@dfns/sdk 0.2.2 → 0.2.3-rc.1

package/generated/webhooks/delegatedClient.ts

@@ -0,0 +1,237 @@
+import { BaseAuthApi, SignUserActionChallengeRequest, UserActionChallengeResponse } from '../../baseAuthApi'
+import { DfnsDelegatedApiClientOptions } from '../../dfnsDelegatedApiClient'
+import { simpleFetch } from '../../utils/fetch'
+import { buildPathAndQuery } from '../../utils/url'
+import * as T from './types'
+
+export class DelegatedWebhooksClient {
+  constructor(private apiOptions: DfnsDelegatedApiClientOptions) {}
+
+  async createWebhookInit(request: T.CreateWebhookRequest): Promise<UserActionChallengeResponse> {
+    const path = buildPathAndQuery('/webhooks', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const challenge = await BaseAuthApi.createUserActionChallenge(
+      {
+        userActionHttpMethod: 'POST',
+        userActionHttpPath: path,
+        userActionPayload: JSON.stringify(request.body),
+        userActionServerKind: 'Api',
+      },
+      this.apiOptions
+    )
+
+    return challenge
+  }
+
+  async createWebhookComplete(
+    request: T.CreateWebhookRequest,
+    signedChallenge: SignUserActionChallengeRequest
+  ): Promise<T.CreateWebhookResponse> {
+    const path = buildPathAndQuery('/webhooks', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const { userAction } = await BaseAuthApi.signUserActionChallenge(
+      signedChallenge,
+      this.apiOptions
+    )
+
+    const response = await simpleFetch(path, {
+      method: 'POST',
+      body: request.body,
+      headers: { 'x-dfns-useraction': userAction },
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+
+  async deleteWebhookInit(request: T.DeleteWebhookRequest): Promise<UserActionChallengeResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const challenge = await BaseAuthApi.createUserActionChallenge(
+      {
+        userActionHttpMethod: 'DELETE',
+        userActionHttpPath: path,
+        userActionPayload: JSON.stringify({}),
+        userActionServerKind: 'Api',
+      },
+      this.apiOptions
+    )
+
+    return challenge
+  }
+
+  async deleteWebhookComplete(
+    request: T.DeleteWebhookRequest,
+    signedChallenge: SignUserActionChallengeRequest
+  ): Promise<T.DeleteWebhookResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const { userAction } = await BaseAuthApi.signUserActionChallenge(
+      signedChallenge,
+      this.apiOptions
+    )
+
+    const response = await simpleFetch(path, {
+      method: 'DELETE',
+      body: {},
+      headers: { 'x-dfns-useraction': userAction },
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+
+  async getWebhook(request: T.GetWebhookRequest): Promise<T.GetWebhookResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const response = await simpleFetch(path, {
+      method: 'GET',
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+
+  async getWebhookEvent(request: T.GetWebhookEventRequest): Promise<T.GetWebhookEventResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId/events/:webhookEventId', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const response = await simpleFetch(path, {
+      method: 'GET',
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+
+  async listWebhookEvents(request: T.ListWebhookEventsRequest): Promise<T.ListWebhookEventsResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId/events', {
+      path: request ?? {},
+      query: request.query ?? {},
+    })
+
+    const response = await simpleFetch(path, {
+      method: 'GET',
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+
+  async listWebhooks(request?: T.ListWebhooksRequest): Promise<T.ListWebhooksResponse> {
+    const path = buildPathAndQuery('/webhooks', {
+      path: request ?? {},
+      query: request?.query ?? {},
+    })
+
+    const response = await simpleFetch(path, {
+      method: 'GET',
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+
+  async pingWebhookInit(request: T.PingWebhookRequest): Promise<UserActionChallengeResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId/ping', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const challenge = await BaseAuthApi.createUserActionChallenge(
+      {
+        userActionHttpMethod: 'POST',
+        userActionHttpPath: path,
+        userActionPayload: JSON.stringify({}),
+        userActionServerKind: 'Api',
+      },
+      this.apiOptions
+    )
+
+    return challenge
+  }
+
+  async pingWebhookComplete(
+    request: T.PingWebhookRequest,
+    signedChallenge: SignUserActionChallengeRequest
+  ): Promise<T.PingWebhookResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId/ping', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const { userAction } = await BaseAuthApi.signUserActionChallenge(
+      signedChallenge,
+      this.apiOptions
+    )
+
+    const response = await simpleFetch(path, {
+      method: 'POST',
+      body: {},
+      headers: { 'x-dfns-useraction': userAction },
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+
+  async updateWebhookInit(request: T.UpdateWebhookRequest): Promise<UserActionChallengeResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const challenge = await BaseAuthApi.createUserActionChallenge(
+      {
+        userActionHttpMethod: 'PUT',
+        userActionHttpPath: path,
+        userActionPayload: JSON.stringify(request.body),
+        userActionServerKind: 'Api',
+      },
+      this.apiOptions
+    )
+
+    return challenge
+  }
+
+  async updateWebhookComplete(
+    request: T.UpdateWebhookRequest,
+    signedChallenge: SignUserActionChallengeRequest
+  ): Promise<T.UpdateWebhookResponse> {
+    const path = buildPathAndQuery('/webhooks/:webhookId', {
+      path: request ?? {},
+      query: {},
+    })
+
+    const { userAction } = await BaseAuthApi.signUserActionChallenge(
+      signedChallenge,
+      this.apiOptions
+    )
+
+    const response = await simpleFetch(path, {
+      method: 'PUT',
+      body: request.body,
+      headers: { 'x-dfns-useraction': userAction },
+      apiOptions: this.apiOptions,
+    })
+
+    return response.json()
+  }
+}

