@authrim/sveltekit 0.1.0

package/dist/direct-auth/passkey.js

@@ -0,0 +1,392 @@
+/**
+ * Passkey Authentication (WebAuthn)
+ */
+import { AuthrimError, PKCEHelper, } from '@authrim/core';
+import { getAuthrimCode, mapSeverity } from '../utils/error-mapping.js';
+import { convertToPublicKeyCredentialRequestOptions, convertToPublicKeyCredentialCreationOptions, assertionResponseToJSON, attestationResponseToJSON, } from '../utils/webauthn-converters.js';
+const ENDPOINTS = {
+    PASSKEY_LOGIN_START: '/api/v1/auth/direct/passkey/login/start',
+    PASSKEY_LOGIN_FINISH: '/api/v1/auth/direct/passkey/login/finish',
+    PASSKEY_SIGNUP_START: '/api/v1/auth/direct/passkey/signup/start',
+    PASSKEY_SIGNUP_FINISH: '/api/v1/auth/direct/passkey/signup/finish',
+    PASSKEY_REGISTER_START: '/api/v1/auth/direct/passkey/register/start',
+    PASSKEY_REGISTER_FINISH: '/api/v1/auth/direct/passkey/register/finish',
+};
+export class PasskeyAuthImpl {
+    issuer;
+    clientId;
+    http;
+    pkce;
+    exchangeToken;
+    conditionalAbortController = null;
+    constructor(options) {
+        this.issuer = options.issuer;
+        this.clientId = options.clientId;
+        this.http = options.http;
+        this.pkce = new PKCEHelper(options.crypto);
+        this.exchangeToken = options.exchangeToken;
+    }
+    isSupported() {
+        return (typeof window !== 'undefined' &&
+            typeof window.PublicKeyCredential !== 'undefined' &&
+            typeof navigator.credentials !== 'undefined');
+    }
+    async isConditionalUIAvailable() {
+        if (!this.isSupported())
+            return false;
+        try {
+            if (typeof PublicKeyCredential.isConditionalMediationAvailable === 'function') {
+                return await PublicKeyCredential.isConditionalMediationAvailable();
+            }
+            return false;
+        }
+        catch {
+            return false;
+        }
+    }
+    async login(options) {
+        if (!this.isSupported()) {
+            return {
+                success: false,
+                error: {
+                    error: 'passkey_not_supported',
+                    error_description: 'WebAuthn is not supported in this browser',
+                    code: 'AR003003',
+                    meta: { retryable: false, severity: 'warn' },
+                },
+            };
+        }
+        let codeVerifier = '';
+        try {
+            const pkce = await this.pkce.generatePKCE();
+            codeVerifier = pkce.codeVerifier;
+            const codeChallenge = pkce.codeChallenge;
+            const startRequest = {
+                client_id: this.clientId,
+                code_challenge: codeChallenge,
+                code_challenge_method: 'S256',
+            };
+            const startResponse = await this.http.fetch(`${this.issuer}${ENDPOINTS.PASSKEY_LOGIN_START}`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(startRequest),
+            });
+            if (!startResponse.ok || !startResponse.data) {
+                throw new AuthrimError('network_error', 'Failed to start passkey login');
+            }
+            const { challenge_id, options: webauthnOptions } = startResponse.data;
+            const publicKeyOptions = convertToPublicKeyCredentialRequestOptions(webauthnOptions);
+            const abortController = new AbortController();
+            const abortHandler = () => abortController.abort();
+            if (options?.signal) {
+                options.signal.addEventListener('abort', abortHandler, { once: true });
+            }
+            if (options?.conditional || options?.mediation === 'conditional') {
+                // Cancel any existing conditional UI request before starting a new one
+                // This prevents leaking the old AbortController
+                if (this.conditionalAbortController) {
+                    this.conditionalAbortController.abort();
+                }
+                this.conditionalAbortController = abortController;
+            }
+            let credential;
+            try {
+                credential = (await navigator.credentials.get({
+                    publicKey: publicKeyOptions,
+                    mediation: options?.mediation || (options?.conditional ? 'conditional' : 'optional'),
+                    signal: abortController.signal,
+                }));
+            }
+            catch (error) {
+                if (error instanceof Error) {
+                    if (error.name === 'AbortError' || error.name === 'NotAllowedError') {
