{
  "version": 3,
  "sources": ["src/delegation/_constants.ts", "src/delegation/_context.ts", "src/utils/nonce.utils.ts", "src/utils/url.utils.ts", "src/delegation/errors.ts", "src/delegation/utils/session-storage.utils.ts", "src/delegation/_session.ts", "src/delegation/api/_actor.api.ts", "src/delegation/api/auth.api.ts", "src/delegation/utils/session.utils.ts", "src/delegation/providers/github/authenticate.ts", "src/delegation/providers/github/_api.ts", "src/delegation/providers/google/authenticate.ts", "src/delegation/authenticate.ts", "src/delegation/utils/url.utils.ts", "src/delegation/providers/github/_context.ts", "src/delegation/providers/github/_openid.ts", "src/delegation/utils/state.utils.ts", "src/delegation/providers/google/_context.ts", "src/delegation/providers/google/_openid.ts", "src/delegation/request.ts", "src/delegation/utils/openid.utils.ts"],
  "sourcesContent": ["import type {OpenIdGitHubProvider} from './providers/github/types/provider';\nimport type {OpenIdProvider} from './types/provider';\n\nexport const CONTEXT_KEY = 'juno:auth:openid';\n\n// Create client_id: https://developers.google.com/identity/openid-connect/openid-connect#authenticationuriparameters\nexport const GOOGLE_PROVIDER: Omit<OpenIdProvider, 'clientId' | 'redirectUrl'> = {\n  authUrl: 'https://accounts.google.com/o/oauth2/v2/auth',\n  authScopes: ['openid', 'profile', 'email'],\n  configUrl: 'https://accounts.google.com/gsi/fedcm.json'\n};\n\nexport const GITHUB_PROVIDER: Omit<OpenIdGitHubProvider, 'clientId' | 'redirectUrl'> = {\n  authUrl: 'https://github.com/login/oauth/authorize',\n  authScopes: ['read:user', 'user:email'],\n  initUrl: 'https://api.juno.build/v1/auth/init/github',\n  finalizeUrl: 'https://api.juno.build/v1/auth/finalize/github'\n};\n", "import {Ed25519KeyIdentity} from '@icp-sdk/core/identity';\nimport {isNullish} from '@junobuild/utils';\nimport type {Nonce} from '../types/nonce';\nimport {generateNonce} from '../utils/nonce.utils';\nimport {CONTEXT_KEY} from './_constants';\nimport {ContextUndefinedError} from './errors';\nimport type {OpenIdAuthContext} from './types/context';\nimport {parseContext, stringifyContext} from './utils/session-storage.utils';\n\nexport const initContext = async ({\n  generateState\n}: {\n  generateState: (params: {nonce: Nonce}) => Promise<string>;\n}): Promise<{nonce: Nonce} & Pick<OpenIdAuthContext, 'state'>> => {\n  const caller = Ed25519KeyIdentity.generate();\n  const {nonce, salt} = await generateNonce({caller});\n\n  const state = await generateState({nonce});\n\n  const storedData = stringifyContext({\n    caller,\n    salt,\n    state\n  });\n\n  sessionStorage.setItem(CONTEXT_KEY, storedData);\n\n  return {\n    nonce,\n    state\n  };\n};\n\nexport const loadContext = (): OpenIdAuthContext => {\n  const storedContext = sessionStorage.getItem(CONTEXT_KEY);\n\n  if (isNullish(storedContext)) {\n    throw new ContextUndefinedError();\n  }\n\n  return parseContext(storedContext);\n};\n", "import type {Ed25519KeyIdentity} from '@icp-sdk/core/identity';\nimport {arrayBufferToUint8Array} from '@junobuild/utils';\nimport type {Nonce, Salt} from '../types/nonce';\nimport {toBase64URL} from './url.utils';\n\nconst generateSalt = (): Salt => crypto.getRandomValues(new Uint8Array(32));\n\nconst buildNonce = async ({salt, caller}: {salt: Salt; caller: Ed25519KeyIdentity}) => {\n  const principal = caller.getPrincipal().toUint8Array();\n\n  const bytes = new Uint8Array(salt.length + principal.byteLength);\n  bytes.set(salt);\n  bytes.set(principal, salt.length);\n\n  const hash = await crypto.subtle.digest('SHA-256', bytes);\n\n  return toBase64URL(arrayBufferToUint8Array(hash));\n};\n\nexport const generateNonce = async ({\n  caller\n}: {\n  caller: Ed25519KeyIdentity;\n}): Promise<{nonce: Nonce; salt: Salt}> => {\n  const salt = generateSalt();\n  const nonce = await buildNonce({salt, caller});\n\n  return {nonce, salt};\n};\n", "import {uint8ArrayToBase64} from '@junobuild/utils';\n\n// In the future: uint8Array.toBase64({ alphabet: \"base64url\" })\n// https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Uint8Array/toBase64\nexport const toBase64URL = (uint8Array: Uint8Array): string =>\n  uint8ArrayToBase64(uint8Array).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n", "export class InvalidUrlError extends Error {}\nexport class ContextUndefinedError extends Error {}\n\nexport class FedCMIdentityCredentialUndefinedError extends Error {}\nexport class FedCMIdentityCredentialInvalidError extends Error {}\n\nexport class AuthenticationError extends Error {}\nexport class AuthenticationUrlHashError extends Error {}\nexport class AuthenticationInvalidStateError extends Error {}\nexport class AuthenticationUndefinedJwtError extends Error {}\n\nexport class GetDelegationError extends Error {}\nexport class GetDelegationRetryError extends Error {}\n\nexport class ApiGitHubInitError extends Error {\n  constructor(options?: ErrorOptions) {\n    super('GitHub OAuth initialization