@cranberry-money/shared-services 1.0.0

package/dist/adapters/MobileTokenStorage.js

@@ -0,0 +1,128 @@
+/**
+ * Mobile-specific token storage using secure storage
+ *
+ * This implementation uses platform-secure storage mechanisms
+ * like iOS Keychain and Android Keystore via React Native libraries.
+ *
+ * For Expo: Uses Expo SecureStore
+ * For bare React Native: Would use @react-native-async-storage/async-storage
+ * with encryption or react-native-keychain
+ */
+import { BaseTokenStorage } from '../core/TokenStorage';
+// Keys for secure storage
+const STORAGE_KEYS = {
+    ACCESS_TOKEN: 'myportfolio_access_token',
+    REFRESH_TOKEN: 'myportfolio_refresh_token',
+};
+export class MobileTokenStorage extends BaseTokenStorage {
+    constructor(secureStore) {
+        super();
+        this.secureStore = secureStore;
+    }
+    async storeTokens(tokens) {
+        if (!this.validateTokens(tokens)) {
+            throw new Error('Invalid token format');
+        }
+        try {
+            await Promise.all([
+                this.secureStore.setItemAsync(STORAGE_KEYS.ACCESS_TOKEN, tokens.access),
+                this.secureStore.setItemAsync(STORAGE_KEYS.REFRESH_TOKEN, tokens.refresh),
+            ]);
+        }
+        catch (error) {
+            throw new Error(`Failed to store tokens: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+    }
+    async retrieveTokens() {
+        try {
+            const [access, refresh] = await Promise.all([
+                this.secureStore.getItemAsync(STORAGE_KEYS.ACCESS_TOKEN),
+                this.secureStore.getItemAsync(STORAGE_KEYS.REFRESH_TOKEN),
+            ]);
+            if (!access || !refresh) {
+                return null;
+            }
+            const tokens = { access, refresh };
+            if (!this.validateTokens(tokens)) {
+                // Clear invalid tokens
+                await this.clearTokens();
+                return null;
+            }
+            return tokens;
+        }
+        catch (error) {
+            console.error('Failed to retrieve tokens:', error);
+            return null;
+        }
+    }
+    async clearTokens() {
+        try {
+            await Promise.all([
+                this.secureStore.deleteItemAsync(STORAGE_KEYS.ACCESS_TOKEN),
+                this.secureStore.deleteItemAsync(STORAGE_KEYS.REFRESH_TOKEN),
+            ]);
+        }
+        catch (error) {
+            console.error('Failed to clear tokens:', error);
+            // Don't throw - clearing should be idempotent
+        }
+    }
+    async hasTokens() {
+        try {
+            const [access, refresh] = await Promise.all([
+                this.secureStore.getItemAsync(STORAGE_KEYS.ACCESS_TOKEN),
+                this.secureStore.getItemAsync(STORAGE_KEYS.REFRESH_TOKEN),
+            ]);
+            return !!(access && refresh);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Check if secure storage is available
+     */
+    async isAvailable() {
+        try {
+            // Try to perform a simple operation to check availability
+            await this.secureStore.isAvailableAsync?.();
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+/**
+ * Factory function to create MobileTokenStorage with different backends
+ */
+export const createMobileTokenStorage = (secureStore) => {
+    return new MobileTokenStorage(secureStore);
+};
+/**
+ * Expo SecureStore adapter
+ * Usage: createMobileTokenStorage(createExpoSecureStoreAdapter())
+ */
+export const createExpoSecureStoreAdapter = () => {
+    // This would be implemented when actually using Expo
+    // For now, return a mock implementation for type checking
+    return {
+        async setItemAsync(key, value) {
+            // In real implementation: await ExpoSecureStore.setItemAsync(key, value);
+            console.log(`Mock: Storing ${key} = ${value}`);
+        },
+        async getItemAsync(key) {
+            // In real implementation: return await ExpoSecureStore.getItemAsync(key);
+            console.log(`Mock: Retrieving ${key}`);
+            return null;
+        },
+        async deleteItemAsync(key) {
+            // In real implementation: await ExpoSecureStore.deleteItemAsync(key);
+            console.log(`Mock: Deleting ${key}`);
+        },
+        async isAvailableAsync() {
+            // In real implementation: return await ExpoSecureStore.isAvailableAsync();
+            return true;
+        },
+    };
+};

