@clerk/electron 0.0.1-snapshot.v20260617204522
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +254 -0
- package/dist/cjs/index.js +275 -0
- package/dist/cjs/index.js.map +1 -0
- package/dist/cjs/passkeys/index.js +267 -0
- package/dist/cjs/passkeys/index.js.map +1 -0
- package/dist/cjs/preload/index.js +65 -0
- package/dist/cjs/preload/index.js.map +1 -0
- package/dist/cjs/react/index.js +115 -0
- package/dist/cjs/react/index.js.map +1 -0
- package/dist/cjs/storage/index.js +133 -0
- package/dist/cjs/storage/index.js.map +1 -0
- package/dist/esm/chunk-ICCH5DQT.js +19 -0
- package/dist/esm/chunk-ICCH5DQT.js.map +1 -0
- package/dist/esm/index.js +254 -0
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/passkeys/index.js +263 -0
- package/dist/esm/passkeys/index.js.map +1 -0
- package/dist/esm/preload/index.js +44 -0
- package/dist/esm/preload/index.js.map +1 -0
- package/dist/esm/react/index.js +107 -0
- package/dist/esm/react/index.js.map +1 -0
- package/dist/esm/storage/index.js +127 -0
- package/dist/esm/storage/index.js.map +1 -0
- package/dist/types/index.d.ts +4 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/main/create-clerk-bridge.d.ts +10 -0
- package/dist/types/main/create-clerk-bridge.d.ts.map +1 -0
- package/dist/types/main/ipc-handlers.d.ts +3 -0
- package/dist/types/main/ipc-handlers.d.ts.map +1 -0
- package/dist/types/main/oauth-transport.d.ts +7 -0
- package/dist/types/main/oauth-transport.d.ts.map +1 -0
- package/dist/types/main/passkey-handlers.d.ts +4 -0
- package/dist/types/main/passkey-handlers.d.ts.map +1 -0
- package/dist/types/passkeys/index.d.ts +56 -0
- package/dist/types/passkeys/index.d.ts.map +1 -0
- package/dist/types/passkeys/preload.d.ts +3 -0
- package/dist/types/passkeys/preload.d.ts.map +1 -0
- package/dist/types/passkeys/renderer/native-bridge.d.ts +6 -0
- package/dist/types/passkeys/renderer/native-bridge.d.ts.map +1 -0
- package/dist/types/passkeys/renderer/strategy.d.ts +17 -0
- package/dist/types/passkeys/renderer/strategy.d.ts.map +1 -0
- package/dist/types/passkeys/shared/errors.d.ts +8 -0
- package/dist/types/passkeys/shared/errors.d.ts.map +1 -0
- package/dist/types/passkeys/shared/serialization.d.ts +11 -0
- package/dist/types/passkeys/shared/serialization.d.ts.map +1 -0
- package/dist/types/preload/index.d.ts +11 -0
- package/dist/types/preload/index.d.ts.map +1 -0
- package/dist/types/react/create-clerk-instance.d.ts +6 -0
- package/dist/types/react/create-clerk-instance.d.ts.map +1 -0
- package/dist/types/react/index.d.ts +25 -0
- package/dist/types/react/index.d.ts.map +1 -0
- package/dist/types/shared/ipc.d.ts +15 -0
- package/dist/types/shared/ipc.d.ts.map +1 -0
- package/dist/types/shared/types.d.ts +144 -0
- package/dist/types/shared/types.d.ts.map +1 -0
- package/dist/types/storage/index.d.ts +47 -0
- package/dist/types/storage/index.d.ts.map +1 -0
- package/package.json +137 -0
|
@@ -0,0 +1,267 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var error = require('@clerk/shared/error');
|
|
4
|
+
var passkeys$1 = require('@clerk/shared/internal/clerk-js/passkeys');
|
|
5
|
+
var webauthn = require('@clerk/shared/webauthn');
|
|
6
|
+
|
|
7
|
+
// src/passkeys/index.ts
|
|
8
|
+
var RP_ID_DOCS_URL = "https://clerk.com/docs/deployments/overview#authentication-across-subdomains";
|
|
9
|
+
function mapPasskeyIpcError(error$1, action) {
|
|
10
|
+
const { code, message } = error$1;
|
|
11
|
+
switch (code) {
|
|
12
|
+
case "cancelled":
|
|
13
|
+
return new error.ClerkWebAuthnError(message, {
|
|
14
|
+
code: action === "create" ? "passkey_registration_cancelled" : "passkey_retrieval_cancelled"
|
|
15
|
+
});
|
|
16
|
+
case "invalid_rp":
|
|
17
|
+
return new error.ClerkWebAuthnError(message, {
|
|
18
|
+
code: "passkey_invalid_rpID_or_domain",
|
|
19
|
+
docsUrl: RP_ID_DOCS_URL
|
|
20
|
+
});
|
|
21
|
+
case "timeout":
|
|
22
|
+
return new error.ClerkWebAuthnError(message, { code: "passkey_operation_aborted" });
|
|
23
|
+
case "not_supported":
|
|
24
|
+
return new error.ClerkWebAuthnError(message, { code: "passkey_not_supported" });
|
|
25
|
+
case "unknown":
|
|
26
|
+
default:
|
|
27
|
+
return new error.ClerkWebAuthnError(message, {
|
|
28
|
+
code: action === "create" ? "passkey_registration_failed" : "passkey_retrieval_failed"
|
|
29
|
+
});
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
function toArrayBuffer(bufferSource) {
|
|
33
|
+
if (bufferSource instanceof ArrayBuffer) {
|
|
34
|
+
return bufferSource;
|
|
35
|
+
}
|
|
36
|
+
const view = new Uint8Array(bufferSource.buffer, bufferSource.byteOffset, bufferSource.byteLength);
|
|
37
|
+
const copy = new ArrayBuffer(view.byteLength);
|
|
38
|
+
new Uint8Array(copy).set(view);
|
|
39
|
+
return copy;
|
|
40
|
+
}
|
|
41
|
+
var encode = (bufferSource) => passkeys$1.bufferToBase64Url(toArrayBuffer(bufferSource));
|
|
42
|
+
function serializeCreationOptions(publicKey) {
|
|
43
|
+
var _a, _b;
|
|
44
|
+
return {
|
|
45
|
+
rp: { id: (_a = publicKey.rp.id) != null ? _a : "", name: publicKey.rp.name },
|
|
46
|
+
user: {
|
|
47
|
+
id: encode(publicKey.user.id),
|
|
48
|
+
displayName: publicKey.user.displayName,
|
|
49
|
+
name: publicKey.user.name
|
|
50
|
+
},
|
|
51
|
+
challenge: encode(publicKey.challenge),
|
|
52
|
+
pubKeyCredParams: publicKey.pubKeyCredParams.map((p) => ({ type: "public-key", alg: p.alg })),
|
|
53
|
+
timeout: publicKey.timeout,
|
|
54
|
+
authenticatorSelection: publicKey.authenticatorSelection,
|
|
55
|
+
attestation: publicKey.attestation,
|
|
56
|
+
excludeCredentials: ((_b = publicKey.excludeCredentials) != null ? _b : []).map((c) => ({
|
|
57
|
+
type: "public-key",
|
|
58
|
+
id: encode(c.id),
|
|
59
|
+
transports: c.transports
|
|
60
|
+
}))
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
function serializeRequestOptions(publicKeyOptions) {
|
|
64
|
+
var _a, _b;
|
|
65
|
+
return {
|
|
66
|
+
challenge: encode(publicKeyOptions.challenge),
|
|
67
|
+
rpId: (_a = publicKeyOptions.rpId) != null ? _a : "",
|
|
68
|
+
timeout: publicKeyOptions.timeout,
|
|
69
|
+
userVerification: publicKeyOptions.userVerification,
|
|
70
|
+
allowCredentials: ((_b = publicKeyOptions.allowCredentials) != null ? _b : []).map((c) => ({
|
|
71
|
+
type: "public-key",
|
|
72
|
+
id: encode(c.id)
|
|
73
|
+
}))
|
|
74
|
+
};
|
|
75
|
+
}
|
|
76
|
+
function deserializeCreationResponse(credential) {
|
|
77
|
+
var _a;
|
|
78
|
+
return {
|
|
79
|
+
id: credential.id,
|
|
80
|
+
rawId: passkeys$1.base64UrlToBuffer(credential.rawId),
|
|
81
|
+
type: credential.type,
|
|
82
|
+
authenticatorAttachment: (_a = credential.authenticatorAttachment) != null ? _a : null,
|
|
83
|
+
response: {
|
|
84
|
+
clientDataJSON: passkeys$1.base64UrlToBuffer(credential.response.clientDataJSON),
|
|
85
|
+
attestationObject: passkeys$1.base64UrlToBuffer(credential.response.attestationObject),
|
|
86
|
+
getTransports: () => {
|
|
87
|
+
var _a2;
|
|
88
|
+
return (_a2 = credential.response.transports) != null ? _a2 : [];
|
|
89
|
+
}
|
|
90
|
+
},
|
|
91
|
+
toJSON: () => credential
|
|
92
|
+
};
|
|
93
|
+
}
|
|
94
|
+
function deserializeRequestResponse(credential) {
|
|
95
|
+
var _a;
|
|
96
|
+
return {
|
|
97
|
+
id: credential.id,
|
|
98
|
+
rawId: passkeys$1.base64UrlToBuffer(credential.rawId),
|
|
99
|
+
type: credential.type,
|
|
100
|
+
authenticatorAttachment: (_a = credential.authenticatorAttachment) != null ? _a : null,
|
|
101
|
+
response: {
|
|
102
|
+
clientDataJSON: passkeys$1.base64UrlToBuffer(credential.response.clientDataJSON),
|
|
103
|
+
authenticatorData: passkeys$1.base64UrlToBuffer(credential.response.authenticatorData),
|
|
104
|
+
signature: passkeys$1.base64UrlToBuffer(credential.response.signature),
|
|
105
|
+
userHandle: credential.response.userHandle ? passkeys$1.base64UrlToBuffer(credential.response.userHandle) : null
|
|
106
|
+
},
|
|
107
|
+
toJSON: () => credential
|
|
108
|
+
};
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
