npm - @cloudsignal/pwa-sdk - Versions diffs - 1.2.4 → 2.1.0 - Mend

@cloudsignal/pwa-sdk 1.2.4 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/CHANGELOG.md +24 -22
package/README.md +45 -509
package/dist/{chunk-IMM7VF4N.js → chunk-IQHSODT4.js} +6 -6
package/dist/chunk-IQHSODT4.js.map +1 -0
package/dist/hmac-WITZIX2O.js +3 -0
package/dist/{hmac-LWLR6F7Z.js.map → hmac-WITZIX2O.js.map} +1 -1
package/dist/index.cjs +77 -86
package/dist/index.cjs.map +1 -1
package/dist/index.d.mts +31 -35
package/dist/index.d.ts +31 -35
package/dist/index.global.js +6 -6
package/dist/index.global.js.map +1 -1
package/dist/index.js +76 -85
package/dist/index.js.map +1 -1
package/dist/service-worker.js +1 -1
package/dist/service-worker.js.map +1 -1
package/package.json +1 -1
package/dist/chunk-IMM7VF4N.js.map +0 -1
package/dist/hmac-LWLR6F7Z.js +0 -3

package/dist/index.d.mts CHANGED Viewed

@@ -200,14 +200,14 @@ interface PWAConfig {
     /** Organization ID (UUID) */
     organizationId: string;
     /**
-     * Organization secret key for HMAC authentication (anonymous mode)
-     * Required if userToken is not provided
+     * Organization publishable key (pk_*) for HMAC-signed anonymous mode.
+     * Safe to ship in browser code. Required if userToken is not provided.
      */
-    organizationSecret?: string;
+    organizationPublishableKey?: string;
     /**
      * JWT token from identity provider for authenticated user mode
      * Supports: Supabase, Firebase, Auth0, Clerk, custom OIDC
-     * When provided, takes precedence over organizationSecret
+     * When provided, takes precedence over organizationPublishableKey
      */
     userToken?: string;
     /**
@@ -1303,9 +1303,9 @@ declare class InstallationManager {
 interface PushNotificationManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    /** Organization secret for HMAC auth (optional if userToken provided) */
-    organizationSecret?: string;
-    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    /** Publishable key (pk_*) for HMAC auth — optional if userToken provided */
+    organizationPublishableKey?: string;
+    /** JWT token for authenticated user mode — optional if organizationPublishableKey provided */
     userToken?: string;
     /** Callback to refresh JWT when expired */
     onTokenExpired?: () => Promise<string>;
@@ -1364,6 +1364,20 @@ declare class PushNotificationManager {
      * Register for push notifications
      */
     register(options?: RegisterOptions): Promise<Registration | null>;
+    /**
+     * Register a PWA installation without a push subscription.
+     *
+     * Tracks users who installed the PWA (standalone display mode) but
+     * haven't granted notification permission yet. A subsequent
+     * ``registerForPush()`` call upgrades the same row to a full push
+     * registration (matched server-side by browser fingerprint).
+     *
+     * Guarded by a localStorage flag so repeat ``initialize()`` calls in
+     * the same storage session are no-ops.
+     */
+    registerInstallation(): Promise<{
+        registrationId: string;
+    } | null>;
     /**
      * Unregister from push notifications
      */
@@ -1376,24 +1390,6 @@ declare class PushNotificationManager {
      * Check registration status
      */
     checkStatus(): Promise<RegistrationStatusResponse | null>;
-    /**
-     * Register PWA installation without push subscription.
-     * This tracks users who installed the PWA but haven't subscribed to notifications.
-     * Called automatically when installation is detected.
-     *
-     * @returns Installation registration result or null if already registered/failed
