npm - @casual-simulation/aux-records - Versions diffs - 3.2.16 → 3.2.17 - Mend

@casual-simulation/aux-records 3.2.16 → 3.2.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/AAGUID.d.ts +11 -0
package/AAGUID.js +100 -0
package/AAGUID.js.map +1 -0
package/AuthController.d.ts +171 -3
package/AuthController.js +426 -1
package/AuthController.js.map +1 -1
package/AuthStore.d.ts +182 -0
package/Base64UrlUtils.d.ts +16 -0
package/Base64UrlUtils.js +59 -0
package/Base64UrlUtils.js.map +1 -0
package/FileRecordsStore.d.ts +12 -1
package/MemoryFileRecordsLookup.d.ts +1 -1
package/MemoryFileRecordsLookup.js +4 -1
package/MemoryFileRecordsLookup.js.map +1 -1
package/MemoryStore.d.ts +14 -1
package/MemoryStore.js +89 -0
package/MemoryStore.js.map +1 -1
package/RecordsServer.d.ts +6 -0
package/RecordsServer.js +214 -0
package/RecordsServer.js.map +1 -1
package/Utils.d.ts +1 -1
package/Utils.js +3 -0
package/Utils.js.map +1 -1
package/package.json +4 -2

package/AAGUID.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+export type AuthenticatorKind = 'google-password-manager' | 'chrome-on-mac' | 'windows-hello' | 'icloud-keychain' | 'dashlane' | '1password' | 'nord-pass' | 'keeper' | 'enpass' | 'chromium-browser' | 'ms-edge-on-mac' | 'idmelon' | 'bitwarden' | 'samsung-pass' | 'thales' | 'unknown';
+export interface AAGUIDInfo {
+    kind: AuthenticatorKind;
+    name: string;
+}
+export interface AAGUIDMap {
+    [aaguid: string]: AAGUIDInfo;
+}
+export declare const aaguidMap: AAGUIDMap;
+export declare function getInfoForAAGUID(aaguid: string): AAGUIDInfo;
+//# sourceMappingURL=AAGUID.d.ts.map

package/AAGUID.js ADDED Viewed

@@ -0,0 +1,100 @@
+// Taken from https://github.com/passkeydeveloper/passkey-authenticator-aaguids
+export const aaguidMap = {
+    'ea9b8d66-4d01-1d21-3ce4-b6b48cb575d4': {
+        kind: 'google-password-manager',
+        name: 'Google Password Manager',
+    },
+    'adce0002-35bc-c60a-648b-0b25f1f05503': {
+        kind: 'chrome-on-mac',
+        name: 'Chrome on Mac',
+    },
+    '08987058-cadc-4b81-b6e1-30de50dcbe96': {
+        kind: 'windows-hello',
+        name: 'Windows Hello',
+    },
+    '9ddd1817-af5a-4672-a2b9-3e3dd95000a9': {
+        kind: 'windows-hello',
+        name: 'Windows Hello',
+    },
+    '6028b017-b1d4-4c02-b4b3-afcdafc96bb2': {
+        kind: 'windows-hello',
+        name: 'Windows Hello',
+    },
+    'dd4ec289-e01d-41c9-bb89-70fa845d4bf2': {
+        kind: 'icloud-keychain',
+        name: 'iCloud Keychain (Managed)',
+    },
+    '531126d6-e717-415c-9320-3d9aa6981239': {
+        kind: 'dashlane',
+        name: 'Dashlane',
+    },
+    'bada5566-a7aa-401f-bd96-45619a55120d': {
+        kind: '1password',
+        name: '1Password',
+    },
+    'b84e4048-15dc-4dd0-8640-f4f60813c8af': {
+        kind: 'nord-pass',
+        name: 'NordPass',
+    },
+    '0ea242b4-43c4-4a1b-8b17-dd6d0b6baec6': {
+        kind: 'keeper',
+        name: 'Keeper',
+    },
+    'f3809540-7f14-49c1-a8b3-8f813b225541': {
+        kind: 'enpass',
+        name: 'Enpass',
+    },
+    'b5397666-4885-aa6b-cebf-e52262a439a2': {
+        kind: 'chromium-browser',
+        name: 'Chromium Browser',
+    },
+    '771b48fd-d3d4-4f74-9232-fc157ab0507a': {
+        kind: 'ms-edge-on-mac',
+        name: 'Edge on Mac',
+    },
+    '39a5647e-1853-446c-a1f6-a79bae9f5bc7': {
+        kind: 'idmelon',
+        name: 'IDmelon',
+    },
+    'd548826e-79b4-db40-a3d8-11116f7e8349': {
+        kind: 'bitwarden',
+        name: 'Bitwarden',
+    },
+    'fbfc3007-154e-4ecc-8c0b-6e020557d7bd': {
+        kind: 'icloud-keychain',
+        name: 'iCloud Keychain',
+    },
+    '53414d53-554e-4700-0000-000000000000': {
+        kind: 'samsung-pass',
+        name: 'Samsung Pass',
+    },
+    '66a0ccb3-bd6a-191f-ee06-e375c50b9846': {
+        kind: 'thales',
+        name: 'Thales Bio iOS SDK',
+    },
