@bounded-sh/core 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,41 @@
1
+ export declare function getMessageStatement(): Promise<string>;
2
+ export declare function createAuthHeader(isServer: boolean): Promise<{
3
+ Authorization: string;
4
+ } | null>;
5
+ export declare function getUserInfo(isServer: boolean): Promise<any>;
6
+ /**
7
+ * The identity fields exposed on the SDK `User` object, derived from a verified
8
+ * idToken. Mirrors the realtime-worker's auth.ts so the client surfaces exactly
9
+ * the same { id, address, email } the backend authenticates as.
10
+ */
11
+ export interface UserIdentity {
12
+ /** @user.id — universal stable identity (custom:userId, else custom:walletAddress). */
13
+ id: string | null;
14
+ /** @user.address — REAL wallet; null for email-only logins. */
15
+ address: string | null;
16
+ /** @user.email — verified lowercased email; null for wallet/SIWS logins. */
17
+ email: string | null;
18
+ }
19
+ /**
20
+ * Derive { id, address, email } from an idToken's claims.
21
+ *
22
+ * Mirrors the realtime-worker auth.ts identity resolution so the client-side
23
+ * `user` object matches what the backend authenticates as:
24
+ * - id = custom:userId when present, else custom:walletAddress (the fallback
25
+ * keeps wallet/SIWS tokens — which omit userId — AND legacy Better Auth
26
+ * tokens — which put the account id in custom:walletAddress — working).
27
+ * - address = custom:walletAddress only (a REAL wallet). NEVER falls back to the
28
+ * identity: an opaque id is not a spendable onchain address. null for
29
+ * email-only sessions.
30
+ * - email = the token's `email` claim, lowercased to match the canonical form
31
+ * policy equality compares against. null when absent (wallet/SIWS).
32
+ *
33
+ * Returns all-null when the token can't be decoded (caller treats as no identity).
34
+ */
35
+ export declare function deriveUserIdentityFromIdToken(idToken: string | null | undefined): UserIdentity;
36
+ export declare function getIdToken(isServer: boolean): Promise<string | null>;
37
+ export declare function getRefreshToken(isServer: boolean): Promise<string | null>;
38
+ /** The auth issuer base that minted the active client session, so a refresh POSTs
39
+ * to the right /session/refresh. Undefined on the server (keypair, no refresh). */
40
+ export declare function getSessionIssuer(isServer: boolean): string | undefined;
41
+ export declare function updateIdTokenAndAccessToken(idToken: string, accessToken: string, isServer?: boolean, refreshToken?: string): Promise<void>;
@@ -0,0 +1,20 @@
1
+ export declare class WebSessionManager {
2
+ private static TAROBASE_SESSION_STORAGE_KEY;
3
+ /**
4
+ * Decode a base64url-encoded string (used by JWT payloads).
5
+ * Normalises base64url → standard base64 before calling browser atob().
6
+ */
7
+ private static decodeBase64Url;
8
+ static storeSession(address: string, accessToken: string, idToken: string, refreshToken: string, issuer?: string): Promise<void>;
9
+ static getSession(): Promise<{
10
+ address: string;
11
+ session: any;
12
+ } | null>;
13
+ static clearSession(): void;
14
+ static isAuthenticated(): boolean;
15
+ static getIdToken(): string | null;
16
+ static getRefreshToken(): string | null;
17
+ /** The issuer base that minted this session (for routing silent refresh). */
18
+ static getIssuer(): string | null;
19
+ static updateIdTokenAndAccessToken(idToken: string, accessToken: string, refreshToken?: string): Promise<void>;
20
+ }
package/package.json ADDED
@@ -0,0 +1,68 @@
1
+ {
2
+ "name": "@bounded-sh/core",
3
+ "version": "0.0.1",
4
+ "description": "Core functionality for Poof SDK",
5
+ "main": "./dist/index.js",
6
+ "module": "./dist/index.mjs",
7
+ "types": "./dist/index.d.ts",
8
+ "exports": {
9
+ ".": {
10
+ "types": "./dist/index.d.ts",
11
+ "import": "./dist/index.mjs",
12
+ "require": "./dist/index.js"
13
+ }
14
+ },
15
+ "scripts": {
16
+ "build": "rm -rf ./dist ./.rollup-tmp && tsc -p tsconfig.build.json --outDir .rollup-tmp --declarationDir .rollup-tmp --emitDeclarationOnly false && rollup -c && tsc -p tsconfig.build.json --emitDeclarationOnly --declarationDir dist && rm -rf ./.rollup-tmp",
17
+ "watch": "rollup -c -w",
18
+ "test": "node src/client/run-read-principal-test.mjs",
19
+ "prepare": "npm run build"
20
+ },
21
+ "files": [
22
+ "dist"
23
+ ],
24
+ "keywords": [
25
+ "sdk",
26
+ "api",
27
+ "poof",
28
+ "web3",
29
+ "onchain",
30
+ "blockchain",
31
+ "solana",
32
+ "ai",
33
+ "server",
34
+ "node",
35
+ "typescript",
36
+ "core"
37
+ ],
38
+ "author": "Poof.new",
39
+ "license": "MIT",
40
+ "devDependencies": {
41
+ "@rollup/plugin-commonjs": "28.0.9",
42
+ "@rollup/plugin-json": "6.1.0",
43
+ "@rollup/plugin-node-resolve": "15.3.1",
44
+ "@types/bn.js": "5.2.0",
45
+ "@types/bs58": "4.0.4",
46
+ "rollup": "4.55.1",
47
+ "rollup-plugin-peer-deps-external": "2.2.4",
48
+ "rollup-plugin-typescript2": "0.36.0",
49
+ "typescript": "5.9.3"
50
+ },
51
+ "dependencies": {
52
+ "@coral-xyz/anchor": "0.31.1",
53
+ "@solana/spl-token": "0.4.14",
54
+ "@solana/web3.js": "1.98.4",
55
+ "@types/lodash": "4.17.21",
56
+ "axios": "1.15.2",
57
+ "axios-retry": "4.5.0",
58
+ "bn.js": "5.2.2",
59
+ "buffer": "6.0.3",
60
+ "lodash": "4.17.21",
61
+ "reconnecting-websocket": "4.4.0",
62
+ "tweetnacl": "1.0.3"
63
+ },
64
+ "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e",
65
+ "publishConfig": {
66
+ "access": "public"
67
+ }
68
+ }