failed', options);\n  }\n}\n\nexport class ApiGitHubFinalizeError extends Error {\n  constructor(options?: ErrorOptions) {\n    super('GitHub OAuth finalization failed', options);\n  }\n}\n", "import {Ed25519KeyIdentity, type JsonnableEd25519KeyIdentity} from '@icp-sdk/core/identity';\nimport {base64ToUint8Array, uint8ArrayToBase64} from '@junobuild/utils';\nimport type {OpenIdAuthContext} from '../types/context';\n\nconst JSON_KEY_CALLER = '__caller__';\nconst JSON_KEY_SALT = '__salt__';\nconst JSON_KEY_STATE = '__state__';\n\ninterface StoredContext {\n  [JSON_KEY_CALLER]: JsonnableEd25519KeyIdentity;\n  [JSON_KEY_SALT]: string;\n  [JSON_KEY_STATE]: string;\n}\n\nexport const stringifyContext = ({caller, state, salt}: OpenIdAuthContext): string => {\n  const data: StoredContext = {\n    [JSON_KEY_CALLER]: caller.toJSON(),\n    [JSON_KEY_SALT]: uint8ArrayToBase64(salt),\n    [JSON_KEY_STATE]: state\n  };\n\n  return JSON.stringify(data);\n};\n\nexport const parseContext = (jsonData: string): OpenIdAuthContext => {\n  const {\n    [JSON_KEY_CALLER]: jsonCaller,\n    [JSON_KEY_SALT]: jsonSalt,\n    [JSON_KEY_STATE]: state\n  }: StoredContext = JSON.parse(jsonData);\n\n  return {\n    caller: Ed25519KeyIdentity.fromParsedJson(jsonCaller),\n    salt: base64ToUint8Array(jsonSalt),\n    state\n  };\n};\n", "import type {Signature} from '@icp-sdk/core/agent';\nimport {Delegation, ECDSAKeyIdentity} from '@icp-sdk/core/identity';\nimport {fromNullable} from '@junobuild/utils';\nimport {authenticate as authenticateApi, getDelegation as getDelegationApi} from './api/auth.api';\nimport {AuthenticationError, GetDelegationError, GetDelegationRetryError} from './errors';\nimport type {AuthenticationData, GetDelegationArgs, SignedDelegation} from './types/actor';\nimport type {AuthenticatedSession, AuthParameters} from './types/authenticate';\nimport type {OpenIdAuthContext} from './types/context';\nimport type {Delegations} from './types/session';\nimport {generateIdentity} from './utils/session.utils';\n\ninterface AuthContext {\n  context: Omit<OpenIdAuthContext, 'state'>;\n  auth: AuthParameters;\n}\ntype AuthenticationArgs = {jwt: string} & AuthContext;\n\nexport const authenticateSession = async <T extends AuthParameters>({\n  jwt,\n  context,\n  auth\n}: AuthenticationArgs): Promise<AuthenticatedSession<T>> => {\n  const sessionKey = await ECDSAKeyIdentity.generate({extractable: false});\n\n  const publicKey = new Uint8Array(sessionKey.getPublicKey().toDer());\n\n  const {delegations, data} = await authenticate<T>({\n    jwt,\n    publicKey,\n    context,\n    auth\n  });\n\n  const identity = generateIdentity({\n    sessionKey,\n    delegations\n  });\n\n  return {identity, data};\n};\n\nconst authenticate = async <T extends AuthParameters>({\n  jwt,\n  publicKey,\n  context: {caller, salt},\n  auth\n}: {\n  publicKey: Uint8Array;\n} & AuthenticationArgs): Promise<{delegations: Delegations; data: AuthenticationData<T>}> => {\n  const result = await authenticateApi({\n    args: {\n      OpenId: {\n        jwt,\n        session_key: publicKey,\n        salt\n      }\n    },\n    actorParams: {\n      auth,\n      identity: caller\n    }\n  });\n\n  if ('Err' in result) {\n    throw new AuthenticationError('Authentication failed', {cause: result});\n  }\n\n  const {\n    delegation: {user_key: userKey, expiration},\n    ...rest\n  } = result.Ok;\n\n  const signedDelegation = await retryGetDelegation({\n    jwt,\n    context: {caller, salt},\n    auth,\n    publicKey,\n    expiration\n  });\n\n  const {delegation, signature} = signedDelegation;\n  const {pubkey, expiration: signedExpiration, targets} = delegation;\n\n  const delegations: Delegations = [\n    userKey,\n    [\n      {\n        delegation: new Delegation(\n          Uint8Array.from(pubkey),\n          signedExpiration,\n          fromNullable(targets)\n        ),\n        signature: Uint8Array.from(signature) as unknown as Signature\n      }\n    ]\n  ];\n\n  return {delegations, data: rest as AuthenticationData<T>};\n};\n\nconst retryGetDelegation = async ({\n  jwt,\n  publicKey,\n  context: {salt, caller},\n  auth,\n  expiration,\n  maxRetries = 5\n}: {\n  publicKey: Uint8Array;\n  expiration: bigint;\n  maxRetries?: number;\n} & AuthenticationArgs): Promise<SignedDelegation> => {\n  for (let i = 0; i < maxRetries; i++) {\n    // Linear backoff\n    await new Promise((resolve) => {\n      setInterval(resolve, 1000 * i);\n    });\n\n    const args: GetDelegationArgs = {\n      OpenId: {\n        jwt,\n        session_key: publicKey,\n        salt,\n        expiration\n      }\n    };\n\n    const result = await getDelegationApi({\n      args,\n      actorParams: {\n        auth,\n        identity: caller\n      }\n    });\n\n    if ('Err' in result) {\n      const {Err} = result;\n\n      if ('NoSuchDelegation' in Err) {\n        // eslint-disable-next-line no-continue\n        continue;\n      }\n\n      if ('GetCachedJwks' in Err) {\n        // eslint-disable-next-line