npm - @eazo/sdk - Versions diffs - 0.4.0 - Mend

@eazo/sdk 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

package/PROTOCOL.md +134 -0
package/README.md +163 -0
package/dist/index.d.ts +5 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +8 -0
package/dist/index.js.map +1 -0
package/dist/internal/auth-primitive/EazoAuthClient.d.ts +35 -0
package/dist/internal/auth-primitive/EazoAuthClient.d.ts.map +1 -0
package/dist/internal/auth-primitive/EazoAuthClient.js +107 -0
package/dist/internal/auth-primitive/EazoAuthClient.js.map +1 -0
package/dist/internal/auth-primitive/EazoAuthServer.d.ts +18 -0
package/dist/internal/auth-primitive/EazoAuthServer.d.ts.map +1 -0
package/dist/internal/auth-primitive/EazoAuthServer.js +37 -0
package/dist/internal/auth-primitive/EazoAuthServer.js.map +1 -0
package/dist/internal/auth-primitive/decrypt.d.ts +12 -0
package/dist/internal/auth-primitive/decrypt.d.ts.map +1 -0
package/dist/internal/auth-primitive/decrypt.js +89 -0
package/dist/internal/auth-primitive/decrypt.js.map +1 -0
package/dist/internal/auth-primitive/index.d.ts +5 -0
package/dist/internal/auth-primitive/index.d.ts.map +1 -0
package/dist/internal/auth-primitive/index.js +13 -0
package/dist/internal/auth-primitive/index.js.map +1 -0
package/dist/internal/auth-primitive/types.d.ts +61 -0
package/dist/internal/auth-primitive/types.d.ts.map +1 -0
package/dist/internal/auth-primitive/types.js +6 -0
package/dist/internal/auth-primitive/types.js.map +1 -0
package/dist/internal/bootstrap.d.ts +16 -0
package/dist/internal/bootstrap.d.ts.map +1 -0
package/dist/internal/bootstrap.js +81 -0
package/dist/internal/bootstrap.js.map +1 -0
package/dist/internal/bridge/client.d.ts +40 -0
package/dist/internal/bridge/client.d.ts.map +1 -0
package/dist/internal/bridge/client.js +160 -0
package/dist/internal/bridge/client.js.map +1 -0
package/dist/internal/bridge/protocol.d.ts +61 -0
package/dist/internal/bridge/protocol.d.ts.map +1 -0
package/dist/internal/bridge/protocol.js +38 -0
package/dist/internal/bridge/protocol.js.map +1 -0
package/dist/internal/bridge/transport.d.ts +19 -0
package/dist/internal/bridge/transport.d.ts.map +1 -0
package/dist/internal/bridge/transport.js +66 -0
package/dist/internal/bridge/transport.js.map +1 -0
package/dist/internal/capabilities/auth.d.ts +55 -0
package/dist/internal/capabilities/auth.d.ts.map +1 -0
package/dist/internal/capabilities/auth.js +361 -0
package/dist/internal/capabilities/auth.js.map +1 -0
package/dist/internal/capabilities/device.d.ts +11 -0
package/dist/internal/capabilities/device.d.ts.map +1 -0
package/dist/internal/capabilities/device.js +65 -0
package/dist/internal/capabilities/device.js.map +1 -0
package/dist/internal/env.d.ts +14 -0
package/dist/internal/env.d.ts.map +1 -0
package/dist/internal/env.js +28 -0
package/dist/internal/env.js.map +1 -0
package/dist/internal/login-ui/icons.d.ts +18 -0
package/dist/internal/login-ui/icons.d.ts.map +1 -0
package/dist/internal/login-ui/icons.js +62 -0
package/dist/internal/login-ui/icons.js.map +1 -0
package/dist/internal/login-ui/index.d.ts +3 -0
package/dist/internal/login-ui/index.d.ts.map +1 -0
package/dist/internal/login-ui/index.js +160 -0
package/dist/internal/login-ui/index.js.map +1 -0
package/dist/internal/login-ui/styles.d.ts +3 -0
package/dist/internal/login-ui/styles.d.ts.map +1 -0
package/dist/internal/login-ui/styles.js +282 -0
package/dist/internal/login-ui/styles.js.map +1 -0
package/dist/internal/store.d.ts +29 -0
package/dist/internal/store.d.ts.map +1 -0
package/dist/internal/store.js +82 -0
package/dist/internal/store.js.map +1 -0
package/dist/react.d.ts +24 -0
package/dist/react.d.ts.map +1 -0
package/dist/react.js +81 -0
package/dist/react.js.map +1 -0
package/dist/server.d.ts +21 -0
package/dist/server.d.ts.map +1 -0
package/dist/server.js +53 -0
package/dist/server.js.map +1 -0
package/dist/testing.d.ts +13 -0
package/dist/testing.d.ts.map +1 -0
package/dist/testing.js +38 -0
package/dist/testing.js.map +1 -0
package/dist/types.d.ts +33 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +7 -0
package/dist/types.js.map +1 -0
package/package.json +71 -0

