTokenMfaSettings, abort, }) {\n const { fetch, cognitoIdpEndpoint, proxyApiHeaders } = configure();\n const tokens = await retrieveTokens();\n await fetch(cognitoIdpEndpoint.match(AWS_REGION_REGEXP)\n ? `https://cognito-idp.${cognitoIdpEndpoint}.amazonaws.com/`\n : cognitoIdpEndpoint, {\n headers: {\n \"x-amz-target\": \"AWSCognitoIdentityProviderService.SetUserMFAPreference\",\n \"content-type\": \"application/x-amz-json-1.1\",\n ...proxyApiHeaders,\n },\n method: \"POST\",\n body: JSON.stringify({\n AccessToken: tokens?.accessToken,\n SMSMfaSettings: smsMfaSettings && {\n Enabled: smsMfaSettings.enabled,\n PreferredMfa: smsMfaSettings.preferred,\n },\n SoftwareTokenMfaSettings: softwareTokenMfaSettings && {\n Enabled: softwareTokenMfaSettings.enabled,\n PreferredMfa: softwareTokenMfaSettings.preferred,\n },\n }),\n signal: abort,\n }).then(throwIfNot2xx);\n}\nexport async function handleAuthResponse({ authResponse, username, smsMfaCode, newPassword, customChallengeAnswer, clientMetadata, abort, }) {\n const { debug } = configure();\n for (;;) {\n if (isAuthenticatedResponse(authResponse)) {\n return {\n idToken: authResponse.AuthenticationResult.IdToken,\n accessToken: authResponse.AuthenticationResult.AccessToken,\n expireAt: new Date(Date.now() + authResponse.AuthenticationResult.ExpiresIn * 1000),\n refreshToken: authResponse.AuthenticationResult.RefreshToken,\n username,\n };\n }\n const responseParameters = {};\n if (authResponse.ChallengeName === \"SMS_MFA\") {\n if (!smsMfaCode)\n throw new Error(\"Missing MFA Code\");\n responseParameters.SMS_MFA_CODE = await smsMfaCode();\n }\n else if (authResponse.ChallengeName === \"NEW_PASSWORD_REQUIRED\") {\n if (!newPassword)\n throw new Error(\"Missing new password\");\n responseParameters.NEW_PASSWORD = await newPassword();\n }\n else if (authResponse.ChallengeName === \"CUSTOM_CHALLENGE\") {\n if (!customChallengeAnswer)\n throw new Error(\"Missing custom challenge answer\");\n responseParameters.ANSWER = await customChallengeAnswer();\n }\n else {\n throw new Error(`Unsupported challenge: ${authResponse.ChallengeName}`);\n }\n debug?.(`Invoking respondToAuthChallenge ...`);\n const nextAuthResult = await respondToAuthChallenge({\n challengeName: authResponse.ChallengeName,\n challengeResponses: {\n USERNAME: username,\n ...responseParameters,\n },\n clientMetadata,\n session: authResponse.Session,\n abort,\n });\n debug?.(`Response from respondToAuthChallenge:`, nextAuthResult);\n authResponse = nextAuthResult;\n }\n}\nfunction extractInitiateAuthResponse(authflow) {\n return async (res) => {\n await throwIfNot2xx(res);\n const body = await res.json();\n if (authflow === \"REFRESH_TOKEN_AUTH\") {\n assertIsAuthenticatedResponse(body);\n }\n else {\n assertIsSignInResponse(body);\n }\n return body;\n };\n}\nasync function extractChallengeResponse(res) {\n await throwIfNot2xx(res);\n const body = await res.json();\n assertIsSignInResponse(body);\n return body;\n}\nasync function calculateSecretHash(username) {\n const { crypto, clientId, clientSecret } = configure();\n username ?? (username = (await retrieveTokens())?.username);\n if (!username) {\n throw new Error(\"Failed to determine username for calculating secret hash\");\n }\n const key = await crypto.subtle.importKey(\"raw\", new TextEncoder().encode(clientSecret), { name: \"HMAC\", hash: \"SHA-256\" }, false, [\"sign\", \"verify\"]);\n const signature = await crypto.subtle.sign(\"HMAC\", key, new TextEncoder().encode(`${username}${clientId}`));\n return bufferToBase64(signature);\n}\n","export const busyState = [\n \"CHECKING_FOR_SIGNIN_LINK\",\n \"REQUESTING_SIGNIN_LINK\",\n \"SIGNING_IN_WITH_LINK\",\n \"STARTING_SIGN_IN_WITH_FIDO2\",\n \"COMPLETING_SIGN_IN_WITH_FIDO2\",\n \"SIGNING_IN_WITH_PASSWORD\",\n \"SIGNING_IN_WITH_OTP\",\n \"SIGNING_OUT\",\n];\nconst idleState = [\n \"NO_SIGNIN_LINK\",\n \"SIGNIN_LINK_REQUEST_FAILED\",\n \"SIGNIN_LINK_REQUESTED\",\n \"SIGNIN_LINK_EXPIRED\",\n \"INVALID_SIGNIN_LINK\",\n \"SIGNED_OUT\",\n \"SIGNED_IN_WITH_LINK\",\n \"SIGNED_IN_WITH_FIDO2\",\n \"SIGNED_IN_WITH_PASSWORD\",\n \"SIGNED_IN_WITH_OTP\",\n \"FIDO2_SIGNIN_FAILED\",\n \"SIGNIN_WITH_OTP_FAILED\",\n \"PASSWORD_SIGNIN_FAILED\",\n];\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { configure } from \"./config.js\";\nimport { retrieveTokens } from \"./storage.js\";\nimport { initiateAuth } from \"./cognito-api.js\";\nimport { setTimeoutWallClock } from \"./util.js\";\nlet schedulingRefresh = undefined;\nexport async function scheduleRefresh(...args) {\n if (!schedulingRefresh) {\n schedulingRefresh = _scheduleRefresh(...args).finally(() => (schedulingRefresh = undefined));\n }\n return schedulingRefresh;\n}\nlet clearScheduledRefresh = undefined;\nasync function _scheduleRefresh({ abort, tokensCb, isRefreshingCb, }) {\n const { debug } = configure();\n clearScheduledRefresh?.();\n const tokens = await retrieveTokens();\n if (abort?.aborted)\n return;\n // Refresh 30 seconds before expiry\n // Add some jitter, to spread scheduled refreshes might they be\n // requested multiple times (e.g. in multiple components)\n const refreshIn = Math.max(0, (tokens?.expireAt ?? new Date()).valueOf() -\n Date.now() -\n 30 * 1000 -\n (Math.random() - 0.5) * 30 * 1000);\n if (refreshIn >= 1000) {\n debug?.(`Scheduling refresh of tokens in ${(refreshIn / 1000).toFixed(1)} seconds`);\n clearScheduledRefresh = setTimeoutWallClock(() => refreshTokens({ abort, tokensCb, isRefreshingCb, tokens }).catch((err) => debug?.(\"Failed to refresh tokens:\", err)), refreshIn);\n abort?.addEventListener(\"abort\", clearScheduledRefresh);\n }\n else {\n refreshTokens({ abort, tokensCb, isRefreshingCb, tokens }).catch((err) => debug?.(\"Failed to refresh tokens:\", err));\n }\n return clearScheduledRefresh;\n}\nlet refreshingTokens = undefined;\nexport async function refreshTokens(...args) {\n if (!refreshingTokens) {\n refreshingTokens = _refreshTokens(...args).finally(() => (refreshingTokens = undefined));\n }\n return refreshingTokens;\n}\nconst invalidRefreshTokens = new Set();\nasync function _refreshTokens({ abort, tokensCb, isRefreshingCb, tokens, }) {\n isRefreshingCb?.(true);\n try {\n const { debug } = configure();\n if (!tokens) {\n tokens = await retrieveTokens();\n }\n const { refreshToken, username } = tokens ?? {};\n if (!refreshToken || !username) {\n throw new Error(\"Cannot refresh without refresh token and username\");\n }\n if (invalidRefreshTokens.has(refreshToken)) {\n throw new Error(`Will not attempt refresh using token that failed previously: ${refreshToken}`);\n }\n debug?.(\"Refreshing tokens using refresh token ...\");\n const authResult = await initiateAuth({\n authflow: \"REFRESH_TOKEN_AUTH\",\n authParameters: {\n REFRESH_TOKEN: refreshToken,\n },\n abort,\n }).catch((err) => {\n invalidRefreshTokens.add(refreshToken);\n throw err;\n });\n const tokensFromRefresh = {\n accessToken: authResult.AuthenticationResult.AccessToken,\n idToken: authResult.AuthenticationResult.IdToken,\n expireAt: new Date(Date.now() + authResult.AuthenticationResult.ExpiresIn * 1000),\n username,\n };\n await tokensCb?.(tokensFromRefresh);\n return tokensFromRefresh;\n }\n finally {\n isRefreshingCb?.(false);\n }\n}\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { revokeToken } from \"./cognito-api.js\";\nimport { configure } from \"./config.js\";\nimport { retrieveTokens, storeTokens } from \"./storage.js\";\nimport { busyState, } from \"./model.js\";\nimport { scheduleRefresh } from \"./refresh.js\";\n/** The default tokens callback stores tokens in storage and reschedules token refresh */\nexport const defaultTokensCb = async ({ tokens, abort, }) => {\n const storeAndScheduleRefresh = async (tokens) => {\n await storeTokens(tokens);\n scheduleRefresh({\n abort,\n tokensCb: (newTokens) => newTokens && storeAndScheduleRefresh({ ...tokens, ...newTokens }),\n }).catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to store and refresh tokens:\", err);\n });\n };\n await storeAndScheduleRefresh(tokens);\n};\n/**\n * Sign the user out. This means: clear tokens from storage,\n * and revoke the refresh token from Amazon Cognito\n */\nexport const signOut = (props) => {\n const { clientId, debug, storage } = configure();\n const { currentStatus, statusCb } = props ?? {};\n if (currentStatus && busyState.includes(currentStatus)) {\n debug?.(`Initiating sign-out despite being in a busy state: ${currentStatus}`);\n }\n statusCb?.(\"SIGNING_OUT\");\n const abort = new AbortController();\n const signedOut = (async () => {\n try {\n const tokens = await retrieveTokens();\n if (abort.signal.aborted) {\n debug?.(\"Aborting sign-out\");\n currentStatus && statusCb?.(currentStatus);\n return;\n }\n if (!tokens) {\n debug?.(\"No tokens in storage to delete\");\n props?.tokensRemovedLocallyCb?.();\n statusCb?.(\"SIGNED_OUT\");\n return;\n }\n const amplifyKeyPrefix = `CognitoIdentityServiceProvider.${clientId}`;\n const customKeyPrefix = `Passwordless.${clientId}`;\n await Promise.all([\n storage.removeItem(`${amplifyKeyPrefix}.${tokens.username}.idToken`),\n storage.removeItem(`${amplifyKeyPrefix}.${tokens.username}.accessToken`),\n storage.removeItem(`${amplifyKeyPrefix}.${tokens.username}.refreshToken`),\n storage.removeItem(`${amplifyKeyPrefix}.${tokens.username}.tokenScopesString`),\n storage.removeItem(`${amplifyKeyPrefix}.${tokens.username}.userData`),\n storage.removeItem(`${amplifyKeyPrefix}.LastAuthUser`),\n storage.removeItem(`${customKeyPrefix}.${tokens.username}.expireAt`),\n storage.removeItem(`Passwordless.${clientId}.${tokens.username}.refreshingTokens`),\n ]);\n props?.tokensRemovedLocallyCb?.();\n if (tokens.refreshToken) {\n await revokeToken({\n abort: undefined, // if we've come this far, let this proceed\n refreshToken: tokens.refreshToken,\n });\n }\n statusCb?.(\"SIGNED_OUT\");\n }\n catch (err) {\n if (abort.signal.aborted)\n return;\n currentStatus && statusCb?.(currentStatus);\n throw err;\n }\n })();\n return {\n signedOut,\n abort: () => abort.abort(),\n };\n};\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { busyState } from \"./model.js\";\nimport { defaultTokensCb } from \"./common.js\";\nimport { assertIsChallengeResponse, assertIsAuthenticatedResponse, initiateAuth, respondToAuthChallenge, } from \"./cognito-api.js\";\nimport { parseJwtPayload, currentBrowserLocationWithoutFragmentIdentifier, removeFragmentIdentifierFromBrowserLocation, bufferFromBase64Url, } from \"./util.js\";\nimport { configure, UndefinedGlobalVariableError } from \"./config.js\";\nexport const requestSignInLink = ({ username, redirectUri, currentStatus, statusCb, }) => {\n const { clientId, storage, debug } = configure();\n if (currentStatus && busyState.includes(currentStatus)) {\n throw new Error(`Can't request sign-in link while in status ${currentStatus}`);\n }\n statusCb?.(\"REQUESTING_SIGNIN_LINK\");\n const abort = new AbortController();\n const signInLinkRequested = (async () => {\n try {\n let res = await initiateAuth({\n authflow: \"CUSTOM_AUTH\",\n authParameters: {\n USERNAME: username,\n },\n abort: abort.signal,\n });\n assertIsChallengeResponse(res);\n username = res.ChallengeParameters.USERNAME; // switch to non-alias if necessary\n res = await respondToAuthChallenge({\n challengeName: \"CUSTOM_CHALLENGE\",\n challengeResponses: {\n ANSWER: \"__dummy__\",\n USERNAME: username,\n },\n clientMetadata: {\n signInMethod: \"MAGIC_LINK\",\n redirectUri: redirectUri || currentBrowserLocationWithoutFragmentIdentifier(),\n alreadyHaveMagicLink: \"no\",\n },\n session: res.Session,\n abort: abort.signal,\n });\n assertIsChallengeResponse(res);\n if (username && res.Session) {\n await storage.setItem(`Passwordless.${clientId}.${username}.session`, res.Session);\n }\n statusCb?.(\"SIGNIN_LINK_REQUESTED\");\n return res.Session;\n }\n catch (err) {\n debug?.(err);\n currentStatus && statusCb?.(\"SIGNIN_LINK_REQUEST_FAILED\");\n throw err;\n }\n })();\n return {\n signInLinkRequested,\n abort: () => abort.abort(),\n };\n};\nconst failedFragmentIdentifieres = new Set();\nfunction checkCurrentLocationForSignInLink() {\n const { debug, location } = configure();\n let url;\n let fragmentIdentifier;\n try {\n url = new URL(location.href);\n fragmentIdentifier = url.hash?.slice(1);\n if (!fragmentIdentifier) {\n debug?.(\"Current location.href has no fragment identifier, nothing to do\");\n return;\n }\n if (failedFragmentIdentifieres.has(fragmentIdentifier)) {\n debug?.(\"Current location.href has a fragment identifier that failed before, ignoring\");\n return;\n }\n }\n catch (e) {\n if (e instanceof UndefinedGlobalVariableError) {\n throw e;\n }\n debug?.(\"Couldn't parse location url\");\n return;\n }\n const header = fragmentIdentifier.split(\".\")[0];\n let message;\n try {\n debug?.(\"Parsing magic link header:\", header);\n message = JSON.parse(new TextDecoder().decode(bufferFromBase64Url(header)));\n debug?.(\"Magic link header parsed:\", message);\n assertIsMessage(message);\n }\n catch (err) {\n debug?.(\"Ignoring invalid fragment identifier\");\n return;\n }\n if (!message.userName || typeof message.userName !== \"string\") {\n debug?.(`Ignoring fragment identifier with invalid username:`, message.userName);\n return;\n }\n if (!message.exp || typeof message.exp !== \"number\") {\n debug?.(`Ignoring fragment identifier with invalid exp:`, message.userName);\n return;\n }\n return {\n username: message.userName,\n exp: message.exp,\n fragmentIdentifier,\n };\n}\nfunction assertIsMessage(msg) {\n if (!msg ||\n typeof msg !