no-continue\n        continue;\n      }\n\n      throw new GetDelegationError('Getting delegation failed', {cause: result});\n    }\n\n    return result.Ok;\n  }\n\n  throw new GetDelegationRetryError();\n};\n", "import {\n  type ConsoleActor,\n  type SatelliteActor,\n  getConsoleActor,\n  getSatelliteActor\n} from '@junobuild/ic-client/actor';\nimport type {ActorParameters} from '../types/actor';\n\nexport const getAuthActor = ({\n  auth,\n  identity\n}: ActorParameters): Promise<ConsoleActor | SatelliteActor> =>\n  'satellite' in auth\n    ? getSatelliteActor({...auth.satellite, identity})\n    : getConsoleActor({...auth.console, identity});\n", "import type {\n  ActorParameters,\n  AuthenticationArgs,\n  AuthenticationResult,\n  GetDelegationArgs,\n  GetDelegationResult\n} from '../types/actor';\nimport {getAuthActor} from './_actor.api';\n\nexport const authenticate = async ({\n  actorParams,\n  args\n}: {\n  args: AuthenticationArgs;\n  actorParams: ActorParameters;\n}): Promise<AuthenticationResult> => {\n  const {authenticate} = await getAuthActor(actorParams);\n  return await authenticate(args);\n};\n\nexport const getDelegation = async ({\n  actorParams,\n  args\n}: {\n  args: GetDelegationArgs;\n  actorParams: ActorParameters;\n}): Promise<GetDelegationResult> => {\n  const {get_delegation} = await getAuthActor(actorParams);\n  return await get_delegation(args);\n};\n", "import {DelegationChain, DelegationIdentity, type ECDSAKeyIdentity} from '@icp-sdk/core/identity';\nimport type {AuthenticatedIdentity} from '../types/authenticate';\nimport type {Delegations} from '../types/session';\n\nexport const generateIdentity = ({\n  delegations,\n  sessionKey\n}: {\n  delegations: Delegations;\n  sessionKey: ECDSAKeyIdentity;\n}): AuthenticatedIdentity => {\n  const [userKey, signedDelegations] = delegations;\n\n  const delegationChain = DelegationChain.fromDelegations(\n    signedDelegations,\n    Uint8Array.from(userKey)\n  );\n\n  const identity = DelegationIdentity.fromDelegation(sessionKey, delegationChain);\n\n  return {identity, delegationChain, sessionKey};\n};\n", "import {isEmptyString} from '@junobuild/utils';\nimport {authenticateSession} from '../../_session';\nimport {AuthenticationUndefinedJwtError} from '../../errors';\nimport type {AuthenticatedSession, AuthParameters} from '../../types/authenticate';\nimport type {OpenIdAuthContext} from '../../types/context';\nimport {finalizeOAuth} from './_api';\nimport type {AuthenticationGitHubRedirect} from './types/authenticate';\n\nexport const authenticateGitHubWithRedirect = async <T extends AuthParameters>({\n  auth,\n  context,\n  redirect: {finalizeUrl}\n}: {\n  auth: AuthParameters;\n  context: Omit<OpenIdAuthContext, 'state'>;\n  redirect: AuthenticationGitHubRedirect;\n}): Promise<AuthenticatedSession<T>> => {\n  const {\n    location: {search}\n  } = window;\n\n  const urlParams = new URLSearchParams(search);\n  const code = urlParams.get('code');\n  const state = urlParams.get('state');\n\n  const result = await finalizeOAuth({\n    url: finalizeUrl,\n    body: {code, state}\n  });\n\n  if ('error' in result) {\n    throw result.error;\n  }\n\n  const {\n    success: {token: idToken}\n  } = result;\n\n  // id_token === jwt\n  if (isEmptyString(idToken)) {\n    throw new AuthenticationUndefinedJwtError();\n  }\n\n  return await authenticateSession({\n    jwt: idToken,\n    auth,\n    context\n  });\n};\n", "import {ApiGitHubFinalizeError, ApiGitHubInitError} from '../../errors';\n\nexport const initOAuth = async ({\n  url\n}: {\n  url: string;\n}): Promise<{success: {state: string}} | {error: unknown}> => {\n  try {\n    const result = await fetch(url, {\n      credentials: 'include'\n    });\n\n    if (!result.ok) {\n      return {error: new Error(`Failed to fetch ${url} (${result.status})`)};\n    }\n\n    const data: {state: string} = await result.json();\n    return {success: data};\n  } catch (error: unknown) {\n    return {error: new ApiGitHubInitError({cause: error})};\n  }\n};\n\nexport const finalizeOAuth = async ({\n  url,\n  body\n}: {\n  url: string;\n  body: {code: string | null; state: string | null};\n}): Promise<{success: {token: string}} | {error: unknown}> => {\n  try {\n    const result = await fetch(url, {\n      method: 'POST',\n      credentials: 'include',\n      headers: {'Content-Type': 'application/json'},\n      body: JSON.stringify(body)\n    });\n\n    if (!result.ok) {\n      return {error: new Error(`Failed to fetch ${url} (${result.status})`)};\n    }\n\n    const data: {token: string} = await result.json();\n    return {success: data};\n  } catch (error: unknown) {\n    return {error: new ApiGitHubFinalizeError({cause: error})};\n  }\n};\n", "import {isEmptyString} from '@junobuild/utils';\nimport {authenticateSession} from '../../_session';\nimport {\n  AuthenticationInvalidStateError,\n  AuthenticationUndefinedJwtError,\n  AuthenticationUrlHashError\n} from '../../errors';\nimport type {AuthenticatedSession, AuthParameters} from '../../types/authenticate';\nimport type {OpenIdAuthContext} from '../../types/context';\n\nexport const authenticateGoogleWithRedirect = async <T extends AuthParameters>({\n  auth,\n  context\n}: {\n  auth: AuthParameters;\n  context: OpenIdAuthContext;\n}): Promise<AuthenticatedSession<T>> => {\n  const {\n    location: {hash}\n  } = window;\n\n  if (isEmptyString(hash) || !hash.startsWith('#')) {\n    throw new AuthenticationUrlHashError('No hash found in the current location URL');\n  }\n\n  const params = new URLSearchParams(hash.slice(1));\n  const state = params.get('state');\n  const idToken = params.get('id_token');\n\n  const {state: savedState} = context;\n\n  if (isEmptyString(savedState) || state !