@cloudsignal/pwa-sdk 1.2.4 → 2.0.0

package/dist/{chunk-IMM7VF4N.js → chunk-IQHSODT4.js}

@@ -52,10 +52,10 @@ async function generateHMACSignature(secret, organizationId, timestamp, method,
   const signature = await crypto.subtle.sign("HMAC", key, encoder.encode(canonicalString));
   return toBase64(signature);
 }
-async function generateAuthHeaders(organizationId, organizationSecret, method, url, body) {
+async function generateAuthHeaders(organizationId, organizationPublishableKey, method, url, body) {
   const timestamp = Math.floor(Date.now() / 1e3).toString();
   const signature = await generateHMACSignature(
-    organizationSecret,
+    organizationPublishableKey,
     organizationId,
     timestamp,
     method,
@@ -69,11 +69,11 @@ async function generateAuthHeaders(organizationId, organizationSecret, method, u
     "Content-Type": "application/json"
   };
 }
-async function makeAuthenticatedRequest(organizationId, organizationSecret, method, url, body) {
+async function makeAuthenticatedRequest(organizationId, organizationPublishableKey, method, url, body) {
   const bodyStr = body ? JSON.stringify(body) : void 0;
   const headers = await generateAuthHeaders(
     organizationId,
-    organizationSecret,
+    organizationPublishableKey,
     method,
     url,
     bodyStr
@@ -93,5 +93,5 @@ function isValidUUID(value) {
 }
 
 export { generateAuthHeaders, generateHMACSignature, isValidUUID, makeAuthenticatedRequest };
-//# sourceMappingURL=chunk-IMM7VF4N.js.map
-//# sourceMappingURL=chunk-IMM7VF4N.js.map
+//# sourceMappingURL=chunk-IQHSODT4.js.map
+//# sourceMappingURL=chunk-IQHSODT4.js.map