+                        return {
+                            success: false,
+                            error: {
+                                error: 'passkey_cancelled',
+                                error_description: error.name === 'AbortError'
+                                    ? 'Passkey authentication was cancelled'
+                                    : 'User denied the passkey request',
+                                code: 'AR003004',
+                                meta: { retryable: false, severity: 'warn' },
+                            },
+                        };
+                    }
+                }
+                throw error;
+            }
+            finally {
+                // Cleanup: remove abort handler and clear conditional controller
+                if (options?.signal) {
+                    options.signal.removeEventListener('abort', abortHandler);
+                }
+                if (options?.conditional) {
+                    this.conditionalAbortController = null;
+                }
+            }
+            if (!credential) {
+                return {
+                    success: false,
+                    error: {
+                        error: 'passkey_not_found',
+                        error_description: 'No passkey credential found',
+                        code: 'AR003001',
+                        meta: { retryable: false, severity: 'warn' },
+                    },
+                };
+            }
+            const credentialJSON = assertionResponseToJSON(credential);
+            const finishRequest = {
+                challenge_id,
+                credential: credentialJSON,
+                code_verifier: codeVerifier,
+            };
+            const finishResponse = await this.http.fetch(`${this.issuer}${ENDPOINTS.PASSKEY_LOGIN_FINISH}`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(finishRequest),
+            });
+            if (!finishResponse.ok || !finishResponse.data) {
+                throw new AuthrimError('passkey_verification_failed', 'Failed to verify passkey');
+            }
+            const { auth_code } = finishResponse.data;
+            const result = await this.exchangeToken(auth_code, codeVerifier);
+            return {
+                success: true,
+                session: result.session,
+                user: result.user,
+            };
+        }
+        catch (error) {
+            if (error instanceof AuthrimError) {
+                return {
+                    success: false,
+                    error: {
+                        error: error.code,
+                        error_description: error.message,
+                        code: getAuthrimCode(error.code, 'AR003000'),
+                        meta: {
+                            retryable: error.meta.retryable,
+                            severity: mapSeverity(error.meta.severity),
+                        },
+                    },
+                };
+            }
+            return {
+                success: false,
+                error: {
+                    error: 'passkey_verification_failed',
+                    error_description: error instanceof Error ? error.message : 'Unknown error',
+                    code: 'AR003002',
+                    meta: { retryable: false, severity: 'error' },
+                },
+            };
+        }
+        finally {
+            // Ensure codeVerifier is cleared regardless of success or failure
+            codeVerifier = '';
+        }
+    }
+    async signUp(options) {
+        if (!this.isSupported()) {
+            return {
+                success: false,
+                error: {
+                    error: 'passkey_not_supported',
+                    error_description: 'WebAuthn is not supported in this browser',
+                    code: 'AR003003',
+                    meta: { retryable: false, severity: 'warn' },
+                },
+            };
+        }
+        let codeVerifier = '';
+        try {
+            const pkce = await this.pkce.generatePKCE();
+            codeVerifier = pkce.codeVerifier;
+            const codeChallenge = pkce.codeChallenge;
+            const startRequest = {
+                client_id: this.clientId,
+                email: options.email,
+                display_name: options.displayName,
+                code_challenge: codeChallenge,
+                code_challenge_method: 'S256',
+                authenticator_type: options.authenticatorType,