package/dist/internal/store.js ADDED Viewed

@@ -0,0 +1,82 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.store = exports.INITIAL_STATE = void 0;
+exports.setAuth = setAuth;
+exports.setDevice = setDevice;
+exports.setLoginUI = setLoginUI;
+const INITIAL_AUTH = {
+    user: null,
+    loading: true,
+    authenticated: false,
+};
+const INITIAL_DEVICE = {
+    platform: "web",
+    locale: "en-US",
+    safeArea: { top: 0, bottom: 0 },
+    backendUrl: "",
+};
+const INITIAL_LOGIN_UI = {
+    open: false,
+    step: "providers",
+    emailMode: "code",
+    providers: [],
+    providersLoading: false,
+    error: null,
+    submitting: false,
+};
+exports.INITIAL_STATE = {
+    auth: INITIAL_AUTH,
+    device: INITIAL_DEVICE,
+    loginUI: INITIAL_LOGIN_UI,
+};
+let snapshot = exports.INITIAL_STATE;
+const listeners = new Set();
+exports.store = {
+    getSnapshot() {
+        return snapshot;
+    },
+    getServerSnapshot() {
+        return exports.INITIAL_STATE;
+    },
+    subscribe(listener) {
+        listeners.add(listener);
+        return () => listeners.delete(listener);
+    },
+    reset() {
+        snapshot = exports.INITIAL_STATE;
+        for (const l of listeners)
+            l();
+    },
+};
+function publish(next) {
+    snapshot = next;
+    for (const l of listeners)
+        l();
+}
+function setAuth(patch) {
+    const current = snapshot.auth;
+    const nextAuth = { ...current, ...patch };
+    if (nextAuth.user === current.user &&
+        nextAuth.loading === current.loading &&
+        nextAuth.authenticated === current.authenticated) {
+        return;
+    }
+    publish({ ...snapshot, auth: nextAuth });
+}
+function setDevice(patch) {
+    const current = snapshot.device;
+    const nextDevice = { ...current, ...patch };
+    const changed = Object.keys(nextDevice).some((key) => nextDevice[key] !== current[key]);
+    if (!changed)
+        return;
+    publish({ ...snapshot, device: nextDevice });
+}
+function setLoginUI(patch) {
+    const current = snapshot.loginUI;
+    const next = { ...current, ...patch };
+    const changed = Object.keys(next).some((key) => next[key] !== current[key]);
+    if (!changed)
+        return;
+    publish({ ...snapshot, loginUI: next });
+}
+//# sourceMappingURL=store.js.map