package/dist/chunk-IQHSODT4.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/utils/hmac.ts"],"names":[],"mappings":";;;;;;;AAQA,SAAS,MAAM,MAAA,EAA6B;AAC1C,EAAA,OAAO,MAAM,IAAA,CAAK,IAAI,WAAW,MAAM,CAAC,EACrC,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CACxC,KAAK,EAAE,CAAA;AACZ;AAKA,SAAS,SAAS,MAAA,EAA6B;AAC7C,EAAA,OAAO,IAAA,CAAK,OAAO,YAAA,CAAa,GAAG,IAAI,UAAA,CAAW,MAAM,CAAC,CAAC,CAAA;AAC5D;AAaA,eAAsB,sBACpB,MAAA,EACA,cAAA,EACA,WACA,MAAA,EACA,GAAA,EACA,OAAe,EAAA,EACE;AACjB,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAGhC,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI,KAAA;AAEJ,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,UAAA,CAAW,MAAM,CAAA,GAChC,IAAI,GAAA,CAAI,GAAG,CAAA,GACX,IAAI,GAAA,CAAI,GAAA,EAAK,6BAA6B,CAAA;AAC9C,IAAA,IAAA,GAAO,MAAA,CAAO,QAAA;AACd,IAAA,KAAA,GAAQ,OAAO,MAAA,GAAS,MAAA,CAAO,MAAA,CAAO,KAAA,CAAM,CAAC,CAAA,GAAI,EAAA;AAAA,EACnD,CAAA,CAAA,MAAQ;AAEN,IAAA,MAAM,UAAA,GAAa,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA;AAClC,IAAA,IAAI,aAAa,EAAA,EAAI;AACnB,MAAA,IAAA,GAAO,GAAA,CAAI,KAAA,CAAM,CAAA,EAAG,UAAU,CAAA;AAC9B,MAAA,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,UAAA,GAAa,CAAC,CAAA;AAAA,IAClC,CAAA,MAAO;AACL,MAAA,IAAA,GAAO,GAAA;AACP,MAAA,KAAA,GAAQ,EAAA;AAAA,IACV;AAAA,EACF;AAGA,EAAA,MAAM,cAAA,GAAiB;AAAA,IACrB,OAAO,WAAA,EAAY;AAAA,IACnB,IAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA;AAAA,IACA;AAAA,GACF;AAGA,EAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,GAAS,CAAA,EAAG;AAC3B,IAAA,MAAM,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA,CAAO,OAAO,SAAA,EAAW,OAAA,CAAQ,MAAA,CAAO,IAAI,CAAC,CAAA;AACjF,IAAA,MAAM,WAAA,GAAc,MAAM,cAAc,CAAA;AACxC,IAAA,cAAA,CAAe,KAAK,WAAW,CAAA;AAAA,EACjC;AAGA,EAAA,MAAM,eAAA,GAAkB,cAAA,CAAe,IAAA,CAAK,IAAI,CAAA;AAGhD,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,IAC9B,KAAA;AAAA,IACA,OAAA,CAAQ,OAAO,MAAM,CAAA;AAAA,IACrB,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,MAAM;AAAA,GACT;AAGA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,QAAQ,GAAA,EAAK,OAAA,CAAQ,MAAA,CAAO,eAAe,CAAC,CAAA;AAEvF,EAAA,OAAO,SAAS,SAAS,CAAA;AAC3B;AAYA,eAAsB,mBAAA,CACpB,cAAA,EACA,0BAAA,EACA,MAAA,EACA,KACA,IAAA,EACiC;AACjC,EAAA,MAAM,SAAA,GAAY,KAAK,KAAA,CAAM,IAAA,CAAK,KAAI,GAAI,GAAI,EAAE,QAAA,EAAS;AAEzD,EAAA,MAAM,YAAY,MAAM,qBAAA;AAAA,IACtB,0BAAA;AAAA,IACA,cAAA;AAAA,IACA,SAAA;AAAA,IACA,MAAA;AAAA,IACA,GAAA;AAAA,IACA,IAAA,IAAQ;AAAA,GACV;AAEA,EAAA,OAAO;AAAA,IACL,+BAAA,EAAiC,cAAA;AAAA,IACjC,yBAAA,EAA2B,SAAA;AAAA,IAC3B,yBAAA,EAA2B,SAAA;AAAA,IAC3B,cAAA,EAAgB;AAAA,GAClB;AACF;AAYA,eAAsB,wBAAA,CACpB,cAAA,EACA,0BAAA,EACA,MAAA,EACA,KACA,IAAA,EACmB;AACnB,EAAA,MAAM,OAAA,GAAU,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,GAAI,MAAA;AAE9C,EAAA,MAAM,UAAU,MAAM,mBAAA;AAAA,IACpB,cAAA;AAAA,IACA,0BAAA;AAAA,IACA,MAAA;AAAA,IACA,GAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,OAAA,GAAuB;AAAA,IAC3B,MAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAA,CAAQ,IAAA,GAAO,OAAA;AAAA,EACjB;AAEA,EAAA,OAAO,KAAA,CAAM,KAAK,OAAO,CAAA;AAC3B;AAQO,SAAS,YAAY,KAAA,EAA2C;AACrE,EAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,UAAU,OAAO,KAAA;AAChD,EAAA,OAAO,4EAAA,CAA6E,KAAK,KAAK,CAAA;AAChG","file":"chunk-IQHSODT4.js","sourcesContent":["/**\n * HMAC Authentication Utilities\n * Implements CloudSignal's HMAC signature scheme for API authentication\n */\n\n/**\n * Convert ArrayBuffer to hex string\n */\nfunction toHex(buffer: ArrayBuffer): string {\n  return Array.from(new Uint8Array(buffer))\n    .map(b => b.toString(16).padStart(2, '0'))\n    .join('')\n}\n\n/**\n * Convert ArrayBuffer to base64 string\n */\nfunction toBase64(buffer: ArrayBuffer): string {\n  return btoa(String.fromCharCode(...new Uint8Array(buffer)))\n}\n\n/**\n * Generate HMAC signature for CloudSignal API requests\n *\n * @param secret - Signing key (organization publishable key, pk_*)\n * @param organizationId - Organization UUID\n * @param timestamp - Unix timestamp string\n * @param method - HTTP method (GET, POST, etc.)