== savedState) {\n    throw new AuthenticationInvalidStateError('The provided state is invalid', {cause: state});\n  }\n\n  // id_token === jwt\n  if (isEmptyString(idToken)) {\n    throw new AuthenticationUndefinedJwtError();\n  }\n\n  return await authenticateSession({\n    jwt: idToken,\n    auth,\n    context\n  });\n};\n", "import {GITHUB_PROVIDER} from './_constants';\nimport {loadContext} from './_context';\nimport {authenticateSession} from './_session';\nimport {authenticateGitHubWithRedirect} from './providers/github/authenticate';\nimport {authenticateGoogleWithRedirect} from './providers/google/authenticate';\nimport type {\n  AuthenticatedSession,\n  AuthenticationParams,\n  AuthParameters\n} from './types/authenticate';\n\nexport const authenticate = async <T extends AuthParameters>(\n  params: AuthenticationParams<T>\n): Promise<AuthenticatedSession<T>> => {\n  const context = loadContext();\n\n  if ('github' in params) {\n    const {\n      github: {redirect, auth}\n    } = params;\n\n    const {finalizeUrl} = GITHUB_PROVIDER;\n\n    return await authenticateGitHubWithRedirect<T>({\n      redirect: redirect ?? {finalizeUrl},\n      auth,\n      context\n    });\n  }\n\n  const {google} = params;\n\n  if ('credentials' in google) {\n    const {\n      credentials: {jwt},\n      auth\n    } = google;\n\n    return await authenticateSession({\n      jwt,\n      context,\n      auth\n    });\n  }\n\n  return await authenticateGoogleWithRedirect<T>({...google, context});\n};\n", "import {InvalidUrlError} from '../errors';\n\nexport const parseUrl = ({url}: {url: string}): URL => {\n  try {\n    // Use the URL constructor, for backwards compatibility with older Android/WebView.\n    return new URL(url);\n  } catch (_error: unknown) {\n    throw new InvalidUrlError('Cannot parse authURL', {cause: url});\n  }\n};\n", "import type {Nonce} from '../../../types/nonce';\nimport {parseUrl} from '../../utils/url.utils';\nimport {initOAuth} from './_api';\nimport type {OpenIdGitHubProvider} from './types/provider';\n\nexport const buildGenerateState = ({initUrl}: Pick<OpenIdGitHubProvider, 'initUrl'>) => {\n  const generateState = async ({nonce}: {nonce: Nonce}): Promise<string> => {\n    const requestUrl = parseUrl({url: initUrl});\n    requestUrl.searchParams.set('nonce', nonce);\n\n    const result = await initOAuth({url: requestUrl.toString()});\n\n    if ('error' in result) {\n      throw result.error;\n    }\n\n    const {\n      success: {state}\n    } = result;\n\n    return state;\n  };\n\n  return generateState;\n};\n", "import {parseUrl} from '../../utils/url.utils';\nimport type {RequestGitHubJwtWithRedirect} from './types/openid';\n\n// https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#1-request-a-users-github-identity\n\nexport const requestGitHubJwtWithRedirect = ({\n  authUrl,\n  clientId,\n  authScopes,\n  state,\n  redirectUrl\n}: RequestGitHubJwtWithRedirect) => {\n  const requestUrl = parseUrl({url: authUrl});\n\n  requestUrl.searchParams.set('client_id', clientId);\n\n  const {\n    location: {origin: currentUrl}\n  } = window;\n\n  requestUrl.searchParams.set('redirect_uri', redirectUrl ?? currentUrl);\n\n  // Note: GitHub Apps ignore this parameter and use permissions from app settings instead\n  requestUrl.searchParams.set('scope', authScopes.join(' '));\n\n  // Used for security reasons. When the provider redirects to the application,\n  // the state will be compared by the proxy backend with the value it initiated.\n  requestUrl.searchParams.set('state', state);\n\n  window.location.href = requestUrl.toString();\n};\n", "import {toBase64URL} from '../../utils/url.utils';\n\nexport const generateRandomState = (): string =>\n  toBase64URL(crypto.getRandomValues(new Uint8Array(12)));\n", "import type {Nonce} from '../../../types/nonce';\nimport {generateRandomState} from '../../utils/state.utils';\n\n// eslint-disable-next-line require-await\nexport const generateGoogleState = async (_params: {nonce: Nonce}): Promise<string> =>\n  generateRandomState();\n", "import {isNullish, notEmptyString} from '@junobuild/utils';\nimport {\n  FedCMIdentityCredentialInvalidError,\n  FedCMIdentityCredentialUndefinedError\n} from '../../errors';\nimport {parseUrl} from '../../utils/url.utils';\nimport type {RequestGoogleJwtWithCredentials, RequestGoogleJwtWithRedirect} from './types/openid';\n\n/**\n * Initiates an OpenID Connect authorization request by redirecting the browser.