== \"object\" ||\n !(\"userName\" in msg) ||\n typeof msg.userName !== \"string\" ||\n !(\"exp\" in msg) ||\n typeof msg.exp !== \"number\" ||\n !(\"iat\" in msg) ||\n typeof msg.iat !== \"number\") {\n throw new Error(\"Invalid magic link\");\n }\n}\nasync function authenticateWithSignInLink({ username, fragmentIdentifier, currentStatus, clientMetadata, session, abort, }) {\n const { clientId, storage, debug } = configure();\n if (currentStatus && busyState.includes(currentStatus)) {\n throw new Error(`Can't authenticate with link while in status ${currentStatus}`);\n }\n session ?? (session = (await storage.getItem(`Passwordless.${clientId}.${username}.session`)) ??\n undefined);\n await storage.removeItem(`Passwordless.${clientId}.${username}.session`);\n if (!session) {\n session = await startSession({ username, abort });\n }\n else {\n debug?.(`Continuing authentication using session: ${session}`);\n }\n let authResult;\n try {\n authResult = await continueSession({\n username,\n fragmentIdentifier,\n clientMetadata,\n session,\n abort,\n });\n }\n catch (err) {\n if (err instanceof Error &&\n err.message.startsWith(\"Invalid session for the user\")) {\n debug?.(\"Invalid session for the user, starting fresh one\");\n session = await startSession({ username, abort });\n authResult = await continueSession({\n username,\n fragmentIdentifier,\n clientMetadata,\n session,\n abort,\n });\n }\n else {\n throw err;\n }\n }\n assertIsAuthenticatedResponse(authResult);\n debug?.(`Response from respondToAuthChallenge:`, authResult);\n return {\n accessToken: authResult.AuthenticationResult.AccessToken,\n idToken: authResult.AuthenticationResult.IdToken,\n refreshToken: authResult.AuthenticationResult.RefreshToken,\n expireAt: new Date(Date.now() + authResult.AuthenticationResult.ExpiresIn * 1000),\n username: parseJwtPayload(authResult.AuthenticationResult.IdToken)[\"cognito:username\"],\n };\n}\nasync function startSession({ username, abort, }) {\n const { debug } = configure();\n debug?.(`Invoking initiateAuth ...`);\n const initAuthResponse = await initiateAuth({\n authflow: \"CUSTOM_AUTH\",\n authParameters: {\n USERNAME: username,\n },\n abort,\n });\n assertIsChallengeResponse(initAuthResponse);\n debug?.(`Response from initiateAuth:`, initAuthResponse);\n return initAuthResponse.Session;\n}\nasync function continueSession({ username, fragmentIdentifier, clientMetadata, session, abort, }) {\n const { debug } = configure();\n debug?.(`Invoking respondToAuthChallenge ...`);\n return respondToAuthChallenge({\n challengeName: \"CUSTOM_CHALLENGE\",\n challengeResponses: {\n ANSWER: fragmentIdentifier,\n USERNAME: username,\n },\n clientMetadata: {\n ...clientMetadata,\n signInMethod: \"MAGIC_LINK\",\n redirectUri: currentBrowserLocationWithoutFragmentIdentifier(),\n alreadyHaveMagicLink: \"yes\",\n },\n session,\n abort,\n });\n}\nexport const signInWithLink = (props) => {\n const { debug } = configure();\n const abort = new AbortController();\n const { statusCb, tokensCb } = props ?? {};\n const signedIn = (async () => {\n const params = checkCurrentLocationForSignInLink();\n if (!params) {\n statusCb?.(\"NO_SIGNIN_LINK\");\n return;\n }\n if (params.exp < Date.now() / 1000) {\n statusCb?.(\"SIGNIN_LINK_EXPIRED\");\n return;\n }\n statusCb?.(\"SIGNING_IN_WITH_LINK\");\n try {\n const tokens = await authenticateWithSignInLink({\n username: params.username,\n fragmentIdentifier: params.fragmentIdentifier,\n session: props?.session,\n abort: abort.signal,\n }).catch((err) => {\n if (err instanceof Error &&\n err.message?.includes(\"Incorrect username or password\")) {\n debug?.(err);\n statusCb?.(\"SIGNIN_LINK_EXPIRED\");\n return;\n }\n throw err;\n });\n if (!tokens)\n return;\n removeFragmentIdentifierFromBrowserLocation();\n tokensCb\n ? await tokensCb(tokens)\n : await defaultTokensCb({ tokens, abort: abort.signal });\n statusCb?.(\"SIGNED_IN_WITH_LINK\");\n return tokens;\n }\n catch (err) {\n failedFragmentIdentifieres.add(params.fragmentIdentifier);\n statusCb?.(\"INVALID_SIGNIN_LINK\");\n throw err;\n }\n })();\n return {\n signedIn,\n abort: () => abort.abort(),\n };\n};\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { busyState } from \"./model.js\";\nimport { defaultTokensCb } from \"./common.js\";\nimport { assertIsChallengeResponse, assertIsAuthenticatedResponse, initiateAuth, respondToAuthChallenge, } from \"./cognito-api.js\";\nimport { parseJwtPayload, throwIfNot2xx, bufferFromBase64Url, bufferToBase64Url, } from \"./util.js\";\nimport { configure } from \"./config.js\";\nimport { retrieveTokens } from \"./storage.js\";\nexport async function fido2CreateCredential({ friendlyName, }) {\n const { debug, fido2 } = configure();\n const publicKeyOptions = await fido2StartCreateCredential();\n const publicKey = {\n ...publicKeyOptions,\n rp: {\n name: fido2?.rp?.name ?? publicKeyOptions.rp.name,\n id: fido2?.rp?.id ?? publicKeyOptions.rp.id,\n },\n attestation: fido2?.attestation,\n authenticatorSelection: publicKeyOptions.authenticatorSelection ?? fido2?.authenticatorSelection,\n extensions: fido2?.extensions,\n timeout: publicKeyOptions.timeout ?? fido2?.timeout,\n challenge: bufferFromBase64Url(publicKeyOptions.challenge),\n user: {\n ...publicKeyOptions.user,\n id: Uint8Array.from(publicKeyOptions.user.id, (c) => c.charCodeAt(0)),\n },\n excludeCredentials: publicKeyOptions.excludeCredentials.map((credential) => ({\n ...credential,\n id: bufferFromBase64Url(credential.id),\n })),\n };\n debug?.(\"Assembled public key options:\", publicKey);\n const credential = await navigator.credentials.create({\n publicKey,\n });\n if (!credential) {\n throw new Error(\"empty credential\");\n }\n if (!(credential instanceof PublicKeyCredential) ||\n !(credential.response instanceof AuthenticatorAttestationResponse)) {\n throw new Error(\"credential.response is not an instance of AuthenticatorAttestationResponse\");\n }\n const response = credential.response;\n debug?.(\"Created credential:\", {\n credential,\n getTransports: response.getTransports?.(),\n getAuthenticatorData: response.getAuthenticatorData?.(),\n getPublicKey: response.getPublicKey?.(),\n getPublicKeyAlgorithm: response.getPublicKeyAlgorithm?.(),\n });\n const resolvedFriendlyName = typeof friendlyName === \"string\" ? friendlyName : await friendlyName();\n return fido2CompleteCreateCredential({\n credential: credential,\n friendlyName: resolvedFriendlyName,\n });\n}\nfunction getFullFido2Url(path) {\n const { fido2 } = configure();\n if (!fido2) {\n throw new Error(\"Missing Fido2 config\");\n }\n return `${fido2.baseUrl.replace(/\\/$/, \"\")}/${path.replace(/^\\//, \"\")}`;\n}\nexport async function fido2StartCreateCredential() {\n const { fido2, fetch, location } = configure();\n if (!fido2) {\n throw new Error(\"Missing Fido2 config\");\n }\n const { idToken } = (await retrieveTokens()) ?? {};\n if (!idToken) {\n throw new Error(\"No JWT to invoke Fido2 API with\");\n }\n return fetch(getFullFido2Url(`register-authenticator/start?rpId=${fido2.rp?.id ?? location.hostname}`), {\n method: \"POST\",\n headers: {\n accept: \"application/json, text/javascript\",\n \"content-type\": \"application/json; charset=UTF-8\",\n authorization: `Bearer ${idToken}`,\n },\n })\n .then(throwIfNot2xx)\n .then((res) => res.json());\n}\nexport async function fido2CompleteCreateCredential({ credential, friendlyName, }) {\n const { fetch } = configure();\n const { idToken } = (await retrieveTokens()) ?? {};\n if (!idToken) {\n throw new Error(\"No JWT to invoke Fido2 API with\");\n }\n const parsedCredential = \"response\" in credential\n ? await parseAuthenticatorAttestationResponse(credential.response)\n : credential;\n return fetch(getFullFido2Url(\"register-authenticator/complete\"), {\n body: JSON.stringify({\n ...parsedCredential,\n friendlyName,\n }),\n method: \"POST\",\n headers: {\n accept: \"application/json, text/javascript\",\n \"content-type\": \"application/json; charset=UTF-8\",\n authorization: `Bearer ${idToken}`,\n },\n })\n .then(throwIfNot2xx)\n .then((res) => res.json())\n .then((res) => ({\n ...res,\n createdAt: new Date(res.createdAt),\n }));\n}\nexport async function fido2ListCredentials() {\n const { fido2, fetch, location } = configure();\n if (!fido2) {\n throw new Error(\"Missing Fido2 config\");\n }\n const tokens = await retrieveTokens();\n if (!tokens?.idToken) {\n throw new Error(\"No JWT to invoke Fido2 API with\");\n }\n return fetch(getFullFido2Url(`authenticators/list?rpId=${fido2.rp?.id ?? location.hostname}`), {\n method: \"POST\",\n headers: {\n accept: \"application/json, text/javascript\",\n \"content-type\": \"application/json; charset=UTF-8\",\n authorization: `Bearer ${tokens.idToken}`,\n },\n })\n .then(throwIfNot2xx)\n .then((res) => res.json())\n .then(({ authenticators }) => ({\n authenticators: authenticators.map((authenticator) => ({\n ...authenticator,\n createdAt: new Date(authenticator.createdAt),\n lastSignIn: authenticator.lastSignIn !== undefined\n ? new Date(authenticator.lastSignIn)\n : authenticator.lastSignIn,\n })),\n }));\n}\nexport async function fido2DeleteCredential({ credentialId, }) {\n const { fido2, fetch } = configure();\n if (!fido2) {\n throw new Error(\"Missing Fido2 config\");\n }\n const tokens = await retrieveTokens();\n if (!tokens?.idToken) {\n throw new Error(\"No JWT to invoke Fido2 API with\");\n }\n return fetch(getFullFido2Url(\"authenticators/delete\"), {\n method: \"POST\",\n body: JSON.stringify({ credentialId }),\n headers: {\n accept: \"application/json, text/javascript\",\n \"content-type\": \"application/json; charset=UTF-8\",\n authorization: `Bearer ${tokens.idToken}`,\n },\n }).then(throwIfNot2xx);\n}\nexport async function fido2UpdateCredential({ credentialId, friendlyName, }) {\n const { fido2, fetch } = configure();\n if (!fido2) {\n throw new Error(\"Missing Fido2 config\");\n }\n const tokens = await retrieveTokens();\n if (!tokens?.idToken) {\n throw new Error(\"No JWT to invoke Fido2 API with\");\n }\n return fetch(getFullFido2Url(\"authenticators/update\"), {\n method: \"POST\",\n body: JSON.stringify({ credentialId, friendlyName }),\n headers: {\n accept: \"application/json, text/javascript\",\n \"content-type\": \"application/json; charset=UTF-8\",\n authorization: `Bearer ${tokens.idToken}`,\n },\n }).then(throwIfNot2xx);\n}\nfunction assertIsFido2Options(o) {\n if (!o ||\n typeof o !== \"object\" ||\n (\"relyingPartyId\" in o && typeof o.relyingPartyId !== \"string\") ||\n !(\"challenge\" in o) ||\n typeof o.challenge !== \"string\" ||\n (\"timeout\" in o && typeof o.timeout !== \"number\") ||\n (\"userVerification\" in o && typeof o.userVerification !== \"string\") ||\n (\"credentials\" in o &&\n !Array.isArray(o.credentials) &&\n o.credentials.every((c) => !!c &&\n typeof c === \"object\" &&\n \"id\" in c &&\n typeof c.id === \"string\" &&\n (!(\"transports\" in c) ||\n (Array.isArray(c.transports) &&\n c.transports.every((t) => typeof t === \"string\")))))) {\n const { debug } = configure();\n // eslint-disable-next-line @typescript-eslint/restrict-template-expressions\n debug?.(`Invalid Fido2 options: ${JSON.stringify(o)}`);\n throw new Error(\"Invalid Fido2 options\");\n }\n}\nasync function fido2getCredential({ relyingPartyId, challenge, credentials, timeout, userVerification, }) {\n const { debug, fido2: { extensions } = {} } = configure();\n const publicKey = {\n challenge: bufferFromBase64Url(challenge),\n allowCredentials: credentials?.map((credential) => ({\n id: bufferFromBase64Url(credential.id),\n transports: credential.transports,\n type: \"public-key\",\n })),\n timeout,\n userVerification,\n rpId: relyingPartyId,\n extensions,\n };\n debug?.(\"Assembled public key options:\", publicKey);\n const credential = await navigator.credentials.get({\n publicKey,\n });\n if (!credential) {\n throw new Error(`Failed to get credential`);\n }\n if (!(credential instanceof PublicKeyCredential) ||\n !(credential.response instanceof AuthenticatorAssertionResponse)) {\n throw new Error(\"credential.response is not an instance of AuthenticatorAssertionResponse\");\n }\n debug?.(\"Credential:\", credential);\n return parseAuthenticatorAssertionResponse(credential.rawId, credential.response);\n}\nconst parseAuthenticatorAttestationResponse = async (response) => {\n const [attestationObjectB64, clientDataJSON_B64] = await Promise.all([\n bufferToBase64Url(response.attestationObject),\n bufferToBase64Url(response.clientDataJSON),\n ]);\n const transports = (response.getTransports?.() || []).filter((transport) => [\"ble\", \"hybrid\", \"internal\", \"nfc\", \"usb\"].includes(transport));\n return {\n attestationObjectB64,\n clientDataJSON_B64,\n transports: transports.length ? transports : undefined,\n };\n};\nconst parseAuthenticatorAssertionResponse = async (rawId, response) => {\n const [credentialIdB64, authenticatorDataB64, clientDataJSON_B64, signatureB64, userHandleB64,] = await Promise.all([\n bufferToBase64Url(rawId),\n bufferToBase64Url(response.authenticatorData),\n bufferToBase64Url(response.clientDataJSON),\n bufferToBase64Url(response.signature),\n response.userHandle && response.userHandle.byteLength > 0\n ? bufferToBase64Url(response.userHandle)\n : null,\n ]);\n return {\n credentialIdB64,\n authenticatorDataB64,\n clientDataJSON_B64,\n signatureB64,\n userHandleB64,\n };\n};\nasync function requestUsernamelessSignInChallenge() {\n const { fido2, fetch } = configure();\n if (!fido2) {\n throw new Error(\"Missing Fido2 config\");\n }\n return fetch(getFullFido2Url(\"sign-in-challenge\"), {\n method: \"POST\",\n headers: {\n accept: \"application/json, text/javascript\",\n },\n })\n .then(throwIfNot2xx)\n .then((res) => res.json());\n}\nexport function authenticateWithFido2({ username, credentials, tokensCb, statusCb, currentStatus, clientMetadata, credentialGetter = fido2getCredential, }) {\n if (currentStatus && busyState.includes(currentStatus)) {\n throw new Error(`Can't sign in while in status ${currentStatus}`);\n }\n const abort = new AbortController();\n const signedIn = (async () => {\n const { debug, fido2 } = configure();\n if (!fido2) {\n throw new Error(\"Missing Fido2 config\");\n }\n statusCb?.