@absolutejs/auth 0.26.0-beta.2 → 0.26.0-beta.4

package/dist/webauthn/postgresWebAuthnCredentialStore.d.ts

@@ -0,0 +1,172 @@
+import { type AnyPgDatabase } from '../stores/postgres';
+import type { WebAuthnCredentialStore } from './types';
+export declare const webauthnCredentialsTable: import("drizzle-orm/pg-core").PgTableWithColumns<{
+    name: "auth_webauthn_credentials";
+    schema: undefined;
+    columns: {
+        backed_up: import("drizzle-orm/pg-core").PgColumn<{
+            name: "backed_up";
+            tableName: "auth_webauthn_credentials";
+            dataType: "boolean";
+            columnType: "PgBoolean";
+            data: boolean;
+            driverParam: boolean;
+            notNull: false;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        counter: import("drizzle-orm/pg-core").PgColumn<{
+            name: "counter";
+            tableName: "auth_webauthn_credentials";
+            dataType: "number";
+            columnType: "PgBigInt53";
+            data: number;
+            driverParam: string | number;
+            notNull: true;
+            hasDefault: true;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        created_at_ms: import("drizzle-orm/pg-core").PgColumn<{
+            name: "created_at_ms";
+            tableName: "auth_webauthn_credentials";
+            dataType: "number";
+            columnType: "PgBigInt53";
+            data: number;
+            driverParam: string | number;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        credential_id: import("drizzle-orm/pg-core").PgColumn<{
+            name: "credential_id";
+            tableName: "auth_webauthn_credentials";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: true;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+        device_type: import("drizzle-orm/pg-core").PgColumn<{
+            name: "device_type";
+            tableName: "auth_webauthn_credentials";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: false;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 32;
+        }>;
+        last_used_at_ms: import("drizzle-orm/pg-core").PgColumn<{
+            name: "last_used_at_ms";
+            tableName: "auth_webauthn_credentials";
+            dataType: "number";
+            columnType: "PgBigInt53";
+            data: number;
+            driverParam: string | number;
+            notNull: false;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        public_key: import("drizzle-orm/pg-core").PgColumn<{
+            name: "public_key";
+            tableName: "auth_webauthn_credentials";
+            dataType: "string";
+            columnType: "PgText";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {}>;
+        transports: import("drizzle-orm/pg-core").PgColumn<{
+            name: "transports";
+            tableName: "auth_webauthn_credentials";
+            dataType: "json";
+            columnType: "PgJsonb";
+            data: string[];
+            driverParam: unknown;
+            notNull: false;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: undefined;
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            $type: string[];
+        }>;
+        user_id: import("drizzle-orm/pg-core").PgColumn<{
+            name: "user_id";
+            tableName: "auth_webauthn_credentials";
+            dataType: "string";
+            columnType: "PgVarchar";
+            data: string;
+            driverParam: string;
+            notNull: true;
+            hasDefault: false;
+            isPrimaryKey: false;
+            isAutoincrement: false;
+            hasRuntimeDefault: false;
+            enumValues: [string, ...string[]];
+            baseColumn: never;
+            identity: undefined;
+            generated: undefined;
+        }, {}, {
+            length: 255;
+        }>;
+    };
+    dialect: "pg";
+}>;
+export declare const createNeonWebAuthnCredentialStore: (databaseUrl: string) => WebAuthnCredentialStore;
+export declare const createPostgresWebAuthnCredentialStore: (db: AnyPgDatabase) => WebAuthnCredentialStore;