package/dist/internal/store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"store.js","sourceRoot":"","sources":["../../src/internal/store.ts"],"names":[],"mappings":";;;AA6EA,0BAWC;AAED,8BAQC;AAED,gCAQC;AAzFD,MAAM,YAAY,GAAc;IAC9B,IAAI,EAAE,IAAI;IACV,OAAO,EAAE,IAAI;IACb,aAAa,EAAE,KAAK;CACrB,CAAC;AAEF,MAAM,cAAc,GAAkB;IACpC,QAAQ,EAAE,KAAK;IACf,MAAM,EAAE,OAAO;IACf,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE;IAC/B,UAAU,EAAE,EAAE;CACf,CAAC;AAEF,MAAM,gBAAgB,GAAiB;IACrC,IAAI,EAAE,KAAK;IACX,IAAI,EAAE,WAAW;IACjB,SAAS,EAAE,MAAM;IACjB,SAAS,EAAE,EAAE;IACb,gBAAgB,EAAE,KAAK;IACvB,KAAK,EAAE,IAAI;IACX,UAAU,EAAE,KAAK;CAClB,CAAC;AAMW,QAAA,aAAa,GAAsB;IAC9C,IAAI,EAAE,YAAY;IAClB,MAAM,EAAE,cAAc;IACtB,OAAO,EAAE,gBAAgB;CAC1B,CAAC;AAEF,IAAI,QAAQ,GAAsB,qBAAa,CAAC;AAChD,MAAM,SAAS,GAAG,IAAI,GAAG,EAAY,CAAC;AAEzB,QAAA,KAAK,GAAG;IACnB,WAAW;QACT,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,iBAAiB;QACf,OAAO,qBAAa,CAAC;IACvB,CAAC;IACD,SAAS,CAAC,QAAkB;QAC1B,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACxB,OAAO,GAAG,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC1C,CAAC;IACD,KAAK;QACH,QAAQ,GAAG,qBAAa,CAAC;QACzB,KAAK,MAAM,CAAC,IAAI,SAAS;YAAE,CAAC,EAAE,CAAC;IACjC,CAAC;CACF,CAAC;AAEF,SAAS,OAAO,CAAC,IAAuB;IACtC,QAAQ,GAAG,IAAI,CAAC;IAChB,KAAK,MAAM,CAAC,IAAI,SAAS;QAAE,CAAC,EAAE,CAAC;AACjC,CAAC;AAED,SAAgB,OAAO,CAAC,KAAyB;IAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC;IAC9B,MAAM,QAAQ,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,KAAK,EAAE,CAAC;IAC1C,IACE,QAAQ,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI;QAC9B,QAAQ,CAAC,OAAO,KAAK,OAAO,CAAC,OAAO;QACpC,QAAQ,CAAC,aAAa,KAAK,OAAO,CAAC,aAAa,EAChD,CAAC;QACD,OAAO;IACT,CAAC;IACD,OAAO,CAAC,EAAE,GAAG,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED,SAAgB,SAAS,CAAC,KAA6B;IACrD,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC;IAChC,MAAM,UAAU,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,KAAK,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAgC,CAAC,IAAI,CAC1E,CAAC,GAAG,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CAC1C,CAAC;IACF,IAAI,CAAC,OAAO;QAAE,OAAO;IACrB,OAAO,CAAC,EAAE,GAAG,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED,SAAgB,UAAU,CAAC,KAA4B;IACrD,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;IACjC,MAAM,IAAI,GAAiB,EAAE,GAAG,OAAO,EAAE,GAAG,KAAK,EAAE,CAAC;IACpD,MAAM,OAAO,GAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAA+B,CAAC,IAAI,CACnE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CACpC,CAAC;IACF,IAAI,CAAC,OAAO;QAAE,OAAO;IACrB,OAAO,CAAC,EAAE,GAAG,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;AAC1C,CAAC"}