// src/passkeys/renderer/native-bridge.ts
|
|
112
|
+
function getPasskeyBridge() {
|
|
113
|
+
return typeof window !== "undefined" ? window.__clerk_internal_electron_passkeys : void 0;
|
|
114
|
+
}
|
|
115
|
+
var bridgeMissingError = () => new error.ClerkWebAuthnError(
|
|
116
|
+
"Clerk: The native passkey bridge is not available. Pass `passkeys: true` to exposeClerkBridge() in your preload script and createClerkBridge() in the main process.",
|
|
117
|
+
{ code: "passkey_not_supported" }
|
|
118
|
+
);
|
|
119
|
+
async function nativeCreateCredential(publicKey) {
|
|
120
|
+
const bridge = getPasskeyBridge();
|
|
121
|
+
if (!bridge) {
|
|
122
|
+
return { publicKeyCredential: null, error: bridgeMissingError() };
|
|
123
|
+
}
|
|
124
|
+
const result = await bridge.create(serializeCreationOptions(publicKey));
|
|
125
|
+
if (!result.ok) {
|
|
126
|
+
return { publicKeyCredential: null, error: mapPasskeyIpcError(result.error, "create") };
|
|
127
|
+
}
|
|
128
|
+
return { publicKeyCredential: deserializeCreationResponse(result.credential), error: null };
|
|
129
|
+
}
|
|
130
|
+
async function nativeGetCredential(publicKeyOptions) {
|
|
131
|
+
const bridge = getPasskeyBridge();
|
|
132
|
+
if (!bridge) {
|
|
133
|
+
return { publicKeyCredential: null, error: bridgeMissingError() };
|
|
134
|
+
}
|
|
135
|
+
const result = await bridge.get(serializeRequestOptions(publicKeyOptions));
|
|
136
|
+
if (!result.ok) {
|
|
137
|
+
return { publicKeyCredential: null, error: mapPasskeyIpcError(result.error, "get") };
|
|
138
|
+
}
|
|
139
|
+
return { publicKeyCredential: deserializeRequestResponse(result.credential), error: null };
|
|
140
|
+
}
|
|
141
|
+
|
|
142
|
+
// src/passkeys/renderer/strategy.ts
|
|
143
|
+
function originSatisfiesRpId(env, rpId) {
|
|
144
|
+
if (env.protocol !== "https:" || !rpId) {
|
|
145
|
+
return false;
|
|
146
|
+
}
|
|
147
|
+
return env.hostname === rpId || env.hostname.endsWith(`.${rpId}`);
|
|
148
|
+
}
|
|
149
|
+
function decidePath(rpId, mode, env) {
|
|
150
|
+
if (mode === "renderer") {
|
|
151
|
+
return env.hasWebAuthn ? "renderer" : "unsupported";
|
|
152
|
+
}
|
|
153
|
+
if (mode === "native") {
|
|
154
|
+
return env.nativeAvailable ? "native" : "unsupported";
|
|
155
|
+
}
|
|
156
|
+
if (env.hasWebAuthn && originSatisfiesRpId(env, rpId)) {
|
|
157
|
+
if (env.platform === "darwin" && env.electronMajor > 0 && env.electronMajor < 42 && env.nativeAvailable) {
|
|
158
|
+
return "native";
|
|
159
|
+
}
|
|
160
|
+
return "renderer";
|
|
161
|
+
}
|
|
162
|
+
return env.nativeAvailable ? "native" : "unsupported";
|
|
163
|
+
}
|
|
164
|
+
|
|
165
|
+
// src/passkeys/index.ts
|
|
166
|
+
var NATIVE_PLATFORMS = ["darwin", "win32"];
|
|
167
|
+
function getEnv() {
|
|
168
|
+
var _a, _b;
|
|
169
|
+
const bridge = getPasskeyBridge();
|
|
170
|
+
const hasLocation = typeof location !== "undefined";
|
|
171
|
+
return {
|
|
172
|
+
protocol: hasLocation ? location.protocol : "",
|
|
173
|
+
hostname: hasLocation ? location.hostname : "",
|
|
174
|
+
hasWebAuthn: typeof window !== "undefined" && typeof window.PublicKeyCredential === "function",
|
|
175
|
+
nativeAvailable: !!bridge && NATIVE_PLATFORMS.includes(bridge.platform),
|
|
176
|
+
platform: (_a = bridge == null ? void 0 : bridge.platform) != null ? _a : "",
|
|
177
|
+
electronMajor: (_b = bridge == null ? void 0 : bridge.electronMajor) != null ? _b : 0
|
|
178
|
+
};
|
|
179
|
+
}
|
|
180
|
+
var unsupportedReturn = () => ({
|
|
181
|
+
publicKeyCredential: null,
|
|
182
|
+
error: new error.ClerkWebAuthnError(
|
|
183
|
+
"Clerk: Passkeys are not supported in this window. Serve the page from an https origin matching the RP ID, or enable the native passkey module with `passkeys: true` in createClerkBridge() and exposeClerkBridge().",
|
|
184
|
+
{ code: "passkey_not_supported" }
|
|
185
|
+
)
|
|
186
|
+
});
|
|
187
|
+
var isRpIdMismatchError = (error) => !!error && typeof error === "object" && error.code === "passkey_invalid_rpID_or_domain";
|
|
188
|
+
function createPasskeys(options) {
|
|
189
|
+
var _a;
|
|
190
|
+
const mode = (_a = options == null ? void 0 : options.mode) != null ? _a : "auto";
|
|
191
|
+
const create = async (publicKey) => {
|
|
192
|
+
var _a2;
|
|
193
|
+
const env = getEnv();
|
|
194
|
+
const path = decidePath((_a2 = publicKey.rp.id) != null ? _a2 : "", mode, env);
|
|
195
|
+
if (path === "unsupported") {
|
|
196
|
+
return unsupportedReturn();
|
|
197
|
+
}
|
|
198
|
+
if (path === "native") {
|
|
199
|
+
return nativeCreateCredential(publicKey);
|
|
200
|
+
}
|
|
201
|
+
const result = await passkeys$1.webAuthnCreateCredential(publicKey);
|
|
202
|
+
if (result.error && isRpIdMismatchError(result.error) && mode === "auto" && env.nativeAvailable) {
|
|
203
|
+
return nativeCreateCredential(publicKey);
|
|
204
|
+
}
|
|
205
|
+
return result;
|
|
206
|
+
};
|
|
207
|
+
const get = async ({ publicKeyOptions }) => {
|
|
208
|
+
var _a2;
|
|
209
|
+
const env = getEnv();
|
|
210
|
+
const path = decidePath((_a2 = publicKeyOptions.rpId) != null ? _a2 : "", mode, env);
|
|
211
|
+
if (path === "unsupported") {
|
|
212
|
+
return unsupportedReturn();
|
|
213
|
+
}
|
|
214
|
+
if (path === "native") {
|
|
215
|
+
return nativeGetCredential(publicKeyOptions);
|
|
216
|
+
}
|
|
217
|
+
const result = await passkeys$1.webAuthnGetCredential({ publicKeyOptions, conditionalUI: false });
|
|
218
|
+
if (result.error && isRpIdMismatchError(result.error) && mode === "auto" && env.nativeAvailable) {
|
|
219
|
+
return nativeGetCredential(publicKeyOptions);
|
|
220
|
+
}
|
|
221
|
+
return result;
|
|
222
|
+
};
|
|
223
|
+
const isSupported = () => {
|
|
224
|
+
const env = getEnv();
|
|
225
|
+
if (mode === "renderer") {
|
|
226
|
+
return env.hasWebAuthn;
|
|
227
|
+
}
|
|
228
|
+
if (mode === "native") {
|
|
229
|
+
return env.nativeAvailable;
|
|
230
|
+
}
|
|
231
|
+
return env.hasWebAuthn || env.nativeAvailable;
|
|
232
|
+
};
|
|
233
|
+
const isAutoFillSupported = () => {
|
|
234
|
+
return mode === "native" ? Promise.resolve(false) : webauthn.isWebAuthnAutofillSupported();
|
|
235
|
+
};
|
|
236
|
+
const isPlatformAuthenticatorSupported = async () => {
|
|
237
|
+
const env = getEnv();
|
|
238
|
+
if (env.nativeAvailable && mode !== "renderer") {
|
|
239
|
+
const bridge = getPasskeyBridge();
|
|
240
|
+
try {
|
|
241
|
+
const capabilities = await (bridge == null ? void 0 : bridge.capabilities());
|
|
242
|
+
if (capabilities == null ? void 0 : capabilities.available) {
|
|
243
|
+
return capabilities.platformAuthenticator;
|
|
244
|
+
}
|
|
245
|
+
} catch {
|
|
246
|
+
}
|
|
247
|
+
}
|
|
248
|
+
return webauthn.isWebAuthnPlatformAuthenticatorSupported();
|
|
249
|
+
};
|
|
250
|
+
return { create, get, isSupported, isAutoFillSupported, isPlatformAuthenticatorSupported };
|
|
251
|
+
}
|
|
252
|
+
var passkeys = createPasskeys();
|
|
253
|
+
function createPasskeyProvider(clerk, options) {
|
|
254
|
+
const passkeys2 = createPasskeys(options);
|
|
255
|
+
clerk.__internal_createPublicCredentials = passkeys2.create;
|
|
256
|
+
clerk.__internal_getPublicCredentials = passkeys2.get;
|
|
257
|
+
clerk.__internal_isWebAuthnSupported = passkeys2.isSupported;
|
|
258
|
+
clerk.__internal_isWebAuthnAutofillSupported = passkeys2.isAutoFillSupported;
|
|
259
|
+
clerk.__internal_isWebAuthnPlatformAuthenticatorSupported = passkeys2.isPlatformAuthenticatorSupported;
|
|
260
|
+
return passkeys2;
|
|
261
|
+
}
|
|
262
|
+
|
|
263
|
+
exports.createPasskeyProvider = createPasskeyProvider;
|
|
264
|
+
exports.createPasskeys = createPasskeys;
|
|
265
|
+
exports.passkeys = passkeys;
|
|
266
|
+
//# sourceMappingURL=index.js.map
|
|
267