package/generated/webhooks/index.ts

@@ -0,0 +1,3 @@
+export * from './types'
+export * from './client'
+export * from './delegatedClient'

package/generated/webhooks/{types.d.ts → types.ts}

@@ -5,6 +5,7 @@ export type CreateWebhookBody = {
     description?: string | undefined;
     events: ("*" | "wallet.created" | "wallet.exported" | "wallet.delegated" | "wallet.signature.requested" | "wallet.signature.failed" | "wallet.signature.rejected" | "wallet.signature.signed" | "wallet.transaction.requested" | "wallet.transaction.failed" | "wallet.transaction.rejected" | "wallet.transaction.broadcasted" | "wallet.transaction.confirmed" | "wallet.transfer.requested" | "wallet.transfer.failed" | "wallet.transfer.rejected" | "wallet.transfer.broadcasted" | "wallet.transfer.confirmed" | "wallet.blockchainevent.detected")[];
 };
+
 export type CreateWebhookResponse = {
     /** Webhook ID */
     id: string;
@@ -23,19 +24,23 @@ export type CreateWebhookResponse = {
     /** The secret associated with this webhook, with which webhook requests will be signed. */
     secret: string;
 };
-export type CreateWebhookRequest = {
-    body: CreateWebhookBody;
-};
+
+export type CreateWebhookRequest = { body: CreateWebhookBody }
+
 export type DeleteWebhookParams = {
     webhookId: string;
 };
+
 export type DeleteWebhookResponse = {
     deleted: true;
 };
-export type DeleteWebhookRequest = DeleteWebhookParams;
+
+export type DeleteWebhookRequest = DeleteWebhookParams
+
 export type GetWebhookParams = {
     webhookId: string;
 };
+
 export type GetWebhookResponse = {
     /** Webhook ID */
     id: string;
@@ -52,11 +57,14 @@ export type GetWebhookResponse = {
     /** Date when webhook was last updated */
     dateUpdated: string;
 };
-export type GetWebhookRequest = GetWebhookParams;
+
+export type GetWebhookRequest = GetWebhookParams
+
 export type GetWebhookEventParams = {
     webhookId: string;
     webhookEventId: string;
 };
+
 export type GetWebhookEventResponse = {
     /** WebhookEvent ID */
     id: string;
@@ -74,15 +82,19 @@ export type GetWebhookEventResponse = {
     /** Unix timestamp when the event was forwarded to the webhook url by our servers. */
     timestampSent: number;
 };
-export type GetWebhookEventRequest = GetWebhookEventParams;
+
+export type GetWebhookEventRequest = GetWebhookEventParams
+
 export type ListWebhookEventsParams = {
     webhookId: string;
 };
+
 export type ListWebhookEventsQuery = {
     kind?: ("*" | "wallet.created" | "wallet.exported" | "wallet.delegated" | "wallet.signature.requested" | "wallet.signature.failed" | "wallet.signature.rejected" | "wallet.signature.signed" | "wallet.transaction.requested" | "wallet.transaction.failed" | "wallet.transaction.rejected" | "wallet.transaction.broadcasted" | "wallet.transaction.confirmed" | "wallet.transfer.requested" | "wallet.transfer.failed" | "wallet.transfer.rejected" | "wallet.transfer.broadcasted" | "wallet.transfer.confirmed" | "wallet.blockchainevent.detected") | undefined;
     limit?: number | undefined;
     paginationToken?: string | undefined;
 };
+
 export type ListWebhookEventsResponse = {
     items: {
         /** WebhookEvent ID */
@@ -103,13 +115,14 @@ export type ListWebhookEventsResponse = {
     }[];
     nextPageToken?: string | undefined;
 };
-export type ListWebhookEventsRequest = ListWebhookEventsParams & {
-    query?: ListWebhookEventsQuery;
-};
+
+export type ListWebhookEventsRequest = ListWebhookEventsParams & { query?: ListWebhookEventsQuery }
+
 export type ListWebhooksQuery = {
     limit?: number | undefined;
     paginationToken?: string | undefined;
 };
+
 export type ListWebhooksResponse = {
     items: {
         /** Webhook ID */
@@ -129,17 +142,20 @@ export type ListWebhooksResponse = {
     }[];
     nextPageToken?: string | undefined;
 };
-export type ListWebhooksRequest = {
-    query?: ListWebhooksQuery;
-};
+
+export type ListWebhooksRequest = { query?: ListWebhooksQuery }
+
 export type PingWebhookParams = {
     webhookId: string;
 };
+
 export type PingWebhookResponse = {
     status: string;
     error?: string | undefined;
 };
-export type PingWebhookRequest = PingWebhookParams;
+
+export type PingWebhookRequest = PingWebhookParams
+
 export type UpdateWebhookBody = {
     url?: string | undefined;
     description?: (string | undefined) | undefined;
@@ -147,9 +163,11 @@ export type UpdateWebhookBody = {
     /** Webhook status */
     status?: (("Enabled" | "Disabled") | undefined) | undefined;
 };
+
 export type UpdateWebhookParams = {
     webhookId: string;
 };
+
 export type UpdateWebhookResponse = {
     /** Webhook ID */
     id: string;
@@ -166,6 +184,6 @@ export type UpdateWebhookResponse = {
     /** Date when webhook was last updated */
     dateUpdated: string;
 };
-export type UpdateWebhookRequest = UpdateWebhookParams & {
-    body: UpdateWebhookBody;
-};
+
+export type UpdateWebhookRequest = UpdateWebhookParams & { body: UpdateWebhookBody }
+