package/dist/react.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import * as React from "react";
+import type { EazoState } from "./types";
+/**
+ * Mounts the SDK runtime. Place once at the root of your React tree.
+ *
+ *   <EazoProvider>
+ *     <App />
+ *   </EazoProvider>
+ *
+ * Renders the shared login UI so `auth.login()` works anywhere in the app
+ * without the consumer mounting anything else.
+ */
+export declare function EazoProvider(props: {
+    children: React.ReactNode;
+}): React.ReactElement;
+/**
+ * Subscribe to a slice of the Eazo state. The selector runs on every update;
+ * the hook only re-renders when the selector's return value changes (Object.is).
+ *
+ *   const user = useEazo(s => s.auth.user);
+ *   const { platform, safeArea } = useEazo(s => s.device);
+ */
+export declare function useEazo<T>(selector: (state: EazoState) => T): T;
+//# sourceMappingURL=react.d.ts.map

package/dist/react.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"react.d.ts","sourceRoot":"","sources":["../src/react.tsx"],"names":[],"mappings":"AAEA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAO/B,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAIzC;;;;;;;;;GASG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE;IAAE,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAA;CAAE,GAAG,KAAK,CAAC,YAAY,CAcrF;AAED;;;;;;GAMG;AACH,wBAAgB,OAAO,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,KAAK,EAAE,SAAS,KAAK,CAAC,GAAG,CAAC,CAkB/D"}

package/dist/react.js ADDED Viewed

@@ -0,0 +1,81 @@
+"use client";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EazoProvider = EazoProvider;
+exports.useEazo = useEazo;
+const jsx_runtime_1 = require("react/jsx-runtime");
+const React = __importStar(require("react"));
+const bootstrap_1 = require("./internal/bootstrap");
+const auth_1 = require("./internal/capabilities/auth");
+const device_1 = require("./internal/capabilities/device");
+const login_ui_1 = require("./internal/login-ui");
+const store_1 = require("./internal/store");
+const MountedContext = React.createContext(false);
+/**
+ * Mounts the SDK runtime. Place once at the root of your React tree.
+ *
+ *   <EazoProvider>
+ *     <App />
+ *   </EazoProvider>
+ *
+ * Renders the shared login UI so `auth.login()` works anywhere in the app
+ * without the consumer mounting anything else.
+ */
+function EazoProvider(props) {
+    React.useEffect(() => {
+        // Starting the bridge is idempotent; capability access may have already done so.
+        (0, bootstrap_1.getBridge)();
+        void (0, auth_1._bootstrapAuth)();
+        void (0, device_1._bootstrapDevice)();
+    }, []);
+    return ((0, jsx_runtime_1.jsxs)(MountedContext.Provider, { value: true, children: [props.children, (0, jsx_runtime_1.jsx)(login_ui_1.LoginUI, {})] }));
+}
+/**
+ * Subscribe to a slice of the Eazo state. The selector runs on every update;
+ * the hook only re-renders when the selector's return value changes (Object.is).
+ *
+ *   const user = useEazo(s => s.auth.user);
+ *   const { platform, safeArea } = useEazo(s => s.device);
+ */
+function useEazo(selector) {
+    const mounted = React.useContext(MountedContext);
+    if (process.env.NODE_ENV !== "production" && !mounted) {
+        console.warn("[@eazo/sdk] useEazo() called without <EazoProvider>. Mount it at the root of your app.");
+    }
+    const getSnapshot = React.useCallback(() => selector(store_1.store.getSnapshot()), [selector]);
+    const getServerSnapshot = React.useCallback(() => selector(store_1.INITIAL_STATE), [selector]);
+    return React.useSyncExternalStore(store_1.store.subscribe, getSnapshot, getServerSnapshot);
+}
+//# sourceMappingURL=react.js.map