(\"STARTING_SIGN_IN_WITH_FIDO2\");\n let fido2credential, session;\n try {\n if (username) {\n debug?.(`Invoking initiateAuth ...`);\n const initAuthResponse = await initiateAuth({\n authflow: \"CUSTOM_AUTH\",\n authParameters: {\n USERNAME: username,\n },\n abort: abort.signal,\n });\n debug?.(`Response from initiateAuth:`, initAuthResponse);\n assertIsChallengeResponse(initAuthResponse);\n if (!initAuthResponse.ChallengeParameters.fido2options) {\n throw new Error(\"Server did not send a FIDO2 challenge\");\n }\n const fido2options = JSON.parse(initAuthResponse.ChallengeParameters.fido2options);\n assertIsFido2Options(fido2options);\n debug?.(\"FIDO2 options from Cognito challenge:\", fido2options);\n fido2credential = await credentialGetter({\n ...fido2options,\n relyingPartyId: fido2.rp?.id ?? fido2options.relyingPartyId,\n timeout: fido2.timeout ?? fido2options.timeout,\n userVerification: fido2.authenticatorSelection?.userVerification ??\n fido2options.userVerification,\n credentials: (fido2options.credentials ?? []).concat(credentials?.filter((cred) => !fido2options.credentials?.find((optionsCred) => cred.id === optionsCred.id)) ?? []),\n });\n session = initAuthResponse.Session;\n }\n else {\n debug?.(\"Starting usernameless authentication\");\n const fido2options = await requestUsernamelessSignInChallenge();\n assertIsFido2Options(fido2options);\n debug?.(\"FIDO2 options from usernameless challenge:\", fido2options);\n fido2credential = await credentialGetter({\n ...fido2options,\n relyingPartyId: fido2.rp?.id ?? fido2options.relyingPartyId,\n timeout: fido2.timeout ?? fido2options.timeout,\n userVerification: fido2.authenticatorSelection?.userVerification ??\n fido2options.userVerification,\n });\n if (!fido2credential.userHandleB64) {\n throw new Error(\"No discoverable credentials available\");\n }\n username = new TextDecoder().decode(bufferFromBase64Url(fido2credential.userHandleB64));\n // The userHandle must map to a username, not a sub\n if (username.startsWith(\"s|\")) {\n debug?.(\"Credential userHandle isn't a username. In order to use the username as userHandle, so users can sign in without typing their username, usernames must be opaque\");\n throw new Error(\"Username is required for initiating sign-in\");\n }\n // remove (potential) prefix to recover username\n username = username.replace(/^u\\|/, \"\");\n debug?.(`Proceeding with discovered credential for username: ${username} (b64: ${fido2credential.userHandleB64})`);\n debug?.(`Invoking initiateAuth ...`);\n const initAuthResponse = await initiateAuth({\n authflow: \"CUSTOM_AUTH\",\n authParameters: {\n USERNAME: username,\n },\n abort: abort.signal,\n });\n debug?.(`Response from initiateAuth:`, initAuthResponse);\n assertIsChallengeResponse(initAuthResponse);\n session = initAuthResponse.Session;\n }\n statusCb?.(\"COMPLETING_SIGN_IN_WITH_FIDO2\");\n debug?.(`Invoking respondToAuthChallenge ...`);\n const authResult = await respondToAuthChallenge({\n challengeName: \"CUSTOM_CHALLENGE\",\n challengeResponses: {\n ANSWER: JSON.stringify(fido2credential),\n USERNAME: username,\n },\n clientMetadata: {\n ...clientMetadata,\n signInMethod: \"FIDO2\",\n },\n session: session,\n abort: abort.signal,\n });\n assertIsAuthenticatedResponse(authResult);\n debug?.(`Response from respondToAuthChallenge:`, authResult);\n const tokens = {\n accessToken: authResult.AuthenticationResult.AccessToken,\n idToken: authResult.AuthenticationResult.IdToken,\n refreshToken: authResult.AuthenticationResult.RefreshToken,\n expireAt: new Date(Date.now() + authResult.AuthenticationResult.ExpiresIn * 1000),\n username: parseJwtPayload(authResult.AuthenticationResult.IdToken)[\"cognito:username\"],\n };\n tokensCb\n ? await tokensCb(tokens)\n : await defaultTokensCb({ tokens, abort: abort.signal });\n statusCb?.(\"SIGNED_IN_WITH_FIDO2\");\n return tokens;\n }\n catch (err) {\n statusCb?.(\"FIDO2_SIGNIN_FAILED\");\n throw err;\n }\n })();\n return {\n signedIn,\n abort: () => abort.abort(),\n };\n}\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { configure } from \"./config.js\";\nimport { initiateAuth, respondToAuthChallenge, assertIsChallengeResponse, handleAuthResponse, } from \"./cognito-api.js\";\nimport { defaultTokensCb } from \"./common.js\";\nimport { bufferFromBase64, bufferToBase64 } from \"./util.js\";\nlet _CONSTANTS;\nasync function getConstants() {\n if (!_CONSTANTS) {\n const g = BigInt(2);\n const N = BigInt(\"0x\" +\n \"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1\" +\n \"29024E088A67CC74020BBEA63B139B22514A08798E3404DD\" +\n \"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245\" +\n \"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED\" +\n \"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D\" +\n \"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F\" +\n \"83655D23DCA3AD961C62F356208552BB9ED529077096966D\" +\n \"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B\" +\n \"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9\" +\n \"DE2BCBF6955817183995497CEA956AE515D2261898FA0510\" +\n \"15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64\" +\n \"ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7\" +\n \"ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B\" +\n \"F12FFA06D98A0864D87602733EC86A64521F2B18177B200C\" +\n \"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31\" +\n \"43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF\");\n const { crypto } = configure();\n const k = arrayBufferToBigInt(await crypto.subtle.digest(\"SHA-256\", hexToArrayBuffer(`${padHex(N.toString(16))}${padHex(g.toString(16))}`)));\n _CONSTANTS = {\n g,\n N,\n k,\n };\n }\n return _CONSTANTS;\n}\n/**\n * modulo that works on negative bases too\n */\nfunction modulo(base, mod) {\n return ((base % mod) + mod) % mod;\n}\nfunction modPow(base, exp, mod) {\n // Calculate: (base ** exp) % mod\n let result = BigInt(1);\n let x = modulo(base, mod);\n while (exp > BigInt(0)) {\n if (modulo(exp, BigInt(2))) {\n result = modulo(result * x, mod);\n }\n exp = exp / BigInt(2);\n x = modulo(x * x, mod);\n }\n return result;\n}\nfunction padHex(hexStr) {\n hexStr = hexStr.length % 2 ? `0${hexStr}` : hexStr;\n hexStr = parseInt(hexStr.slice(0, 2), 16) >> 7 ? `00${hexStr}` : hexStr;\n return hexStr;\n}\nfunction generateSmallA() {\n const { crypto } = configure();\n const randomValues = new Uint8Array(128);\n crypto.getRandomValues(randomValues);\n return arrayBufferToBigInt(randomValues.buffer);\n}\nasync function calculateLargeAHex(smallA) {\n const { g, N } = await getConstants();\n return modPow(g, smallA, N).toString(16);\n}\nasync function calculateSrpSignature({ smallA, largeAHex, srpBHex, salt, userPoolId, username, password, secretBlock, }) {\n const { crypto } = configure();\n const aPlusBHex = padHex(largeAHex) + padHex(srpBHex);\n const u = await crypto.subtle.digest(\"SHA-256\", hexToArrayBuffer(aPlusBHex));\n const [, userPoolName] = userPoolId.split(\"_\");\n const usernamePasswordHash = await crypto.subtle.digest(\"SHA-256\", new TextEncoder().encode(`${userPoolName}${username}:${password}`));\n const x = await crypto.subtle.digest(\"SHA-256\", await new Blob([\n hexToArrayBuffer(padHex(salt)),\n usernamePasswordHash,\n ]).arrayBuffer());\n const { g, N, k } = await getConstants();\n const gModPowXN = modPow(g, arrayBufferToBigInt(x), N);\n const int = BigInt(`0x${srpBHex}`) - k * gModPowXN;\n const s = modPow(int, smallA + arrayBufferToBigInt(u) * arrayBufferToBigInt(x), N);\n const ikmHex = padHex(s.toString(16));\n const saltHkdfHex = padHex(arrayBufferToHex(u));\n const infoBits = new Uint8Array([\n ...\"Caldera Derived Key\".split(\"\").map((c) => c.charCodeAt(0)),\n 1,\n ]).buffer;\n const prkKey = await crypto.subtle.importKey(\"raw\", hexToArrayBuffer(saltHkdfHex), {\n name: \"HMAC\",\n hash: { name: \"SHA-256\" },\n }, false, [\"sign\"]);\n const prk = await crypto.subtle.sign(\"HMAC\", prkKey, hexToArrayBuffer(ikmHex));\n const hkdfKey = await crypto.subtle.importKey(\"raw\", prk, {\n name: \"HMAC\",\n hash: { name: \"SHA-256\" },\n }, false, [\"sign\"]);\n const hkdf = (await crypto.subtle.sign(\"HMAC\", hkdfKey, infoBits)).slice(0, 16);\n const timestamp = formatDate(new Date());\n const parts = [\n userPoolName.split(\"\").map((c) => c.charCodeAt(0)),\n username.split(\"\").map((c) => c.charCodeAt(0)),\n ...bufferFromBase64(secretBlock),\n timestamp.split(\"\").map((c) => c.charCodeAt(0)),\n ].flat();\n const msg = new Uint8Array(parts).buffer;\n const signatureKey = await crypto.subtle.importKey(\"raw\", hkdf, {\n name: \"HMAC\",\n hash: { name: \"SHA-256\" },\n }, false, [\"sign\"]);\n const signatureString = await crypto.subtle.sign(\"HMAC\", signatureKey, msg);\n return {\n timestamp,\n passwordClaimSignature: bufferToBase64(signatureString),\n };\n}\nfunction hexToArrayBuffer(hexStr) {\n if (hexStr.length % 2 !== 0) {\n throw new Error(\"hex string should have even number of characters\");\n }\n const octets = hexStr.match(/.{2}/gi).map((m) => parseInt(m, 16));\n return new Uint8Array(octets);\n}\nfunction arrayBufferToHex(arrBuf) {\n return [...new Uint8Array(arrBuf)]\n .map((x) => x.toString(16).padStart(2, \"0\"))\n .join(\"\");\n}\nfunction arrayBufferToBigInt(arrBuf) {\n return BigInt(`0x${arrayBufferToHex(arrBuf)}`);\n}\nfunction formatDate(d) {\n const parts = new Intl.DateTimeFormat(\"en-u-hc-h23\", {\n weekday: \"short\",\n year: \"numeric\",\n month: \"short\",\n day: \"numeric\",\n hour: \"2-digit\",\n minute: \"2-digit\",\n second: \"2-digit\",\n timeZone: \"UTC\",\n timeZoneName: \"short\",\n hour12: false,\n }).formatToParts(d);\n const p = (type) => parts.find((part) => part.type === type)?.value;\n return [\n p(\"weekday\"),\n p(\"month\"),\n p(\"day\"),\n [p(\"hour\"), p(\"minute\"), p(\"second\")].join(\":\"),\n p(\"timeZoneName\"),\n p(\"year\"),\n ].join(\" \");\n}\nexport function authenticateWithSRP({ username, password, smsMfaCode, newPassword, customChallengeAnswer, authflow = \"USER_SRP_AUTH\", tokensCb, statusCb, clientMetadata, }) {\n const { userPoolId, debug } = configure();\n if (!userPoolId) {\n throw new Error(\"UserPoolId must be configured\");\n }\n const abort = new AbortController();\n const signedIn = (async () => {\n try {\n statusCb?.(\"SIGNING_IN_WITH_PASSWORD\");\n const smallA = generateSmallA();\n const largeAHex = await calculateLargeAHex(smallA);\n debug?.(`Invoking initiateAuth ...`);\n const challenge = await initiateAuth({\n authflow,\n authParameters: {\n SRP_A: largeAHex,\n USERNAME: username,\n CHALLENGE_NAME: \"SRP_A\",\n },\n clientMetadata,\n abort: abort.signal,\n });\n debug?.(`Response from initiateAuth:`, challenge);\n assertIsChallengeResponse(challenge);\n const { SALT: saltHex, SRP_B: srpBHex, SECRET_BLOCK: secretBlockB64, USER_ID_FOR_SRP: userIdForSrp, } = challenge.ChallengeParameters;\n const { passwordClaimSignature, timestamp } = await calculateSrpSignature({\n smallA,\n largeAHex,\n srpBHex,\n salt: saltHex,\n username: userIdForSrp,\n userPoolId,\n password,\n secretBlock: secretBlockB64,\n });\n debug?.(`Invoking respondToAuthChallenge ...`);\n const authResult = await respondToAuthChallenge({\n challengeName: challenge.ChallengeName,\n challengeResponses: {\n USERNAME: username,\n PASSWORD_CLAIM_SECRET_BLOCK: secretBlockB64,\n TIMESTAMP: timestamp,\n PASSWORD_CLAIM_SIGNATURE: passwordClaimSignature,\n },\n clientMetadata,\n session: challenge.Session,\n abort: abort.signal,\n });\n debug?.(`Response from respondToAuthChallenge:`, authResult);\n const tokens = await handleAuthResponse({\n authResponse: authResult,\n username,\n smsMfaCode,\n newPassword,\n customChallengeAnswer,\n clientMetadata,\n abort: abort.signal,\n });\n tokensCb\n ? await tokensCb(tokens)\n : await defaultTokensCb({ tokens, abort: abort.signal });\n statusCb?.(\"SIGNED_IN_WITH_PASSWORD\");\n return tokens;\n }\n catch (err) {\n statusCb?.(\"PASSWORD_SIGNIN_FAILED\");\n throw err;\n }\n })();\n return {\n signedIn,\n abort: () => abort.abort(),\n };\n}\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { configure } from \"./config.js\";\nimport { initiateAuth, handleAuthResponse } from \"./cognito-api.js\";\nimport { defaultTokensCb } from \"./common.js\";\nexport function authenticateWithPlaintextPassword({ username, password, smsMfaCode, newPassword, tokensCb, statusCb, clientMetadata, }) {\n const { userPoolId, debug } = configure();\n if (!userPoolId) {\n throw new Error(\"UserPoolId must be configured\");\n }\n const abort = new AbortController();\n const signedIn = (async () => {\n try {\n statusCb?.(\"SIGNING_IN_WITH_PASSWORD\");\n debug?.(`Invoking initiateAuth ...`);\n const authResponse = await initiateAuth({\n authflow: \"USER_PASSWORD_AUTH\",\n authParameters: { USERNAME: username, PASSWORD: password },\n clientMetadata,\n });\n debug?.