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/passkeys/shared/errors.ts","../../../src/passkeys/shared/serialization.ts","../../../src/passkeys/renderer/native-bridge.ts","../../../src/passkeys/renderer/strategy.ts","../../../src/passkeys/index.ts"],"names":["error","ClerkWebAuthnError","bufferToBase64Url","base64UrlToBuffer","_a","webAuthnCreateCredential","webAuthnGetCredential","isWebAuthnAutofillSupported","isWebAuthnPlatformAuthenticatorSupported","passkeys"],"mappings":";;;;;;;AAIA,IAAM,cAAA,GAAiB,8EAAA;AAGhB,SAAS,kBAAA,CACdA,SACA,MAAA,EACoB;AACpB,EAAA,MAAM,EAAE,IAAA,EAAM,OAAA,EAAQ,GAAIA,OAAA;AAE1B,EAAA,QAAQ,IAAA;AAAM,IACZ,KAAK,WAAA;AACH,MAAA,OAAO,IAAIC,yBAAmB,OAAA,EAAS;AAAA,QACrC,IAAA,EAAM,MAAA,KAAW,QAAA,GAAW,gCAAA,GAAmC;AAAA,OAChE,CAAA;AAAA,IACH,KAAK,YAAA;AACH,MAAA,OAAO,IAAIA,yBAAmB,OAAA,EAAS;AAAA,QACrC,IAAA,EAAM,gCAAA;AAAA,QACN,OAAA,EAAS;AAAA,OACV,CAAA;AAAA,IACH,KAAK,SAAA;AACH,MAAA,OAAO,IAAIA,wBAAA,CAAmB,OAAA,EAAS,EAAE,IAAA,EAAM,6BAA6B,CAAA;AAAA,IAC9E,KAAK,eAAA;AACH,MAAA,OAAO,IAAIA,wBAAA,CAAmB,OAAA,EAAS,EAAE,IAAA,EAAM,yBAAyB,CAAA;AAAA,IAC1E,KAAK,SAAA;AAAA,IACL;AACE,MAAA,OAAO,IAAIA,yBAAmB,OAAA,EAAS;AAAA,QACrC,IAAA,EAAM,MAAA,KAAW,QAAA,GAAW,6BAAA,GAAgC;AAAA,OAC7D,CAAA;AAAA;AAEP;ACjBA,SAAS,cAAc,YAAA,EAAyC;AAC9D,EAAA,IAAI,wBAAwB,WAAA,EAAa;AACvC,IAAA,OAAO,YAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,YAAA,CAAa,QAAQ,YAAA,CAAa,UAAA,EAAY,aAAa,UAAU,CAAA;AACjG,EAAA,MAAM,IAAA,GAAO,IAAI,WAAA,CAAY,IAAA,CAAK,UAAU,CAAA;AAC5C,EAAA,IAAI,UAAA,CAAW,IAAI,CAAA,CAAE,GAAA,CAAI,IAAI,CAAA;AAC7B,EAAA,OAAO,IAAA;AACT;AAEA,IAAM,SAAS,CAAC,YAAA,KAA+BC,4BAAA,CAAkB,aAAA,CAAc,YAAY,CAAC,CAAA;AAErF,SAAS,yBACd,SAAA,EAC8C;AA/BhD,EAAA,IAAA,EAAA,EAAA,EAAA;AAgCE,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,EAAE,EAAA,EAAA,CAAI,EAAA,GAAA,SAAA,CAAU,EAAA,CAAG,EAAA,KAAb,IAAA,GAAA,EAAA,GAAmB,EAAA,EAAI,IAAA,EAAM,SAAA,CAAU,EAAA,CAAG,IAAA,EAAK;AAAA,IACzD,IAAA,EAAM;AAAA,MACJ,EAAA,EAAI,MAAA,CAAO,SAAA,CAAU,IAAA,CAAK,EAAE,CAAA;AAAA,MAC5B,WAAA,EAAa,UAAU,IAAA,CAAK,WAAA;AAAA,MAC5B,IAAA,EAAM,UAAU,IAAA,CAAK;AAAA,KACvB;AAAA,IACA,SAAA,EAAW,MAAA,CAAO,SAAA,CAAU,SAAS,CAAA;AAAA,IACrC,gBAAA,EAAkB,SAAA,CAAU,gBAAA,CAAiB,GAAA,CAAI,CAAA,CAAA,MAAM,EAAE,IAAA,EAAM,YAAA,EAAc,GAAA,EAAK,CAAA,CAAE,GAAA,EAAI,CAAE,CAAA;AAAA,IAC1F,SAAS,SAAA,CAAU,OAAA;AAAA,IACnB,wBAAwB,SAAA,CAAU,sBAAA;AAAA,IAClC,aAAa,SAAA,CAAU,WAAA;AAAA,IACvB,sBAAqB,EAAA,GAAA,SAAA,CAAU,kBAAA,KAAV,YAAgC,EAAC,EAAG,IAAI,CAAA,CAAA,MAAM;AAAA,MACjE,IAAA,EAAM,YAAA;AAAA,MACN,EAAA,EAAI,MAAA,CAAO,CAAA,CAAE,EAAE,CAAA;AAAA,MACf,YAAY,CAAA,CAAE;AAAA,KAChB,CAAE;AAAA,GACJ;AACF;AAEO,SAAS,wBACd,gBAAA,EAC6C;AAtD/C,EAAA,IAAA,EAAA,EAAA,EAAA;AAuDE,EAAA,OAAO;AAAA,IACL,SAAA,EAAW,MAAA,CAAO,gBAAA,CAAiB,SAAS,CAAA;AAAA,IAC5C,IAAA,EAAA,CAAM,EAAA,GAAA,gBAAA,CAAiB,IAAA,KAAjB,IAAA,GAAA,EAAA,GAAyB,EAAA;AAAA,IAC/B,SAAS,gBAAA,CAAiB,OAAA;AAAA,IAC1B,kBAAkB,gBAAA,CAAiB,gBAAA;AAAA,IACnC,oBAAmB,EAAA,GAAA,gBAAA,CAAiB,gBAAA,KAAjB,YAAqC,EAAC,EAAG,IAAI,CAAA,CAAA,MAAM;AAAA,MACpE,IAAA,EAAM,YAAA;AAAA,MACN,EAAA,EAAI,MAAA,CAAO,CAAA,CAAE,EAAE;AAAA,KACjB,CAAE;AAAA,GACJ;AACF;AAEO,SAAS,4BACd,UAAA,EACsG;AArExG,EAAA,IAAA,EAAA;AAsEE,EAAA,OAAO;AAAA,IACL,IAAI,UAAA,CAAW,EAAA;AAAA,IACf,KAAA,EAAOC,4BAAA,CAAkB,UAAA,CAAW,KAAK,CAAA;AAAA,IACzC,MAAM,UAAA,CAAW,IAAA;AAAA,IACjB,uBAAA,EAAA,CAAyB,EAAA,GAAA,UAAA,CAAW,uBAAA,KAAX,IAAA,GAAA,EAAA,GAAsC,IAAA;AAAA,IAC/D,QAAA,EAAU;AAAA,MACR,cAAA,EAAgBA,4BAAA,CAAkB,UAAA,CAAW,QAAA,CAAS,cAAc,CAAA;AAAA,MACpE,iBAAA,EAAmBA,4BAAA,CAAkB,UAAA,CAAW,QAAA,CAAS,iBAAiB,CAAA;AAAA,MAC1E,eAAe,MAAG;AA9ExB,QAAA,IAAAC,GAAAA;AA8E2B,QAAA,OAAA,CAAAA,MAAA,UAAA,CAAW,QAAA,CAAS,UAAA,KAApB,IAAA,GAAAA,MAAkC,EAAC;AAAA,MAAA;AAAA,KAC1D;AAAA,IACA,QAAQ,MAAM;AAAA,GAChB;AACF;AAEO,SAAS,2BACd,UAAA,EACsG;AAtFxG,EAAA,IAAA,EAAA;AAuFE,EAAA,OAAO;AAAA,IACL,IAAI,UAAA,CAAW,EAAA;AAAA,IACf,KAAA,EAAOD,4BAAA,CAAkB,UAAA,CAAW,KAAK,CAAA;AAAA,IACzC,MAAM,UAAA,CAAW,IAAA;AAAA,IACjB,uBAAA,EAAA,CAAyB,EAAA,GAAA,UAAA,CAAW,uBAAA,KAAX,IAAA,GAAA,EAAA,GAAsC,IAAA;AAAA,IAC/D,QAAA,EAAU;AAAA,MACR,cAAA,EAAgBA,4BAAA,CAAkB,UAAA,CAAW,QAAA,CAAS,cAAc,CAAA;AAAA,MACpE,iBAAA,EAAmBA,4BAAA,CAAkB,UAAA,CAAW,QAAA,CAAS,iBAAiB,CAAA;AAAA,MAC1E,SAAA,EAAWA,4BAAA,CAAkB,UAAA,CAAW,QAAA,CAAS,SAAS,CAAA;AAAA,MAC1D,UAAA,EAAY,WAAW,QAAA,CAAS,UAAA,GAAaA,6BAAkB,UAAA,CAAW,QAAA,CAAS,UAAU,CAAA,GAAI;AAAA,KACnG;AAAA,IACA,QAAQ,MAAM;AAAA,GAChB;AACF;;;AClFO,SAAS,gBAAA,GAA8C;AAC5D,EAAA,OAAO,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,kCAAA,GAAqC,MAAA;AACrF;AAEA,IAAM,kBAAA,GAAqB,MACzB,IAAIF,wBAAAA;AAAA,EACF,qKAAA;AAAA,EACA,EAAE,MAAM,uBAAA;AACV,CAAA;AAEF,eAAsB,uBACpB,SAAA,EACoF;AACpF,EAAA,MAAM,SAAS,gBAAA,EAAiB;AAChC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,EAAE,mBAAA,EAAqB,IAAA,EAAM,KAAA,EAAO,oBAAmB,EAAE;AAAA,EAClE;AAEA,EAAA,MAAM,SAAS,MAAM,MAAA,CAAO,MAAA,CAAO,wBAAA,CAAyB,SAAS,CAAC,CAAA;AACtE,EAAA,IAAI,CAAC,OAAO,EAAA,EAAI;AACd,IAAA,OAAO,EAAE,qBAAqB,IAAA,EAAM,KAAA,EAAO,mBAAmB,MAAA,CAAO,KAAA,EAAO,QAAQ,CAAA,EAAE;AAAA,EACxF;AACA,EAAA,OAAO,EAAE,mBAAA,EAAqB,2BAAA,CAA4B,OAAO,UAAU,CAAA,EAAG,OAAO,IAAA,EAAK;AAC5F;AAEA,eAAsB,oBACpB,gBAAA,EACkF;AAClF,EAAA,MAAM,SAAS,gBAAA,EAAiB;AAChC,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,EAAE,mBAAA,EAAqB,IAAA,EAAM,KAAA,EAAO,oBAAmB,EAAE;AAAA,EAClE;AAEA,EAAA,MAAM,SAAS,MAAM,MAAA,CAAO,GAAA,CAAI,uBAAA,CAAwB,gBAAgB,CAAC,CAAA;AACzE,EAAA,IAAI,CAAC,OAAO,EAAA,EAAI;AACd,IAAA,OAAO,EAAE,qBAAqB,IAAA,EAAM,KAAA,EAAO,mBAAmB,MAAA,CAAO,KAAA,EAAO,KAAK,CAAA,EAAE;AAAA,EACrF;AACA,EAAA,OAAO,EAAE,mBAAA,EAAqB,0BAAA,CAA2B,OAAO,UAAU,CAAA,EAAG,OAAO,IAAA,EAAK;AAC3F;;;AC5CO,SAAS,mBAAA,CAAoB,KAAiD,IAAA,EAAuB;AAC1G,EAAA,IAAI,GAAA,CAAI,QAAA,KAAa,QAAA,IAAY,CAAC,IAAA,EAAM;AACtC,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,OAAO,GAAA,CAAI,aAAa,IAAA,IAAQ,GAAA,CAAI,SAAS,QAAA,CAAS,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE,CAAA;AAClE;AAMO,SAAS,UAAA,CAAW,IAAA,EAAc,IAAA,EAAmB,GAAA,EAA+B;AACzF,EAAA,IAAI,SAAS,UAAA,EAAY;AACvB,IAAA,OAAO,GAAA,CAAI,cAAc,UAAA,GAAa,aAAA;AAAA,EACxC;AACA,EAAA,IAAI,SAAS,QAAA,EAAU;AACrB,IAAA,OAAO,GAAA,CAAI,kBAAkB,QAAA,GAAW,aAAA;AAAA,EAC1C;AAEA,EAAA,IAAI,GAAA,CAAI,WAAA,IAAe,mBAAA,CAAoB,GAAA,EAAK,IAAI,CAAA,EAAG;AACrD,IAAA,IAAI,GAAA,CAAI,QAAA,KAAa,QAAA,IAAY,GAAA,CAAI,aAAA,GAAgB,KAAK,GAAA,CAAI,aAAA,GAAgB,EAAA,IAAM,GAAA,CAAI,eAAA,EAAiB;AACvG,MAAA,OAAO,QAAA;AAAA,IACT;AACA,IAAA,OAAO,UAAA;AAAA,EACT;AAEA,EAAA,OAAO,GAAA,CAAI,kBAAkB,QAAA,GAAW,aAAA;AAC1C;;;ACMA,IAAM,gBAAA,GAAmB,CAAC,QAAA,EAAU,OAAO,CAAA;AAE3C,SAAS,MAAA,GAAsB;AA/C/B,EAAA,IAAA,EAAA,EAAA,EAAA;AAgDE,EAAA,MAAM,SAAS,gBAAA,EAAiB;AAChC,EAAA,MAAM,WAAA,GAAc,OAAO,QAAA,KAAa,WAAA;AACxC,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,WAAA,GAAc,QAAA,CAAS,QAAA,GAAW,EAAA;AAAA,IAC5C,QAAA,EAAU,WAAA,GAAc,QAAA,CAAS,QAAA,GAAW,EAAA;AAAA,IAC5C,aAAa,OAAO,MAAA,KAAW,WAAA,IAAe,OAAO,OAAO,mBAAA,KAAwB,UAAA;AAAA,IACpF,iBAAiB,CAAC,CAAC,UAAU,gBAAA,CAAiB,QAAA,CAAS,OAAO,QAAQ,CAAA;AAAA,IACtE,QAAA,EAAA,CAAU,EAAA,GAAA,MAAA,IAAA,IAAA,GAAA,MAAA,GAAA,MAAA,CAAQ,QAAA,KAAR,IAAA,GAAA,EAAA,GAAoB,EAAA;AAAA,IAC9B,aAAA,EAAA,CAAe,EAAA,GAAA,MAAA,IAAA,IAAA,GAAA,MAAA,GAAA,MAAA,CAAQ,aAAA,KAAR,IAAA,GAAA,EAAA,GAAyB;AAAA,GAC1C;AACF;AAEA,IAAM,oBAAoB,OACvB;AAAA,EACC,mBAAA,EAAqB,IAAA;AAAA,EACrB,OAAO,IAAIA,wBAAAA;AAAA,IACT,qNAAA;AAAA,IACA,EAAE,MAAM,uBAAA;AAAwB;AAEpC,CAAA,CAAA;AAEF,IAAM,mBAAA,GAAsB,CAAC,KAAA,KAC3B,CAAC,CAAC,SAAS,OAAO,KAAA,KAAU,QAAA,IAAa,KAAA,CAA4B,IAAA,KAAS,gCAAA;AAGzE,SAAS,eAAe,OAAA,EAAiD;AAzEhF,EAAA,IAAA,EAAA;AA0EE,EAAA,MAAM,IAAA,GAAA,CAAoB,EAAA,GAAA,OAAA,IAAA,IAAA,GAAA,MAAA,GAAA,OAAA,CAAS,IAAA,KAAT,IAAA,GAAA,EAAA,GAAiB,MAAA;AAE3C,EAAA,MAAM,MAAA,GAAmC,OAAM,SAAA,KAAa;AA5E9D,IAAA,IAAAG,GAAAA;AA6EI,IAAA,MAAM,MAAM,MAAA,EAAO;AACnB,IAAA,MAAM,IAAA,GAAO,UAAA,CAAA,CAAWA,GAAAA,GAAA,SAAA,CAAU,EAAA,CAAG,OAAb,IAAA,GAAAA,GAAAA,GAAmB,EAAA,EAAI,IAAA,EAAM,GAAG,CAAA;AAExD,IAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,MAAA,OAAO,iBAAA,EAAkB;AAAA,IAC3B;AACA,IAAA,IAAI,SAAS,QAAA,EAAU;AACrB,MAAA,OAAO,uBAAuB,SAAS,CAAA;AAAA,IACzC;AAEA,IAAA,MAAM,MAAA,GAAS,MAAMC,mCAAA,CAAyB,SAAS,CAAA;AAEvD,IAAA,IAAI,MAAA,CAAO,SAAS,mBAAA,CAAoB,MAAA,CAAO,KAAK,CAAA,IAAK,IAAA,KAAS,MAAA,IAAU,GAAA,CAAI,eAAA,EAAiB;AAC/F,MAAA,OAAO,uBAAuB,SAAS,CAAA;AAAA,IACzC;AACA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA;AAEA,EAAA,MAAM,GAAA,GAA6B,OAAO,EAAE,gBAAA,EAAiB,KAAM;AA/FrE,IAAA,IAAAD,GAAAA;AAgGI,IAAA,MAAM,MAAM,MAAA,EAAO;AACnB,IAAA,MAAM,IAAA,GAAO,YAAWA,GAAAA,GAAA,gBAAA,CAAiB,SAAjB,IAAA,GAAAA,GAAAA,GAAyB,EAAA,EAAI,IAAA,EAAM,GAAG,CAAA;AAE9D,IAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,MAAA,OAAO,iBAAA,EAAkB;AAAA,IAC3B;AACA,IAAA,IAAI,SAAS,QAAA,EAAU;AACrB,MAAA,OAAO,oBAAoB,gBAAgB,CAAA;AAAA,IAC7C;AAEA,IAAA,MAAM,SAAS,MAAME,gCAAA,CAAsB,EAAE,gBAAA,EAAkB,aAAA,EAAe,OAAO,CAAA;AACrF,IAAA,IAAI,MAAA,CAAO,SAAS,mBAAA,CAAoB,MAAA,CAAO,KAAK,CAAA,IAAK,IAAA,KAAS,MAAA,IAAU,GAAA,CAAI,eAAA,EAAiB;AAC/F,MAAA,OAAO,oBAAoB,gBAAgB,CAAA;AAAA,IAC7C;AACA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA;AAEA,EAAA,MAAM,cAA6C,MAAM;AACvD,IAAA,MAAM,MAAM,MAAA,EAAO;AACnB,IAAA,IAAI,SAAS,UAAA,EAAY;AACvB,MAAA,OAAO,GAAA,CAAI,WAAA;AAAA,IACb;AACA,IAAA,IAAI,SAAS,QAAA,EAAU;AACrB,MAAA,OAAO,GAAA,CAAI,eAAA;AAAA,IACb;AACA,IAAA,OAAO,GAAA,CAAI,eAAe,GAAA,CAAI,eAAA;AAAA,EAChC,CAAA;AAEA,EAAA,MAAM,sBAA6D,MAAM;AACvE,IAAA,OAAO,SAAS,QAAA,GAAW,OAAA,CAAQ,OAAA,CAAQ,KAAK,IAAIC,oCAAA,EAA4B;AAAA,EAClF,CAAA;AAEA,EAAA,MAAM,mCAAuF,YAAY;AACvG,IAAA,MAAM,MAAM,MAAA,EAAO;AACnB,IAAA,IAAI,GAAA,CAAI,eAAA,IAAmB,IAAA,KAAS,UAAA,EAAY;AAC9C,MAAA,MAAM,SAAS,gBAAA,EAAiB;AAChC,MAAA,IAAI;AACF,QAAA,MAAM,YAAA,GAAe,OAAM,MAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,MAAA,CAAQ,YAAA,EAAA,CAAA;AACnC,QAAA,IAAI,6CAAc,SAAA,EAAW;AAC3B,UAAA,OAAO,YAAA,CAAa,qBAAA;AAAA,QACtB;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AACA,IAAA,OAAOC,iDAAA,EAAyC;AAAA,EAClD,CAAA;AAEA,EAAA,OAAO,EAAE,MAAA,EAAQ,GAAA,EAAK,WAAA,EAAa,qBAAqB,gCAAA,EAAiC;AAC3F;AAcO,IAAM,WAA2B,cAAA;AAejC,SAAS,qBAAA,CAAsB,OAAyB,OAAA,EAAiD;AAC9G,EAAA,MAAMC,SAAAA,GAAW,eAAe,OAAO,CAAA;AAEvC,EAAA,KAAA,CAAM,qCAAqCA,SAAAA,CAAS,MAAA;AACpD,EAAA,KAAA,CAAM,kCAAkCA,SAAAA,CAAS,GAAA;AACjD,EAAA,KAAA,CAAM,iCAAiCA,SAAAA,CAAS,WAAA;AAChD,EAAA,KAAA,CAAM,yCAAyCA,SAAAA,CAAS,mBAAA;AACxD,EAAA,KAAA,CAAM,sDAAsDA,SAAAA,CAAS,gCAAA;AAErE,EAAA,OAAOA,SAAAA;AACT","file":"index.js","sourcesContent":["import { ClerkWebAuthnError } from '@clerk/shared/error';\n\nimport type { PasskeyNativeErrorCode } from '../../shared/types';\n\nconst RP_ID_DOCS_URL = 'https://clerk.com/docs/deployments/overview#authentication-across-subdomains';\n\n/** Maps native bridge errors to clerk-js WebAuthn errors. */\nexport function mapPasskeyIpcError(\n error: { code: PasskeyNativeErrorCode; message: string },\n action: 'create' | 'get',\n): ClerkWebAuthnError {\n const { code, message } = error;\n\n switch (code) {\n case 'cancelled':\n return new ClerkWebAuthnError(message, {\n code: action === 'create' ? 'passkey_registration_cancelled' : 'passkey_retrieval_cancelled',\n });\n case 'invalid_rp':\n return new ClerkWebAuthnError(message, {\n code: 'passkey_invalid_rpID_or_domain',\n docsUrl: RP_ID_DOCS_URL,\n });\n case 'timeout':\n return new ClerkWebAuthnError(message, { code: 'passkey_operation_aborted' });\n case 'not_supported':\n return new ClerkWebAuthnError(message, { code: 'passkey_not_supported' });\n case 'unknown':\n default:\n return new ClerkWebAuthnError(message, {\n code: action === 'create' ? 'passkey_registration_failed' : 'passkey_retrieval_failed',\n });\n }\n}\n","import { base64UrlToBuffer, bufferToBase64Url } from '@clerk/shared/internal/clerk-js/passkeys';\nimport type {\n PublicKeyCredentialCreationOptionsWithoutExtensions,\n PublicKeyCredentialRequestOptionsWithoutExtensions,\n PublicKeyCredentialWithAuthenticatorAssertionResponse,\n PublicKeyCredentialWithAuthenticatorAttestationResponse,\n} from '@clerk/shared/types';\n\nimport type {\n AuthenticationResponseJSON,\n AuthenticatorTransport,\n RegistrationResponseJSON,\n SerializedPublicKeyCredentialCreationOptions,\n SerializedPublicKeyCredentialRequestOptions,\n} from '../../shared/types';\n\nfunction toArrayBuffer(bufferSource: BufferSource): ArrayBuffer {\n if (bufferSource instanceof ArrayBuffer) {\n return bufferSource;\n }\n // Copy the view into a fresh ArrayBuffer; .buffer may be a SharedArrayBuffer.\n const view = new Uint8Array(bufferSource.buffer, bufferSource.byteOffset, bufferSource.byteLength);\n const copy = new ArrayBuffer(view.byteLength);\n new Uint8Array(copy).set(view);\n return copy;\n}\n\nconst encode = (bufferSource: BufferSource) => bufferToBase64Url(toArrayBuffer(bufferSource));\n\nexport function serializeCreationOptions(\n publicKey: PublicKeyCredentialCreationOptionsWithoutExtensions,\n): SerializedPublicKeyCredentialCreationOptions {\n return {\n rp: { id: publicKey.rp.id ?? '', name: publicKey.rp.name },\n user: {\n id: encode(publicKey.user.id),\n displayName: publicKey.user.displayName,\n name: publicKey.user.name,\n },\n challenge: encode(publicKey.challenge),\n pubKeyCredParams: publicKey.pubKeyCredParams.map(p => ({ type: 'public-key', alg: p.alg })),\n timeout: publicKey.timeout,\n authenticatorSelection: publicKey.authenticatorSelection,\n attestation: publicKey.attestation,\n excludeCredentials: (publicKey.excludeCredentials ?? []).map(c => ({\n type: 'public-key',\n id: encode(c.id),\n transports: c.transports as AuthenticatorTransport[] | undefined,\n })),\n };\n}\n\nexport function serializeRequestOptions(\n publicKeyOptions: PublicKeyCredentialRequestOptionsWithoutExtensions,\n): SerializedPublicKeyCredentialRequestOptions {\n return {\n challenge: encode(publicKeyOptions.challenge),\n rpId: publicKeyOptions.rpId ?? '',\n timeout: publicKeyOptions.timeout,\n userVerification: publicKeyOptions.userVerification,\n allowCredentials: (publicKeyOptions.allowCredentials ?? []).map(c => ({\n type: 'public-key',\n id: encode(c.id),\n })),\n };\n}\n\nexport function deserializeCreationResponse(\n credential: RegistrationResponseJSON,\n): PublicKeyCredentialWithAuthenticatorAttestationResponse & { toJSON: () => RegistrationResponseJSON } {\n return {\n id: credential.id,\n rawId: base64UrlToBuffer(credential.rawId),\n type: credential.type,\n authenticatorAttachment: credential.authenticatorAttachment ?? null,\n response: {\n clientDataJSON: base64UrlToBuffer(credential.response.clientDataJSON),\n attestationObject: base64UrlToBuffer(credential.response.attestationObject),\n getTransports: () => credential.response.transports ?? [],\n },\n toJSON: () => credential,\n } as PublicKeyCredentialWithAuthenticatorAttestationResponse & { toJSON: () => RegistrationResponseJSON };\n}\n\nexport function deserializeRequestResponse(\n credential: AuthenticationResponseJSON,\n): PublicKeyCredentialWithAuthenticatorAssertionResponse & { toJSON: () => AuthenticationResponseJSON } {\n return {\n id: credential.id,\n rawId: base64UrlToBuffer(credential.rawId),\n type: credential.type,\n authenticatorAttachment: credential.authenticatorAttachment ?? null,\n response: {\n clientDataJSON: base64UrlToBuffer(credential.response.clientDataJSON),\n authenticatorData: base64UrlToBuffer(credential.response.authenticatorData),\n signature: base64UrlToBuffer(credential.response.signature),\n userHandle: credential.response.userHandle ? base64UrlToBuffer(credential.response.userHandle) : null,\n },\n toJSON: () => credential,\n } as PublicKeyCredentialWithAuthenticatorAssertionResponse & { toJSON: () => AuthenticationResponseJSON };\n}\n","import { ClerkWebAuthnError } from '@clerk/shared/error';\nimport type {\n CredentialReturn,\n PublicKeyCredentialCreationOptionsWithoutExtensions,\n PublicKeyCredentialRequestOptionsWithoutExtensions,\n PublicKeyCredentialWithAuthenticatorAssertionResponse,\n PublicKeyCredentialWithAuthenticatorAttestationResponse,\n} from '@clerk/shared/types';\n\nimport type { PasskeyBridge } from '../../shared/types';\nimport { mapPasskeyIpcError } from '../shared/errors';\nimport {\n deserializeCreationResponse,\n deserializeRequestResponse,\n serializeCreationOptions,\n serializeRequestOptions,\n} from '../shared/serialization';\n\nexport function getPasskeyBridge(): PasskeyBridge | undefined {\n return typeof window !== 'undefined' ? window.