package/dist/react.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"react.js","sourceRoot":"","sources":["../src/react.tsx"],"names":[],"mappings":";AAAA,YAAY,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuBb,oCAcC;AASD,0BAkBC;;AA9DD,6CAA+B;AAE/B,oDAAiD;AACjD,uDAA8D;AAC9D,2DAAkE;AAClE,kDAA8C;AAC9C,4CAAwD;AAGxD,MAAM,cAAc,GAAG,KAAK,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;AAElD;;;;;;;;;GASG;AACH,SAAgB,YAAY,CAAC,KAAoC;IAC/D,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE;QACnB,iFAAiF;QACjF,IAAA,qBAAS,GAAE,CAAC;QACZ,KAAK,IAAA,qBAAc,GAAE,CAAC;QACtB,KAAK,IAAA,yBAAgB,GAAE,CAAC;IAC1B,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,OAAO,CACL,wBAAC,cAAc,CAAC,QAAQ,IAAC,KAAK,EAAE,IAAI,aACjC,KAAK,CAAC,QAAQ,EACf,uBAAC,kBAAO,KAAG,IACa,CAC3B,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,OAAO,CAAI,QAAiC;IAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,CAAC,OAAO,EAAE,CAAC;QACtD,OAAO,CAAC,IAAI,CACV,wFAAwF,CACzF,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW,CACnC,GAAG,EAAE,CAAC,QAAQ,CAAC,aAAK,CAAC,WAAW,EAAE,CAAC,EACnC,CAAC,QAAQ,CAAC,CACX,CAAC;IACF,MAAM,iBAAiB,GAAG,KAAK,CAAC,WAAW,CACzC,GAAG,EAAE,CAAC,QAAQ,CAAC,qBAAa,CAAC,EAC7B,CAAC,QAAQ,CAAC,CACX,CAAC;IAEF,OAAO,KAAK,CAAC,oBAAoB,CAAC,aAAK,CAAC,SAAS,EAAE,WAAW,EAAE,iBAAiB,CAAC,CAAC;AACrF,CAAC"}

package/dist/server.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import type { User } from "./types";
+/** Minimal Request-like shape — avoids importing next/server types. */
+interface HeaderRequest {
+    headers: {
+        get(name: string): string | null;
+    };
+}
+export type AuthResult = {
+    ok: true;
+    user: User;
+} | {
+    ok: false;
+    response: Response;
+};
+/**
+ * Server-side auth guard. Reads the `x-eazo-session` header, decrypts the
+ * encrypted session with EAZO_PRIVATE_KEY, and returns the user.
+ */
+export declare function requireAuth(request: HeaderRequest): AuthResult;
+export type { User } from "./types";
+//# sourceMappingURL=server.d.ts.map

package/dist/server.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAyBpC,uEAAuE;AACvE,UAAU,aAAa;IACrB,OAAO,EAAE;QAAE,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC;CAC/C;AAED,MAAM,MAAM,UAAU,GAClB;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,IAAI,CAAA;CAAE,GACxB;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,QAAQ,EAAE,QAAQ,CAAA;CAAE,CAAC;AAStC;;;GAGG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG,UAAU,CAiB9D;AAED,YAAY,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC"}