-     */
-    registerInstallation(): Promise<{
-        registrationId: string;
-    } | null>;
-    /**
-     * Check if installation is already registered
-     */
-    isInstallationRegistered(): boolean;
-    /**
-     * Get stored installation registration ID
-     */
-    getInstallationId(): string | null;
     /**
      * Request notification permission
      */
@@ -1420,9 +1416,9 @@ declare class PushNotificationManager {
 interface HeartbeatManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    /** Organization secret for HMAC auth (optional if userToken provided) */
-    organizationSecret?: string;
-    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    /** Publishable key (pk_*) for HMAC auth — optional if userToken provided */
+    organizationPublishableKey?: string;
+    /** JWT token for authenticated user mode — optional if organizationPublishableKey provided */
     userToken?: string;
     /** Callback to refresh JWT when expired */
     onTokenExpired?: () => Promise<string>;
@@ -1959,7 +1955,7 @@ declare class NotificationPermissionPrompt {
 /**
  * Generate HMAC signature for CloudSignal API requests
  *
- * @param secret - Organization secret key
+ * @param secret - Signing key (organization publishable key, pk_*)
  * @param organizationId - Organization UUID
  * @param timestamp - Unix timestamp string
  * @param method - HTTP method (GET, POST, etc.)
@@ -1972,24 +1968,24 @@ declare function generateHMACSignature(secret: string, organizationId: string, t
  * Generate authentication headers for CloudSignal API requests
  *
  * @param organizationId - Organization UUID
- * @param organizationSecret - Organization secret key
+ * @param organizationPublishableKey - Organization publishable key (pk_*)
  * @param method - HTTP method
  * @param url - Request URL
  * @param body - Request body (optional)
  * @returns Headers object with authentication headers
  */
-declare function generateAuthHeaders(organizationId: string, organizationSecret: string, method: string, url: string, body?: string): Promise<Record<string, string>>;
+declare function generateAuthHeaders(organizationId: string, organizationPublishableKey: string, method: string, url: string, body?: string): Promise<Record<string, string>>;
 /**
  * Make an authenticated request to CloudSignal API
  *
  * @param organizationId - Organization UUID
- * @param organizationSecret - Organization secret key
+ * @param organizationPublishableKey - Organization publishable key (pk_*)
  * @param method - HTTP method
  * @param url - Request URL
  * @param body - Request body (optional)
  * @returns Fetch Response
  */
-declare function makeAuthenticatedRequest(organizationId: string, organizationSecret: string, method: string, url: string, body?: Record<string, any>): Promise<Response>;
+declare function makeAuthenticatedRequest(organizationId: string, organizationPublishableKey: string, method: string, url: string, body?: Record<string, any>): Promise<Response>;
 /**
  * Validate UUID format
  *
@@ -2042,7 +2038,7 @@ declare function makeJWTAuthenticatedRequest(config: JWTAuthConfig, method: stri
 interface AuthContext {
     mode: AuthMode;
     organizationId: string;
-    organizationSecret?: string;
+    organizationPublishableKey?: string;
     userToken?: string;
     onTokenExpired?: () => Promise<string>;
 }
@@ -2055,7 +2051,7 @@ interface AuthContext {
  */
 declare function createAuthContext(config: {
     organizationId: string;
-    organizationSecret?: string;
+    organizationPublishableKey?: string;
     userToken?: string;
     onTokenExpired?: () => Promise<string>;
 }): AuthContext;