+                resident_key: options.residentKey,
+                user_verification: options.userVerification,
+            };
+            const startResponse = await this.http.fetch(`${this.issuer}${ENDPOINTS.PASSKEY_SIGNUP_START}`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(startRequest),
+            });
+            if (!startResponse.ok || !startResponse.data) {
+                throw new AuthrimError('network_error', 'Failed to start passkey signup');
+            }
+            const { challenge_id, options: webauthnOptions } = startResponse.data;
+            const publicKeyOptions = convertToPublicKeyCredentialCreationOptions(webauthnOptions);
+            const abortController = new AbortController();
+            const abortHandler = () => abortController.abort();
+            if (options.signal) {
+                options.signal.addEventListener('abort', abortHandler, { once: true });
+            }
+            let credential;
+            try {
+                credential = (await navigator.credentials.create({
+                    publicKey: publicKeyOptions,
+                    signal: abortController.signal,
+                }));
+            }
+            catch (error) {
+                if (error instanceof Error) {
+                    if (error.name === 'AbortError' || error.name === 'NotAllowedError') {
+                        return {
+                            success: false,
+                            error: {
+                                error: 'passkey_cancelled',
+                                error_description: 'Passkey registration was cancelled',
+                                code: 'AR003004',
+                                meta: { retryable: false, severity: 'warn' },
+                            },
+                        };
+                    }
+                }
+                throw error;
+            }
+            finally {
+                // Cleanup: remove abort handler
+                if (options.signal) {
+                    options.signal.removeEventListener('abort', abortHandler);
+                }
+            }
+            if (!credential) {
+                return {
+                    success: false,
+                    error: {
+                        error: 'passkey_invalid_credential',
+                        error_description: 'Failed to create passkey credential',
+                        code: 'AR003005',
+                        meta: { retryable: false, severity: 'error' },
+                    },
+                };
+            }
+            const credentialJSON = attestationResponseToJSON(credential);
+            const finishRequest = {
+                challenge_id,
+                credential: credentialJSON,
+                code_verifier: codeVerifier,
+            };
+            const finishResponse = await this.http.fetch(`${this.issuer}${ENDPOINTS.PASSKEY_SIGNUP_FINISH}`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify(finishRequest),
+            });
+            if (!finishResponse.ok || !finishResponse.data) {
+                throw new AuthrimError('passkey_verification_failed', 'Failed to register passkey');
+            }
+            const { auth_code } = finishResponse.data;
+            const result = await this.exchangeToken(auth_code, codeVerifier);
+            return {
+                success: true,
+                session: result.session,
+                user: result.user,
+            };
+        }
+        catch (error) {
+            if (error instanceof AuthrimError) {
+                return {
+                    success: false,
+                    error: {
+                        error: error.code,
+                        error_description: error.message,
+                        code: getAuthrimCode(error.code, 'AR003000'),
+                        meta: {
+                            retryable: error.meta.retryable,
+                            severity: mapSeverity(error.meta.severity),
+                        },
+                    },
+                };
+            }
+            return {
+                success: false,
+                error: {
+                    error: 'passkey_verification_failed',
+                    error_description: error instanceof Error ? error.message : 'Unknown error',
+                    code: 'AR003002',
+                    meta: { retryable: false, severity: 'error' },
+                },
+            };
+        }
+        finally {
+            // Ensure codeVerifier is cleared regardless of success or failure