package/dist/adapters/WebApiClient.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Web-specific API client implementation using fetch or axios
+ *
+ * This implementation is designed for web browsers and supports
+ * cookie-based authentication with proper CORS handling.
+ */
+import { BaseApiClient, type RequestConfig, type ApiResponse, type ApiClientConfig } from '../core/BaseApiClient';
+export declare class WebApiClient extends BaseApiClient {
+    constructor(config: ApiClientConfig);
+    request<T = unknown>(config: RequestConfig): Promise<ApiResponse<T>>;
+    /**
+     * Parse response data based on content type
+     */
+    private parseResponseData;
+    /**
+     * Convert Headers to plain object
+     */
+    private parseResponseHeaders;
+    /**
+     * Check if error is an API error
+     */
+    private isApiError;
+    /**
+     * Handle token refresh for web (cookie-based)
+     */
+    protected handleTokenRefresh(): Promise<boolean>;
+}
+//# sourceMappingURL=WebApiClient.d.ts.map

package/dist/adapters/WebApiClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"WebApiClient.d.ts","sourceRoot":"","sources":["../../src/adapters/WebApiClient.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,aAAa,EAAE,KAAK,aAAa,EAAE,KAAK,WAAW,EAAE,KAAK,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAElH,qBAAa,YAAa,SAAQ,aAAa;gBACjC,MAAM,EAAE,eAAe;IAU7B,OAAO,CAAC,CAAC,GAAG,OAAO,EAAE,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;IAoE1E;;OAEG;YACW,iBAAiB;IAe/B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAQ5B;;OAEG;IACH,OAAO,CAAC,UAAU;IAOlB;;OAEG;cACa,kBAAkB,IAAI,OAAO,CAAC,OAAO,CAAC;CAcvD"}

package/dist/adapters/WebApiClient.js

@@ -0,0 +1,119 @@
+/**
+ * Web-specific API client implementation using fetch or axios
+ *
+ * This implementation is designed for web browsers and supports
+ * cookie-based authentication with proper CORS handling.
+ */
+import { HTTP_HEADER_CONTENT_TYPE, CONTENT_TYPE_APPLICATION_JSON } from '@myportfolio/shared-constants';
+import { BaseApiClient } from '../core/BaseApiClient';
+export class WebApiClient extends BaseApiClient {
+    constructor(config) {
+        super({
+            ...config,
+            defaultHeaders: {
+                [HTTP_HEADER_CONTENT_TYPE]: CONTENT_TYPE_APPLICATION_JSON,
+                ...config.defaultHeaders,
+            },
+        });
+    }
+    async request(config) {
+        const url = this.buildUrl(config.url);
+        const headers = await this.buildHeaders(config.headers);
+        // Build fetch options
+        const fetchOptions = {
+            method: config.method || 'GET',
+            headers,
+            credentials: this.withCredentials ? 'include' : 'omit',
+        };
+        // Add body for non-GET requests
+        if (config.data && config.method !== 'GET') {
+            if (headers[HTTP_HEADER_CONTENT_TYPE] === CONTENT_TYPE_APPLICATION_JSON) {
+                fetchOptions.body = JSON.stringify(config.data);
+            }
+            else {
+                fetchOptions.body = config.data;
+            }
+        }
+        // Add query parameters for GET requests
+        const requestUrl = config.params && config.method === 'GET'
+            ? `${url}?${new URLSearchParams(config.params).toString()}`
+            : url;
+        try {
+            const response = await fetch(requestUrl, fetchOptions);
+            // Handle non-2xx responses
+            if (!response.ok) {
+                const errorData = await this.parseResponseData(response);
+                throw this.createError(response.statusText || 'Request failed', response.status, 'HTTP_ERROR', errorData);
+            }
+            const data = await this.parseResponseData(response);
+            return {
+                data,
+                status: response.status,
+                statusText: response.statusText,
+                headers: this.parseResponseHeaders(response.headers),
+            };
+        }
+        catch (error) {
+            // Handle network errors
+            if (error instanceof TypeError && error.message.includes('fetch')) {
+                throw this.createError('Network error', 0, 'NETWORK_ERROR');
+            }
+            // Re-throw API errors
+            if (this.isApiError(error)) {
+                throw error;
+            }
+            // Handle unexpected errors
+            throw this.createError(error instanceof Error ? error.message : 'Unknown error', 0, 'UNEXPECTED_ERROR');
+        }
+    }
+    /**
+     * Parse response data based on content type
+     */
+    async parseResponseData(response) {
+        const contentType = response.headers.get('content-type') || '';
+        if (contentType.includes('application/json')) {
+            return response.json();
+        }
+        if (contentType.includes('text/')) {
+            return response.text();
+        }
+        // For other content types, return as blob
+        return response.blob();
+    }
+    /**
+     * Convert Headers to plain object
+     */
+    parseResponseHeaders(headers) {
+        const headerObj = {};
+        headers.forEach((value, key) => {
+            headerObj[key] = value;
+        });
+        return headerObj;
+    }
+    /**
+     * Check if error is an API error
+     */
+    isApiError(error) {
+        return typeof error === 'object' &&
+            error !== null &&
+            'message' in error &&
+            'status' in error;
+    }
+    /**
+     * Handle token refresh for web (cookie-based)
+     */
+    async handleTokenRefresh() {
+        try {
+            // For cookie-based auth, make a request to refresh endpoint
+            // The server will set new cookies automatically
+            const response = await this.request({
+                url: '/auth/refresh',
+                method: 'POST',
+            });
+            return response.status === 200;
+        }
+        catch {
+            return false;
+        }
+    }
+}