\n * @param url - Full URL or path\n * @param body - Request body (optional)\n * @returns Base64-encoded HMAC signature\n */\nexport async function generateHMACSignature(\n  secret: string,\n  organizationId: string,\n  timestamp: string,\n  method: string,\n  url: string,\n  body: string = ''\n): Promise<string> {\n  const encoder = new TextEncoder()\n\n  // Parse URL to extract path and query\n  let path: string\n  let query: string\n\n  try {\n    const urlObj = url.startsWith('http')\n      ? new URL(url)\n      : new URL(url, 'https://pwa.cloudsignal.app')\n    path = urlObj.pathname\n    query = urlObj.search ? urlObj.search.slice(1) : ''\n  } catch {\n    // Fallback for simple paths\n    const queryIndex = url.indexOf('?')\n    if (queryIndex > -1) {\n      path = url.slice(0, queryIndex)\n      query = url.slice(queryIndex + 1)\n    } else {\n      path = url\n      query = ''\n    }\n  }\n\n  // Build canonical string parts\n  const canonicalParts = [\n    method.toUpperCase(),\n    path,\n    query,\n    organizationId,\n    timestamp,\n  ]\n\n  // Add body hash if body is present\n  if (body && body.length > 0) {\n    const bodyHashBuffer = await crypto.subtle.digest('SHA-256', encoder.encode(body))\n    const bodyHashHex = toHex(bodyHashBuffer)\n    canonicalParts.push(bodyHashHex)\n  }\n\n  // Join parts with newlines\n  const canonicalString = canonicalParts.join('\\n')\n\n  // Import secret as HMAC key\n  const key = await crypto.subtle.importKey(\n    'raw',\n    encoder.encode(secret),\n    { name: 'HMAC', hash: 'SHA-256' },\n    false,\n    ['sign']\n  )\n\n  // Sign the canonical string\n  const signature = await crypto.subtle.sign('HMAC', key, encoder.encode(canonicalString))\n\n  return toBase64(signature)\n}\n\n/**\n * Generate authentication headers for CloudSignal API requests\n *\n * @param organizationId - Organization UUID\n * @param organizationPublishableKey - Organization publishable key (pk_*)\n * @param method - HTTP method\n * @param url - Request URL\n * @param body - Request body (optional)\n * @returns Headers object with authentication headers\n */\nexport async function generateAuthHeaders(\n  organizationId: string,\n  organizationPublishableKey: string,\n  method: string,\n  url: string,\n  body?: string\n): Promise<Record<string, string>> {\n  const timestamp = Math.floor(Date.now() / 1000).toString()\n\n  const signature = await generateHMACSignature(\n    organizationPublishableKey,\n    organizationId,\n    timestamp,\n    method,\n    url,\n    body || ''\n  )\n\n  return {\n    'X-CloudSignal-Organization-ID': organizationId,\n    'X-CloudSignal-Timestamp': timestamp,\n    'X-CloudSignal-Signature': signature,\n    'Content-Type': 'application/json',\n  }\n}\n\n/**\n * Make an authenticated request to CloudSignal API\n *\n * @param organizationId - Organization UUID\n * @param organizationPublishableKey - Organization publishable key (pk_*)\n * @param method - HTTP method\n * @param url - Request URL\n * @param body - Request body (optional)\n * @returns Fetch Response\n */\nexport async function makeAuthenticatedRequest(\n  organizationId: string,\n  organizationPublishableKey: string,\n  method: string,\n  url: string,\n  body?: Record<string, any>\n): Promise<Response> {\n  const bodyStr = body ? JSON.stringify(body) : undefined\n\n  const headers = await generateAuthHeaders(\n    organizationId,\n    organizationPublishableKey,\n    method,\n    url,\n    bodyStr\n  )\n\n  const options: RequestInit = {\n    method,\n    headers,\n  }\n\n  if (bodyStr) {\n    options.body = bodyStr\n  }\n\n  return fetch(url, options)\n}\n\n/**\n * Validate UUID format\n * \n * @param value - String to validate\n * @returns Whether the string is a valid UUID\n */\nexport function isValidUUID(value: string | null | undefined): boolean {\n  if (!value || typeof value !== 'string') return false\n  return /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(value)\n}\n"]}