(`Response from initiateAuth:`, authResponse);\n const tokens = await handleAuthResponse({\n authResponse,\n username,\n smsMfaCode,\n newPassword,\n clientMetadata,\n abort: abort.signal,\n });\n tokensCb\n ? await tokensCb(tokens)\n : await defaultTokensCb({ tokens, abort: abort.signal });\n statusCb?.(\"SIGNED_IN_WITH_PASSWORD\");\n }\n catch (err) {\n statusCb?.(\"PASSWORD_SIGNIN_FAILED\");\n throw err;\n }\n })();\n return {\n signedIn: signedIn,\n abort: () => abort.abort(),\n };\n}\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { configure } from \"./config.js\";\nimport { busyState } from \"./model.js\";\nimport { assertIsChallengeResponse, assertIsAuthenticatedResponse, isChallengeResponse, initiateAuth, respondToAuthChallenge, } from \"./cognito-api.js\";\nimport { defaultTokensCb } from \"./common.js\";\nimport { parseJwtPayload } from \"./util.js\";\nimport { retrieveTokens } from \"./storage.js\";\nexport function stepUpAuthenticationWithSmsOtp({ username, smsMfaCode, tokensCb, statusCb, currentStatus, clientMetadata, }) {\n if (currentStatus && busyState.includes(currentStatus)) {\n throw new Error(`Can't sign in while in status ${currentStatus}`);\n }\n const abort = new AbortController();\n const signedIn = (async () => {\n const { debug } = configure();\n statusCb?.(\"SIGNING_IN_WITH_OTP\");\n try {\n const { accessToken } = (await retrieveTokens()) ?? {};\n if (!accessToken) {\n throw new Error(\"Missing access token. You must be signed-in already for step-up auth\");\n }\n let session;\n debug?.(`Invoking initiateAuth ...`);\n const initAuthResponse = await initiateAuth({\n authflow: \"CUSTOM_AUTH\",\n authParameters: {\n USERNAME: username,\n },\n abort: abort.signal,\n });\n debug?.(`Response from initiateAuth:`, initAuthResponse);\n assertIsChallengeResponse(initAuthResponse);\n session = initAuthResponse.Session;\n let phoneNumberWithOtp;\n let authResult;\n if (initAuthResponse.ChallengeParameters.challenge ===\n \"PROVIDE_AUTH_PARAMETERS\") {\n debug?.(`Invoking respondToAuthChallenge ...`);\n authResult = await respondToAuthChallenge({\n challengeName: \"CUSTOM_CHALLENGE\",\n challengeResponses: {\n ANSWER: \"__dummy__\",\n USERNAME: username,\n },\n clientMetadata: {\n ...clientMetadata,\n signInMethod: \"SMS_OTP_STEPUP\",\n },\n session: session,\n abort: abort.signal,\n });\n assertIsChallengeResponse(authResult);\n debug?.(`Response from respondToAuthChallenge:`, authResult);\n session = authResult.Session;\n phoneNumberWithOtp = authResult.ChallengeParameters.phoneNumber;\n }\n else {\n phoneNumberWithOtp = initAuthResponse.ChallengeParameters.phoneNumber;\n }\n let attempt = 1;\n for (;;) {\n const secretCode = await smsMfaCode(phoneNumberWithOtp, attempt);\n debug?.(`Invoking respondToAuthChallenge ...`);\n authResult = await respondToAuthChallenge({\n challengeName: \"CUSTOM_CHALLENGE\",\n challengeResponses: {\n ANSWER: JSON.stringify({\n jwt: accessToken,\n secretCode,\n }),\n USERNAME: username,\n },\n clientMetadata: {\n ...clientMetadata,\n signInMethod: \"SMS_OTP_STEPUP\",\n },\n session: session,\n abort: abort.signal,\n });\n debug?.(`Response from respondToAuthChallenge:`, authResult);\n if (!isChallengeResponse(authResult)) {\n break;\n }\n session = authResult.Session;\n attempt++;\n }\n assertIsAuthenticatedResponse(authResult);\n debug?.(`Response from respondToAuthChallenge:`, authResult);\n const tokens = {\n accessToken: authResult.AuthenticationResult.AccessToken,\n idToken: authResult.AuthenticationResult.IdToken,\n refreshToken: authResult.AuthenticationResult.RefreshToken,\n expireAt: new Date(Date.now() + authResult.AuthenticationResult.ExpiresIn * 1000),\n username: parseJwtPayload(authResult.AuthenticationResult.IdToken)[\"cognito:username\"],\n };\n tokensCb\n ? await tokensCb(tokens)\n : await defaultTokensCb({ tokens, abort: abort.signal });\n statusCb?.(\"SIGNED_IN_WITH_OTP\");\n return tokens;\n }\n catch (err) {\n statusCb?.(\"SIGNIN_WITH_OTP_FAILED\");\n throw err;\n }\n })();\n return {\n signedIn,\n abort: () => abort.abort(),\n };\n}\n","import { jsx as _jsx } from \"react/jsx-runtime\";\n/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { signOut } from \"../common.js\";\nimport { parseJwtPayload, setTimeoutWallClock } from \"../util.js\";\nimport { signInWithLink, requestSignInLink } from \"../magic-link.js\";\nimport { fido2CreateCredential, fido2DeleteCredential, fido2ListCredentials, fido2UpdateCredential, authenticateWithFido2, } from \"../fido2.js\";\nimport { authenticateWithSRP } from \"../srp.js\";\nimport { authenticateWithPlaintextPassword } from \"../plaintext.js\";\nimport { stepUpAuthenticationWithSmsOtp } from \"../sms-otp-stepup.js\";\nimport { configure } from \"../config.js\";\nimport { retrieveTokens, storeTokens } from \"../storage.js\";\nimport { busyState } from \"../model.js\";\nimport { scheduleRefresh, refreshTokens } from \"../refresh.js\";\nimport React, { useState, useEffect, useContext, useCallback, useMemo, useRef, } from \"react\";\nconst PasswordlessContext = React.createContext(undefined);\n/** React hook that provides convenient access to the Passwordless lib's features */\nexport function usePasswordless() {\n const context = useContext(PasswordlessContext);\n if (!context) {\n throw new Error(\"The PasswordlessContextProvider must be added above this consumer in the React component tree\");\n }\n return context;\n}\nconst LocalUserCacheContext = React.createContext(undefined);\n/** React hook that stores and gives access to the last 10 signed in users (from your configured storage) */\nexport function useLocalUserCache() {\n const context = useContext(LocalUserCacheContext);\n if (!context) {\n throw new Error(\"The localUserCache must be enabled in the PasswordlessContextProvider: \");\n }\n return context;\n}\nexport const PasswordlessContextProvider = (props) => {\n return (_jsx(PasswordlessContext.Provider, { value: _usePasswordless(), children: props.enableLocalUserCache ? (_jsx(LocalUserCacheContextProvider, { children: props.children })) : (props.children) }));\n};\nconst LocalUserCacheContextProvider = (props) => {\n return (_jsx(LocalUserCacheContext.Provider, { value: _useLocalUserCache(), children: props.children }));\n};\nfunction _usePasswordless() {\n const [signingInStatus, setSigninInStatus] = useState(\"CHECKING_FOR_SIGNIN_LINK\");\n const [initiallyRetrievingTokensFromStorage, setInitiallyRetrievingTokensFromStorage,] = useState(true);\n const [tokens, _setTokens] = useState();\n const [tokensParsed, setTokensParsed] = useState();\n const setTokens = useCallback((reactSetStateAction) => {\n _setTokens((prevState) => {\n const newTokens = typeof reactSetStateAction === \"function\"\n ? reactSetStateAction(prevState)\n : reactSetStateAction;\n const { idToken, accessToken, expireAt } = newTokens ?? {};\n if (idToken && accessToken && expireAt) {\n setTokensParsed({\n idToken: parseJwtPayload(idToken),\n accessToken: parseJwtPayload(accessToken),\n expireAt,\n });\n }\n else {\n setTokensParsed(undefined);\n }\n return newTokens;\n });\n }, []);\n const [lastError, setLastError] = useState();\n const [userVerifyingPlatformAuthenticatorAvailable, setUserVerifyingPlatformAuthenticatorAvailable,] = useState();\n const [creatingCredential, setCreatingCredential] = useState(false);\n const [fido2Credentials, setFido2Credentials] = useState();\n const updateFido2Credential = useCallback((update) => setFido2Credentials((state) => {\n if (!state)\n return state;\n const index = state.findIndex((i) => i.credentialId === update.credentialId);\n if (index === -1)\n return state;\n // eslint-disable-next-line security/detect-object-injection\n state[index] = { ...state[index], ...update };\n return [...state];\n }), []);\n const deleteFido2Credential = useCallback((credentialId) => setFido2Credentials((state) => state?.filter((remainingAuthenticator) => credentialId !== remainingAuthenticator.credentialId)), []);\n const [isSchedulingRefresh, setIsSchedulingRefresh] = useState();\n const [isRefreshingTokens, setIsRefreshingTokens] = useState();\n const [showAuthenticatorManager, setShowAuthenticatorManager] = useState(false);\n const [recheckSignInStatus, setRecheckSignInStatus] = useState(0);\n // At component mount, attempt sign-in with link\n // This is a no-op, if there's no secret hash in the location bar\n useEffect(() => {\n setLastError(undefined);\n const signingIn = signInWithLink({\n statusCb: setSigninInStatus,\n tokensCb: (tokens) => storeTokens(tokens).then(() => setTokens(tokens)),\n });\n signingIn.signedIn.catch(setLastError);\n return signingIn.abort;\n }, [setTokens]);\n const busy = busyState.includes(signingInStatus);\n // Schedule token refresh\n const refreshToken = tokens?.refreshToken;\n const expireAtTime = tokens?.expireAt?.getTime();\n useEffect(() => {\n if (refreshToken) {\n const abort = new AbortController();\n scheduleRefresh({\n abort: abort.signal,\n tokensCb: (newTokens) => newTokens &&\n storeTokens(newTokens).then(() => setTokens((tokens) => ({ ...tokens, ...newTokens }))),\n isRefreshingCb: setIsRefreshingTokens,\n })\n .catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to schedule token refresh:\", err);\n })\n .finally(() => setIsSchedulingRefresh(false));\n return () => abort.abort();\n }\n }, [setTokens, refreshToken, expireAtTime]);\n // If we have some tokens, but not all, attempt a refresh\n // Should only happen in corner cases, e.g. a developer deleted some keys from storage\n if (tokens &&\n (!tokens.idToken || !tokens.accessToken || !tokens.expireAt) &&\n !isRefreshingTokens &&\n !isSchedulingRefresh) {\n refreshTokens({\n tokensCb: (newTokens) => newTokens &&\n storeTokens(newTokens).then(() => setTokens((tokens) => ({ ...tokens, ...newTokens }))),\n isRefreshingCb: setIsRefreshingTokens,\n }).catch(() => {\n setTokens(undefined);\n });\n }\n // At component mount, load tokens from storage\n useEffect(() => {\n retrieveTokens()\n .then(setTokens)\n .catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to retrieve tokens from storage:\", err);\n })\n .finally(() => setInitiallyRetrievingTokensFromStorage(false));\n }, [setTokens]);\n // Give easy access to isUserVerifyingPlatformAuthenticatorAvailable\n useEffect(() => {\n if (typeof PublicKeyCredential !== \"undefined\") {\n const cancel = new AbortController();\n PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()\n .then((res) => {\n if (!cancel.signal.aborted) {\n setUserVerifyingPlatformAuthenticatorAvailable(res);\n }\n return () => cancel.abort();\n })\n .catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to determine if a user verifying platform authenticator is available:\", err);\n });\n }\n else {\n setUserVerifyingPlatformAuthenticatorAvailable(false);\n }\n }, []);\n const toFido2Credential = useCallback((credential) => {\n return {\n ...credential,\n busy: false,\n update: async (update) => {\n updateFido2Credential({\n credentialId: credential.credentialId,\n busy: true,\n });\n return fido2UpdateCredential({\n ...update,\n credentialId: credential.credentialId,\n })\n .catch((err) => {\n updateFido2Credential({\n credentialId: credential.credentialId,\n busy: false,\n });\n throw err;\n })\n .then(() => updateFido2Credential({\n ...update,\n credentialId: credential.credentialId,\n busy: false,\n }));\n },\n delete: async () => {\n updateFido2Credential({\n credentialId: credential.credentialId,\n busy: true,\n });\n return fido2DeleteCredential({\n credentialId: credential.credentialId,\n })\n .catch((err) => {\n updateFido2Credential({\n credentialId: credential.credentialId,\n busy: false,\n });\n throw err;\n })\n .then(() => deleteFido2Credential(credential.credentialId));\n },\n };\n }, [deleteFido2Credential, updateFido2Credential]);\n // Determine sign-in status\n const signInStatus = useMemo(() => {\n recheckSignInStatus; // dummy usage otherwise eslint complains we should remove it from the dep array\n return tokensParsed && tokensParsed.expireAt.valueOf() >= Date.now()\n ? \"SIGNED_IN\"\n : tokensParsed && (isSchedulingRefresh || isRefreshingTokens)\n ? \"REFRESHING_SIGN_IN\"\n : busyState\n .filter((state) => ![\"SIGNING_OUT\", \"CHECKING_FOR_SIGNIN_LINK\"].includes(state))\n .includes(signingInStatus)\n ? \"SIGNING_IN\"\n : initiallyRetrievingTokensFromStorage ||\n signingInStatus === \"CHECKING_FOR_SIGNIN_LINK\"\n ? \"CHECKING\"\n : signingInStatus === \"SIGNING_OUT\"\n ? \"SIGNING_OUT\"\n : \"NOT_SIGNED_IN\";\n }, [\n tokensParsed,\n isSchedulingRefresh,\n isRefreshingTokens,\n signingInStatus,\n initiallyRetrievingTokensFromStorage,\n recheckSignInStatus, // if this increments we should redetermine the signInStatus\n ]);\n // Check signInStatus upon token expiry\n useEffect(() => {\n if (!tokens?.expireAt)\n return;\n const checkIn = tokens.expireAt.valueOf() - Date.now();\n if (checkIn < 0)\n return;\n return setTimeoutWallClock(() => {\n const { debug } = configure();\n debug?.