+    '8836336a-f590-0921-301d-46427531eee6': {
+        kind: 'thales',
+        name: 'Thales Bio Android SDK',
+    },
+    'cd69adb5-3c7a-deb9-3177-6800ea6cb72a': {
+        kind: 'thales',
+        name: 'Thales PIN Android SDK',
+    },
+    '17290f1e-c212-34d0-1423-365d729f09d9': {
+        kind: 'thales',
+        name: 'Thales PIN iOS SDK',
+    },
+};
+export function getInfoForAAGUID(aaguid) {
+    const info = aaguidMap[aaguid];
+    if (info) {
+        return info;
+    }
+    else {
+        return {
+            name: 'Unknown Authenticator',
+            kind: 'unknown',
+        };
+    }
+}
+//# sourceMappingURL=AAGUID.js.map

package/AAGUID.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AAGUID.js","sourceRoot":"","sources":["AAGUID.ts"],"names":[],"mappings":"AAAA,+EAA+E;AA+B/E,MAAM,CAAC,MAAM,SAAS,GAAc;IAChC,sCAAsC,EAAE;QACpC,IAAI,EAAE,yBAAyB;QAC/B,IAAI,EAAE,yBAAyB;KAClC;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,eAAe;QACrB,IAAI,EAAE,eAAe;KACxB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,eAAe;QACrB,IAAI,EAAE,eAAe;KACxB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,eAAe;QACrB,IAAI,EAAE,eAAe;KACxB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,eAAe;QACrB,IAAI,EAAE,eAAe;KACxB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,iBAAiB;QACvB,IAAI,EAAE,2BAA2B;KACpC;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,UAAU;KACnB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,WAAW;QACjB,IAAI,EAAE,WAAW;KACpB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,WAAW;QACjB,IAAI,EAAE,UAAU;KACnB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,QAAQ;KACjB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,QAAQ;KACjB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,kBAAkB;QACxB,IAAI,EAAE,kBAAkB;KAC3B;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,gBAAgB;QACtB,IAAI,EAAE,aAAa;KACtB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,SAAS;KAClB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,WAAW;QACjB,IAAI,EAAE,WAAW;KACpB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,iBAAiB;QACvB,IAAI,EAAE,iBAAiB;KAC1B;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,cAAc;QACpB,IAAI,EAAE,cAAc;KACvB;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,oBAAoB;KAC7B;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,wBAAwB;KACjC;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,wBAAwB;KACjC;IACD,sCAAsC,EAAE;QACpC,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,oBAAoB;KAC7B;CACK,CAAC;AAEX,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAC3C,MAAM,IAAI,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAE/B,IAAI,IAAI,EAAE;QACN,OAAO,IAAI,CAAC;KACf;SAAM;QACH,OAAO;YACH,IAAI,EAAE,uBAAuB;YAC7B,IAAI,EAAE,SAAS;SAClB,CAAC;KACL;AACL,CAAC"}

package/AuthController.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { AddressType, AuthStore, AuthUser } from './AuthStore';
-import { NotSupportedError, ServerError } from '@casual-simulation/aux-common/Errors';
+import { AddressType, AuthListedUserAuthenticator, AuthStore, AuthUser } from './AuthStore';
+import { NotAuthorizedError, NotLoggedInError, NotSupportedError, ServerError } from '@casual-simulation/aux-common/Errors';
 import { AuthMessenger } from './AuthMessenger';
 import { RegexRule } from './Utils';
 import { ConfigurationStore } from './ConfigurationStore';
@@ -7,6 +7,7 @@ import { PrivacyFeatures, PublicUserInfo } from '@casual-simulation/aux-common';
 import { PrivoClientInterface, PrivoFeatureStatus, PrivoPermission } from './PrivoClient';
 import { PrivoConfiguration } from './PrivoConfiguration';
 import { ZodIssue } from 'zod';
+import type { PublicKeyCredentialCreationOptionsJSON, RegistrationResponseJSON, PublicKeyCredentialRequestOptionsJSON, AuthenticationResponseJSON } from '@simplewebauthn/types';
 /**
  * The number of miliseconds that a login request should be valid for before expiration.