package/dist/hmac-WITZIX2O.js

@@ -0,0 +1,3 @@
+export { generateAuthHeaders, generateHMACSignature, isValidUUID, makeAuthenticatedRequest } from './chunk-IQHSODT4.js';
+//# sourceMappingURL=hmac-WITZIX2O.js.map
+//# sourceMappingURL=hmac-WITZIX2O.js.map

package/dist/{hmac-LWLR6F7Z.js.map → hmac-WITZIX2O.js.map}

@@ -1 +1 @@
-{"version":3,"sources":[],"names":[],"mappings":"","file":"hmac-LWLR6F7Z.js"}
+{"version":3,"sources":[],"names":[],"mappings":"","file":"hmac-WITZIX2O.js"}

package/dist/index.cjs

@@ -72,10 +72,10 @@ async function generateHMACSignature(secret, organizationId, timestamp, method,
   const signature = await crypto.subtle.sign("HMAC", key, encoder.encode(canonicalString));
   return toBase64(signature);
 }
-async function generateAuthHeaders(organizationId, organizationSecret, method, url, body) {
+async function generateAuthHeaders(organizationId, organizationPublishableKey, method, url, body) {
   const timestamp = Math.floor(Date.now() / 1e3).toString();
   const signature = await generateHMACSignature(
-    organizationSecret,
+    organizationPublishableKey,
     organizationId,
     timestamp,
     method,
@@ -89,11 +89,11 @@ async function generateAuthHeaders(organizationId, organizationSecret, method, u
     "Content-Type": "application/json"
   };
 }
-async function makeAuthenticatedRequest(organizationId, organizationSecret, method, url, body) {
+async function makeAuthenticatedRequest(organizationId, organizationPublishableKey, method, url, body) {
   const bodyStr = body ? JSON.stringify(body) : void 0;
   const headers = await generateAuthHeaders(
     organizationId,
-    organizationSecret,
+    organizationPublishableKey,
     method,
     url,
     bodyStr
@@ -1046,13 +1046,13 @@ function createAuthContext(config) {
       onTokenExpired: config.onTokenExpired
     };
   }
-  if (!config.organizationSecret) {
-    throw new Error("Either userToken or organizationSecret is required");
+  if (!config.organizationPublishableKey) {
+    throw new Error("Either userToken or organizationPublishableKey is required");
   }
   return {
     mode: "hmac",
     organizationId: config.organizationId,
-    organizationSecret: config.organizationSecret
+    organizationPublishableKey: config.organizationPublishableKey
   };
 }
 async function makeAuthenticatedRequestWithContext(authContext, method, url, body, onTokenExpired) {
@@ -1073,12 +1073,12 @@ async function makeAuthenticatedRequestWithContext(authContext, method, url, bod
     );
   }
   const { makeAuthenticatedRequest: makeAuthenticatedRequest4 } = await Promise.resolve().then(() => (init_hmac(), hmac_exports));
-  if (!authContext.organizationSecret) {
-    throw new Error("organizationSecret required for HMAC auth mode");
+  if (!authContext.organizationPublishableKey) {
+    throw new Error("organizationPublishableKey required for HMAC auth mode");
   }
   return makeAuthenticatedRequest4(
     authContext.organizationId,
-    authContext.organizationSecret,
+    authContext.organizationPublishableKey,
     method,
     url,
     body
@@ -1141,15 +1141,6 @@ function removeRegistrationId(organizationId, serviceId) {
   const key = `registration_${organizationId}_${serviceId}`;
   return removeStorageItem(key);
 }
-function isInstallationRegistered(organizationId, serviceId) {
-  const key = `install_registered_${organizationId}_${serviceId}`;
-  return getStorageItem(key) === true;
-}
-function markInstallationRegistered(organizationId, serviceId, registrationId) {
-  const key = `install_registered_${organizationId}_${serviceId}`;
-  setStorageItem(`install_id_${organizationId}_${serviceId}`, registrationId);
-  return setStorageItem(key, true);
-}
 var IndexedDBStorage = class {
   constructor(dbName = "CloudSignalPWA", dbVersion = 1) {
     this.db = null;
@@ -1356,7 +1347,7 @@ var PushNotificationManager = class {
     this.deviceDetector = new DeviceDetector();
     this.authContext = createAuthContext({
       organizationId: options.organizationId,
-      organizationSecret: options.organizationSecret,
+      organizationPublishableKey: options.organizationPublishableKey,
       userToken: options.userToken
     });
     this.onRegistered = options.onRegistered;
@@ -1595,72 +1586,6 @@ var PushNotificationManager = class {
       return null;
     }
   }
-  /**
-   * Register PWA installation without push subscription.
-   * This tracks users who installed the PWA but haven't subscribed to notifications.
-   * Called automatically when installation is detected.
-   * 
-   * @returns Installation registration result or null if already registered/failed
-   */
-  async registerInstallation() {
-    try {
-      if (isInstallationRegistered(this.organizationId, this.serviceId)) {
-        this.log("Installation already registered, skipping");
-        return null;
-      }
-      const fingerprint = await generateBrowserFingerprint();
-      const deviceInfo = this.deviceDetector.getDeviceInfo();
-      const platformInfo = this.deviceDetector.getPlatformInfo();
-      const installationData = {
-        service_id: this.serviceId,
-        browser_fingerprint: fingerprint || void 0,
-        device_type: deviceInfo.deviceType,
-        device_model: deviceInfo.deviceModel,
-        browser_name: platformInfo.browser,
-        browser_version: platformInfo.browserVersion,
-        os_name: platformInfo.os,
-        os_version: platformInfo.osVersion,
-        user_agent: platformInfo.userAgent,
-        display_mode: "standalone",
-        is_installed: true,
-        timezone: Intl.DateTimeFormat().resolvedOptions().timeZone,
-        language: navigator.language || "en-US"
-      };
-      const url = `${this.serviceUrl}/api/v1/registration/install-only`;
-      const response = await makeAuthenticatedRequestWithContext(
-        this.authContext,
-        "POST",
-        url,
-        installationData,
-        this.onTokenExpired
-      );
-      if (!response.ok) {
-        const errorText = await response.text();
-        throw new Error(`Installation registration failed: ${response.status} - ${errorText}`);
-      }
-      const result = await response.json();
-      markInstallationRegistered(this.organizationId, this.serviceId, result.registration_id);
-      this.log(`Installation registered successfully: ${result.registration_id}`);
-      return { registrationId: result.registration_id };
-    } catch (error) {
-      const err = error instanceof Error ? error : new Error(String(error));
-      this.log(`Installation registration failed: ${err.message}`, "error");
-      this.onError?.(err);
-      return null;
-    }
-  }
-  /**
-   * Check if installation is already registered
-   */
-  isInstallationRegistered() {
-    return isInstallationRegistered(this.organizationId, this.serviceId);
-  }
-  /**
-   * Get stored installation registration ID
-   */
-  getInstallationId() {
-    return getStorageItem(`install_id_${this.organizationId}_${this.serviceId}`);
-  }
   /**
    * Request notification permission
    */
@@ -1755,7 +1680,7 @@ var HeartbeatManager = class {
     this.onTokenExpired = options.onTokenExpired;
     this.authContext = createAuthContext({
       organizationId: options.organizationId,
-      organizationSecret: options.organizationSecret,
+      organizationPublishableKey: options.organizationPublishableKey,
       userToken: options.userToken
     });
     this.config = {
@@ -3192,7 +3117,7 @@ var IOSInstallBanner = class {
 