(\"Checking signInStatus as tokens have expired at:\", tokens.expireAt?.toISOString());\n setRecheckSignInStatus((s) => s + 1);\n }, checkIn);\n }, [tokens?.expireAt]);\n // Track FIDO2 authenticators for the user\n const isSignedIn = signInStatus === \"SIGNED_IN\";\n const revalidateFido2Credentials = () => {\n const cancel = new AbortController();\n if (isSignedIn) {\n fido2ListCredentials()\n .then((res) => {\n if (!cancel.signal.aborted) {\n setFido2Credentials(res.authenticators.map(toFido2Credential));\n }\n })\n .catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to list credentials:\", err);\n });\n return () => cancel.abort();\n }\n };\n useEffect(revalidateFido2Credentials, [isSignedIn, toFido2Credential]);\n return {\n /** The (raw) tokens: ID token, Access token and Refresh Token */\n tokens,\n /** The JSON parsed ID and Access token */\n tokensParsed,\n /** Is the UI currently refreshing tokens? */\n isRefreshingTokens,\n /** Execute (and reschedule) token refresh */\n refreshTokens: (abort) => refreshTokens({\n abort,\n tokensCb: (newTokens) => newTokens &&\n storeTokens(newTokens).then(() => setTokens((tokens) => ({ ...tokens, ...newTokens }))),\n isRefreshingCb: setIsRefreshingTokens,\n }),\n /** Last error that occured */\n lastError,\n /** The status of the most recent sign-in attempt */\n signingInStatus,\n /** Are we currently busy signing in or out? */\n busy,\n /**\n * The overall auth status, e.g. is the user signed in or not?\n * Use this field to show the relevant UI, e.g. render a sign-in page,\n * if the status equals \"NOT_SIGNED_IN\"\n */\n signInStatus,\n /** Is a user verifying platform authenticator available? E.g. Face ID or Touch */\n userVerifyingPlatformAuthenticatorAvailable,\n /** The user's registered FIDO2 credentials. Each credential provides `update` and `delete` methods */\n fido2Credentials,\n /** Are we currently creating a FIDO2 credential? */\n creatingCredential,\n /** Register a FIDO2 credential with the Relying Party */\n fido2CreateCredential: (...args) => {\n setCreatingCredential(true);\n return fido2CreateCredential(...args)\n .then((storedCredential) => {\n setFido2Credentials((state) => {\n const credential = toFido2Credential(storedCredential);\n return state ? state.concat([credential]) : [credential];\n });\n return storedCredential;\n })\n .finally(() => setCreatingCredential(false));\n },\n /** Sign out */\n signOut: () => {\n setLastError(undefined);\n const signingOut = signOut({\n statusCb: setSigninInStatus,\n tokensRemovedLocallyCb: () => {\n setTokens(undefined);\n setTokensParsed(undefined);\n setFido2Credentials(undefined);\n },\n currentStatus: signingInStatus,\n });\n signingOut.signedOut.catch(setLastError);\n return signingOut;\n },\n /** Request a sign-in link (\"magic link\") to be sent to the user's e-mail address */\n requestSignInLink: ({ username, redirectUri, }) => {\n setLastError(undefined);\n const requesting = requestSignInLink({\n username,\n redirectUri,\n statusCb: setSigninInStatus,\n currentStatus: signingInStatus,\n });\n requesting.signInLinkRequested.catch(setLastError);\n return requesting;\n },\n /** Sign in with FIDO2 (e.g. Face ID or Touch) */\n authenticateWithFido2: ({ username, credentials, clientMetadata, } = {}) => {\n setLastError(undefined);\n const signinIn = authenticateWithFido2({\n username,\n credentials,\n clientMetadata,\n statusCb: setSigninInStatus,\n tokensCb: (tokens) => storeTokens(tokens).then(() => setTokens(tokens)),\n });\n signinIn.signedIn.catch(setLastError);\n return signinIn;\n },\n /** Sign in with username and password (using SRP: Secure Remote Password, where the password isn't sent over the wire) */\n authenticateWithSRP: ({ username, password, smsMfaCode, clientMetadata, }) => {\n setLastError(undefined);\n const signinIn = authenticateWithSRP({\n username,\n password,\n smsMfaCode,\n clientMetadata,\n statusCb: setSigninInStatus,\n tokensCb: (tokens) => storeTokens(tokens).then(() => setTokens(tokens)),\n });\n signinIn.signedIn.catch(setLastError);\n return signinIn;\n },\n /** Sign in with username and password (the password is sent in plaintext over the wire) */\n authenticateWithPlaintextPassword: ({ username, password, smsMfaCode, clientMetadata, }) => {\n setLastError(undefined);\n const signinIn = authenticateWithPlaintextPassword({\n username,\n password,\n smsMfaCode,\n clientMetadata,\n statusCb: setSigninInStatus,\n tokensCb: (tokens) => storeTokens(tokens).then(() => setTokens(tokens)),\n });\n signinIn.signedIn.catch(setLastError);\n return signinIn;\n },\n /** Sign-in again, using the user's current tokens (JWTs) and an OTP (One Time Password) that is sent to the user via SMS */\n stepUpAuthenticationWithSmsOtp: ({ username, smsMfaCode, clientMetadata, }) => {\n setLastError(undefined);\n const signinIn = stepUpAuthenticationWithSmsOtp({\n username,\n smsMfaCode,\n clientMetadata,\n statusCb: setSigninInStatus,\n tokensCb: (tokens) => storeTokens(tokens).then(() => setTokens(tokens)),\n });\n signinIn.signedIn.catch(setLastError);\n return signinIn;\n },\n /** Should the FIDO2 credential manager UI component be shown? */\n showAuthenticatorManager,\n /** Toggle showing the FIDO2 credential manager UI component */\n toggleShowAuthenticatorManager: useCallback(() => setShowAuthenticatorManager((state) => !state), []),\n };\n}\n/** Retrieve the last signed in users from your configured storage (e.g. localStorage) */\nasync function getLastSignedInUsers() {\n const { clientId, storage } = configure();\n const lastUsers = await storage.getItem(`Passwordless.${clientId}.lastUsers`);\n if (!lastUsers)\n return [];\n const users = JSON.parse(lastUsers);\n return users;\n}\n/** Clear the last signed in users from your configured storage (e.g. localStorage) */\nasync function clearLastSignedInUsers() {\n const { clientId, storage } = configure();\n await storage.removeItem(`Passwordless.${clientId}.lastUsers`);\n}\n/** Register a signed in user in your configured storage (e.g. localStorage) */\nasync function registerSignedInUser(user) {\n const { clientId, debug, storage } = configure();\n debug?.(`Registering user in storage: ${JSON.stringify(user)}`);\n const lastUsers = await getLastSignedInUsers();\n const index = lastUsers.findIndex((lastUser) => lastUser.username === user.username);\n if (index !== -1) {\n lastUsers.splice(index, 1);\n }\n lastUsers.unshift(user);\n await storage.setItem(`Passwordless.${clientId}.lastUsers`, JSON.stringify(lastUsers.slice(0, 10)));\n}\nfunction _useLocalUserCache() {\n const { tokensParsed, creatingCredential, fido2Credentials, signingInStatus, } = usePasswordless();\n const idToken = tokensParsed?.idToken;\n const hasFido2Credentials = fido2Credentials && !!fido2Credentials.length;\n const justSignedInWithMagicLink = signingInStatus === \"SIGNED_IN_WITH_LINK\";\n const [lastSignedInUsers, setLastSignedInUsers] = useState();\n const [currentUser, setCurrentUser] = useState();\n const [fidoPreferenceOverride, setFidoPreferenceOverride] = useState();\n // 1 populate lastSignedInUsers from local storage\n useEffect(() => {\n getLastSignedInUsers()\n .then(setLastSignedInUsers)\n .catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to determine last signed-in users:\", err);\n });\n }, []);\n // 2 populate currentUser from lastSignedInUsers OR init currentUser\n useEffect(() => {\n if (!idToken) {\n setCurrentUser(undefined);\n return;\n }\n const user = {\n username: idToken[\"cognito:username\"],\n email: idToken.email && idToken.email_verified ? idToken.email : undefined,\n };\n if (lastSignedInUsers) {\n const found = lastSignedInUsers.find((lastUser) => lastUser.username && lastUser.username === idToken[\"cognito:username\"]);\n if (found) {\n user.useFido = found.useFido;\n user.credentials = found.credentials;\n if (!idToken.email_verified) {\n user.email = found.email;\n }\n }\n }\n setCurrentUser((state) => JSON.stringify(state) === JSON.stringify(user) ? state : user);\n }, [lastSignedInUsers, idToken]);\n // 3 If user is updated, store in lastSignedInUsers\n useEffect(() => {\n if (currentUser) {\n registerSignedInUser(currentUser).catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to register last signed-in user:\", err);\n });\n setLastSignedInUsers((state) => {\n const update = [currentUser];\n for (const user of state ?? []) {\n if (user.username !== currentUser.username) {\n update.push(user);\n }\n }\n return JSON.stringify(state) === JSON.stringify(update)\n ? state\n : update;\n });\n }\n }, [currentUser]);\n const determineFido = useCallback((user) => {\n const { fido2 } = configure();\n if (!fido2) {\n return \"NO\";\n }\n if (hasFido2Credentials === undefined) {\n return \"INDETERMINATE\";\n }\n if (fidoPreferenceOverride) {\n return fidoPreferenceOverride;\n }\n if (user.useFido === \"NO\") {\n if (justSignedInWithMagicLink) {\n return \"ASK\";\n }\n return \"NO\";\n }\n if (hasFido2Credentials) {\n return \"YES\";\n }\n if (creatingCredential) {\n return user.useFido ?? \"INDETERMINATE\";\n }\n return \"ASK\";\n }, [\n creatingCredential,\n hasFido2Credentials,\n fidoPreferenceOverride,\n justSignedInWithMagicLink,\n ]);\n // 4 Update user FIDO preference\n useEffect(() => {\n if (currentUser) {\n const useFido = determineFido(currentUser);\n if (useFido === \"INDETERMINATE\")\n return;\n setCurrentUser((state) => {\n const update = {\n ...currentUser,\n useFido,\n credentials: fido2Credentials?.map((c) => ({\n id: c.credentialId,\n transports: c.transports,\n })),\n };\n return JSON.stringify(state) === JSON.stringify(update)\n ? state\n : update;\n });\n }\n }, [currentUser, determineFido, fido2Credentials]);\n // 5 reset state on signOut\n useEffect(() => {\n if (!currentUser)\n setFidoPreferenceOverride(undefined);\n }, [currentUser]);\n return {\n /** The current signed-in user */\n currentUser,\n /** Update the current user's FIDO2 preference */\n updateFidoPreference: ({ useFido }) => {\n setFidoPreferenceOverride(useFido);\n },\n /** The list of the 10 last signed-in users in your configured storage (e.g. localStorage) */\n lastSignedInUsers,\n /** Clear the last signed in users from your configured storage (e.g. localStorage) */\n clearLastSignedInUsers: () => {\n clearLastSignedInUsers().catch((err) => {\n const { debug } = configure();\n debug?.(\"Failed to clear last signed-in users:\", err);\n });\n setLastSignedInUsers(undefined);\n },\n };\n}\n/** React hook to turn state (or any variable) into a promise that can be awaited */\nexport function useAwaitableState(state) {\n const resolve = useRef();\n const reject = useRef();\n const awaitable = useRef();\n const [awaited, setAwaited] = useState();\n const renewPromise = useCallback(() => {\n awaitable.current = new Promise((_resolve, _reject) => {\n resolve.current = _resolve;\n reject.current = _reject;\n })\n .then((value) => {\n setAwaited({ value });\n return value;\n })\n .finally(renewPromise);\n }, []);\n useEffect(renewPromise, [renewPromise]);\n useEffect(() => setAwaited(undefined), [state]);\n return {\n /** Call to get the current awaitable (promise) */\n awaitable: () => awaitable.current,\n /** Resolve the current awaitable (promise) with the current value of state */\n resolve: () => resolve.current(state),\n /** Reject the current awaitable (promise) */\n reject: (reason) => reject.current(reason),\n /** That value of awaitable (promise) once it resolves. This is undefined if (1) awaitable is not yet resolved or (2) the state has changed since awaitable was resolved */\n awaited,\n };\n}\n","import { jsx as _jsx, jsxs as _jsxs, Fragment as _Fragment } from \"react/jsx-runtime\";\n/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nimport { useState, useEffect } from \"react\";\nimport { usePasswordless, useAwaitableState, useLocalUserCache, } from \"./hooks.js\";\nimport { timeAgo } from \"../util.js\";\nimport { configure } from \"../config.js\";\nconst FlexContainer = (props) => {\n return (_jsxs(\"div\", { className: \"passwordless-main-container\", children: [props.brand?.backgroundImageUrl && (_jsx(\"img\", { src: props.brand.backgroundImageUrl, className: \"passwordless-main-background-image\" })), _jsxs(\"div\", { className: \"passwordless-card-container\", children: [props.brand?.customerLogoUrl && (_jsx(\"img\", { src: props.brand.customerLogoUrl, className: \"passwordless-customer-logo\" })), props.brand?.customerName && (_jsx(\"div\", { className: \"passwordless-text-center passwordless-customer-name\", children: props.brand.customerName })), props.children] })] }));\n};\nexport const Passwordless = ({ brand, children, } = {}) => {\n const { requestSignInLink, lastError, authenticateWithFido2, busy, signInStatus, signingInStatus, tokens, tokensParsed, signOut, toggleShowAuthenticatorManager, showAuthenticatorManager, } = usePasswordless();\n const [newUsername, setNewUsername] = useState(\"\");\n const [showSignInOptionsForUser, setShowSignInOptionsForUser] = useState(\"LAST_USER\");\n const { lastSignedInUsers } = useLocalUserCache();\n if (signInStatus === \"SIGNED_IN\") {\n // reset state fields for entering new username\n if (newUsername) {\n setNewUsername(\"\");\n }\n if (showSignInOptionsForUser !== \"LAST_USER\") {\n setShowSignInOptionsForUser(\"LAST_USER\");\n }\n }\n if (signInStatus === \"REFRESHING_SIGN_IN\" && children) {\n return _jsx(_Fragment, { children: children });\n }\n if (signInStatus === \"CHECKING\" ||\n signInStatus === \"REFRESHING_SIGN_IN\" ||\n !lastSignedInUsers) {\n return (_jsx(FlexContainer, { brand: brand, children: _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"div\", { className: \"passwordless-loading-spinner\" }), _jsx(\"div\", { children: \"Checking your sign-in status...\" })] }) }));\n }\n if (signingInStatus === \"SIGNING_IN_WITH_LINK\") {\n return (_jsx(FlexContainer, { brand: brand, children: _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"div\", { className: \"passwordless-loading-spinner\" }), _jsx(\"div\", { children: \"Checking the sign-in link...