  */
@@ -15,6 +16,10 @@ export declare const LOGIN_REQUEST_LIFETIME_MS: number;
  * The number of miliseconds that an Open ID login request should be valid for before expiration.
  */
 export declare const OPEN_ID_LOGIN_REQUEST_LIFETIME_MS: number;
+/**
+ * The number of miliseconds that a WebAuthN request should be valid for before expiration.
+ */
+export declare const WEB_AUTHN_LOGIN_REQUEST_LIFETIME_MS: number;
 /**
  * The number of bytes that should be used for login request IDs.
  */
@@ -67,6 +72,20 @@ export declare const MAX_OPEN_AI_API_KEY_LENGTH = 100;
  * The name of the Privo Open ID provider.
  */
 export declare const PRIVO_OPEN_ID_PROVIDER = "privo";
+export interface RelyingParty {
+    /**
+     * The human readable name of the relying party.
+     */
+    name: string;
+    /**
+     * The domain of the relying party.
+     */
+    id: string;
+    /**
+     * The HTTP origin that the relying party is hosted on.
+     */
+    origin: string;
+}
 /**
  * Defines a class that is able to authenticate users.
  */
@@ -76,7 +95,10 @@ export declare class AuthController {
     private _forceAllowSubscriptionFeatures;
     private _config;
     private _privoClient;
-    constructor(authStore: AuthStore, messenger: AuthMessenger, configStore: ConfigurationStore, forceAllowSubscriptionFeatures?: boolean, privoClient?: PrivoClientInterface);
+    private _webAuthNRelyingParties;
+    get relyingParties(): RelyingParty[];
+    set relyingParties(value: RelyingParty[]);
+    constructor(authStore: AuthStore, messenger: AuthMessenger, configStore: ConfigurationStore, forceAllowSubscriptionFeatures?: boolean, privoClient?: PrivoClientInterface, relyingParties?: RelyingParty[]);
     requestLogin(request: LoginRequest): Promise<LoginRequestResult>;
     private _validateAddress;
     completeLogin(request: CompleteLoginRequest): Promise<CompleteLoginResult>;
@@ -84,6 +106,12 @@ export declare class AuthController {
     processOpenIDAuthorizationCode(request: ProcessOpenIDAuthorizationCodeRequest): Promise<ProcessOpenIDAuthorizationCodeResult>;
     completeOpenIDLogin(request: CompleteOpenIDLoginRequest): Promise<CompleteOpenIDLoginResult>;
     requestPrivoSignUp(request: PrivoSignUpRequest): Promise<PrivoSignUpRequestResult>;
+    requestWebAuthnRegistration(request: RequestWebAuthnRegistration): Promise<RequestWebAuthnRegistrationResult>;
+    completeWebAuthnRegistration(request: CompleteWebAuthnRegistrationRequest): Promise<CompleteWebAuthnRegistrationResult>;
+    requestWebAuthnLogin(request: RequestWebAuthnLogin): Promise<RequestWebAuthnLoginResult>;
+    completeWebAuthnLogin(request: CompleteWebAuthnLoginRequest): Promise<CompleteWebAuthnLoginResult>;
+    listUserAuthenticators(userId: string): Promise<ListUserAuthenticatorsResult>;
+    deleteUserAuthenticator(userId: string, authenticatorId: string): Promise<DeleteUserAuthenticatorResult>;
     validateSessionKey(key: string): Promise<ValidateSessionKeyResult>;
     validateConnectionToken(token: string): Promise<ValidateConnectionTokenResult>;
     revokeSession(request: RevokeSessionRequest): Promise<RevokeSessionResult>;
@@ -764,10 +792,150 @@ export interface IsValidDisplayNameSuccess {
      */
     containsName?: boolean;
 }
+export interface RequestWebAuthnRegistration {
+    /**
+     * The ID of the user that is currently logged in.
+     */
+    userId: string;
+    originOrHost: string | null;
+}
+export type RequestWebAuthnRegistrationResult = RequestWebAuthnRegistrationSuccess | RequestWebAuthnRegistrationFailure;
+export interface RequestWebAuthnRegistrationSuccess {
+    success: true;
+    options: PublicKeyCredentialCreationOptionsJSON;
+}
+export interface RequestWebAuthnRegistrationFailure {
+    success: false;
+    errorCode: ServerError | NotLoggedInError | NotSupportedError | 'invalid_origin';
+    errorMessage: string;
+}
+export interface CompleteWebAuthnRegistrationRequest {
+    /**
+     * The ID of the user that is logged in.