+            codeVerifier = '';
+        }
+    }
+    async register(options) {
+        if (!this.isSupported()) {
+            throw new AuthrimError('passkey_not_supported', 'WebAuthn is not supported in this browser');
+        }
+        const startResponse = await this.http.fetch(`${this.issuer}${ENDPOINTS.PASSKEY_REGISTER_START}`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                client_id: this.clientId,
+                display_name: options?.displayName,
+                authenticator_type: options?.authenticatorType,
+                resident_key: options?.residentKey,
+                user_verification: options?.userVerification,
+            }),
+        });
+        if (!startResponse.ok || !startResponse.data) {
+            throw new AuthrimError('network_error', 'Failed to start passkey registration');
+        }
+        const { challenge_id, options: webauthnOptions } = startResponse.data;
+        const publicKeyOptions = convertToPublicKeyCredentialCreationOptions(webauthnOptions);
+        const abortController = new AbortController();
+        const abortHandler = () => abortController.abort();
+        if (options?.signal) {
+            options.signal.addEventListener('abort', abortHandler, { once: true });
+        }
+        let credential;
+        try {
+            credential = (await navigator.credentials.create({
+                publicKey: publicKeyOptions,
+                signal: abortController.signal,
+            }));
+        }
+        finally {
+            // Cleanup: remove abort handler
+            if (options?.signal) {
+                options.signal.removeEventListener('abort', abortHandler);
+            }
+        }
+        if (!credential) {
+            throw new AuthrimError('passkey_invalid_credential', 'Failed to create passkey credential');
+        }
+        const credentialJSON = attestationResponseToJSON(credential);
+        const finishResponse = await this.http.fetch(`${this.issuer}${ENDPOINTS.PASSKEY_REGISTER_FINISH}`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                challenge_id,
+                credential: credentialJSON,
+            }),
+        });
+        if (!finishResponse.ok || !finishResponse.data) {
+            throw new AuthrimError('passkey_verification_failed', 'Failed to register passkey');
+        }
+        return {
+            credentialId: finishResponse.data.credential_id,
+            publicKey: finishResponse.data.public_key,
+            authenticatorType: finishResponse.data.authenticator_type,
+            transports: finishResponse.data.transports,
+            createdAt: finishResponse.data.created_at,
+            displayName: options?.displayName,
+        };
+    }
+    cancelConditionalUI() {
+        if (this.conditionalAbortController) {
+            this.conditionalAbortController.abort();
+            this.conditionalAbortController = null;
+        }
+    }
+}

package/dist/direct-auth/session.d.ts

@@ -0,0 +1,48 @@
+/**
+ * Session Management for Direct Auth
+ */
+import { type SessionAuth, type Session, type DirectAuthLogoutOptions, type User } from '@authrim/core';
+import type { BrowserHttpClient } from '../providers/http.js';
+export interface SessionManagerOptions {
+    issuer: string;
+    clientId: string;
+    http: BrowserHttpClient;
+}
+export declare class SessionAuthImpl implements SessionAuth {
+    private readonly issuer;
+    private readonly clientId;
+    private readonly http;
+    private readonly storageKey;
+    private cachedSession;
+    private cachedUser;
+    private sessionCacheExpiry;
+    private readonly SESSION_CACHE_TTL;
+    constructor(options: SessionManagerOptions);
+    private getStoredToken;
+    private storeToken;
+    private removeStoredToken;
+    get(): Promise<Session | null>;
+    getUser(): Promise<User | null>;
+    validate(): Promise<boolean>;
+    logout(options?: DirectAuthLogoutOptions): Promise<void>;
+    exchangeToken(authCode: string, codeVerifier: string, requestRefreshToken?: boolean): Promise<{
+        session?: Session;
+        user?: User;
+    }>;
+    /**
+     * Revalidate the current session by clearing cache and fetching fresh data.
+     *
+     * Note: This does NOT perform OAuth token refresh (grant_type: 'refresh_token').
+     * Token refresh is handled automatically by the server when the access token
+     * is still valid but needs renewal.
+     *
+     * For explicit token refresh, use the refresh token flow through the server.