\n *\n *  References:\n *  - OAuth 2.0 (Google): https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow\n *  - OpenID Connect: https://developers.google.com/identity/openid-connect/openid-connect\n */\nexport const requestGoogleJwtWithRedirect = ({\n  authUrl,\n  clientId,\n  nonce,\n  loginHint,\n  authScopes,\n  state,\n  redirectUrl\n}: RequestGoogleJwtWithRedirect) => {\n  const requestUrl = parseUrl({url: authUrl});\n\n  requestUrl.searchParams.set('client_id', clientId);\n\n  const {\n    location: {origin: currentUrl}\n  } = window;\n\n  requestUrl.searchParams.set('redirect_uri', redirectUrl ?? currentUrl);\n\n  // We do not request \"token\" because we use the ID token (JWT).\n  // \"code\" is required according to II's codebase as Apple ID throws an error otherwise.\n  requestUrl.searchParams.set('response_type', 'code id_token');\n\n  requestUrl.searchParams.set('scope', authScopes.join(' '));\n\n  // Used for security reasons. When the provider redirects to the application,\n  // the state will be compared with the session storage value.\n  requestUrl.searchParams.set('state', state);\n\n  // Used to validate the JSON Web Token (JWT) in the backend \u2014 i.e. we pass the nonce\n  // to the provider and make the request to the backend with its salt.\n  requestUrl.searchParams.set('nonce', nonce);\n\n  if (notEmptyString(loginHint)) {\n    requestUrl.searchParams.set('login_hint', loginHint);\n  } else {\n    requestUrl.searchParams.set('prompt', 'select_account');\n  }\n\n  window.location.href = requestUrl.toString();\n};\n\n/**\n * References:\n * - identity spec: https://www.w3.org/TR/fedcm/#browser-api-credential-request-options\n * - https://privacysandbox.google.com/cookies/fedcm/implement/identity-provider\n * - https://privacysandbox.google.com/cookies/fedcm/why\n */\nexport const requestGoogleJwtWithCredentials = async ({\n  configUrl: configURL,\n  clientId,\n  nonce,\n  loginHint,\n  domainHint\n}: RequestGoogleJwtWithCredentials): Promise<{jwt: string}> => {\n  const identityCredential = await navigator.credentials.get({\n    // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n    // @ts-ignore\n    identity: {\n      context: 'use',\n      providers: [\n        {\n          configURL,\n          clientId,\n          nonce,\n          loginHint,\n          domainHint\n        }\n      ],\n      mode: 'active'\n    },\n    // https://privacysandbox.google.com/cookies/fedcm/implement/relying-party#auto-reauthn\n    mediation: 'required'\n  });\n\n  if (isNullish(identityCredential)) {\n    throw new FedCMIdentityCredentialUndefinedError();\n  }\n\n  const {type} = identityCredential;\n\n  if (\n    type !== 'identity' ||\n    !('token' in identityCredential) ||\n    typeof identityCredential.token !== 'string'\n  ) {\n    // This should be unreachable in FedCM spec-compliant browsers.\n    throw new FedCMIdentityCredentialInvalidError('Invalid credential received from FedCM API', {\n      cause: identityCredential\n    });\n  }\n\n  const {token: jwt} = identityCredential;\n  return {jwt};\n};\n", "import {GITHUB_PROVIDER, GOOGLE_PROVIDER} from './_constants';\nimport {initContext} from './_context';\nimport {buildGenerateState} from './providers/github/_context';\nimport {requestGitHubJwtWithRedirect} from './providers/github/_openid';\nimport type {RequestGitHubJwtRedirectParams} from './providers/github/types/request';\nimport {generateGoogleState} from './providers/google/_context';\nimport {\n  requestGoogleJwtWithCredentials,\n  requestGoogleJwtWithRedirect\n} from './providers/google/_openid';\nimport type {\n  RequestGoogleJwtCredentialsParams,\n  RequestGoogleJwtParams,\n  RequestGoogleJwtRedirectParams\n} from './providers/google/types/request';\nimport type {RequestJwtCredentialsResult} from './types/request';\n\nexport function requestJwt(args: {\n  google: RequestGoogleJwtCredentialsParams;\n}): Promise<RequestJwtCredentialsResult>;\n\nexport function requestJwt(\n  args: {google: RequestGoogleJwtRedirectParams} | {github: RequestGitHubJwtRedirectParams}\n): Promise<void>;\n\nexport async function requestJwt(\n  args:\n    | {\n        google: RequestGoogleJwtParams;\n      }\n    | {github: RequestGitHubJwtRedirectParams}\n): Promise<RequestJwtCredentialsResult | void> {\n  if ('github' in args) {\n    const {github} = args;\n\n    const {redirect} = github;\n    const {initUrl: userInitUrl, ...restRedirect} = redirect;\n\n    const {authUrl, authScopes, initUrl} = GITHUB_PROVIDER;\n\n    const context = await initContext({\n      generateState: buildGenerateState({initUrl: userInitUrl ?? initUrl})\n    });\n\n    requestGitHubJwtWithRedirect({\n      ...restRedirect,\n      ...context,\n      authUrl,\n      authScopes\n    });\n    return;\n  }\n\n  const context = await initContext({generateState: generateGoogleState});\n\n  const {google} = args;\n\n  if ('credentials' in google) {\n    const {credentials} = google;\n    const {configUrl} = GOOGLE_PROVIDER;\n\n    return await requestGoogleJwtWithCredentials({\n      ...credentials,\n      ...context,\n      configUrl\n    });\n  }\n\n  const {redirect} = google;\n  const {authUrl, authScopes} = GOOGLE_PROVIDER;\n\n  requestGoogleJwtWithRedirect({\n    ...redirect,\n    ...context,\n    authUrl,\n    authScopes\n  });\n}\n", "/**\n * Detects whether the browser supports FedCM (Federated Credential Management).