+     */
+    userId: string;
+    /**
+     * The registration response.
+     */
+    response: RegistrationResponseJSON;
+    /**
+     * The HTTP origin or host that the request was made from.
+     */
+    originOrHost: string;
+    /**
+     * The user agent that the request was made from.
+     */
+    userAgent: string | null;
+}
+export interface RequestWebAuthnLogin {
+    /**
+     * The IP Address that the login request is from.
+     */
+    ipAddress: string;
+    /**
+     * The HTTP origin or host that the request is coming from.
+     * Null if the request is coming from the same origin as the server.
+     */
+    originOrHost: string | null;
+}
+export type RequestWebAuthnLoginResult = RequestWebAuthnLoginSuccess | RequestWebAuthnLoginFailure;
+export interface RequestWebAuthnLoginSuccess {
+    success: true;
+    /**
+     * The ID of the login request.
+     */
+    requestId: string;
+    /**
+     * The options for the login request.
+     */
+    options: PublicKeyCredentialRequestOptionsJSON;
+}
+export interface RequestWebAuthnLoginFailure {
+    success: false;
+    errorCode: ServerError | NotLoggedInError | NotSupportedError | LoginRequestFailure['errorCode'] | 'invalid_origin';
+    errorMessage: string;
+}
+export interface CompleteWebAuthnLoginRequest {
+    /**
+     * The ID of the login request.
+     */
+    requestId: string;
+    /**
+     * The response to the login request.
+     */
+    response: AuthenticationResponseJSON;
+    /**
+     * The IP Address that the login request is from.
+     */
+    ipAddress: string;
+    /**
+     * The HTTP origin or host that the request is coming from.
+     * Null if the origin is from the same origin as the server.
+     */
+    originOrHost: string | null;
+}
+export type CompleteWebAuthnLoginResult = CompleteWebAuthnLoginSuccess | CompleteWebAuthnLoginFailure;
+export interface CompleteWebAuthnLoginSuccess {
+    success: true;
+    /**
+     * The ID of the user that the session is for.
+     */
+    userId: string;
+    /**
+     * The secret key that provides access for the session.
+     */
+    sessionKey: string;
+    /**
+     * The connection key that provides websocket access for the session.
+     */
+    connectionKey: string;
+    /**
+     * The unix timestamp in miliseconds that the session will expire at.
+     */
+    expireTimeMs: number;
+}
+export interface CompleteWebAuthnLoginFailure {
+    success: false;
+    errorCode: ServerError | NotLoggedInError | NotSupportedError | CompleteLoginFailure['errorCode'] | LoginRequestFailure['errorCode'] | 'invalid_origin';
+    errorMessage: string;
+    /**
+     * The ban reason for the user.
+     */
+    banReason?: AuthUser['banReason'];
+}
+export type CompleteWebAuthnRegistrationResult = CompleteWebAuthnRegistrationSuccess | CompleteWebAuthnRegistrationFailure;
+export interface CompleteWebAuthnRegistrationSuccess {
+    success: true;
+}
+export interface CompleteWebAuthnRegistrationFailure {
+    success: false;
+    errorCode: ServerError | NotLoggedInError | NotSupportedError | NotAuthorizedError | 'invalid_origin' | 'unacceptable_request';
+    errorMessage: string;
+}
+export type ListUserAuthenticatorsResult = ListUserAuthenticatorsSuccess | ListUserAuthenticatorsFailure;
+export interface ListUserAuthenticatorsSuccess {
+    success: true;
+    authenticators: AuthListedUserAuthenticator[];
+}
+export interface ListUserAuthenticatorsFailure {
+    success: false;
+    errorCode: ServerError | NotLoggedInError;
+    errorMessage: string;
+}
+export type DeleteUserAuthenticatorResult = DeleteUserAuthenticatorSuccess | DeleteUserAuthenticatorFailure;
+export interface DeleteUserAuthenticatorSuccess {
+    success: true;
+}
+export interface DeleteUserAuthenticatorFailure {
+    success: false;
+    errorCode: ServerError | NotLoggedInError | NotAuthorizedError | 'not_found';
+    errorMessage: string;
+}
 export interface IsValidDisplayNameFailure {
     success: false;
     errorCode: ServerError;
     errorMessage: string;
 }
 export declare function getPrivacyFeaturesFromPermissions(featureIds: PrivoConfiguration['featureIds'], permissions: (PrivoPermission | PrivoFeatureStatus)[]): PrivacyFeatures;
+export declare function findRelyingPartyForOrigin(relyingParties: RelyingParty[], originOrHost: string): RelyingParty;
 //# sourceMappingURL=AuthController.d.ts.map