package/dist/server.js ADDED Viewed

@@ -0,0 +1,53 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireAuth = requireAuth;
+const auth_primitive_1 = require("./internal/auth-primitive");
+let authServer = null;
+function getAuthServer() {
+    if (authServer)
+        return authServer;
+    const privateKey = process.env.EAZO_PRIVATE_KEY;
+    if (!privateKey) {
+        throw new Error("@eazo/sdk/server: EAZO_PRIVATE_KEY is required for requireAuth().");
+    }
+    authServer = new auth_primitive_1.EazoAuthServer({ privateKey });
+    return authServer;
+}
+function normalize(info) {
+    return {
+        id: String(info.userId),
+        email: info.email ?? null,
+        name: info.nickname ?? null,
+        avatarUrl: info.avatarUrl ?? null,
+    };
+}
+function unauthorized(message) {
+    return new Response(JSON.stringify({ error: message }), {
+        status: 401,
+        headers: { "Content-Type": "application/json" },
+    });
+}
+/**
+ * Server-side auth guard. Reads the `x-eazo-session` header, decrypts the
+ * encrypted session with EAZO_PRIVATE_KEY, and returns the user.
+ */
+function requireAuth(request) {
+    const raw = request.headers.get("x-eazo-session");
+    if (!raw)
+        return { ok: false, response: unauthorized("Missing session") };
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        return { ok: false, response: unauthorized("Malformed session") };
+    }
+    try {
+        const info = getAuthServer().verifySession(parsed);
+        return { ok: true, user: normalize(info) };
+    }
+    catch {
+        return { ok: false, response: unauthorized("Invalid session") };
+    }
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;AAgDA,kCAiBC;AAjED,8DAA2D;AAK3D,IAAI,UAAU,GAA0B,IAAI,CAAC;AAE7C,SAAS,aAAa;IACpB,IAAI,UAAU;QAAE,OAAO,UAAU,CAAC;IAClC,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;IAChD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CACb,mEAAmE,CACpE,CAAC;IACJ,CAAC;IACD,UAAU,GAAG,IAAI,+BAAc,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;IAChD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,SAAS,CAAC,IAAc;IAC/B,OAAO;QACL,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;QACvB,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,IAAI;QACzB,IAAI,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI;QAC3B,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI;KAClC,CAAC;AACJ,CAAC;AAWD,SAAS,YAAY,CAAC,OAAe;IACnC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,EAAE;QACtD,MAAM,EAAE,GAAG;QACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;KAChD,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAgB,WAAW,CAAC,OAAsB;IAChD,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAClD,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,YAAY,CAAC,iBAAiB,CAAC,EAAE,CAAC;IAE1E,IAAI,MAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAiB,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,YAAY,CAAC,mBAAmB,CAAC,EAAE,CAAC;IACpE,CAAC;IAED,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,aAAa,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,YAAY,CAAC,iBAAiB,CAAC,EAAE,CAAC;IAClE,CAAC;AACH,CAAC"}

package/dist/testing.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+/**
+ * Test helpers. NOT for production code paths.
+ *
+ *   import { __resetSDK } from "@eazo/sdk/testing";
+ *   afterEach(() => __resetSDK());
+ */
+export declare function __resetSDK(): void;
+/**
+ * Dispatches a fake message on the window. Use to simulate host → app envelopes
+ * in tests that don't mount a real RN WebView.
+ */
+export declare function __dispatchHostMessage(envelope: unknown): void;
+//# sourceMappingURL=testing.d.ts.map

package/dist/testing.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"testing.d.ts","sourceRoot":"","sources":["../src/testing.ts"],"names":[],"mappings":"AAKA;;;;;GAKG;AAEH,wBAAgB,UAAU,IAAI,IAAI,CAYjC;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,OAAO,GAAG,IAAI,CAG7D"}

package/dist/testing.js ADDED Viewed

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.__resetSDK = __resetSDK;
+exports.__dispatchHostMessage = __dispatchHostMessage;
+const bootstrap_1 = require("./internal/bootstrap");
+const auth_1 = require("./internal/capabilities/auth");
+const device_1 = require("./internal/capabilities/device");
+const store_1 = require("./internal/store");
+/**
+ * Test helpers. NOT for production code paths.
+ *
+ *   import { __resetSDK } from "@eazo/sdk/testing";
+ *   afterEach(() => __resetSDK());
+ */
+function __resetSDK() {
+    (0, auth_1.__resetAuthCapability)();
+    (0, device_1.__resetDeviceCapability)();
+    (0, bootstrap_1.__resetBootstrap)();
+    store_1.store.reset();
+    if (typeof window !== "undefined") {
+        try {
+            window.localStorage.removeItem("eazo.session");
+        }
+        catch {
+            /* ignore */
+        }
+    }
+}
+/**
+ * Dispatches a fake message on the window. Use to simulate host → app envelopes
+ * in tests that don't mount a real RN WebView.
+ */
+function __dispatchHostMessage(envelope) {
+    if (typeof window === "undefined")
+        return;
+    window.dispatchEvent(new MessageEvent("message", { data: envelope }));
+}
+//# sourceMappingURL=testing.js.map