package/dist/adapters/WebTokenStorage.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Web-specific token storage using HTTP-only cookies
+ *
+ * This implementation relies on the backend to set HTTP-only cookies
+ * and doesn't directly manage tokens on the client side for security.
+ *
+ * For web applications using cookie-based authentication, the tokens
+ * are automatically included in requests via browser cookie handling.
+ */
+import { BaseTokenStorage, type TokenPair } from '../core/TokenStorage';
+export declare class WebTokenStorage extends BaseTokenStorage {
+    /**
+     * For cookie-based auth, tokens are managed by the browser/server
+     * This method would typically not store anything client-side
+     */
+    storeTokens(tokens: TokenPair): Promise<void>;
+    /**
+     * For cookie-based auth, we can't directly access HTTP-only cookies
+     * This method checks if authentication cookies likely exist
+     */
+    retrieveTokens(): Promise<TokenPair | null>;
+    /**
+     * Clear authentication state
+     * In cookie systems, this would typically call a logout endpoint
+     */
+    clearTokens(): Promise<void>;
+    /**
+     * Check authentication status
+     * In cookie systems, this would check if auth cookies exist
+     */
+    hasTokens(): Promise<boolean>;
+    /**
+     * Check if authentication cookies exist
+     * This is a web-specific method for cookie-based auth
+     */
+    hasCookies(): boolean;
+}
+//# sourceMappingURL=WebTokenStorage.d.ts.map

package/dist/adapters/WebTokenStorage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"WebTokenStorage.d.ts","sourceRoot":"","sources":["../../src/adapters/WebTokenStorage.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,gBAAgB,EAAE,KAAK,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAExE,qBAAa,eAAgB,SAAQ,gBAAgB;IACnD;;;OAGG;IACG,WAAW,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAWnD;;;OAGG;IACG,cAAc,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAuBjD;;;OAGG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;IAUlC;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC,OAAO,CAAC;IAYnC;;;OAGG;IACH,UAAU,IAAI,OAAO;CAOtB"}

package/dist/adapters/WebTokenStorage.js

@@ -0,0 +1,86 @@
+/**
+ * Web-specific token storage using HTTP-only cookies
+ *
+ * This implementation relies on the backend to set HTTP-only cookies
+ * and doesn't directly manage tokens on the client side for security.
+ *
+ * For web applications using cookie-based authentication, the tokens
+ * are automatically included in requests via browser cookie handling.
+ */
+import { BaseTokenStorage } from '../core/TokenStorage';
+export class WebTokenStorage extends BaseTokenStorage {
+    /**
+     * For cookie-based auth, tokens are managed by the browser/server
+     * This method would typically not store anything client-side
+     */
+    async storeTokens(tokens) {
+        // In cookie-based systems, tokens are set by the server as HTTP-only cookies
+        // The client doesn't need to manually store them
+        // For development/testing, we could store in sessionStorage
+        // but in production, this would be handled by server-set cookies
+        if (typeof window !== 'undefined' && window.sessionStorage) {
+            sessionStorage.setItem('auth_tokens', JSON.stringify(tokens));
+        }
+    }
+    /**
+     * For cookie-based auth, we can't directly access HTTP-only cookies
+     * This method checks if authentication cookies likely exist
+     */
+    async retrieveTokens() {
+        // In a real cookie-based system, we can't access HTTP-only cookies from JS
+        // This would typically make a request to a /auth/status endpoint
+        // For development/testing, check sessionStorage
+        if (typeof window !== 'undefined' && window.sessionStorage) {
+            const stored = sessionStorage.getItem('auth_tokens');
+            if (stored) {
+                try {
+                    const tokens = JSON.parse(stored);
+                    if (this.validateTokens(tokens)) {
+                        return tokens;
+                    }
+                }
+                catch {
+                    // Invalid stored data, clear it
+                    sessionStorage.removeItem('auth_tokens');
+                }
+            }
+        }
+        return null;
+    }
+    /**
+     * Clear authentication state
+     * In cookie systems, this would typically call a logout endpoint
+     */
+    async clearTokens() {
+        // Clear any client-side storage
+        if (typeof window !== 'undefined' && window.sessionStorage) {
+            sessionStorage.removeItem('auth_tokens');
+        }
+        // In a real implementation, this would make a POST to /auth/signout
+        // to clear the HTTP-only cookies on the server side
+    }
+    /**
+     * Check authentication status
+     * In cookie systems, this would check if auth cookies exist
+     */
+    async hasTokens() {
+        // For cookie-based systems, we'd typically check document.cookie
+        // or make a request to an auth status endpoint
+        // For development, check sessionStorage
+        if (typeof window !== 'undefined' && window.sessionStorage) {
+            return sessionStorage.getItem('auth_tokens') !== null;
+        }
+        return false;
+    }
+    /**
+     * Check if authentication cookies exist
+     * This is a web-specific method for cookie-based auth
+     */
+    hasCookies() {
+        if (typeof document === 'undefined')
+            return false;
+        // Check for common auth cookie names
+        const cookies = document.cookie;
+        return cookies.includes('access') || cookies.includes('sessionid') || cookies.includes('auth');
+    }
+}

