@enbox/auth 0.3.1 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/auth-manager.js +245 -5
- package/dist/esm/auth-manager.js.map +1 -1
- package/dist/esm/flows/dwn-discovery.js +96 -81
- package/dist/esm/flows/dwn-discovery.js.map +1 -1
- package/dist/esm/flows/dwn-registration.js +49 -3
- package/dist/esm/flows/dwn-registration.js.map +1 -1
- package/dist/esm/flows/import-identity.js +2 -0
- package/dist/esm/flows/import-identity.js.map +1 -1
- package/dist/esm/flows/local-connect.js +25 -8
- package/dist/esm/flows/local-connect.js.map +1 -1
- package/dist/esm/flows/session-restore.js +20 -4
- package/dist/esm/flows/session-restore.js.map +1 -1
- package/dist/esm/flows/wallet-connect.js +5 -4
- package/dist/esm/flows/wallet-connect.js.map +1 -1
- package/dist/esm/index.js +5 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/password-provider.js +319 -0
- package/dist/esm/password-provider.js.map +1 -0
- package/dist/esm/types.js +9 -1
- package/dist/esm/types.js.map +1 -1
- package/dist/types/auth-manager.d.ts +83 -2
- package/dist/types/auth-manager.d.ts.map +1 -1
- package/dist/types/flows/dwn-discovery.d.ts +40 -53
- package/dist/types/flows/dwn-discovery.d.ts.map +1 -1
- package/dist/types/flows/dwn-registration.d.ts +20 -1
- package/dist/types/flows/dwn-registration.d.ts.map +1 -1
- package/dist/types/flows/import-identity.d.ts.map +1 -1
- package/dist/types/flows/local-connect.d.ts +2 -0
- package/dist/types/flows/local-connect.d.ts.map +1 -1
- package/dist/types/flows/session-restore.d.ts +2 -0
- package/dist/types/flows/session-restore.d.ts.map +1 -1
- package/dist/types/flows/wallet-connect.d.ts +2 -2
- package/dist/types/flows/wallet-connect.d.ts.map +1 -1
- package/dist/types/index.d.ts +5 -2
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/password-provider.d.ts +194 -0
- package/dist/types/password-provider.d.ts.map +1 -0
- package/dist/types/types.d.ts +106 -1
- package/dist/types/types.d.ts.map +1 -1
- package/package.json +8 -9
- package/src/auth-manager.ts +284 -9
- package/src/flows/dwn-discovery.ts +99 -79
- package/src/flows/dwn-registration.ts +60 -5
- package/src/flows/import-identity.ts +2 -0
- package/src/flows/local-connect.ts +24 -3
- package/src/flows/session-restore.ts +22 -2
- package/src/flows/wallet-connect.ts +5 -4
- package/src/index.ts +10 -1
- package/src/password-provider.ts +383 -0
- package/src/types.ts +114 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-connect.js","sourceRoot":"","sources":["../../../src/flows/wallet-connect.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAGhE,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAa3C;;;;;;;;GAQG;AACH,MAAM,UAAgB,sBAAsB,CAAC,MAI5C;;QACC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;QAC9C,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE7C,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,kBAAkB,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAErD,6DAA6D;YAC7D,kDAAkD;YAClD,MAAM,EAAE,WAAW,KAAoB,YAAY,EAA3B,UAAU,UAAK,YAAY,EAA7C,eAA8B,CAAe,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,YAAY,EAAc,CAAC,CAAC,CAAC;YAEzF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC;gBAC9C,KAAK,EAAS,IAAI;gBAClB,MAAM,EAAQ,WAAW;gBACzB,MAAM,EAAQ,WAAW;gBACzB,WAAW,EAAG,YAAY,CAAC,YAAY;gBACvC,WAAW,EAAG,IAAI;gBAClB,UAAU;gBACV,UAAU;aACX,CAAC,CAAC;YAEH,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CACb,oDAAoD,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,CAC1E,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAI,KAAK,CAAC,KAAgE,CAAC,QAAQ,CAAC;YAClG,IAAI,QAAQ,EAAE,CAAC;gBACb,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,CAAC,GAAG,kBAAkB,CAAC,CAAC;IACjC,CAAC;CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAgB,aAAa,CACjC,GAAyB,EACzB,OAA6B;;;QAE7B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAE7C,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,gEAAgE;gBAChE,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,
|
|
1
|
+
{"version":3,"file":"wallet-connect.js","sourceRoot":"","sources":["../../../src/flows/wallet-connect.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAGhE,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAa3C;;;;;;;;GAQG;AACH,MAAM,UAAgB,sBAAsB,CAAC,MAI5C;;QACC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;QAC9C,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE7C,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,kBAAkB,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAErD,6DAA6D;YAC7D,kDAAkD;YAClD,MAAM,EAAE,WAAW,KAAoB,YAAY,EAA3B,UAAU,UAAK,YAAY,EAA7C,eAA8B,CAAe,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,YAAY,EAAc,CAAC,CAAC,CAAC;YAEzF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC;gBAC9C,KAAK,EAAS,IAAI;gBAClB,MAAM,EAAQ,WAAW;gBACzB,MAAM,EAAQ,WAAW;gBACzB,WAAW,EAAG,YAAY,CAAC,YAAY;gBACvC,WAAW,EAAG,IAAI;gBAClB,UAAU;gBACV,UAAU;aACX,