__clerk_internal_electron_passkeys : undefined;\n}\n\nconst bridgeMissingError = () =>\n new ClerkWebAuthnError(\n 'Clerk: The native passkey bridge is not available. Pass `passkeys: true` to exposeClerkBridge() in your preload script and createClerkBridge() in the main process.',\n { code: 'passkey_not_supported' },\n );\n\nexport async function nativeCreateCredential(\n publicKey: PublicKeyCredentialCreationOptionsWithoutExtensions,\n): Promise<CredentialReturn<PublicKeyCredentialWithAuthenticatorAttestationResponse>> {\n const bridge = getPasskeyBridge();\n if (!bridge) {\n return { publicKeyCredential: null, error: bridgeMissingError() };\n }\n\n const result = await bridge.create(serializeCreationOptions(publicKey));\n if (!result.ok) {\n return { publicKeyCredential: null, error: mapPasskeyIpcError(result.error, 'create') };\n }\n return { publicKeyCredential: deserializeCreationResponse(result.credential), error: null };\n}\n\nexport async function nativeGetCredential(\n publicKeyOptions: PublicKeyCredentialRequestOptionsWithoutExtensions,\n): Promise<CredentialReturn<PublicKeyCredentialWithAuthenticatorAssertionResponse>> {\n const bridge = getPasskeyBridge();\n if (!bridge) {\n return { publicKeyCredential: null, error: bridgeMissingError() };\n }\n\n const result = await bridge.get(serializeRequestOptions(publicKeyOptions));\n if (!result.ok) {\n return { publicKeyCredential: null, error: mapPasskeyIpcError(result.error, 'get') };\n }\n return { publicKeyCredential: deserializeRequestResponse(result.credential), error: null };\n}\n","export type PasskeyMode = 'auto' | 'renderer' | 'native';\nexport type PasskeyPath = 'renderer' | 'native' | 'unsupported';\n\nexport type StrategyEnv = {\n protocol: string;\n hostname: string;\n hasWebAuthn: boolean;\n nativeAvailable: boolean;\n platform: string;\n electronMajor: number;\n};\n\nexport function originSatisfiesRpId(env: Pick<StrategyEnv, 'protocol' | 'hostname'>, rpId: string): boolean {\n if (env.protocol !== 'https:' || !rpId) {\n return false;\n }\n return env.hostname === rpId || env.hostname.endsWith(`.${rpId}`);\n}\n\n/**\n * Prefer Chromium WebAuthn when the page origin can satisfy the RP ID.\n * Local bundles and older macOS Electron builds use the native bridge when available.\n */\nexport function decidePath(rpId: string, mode: PasskeyMode, env: StrategyEnv): PasskeyPath {\n if (mode === 'renderer') {\n return env.hasWebAuthn ? 'renderer' : 'unsupported';\n }\n if (mode === 'native') {\n return env.nativeAvailable ? 'native' : 'unsupported';\n }\n\n if (env.hasWebAuthn && originSatisfiesRpId(env, rpId)) {\n if (env.platform === 'darwin' && env.electronMajor > 0 && env.electronMajor < 42 && env.nativeAvailable) {\n return 'native';\n }\n return 'renderer';\n }\n\n return env.nativeAvailable ? 'native' : 'unsupported';\n}\n","import { ClerkWebAuthnError } from '@clerk/shared/error';\nimport { webAuthnCreateCredential, webAuthnGetCredential } from '@clerk/shared/internal/clerk-js/passkeys';\nimport type {\n CredentialReturn,\n PublicKeyCredentialCreationOptionsWithoutExtensions,\n PublicKeyCredentialRequestOptionsWithoutExtensions,\n PublicKeyCredentialWithAuthenticatorAssertionResponse,\n PublicKeyCredentialWithAuthenticatorAttestationResponse,\n} from '@clerk/shared/types';\nimport { isWebAuthnAutofillSupported, isWebAuthnPlatformAuthenticatorSupported } from '@clerk/shared/webauthn';\n\nimport { getPasskeyBridge, nativeCreateCredential, nativeGetCredential } from './renderer/native-bridge';\nimport type { PasskeyMode, StrategyEnv } from './renderer/strategy';\nimport { decidePath } from './renderer/strategy';\n\nexport type { PasskeyMode, PasskeyPath, StrategyEnv } from './renderer/strategy';\n\nexport type CreatePasskeysOptions = {\n /**\n * WebAuthn implementation to use:\n * `auto` chooses renderer WebAuthn for valid HTTPS origins and native WebAuthn otherwise.\n */\n mode?: PasskeyMode;\n};\n\nexport type PasskeySupport = {\n create: (\n publicKey: PublicKeyCredentialCreationOptionsWithoutExtensions,\n ) => Promise<CredentialReturn<PublicKeyCredentialWithAuthenticatorAttestationResponse>>;\n get: (args: {\n publicKeyOptions: PublicKeyCredentialRequestOptionsWithoutExtensions;\n }) => Promise<CredentialReturn<PublicKeyCredentialWithAuthenticatorAssertionResponse>>;\n isSupported: () => boolean;\n isAutoFillSupported: () => Promise<boolean>;\n isPlatformAuthenticatorSupported: () => Promise<boolean>;\n};\n\nexport type ClerkPasskeyHost = {\n __internal_createPublicCredentials: PasskeySupport['create'] | undefined;\n __internal_getPublicCredentials: PasskeySupport['get'] | undefined;\n __internal_isWebAuthnSupported: PasskeySupport['isSupported'] | undefined;\n __internal_isWebAuthnAutofillSupported: PasskeySupport['isAutoFillSupported'] | undefined;\n __internal_isWebAuthnPlatformAuthenticatorSupported: PasskeySupport['isPlatformAuthenticatorSupported'] | undefined;\n};\n\nconst NATIVE_PLATFORMS = ['darwin', 'win32'];\n\nfunction getEnv(): StrategyEnv {\n const bridge = getPasskeyBridge();\n const hasLocation = typeof location !== 'undefined';\n return {\n protocol: hasLocation ? location.protocol : '',\n hostname: hasLocation ? location.hostname : '',\n hasWebAuthn: typeof window !== 'undefined' && typeof window.PublicKeyCredential === 'function',\n nativeAvailable: !!bridge && NATIVE_PLATFORMS.includes(bridge.platform),\n platform: bridge?.platform ?? '',\n electronMajor: bridge?.electronMajor ?? 0,\n };\n}\n\nconst unsupportedReturn = <T>(): CredentialReturn<T> =>\n ({\n publicKeyCredential: null,\n error: new ClerkWebAuthnError(\n 'Clerk: Passkeys are not supported in this window. Serve the page from an https origin matching the RP ID, or enable the native passkey module with `passkeys: true` in createClerkBridge() and exposeClerkBridge().',\n { code: 'passkey_not_supported' },\n ),\n }) as CredentialReturn<T>;\n\nconst isRpIdMismatchError = (error: unknown): boolean =>\n !!error && typeof error === 'object' && (error as { code?: string }).code === 'passkey_invalid_rpID_or_domain';\n\n/** Creates an Electron passkey provider for clerk-js. */\nexport function createPasskeys(options?: CreatePasskeysOptions): PasskeySupport {\n const mode: PasskeyMode = options?.mode ?? 'auto';\n\n const create: PasskeySupport['create'] = async publicKey => {\n const env = getEnv();\n const path = decidePath(publicKey.rp.id ?? '', mode, env);\n\n if (path === 'unsupported') {\n return unsupportedReturn();\n }\n if (path === 'native') {\n return nativeCreateCredential(publicKey);\n }\n\n const result = await webAuthnCreateCredential(publicKey);\n // Retry with native WebAuthn when Chromium rejects the RP ID for the page origin.\n if (result.error && isRpIdMismatchError(result.error) && mode === 'auto' && env.nativeAvailable) {\n return nativeCreateCredential(publicKey);\n }\n return result;\n };\n\n const get: PasskeySupport['get'] = async ({ publicKeyOptions }) => {\n const env = getEnv();\n const path = decidePath(publicKeyOptions.rpId ?? '', mode, env);\n\n if (path === 'unsupported') {\n return unsupportedReturn();\n }\n if (path === 'native') {\n return nativeGetCredential(publicKeyOptions);\n }\n\n const result = await webAuthnGetCredential({ publicKeyOptions, conditionalUI: false });\n if (result.error && isRpIdMismatchError(result.error) && mode === 'auto' && env.nativeAvailable) {\n return nativeGetCredential(publicKeyOptions);\n }\n return result;\n };\n\n const isSupported: PasskeySupport['isSupported'] = () => {\n const env = getEnv();\n if (mode === 'renderer') {\n return env.hasWebAuthn;\n }\n if (mode === 'native') {\n return env.nativeAvailable;\n }\n return env.hasWebAuthn || env.nativeAvailable;\n };\n\n const isAutoFillSupported: PasskeySupport['isAutoFillSupported'] = () => {\n return mode === 'native' ? Promise.resolve(false) : isWebAuthnAutofillSupported();\n };\n\n const isPlatformAuthenticatorSupported: PasskeySupport['isPlatformAuthenticatorSupported'] = async () => {\n const env = getEnv();\n if (env.nativeAvailable && mode !