\n *\n * @returns {boolean} `true` if FedCM is supported, otherwise `false`.\n *\n * References:\n *  - MDN IdentityCredential: https://developer.mozilla.org/en-US/docs/Web/API/IdentityCredential\n */\nexport const isFedCMSupported = (): boolean => {\n  const {userAgent} = navigator;\n\n  // Samsung browser implements \"IdentityCredential\" but does not support \"configURL\"\n  // https://developer.mozilla.org/en-US/docs/Web/API/IdentityCredential\n  const isSamsungBrowser = /SamsungBrowser/i.test(userAgent);\n  if (isSamsungBrowser) {\n    return false;\n  }\n\n  return 'IdentityCredential' in window;\n};\n"],
  "mappings": ";;AAGO,IAAMA,EAAc,mBAGdC,EAAoE,CAC/E,QAAS,+CACT,WAAY,CAAC,SAAU,UAAW,OAAO,EACzC,UAAW,4CACb,EAEaC,EAA0E,CACrF,QAAS,2CACT,WAAY,CAAC,YAAa,YAAY,EACtC,QAAS,6CACT,YAAa,gDACf,ECjBA,OAAQ,sBAAAC,OAAyB,yBACjC,OAAQ,aAAAC,OAAgB,mBCAxB,OAAQ,2BAAAC,OAA8B,mBCDtC,OAAQ,sBAAAC,OAAyB,mBAI1B,IAAMC,EAAeC,GAC1BF,GAAmBE,CAAU,EAAE,QAAQ,MAAO,GAAG,EAAE,QAAQ,MAAO,GAAG,EAAE,QAAQ,MAAO,EAAE,EDA1F,IAAMC,GAAe,IAAY,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC,EAEpEC,GAAa,MAAO,CAAC,KAAAC,EAAM,OAAAC,CAAM,IAAgD,CACrF,IAAMC,EAAYD,EAAO,aAAa,EAAE,aAAa,EAE/CE,EAAQ,IAAI,WAAWH,EAAK,OAASE,EAAU,UAAU,EAC/DC,EAAM,IAAIH,CAAI,EACdG,EAAM,IAAID,EAAWF,EAAK,MAAM,EAEhC,IAAMI,EAAO,MAAM,OAAO,OAAO,OAAO,UAAWD,CAAK,EAExD,OAAOE,EAAYC,GAAwBF,CAAI,CAAC,CAClD,EAEaG,EAAgB,MAAO,CAClC,OAAAN,CACF,IAE2C,CACzC,IAAMD,EAAOF,GAAa,EAG1B,MAAO,CAAC,MAFM,MAAMC,GAAW,CAAC,KAAAC,EAAM,OAAAC,CAAM,CAAC,EAE9B,KAAAD,CAAI,CACrB,EE5BO,IAAMQ,EAAN,cAA8B,KAAM,CAAC,EAC/BC,EAAN,cAAoC,KAAM,CAAC,EAErCC,EAAN,cAAoD,KAAM,CAAC,EACrDC,EAAN,cAAkD,KAAM,CAAC,EAEnDC,EAAN,cAAkC,KAAM,CAAC,EACnCC,EAAN,cAAyC,KAAM,CAAC,EAC1CC,EAAN,cAA8C,KAAM,CAAC,EAC/CC,EAAN,cAA8C,KAAM,CAAC,EAE/CC,EAAN,cAAiC,KAAM,CAAC,EAClCC,EAAN,cAAsC,KAAM,CAAC,EAEvCC,EAAN,cAAiC,KAAM,CAC5C,YAAYC,EAAwB,CAClC,MAAM,qCAAsCA,CAAO,CACrD,CACF,EAEaC,EAAN,cAAqC,KAAM,CAChD,YAAYD,EAAwB,CAClC,MAAM,mCAAoCA,CAAO,CACnD,CACF,ECxBA,OAAQ,sBAAAE,OAA2D,yBACnE,OAAQ,sBAAAC,GAAoB,sBAAAC,OAAyB,mBAGrD,IAAMC,EAAkB,aAClBC,EAAgB,WAChBC,EAAiB,YAQVC,EAAmB,CAAC,CAAC,OAAAC,EAAQ,MAAAC,EAAO,KAAAC,CAAI,IAAiC,CACpF,IAAMC,EAAsB,CAC1B,CAACP,CAAe,EAAGI,EAAO,OAAO,EACjC,CAACH,CAAa,EAAGF,GAAmBO,CAAI,EACxC,CAACJ,CAAc,EAAGG,CACpB,EAEA,OAAO,KAAK,UAAUE,CAAI,CAC5B,EAEaC,EAAgBC,GAAwC,CACnE,GAAM,CACJ,CAACT,CAAe,EAAGU,EACnB,CAACT,CAAa,EAAGU,EACjB,CAACT,CAAc,EAAGG,CACpB,EAAmB,KAAK,MAAMI,CAAQ,EAEtC,MAAO,CACL,OAAQZ,GAAmB,eAAea,CAAU,EACpD,KAAMZ,GAAmBa,CAAQ,EACjC,MAAAN,CACF,CACF,EJ3BO,IAAMO,EAAc,MAAO,CAChC,cAAAC,CACF,IAEkE,CAChE,IAAMC,EAASC,GAAmB,SAAS,EACrC,CAAC,MAAAC,EAAO,KAAAC,CAAI,EAAI,MAAMC,EAAc,CAAC,OAAAJ,CAAM,CAAC,EAE5CK,EAAQ,MAAMN,EAAc,CAAC,MAAAG,CAAK,CAAC,EAEnCI,EAAaC,EAAiB,CAClC,OAAAP,EACA,KAAAG,EACA,MAAAE,CACF,CAAC,EAED,sBAAe,QAAQG,EAAaF,CAAU,EAEvC,CACL,MAAAJ,EACA,MAAAG,CACF,CACF,EAEaI,EAAc,IAAyB,CAClD,IAAMC,EAAgB,eAAe,QAAQF,CAAW,EAExD,GAAIG,GAAUD,CAAa,EACzB,MAAM,IAAIE,EAGZ,OAAOC,EAAaH,CAAa,CACnC,EKxCA,OAAQ,cAAAI,GAAY,oBAAAC,OAAuB,yBAC3C,OAAQ,gBAAAC,OAAmB,mBCF3B,OAGE,mBAAAC,GACA,qBAAAC,OACK,6BAGA,IAAMC,EAAe,CAAC,CAC3B,KAAAC,EACA,SAAAC,CACF,IACE,cAAeD,EACXF,GAAkB,CAAC,GAAGE,EAAK,UAAW,SAAAC,CAAQ,CAAC,EAC/CJ,GAAgB,CAAC,GAAGG,EAAK,QAAS,SAAAC,CAAQ,CAAC,ECL1C,IAAMC,EAAe,MAAO,CACjC,YAAAC,EACA,KAAAC,CACF,IAGqC,CACnC,GAAM,CAAC,aAAAF,CAAY,EAAI,MAAMG,EAAaF,CAAW,EACrD,OAAO,MAAMD,EAAaE,CAAI,CAChC,EAEaE,EAAgB,MAAO,CAClC,YAAAH,EACA,KAAAC,CACF,IAGoC,CAClC,GAAM,CAAC,eAAAG,CAAc,EAAI,MAAMF,EAAaF,CAAW,EACvD,OAAO,MAAMI,EAAeH,CAAI,CAClC,EC7BA,OAAQ,mBAAAI,GAAiB,sBAAAC,OAAgD,yBAIlE,IAAMC,EAAmB,CAAC,CAC/B,YAAAC,EACA,WAAAC,CACF,IAG6B,CAC3B,GAAM,CAACC,EAASC,CAAiB,EAAIH,EAE/BI,EAAkBP,GAAgB,gBACtCM,EACA,WAAW,KAAKD,CAAO,CACzB,EAIA,MAAO,CAAC,SAFSJ,GAAmB,eAAeG,EAAYG,CAAe,EAE5D,gBAAAA,EAAiB,WAAAH,CAAU,CAC/C,EHJO,IAAMI,EAAsB,MAAiC,CAClE,IAAAC,EACA,QAAAC,EACA,KAAAC,CACF,IAA4D,CAC1D,IAAMC,EAAa,MAAMC,GAAiB,SAAS,CAAC,YAAa,EAAK,CAAC,EAEjEC,EAAY,IAAI,WAAWF,EAAW,aAAa,EAAE,MAAM,CAAC,EAE5D,CAAC,YAAAG,EAAa,KAAAC,CAAI,EAAI,MAAMC,GAAgB,CAChD,IAAAR,EACA,UAAAK,EACA,QAAAJ,EACA,KAAAC,CACF,CAAC,EAOD,MAAO,CAAC,SALSO,EAAiB,CAChC,WAAAN,EACA,YAAAG,CACF,CAAC,EAEiB,KAAAC,CAAI,CACxB,EAEMC,GAAe,MAAiC,CACpD,IAAAR,EACA,UAAAK,EACA,QAAS,CAAC,OAAAK,EAAQ,KAAAC,CAAI,EACtB,KAAAT,CACF,IAE6F,CAC3F,IAAMU,EAAS,MAAMJ,EAAgB,CACnC,KAAM,CACJ,OAAQ,CACN,IAAAR,EACA,YAAaK,EACb,KAAAM,CACF,CACF,EACA,YAAa,CACX,KAAAT,EACA,SAAUQ,CACZ,CACF,CAAC,EAED,GAAI,QAASE,EACX,MAAM,IAAIC,EAAoB,wBAAyB,CAAC,MAAOD,CAAM,CAAC,EAGxE,GAAM,CACJ,WAAY,CAAC,SAAUE,EAAS,WAAAC,CAAU,EAC1C,GAAGC,CACL,EAAIJ,EAAO,GAELK,