+     *
+     * @returns Fresh session data or null if not authenticated
+     */
+    refresh(): Promise<Session | null>;
+    isAuthenticated(): Promise<boolean>;
+    clearCache(): void;
+    getToken(): string | null;
+}
+//# sourceMappingURL=session.d.ts.map

package/dist/direct-auth/session.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/lib/direct-auth/session.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAEL,KAAK,WAAW,EAChB,KAAK,OAAO,EACZ,KAAK,uBAAuB,EAG5B,KAAK,IAAI,EACV,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAU9D,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,iBAAiB,CAAC;CACzB;AAaD,qBAAa,eAAgB,YAAW,WAAW;IACjD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAoB;IACzC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,aAAa,CAAwB;IAC7C,OAAO,CAAC,UAAU,CAAqB;IACvC,OAAO,CAAC,kBAAkB,CAAa;IACvC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;gBAE/B,OAAO,EAAE,qBAAqB;IAO1C,OAAO,CAAC,cAAc;IAStB,OAAO,CAAC,UAAU;IASlB,OAAO,CAAC,iBAAiB;IASnB,GAAG,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAyC9B,OAAO,IAAI,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAS/B,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;IAY5B,MAAM,CAAC,OAAO,CAAC,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC;IAqCxD,aAAa,CACjB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,mBAAmB,CAAC,EAAE,OAAO,GAC5B,OAAO,CAAC;QAAE,OAAO,CAAC,EAAE,OAAO,CAAC;QAAC,IAAI,CAAC,EAAE,IAAI,CAAA;KAAE,CAAC;IAgE9C;;;;;;;;;;OAUG;IACG,OAAO,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAKlC,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAUzC,UAAU,IAAI,IAAI;IAMlB,QAAQ,IAAI,MAAM,GAAG,IAAI;CAG1B"}

package/dist/direct-auth/session.js

@@ -0,0 +1,219 @@
+/**
+ * Session Management for Direct Auth
+ */
+import { AuthrimError, } from '@authrim/core';
+const ENDPOINTS = {
+    TOKEN: '/api/v1/auth/direct/token',
+    SESSION: '/api/v1/auth/direct/session',
+    LOGOUT: '/api/v1/auth/direct/logout',
+};
+const STORAGE_KEY_PREFIX = 'authrim_session';
+function getStorageKey(issuer, clientId) {
+    const key = `${issuer}:${clientId}`;
+    let hash = 0;
+    for (let i = 0; i < key.length; i++) {
+        const char = key.charCodeAt(i);
+        hash = (hash << 5) - hash + char;
+        hash = hash & hash;
+    }
+    return `${STORAGE_KEY_PREFIX}_${Math.abs(hash).toString(36)}`;
+}
+export class SessionAuthImpl {
+    issuer;
+    clientId;
+    http;
+    storageKey;
+    cachedSession = null;
+    cachedUser = null;
+    sessionCacheExpiry = 0;
+    SESSION_CACHE_TTL = 60000;
+    constructor(options) {
+        this.issuer = options.issuer;
+        this.clientId = options.clientId;
+        this.http = options.http;
+        this.storageKey = getStorageKey(options.issuer, options.clientId);
+    }
+    getStoredToken() {
+        if (typeof localStorage === 'undefined')
+            return null;
+        try {
+            return localStorage.getItem(this.storageKey);
+        }
+        catch {
+            return null;
+        }
+    }
+    storeToken(token) {
+        if (typeof localStorage === 'undefined')
+            return;
+        try {
+            localStorage.setItem(this.storageKey, token);
+        }
+        catch {
+            console.warn('[Authrim] Failed to store token in localStorage');
+        }
+    }
+    removeStoredToken() {
+        if (typeof localStorage === 'undefined')
+            return;
+        try {
+            localStorage.removeItem(this.storageKey);
+        }
+        catch {
+            // localStorage not available
+        }
+    }
+    async get() {
+        if (this.cachedSession && Date.now() < this.sessionCacheExpiry) {
+            return this.cachedSession;
+        }
+        const token = this.getStoredToken();
+        if (!token) {
+            this.clearCache();
+            return null;
+        }
+        try {
+            const response = await this.http.fetch(`${this.issuer}${ENDPOINTS.SESSION}`, {
+                method: 'GET',
+                headers: {
+                    Authorization: `Bearer ${token}`,
+                },
+            });
+            if (!response.ok || !response.data) {
+                if (response.status === 401) {
+                    this.removeStoredToken();
+                }
+                this.clearCache();
+                return null;
+            }
+            this.cachedSession = response.data.session;
+            this.cachedUser = response.data.user;