package/dist/testing.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"testing.js","sourceRoot":"","sources":["../src/testing.ts"],"names":[],"mappings":";;AAYA,gCAYC;AAMD,sDAGC;AAjCD,oDAAwD;AACxD,uDAAqE;AACrE,2DAAyE;AACzE,4CAAyC;AAEzC;;;;;GAKG;AAEH,SAAgB,UAAU;IACxB,IAAA,4BAAqB,GAAE,CAAC;IACxB,IAAA,gCAAuB,GAAE,CAAC;IAC1B,IAAA,4BAAgB,GAAE,CAAC;IACnB,aAAK,CAAC,KAAK,EAAE,CAAC;IACd,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,IAAI,CAAC;YACH,MAAM,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,qBAAqB,CAAC,QAAiB;IACrD,IAAI,OAAO,MAAM,KAAK,WAAW;QAAE,OAAO;IAC1C,MAAM,CAAC,aAAa,CAAC,IAAI,YAAY,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC;AACxE,CAAC"}

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * Public semantic types. These are the shapes app developers import.
+ * Protocol / envelope / transport details stay in internal/.
+ */
+export interface User {
+    id: string;
+    email: string | null;
+    name: string | null;
+    avatarUrl: string | null;
+}
+export interface DeviceContext {
+    platform: "web" | "mobile";
+    locale: string;
+    safeArea: {
+        top: number;
+        bottom: number;
+    };
+    backendUrl: string;
+}
+export interface AuthState {
+    user: User | null;
+    loading: boolean;
+    authenticated: boolean;
+}
+/**
+ * The full reactive state tree selected by `useEazo(selector)`.
+ * Each capability contributes one namespace; adding a capability adds a field here.
+ */
+export interface EazoState {
+    auth: AuthState;
+    device: DeviceContext;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,KAAK,GAAG,QAAQ,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAC1C,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,IAAI,GAAG,IAAI,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,SAAS,CAAC;IAChB,MAAM,EAAE,aAAa,CAAC;CACvB"}

package/dist/types.js ADDED Viewed

@@ -0,0 +1,7 @@
+"use strict";
+/**
+ * Public semantic types. These are the shapes app developers import.
+ * Protocol / envelope / transport details stay in internal/.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA;;;GAGG"}

package/package.json ADDED Viewed

@@ -0,0 +1,71 @@
+{
+  "name": "@eazo/sdk",
+  "version": "0.4.0",
+  "description": "Eazo platform SDK — capability-first API for web apps that run on Eazo Mobile and the web browser",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
+    },
+    "./react": {
+      "types": "./dist/react.d.ts",
+      "default": "./dist/react.js"
+    },
+    "./server": {
+      "types": "./dist/server.d.ts",
+      "default": "./dist/server.js"
+    },
+    "./testing": {
+      "types": "./dist/testing.d.ts",
+      "default": "./dist/testing.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "PROTOCOL.md"
+  ],
+  "scripts": {
+    "build": "tsc && node scripts/fix-use-client.js",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "eazo",
+    "sdk",
+    "capability",
+    "platform",
+    "host-bridge"
+  ],
+  "author": "Eazo",
+  "license": "MIT",
+  "dependencies": {
+    "@radix-ui/react-dialog": "^1.1.4",
+    "authing-js-sdk": "^4.23.55",
+    "elliptic": "^6.6.1"
+  },
+  "peerDependencies": {
+    "react": ">=18"
+  },
+  "peerDependenciesMeta": {
+    "react": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@testing-library/react": "^16.1.0",
+    "@types/elliptic": "^6.4.18",
+    "@types/node": "^20.0.0",
+    "@types/react": "^19.0.0",
+    "happy-dom": "^15.11.7",
+    "react": "^19.0.0",
+    "typescript": "^5.3.0",
+    "vitest": "^2.1.8"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}