\" })] }) }));\n }\n if (signingInStatus === \"SIGNING_OUT\") {\n return (_jsx(FlexContainer, { brand: brand, children: _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"div\", { className: \"passwordless-loading-spinner\" }), _jsx(\"div\", { children: \"Signing out, please wait...\" })] }) }));\n }\n if (signingInStatus === \"SIGNIN_LINK_REQUESTED\") {\n return (_jsx(FlexContainer, { brand: brand, children: _jsxs(\"div\", { className: \"passwordless-flex passwordless-flex-align-start\", children: [_jsx(\"svg\", { width: \"24px\", height: \"20px\", viewBox: \"0 0 24 20\", version: \"1.1\", xmlns: \"http://www.w3.org/2000/svg\", children: _jsx(\"path\", { d: \"M1.8,17.4 L1.8,3.23906256 L12,13.4402345 L22.2,3.23906256 L22.2,17.5195313 L1.8,17.5195313 L1.8,17.4 Z M21,1.8 L12,10.8 L3,1.8 L21,1.8 Z M0,0 L0,19.2 L24,19.2 L24,0 L0,0 Z\" }) }), _jsxs(\"div\", { children: [_jsx(\"div\", { className: \"passwordless-text-left\", children: _jsx(\"strong\", { children: \"Please check your email.\" }) }), _jsx(\"div\", { children: \"We've emailed you a secret sign-in link\" })] })] }) }));\n }\n if (signInStatus === \"SIGNED_IN\" && tokens) {\n if (children)\n return _jsx(_Fragment, { children: children });\n return (_jsx(FlexContainer, { brand: brand, children: _jsxs(\"div\", { className: \"passwordless-flex-col\", children: [_jsxs(\"div\", { children: [\"You're currently signed-in as:\", \" \", _jsx(\"span\", { className: \"passwordless-username\", children: tokensParsed?.idToken.email })] }), _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"a\", { href: `https://jwtinspector.kevhak.people.aws.dev/inspect#token=${tokens.idToken}&tab=payload`, target: \"_blank\", rel: \"noreferrer\", children: \"ID token\" }), _jsx(\"a\", { href: `https://jwtinspector.kevhak.people.aws.dev/inspect#token=${tokens.accessToken}&tab=payload`, target: \"_blank\", rel: \"noreferrer\", children: \"Access token\" })] }), _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"button\", { className: \"passwordless-button passwordless-button-sign-out\", onClick: toggleShowAuthenticatorManager, disabled: showAuthenticatorManager, children: \"Manage authenticators\" }), _jsx(\"button\", { className: \"passwordless-button passwordless-button-sign-out\", onClick: signOut, children: \"Sign out\" })] })] }) }));\n }\n const showFido2AuthOption = !!configure().fido2;\n const lastUser = lastSignedInUsers.at(0);\n const user = newUsername && showSignInOptionsForUser === \"NEW_USER\"\n ? {\n email: newUsername,\n username: newUsername,\n useFido: showFido2AuthOption\n ? \"YES\" // Presume the user might want to (and can) use FIDO2\n : \"NO\",\n }\n : showSignInOptionsForUser === \"LAST_USER\"\n ? lastUser\n : undefined;\n return (_jsxs(FlexContainer, { brand: brand, children: [signInStatus === \"NOT_SIGNED_IN\" && user && (_jsxs(\"div\", { children: [_jsxs(\"div\", { children: [_jsx(\"div\", { className: \"passwordless-email-title\", children: user.email }), _jsxs(\"p\", { className: \"passwordless-flex passwordless-flex-vertical-buttons\", children: [showFido2AuthOption && user.useFido === \"YES\" && (_jsx(\"button\", { className: \"passwordless-button passwordless-button-sign-in\", onClick: () => {\n authenticateWithFido2({\n username: user.username,\n credentials: user.credentials,\n });\n }, disabled: busy, children: _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"div\", { className: \"passwordless-svg-icon-container\", children: _jsx(\"svg\", { xmlns: \"http://www.w3.org/2000/svg\", width: \"24px\", height: \"24px\", children: _jsx(\"path\", { d: \"M3.1,9.4 C3.03333333,9.36666667 3,9.3125 3,9.2375 C3,9.1625 3.01666667,9.09166667 3.05,9.025 C4.08333333,7.59166667 5.39166667,6.48333333 6.975,5.7 C8.55833333,4.91666667 10.25,4.525 12.05,4.525 C13.85,4.525 15.5458333,4.90833333 17.1375,5.675 C18.7291667,6.44166667 20.05,7.54166667 21.1,8.975 C21.15,9.05833333 21.1708333,9.125 21.1625,9.175 C21.1541667,9.225 21.125,9.275 21.075,9.325 C21.025,9.375 20.9625,9.4 20.8875,9.4 C20.8125,9.4 20.7416667,9.35833333 20.675,9.275 C19.6916667,7.90833333 18.4375,6.85833333 16.9125,6.125 C15.3875,5.39166667 13.7666667,5.025 12.05,5.025 C10.3333333,5.025 8.725,5.39583333 7.225,6.1375 C5.725,6.87916667 4.475,7.925 3.475,9.275 C3.40833333,9.35833333 3.34583333,9.40833333 3.2875,9.425 C3.22916667,9.44166667 3.16666667,9.43333333 3.1,9.4 Z M15.025,21.975 C13.3083333,21.5416667 11.8958333,20.6833333 10.7875,19.4 C9.67916667,18.1166667 9.125,16.5583333 9.125,14.725 C9.125,13.9416667 9.4125,13.2833333 9.9875,12.75 C10.5625,12.2166667 11.25,11.95 12.05,11.95 C12.85,11.95 13.5375,12.2166667 14.1125,12.75 C14.6875,13.2833333 14.975,13.9416667 14.975,14.725 C14.975,15.3583333 15.2208333,15.8916667 15.7125,16.325 C16.2041667,16.7583333 16.775,16.975 17.425,16.975 C18.0583333,16.975 18.6125,16.7583333 19.0875,16.325 C19.5625,15.8916667 19.8,15.3583333 19.8,14.725 C19.8,12.675 19.0375,10.9583333 17.5125,9.575 C15.9875,8.19166667 14.1666667,7.5 12.05,7.5 C9.93333333,7.5 8.1125,8.19166667 6.5875,9.575 C5.0625,10.9583333 4.3,12.675 4.3,14.725 C4.3,15.125 4.34583333,15.6458333 4.4375,16.2875 C4.52916667,16.9291667 4.725,17.6583333 5.025,18.475 C5.05833333,18.5583333 5.05833333,18.6208333 5.025,18.6625 C4.99166667,18.7041667 4.95,18.7416667 4.9,18.775 C4.83333333,18.8083333 4.7625,18.8166667 4.6875,18.8 C4.6125,18.7833333 4.55833333,18.7333333 4.525,18.65 C4.30833333,18.0166667 4.1375,17.3708333 4.0125,16.7125 C3.8875,16.0541667 3.825,15.3916667 3.825,14.725 C3.825,12.575 4.64166667,10.7375 6.275,9.2125 C7.90833333,7.6875 9.83333333,6.925 12.05,6.925 C14.3166667,6.925 16.2625,7.675 17.8875,9.175 C19.5125,10.675 20.325,12.525 20.325,14.725 C20.325,15.4916667 20.0416667,16.1416667 19.475,16.675 C18.9083333,17.2083333 18.225,17.475 17.425,17.475 C16.6083333,17.475 15.9083333,17.2083333 15.325,16.675 C14.7416667,16.1416667 14.45,15.4916667 14.45,14.725 C14.45,14.075 14.2125,13.5333333 13.7375,13.1 C13.2625,12.6666667 12.7,12.45 12.05,12.45 C11.4,12.45 10.8333333,12.6666667 10.35,13.1 C9.86666667,13.5333333 9.625,14.075 9.625,14.725 C9.625,16.4583333 10.15,17.9041667 11.2,19.0625 C12.25,20.2208333 13.5583333,21.0333333 15.125,21.5 C15.225,21.5333333 15.2875,21.575 15.3125,21.625 C15.3375,21.675 15.3416667,21.7333333 15.325,21.8 C15.3083333,21.8833333 15.275,21.9416667 15.225,21.975 C15.175,22.0083333 15.1083333,22.0083333 15.025,21.975 Z M6.2,3.975 C6.11666667,4.00833333 6.05416667,4.0125 6.0125,3.9875 C5.97083333,3.9625 5.93333333,3.925 5.9,3.875 C5.86666667,3.84166667 5.85,3.79166667 5.85,3.725 C5.85,3.65833333 5.875,3.60833333 5.925,3.575 C6.875,3.05833333 7.87083333,2.66666667 8.9125,2.4 C9.95416667,2.13333333 11,2 12.05,2 C13.1333333,2 14.1958333,2.13333333 15.2375,2.4 C16.2791667,2.66666667 17.275,3.04166667 18.225,3.525 C18.3083333,3.55833333 18.3541667,3.60833333 18.3625,3.675 C18.3708333,3.74166667 18.3583333,3.8 18.325,3.85 C18.2916667,3.9 18.2458333,3.94166667 18.1875,3.975 C18.1291667,4.00833333 18.0583333,4.00833333 17.975,3.975 C17.0583333,3.525 16.1,3.17083333 15.1,2.9125 C14.1,2.65416667 13.0833333,2.525 12.05,2.525 C11.0166667,2.525 10.0083333,2.64583333 9.025,2.8875 C8.04166667,3.12916667 7.1,3.49166667 6.2,3.975 L6.2,3.975 Z M9.55,21.7 C8.58333333,20.7 7.82916667,19.65 7.2875,18.55 C6.74583333,17.45 6.475,16.175 6.475,14.725 C6.475,13.2416667 7.02083333,11.9916667 8.1125,10.975 C9.20416667,9.95833333 10.5166667,9.45 12.05,9.45 C13.5833333,9.45 14.9041667,9.95833333 16.0125,10.975 C17.1208333,11.9916667 17.675,13.2416667 17.675,14.725 C17.675,14.8083333 17.6541667,14.8708333 17.6125,14.9125 C17.5708333,14.9541667 17.5083333,14.975 17.425,14.975 C17.3416667,14.975 17.275,14.9541667 17.225,14.9125 C17.175,14.8708333 17.15,14.8083333 17.15,14.725 C17.15,13.375 16.6458333,12.2416667 15.6375,11.325 C14.6291667,10.4083333 13.4333333,9.95 12.05,9.95 C10.6666667,9.95 9.47916667,10.4083333 8.4875,11.325 C7.49583333,12.2416667 7,13.375 7,14.725 C7,16.1416667 7.24583333,17.35 7.7375,18.35 C8.22916667,19.35 8.95833333,20.35 9.925,21.35 C9.99166667,21.4166667 10.0208333,21.4791667 10.0125,21.5375 C10.0041667,21.5958333 9.975,21.65 9.925,21.7 C9.89166667,21.7333333 9.8375,21.7625 9.7625,21.7875 C9.6875,21.8125 9.61666667,21.7833333 9.55,21.7 Z M17.2,19.875 C15.7333333,19.875 14.4625,19.3875 13.3875,18.4125 C12.3125,17.4375 11.775,16.2083333 11.775,14.725 C11.775,14.6416667 11.7958333,14.575 11.8375,14.525 C11.8791667,14.475 11.9416667,14.45 12.025,14.45 C12.1083333,14.45 12.1708333,14.475 12.2125,14.525 C12.2541667,14.575 12.275,14.6416667 12.275,14.725 C12.275,16.075 12.7708333,17.1875 13.7625,18.0625 C14.7541667,18.9375 15.9,19.375 17.2,19.375 C17.3333333,19.375 17.4916667,19.3666667 17.675,19.35 C17.8583333,19.3333333 18.0583333,19.3083333 18.275,19.275 C18.3583333,19.2583333 18.425,19.2708333 18.475,19.3125 C18.525,19.3541667 18.5583333,19.4 18.575,19.45 C18.5916667,19.5166667 18.5875,19.575 18.5625,19.625 C18.5375,19.675 18.4833333,19.7083333 18.4,19.725 C18.1,19.8083333 17.8375,19.8541667 17.6125,19.8625 C17.3875,19.8708333 17.25,19.875 17.2,19.875 Z\" }) }) }), _jsx(\"div\", { children: \"Sign in with face or touch\" })] }) })), _jsx(\"button\", { className: `passwordless-button passwordless-button-sign-in ${showFido2AuthOption && user.useFido === \"YES\"\n ? \"passwordless-button-outlined\"\n : \"\"}`, onClick: () => requestSignInLink({\n username: user.username,\n }), disabled: busy, children: _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"div\", { className: \"passwordless-svg-icon-container passwordless-flex-align-start\", children: _jsx(\"svg\", { width: \"24px\", height: \"20px\", children: _jsx(\"path\", { d: \"M1.8,17.4 L1.8,3.23906256 L12,13.4402345 L22.2,3.23906256 L22.2,17.5195313 L1.8,17.5195313 L1.8,17.4 Z M21,1.8 L12,10.8 L3,1.8 L21,1.8 Z M0,0 L0,19.2 L24,19.2 L24,0 L0,0 Z\" }) }) }), _jsx(\"div\", { children: \"Sign in with magic link\" })] }) })] }), _jsx(\"div\", { className: \"passwordless-mobile-spacer\" })] }), _jsx(\"div\", {}), _jsx(\"button\", { className: \"passwordless-link\", onClick: () => setShowSignInOptionsForUser(\"NEW_USER_ENTRY\"), children: \"Sign-in as another user\" }), _jsx(\"div\", {})] })), signInStatus === \"NOT_SIGNED_IN\" && !user && (_jsxs(_Fragment, { children: [showFido2AuthOption && (_jsxs(_Fragment, { children: [_jsx(\"button\", { className: \"passwordless-button\", onClick: () => authenticateWithFido2(), disabled: busy, children: _jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"div\", { className: \"passwordless-svg-icon-container\", children: _jsx(\"svg\", { xmlns: \"http://www.w3.org/2000/svg\", width: \"24px\", height: \"24px\", children: _jsx(\"path\", { d: \"M3.1,9.4 C3.03333333,9.36666667 3,9.3125 3,9.2375 C3,9.1625 3.01666667,9.09166667 3.05,9.025 C4.08333333,7.59166667 5.39166667,6.48333333 6.975,5.7 C8.55833333,4.91666667 10.25,4.525 12.05,4.525 C13.85,4.525 15.5458333,4.90833333 17.1375,5.675 C18.7291667,6.44166667 20.05,7.54166667 21.1,8.975 C21.15,9.05833333 21.1708333,9.125 21.1625,9.175 C21.1541667,9.225 21.125,9.275 21.075,9.325 C21.025,9.375 20.9625,9.4 20.8875,9.4 C20.8125,9.4 20.7416667,9.35833333 20.675,9.275 C19.6916667,7.90833333 18.4375,6.85833333 16.9125,6.125 C15.3875,5.39166667 13.7666667,5.025 12.05,5.025 C10.3333333,5.025 8.725,5.39583333 7.225,6.1375 C5.725,6.87916667 4.475,7.925 3.475,9.275 C3.40833333,9.35833333 3.34583333,9.40833333 3.2875,9.425 C3.22916667,9.44166667 3.16666667,9.43333333 3.1,9.4 Z M15.025,21.975 C13.3083333,21.5416667 11.8958333,20.6833333 10.7875,19.4 C9.67916667,18.1166667 9.125,16.5583333 9.125,14.725 C9.125,13.9416667 9.4125,13.2833333 9.9875,12.75 C10.5625,12.2166667 11.25,11.95 12.05,11.95 C12.85,11.95 13.5375,12.2166667 14.1125,12.75 C14.6875,13.2833333 14.975,13.9416667 14.975,14.725 C14.975,15.3583333 15.2208333,15.8916667 15.7125,16.325 C16.2041667,16.7583333 16.775,16.975 17.425,16.975 C18.0583333,16.975 18.6125,16.7583333 19.0875,16.325 C19.5625,15.8916667 19.8,15.3583333 19.8,14.725 C19.8,12.675 19.0375,10.9583333 17.5125,9.575 C15.9875,8.19166667 14.1666667,7.5 12.05,7.5 C9.93333333,7.5 8.1125,8.19166667 6.5875,9.575 C5.0625,10.9583333 4.3,12.675 4.3,14.725 C4.3,15.125 4.34583333,15.6458333 4.4375,16.2875 C4.52916667,16.9291667 4.725,17.6583333 5.025,18.475 C5.05833333,18.5583333 5.05833333,18.6208333 5.025,18.6625 C4.99166667,18.7041667 4.95,18.7416667 4.9,18.775 C4.83333333,18.8083333 4.7625,18.8166667 4.6875,18.8 C4.6125,18.7833333 4.55833333,18.7333333 4.525,18.65 C4.30833333,18.0166667 4.1375,17.3708333 4.0125,16.7125 C3.8875,16.0541667 3.825,15.3916667 3.825,14.725 C3.825,12.575 4.64166667,10.7375 6.275,9.2125 C7.90833333,7.6875 9.83333333,6.925 12.05,6.925 C14.3166667,6.925 16.2625,7.675 17.8875,9.175 C19.5125,10.675 20.325,12.525 20.325,14.725 C20.325,15.4916667 20.0416667,16.1416667 19.475,16.675 C18.9083333,17.2083333 18.225,17.475 17.425,17.475 C16.6083333,17.475 15.9083333,17.2083333 15.325,16.675 C14.7416667,16.1416667 14.45,15.4916667 14.45,14.725 C14.45,14.075 14.2125,13.5333333 13.7375,13.1 C13.2625,12.6666667 12.7,12.45 12.05,12.45 C11.4,12.45 10.8333333,12.6666667 10.35,13.1 C9.86666667,13.5333333 9.625,14.075 9.625,14.725 C9.625,16.4583333 10.15,17.9041667 11.2,19.0625 C12.25,20.2208333 13.5583333,21.0333333 15.125,21.5 C15.225,21.5333333 15.2875,21.575 15.3125,21.625 C15.3375,21.675 15.3416667,21.7333333 15.325,21.8 C15.3083333,21.8833333 15.275,21.9416667 15.225,21.975 C15.175,22.0083333 15.1083333,22.0083333 15.025,21.975 Z M6.2,3.975 C6.11666667,4.00833333 6.05416667,4.0125 6.0125,3.9875 C5.97083333,3.9625 5.93333333,3.925 5.9,3.875 C5.86666667,3.84166667 5.85,3.79166667 5.85,3.725 C5.85,3.65833333 