package/dist/index.d.ts CHANGED Viewed

@@ -200,14 +200,14 @@ interface PWAConfig {
     /** Organization ID (UUID) */
     organizationId: string;
     /**
-     * Organization secret key for HMAC authentication (anonymous mode)
-     * Required if userToken is not provided
+     * Organization publishable key (pk_*) for HMAC-signed anonymous mode.
+     * Safe to ship in browser code. Required if userToken is not provided.
      */
-    organizationSecret?: string;
+    organizationPublishableKey?: string;
     /**
      * JWT token from identity provider for authenticated user mode
      * Supports: Supabase, Firebase, Auth0, Clerk, custom OIDC
-     * When provided, takes precedence over organizationSecret
+     * When provided, takes precedence over organizationPublishableKey
      */
     userToken?: string;
     /**
@@ -1303,9 +1303,9 @@ declare class InstallationManager {
 interface PushNotificationManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    /** Organization secret for HMAC auth (optional if userToken provided) */
-    organizationSecret?: string;
-    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    /** Publishable key (pk_*) for HMAC auth — optional if userToken provided */
+    organizationPublishableKey?: string;
+    /** JWT token for authenticated user mode — optional if organizationPublishableKey provided */
     userToken?: string;
     /** Callback to refresh JWT when expired */
     onTokenExpired?: () => Promise<string>;
@@ -1364,6 +1364,20 @@ declare class PushNotificationManager {
      * Register for push notifications
      */
     register(options?: RegisterOptions): Promise<Registration | null>;
+    /**
+     * Register a PWA installation without a push subscription.
+     *
+     * Tracks users who installed the PWA (standalone display mode) but
+     * haven't granted notification permission yet. A subsequent
+     * ``registerForPush()`` call upgrades the same row to a full push
+     * registration (matched server-side by browser fingerprint).
+     *
+     * Guarded by a localStorage flag so repeat ``initialize()`` calls in
+     * the same storage session are no-ops.
+     */
+    registerInstallation(): Promise<{
+        registrationId: string;
+    } | null>;
     /**
      * Unregister from push notifications
      */
@@ -1376,24 +1390,6 @@ declare class PushNotificationManager {
      * Check registration status
      */
     checkStatus(): Promise<RegistrationStatusResponse | null>;
-    /**
-     * Register PWA installation without push subscription.
-     * This tracks users who installed the PWA but haven't subscribed to notifications.
-     * Called automatically when installation is detected.
-     *
-     * @returns Installation registration result or null if already registered/failed
-     */
-    registerInstallation(): Promise<{
-        registrationId: string;
-    } | null>;
-    /**
-     * Check if installation is already registered
-     */
-    isInstallationRegistered(): boolean;
-    /**
-     * Get stored installation registration ID
-     */
-    getInstallationId(): string | null;
     /**
      * Request notification permission
      */
@@ -1420,9 +1416,9 @@ declare class PushNotificationManager {
 interface HeartbeatManagerOptions {
     serviceUrl: string;
     organizationId: string;
-    /** Organization secret for HMAC auth (optional if userToken provided) */
-    organizationSecret?: string;
-    /** JWT token for authenticated user mode (optional if organizationSecret provided) */
+    /** Publishable key (pk_*) for HMAC auth — optional if userToken provided */
+    organizationPublishableKey?: string;
+    /** JWT token for authenticated user mode — optional if organizationPublishableKey provided */
     userToken?: string;
     /** Callback to refresh JWT when expired */
     onTokenExpired?: () => Promise<string>;
@@ -1959,7 +1955,7 @@ declare class NotificationPermissionPrompt {
 /**
  * Generate HMAC signature for CloudSignal API requests
  *
- * @param secret - Organization secret key
+ * @param secret - Signing key (organization publishable key, pk_*)
  * @param organizationId - Organization UUID
  * @param timestamp - Unix timestamp string
  * @param method - HTTP method (GET, POST, etc.)
@@ -1972,24 +1968,24 @@ declare function generateHMACSignature(secret: string, organizationId: string, t
  * Generate authentication headers for CloudSignal API requests
  *
  * @param organizationId - Organization UUID
- * @param organizationSecret - Organization secret key
+ * @param organizationPublishableKey - Organization publishable key (pk_*)
  * @param method - HTTP method
  * @param url - Request URL
  * @param body - Request body (optional)
  * @returns Headers object with authentication headers
  */
-declare function generateAuthHeaders(organizationId: string, organizationSecret: string, method: string, url: string, body?: string): Promise<Record<string, string>>;
+declare function generateAuthHeaders(organizationId: string, organizationPublishableKey: string, method: string, url: string, body?: string): Promise<Record<string, string>>;
 /**
  * Make an authenticated request to CloudSignal API
  *
  * @param organizationId - Organization UUID
- * @param organizationSecret - Organization secret key
+ * @param organizationPublishableKey - Organization publishable key (pk_*)
  * @param method - HTTP method
  * @param url - Request URL
  * @param body - Request body (optional)
  * @returns Fetch Response
  */
-declare function makeAuthenticatedRequest(organizationId: string, organizationSecret: string, method: string, url: string, body?: Record<string, any>): Promise<Response>;
+declare function makeAuthenticatedRequest(organizationId: string, organizationPublishableKey: string, method: string, url: string, body?: Record<string, any>): Promise<Response>;
 /**
  * Validate UUID format
  *
@@ -2042,7 +2038,7 @@ declare function makeJWTAuthenticatedRequest(config: JWTAuthConfig, method: stri
 interface AuthContext {
     mode: AuthMode;
     organizationId: string;
-    organizationSecret?: string;
+    organizationPublishableKey?: string;
     userToken?: string;
     onTokenExpired?: () => Promise<string>;
 }
@@ -2055,7 +2051,7 @@ interface AuthContext {
  */
 declare function createAuthContext(config: {
     organizationId: string;
-    organizationSecret?: string;
+    organizationPublishableKey?: string;
     userToken?: string;
     onTokenExpired?: () => Promise<string>;
 }): AuthContext;