EAAmB,MAAMC,GAAmB,CAChD,IAAAlB,EACA,QAAS,CAAC,OAAAU,EAAQ,KAAAC,CAAI,EACtB,KAAAT,EACA,UAAAG,EACA,WAAAU,CACF,CAAC,EAEK,CAAC,WAAAI,EAAY,UAAAC,CAAS,EAAIH,EAC1B,CAAC,OAAAI,EAAQ,WAAYC,EAAkB,QAAAC,EAAO,EAAIJ,EAgBxD,MAAO,CAAC,YAdyB,CAC/BL,EACA,CACE,CACE,WAAY,IAAIU,GACd,WAAW,KAAKH,CAAM,EACtBC,EACAG,GAAaF,EAAO,CACtB,EACA,UAAW,WAAW,KAAKH,CAAS,CACtC,CACF,CACF,EAEqB,KAAMJ,CAA6B,CAC1D,EAEME,GAAqB,MAAO,CAChC,IAAAlB,EACA,UAAAK,EACA,QAAS,CAAC,KAAAM,EAAM,OAAAD,CAAM,EACtB,KAAAR,EACA,WAAAa,EACA,WAAAW,EAAa,CACf,IAIsD,CACpD,QAASC,EAAI,EAAGA,EAAID,EAAYC,IAAK,CAEnC,MAAM,IAAI,QAASC,GAAY,CAC7B,YAAYA,EAAS,IAAOD,CAAC,CAC/B,CAAC,EAWD,IAAMf,EAAS,MAAMiB,EAAiB,CACpC,KAV8B,CAC9B,OAAQ,CACN,IAAA7B,EACA,YAAaK,EACb,KAAAM,EACA,WAAAI,CACF,CACF,EAIE,YAAa,CACX,KAAAb,EACA,SAAUQ,CACZ,CACF,CAAC,EAED,GAAI,QAASE,EAAQ,CACnB,GAAM,CAAC,IAAAkB,CAAG,EAAIlB,EAOd,GALI,qBAAsBkB,GAKtB,kBAAmBA,EAErB,SAGF,MAAM,IAAIC,EAAmB,4BAA6B,CAAC,MAAOnB,CAAM,CAAC,CAC3E,CAEA,OAAOA,EAAO,EAChB,CAEA,MAAM,IAAIoB,CACZ,EI3JA,OAAQ,iBAAAC,OAAoB,mBCErB,IAAMC,EAAY,MAAO,CAC9B,IAAAC,CACF,IAE8D,CAC5D,GAAI,CACF,IAAMC,EAAS,MAAM,MAAMD,EAAK,CAC9B,YAAa,SACf,CAAC,EAED,OAAKC,EAAO,GAKL,CAAC,QADsB,MAAMA,EAAO,KAAK,CAC3B,EAJZ,CAAC,MAAO,IAAI,MAAM,mBAAmBD,CAAG,KAAKC,EAAO,MAAM,GAAG,CAAC,CAKzE,OAASC,EAAgB,CACvB,MAAO,CAAC,MAAO,IAAIC,EAAmB,CAAC,MAAOD,CAAK,CAAC,CAAC,CACvD,CACF,EAEaE,EAAgB,MAAO,CAClC,IAAAJ,EACA,KAAAK,CACF,IAG8D,CAC5D,GAAI,CACF,IAAMJ,EAAS,MAAM,MAAMD,EAAK,CAC9B,OAAQ,OACR,YAAa,UACb,QAAS,CAAC,eAAgB,kBAAkB,EAC5C,KAAM,KAAK,UAAUK,CAAI,CAC3B,CAAC,EAED,OAAKJ,EAAO,GAKL,CAAC,QADsB,MAAMA,EAAO,KAAK,CAC3B,EAJZ,CAAC,MAAO,IAAI,MAAM,mBAAmBD,CAAG,KAAKC,EAAO,MAAM,GAAG,CAAC,CAKzE,OAASC,EAAgB,CACvB,MAAO,CAAC,MAAO,IAAII,EAAuB,CAAC,MAAOJ,CAAK,CAAC,CAAC,CAC3D,CACF,EDvCO,IAAMK,EAAiC,MAAiC,CAC7E,KAAAC,EACA,QAAAC,EACA,SAAU,CAAC,YAAAC,CAAW,CACxB,IAIwC,CACtC,GAAM,CACJ,SAAU,CAAC,OAAAC,CAAM,CACnB,EAAI,OAEEC,EAAY,IAAI,gBAAgBD,CAAM,EACtCE,EAAOD,EAAU,IAAI,MAAM,EAC3BE,EAAQF,EAAU,IAAI,OAAO,EAE7BG,EAAS,MAAMC,EAAc,CACjC,IAAKN,EACL,KAAM,CAAC,KAAAG,EAAM,MAAAC,CAAK,CACpB,CAAC,EAED,GAAI,UAAWC,EACb,MAAMA,EAAO,MAGf,GAAM,CACJ,QAAS,CAAC,MAAOE,CAAO,CAC1B,EAAIF,EAGJ,GAAIG,GAAcD,CAAO,EACvB,MAAM,IAAIE,EAGZ,OAAO,MAAMC,EAAoB,CAC/B,IAAKH,EACL,KAAAT,EACA,QAAAC,CACF,CAAC,CACH,EEhDA,OAAQ,iBAAAY,MAAoB,mBAUrB,IAAMC,EAAiC,MAAiC,CAC7E,KAAAC,EACA,QAAAC,CACF,IAGwC,CACtC,GAAM,CACJ,SAAU,CAAC,KAAAC,CAAI,CACjB,EAAI,OAEJ,GAAIC,EAAcD,CAAI,GAAK,CAACA,EAAK,WAAW,GAAG,EAC7C,MAAM,IAAIE,EAA2B,2CAA2C,EAGlF,IAAMC,EAAS,IAAI,gBAAgBH,EAAK,MAAM,CAAC,CAAC,EAC1CI,EAAQD,EAAO,IAAI,OAAO,EAC1BE,EAAUF,EAAO,IAAI,UAAU,EAE/B,CAAC,MAAOG,CAAU,EAAIP,EAE5B,GAAIE,EAAcK,CAAU,GAAKF,IAAUE,EACzC,MAAM,IAAIC,EAAgC,gCAAiC,CAAC,MAAOH,CAAK,CAAC,EAI3F,GAAIH,EAAcI,CAAO,EACvB,MAAM,IAAIG,EAGZ,OAAO,MAAMC,EAAoB,CAC/B,IAAKJ,EACL,KAAAP,EACA,QAAAC,CACF,CAAC,CACH,EClCO,IAAMW,GAAe,MAC1BC,GACqC,CACrC,IAAMC,EAAUC,EAAY,EAE5B,GAAI,WAAYF,EAAQ,CACtB,GAAM,CACJ,OAAQ,CAAC,SAAAG,EAAU,KAAAC,CAAI,CACzB,EAAIJ,EAEE,CAAC,YAAAK,CAAW,EAAIC,EAEtB,OAAO,MAAMC,EAAkC,CAC7C,SAAUJ,GAAY,CAAC,YAAAE,CAAW,EAClC,KAAAD,EACA,QAAAH,CACF,CAAC,CACH,CAEA,GAAM,CAAC,OAAAO,CAAM,EAAIR,EAEjB,GAAI,gBAAiBQ,EAAQ,CAC3B,GAAM,CACJ,YAAa,CAAC,IAAAC,CAAG,EACjB,KAAAL,CACF,EAAII,EAEJ,OAAO,MAAME,EAAoB,CAC/B,IAAAD,EACA,QAAAR,EACA,KAAAG,CACF,CAAC,CACH,CAEA,OAAO,MAAMO,EAAkC,CAAC,GAAGH,EAAQ,QAAAP,CAAO,CAAC,CACrE,EC5CO,IAAMW,EAAW,CAAC,CAAC,IAAAC,CAAG,IAA0B,CACrD,GAAI,CAEF,OAAO,IAAI,IAAIA,CAAG,CACpB,MAA0B,CACxB,MAAM,IAAIC,EAAgB,uBAAwB,CAAC,MAAOD,CAAG,CAAC,CAChE,CACF,ECJO,IAAME,EAAqB,CAAC,CAAC,QAAAC,CAAO,IACnB,MAAO,CAAC,MAAAC,CAAK,IAAuC,CACxE,IAAMC,EAAaC,EAAS,CAAC,IAAKH,CAAO,CAAC,EAC1CE,EAAW,aAAa,IAAI,QAASD,CAAK,EAE1C,IAAMG,EAAS,MAAMC,EAAU,CAAC,IAAKH,EAAW,SAAS,CAAC,CAAC,EAE3D,GAAI,UAAWE,EACb,MAAMA,EAAO,MAGf,GAAM,CACJ,QAAS,CAAC,MAAAE,CAAK,CACjB,EAAIF,EAEJ,OAAOE,CACT,EChBK,IAAMC,EAA+B,CAAC,CAC3C,QAAAC,EACA,SAAAC,EACA,WAAAC,EACA,MAAAC,EACA,YAAAC,CACF,IAAoC,CAClC,IAAMC,EAAaC,EAAS,CAAC,IAAKN,CAAO,CAAC,EAE1CK,EAAW,aAAa,IAAI,YAAaJ,CAAQ,EAEjD,GAAM,CACJ,SAAU,CAAC,OAAQM,CAAU,CAC/B,EAAI,OAEJF,EAAW,aAAa,IAAI,eAAgBD,GAAeG,CAAU,EAGrEF,EAAW,aAAa,IAAI,QAASH,EAAW,KAAK,GAAG,CAAC,EAIzDG,EAAW,aAAa,IAAI,QAASF,CAAK,EAE1C,OAAO,SAAS,KAAOE,EAAW,SAAS,CAC7C,EC5BO,IAAMG,EAAsB,IACjCC,EAAY,OAAO,gBAAgB,IAAI,WAAW,EAAE,CAAC,CAAC,ECCjD,IAAMC,EAAsB,MAAOC,GACxCC,EAAoB,ECLtB,OAAQ,aAAAC,GAAW,kBAAAC,OAAqB,mBAejC,IAAMC,EAA+B,CAAC,CAC3C,QAAAC,EACA,SAAAC,EACA,MAAAC,EACA,UAAAC,EACA,WAAAC,EACA,MAAAC,EACA,YAAAC,CACF,IAAoC,CAClC,IAAMC,EAAaC,EAAS,CAAC,IAAKR,CAAO,CAAC,EAE1CO,EAAW,aAAa,IAAI,YAAaN,CAAQ,EAEjD,GAAM,CACJ,SAAU,CAAC,OAAQQ,CAAU,CAC/B,EAAI,OAEJF,EAAW,aAAa,IAAI,eAAgBD,GAAeG,CAAU,EAIrEF,EAAW,aAAa,IAAI,gBAAiB,eAAe,EAE5DA,EAAW,aAAa,IAAI,QAASH,EAAW,KAAK,GAAG,CAAC,EAIzDG,EAAW,aAAa,IAAI,QAASF,CAAK,EAI1CE,EAAW,aAAa,IAAI,QAASL,CAAK,EAEtCQ,GAAeP,CAAS,EAC1BI,EAAW,aAAa,IAAI,aAAcJ,CAAS,EAEnDI,EAAW,aAAa,IAAI,SAAU,gBAAgB,EAGxD,OAAO,SAAS,KAAOA,EAAW,SAAS,CAC7C,EAQaI,GAAkC,MAAO,CACpD,UAAWC,EACX,SAAAX,EACA,MAAAC,EACA,UAAAC,EACA,WAAAU,CACF,IAA+D,CAC7D,IAAMC,EAAqB,MAAM,UAAU,YAAY,IAAI,CAGzD,SAAU,CACR,QAAS,MACT,UAAW,CACT,CACE,UAAAF,EACA,SAAAX,EACA,MAAAC,EACA,UAAAC,EACA,WAAAU,CACF,CACF,EACA,KAAM,QACR,EAEA,UAAW,UACb,CAAC,EAED,GAAIE,GAAUD,CAAkB,