5.875,3.60833333 5.925,3.575 C6.875,3.05833333 7.87083333,2.66666667 8.9125,2.4 C9.95416667,2.13333333 11,2 12.05,2 C13.1333333,2 14.1958333,2.13333333 15.2375,2.4 C16.2791667,2.66666667 17.275,3.04166667 18.225,3.525 C18.3083333,3.55833333 18.3541667,3.60833333 18.3625,3.675 C18.3708333,3.74166667 18.3583333,3.8 18.325,3.85 C18.2916667,3.9 18.2458333,3.94166667 18.1875,3.975 C18.1291667,4.00833333 18.0583333,4.00833333 17.975,3.975 C17.0583333,3.525 16.1,3.17083333 15.1,2.9125 C14.1,2.65416667 13.0833333,2.525 12.05,2.525 C11.0166667,2.525 10.0083333,2.64583333 9.025,2.8875 C8.04166667,3.12916667 7.1,3.49166667 6.2,3.975 L6.2,3.975 Z M9.55,21.7 C8.58333333,20.7 7.82916667,19.65 7.2875,18.55 C6.74583333,17.45 6.475,16.175 6.475,14.725 C6.475,13.2416667 7.02083333,11.9916667 8.1125,10.975 C9.20416667,9.95833333 10.5166667,9.45 12.05,9.45 C13.5833333,9.45 14.9041667,9.95833333 16.0125,10.975 C17.1208333,11.9916667 17.675,13.2416667 17.675,14.725 C17.675,14.8083333 17.6541667,14.8708333 17.6125,14.9125 C17.5708333,14.9541667 17.5083333,14.975 17.425,14.975 C17.3416667,14.975 17.275,14.9541667 17.225,14.9125 C17.175,14.8708333 17.15,14.8083333 17.15,14.725 C17.15,13.375 16.6458333,12.2416667 15.6375,11.325 C14.6291667,10.4083333 13.4333333,9.95 12.05,9.95 C10.6666667,9.95 9.47916667,10.4083333 8.4875,11.325 C7.49583333,12.2416667 7,13.375 7,14.725 C7,16.1416667 7.24583333,17.35 7.7375,18.35 C8.22916667,19.35 8.95833333,20.35 9.925,21.35 C9.99166667,21.4166667 10.0208333,21.4791667 10.0125,21.5375 C10.0041667,21.5958333 9.975,21.65 9.925,21.7 C9.89166667,21.7333333 9.8375,21.7625 9.7625,21.7875 C9.6875,21.8125 9.61666667,21.7833333 9.55,21.7 Z M17.2,19.875 C15.7333333,19.875 14.4625,19.3875 13.3875,18.4125 C12.3125,17.4375 11.775,16.2083333 11.775,14.725 C11.775,14.6416667 11.7958333,14.575 11.8375,14.525 C11.8791667,14.475 11.9416667,14.45 12.025,14.45 C12.1083333,14.45 12.1708333,14.475 12.2125,14.525 C12.2541667,14.575 12.275,14.6416667 12.275,14.725 C12.275,16.075 12.7708333,17.1875 13.7625,18.0625 C14.7541667,18.9375 15.9,19.375 17.2,19.375 C17.3333333,19.375 17.4916667,19.3666667 17.675,19.35 C17.8583333,19.3333333 18.0583333,19.3083333 18.275,19.275 C18.3583333,19.2583333 18.425,19.2708333 18.475,19.3125 C18.525,19.3541667 18.5583333,19.4 18.575,19.45 C18.5916667,19.5166667 18.5875,19.575 18.5625,19.625 C18.5375,19.675 18.4833333,19.7083333 18.4,19.725 C18.1,19.8083333 17.8375,19.8541667 17.6125,19.8625 C17.3875,19.8708333 17.25,19.875 17.2,19.875 Z\" }) }) }), _jsx(\"span\", { children: \"Sign in with passkey\" })] }) }), _jsx(\"div\", { className: \"passwordless-between-lines\", children: \"or\" })] })), _jsxs(\"form\", { className: \"passwordless-flex passwordless-flex-justify-end\", onSubmit: (e) => {\n e.preventDefault();\n if (showFido2AuthOption) {\n // let the user choose between FIDO2 and Magic Link\n setShowSignInOptionsForUser(\"NEW_USER\");\n }\n else {\n // no user choice necessary––only magic links supported\n requestSignInLink({\n username: newUsername,\n });\n }\n return false;\n }, children: [_jsx(\"label\", { className: \"passwordless-input-label\", children: \"Enter your e-mail address to sign in:\" }), _jsx(\"input\", { className: \"passwordless-email-input\", value: newUsername, onChange: (e) => setNewUsername(e.target.value), placeholder: \"E-mail\", type: \"email\", disabled: busy, autoFocus: !showFido2AuthOption }), _jsx(\"button\", { className: \"passwordless-button\", type: \"submit\", disabled: busy || !newUsername?.match(/^\\S+@\\S+\\.\\S+$/), children: showFido2AuthOption ? (_jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"span\", { children: \"Next\" }), _jsx(\"svg\", { xmlns: \"http://www.w3.org/2000/svg\", viewBox: \"0 0 24 24\", height: \"18px\", width: \"18px\", children: _jsx(\"polygon\", { id: \"Path\", points: \"14.1015625 6.08091905 19.1386718 11.2357642 2 11.2357642 2 12.7642358 19.1386718 12.7642358 14.0996094 17.9190808 15.1582031 19 22 12.000999 15.1582031 5\" }) })] })) : (_jsxs(\"div\", { className: \"passwordless-flex\", children: [_jsx(\"div\", { children: \"Sign in\" }), _jsx(\"div\", { className: \"passwordless-svg-icon-container passwordless-flex-align-start\", children: _jsx(\"svg\", { width: \"24px\", height: \"20px\", children: _jsx(\"path\", { d: \"M1.8,17.4 L1.8,3.23906256 L12,13.4402345 L22.2,3.23906256 L22.2,17.5195313 L1.8,17.5195313 L1.8,17.4 Z M21,1.8 L12,10.8 L3,1.8 L21,1.8 Z M0,0 L0,19.2 L24,19.2 L24,0 L0,0 Z\" }) }) })] })) })] })] })), _jsxs(\"div\", { className: \"passwordless-flex\", children: [signingInStatus === \"SIGNIN_LINK_EXPIRED\" && (_jsxs(\"div\", { className: \"passwordless-flex passwordless-flex-align-start\", children: [_jsx(\"svg\", { width: \"24px\", height: \"24px\", viewBox: \"0 0 24 24\", version: \"1.1\", xmlns: \"http://www.w3.org/2000/svg\", className: \"rotate-45\", children: _jsx(\"path\", { d: \"M18,11.1 L12.9,11.1 L12.9,6 L11.1,6 L11.1,11.1 L6,11.1 L6,12.9 L11.1,12.9 L11.1,17.9988281 L12.9,17.9988281 L12.9,12.9 L18,12.9 L18,11.1 Z M12,24 C5.38359372,24 0,18.6164063 0,12 C0,5.38300776 5.38359372,0 12,0 C18.6164063,0 24,5.38300776 24,12 C24,18.6164063 18.6164063,24 12,24 Z M12,1.8 C6.37617192,1.8 1.8,6.37558596 1.8,12 C1.8,17.6238281 6.37617192,22.2 12,22.2 C17.6238281,22.2 22.2,17.6238281 22.2,12 C22.2,6.37558596 17.6238281,1.8 12,1.8 Z\" }) }), _jsxs(\"div\", { children: [_jsx(\"div\", { className: \"passwordless-text-left\", children: _jsx(\"strong\", { children: \"Authentication error.\" }) }), _jsx(\"div\", { children: \"The sign-in link you tried to use is no longer valid\" })] })] })), signingInStatus === \"REQUESTING_SIGNIN_LINK\" && (_jsxs(_Fragment, { children: [_jsx(\"div\", { className: \"passwordless-loading-spinner\" }), _jsx(\"div\", { children: \"Starting sign-in...\" })] })), signingInStatus === \"STARTING_SIGN_IN_WITH_FIDO2\" && (_jsxs(_Fragment, { children: [_jsx(\"div\", { className: \"passwordless-loading-spinner\" }), _jsx(\"div\", { children: \"Starting sign-in...\" })] })), signingInStatus === \"COMPLETING_SIGN_IN_WITH_FIDO2\" && (_jsxs(_Fragment, { children: [_jsx(\"div\", { className: \"passwordless-loading-spinner\" }), _jsx(\"div\", { children: \"Completing your sign-in...\" })] })), lastError && (_jsx(\"div\", { className: \"passwordless-error\", children: lastError.message }))] })] }));\n};\nfunction Fido2Recommendation() {\n const { fido2CreateCredential, showAuthenticatorManager, signInStatus } = usePasswordless();\n const { currentUser, updateFidoPreference } = useLocalUserCache();\n const [error, setError] = useState();\n const [status, setStatus] = useState(\"IDLE\");\n useEffect(() => {\n if (status !== \"COMPLETED\")\n return;\n const i = setTimeout(reset, 10000);\n return () => clearTimeout(i);\n }, [status]);\n const [friendlyName, setFriendlyName] = useState(\"\");\n const { awaitable: awaitableFriendlyName, resolve: resolveFriendlyName } = useAwaitableState(friendlyName);\n const mobileDeviceName = determineMobileDeviceName();\n function reset() {\n setError(undefined);\n setStatus(\"IDLE\");\n setFriendlyName(\"\");\n }\n useEffect(() => {\n if (showAuthenticatorManager) {\n reset();\n }\n }, [showAuthenticatorManager]);\n if (showAuthenticatorManager)\n return null;\n const show = signInStatus === \"SIGNED_IN\" &&\n currentUser &&\n (currentUser.useFido === \"ASK\" || status === \"COMPLETED\");\n if (!show)\n return null;\n return (_jsx(\"div\", { children: _jsxs(\"div\", { className: \"passwordless-fido-recommendation\", children: [(status === \"IDLE\" || status === \"STARTING\") && (_jsxs(_Fragment, { children: [_jsx(\"div\", { className: \"passwordless-fido-recommendation-text\", children: \"We recommend increasing the security of your account by adding face or touch unlock for this website.\" }), _jsx(\"button\", { className: \"passwordless-button passwordless-button-add-face-touch-unlock\", disabled: status === \"STARTING\", onClick: () => {\n setStatus(\"STARTING\");\n fido2CreateCredential({\n friendlyName: () => {\n if (mobileDeviceName)\n return mobileDeviceName;\n setStatus(\"INPUT_NAME\");\n return awaitableFriendlyName();\n },\n })\n .then(() => {\n updateFidoPreference({ useFido: \"YES\" });\n })\n .catch(setError)\n .finally(() => setStatus(\"COMPLETED\"));\n }, children: \"Add face or touch unlock\" }), _jsx(\"div\", { onClick: () => {\n updateFidoPreference({ useFido: \"NO\" });\n reset();\n }, className: \"passwordless-link\", children: \"close\" })] })), (status === \"INPUT_NAME\" || status === \"COMPLETING\") && (_jsxs(\"form\", { className: \"passwordless-flex\", onSubmit: (e) => {\n e.preventDefault();\n resolveFriendlyName();\n setStatus(\"COMPLETING\");\n return false;\n }, children: [_jsx(\"div\", { className: \"passwordless-fido-recommendation-text\", children: \"Provide a name for this authenticator, so you can recognize it easily later\" }), _jsx(\"input\", { className: \"passwordless-friendly-name-input\", autoFocus: true, placeholder: \"authenticator name\", value: friendlyName, onChange: (e) => setFriendlyName(e.target.value) }), _jsx(\"button\", { className: \"passwordless-button passwordless-button-finish\", type: \"submit\", disabled: !friendlyName || status === \"COMPLETING\", children: \"Finish\" }), _jsx(\"div\", { className: \"passwordless-link\", onClick: () => {\n updateFidoPreference({ useFido: \"NO\" });\n reset();\n }, children: \"cancel\" })] })), status === \"COMPLETED\" && (_jsxs(_Fragment, { children: [\" \", _jsx(\"div\", { className: \"passwordless-fido-recommendation-text\", children: error\n ? `Failed to activate face or touch unlock: ${error.message}`\n : \"Face or touch unlock activated successfully\" }), _jsx(\"div\", { onClick: reset, className: \"passwordless-link\", children: \"close\" })] }))] }) }));\n}\nfunction AuthenticatorsManager() {\n const { fido2CreateCredential, fido2Credentials, showAuthenticatorManager, toggleShowAuthenticatorManager, signInStatus, } = usePasswordless();\n const { updateFidoPreference } = useLocalUserCache();\n const [error, setError] = useState();\n const [addingAuthenticatorStatus, setAddingAuthenticatorStatus] = useState(\"IDLE\");\n const [confirmDeleteRowIndex, setConfirmDeleteRowIndex] = useState(-1);\n const [friendlyName, setFriendlyName] = useState(\"\");\n const [editFriendlyNameRowIndex, setEditFriendlyNameRowIndex] = useState(-1);\n const [editedFriendlyName, setEditedFriendlyName] = useState(\"\");\n const { awaitable: awaitableFriendlyName, resolve: resolveFriendlyName } = useAwaitableState(friendlyName);\n const mobileDeviceName = determineMobileDeviceName();\n const [time, setTime] = useState(new Date());\n function reset() {\n setError(undefined);\n setConfirmDeleteRowIndex(-1);\n setEditFriendlyNameRowIndex(-1);\n setAddingAuthenticatorStatus(\"IDLE\");\n setFriendlyName(\"\");\n setEditedFriendlyName(\"\");\n }\n useEffect(() => {\n if (showAuthenticatorManager) {\n reset();\n }\n }, [showAuthenticatorManager]);\n useEffect(() => {\n if (showAuthenticatorManager && signInStatus === \"NOT_SIGNED_IN\") {\n toggleShowAuthenticatorManager();\n }\n }, [signInStatus, showAuthenticatorManager, toggleShowAuthenticatorManager]);\n useEffect(() => {\n const intervalId = setInterval(() => setTime(new Date()), 1000);\n return () => clearInterval(intervalId);\n }, []);\n if (!showAuthenticatorManager)\n return null;\n const status = {\n isAddingAuthenticator: addingAuthenticatorStatus !== \"IDLE\",\n isDeletingAuthenticator: confirmDeleteRowIndex !== -1,\n isEditingAuthenticator: editFriendlyNameRowIndex !== -1,\n };\n return (_jsxs(\"div\", { className: \"passwordless-table\", children: [(addingAuthenticatorStatus === \"IDLE\" ||\n addingAuthenticatorStatus === \"STARTING\") && (_jsxs(_Fragment, { children: [fido2Credentials?.length === 0 && (_jsxs(\"div\", { className: \"passwordless-no-devices-yet\", children: [_jsx(\"span\", { children: \"You don't have any authenticators yet.\" }), _jsxs(\"span\", { children: [\"Press the button\", \" \", _jsx(\"strong\", { children: \"\\\"Register new authenticator\\\"\" }), \" to get started.\"] })] })), !!fido2Credentials?.length && (_jsxs(\"table\", { children: [_jsx(\"thead\", { children: _jsxs(\"tr\", { className: editFriendlyNameRowIndex !== -1 ||\n confirmDeleteRowIndex !== -1\n ? \"passwordless-table-hide-headers\"\n : \"\", children: [_jsx(\"th\", {}), _jsx(\"th\", { className: \"passwordless-table-col-last-sign-in\", children: \"Last sign-in\" }), _jsx(\"th\", { className: \"passwordless-table-col-created-at\", children: \"Created at\" }), _jsx(\"th\", {})] }) }), _jsx(\"tbody\", { children: fido2Credentials.map((credential, index) => editFriendlyNameRowIndex === index ? (_jsx(\"tr\", { children: _jsx(\"td\", { colSpan: 4, children: _jsxs(\"form\", { className: \"passwordless-edit-friendly-name\", onSubmit: (e) => {\n e.preventDefault();\n setError(undefined);\n credential\n .update({\n friendlyName: editedFriendlyName,\n })\n .then(reset)\n .catch(setError);\n return false;\n }, children: [_jsx(\"input\", { className: \"passwordless-friendly-name-input\", autoFocus: true, value: editedFriendlyName, onChange: (e) => setEditedFriendlyName(e.currentTarget.value) }), _jsx(\"button\", { className: \"passwordless-button passwordless-button-save\", type: \"submit\", disabled: credential.busy ||\n !editedFriendlyName ||\n editedFriendlyName === credential.friendlyName, children: \"Save\" }), _jsx(\"button\", { className: \"passwordless-button passwordless-button-cancel\", onClick: () => setEditFriendlyNameRowIndex(-1), disabled: credential.busy, children: \"Cancel\" })] }) }) }, credential.credentialId)) : confirmDeleteRowIndex === index ? (_jsx(\"tr\", { children: _jsx(\"td\", { colSpan: 4, children: _jsxs(\"div\", { className: \"passwordless-confirm-delete-device\", children: [_jsxs(\"span\", { children: [\" \", \"Are you sure you want to delete your device named\", \" \", _jsxs(\"strong\", { children: [\"\\\"\", credential.friendlyName, \"\\\"\"] }), \"?