== 'renderer') {\n const bridge = getPasskeyBridge();\n try {\n const capabilities = await bridge?.capabilities();\n if (capabilities?.available) {\n return capabilities.platformAuthenticator;\n }\n } catch {\n // Fall back to Chromium's capability check.\n }\n }\n return isWebAuthnPlatformAuthenticatorSupported();\n };\n\n return { create, get, isSupported, isAutoFillSupported, isPlatformAuthenticatorSupported };\n}\n\n/**\n * Ready-to-use passkey implementation for the `ClerkProvider` `passkeys` prop.\n * Chooses renderer or native WebAuthn automatically per request.\n *\n * @example\n * ```tsx\n * import { ClerkProvider } from '@clerk/electron/react';\n * import { passkeys } from '@clerk/electron/passkeys';\n *\n * <ClerkProvider publishableKey={publishableKey} passkeys={passkeys} />\n * ```\n */\nexport const passkeys: PasskeySupport = createPasskeys();\n\n/**\n * Wires passkey support into a Clerk instance. Call before `clerk.load()`.\n *\n * @example\n * ```ts\n * import { Clerk } from '@clerk/clerk-js';\n * import { createPasskeyProvider } from '@clerk/electron/passkeys';\n *\n * const clerk = new Clerk(publishableKey);\n * createPasskeyProvider(clerk);\n * await clerk.load();\n * ```\n */\nexport function createPasskeyProvider(clerk: ClerkPasskeyHost, options?: CreatePasskeysOptions): PasskeySupport {\n const passkeys = createPasskeys(options);\n\n clerk.__internal_createPublicCredentials = passkeys.create;\n clerk.__internal_getPublicCredentials = passkeys.get;\n clerk.__internal_isWebAuthnSupported = passkeys.isSupported;\n clerk.__internal_isWebAuthnAutofillSupported = passkeys.isAutoFillSupported;\n clerk.__internal_isWebAuthnPlatformAuthenticatorSupported = passkeys.isPlatformAuthenticatorSupported;\n\n return passkeys;\n}\n"]}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var electron = require('electron');
|
|
4
|
+
|
|
5
|
+
// src/preload/index.ts
|
|
6
|
+
|
|
7
|
+
// src/shared/ipc.ts
|
|
8
|
+
var TOKEN_CACHE_CHANNELS = {
|
|
9
|
+
getToken: "clerk:token-cache:get",
|
|
10
|
+
saveToken: "clerk:token-cache:save",
|
|
11
|
+
clearToken: "clerk:token-cache:clear"
|
|
12
|
+
};
|
|
13
|
+
var OAUTH_TRANSPORT_CHANNELS = {
|
|
14
|
+
getRedirectUrl: "clerk:oauth-transport:get-redirect-url",
|
|
15
|
+
open: "clerk:oauth-transport:open"
|
|
16
|
+
};
|
|
17
|
+
var PASSKEY_CHANNELS = {
|
|
18
|
+
create: "clerk:passkeys:create",
|
|
19
|
+
get: "clerk:passkeys:get",
|
|
20
|
+
capabilities: "clerk:passkeys:capabilities"
|
|
21
|
+
};
|
|
22
|
+
|
|
23
|
+
// src/passkeys/preload.ts
|
|
24
|
+
function setupPasskeysPreload() {
|
|
25
|
+
var _a;
|
|
26
|
+
const bridge = {
|
|
27
|
+
create: (options) => electron.ipcRenderer.invoke(PASSKEY_CHANNELS.create, options),
|
|
28
|
+
get: (options) => electron.ipcRenderer.invoke(PASSKEY_CHANNELS.get, options),
|
|
29
|
+
capabilities: () => electron.ipcRenderer.invoke(PASSKEY_CHANNELS.capabilities),
|
|
30
|
+
electronMajor: Number.parseInt((_a = process.versions.electron) != null ? _a : "", 10) || 0,
|
|
31
|
+
platform: process.platform
|
|
32
|
+
};
|
|
33
|
+
if (process.contextIsolated) {
|
|
34
|
+
electron.contextBridge.exposeInMainWorld("__clerk_internal_electron_passkeys", bridge);
|
|
35
|
+
} else {
|
|
36
|
+
window.__clerk_internal_electron_passkeys = bridge;
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
// src/preload/index.ts
|
|
41
|
+
function exposeClerkBridge(options) {
|
|
42
|
+
const tokenCache = {
|
|
43
|
+
getToken: (key) => electron.ipcRenderer.invoke(TOKEN_CACHE_CHANNELS.getToken, key),
|
|
44
|
+
saveToken: (key, value) => electron.ipcRenderer.invoke(TOKEN_CACHE_CHANNELS.saveToken, key, value),
|
|
45
|
+
clearToken: (key) => electron.ipcRenderer.invoke(TOKEN_CACHE_CHANNELS.clearToken, key)
|
|
46
|
+
};
|
|
47
|
+
const oauthTransport = {
|
|
48
|
+
getRedirectUrl: () => electron.ipcRenderer.invoke(OAUTH_TRANSPORT_CHANNELS.getRedirectUrl),
|
|
49
|
+
open: (url) => electron.ipcRenderer.invoke(OAUTH_TRANSPORT_CHANNELS.open, url)
|
|
50
|
+
};
|
|
51
|
+
const bridge = { tokenCache, oauthTransport };
|
|
52
|
+
if (process.contextIsolated) {
|
|
53
|
+
electron.contextBridge.exposeInMainWorld("__clerk_internal_electron", bridge);
|
|
54
|
+
} else {
|
|
55
|
+
window.__clerk_internal_electron = bridge;
|
|
56
|
+
}
|
|
57
|
+
if (options == null ? void 0 : options.passkeys) {
|
|
58
|
+
setupPasskeysPreload();
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
exports.exposeClerkBridge = exposeClerkBridge;
|
|
63
|
+
exports.setupPasskeysPreload = setupPasskeysPreload;
|
|
64
|
+
//# sourceMappingURL=index.js.map
|
|
65
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/shared/ipc.ts","../../../src/passkeys/preload.ts","../../../src/preload/index.ts"],"names":["ipcRenderer","contextBridge"],"mappings":";;;;;;;AAAO,IAAM,oBAAA,GAAuB;AAAA,EAClC,QAAA,EAAU,uBAAA;AAAA,EACV,SAAA,EAAW,wBAAA;AAAA,EACX,UAAA,EAAY;AACd,CAAA;AAEO,IAAM,wBAAA,GAA2B;AAAA,EACtC,cAAA,EAAgB,wCAAA;AAAA,EAChB,IAAA,EAAM;AACR,CAAA;AAEO,IAAM,gBAAA,GAAmB;AAAA,EAC9B,MAAA,EAAQ,uBAAA;AAAA,EACR,GAAA,EAAK,oBAAA;AAAA,EACL,YAAA,EAAc;AAChB,CAAA;;;ACTO,SAAS,oBAAA,GAA6B;AAN7C,EAAA,IAAA,EAAA;AAOE,EAAA,MAAM,MAAA,GAAwB;AAAA,IAC5B,QAAQ,CAAA,OAAA,KAAWA,oBAAA,CAAY,MAAA,CAAO,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AAAA,IACtE,KAAK,CAAA,OAAA,KAAWA,oBAAA,CAAY,MAAA,CAAO,gBAAA,CAAiB,KAAK,OAAO,CAAA;AAAA,IAChE,YAAA,EAAc,MAAMA,oBAAA,CAAY,MAAA,CAAO,iBAAiB,YAAY,CAAA;AAAA,IACpE,aAAA,EAAe,OAAO,QAAA,CAAA,CAAS,EAAA,GAAA,OAAA,CAAQ,SAAS,QAAA,KAAjB,IAAA,GAAA,EAAA,GAA6B,EAAA,EAAI,EAAE,CAAA,IAAK,CAAA;AAAA,IACvE,UAAU,OAAA,CAAQ;AAAA,GACpB;AAEA,EAAA,IAAI,QAAQ,eAAA,EAAiB;AAC3B,IAAAC,sBAAA,CAAc,iBAAA,CAAkB,sCAAsC,MAAM,CAAA;AAAA,EAC9E,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,kCAAA,GAAqC,MAAA;AAAA,EAC9C;AACF;;;ACNO,SAAS,kBAAkB,OAAA,EAA0C;AAC1E,EAAA,MAAM,UAAA,GAAyB;AAAA,IAC7B,UAAU,CAAA,GAAA,KAAOD,oBAAAA,CAAY,MAAA,CAAO,oBAAA,CAAqB,UAAU,GAAG,CAAA;AAAA,IACtE,SAAA,EAAW,CAAC,GAAA,EAAK,KAAA,KAAUA,qBAAY,MAAA,CAAO,oBAAA,CAAqB,SAAA,EAAW,GAAA,EAAK,KAAK,CAAA;AAAA,IACxF,YAAY,CAAA,GAAA,KAAOA,oBAAAA,CAAY,MAAA,CAAO,oBAAA,CAAqB,YAAY,GAAG;AAAA,GAC5E;AACA,EAAA,MAAM,cAAA,GAAiC;AAAA,IACrC,cAAA,EAAgB,MAAMA,oBAAAA,CAAY,MAAA,CAAO,yBAAyB,cAAc,CAAA;AAAA,IAChF,MAAM,CAAA,GAAA,KAAOA,oBAAAA,CAAY,MAAA,CAAO,wBAAA,CAAyB,MAAM,GAAG;AAAA,GACpE;AACA,EAAA,MAAM,MAAA,GAAS,EAAE,UAAA,EAAY,cAAA,EAAe;AAE5C,EAAA,IAAI,QAAQ,eAAA,EAAiB;AAC3B,IAAAC,sBAAAA,CAAc,iBAAA,CAAkB,2BAAA,EAA6B,MAAM,CAAA;AAAA,EACrE,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,yBAAA,GAA4B,MAAA;AAAA,EACrC;AAEA,EAAA,IAAI,mCAAS,QAAA,EAAU;AACrB,IAAA,oBAAA,EAAqB;AAAA,EACvB;AACF","file":"index.js","sourcesContent":["export const TOKEN_CACHE_CHANNELS = {\n getToken: 'clerk:token-cache:get',\n saveToken: 'clerk:token-cache:save',\n clearToken: 'clerk:token-cache:clear',\n} as const;\n\nexport const OAUTH_TRANSPORT_CHANNELS = {\n getRedirectUrl: 'clerk:oauth-transport:get-redirect-url',\n open: 'clerk:oauth-transport:open',\n} as const;\n\nexport const PASSKEY_CHANNELS = {\n create: 'clerk:passkeys:create',\n get: 'clerk:passkeys:get',\n capabilities: 'clerk:passkeys:capabilities',\n} as const;\n","import { contextBridge, ipcRenderer } from 'electron';\n\nimport { PASSKEY_CHANNELS } from '../shared/ipc';\nimport type { PasskeyBridge } from '../shared/types';\n\n/** Exposes the native passkey bridge to the renderer. */\nexport function setupPasskeysPreload(): void {\n const bridge: PasskeyBridge = {\n create: options => ipcRenderer.invoke(PASSKEY_CHANNELS.create, options),\n get: options => ipcRenderer.invoke(PASSKEY_CHANNELS.get, options),\n capabilities: () => ipcRenderer.invoke(PASSKEY_CHANNELS.capabilities),\n electronMajor: Number.parseInt(process.versions.electron ?? '', 10) || 0,\n platform: process.platform,\n };\n\n if (process.contextIsolated) {\n contextBridge.exposeInMainWorld('__clerk_internal_electron_passkeys', bridge);\n } else {\n window.