+            this.sessionCacheExpiry = Date.now() + this.SESSION_CACHE_TTL;
+            return response.data.session;
+        }
+        catch {
+            this.clearCache();
+            return null;
+        }
+    }
+    async getUser() {
+        if (this.cachedUser && Date.now() < this.sessionCacheExpiry) {
+            return this.cachedUser;
+        }
+        await this.get();
+        return this.cachedUser;
+    }
+    async validate() {
+        try {
+            const session = await this.get();
+            if (!session)
+                return false;
+            const expiresAt = new Date(session.expiresAt).getTime();
+            return Date.now() < expiresAt;
+        }
+        catch {
+            return false;
+        }
+    }
+    async logout(options) {
+        const token = this.getStoredToken();
+        if (token) {
+            try {
+                const requestBody = {
+                    client_id: this.clientId,
+                };
+                if (options?.revokeTokens !== undefined) {
+                    requestBody.revoke_tokens = options.revokeTokens;
+                }
+                await this.http.fetch(`${this.issuer}${ENDPOINTS.LOGOUT}`, {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json',
+                        Authorization: `Bearer ${token}`,
+                    },
+                    body: JSON.stringify(requestBody),
+                });
+            }
+            catch (error) {
+                console.warn('Logout request failed:', error);
+            }
+        }
+        this.removeStoredToken();
+        this.clearCache();
+        if (options?.redirectUri && typeof window !== 'undefined') {
+            window.location.href = options.redirectUri;
+        }
+    }
+    async exchangeToken(authCode, codeVerifier, requestRefreshToken) {
+        const request = {
+            grant_type: 'authorization_code',
+            code: authCode,
+            client_id: this.clientId,
+            code_verifier: codeVerifier,
+            request_refresh_token: requestRefreshToken,
+        };
+        const response = await this.http.fetch(`${this.issuer}${ENDPOINTS.TOKEN}`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify(request),
+        });
+        if (!response.ok || !response.data) {
+            if (response.status === 400) {
+                const errorData = response.data;
+                if (errorData?.error === 'invalid_grant') {
+                    throw new AuthrimError('auth_code_invalid', errorData.error_description || 'Invalid authorization code');
+                }
+                if (errorData?.error === 'expired_token') {
+                    throw new AuthrimError('auth_code_expired', errorData.error_description || 'Authorization code has expired');
+                }
+            }
+            throw new AuthrimError('token_error', 'Failed to exchange authorization code for tokens');
+        }
+        const tokenResponse = response.data;
+        if (tokenResponse.access_token) {
+            this.storeToken(tokenResponse.access_token);
+        }
+        if (tokenResponse.session) {
+            this.cachedSession = tokenResponse.session;
+            this.sessionCacheExpiry = Date.now() + this.SESSION_CACHE_TTL;
+        }
+        if (tokenResponse.user) {
+            this.cachedUser = tokenResponse.user;
+        }
+        return {
+            session: tokenResponse.session,
+            user: tokenResponse.user,
+        };
+    }
+    /**
+     * Revalidate the current session by clearing cache and fetching fresh data.
+     *
+     * Note: This does NOT perform OAuth token refresh (grant_type: 'refresh_token').
+     * Token refresh is handled automatically by the server when the access token
+     * is still valid but needs renewal.
+     *
+     * For explicit token refresh, use the refresh token flow through the server.
+     *
+     * @returns Fresh session data or null if not authenticated
+     */
+    async refresh() {
+        this.clearCache();
+        return this.get();
+    }
+    async isAuthenticated() {
+        const token = this.getStoredToken();
+        if (!token) {
+            return false;
+        }
+        const session = await this.get();
+        return session !== null;
+    }
+    clearCache() {
+        this.cachedSession = null;
+        this.cachedUser = null;
+        this.sessionCacheExpiry = 0;
+    }
+    getToken() {
+        return this.getStoredToken();
+    }
+}