\", \" \"] }), _jsxs(\"div\", { children: [_jsx(\"button\", { className: \"passwordless-button passwordless-button-save\", onClick: () => {\n setError(undefined);\n credential.delete().then(reset).catch(setError);\n }, disabled: credential.busy, children: \"Yes\" }), _jsx(\"button\", { className: \"passwordless-button passwordless-button-cancel\", onClick: () => {\n setError(undefined);\n setConfirmDeleteRowIndex(-1);\n }, disabled: credential.busy, children: \"No\" })] })] }) }) }, credential.credentialId)) : (_jsxs(\"tr\", { children: [_jsx(\"td\", { className: \"passwordless-table-col-friendly-name passwordless-table-cell-ellipsis\", children: _jsx(\"span\", { children: _jsxs(\"button\", { className: \"passwordless-friendly-name\", onClick: () => {\n setEditFriendlyNameRowIndex(index);\n setEditedFriendlyName(credential.friendlyName);\n }, disabled: credential.busy ||\n status.isAddingAuthenticator ||\n status.isEditingAuthenticator ||\n status.isDeletingAuthenticator, children: [_jsx(\"svg\", { className: \"passwordless-edit-icon\", xmlns: \"http://www.w3.org/2000/svg\", viewBox: \"0 0 24 24\", children: _jsx(\"path\", { d: \"M20.71,7.04C21.1,6.65 21.1,6 20.71,5.63L18.37,3.29C18,2.9 17.35,2.9 16.96,3.29L15.12,5.12L18.87,8.87M3,17.25V21H6.75L17.81,9.93L14.06,6.18L3,17.25Z\" }) }), credential.friendlyName] }) }) }), _jsx(\"td\", { className: \"passwordless-table-col-last-sign-in\", children: timeAgo(time, credential.lastSignIn) || \"Never\" }), _jsx(\"td\", { className: \"passwordless-table-col-created-at\", children: timeAgo(time, credential.createdAt) || \"Unknown\" }), _jsx(\"td\", { className: \"passwordless-table-col-delete\", children: _jsx(\"button\", { className: \"passwordless-button passwordless-button-outlined passwordless-button-delete\", onClick: () => {\n setError(undefined);\n setConfirmDeleteRowIndex(index);\n }, disabled: credential.busy ||\n status.isAddingAuthenticator ||\n status.isEditingAuthenticator ||\n status.isDeletingAuthenticator, children: _jsx(\"svg\", { className: \"passwordless-delete-icon\", xmlns: \"http://www.w3.org/2000/svg\", viewBox: \"0 0 24 24\", children: _jsx(\"path\", { d: \"M9,3V4H4V6H5V19A2,2 0 0,0 7,21H17A2,2 0 0,0 19,19V6H20V4H15V3H9M9,8H11V17H9V8M13,8H15V17H13V8Z\" }) }) }) })] }, credential.credentialId))) })] }))] })), _jsxs(\"div\", { className: \"passwordless-authenticators-action-row\", children: [(addingAuthenticatorStatus === \"IDLE\" ||\n addingAuthenticatorStatus === \"STARTING\") && (_jsx(\"button\", { className: \"passwordless-button passwordless-button-add-authenticator\", onClick: () => {\n setAddingAuthenticatorStatus(\"STARTING\");\n setError(undefined);\n fido2CreateCredential({\n friendlyName: () => {\n if (mobileDeviceName)\n return mobileDeviceName;\n setAddingAuthenticatorStatus(\"INPUT_NAME\");\n return awaitableFriendlyName();\n },\n })\n .then(() => {\n updateFidoPreference({ useFido: \"YES\" });\n reset();\n })\n .catch(setError)\n .finally(() => setAddingAuthenticatorStatus(\"IDLE\"));\n }, disabled: addingAuthenticatorStatus === \"STARTING\" ||\n status.isEditingAuthenticator ||\n status.isDeletingAuthenticator, children: \"Register new authenticator\" })), (addingAuthenticatorStatus === \"INPUT_NAME\" ||\n addingAuthenticatorStatus === \"COMPLETING\") && (_jsxs(\"form\", { className: \"passwordless-flex\", onSubmit: (e) => {\n e.preventDefault();\n resolveFriendlyName();\n setAddingAuthenticatorStatus(\"COMPLETING\");\n return false;\n }, children: [_jsx(\"div\", { className: \"passwordless-fido-recommendation-text\", children: \"Provide a name for this authenticator, so you can recognize it easily later\" }), _jsx(\"input\", { className: \"passwordless-friendly-name-input\", autoFocus: true, placeholder: \"authenticator name\", value: friendlyName, onChange: (e) => setFriendlyName(e.target.value) }), _jsx(\"button\", { className: \"passwordless-button passwordless-button-finish\", type: \"submit\", disabled: !friendlyName || addingAuthenticatorStatus === \"COMPLETING\", children: \"Finish\" })] })), _jsx(\"div\", { onClick: () => toggleShowAuthenticatorManager(), className: \"passwordless-link\", children: \"close\" })] }), error && (_jsx(\"div\", { className: \"passwordless-authenticator-error\", children: error.message }))] }));\n}\nexport function Fido2Toast() {\n return (_jsxs(_Fragment, { children: [_jsx(Fido2Recommendation, {}), _jsx(AuthenticatorsManager, {})] }));\n}\nfunction determineMobileDeviceName() {\n const mobileDevices = [\n \"Android\",\n \"webOS\",\n \"iPhone\",\n \"iPad\",\n \"iPod\",\n \"BlackBerry\",\n \"Windows Phone\",\n ];\n return mobileDevices.find((dev) => \n // eslint-disable-next-line security/detect-non-literal-regexp\n navigator.userAgent.match(new RegExp(dev, \"i\")));\n}\n","/**\n * Copyright Amazon.com, Inc. and its affiliates. All Rights Reserved.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\"). You\n * may not use this file except in compliance with the License. A copy of\n * the License is located at\n *\n * http://aws.amazon.com/apache2.0/\n *\n * or in the \"license\" file accompanying this file. This file is\n * distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF\n * ANY KIND, either express or implied. See the License for the specific\n * language governing permissions and limitations under the License.\n */\nexport { Fido2Toast, Passwordless } from \"./components.js\";\nexport { PasswordlessContextProvider, useAwaitableState, useLocalUserCache, usePasswordless, } from \"./hooks.js\";\n"],"names":["config_","configure","config","crypto","Defaults","storage","fetch","location","history","debug","configureFromAmplify","amplifyConfig","region","userPoolId","userPoolWebClientId","isAmplifyConfig","Auth","cognitoIdpEndpoint","clientId","with","MemoryStorage","constructor","memory","Map","getItem","key","get","setItem","value","set","removeItem","delete","UndefinedGlobalVariableError","Error","getFailingProxy","expected","message","Proxy","undefined","apply","globalThis","localStorage","_CONSTANTS","schedulingRefresh","clearScheduledRefresh","refreshingTokens","util_throwIfNot2xx","res","ok","detail","json","__type","match","err","name","util_parseJwtPayload","jwt","parts","split","payload","JSON","parse","TextDecoder","decode","bufferFromBase64Url","setTimeoutWallClock","cb","ms","executeAt","Date","now","i","setInterval","clearInterval","unref","currentBrowserLocationWithoutFragmentIdentifier","jQ","current","URL","href","hash","_bufferFromBase64","characters","padChar","map","reduce","acc","char","index","Object","assign","charCodeAt","base64","first","second","third","fourth","paddingLength","length","chunk","Uint8Array","bufferFromBase64","_bufferToBase64","result","chunks","arr","n","subarray","push","join","bufferToBase64","bufferToBase64Url","storeTokens","tokens","sub","email","username","idToken","scope","accessToken","amplifyKeyPrefix","customKeyPrefix","promises","refreshToken","stringify","UserAttributes","Name","Value","Username","expireAt","toISOString","Promise","all","filter","p","storage_retrieveTokens","AWS_REGION_REGEXP","assertIsNotErrorResponse","obj","isChallengeResponse","assertIsChallengeResponse","assertIsNotAuthenticatedResponse","isAuthenticatedResponse","assertIsAuthenticatedResponse","assertIsNotChallengeResponse","ChallengeName","assertIsSignInResponse","initiateAuth","authflow","authParameters","clientMetadata","abort","proxyApiHeaders","clientSecret","signal","headers","method","body","AuthFlow","ClientId","AuthParameters","SECRET_HASH","calculateSecretHash","USERNAME","ClientMetadata","then","respondToAuthChallenge","challengeName","challengeResponses","session","ChallengeResponses","Session","extractChallengeResponse","revokeToken","Token","handleAuthResponse","authResponse","smsMfaCode","newPassword","customChallengeAnswer","AuthenticationResult","IdToken","AccessToken","ExpiresIn","RefreshToken","responseParameters","SMS_MFA_CODE","NEW_PASSWORD","ANSWER","nextAuthResult","subtle","importKey","TextEncoder","encode","signature","sign","busyState","scheduleRefresh","args","_scheduleRefresh","finally","tokensCb","isRefreshingCb","aborted","refreshIn","Math","max","valueOf","random","toFixed","refreshTokens","catch","addEventListener","_refreshTokens","invalidRefreshTokens","Set","has","authResult","REFRESH_TOKEN","add","tokensFromRefresh","defaultTokensCb","storeAndScheduleRefresh","newTokens","signOut","currentStatus","statusCb","props","includes","AbortController","signedOut","tokensRemovedLocallyCb","requestSignInLink","redirectUri","signInLinkRequested","ChallengeParameters","signInMethod","alreadyHaveMagicLink","failedFragmentIdentifieres","authenticateWithSignInLink","fragmentIdentifier","startSession","continueSession","startsWith","initAuthResponse","signInWithLink","signedIn","params","checkCurrentLocationForSignInLink","url","slice","e","LE","header","assertIsMessage","msg","userName","exp","iat","removeFragmentIdentifierFromBrowserLocation","pushState","fido2CreateCredential","friendlyName","fido2","publicKeyOptions","fido2StartCreateCredential","publicKey","rp","id","attestation","authenticatorSelection","extensions","timeout","challenge","user","from","c","excludeCredentials","credential","navigator","credentials","create","PublicKeyCredential","response","AuthenticatorAttestationResponse","getTransports","getAuthenticatorData","getPublicKey","getPublicKeyAlgorithm","resolvedFriendlyName","fido2CompleteCreateCredential","getFullFido2Url","path","baseUrl","replace","hostname","accept","authorization","parsedCredential","parseAuthenticatorAttestationResponse","createdAt","fido2ListCredentials","authenticators","authenticator","lastSignIn","fido2DeleteCredential","credentialId","fido2UpdateCredential","assertIsFido2Options","o","relyingPartyId","userVerification","Array","isArray","every","transports","t","fido2getCredential","allowCredentials","type","rpId","AuthenticatorAssertionResponse","parseAuthenticatorAssertionResponse","rawId","attestationObjectB64","clientDataJSON_B64","attestationObject","clientDataJSON","transport","credentialIdB64","authenticatorDataB64","signatureB64","userHandleB64","authenticatorData","userHandle","byteLength","requestUsernamelessSignInChallenge","getConstants","g","BigInt","N","k","arrayBufferToBigInt","digest","hexToArrayBuffer","padHex","toString","modPow","base","mod","x","hexStr","parseInt","calculateLargeAHex","smallA","calculateSrpSignature","largeAHex","srpBHex","salt","password","secretBlock","aPlusBHex","u","userPoolName","usernamePasswordHash","Blob","arrayBuffer","gModPowXN","int","s","ikmHex","saltHkdfHex","arrayBufferToHex","infoBits","buffer","prkKey","prk","hkdfKey","hkdf","timestamp","formatDate","d","Intl","DateTimeFormat","weekday","year","month","day","hour","minute","timeZone","timeZoneName","hour12","formatToParts","find","part","flat","signatureKey","signatureString","passwordClaimSignature","octets","m","arrBuf","padStart","PasswordlessContext","react","createContext","hooks_usePasswordless","context","useContext","LocalUserCacheContext","PasswordlessContextProvider","jsx_runtime","jsx","Provider","_usePasswordless","signingInStatus","setSigninInStatus","useState","initiallyRetrievingTokensFromStorage","setInitiallyRetrievingTokensFromStorage","_setTokens","tokensParsed","setTokensParsed","setTokens","useCallback","reactSetStateAction","prevState","lastError","setLastError","userVerifyingPlatformAuthenticatorAvailable","setUserVerifyingPlatformAuthenticatorAvailable","creatingCredential","setCreatingCredential","fido2Credentials","setFido2Credentials","updateFido2Credential","state","findIndex","update","deleteFido2Credential","remainingAuthenticator","isSchedulingRefresh","setIsSchedulingRefresh","isRefreshingTokens","setIsRefreshingTokens","showAuthenticatorManager","setShowAuthenticatorManager","recheckSignInStatus","setRecheckSignInStatus","useEffect","signingIn","busy","expireAtTime","getTime","cancel","isUserVerifyingPlatformAuthenticatorAvailable","toFido2Credential","signInStatus","useMemo","checkIn","isSignedIn","storedCredential","concat","signingOut","requesting","authenticateWithFido2","signinIn","credentialGetter","fido2credential","fido2options","cred","optionsCred","authenticateWithSRP","generateSmallA","randomValues","getRandomValues","SRP_A","CHALLENGE_NAME","SALT","saltHex","SRP_B","SECRET_BLOCK","secretBlockB64","USER_ID_FOR_SRP","userIdForSrp","PASSWORD_CLAIM_SECRET_BLOCK","TIMESTAMP","PASSWORD_CLAIM_SIGNATURE","authenticateWithPlaintextPassword","PASSWORD","stepUpAuthenticationWithSmsOtp","phoneNumberWithOtp","phoneNumber","attempt","secretCode","toggleShowAuthenticatorManager","children","enableLocalUserCache","LocalUserCacheContextProvider","_useLocalUserCache","hasFido2Credentials","justSignedInWithMagicLink","lastSignedInUsers","setLastSignedInUsers","currentUser","setCurrentUser","fidoPreferenceOverride","setFidoPreferenceOverride","getLastSignedInUsers","email_verified","found","lastUser","useFido","registerSignedInUser","determineFido","updateFidoPreference","clearLastSignedInUsers","lastUsers","users","splice","unshift"],"sourceRoot":""}