package/index.ts

@@ -0,0 +1,7 @@
+export * from './baseAuthApi'
+export * from './dfnsApiClient'
+export * from './dfnsAuthenticator'
+export * from './dfnsDelegatedApiClient'
+export * from './dfnsError'
+export * from './signer'
+export * from './store'

package/package.json

@@ -1,11 +1,4 @@
 {
   "name": "@dfns/sdk",
-  "version": "0.2.2",
-  "dependencies": {
-    "buffer": "6.0.3",
-    "cross-fetch": "3.1.6",
-    "uuid": "9.0.0"
-  },
-  "main": "./index.js",
-  "type": "commonjs"
+  "version": "0.2.3-rc.1"
 }

package/project.json

@@ -0,0 +1,14 @@
+{
+  "targets": {
+    "cb": {
+      "executor": "@nx/js:tsc",
+      "options": {
+        "outputPath": "dist/@dfns/sdk",
+        "clean": true,
+        "main": "packages/sdk/index.ts",
+        "tsConfig": "packages/sdk/tsconfig.json",
+        "updateBuildableProjectDepsInPackageJson": true
+      }
+    }
+  }
+}

package/signer.ts

@@ -0,0 +1,60 @@
+export type CredentialKind = 'Key' | 'Fido2' | 'Password' | 'Totp' | 'RecoveryKey'
+
+export type CredentialTransport = 'usb' | 'nfc' | 'ble' | 'internal'
+
+export type AllowCredential = {
+  type: 'public-key'
+  id: string
+  transports: CredentialTransport[]
+}
+
+export type KeyAssertion = {
+  kind: 'Key'
+  credentialAssertion: {
+    credId: string
+    clientData: string
+    signature: string
+    algorithm?: string
+  }
+}
+
+export type Fido2Assertion = {
+  kind: 'Fido2'
+  credentialAssertion: {
+    credId: string
+    clientData: string
+    authenticatorData: string
+    signature: string
+    userHandle: string
+  }
+}
+
+export type PasswordAssertion = {
+  kind: 'Password'
+  password: string
+}
+
+export type TotpAssertion = {
+  kind: 'Totp'
+  otpCode: string
+}
+
+export type RecoveryKeyAssertion = {
+  kind: 'RecoveryKey'
+  credentialAssertion: {
+    credId: string
+    clientData: string
+    signature: string
+    algorithm?: string
+  }
+}
+
+export type FirstFactorAssertion = KeyAssertion | Fido2Assertion | PasswordAssertion
+
+export type SecondFactorAssertion = KeyAssertion | Fido2Assertion | TotpAssertion
+
+export type CredentialAssertion = KeyAssertion | Fido2Assertion | PasswordAssertion | TotpAssertion
+
+export interface CredentialSigner<T extends CredentialAssertion = FirstFactorAssertion> {
+  sign(challenge: string, allowCredentials: { key: AllowCredential[]; webauthn: AllowCredential[] }): Promise<T>
+}