EAC9B,MAAM,IAAIE,EAGZ,GAAM,CAAC,KAAAC,CAAI,EAAIH,EAEf,GACEG,IAAS,YACT,EAAE,UAAWH,IACb,OAAOA,EAAmB,OAAU,SAGpC,MAAM,IAAII,EAAoC,6CAA8C,CAC1F,MAAOJ,CACT,CAAC,EAGH,GAAM,CAAC,MAAOK,CAAG,EAAIL,EACrB,MAAO,CAAC,IAAAK,CAAG,CACb,ECpFA,eAAsBC,GACpBC,EAK6C,CAC7C,GAAI,WAAYA,EAAM,CACpB,GAAM,CAAC,OAAAC,CAAM,EAAID,EAEX,CAAC,SAAAE,CAAQ,EAAID,EACb,CAAC,QAASE,EAAa,GAAGC,CAAY,EAAIF,EAE1C,CAAC,QAAAG,EAAS,WAAAC,EAAY,QAAAC,CAAO,EAAIC,EAEjCC,EAAU,MAAMC,EAAY,CAChC,cAAeC,EAAmB,CAAC,QAASR,GAAeI,CAAO,CAAC,CACrE,CAAC,EAEDK,EAA6B,CAC3B,GAAGR,EACH,GAAGK,EACH,QAAAJ,EACA,WAAAC,CACF,CAAC,EACD,MACF,CAEA,IAAMG,EAAU,MAAMC,EAAY,CAAC,cAAeG,CAAmB,CAAC,EAEhE,CAAC,OAAAC,CAAM,EAAId,EAEjB,GAAI,gBAAiBc,EAAQ,CAC3B,GAAM,CAAC,YAAAC,CAAW,EAAID,EAChB,CAAC,UAAAE,CAAS,EAAIC,EAEpB,OAAO,MAAMC,GAAgC,CAC3C,GAAGH,EACH,GAAGN,EACH,UAAAO,CACF,CAAC,CACH,CAEA,GAAM,CAAC,SAAAd,CAAQ,EAAIY,EACb,CAAC,QAAAT,EAAS,WAAAC,CAAU,EAAIW,EAE9BE,EAA6B,CAC3B,GAAGjB,EACH,GAAGO,EACH,QAAAJ,EACA,WAAAC,CACF,CAAC,CACH,CCrEO,IAAMc,GAAmB,IAAe,CAC7C,GAAM,CAAC,UAAAC,CAAS,EAAI,UAKpB,MADyB,kBAAkB,KAAKA,CAAS,EAEhD,GAGF,uBAAwB,MACjC",
  "names": ["CONTEXT_KEY", "GOOGLE_PROVIDER", "GITHUB_PROVIDER", "Ed25519KeyIdentity", "isNullish", "arrayBufferToUint8Array", "uint8ArrayToBase64", "toBase64URL", "uint8Array", "generateSalt", "buildNonce", "salt", "caller", "principal", "bytes", "hash", "toBase64URL", "arrayBufferToUint8Array", "generateNonce", "InvalidUrlError", "ContextUndefinedError", "FedCMIdentityCredentialUndefinedError", "FedCMIdentityCredentialInvalidError", "AuthenticationError", "AuthenticationUrlHashError", "AuthenticationInvalidStateError", "AuthenticationUndefinedJwtError", "GetDelegationError", "GetDelegationRetryError", "ApiGitHubInitError", "options", "ApiGitHubFinalizeError", "Ed25519KeyIdentity", "base64ToUint8Array", "uint8ArrayToBase64", "JSON_KEY_CALLER", "JSON_KEY_SALT", "JSON_KEY_STATE", "stringifyContext", "caller", "state", "salt", "data", "parseContext", "jsonData", "jsonCaller", "jsonSalt", "initContext", "generateState", "caller", "Ed25519KeyIdentity", "nonce", "salt", "generateNonce", "state", "storedData", "stringifyContext", "CONTEXT_KEY", "loadContext", "storedContext", "isNullish", "ContextUndefinedError", "parseContext", "Delegation", "ECDSAKeyIdentity", "fromNullable", "getConsoleActor", "getSatelliteActor", "getAuthActor", "auth", "identity", "authenticate", "actorParams", "args", "getAuthActor", "getDelegation", "get_delegation", "DelegationChain", "DelegationIdentity", "generateIdentity", "delegations", "sessionKey", "userKey", "signedDelegations", "delegationChain", "authenticateSession", "jwt", "context", "auth", "sessionKey", "ECDSAKeyIdentity", "publicKey", "delegations", "data", "authenticate", "generateIdentity", "caller", "salt", "result", "AuthenticationError", "userKey", "expiration", "rest", "signedDelegation", "retryGetDelegation", "delegation", "signature", "pubkey", "signedExpiration", "targets", "Delegation", "fromNullable", "maxRetries", "i", "resolve", "getDelegation", "Err", "GetDelegationError", "GetDelegationRetryError", "isEmptyString", "initOAuth", "url", "result", "error", "ApiGitHubInitError", "finalizeOAuth", "body", "ApiGitHubFinalizeError", "authenticateGitHubWithRedirect", "auth", "context", "finalizeUrl", "search", "urlParams", "code", "state", "result", "finalizeOAuth", "idToken", "isEmptyString", "AuthenticationUndefinedJwtError", "authenticateSession", "isEmptyString", "authenticateGoogleWithRedirect", "auth", "context", "hash", "isEmptyString", "AuthenticationUrlHashError", "params", "state", "idToken", "savedState", "AuthenticationInvalidStateError", "AuthenticationUndefinedJwtError", "authenticateSession", "authenticate", "params", "context", "loadContext", "redirect", "auth", "finalizeUrl", "GITHUB_PROVIDER", "authenticateGitHubWithRedirect", "google", "jwt", "authenticateSession", "authenticateGoogleWithRedirect", "parseUrl", "url", "InvalidUrlError", "buildGenerateState", "initUrl", "nonce", "requestUrl", "parseUrl", "result", "initOAuth", "state", "requestGitHubJwtWithRedirect", "authUrl", "clientId", "authScopes", "state", "redirectUrl", "requestUrl", "parseUrl", "currentUrl", "generateRandomState", "toBase64URL", "generateGoogleState", "_params", "generateRandomState", "isNullish", "notEmptyString", "requestGoogleJwtWithRedirect", "authUrl", "clientId", "nonce", "loginHint", "authScopes", "state", "redirectUrl", "requestUrl", "parseUrl", "currentUrl", "notEmptyString", "requestGoogleJwtWithCredentials", "configURL", "domainHint", "identityCredential", "isNullish", "FedCMIdentityCredentialUndefinedError", "type", "FedCMIdentityCredentialInvalidError", "jwt", "requestJwt", "args", "github", "redirect", "userInitUrl", "restRedirect", "authUrl", "authScopes", "initUrl", "GITHUB_PROVIDER", "context", "initContext", "buildGenerateState", "requestGitHubJwtWithRedirect", "generateGoogleState", "google", "credentials", "configUrl", "GOOGLE_PROVIDER", "requestGoogleJwtWithCredentials", "requestGoogleJwtWithRedirect", "isFedCMSupported", "userAgent"]
}