package/dist/webauthn/routes.d.ts

@@ -0,0 +1,155 @@
+import { Elysia } from 'elysia';
+import { type WebAuthnRouteProps } from './config';
+export declare const webauthnRoutes: <UserType>({ authSessionStore, challengeDurationMs, credentialStore, emit, getUserDisplayName, getUserId, getUserName, getWebAuthnUser, onWebAuthnAuthenticated, onWebAuthnRegistered, origin, rpId, rpName, sessionDurationMs, webauthnAdapter, webauthnRoute }: WebAuthnRouteProps<UserType>) => Elysia<"", {
+    decorator: {};
+    store: {
+        session: import("..").SessionRecord<UserType>;
+        unregisteredSession: import("..").UnregisteredSessionRecord;
+    };
+    derive: {};
+    resolve: {};
+}, {
+    typebox: {};
+    error: {};
+}, {
+    schema: {};
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: {};
+}, {
+    [x: string]: {
+        register: {
+            options: {
+                post: {
+                    body: unknown;
+                    params: {};
+                    query: unknown;
+                    headers: unknown;
+                    response: {
+                        200: {
+                            [x: string]: unknown;
+                        };
+                        401: "Authentication required";
+                        422: {
+                            type: "validation";
+                            on: string;
+                            summary?: string;
+                            message?: string;
+                            found?: unknown;
+                            property?: string;
+                            expected?: string;
+                        };
+                    };
+                };
+            };
+        };
+    };
+} & {
+    [x: string]: {
+        register: {
+            verify: {
+                post: {
+                    body: {};
+                    params: {};
+                    query: unknown;
+                    headers: unknown;
+                    response: {
+                        200: {
+                            readonly credentialId: string;
+                            readonly verified: true;
+                        };
+                        400: "No registration challenge in progress" | "WebAuthn registration failed";
+                        401: "Authentication required";
+                        422: {
+                            type: "validation";
+                            on: string;
+                            summary?: string;
+                            message?: string;
+                            found?: unknown;
+                            property?: string;
+                            expected?: string;
+                        };
+                    };
+                };
+            };
+        };
+    };
+} & {
+    [x: string]: {
+        authenticate: {
+            options: {
+                post: {
+                    body: unknown;
+                    params: {};
+                    query: unknown;
+                    headers: unknown;
+                    response: {
+                        200: {
+                            [x: string]: unknown;
+                        };
+                        422: {
+                            type: "validation";
+                            on: string;
+                            summary?: string;
+                            message?: string;
+                            found?: unknown;
+                            property?: string;
+                            expected?: string;
+                        };
+                    };
+                };
+            };
+        };
+    };
+} & {
+    [x: string]: {
+        authenticate: {
+            verify: {
+                post: {
+                    body: {
+                        id: string;
+                    };
+                    params: {};
+                    query: unknown;
+                    headers: unknown;
+                    response: {
+                        200: {
+                            readonly status: "authenticated";
+                        };
+                        400: "No authentication challenge in progress";
+                        401: "Unknown credential" | "WebAuthn authentication failed";
+                        422: {
+                            type: "validation";
+                            on: string;
+                            summary?: string;
+                            message?: string;
+                            found?: unknown;
+                            property?: string;
+                            expected?: string;
+                        };
+                    };
+                };
+            };
+        };
+    };
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+} & {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}>;

package/dist/webauthn/types.d.ts

@@ -0,0 +1,17 @@
+export type WebAuthnCredential = {
+    backedUp?: boolean;
+    counter: number;
+    createdAt: number;
+    credentialId: string;
+    deviceType?: string;
+    lastUsedAt?: number;
+    publicKey: string;
+    transports?: string[];
+    userId: string;
+};
+export type WebAuthnCredentialStore = {
+    getCredential: (credentialId: string) => Promise<WebAuthnCredential | undefined>;
+    listCredentialsByUser: (userId: string) => Promise<WebAuthnCredential[]>;
+    removeCredential: (credentialId: string) => Promise<void>;
+    saveCredential: (credential: WebAuthnCredential) => Promise<void>;
+};

package/dist/webhooks/config.d.ts

@@ -0,0 +1,21 @@
+import type { WebhookEndpoint, WebhookEvent } from './types';
+export declare const DEFAULT_WEBHOOK_TIMEOUT_MS: number;
+export type WebhookFetch = (url: string, init: {
+    body: string;
+    headers: Record<string, string>;
+    method: string;
+    signal: AbortSignal;
+}) => Promise<{
+    ok: boolean;
+    status: number;
+}>;
+export type WebhooksConfig = {
+    endpoints: WebhookEndpoint[];
+    fetch?: WebhookFetch;
+    onDeliveryError?: (context: {
+        endpoint: WebhookEndpoint;
+        error: unknown;
+        event: WebhookEvent;
+    }) => void | Promise<void>;
+    timeoutMs?: number;
+};

package/dist/webhooks/dispatcher.d.ts

@@ -0,0 +1,3 @@
+import type { AuditEvent } from '../audit/types';
+import { type WebhooksConfig } from './config';
+export declare const createWebhookDispatcher: ({ endpoints, fetch: fetchImpl, onDeliveryError, timeoutMs }: WebhooksConfig) => (event: AuditEvent) => Promise<void>;

package/dist/webhooks/sign.d.ts

@@ -0,0 +1,11 @@
+export declare const signWebhook: ({ id, payload, secret, timestamp }: {
+    id: string;
+    payload: string;
+    secret: string;
+    timestamp: string;
+}) => Promise<string>;
+export declare const verifyWebhookSignature: ({ headers, payload, secret }: {
+    headers: Record<string, string | undefined>;
+    payload: string;
+    secret: string;
+}) => Promise<boolean>;

package/dist/webhooks/types.d.ts

@@ -0,0 +1,11 @@
+import type { AuditEvent, AuditEventType } from '../audit/types';
+export type WebhookEndpoint = {
+    secret: string;
+    url: string;
+};
+export type WebhookEvent = {
+    createdAt: number;
+    data: AuditEvent;
+    id: string;
+    type: AuditEventType;
+};

package/package.json

@@ -1,5 +1,5 @@
 {
-	"version": "0.26.0-beta.2",
+	"version": "0.26.0-beta.4",
 	"name": "@absolutejs/auth",
 	"description": "An authorization library for absolutejs",
 	"repository": {
@@ -30,8 +30,8 @@
 	},
 	"dependencies": {
 		"@absolutejs/linked-providers": "0.0.2",
-		"citra": "0.25.11",
 		"@neondatabase/serverless": "1.0.0",
+		"citra": "^0.28.0",
 		"drizzle-orm": "0.41.0"
 	},
 	"devDependencies": {