package/store.ts

@@ -0,0 +1,99 @@
+import { AllowCredential, CredentialKind } from './signer'
+
+export type AuthenticatorAttachment = 'platform' | 'cross-platform'
+
+export type ResidentKeyRequirement = 'required' | 'preferred' | 'discouraged'
+
+export type UserVerificationRequirement = 'required' | 'preferred' | 'discouraged'
+
+export type AttestationConveyancePreference = 'none' | 'indirect' | 'direct' | 'enterprise'
+
+export type UserRegistrationChallenge = {
+  temporaryAuthenticationToken: string
+  rp: {
+    id: string
+    name: string
+  }
+  user: {
+    id: string
+    name: string
+    displayName: string
+  }
+  supportedCredentialKinds: {
+    firstFactor: CredentialKind[]
+    secondFactor: CredentialKind[]
+  }
+  otpUrl: string
+  challenge: string
+  authenticatorSelection: {
+    authenticatorAttachment?: AuthenticatorAttachment
+    requireResidentKey: boolean
+    residentKey: ResidentKeyRequirement
+    userVerification: UserVerificationRequirement
+  }
+  attestation: AttestationConveyancePreference
+  pubKeyCredParams: {
+    type: 'public-key'
+    alg: number
+  }[]
+  excludeCredentials: AllowCredential[]
+}
+
+export type KeyAttestation = {
+  credentialKind: 'Key'
+  credentialInfo: {
+    credId: string
+    clientData: string
+    attestationData: string
+  }
+}
+
+export type Fido2Attestation = {
+  credentialKind: 'Fido2'
+  credentialInfo: {
+    credId: string
+    clientData: string
+    attestationData: string
+  }
+}
+
+export type PasswordAttestation = {
+  credentialKind: 'Password'
+  credentialInfo: {
+    password: string
+  }
+}
+
+export type TotpAttestation = {
+  credentialKind: 'Totp'
+  credentialInfo: {
+    otpCode: string
+  }
+}
+
+export type FirstFactorAttestation = KeyAttestation | Fido2Attestation | PasswordAttestation
+
+export type SecondFactorAttestation = KeyAttestation | Fido2Attestation | TotpAttestation
+
+export type RecoveryKeyAttestation = {
+  credentialKind: 'RecoveryKey'
+  credentialInfo: {
+    credId: string
+    clientData: string
+    attestationData: string
+  }
+  encryptedPrivateKey?: string
+}
+
+export type RecoveryFactorAttestation = RecoveryKeyAttestation
+
+export type CredentialAttestation =
+  | KeyAttestation
+  | Fido2Attestation
+  | PasswordAttestation
+  | TotpAttestation
+  | RecoveryKeyAttestation
+
+export interface CredentialStore<T extends CredentialAttestation = FirstFactorAttestation> {
+  create(challenge: UserRegistrationChallenge): Promise<T>
+}

package/tsconfig.json

@@ -0,0 +1,7 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "include": ["*.ts", "**/*.ts"],
+  "compilerOptions": {
+    "baseUrl": "./"
+  }
+}

package/typedoc.json

@@ -0,0 +1,21 @@
+{
+  "$schema": "https://typedoc.org/schema.json",
+  "includeVersion": true,
+  "readme": "./README.md",
+  "entryPoints": [
+    "./index.ts",
+    "./generated/signers/index.ts",
+    "./generated/wallets/index.ts",
+    "./generated/webhooks/index.ts",
+    "./types/signers.ts",
+    "./types/wallets.ts",
+    "./types/webhooks.ts",
+    "./utils/index.ts",
+    "./codegen/Auth/index.ts",
+    "./codegen/Permissions/index.ts",
+    "./codegen/datamodel/Auth/index.ts",
+    "./codegen/datamodel/Foundations/index.ts",
+    "./codegen/datamodel/Orgs/index.ts",
+    "./codegen/datamodel/Permissions/index.ts"
+  ]
+}

package/types/policies.ts

@@ -0,0 +1 @@
+export * from '../generated/policies/types'

package/types/signers.ts

@@ -0,0 +1 @@
+export * from '../generated/signers/types'

package/types/wallets.ts

@@ -0,0 +1 @@
+export * from '../generated/wallets/types'

package/types/webhooks.ts

@@ -0,0 +1 @@
+export * from '../generated/webhooks/types'

package/utils/base64.ts

@@ -0,0 +1,19 @@
+import { Buffer } from 'buffer'
+
+export const toBase64Url = (buffer: string | Buffer): string => {
+  if (typeof buffer === 'string') {
+    buffer = Buffer.from(buffer)
+  }
+
+  return buffer.toString('base64').replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_')
+}
+
+export const fromBase64Url = (encoded: string): Buffer => {
+  const padLength = 4 - (encoded.length % 4)
+  if (padLength < 4) {
+    encoded += '='.repeat(padLength)
+  }
+
+  encoded = encoded.replace(/\-/g, '+').replace(/_/g, '/')
+  return Buffer.from(encoded, 'base64')
+}