package/dist/auth/AuthManager.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Cross-platform Authentication Manager
+ *
+ * Centralizes authentication logic and state management across web and mobile platforms.
+ * Handles token storage, automatic refresh, and authentication state persistence.
+ */
+import type { TokenStorage } from '../core/TokenStorage';
+import type { BaseApiClient } from '../core/BaseApiClient';
+import { type SigninPayload, type SignupPayload, type UserProfile } from '../services/AuthService';
+export interface AuthState {
+    isAuthenticated: boolean;
+    isLoading: boolean;
+    user: UserProfile | null;
+    error: string | null;
+}
+export interface AuthManagerConfig {
+    apiClient: BaseApiClient;
+    tokenStorage: TokenStorage;
+    onAuthStateChange?: (state: AuthState) => void;
+    autoRefreshEnabled?: boolean;
+    refreshThreshold?: number;
+}
+export declare class AuthManager {
+    private apiClient;
+    private tokenStorage;
+    private authService;
+    private onAuthStateChange?;
+    private autoRefreshEnabled;
+    private refreshTimer?;
+    private currentState;
+    constructor(config: AuthManagerConfig);
+    /**
+     * Get current authentication state
+     */
+    getState(): AuthState;
+    /**
+     * Initialize authentication manager
+     * Checks for existing tokens and validates authentication state
+     */
+    initialize(): Promise<AuthState>;
+    /**
+     * Sign in user with credentials
+     */
+    signin(credentials: SigninPayload): Promise<AuthState>;
+    /**
+     * Sign out user
+     */
+    signout(): Promise<AuthState>;
+    /**
+     * Sign up new user
+     */
+    signup(userData: SignupPayload): Promise<{
+        success: boolean;
+        error?: string;
+    }>;
+    /**
+     * Refresh authentication tokens
+     */
+    refreshTokens(): Promise<boolean>;
+    /**
+     * Update user profile in state
+     */
+    refreshProfile(): Promise<void>;
+    /**
+     * Start automatic token refresh
+     */
+    private startAutoRefresh;
+    /**
+     * Stop automatic token refresh
+     */
+    private stopAutoRefresh;
+    /**
+     * Update authentication state and notify listeners
+     */
+    private updateState;
+    /**
+     * Clean up resources
+     */
+    dispose(): void;
+}
+//# sourceMappingURL=AuthManager.d.ts.map

package/dist/auth/AuthManager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthManager.d.ts","sourceRoot":"","sources":["../../src/auth/AuthManager.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAa,MAAM,sBAAsB,CAAC;AACpE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,EAAe,KAAK,aAAa,EAAE,KAAK,aAAa,EAAE,KAAK,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEhH,MAAM,WAAW,SAAS;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,EAAE,OAAO,CAAC;IACnB,IAAI,EAAE,WAAW,GAAG,IAAI,CAAC;IACzB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,aAAa,CAAC;IACzB,YAAY,EAAE,YAAY,CAAC;IAC3B,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,SAAS,KAAK,IAAI,CAAC;IAC/C,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,iBAAiB,CAAC,CAA6B;IACvD,OAAO,CAAC,kBAAkB,CAAU;IACpC,OAAO,CAAC,YAAY,CAAC,CAAiB;IAEtC,OAAO,CAAC,YAAY,CAKlB;gBAEU,MAAM,EAAE,iBAAiB;IAWrC;;OAEG;IACH,QAAQ,IAAI,SAAS;IAIrB;;;OAGG;IACG,UAAU,IAAI,OAAO,CAAC,SAAS,CAAC;IA6CtC;;OAEG;IACG,MAAM,CAAC,WAAW,EAAE,aAAa,GAAG,OAAO,CAAC,SAAS,CAAC;IAsC5D;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,SAAS,CAAC;IAyBnC;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,aAAa,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAsBpF;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,OAAO,CAAC;IA2BvC;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;IAWrC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAWxB;;OAEG;IACH,OAAO,CAAC,eAAe;IAOvB;;OAEG;IACH,OAAO,CAAC,WAAW;IAMnB;;OAEG;IACH,OAAO,IAAI,IAAI;CAGhB"}