 // src/CloudSignalPWA.ts
 var DEFAULT_SERVICE_URL = "https://pwa.cloudsignal.app";
-var SDK_VERSION = "1.2.3";
+var SDK_VERSION = "1.2.0";
 var CloudSignalPWA = class {
   constructor(config) {
     this.initialized = false;
@@ -3206,12 +3131,12 @@ var CloudSignalPWA = class {
     this.config = config;
     this.serviceUrl = config.serviceUrl || DEFAULT_SERVICE_URL;
     this.debug = config.debug ?? false;
-    if (!config.organizationSecret && !config.userToken) {
-      throw new Error("Either organizationSecret or userToken must be provided");
+    if (!config.organizationPublishableKey && !config.userToken) {
+      throw new Error("Either organizationPublishableKey or userToken must be provided");
     }
     this.authContext = createAuthContext({
       organizationId: config.organizationId,
-      organizationSecret: config.organizationSecret,
+      organizationPublishableKey: config.organizationPublishableKey,
       userToken: config.userToken
     });
     this.deviceDetector = new DeviceDetector();
@@ -3232,7 +3157,7 @@ var CloudSignalPWA = class {
     this.pushNotificationManager = new PushNotificationManager({
       serviceUrl: this.serviceUrl,
       organizationId: config.organizationId,
-      organizationSecret: config.organizationSecret,
+      organizationPublishableKey: config.organizationPublishableKey,
       userToken: config.userToken,
       onTokenExpired: config.onTokenExpired,
       serviceId: config.serviceId,
@@ -3251,7 +3176,7 @@ var CloudSignalPWA = class {
     this.heartbeatManager = new HeartbeatManager({
       serviceUrl: this.serviceUrl,
       organizationId: config.organizationId,
-      organizationSecret: config.organizationSecret,
+      organizationPublishableKey: config.organizationPublishableKey,
       userToken: config.userToken,
       onTokenExpired: config.onTokenExpired,
       config: config.heartbeat,
@@ -3333,20 +3258,11 @@ var CloudSignalPWA = class {
         this.configureNotificationAnalytics(swReg);
       }
       if (this.iosInstallBanner && this.config.iosInstallBanner?.showOnFirstVisit !== false) {
-        const installState2 = this.installationManager.getState();
-        if (!installState2.isInstalled) {
+        const installState = this.installationManager.getState();
+        if (!installState.isInstalled) {
           this.iosInstallBanner.show();
         }
       }
-      const installState = this.installationManager.getState();
-      if (installState.isInstalled) {
-        this.log("PWA installation detected, registering...");
-        const installResult = await this.pushNotificationManager.registerInstallation();
-        if (installResult) {
-          this.log(`Installation registered: ${installResult.registrationId}`);
-          this.emit("install:registered", { registrationId: installResult.registrationId });
-        }
-      }
       this.initialized = true;
       const result = {
         success: true,