__clerk_internal_electron_passkeys = bridge;\n }\n}\n","import { contextBridge, ipcRenderer } from 'electron';\n\nimport { setupPasskeysPreload } from '../passkeys/preload';\nimport { OAUTH_TRANSPORT_CHANNELS, TOKEN_CACHE_CHANNELS } from '../shared/ipc';\nimport type { ExposeClerkBridgeOptions, OAuthTransport, TokenCache } from '../shared/types';\n\nexport { setupPasskeysPreload };\n\n/**\n * Exposes Clerk's Electron bridge from the preload script to the renderer.\n *\n * Call this from an Electron preload script. It publishes a narrow internal bridge used by\n * `@clerk/electron/react` for token storage and OAuth transport.\n */\nexport function exposeClerkBridge(options?: ExposeClerkBridgeOptions): void {\n const tokenCache: TokenCache = {\n getToken: key => ipcRenderer.invoke(TOKEN_CACHE_CHANNELS.getToken, key),\n saveToken: (key, value) => ipcRenderer.invoke(TOKEN_CACHE_CHANNELS.saveToken, key, value),\n clearToken: key => ipcRenderer.invoke(TOKEN_CACHE_CHANNELS.clearToken, key),\n };\n const oauthTransport: OAuthTransport = {\n getRedirectUrl: () => ipcRenderer.invoke(OAUTH_TRANSPORT_CHANNELS.getRedirectUrl),\n open: url => ipcRenderer.invoke(OAUTH_TRANSPORT_CHANNELS.open, url),\n };\n const bridge = { tokenCache, oauthTransport };\n\n if (process.contextIsolated) {\n contextBridge.exposeInMainWorld('__clerk_internal_electron', bridge);\n } else {\n window.__clerk_internal_electron = bridge;\n }\n\n if (options?.passkeys) {\n setupPasskeysPreload();\n }\n}\n"]}
|
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var internal = require('@clerk/react/internal');
|
|
4
|
+
var loadClerkJsScript = require('@clerk/shared/loadClerkJsScript');
|
|
5
|
+
var clerkJs = require('@clerk/clerk-js');
|
|
6
|
+
var react = require('@clerk/react');
|
|
7
|
+
var jsxRuntime = require('react/jsx-runtime');
|
|
8
|
+
|
|
9
|
+
// src/react/index.tsx
|
|
10
|
+
var CLERK_CLIENT_JWT_KEY = "__clerk_client_jwt";
|
|
11
|
+
var cached = null;
|
|
12
|
+
function attachPasskeys(clerk, passkeys) {
|
|
13
|
+
clerk.__internal_createPublicCredentials = passkeys.create;
|
|
14
|
+
clerk.__internal_getPublicCredentials = passkeys.get;
|
|
15
|
+
clerk.__internal_isWebAuthnSupported = passkeys.isSupported;
|
|
16
|
+
clerk.__internal_isWebAuthnAutofillSupported = passkeys.isAutoFillSupported;
|
|
17
|
+
clerk.__internal_isWebAuthnPlatformAuthenticatorSupported = passkeys.isPlatformAuthenticatorSupported;
|
|
18
|
+
}
|
|
19
|
+
function createClerkInstance(publishableKey, passkeys) {
|
|
20
|
+
if ((cached == null ? void 0 : cached.publishableKey) === publishableKey) {
|
|
21
|
+
if (passkeys) {
|
|
22
|
+
attachPasskeys(cached.instance, passkeys);
|
|
23
|
+
}
|
|
24
|
+
return cached.instance;
|
|
25
|
+
}
|
|
26
|
+
const clerk = new clerkJs.Clerk(publishableKey);
|
|
27
|
+
if (passkeys) {
|
|
28
|
+
attachPasskeys(clerk, passkeys);
|
|
29
|
+
}
|
|
30
|
+
clerk.__internal_onBeforeRequest(async (request) => {
|
|
31
|
+
var _a, _b, _c;
|
|
32
|
+
request.credentials = "omit";
|
|
33
|
+
(_a = request.url) == null ? void 0 : _a.searchParams.append("_is_native", "1");
|
|
34
|
+
(_b = request.url) == null ? void 0 : _b.searchParams.append("_electron_sdk_version", "0.0.1-snapshot.v20260617204522");
|
|
35
|
+
const token = await ((_c = window.__clerk_internal_electron) == null ? void 0 : _c.tokenCache.getToken(CLERK_CLIENT_JWT_KEY));
|
|
36
|
+
if (token) {
|
|
37
|
+
const headers = new Headers(request.headers);
|
|
38
|
+
headers.set("Authorization", `Bearer ${token}`);
|
|
39
|
+
request.headers = headers;
|
|
40
|
+
}
|
|
41
|
+
});
|
|
42
|
+
clerk.__internal_onAfterResponse(async (_request, response) => {
|
|
43
|
+
var _a;
|
|
44
|
+
const authorization = response.headers.get("Authorization");
|
|
45
|
+
if (!authorization) {
|
|
46
|
+
return;
|
|
47
|
+
}
|
|
48
|
+
const token = authorization.startsWith("Bearer ") ? authorization.slice("Bearer ".length) : authorization;
|
|
49
|
+
await ((_a = window.__clerk_internal_electron) == null ? void 0 : _a.tokenCache.saveToken(CLERK_CLIENT_JWT_KEY, token));
|
|
50
|
+
});
|
|
51
|
+
cached = { instance: clerk, publishableKey };
|
|
52
|
+
return clerk;
|
|
53
|
+
}
|
|
54
|
+
var cachedClerkUI = null;
|
|
55
|
+
function loadClerkUI(publishableKey, props) {
|
|
56
|
+
if ((cachedClerkUI == null ? void 0 : cachedClerkUI.publishableKey) === publishableKey) {
|
|
57
|
+
return cachedClerkUI.promise;
|
|
58
|
+
}
|
|
59
|
+
const { __internal_clerkUIUrl, __internal_clerkUIVersion } = props;
|
|
60
|
+
const promise = loadClerkJsScript.loadClerkUIScript({
|
|
61
|
+
publishableKey,
|
|
62
|
+
proxyUrl: typeof props.proxyUrl === "string" ? props.proxyUrl : void 0,
|
|
63
|
+
domain: typeof props.domain === "string" ? props.domain : void 0,
|
|
64
|
+
nonce: props.nonce,
|
|
65
|
+
__internal_clerkUIUrl,
|
|
66
|
+
__internal_clerkUIVersion
|
|
67
|
+
}).then(() => {
|
|
68
|
+
if (!window.__internal_ClerkUICtor) {
|
|
69
|
+
throw new Error(
|
|
70
|
+
"Clerk: Failed to load Clerk UI from the CDN. Ensure your Content Security Policy allows the Clerk Frontend API host in `script-src`. Contact support@clerk.com."
|
|
71
|
+
);
|
|
72
|
+
}
|
|
73
|
+
return window.__internal_ClerkUICtor;
|
|
74
|
+
});
|
|
75
|
+
cachedClerkUI = { promise, publishableKey };
|
|
76
|
+
return promise;
|
|
77
|
+
}
|
|
78
|
+
function createOAuthTransport() {
|
|
79
|
+
var _a;
|
|
80
|
+
const bridge = (_a = window.__clerk_internal_electron) == null ? void 0 : _a.oauthTransport;
|
|
81
|
+
if (!bridge) {
|
|
82
|
+
return void 0;
|
|
83
|
+
}
|
|
84
|
+
return {
|
|
85
|
+
getRedirectUrl: () => bridge.getRedirectUrl(),
|
|
86
|
+
open: (url) => bridge.open(url.href)
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
function ClerkProvider({ children, publishableKey, passkeys, ...props }) {
|
|
90
|
+
const clerk = createClerkInstance(publishableKey, passkeys);
|
|
91
|
+
const oauthTransport = createOAuthTransport();
|
|
92
|
+
const clerkUI = loadClerkUI(publishableKey, props);
|
|
93
|
+
return /* @__PURE__ */ jsxRuntime.jsx(
|
|
94
|
+
internal.InternalClerkProvider,
|
|
95
|
+
{
|
|
96
|
+
...props,
|
|
97
|
+
Clerk: clerk,
|
|
98
|
+
__internal_oauthTransport: oauthTransport,
|
|
99
|
+
publishableKey,
|
|
100
|
+
standardBrowser: false,
|
|
101
|
+
ui: { ClerkUI: clerkUI },
|
|
102
|
+
children
|
|
103
|
+
}
|
|
104
|
+
);
|
|
105
|
+
}
|
|
106
|
+
|
|
107
|
+
exports.ClerkProvider = ClerkProvider;
|
|
108
|
+
Object.keys(react).forEach(function (k) {
|
|
109
|
+
if (k !== 'default' && !Object.prototype.hasOwnProperty.call(exports, k)) Object.defineProperty(exports, k, {
|
|
110
|
+
enumerable: true,
|
|
111
|
+
get: function () { return react[k]; }
|
|
112
|
+
});
|
|
113
|
+
});
|
|
114
|
+
//# sourceMappingURL=index.js.map
|
|
115
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/react/create-clerk-instance.ts","../../../src/react/index.tsx"],"names":["Clerk","loadClerkUIScript","jsx","ReactClerkProvider"],"mappings":";;;;;;;;;AAMA,IAAM,oBAAA,GAAuB,oBAAA;AAI7B,IAAI,MAAA,GAAqE,IAAA;AAEzE,SAAS,cAAA,CAAe,OAAsB,QAAA,EAAgC;AAC5E,EAAA,KAAA,CAAM,qCAAqC,QAAA,CAAS,MAAA;AACpD,EAAA,KAAA,CAAM,kCAAkC,QAAA,CAAS,GAAA;AACjD,EAAA,KAAA,CAAM,iCAAiC,QAAA,CAAS,WAAA;AAChD,EAAA,KAAA,CAAM,yCAAyC,QAAA,CAAS,mBAAA;AACxD,EAAA,KAAA,CAAM,sDAAsD,QAAA,CAAS,gCAAA;AACvE;AAEO,SAAS,mBAAA,CAAoB,gBAAwB,QAAA,EAA0C;AACpG,EAAA,IAAA,CAAI,MAAA,IAAA,IAAA,GAAA,MAAA,GAAA,MAAA,CAAQ,oBAAmB,cAAA,EAAgB;AAC7C,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,cAAA,CAAe,MAAA,CAAO,UAAU,QAAQ,CAAA;AAAA,IAC1C;AACA,IAAA,OAAO,MAAA,CAAO,QAAA;AAAA,EAChB;AAEA,EAAA,MAAM,KAAA,GAAQ,IAAIA,aAAA,CAAM,cAAc,CAAA;AAEtC,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,cAAA,CAAe,OAAO,QAAQ,CAAA;AAAA,EAChC;AAEA,EAAA,KAAA,CAAM,0BAAA,CAA2B,OAAM,OAAA,KAAW;AAlCpD,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAmCI,IAAA,OAAA,CAAQ,WAAA,GAAc,MAAA;AACtB,IAAA,CAAA,EAAA,GAAA,OAAA,CAAQ,GAAA,KAAR,IAAA,GAAA,MAAA,GAAA,EAAA,CAAa,YAAA,CAAa,MAAA,CAAO,YAAA,EAAc,GAAA,CAAA;AAC/C,IAAA,CAAA,EAAA,GAAA,OAAA,CAAQ,GAAA,KAAR,IAAA,GAAA,MAAA,GAAA,EAAA,CAAa,YAAA,CAAa,MAAA,CAAO,uBAAA,EAAyB,gCAAA,CAAA;AAE1D,IAAA,MAAM,QAAQ,OAAA,CAAM,EAAA,GAAA,MAAA,CAAO,yBAAA,KAAP,IAAA,GAAA,MAAA,GAAA,EAAA,CAAkC,WAAW,QAAA,CAAS,oBAAA,CAAA,CAAA;AAC1E,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO,CAAA;AAC3C,MAAA,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB,CAAA,OAAA,EAAU,KAAK,CAAA,CAAE,CAAA;AAC9C,MAAA,OAAA,CAAQ,OAAA,GAAU,OAAA;AAAA,IACpB;AAAA,EACF,CAAC,CAAA;AAED,EAAA,KAAA,CAAM,0BAAA,CAA2B,OAAO,QAAA,EAAU,QAAA,KAAa;AA/CjE,IAAA,IAAA,EAAA;AAgDI,IAAA,MAAM,aAAA,GAAiB,QAAA,CAAsB,OAAA,CAAQ,GAAA,CAAI,eAAe,CAAA;AACxE,IAAA,IAAI,CAAC,aAAA,EAAe;AAClB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,cAAc,UAAA,CAAW,SAAS,IAAI,aAAA,CAAc,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,aAAA;AAC5F,IAAA,OAAA,CAAM,EAAA,GAAA,MAAA,CAAO,yBAAA,KAAP,IAAA,GAAA,MAAA,GAAA,EAAA,CAAkC,UAAA,CAAW,UAAU,oBAAA,EAAsB,KAAA,CAAA,CAAA;AAAA,EACrF,CAAC,CAAA;AAED,EAAA,MAAA,GAAS,EAAE,QAAA,EAAU,KAAA,EAAO,cAAA,EAAe;AAC3C,EAAA,OAAO,KAAA;AACT;ACzBA,IAAI,aAAA,GAAyF,IAAA;AAE7F,SAAS,WAAA,CAAY,gBAAwB,KAAA,EAAiE;AAC5G,EAAA,IAAA,CAAI,aAAA,IAAA,IAAA,GAAA,MAAA,GAAA,aAAA,CAAe,oBAAmB,cAAA,EAAgB;AACpD,IAAA,OAAO,aAAA,CAAc,OAAA;AAAA,EACvB;AAGA,EAAA,MAAM,EAAE,qBAAA,EAAuB,yBAAA,EAA0B,GAAI,KAAA;AAK7D,EAAA,MAAM,UAAUC,mCAAA,CAAkB;AAAA,IAChC,cAAA;AAAA,IACA,UAAU,OAAO,KAAA,CAAM,QAAA,KAAa,QAAA,GAAW,MAAM,QAAA,GAAW,MAAA;AAAA,IAChE,QAAQ,OAAO,KAAA,CAAM,MAAA,KAAW,QAAA,GAAW,MAAM,MAAA,GAAS,MAAA;AAAA,IAC1D,OAAO,KAAA,CAAM,KAAA;AAAA,IACb,qBAAA;AAAA,IACA;AAAA,GACD,CAAA,CAAE,IAAA,CAAK,MAAM;AACZ,IAAA,IAAI,CAAC,OAAO,sBAAA,EAAwB;AAClC,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OACF;AAAA,IACF;AACA,IAAA,OAAO,MAAA,CAAO,sBAAA;AAAA,EAChB,CAAC,CAAA;AAED,EAAA,aAAA,GAAgB,EAAE,SAAS,cAAA,EAAe;AAC1C,EAAA,OAAO,OAAA;AACT;AAEA,SAAS,oBAAA,GAAwD;AAnEjE,EAAA,IAAA,EAAA;AAoEE,EAAA,MAAM,MAAA,GAAA,CAAS,EAAA,GAAA,MAAA,CAAO,yBAAA,KAAP,IAAA,GAAA,MAAA,GAAA,EAAA,CAAkC,cAAA;AAEjD,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,cAAA,EAAgB,MAAM,MAAA,CAAO,cAAA,EAAe;AAAA,IAC5C,IAAA,EAAM,CAAA,GAAA,KAAO,MAAA,CAAO,IAAA,CAAK,IAAI,IAAI;AAAA,GACnC;AACF;AAEO,SAAS,cAAc,EAAE,QAAA,EAAU,gBAAgB,QAAA,EAAU,GAAG,OAAM,EAAoC;AAC/G,EAAA,MAAM,KAAA,GAAQ,mBAAA,CAAoB,cAAA,EAAgB,QAAQ,CAAA;AAC1D,EAAA,MAAM,iBAAiB,oBAAA,EAAqB;AAC5C,EAAA,MAAM,OAAA,GAAU,WAAA,CAAY,cAAA,EAAgB,KAAK,CAAA;AAEjD,EAAA,uBACEC,cAAA;AAAA,IAACC,8BAAA;AAAA,IAAA;AAAA,MACE,GAAG,KAAA;AAAA,MACJ,KAAA,EAAO,KAAA;AAAA,MACP,yBAAA,EAA2B,cAAA;AAAA,MAC3B,cAAA;AAAA,MACA,eAAA,EAAiB,KAAA;AAAA,MACjB,EAAA,EAAI,EAAE,OAAA,EAAS,OAAA,EAAQ;AAAA,MAEtB;AAAA;AAAA,GACH;AAEJ","file":"index.js","sourcesContent":["import { Clerk } from '@clerk/clerk-js';\n\n// Type-only import: the passkeys module is only bundled when the app imports\n// `@clerk/electron/passkeys` itself.\nimport type { PasskeySupport } from '../passkeys';\n\nconst CLERK_CLIENT_JWT_KEY = '__clerk_client_jwt';\n\ntype ClerkInstance = InstanceType<typeof Clerk>;\n\nlet cached: { instance: ClerkInstance; publishableKey: string } | null = null;\n\nfunction attachPasskeys(clerk: ClerkInstance, passkeys: PasskeySupport): void {\n clerk.__internal_createPublicCredentials = passkeys.create;\n clerk.__internal_getPublicCredentials = passkeys.get;\n clerk.__internal_isWebAuthnSupported = passkeys.isSupported;\n clerk.__internal_isWebAuthnAutofillSupported = passkeys.isAutoFillSupported;\n clerk.__internal_isWebAuthnPlatformAuthenticatorSupported = passkeys.isPlatformAuthenticatorSupported;\n}\n\nexport function createClerkInstance(publishableKey: string, passkeys?: PasskeySupport): ClerkInstance {\n if (cached?.publishableKey === publishableKey) {\n if (passkeys) {\n attachPasskeys(cached.instance, passkeys);\n }\n return cached.instance;\n }\n\n const clerk = new Clerk(publishableKey);\n\n if (passkeys) {\n attachPasskeys(clerk, passkeys);\n }\n\n clerk.__internal_onBeforeRequest(async request => {\n request.credentials = 'omit';\n request.url?.searchParams.append('_is_native', '1');\n request.url?.searchParams.append('_electron_sdk_version', PACKAGE_VERSION);\n\n const token = await window.__clerk_internal_electron?.tokenCache.getToken(CLERK_CLIENT_JWT_KEY);\n if (token) {\n const headers = new Headers(request.headers);\n headers.set('Authorization', `Bearer ${token}`);\n request.headers = headers;\n }\n });\n\n clerk.__internal_onAfterResponse(async (_request, response) => {\n const authorization = (response as Response).headers.get('Authorization');\n if (!authorization) {\n return;\n }\n\n const token = authorization.startsWith('Bearer ') ? authorization.slice('Bearer '.length) : authorization;\n await window.__clerk_internal_electron?.tokenCache.saveToken(CLERK_CLIENT_JWT_KEY, token);\n });\n\n cached = { instance: clerk, publishableKey };\n return clerk;\n}\n","import type { ClerkProviderProps as ReactClerkProviderProps } from '@clerk/react';\nimport { InternalClerkProvider as ReactClerkProvider } from '@clerk/react/internal';\nimport { loadClerkUIScript } from '@clerk/shared/loadClerkJsScript';\nimport type { ClerkUIConstructor } from '@clerk/shared/ui';\nimport type { ReactNode } from 'react';\n\nimport type { PasskeySupport } from '../passkeys';\nimport { createClerkInstance } from './create-clerk-instance';\n\ntype ClerkOAuthTransport = NonNullable<ReactClerkProviderProps['__internal_oauthTransport']>;\n\nexport type ClerkProviderProps = Omit<\n ReactClerkProviderProps,\n 'Clerk' | 'children' | 'publishableKey' | 'standardBrowser' | 'ui' | '__internal_oauthTransport'\n> & {\n children: ReactNode;\n /**\n * Your Clerk publishable key, available in the Clerk Dashboard.\n */\n publishableKey: string;\n /**\n * Enables passkey support. Pass the `passkeys` export from `@clerk/electron/passkeys`;\n * when omitted, no passkey code is bundled or initialized.\n *\n * @example\n * ```tsx\n * import { passkeys } from '@clerk/electron/passkeys';\n *\n * <ClerkProvider publishableKey={publishableKey} passkeys={passkeys} />\n * ```\n */\n passkeys?: PasskeySupport;\n};\n\nlet cachedClerkUI: { promise: Promise<ClerkUIConstructor>; publishableKey: string } | null = null;\n\nfunction loadClerkUI(publishableKey: string, props: Partial<ClerkProviderProps>): Promise<ClerkUIConstructor> {\n if (cachedClerkUI?.publishableKey === publishableKey) {\n return cachedClerkUI.promise;\n }\n\n // Undocumented escape hatch for self-hosting/proxying the UI bundle; not part of the public props.\n const { __internal_clerkUIUrl, __internal_clerkUIVersion } = props as {\n __internal_clerkUIUrl?: string;\n __internal_clerkUIVersion?: string;\n };\n\n const promise = loadClerkUIScript({\n publishableKey,\n proxyUrl: typeof props.proxyUrl === 'string' ? props.proxyUrl : undefined,\n domain: typeof props.domain === 'string' ? props.domain : undefined,\n nonce: props.nonce,\n __internal_clerkUIUrl,\n __internal_clerkUIVersion,\n }).then(() => {\n if (!window.__internal_ClerkUICtor) {\n throw new Error(\n 'Clerk: Failed to load Clerk UI from the CDN. Ensure your Content Security Policy allows the Clerk Frontend API host in `script-src`. Contact support@clerk.com.',\n );\n }\n return window.__internal_ClerkUICtor;\n });\n\n cachedClerkUI = { promise, publishableKey };\n return promise;\n}\n\nfunction createOAuthTransport(): ClerkOAuthTransport | undefined {\n const bridge = window.__clerk_internal_electron?.oauthTransport;\n\n if (!bridge) {\n return undefined;\n }\n\n return {\n getRedirectUrl: () => bridge.getRedirectUrl(),\n open: url => bridge.open(url.href),\n };\n}\n\nexport function ClerkProvider({ children, publishableKey, passkeys, ...props }: ClerkProviderProps): JSX.Element {\n const clerk = createClerkInstance(publishableKey, passkeys);\n const oauthTransport = createOAuthTransport();\n const clerkUI = loadClerkUI(publishableKey, props);\n\n return (\n <ReactClerkProvider\n {...props}\n Clerk={clerk}\n __internal_oauthTransport={oauthTransport}\n publishableKey={publishableKey}\n standardBrowser={false}\n ui={{ ClerkUI: clerkUI }}\n >\n {children}\n </ReactClerkProvider>\n );\n}\n\nexport * from '@clerk/react';\n"]}
|