CAAC,CAAC;YAEH,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CACb,oDAAoD,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,CAC1E,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAI,KAAK,CAAC,KAAgE,CAAC,QAAQ,CAAC;YAClG,IAAI,QAAQ,EAAE,CAAC;gBACb,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,CAAC,GAAG,kBAAkB,CAAC,CAAC;IACjC,CAAC;CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAgB,aAAa,CACjC,GAAyB,EACzB,OAA6B;;;QAE7B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAE7C,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,gEAAgE;gBAChE,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,+EAA+E;QAC/E,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC;YAC5C,WAAW,EAAU,OAAO,CAAC,WAAW;YACxC,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,SAAS,EAAY,MAAA,OAAO,CAAC,SAAS,mCAAI,iBAAiB;YAC3D,kBAAkB,EAAG,OAAO,CAAC,kBAAkB;YAC/C,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,WAAW,EAAU,OAAO,CAAC,WAAW;SACzC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;QAC5F,CAAC;QAED,MAAM,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;QAErE,2CAA2C;QAC3C,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,gBAAgB,EAAE;oBAChB,WAAW,EAAG,mBAAmB;oBACjC,QAAQ,EAAM;wBACZ,YAAY;wBACZ,IAAI,EAAK,SAAS;wBAClB,GAAG,EAAM,mBAAmB,CAAC,GAAG;wBAChC,MAAM,EAAG,SAAS,CAAC,QAAQ,CAAC,GAAG;qBAChC;iBACF;aACF,CAAC,CAAC;YAEH,uDAAuD;YACvD,MAAM,kBAAkB,GAAG,MAAM,sBAAsB,CAAC;gBACtD,KAAK,EAAS,SAAS;gBACvB,WAAW,EAAG,mBAAmB,CAAC,GAAG;gBACrC,MAAM,EAAQ,cAAc;aAC7B,CAAC,CAAC;YAEH,sEAAsE;YACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;gBACrB,MAAM,YAAY,GAAG,MAAA,GAAG,CAAC,mBAAmB,mCAAI,CAAC,2BAA2B,CAAC,CAAC;gBAC9E,MAAM,wBAAwB,CAC5B;oBACE,SAAS,EAAG,SAAS;oBACrB,YAAY;oBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;oBAClC,YAAY;oBACZ,OAAO,EAAK,OAAO;iBACpB,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;YACJ,CAAC;YAED,4CAA4C;YAC5C,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC;gBACpC,GAAG,EAAO,YAAY;gBACtB,OAAO,EAAG;oBACR,WAAW,EAAG,mBAAmB,CAAC,GAAG;oBACrC,SAAS,EAAK,kBAAkB;iBACjC;aACF,CAAC,CAAC;YAEH,4DAA4D;YAC5D,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,uBAAuB;YACvB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC;wBACzB,MAAM,EAAM,QAAQ,CAAC,GAAG,CAAC,GAAG;wBAC5B,MAAM,EAAM,QAAQ,CAAC,QAAQ,CAAC,MAAM;wBACpC,SAAS,EAAG,IAAI;qBACjB,CAAC,CAAC;gBACL,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;gBAE7B,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBAChE,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;YAC/B,CAAC;YAED,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,wCAAwC,OAAO,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,cAAc;QACd,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;aACjE,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;YACtB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEL,MAAM,WAAW,GAAG,mBAAmB,CAAC,GAAG,CAAC;QAE5C,wBAAwB;QACxB,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAC9D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;QAC1D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAE5D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE;gBACP,GAAG,EAAQ,OAAO,CAAC,GAAG;gBACtB,WAAW;gBACX,QAAQ,EAAG,YAAY;aACxB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
package/dist/esm/index.js
CHANGED
|
@@ -38,13 +38,17 @@ export { AuthManager } from './auth-manager.js';
|
|
|
38
38
|
export { AuthSession } from './identity-session.js';
|
|
39
39
|
export { VaultManager } from './vault/vault-manager.js';
|
|
40
40
|
export { AuthEventEmitter } from './events.js';
|
|
41
|
+
// Password providers
|
|
42
|
+
export { PasswordProvider } from './password-provider.js';
|
|
41
43
|
// Re-export agent classes so consumers can construct custom agents/vaults
|
|
42
44
|
// without a direct @enbox/agent dependency.
|
|
43
45
|
export { EnboxUserAgent, HdIdentityVault } from '@enbox/agent';
|
|
44
46
|
// Wallet-connect helpers
|
|
45
47
|
export { processConnectedGrants } from './flows/wallet-connect.js';
|
|
48
|
+
// Registration token storage helpers
|
|
49
|
+
export { loadTokensFromStorage, saveTokensToStorage } from './flows/dwn-registration.js';
|
|
46
50
|
// Local DWN discovery (browser dwn:// protocol integration)
|
|
47
|
-
export { applyLocalDwnDiscovery, checkUrlForDwnDiscoveryPayload, clearLocalDwnEndpoint,
|
|
51
|
+
export { applyLocalDwnDiscovery, checkUrlForDwnDiscoveryPayload, clearLocalDwnEndpoint, discoverLocalDwn, persistLocalDwnEndpoint, requestLocalDwnDiscovery, restoreLocalDwnEndpoint, } from './flows/dwn-discovery.js';
|
|
48
52
|
// Storage adapters
|
|
49
53
|
export { BrowserStorage, LevelStorage, MemoryStorage, createDefaultStorage } from './storage/storage.js';
|
|
50
54
|
//# sourceMappingURL=index.js.map
|
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,eAAe;AACf,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,0EAA0E;AAC1E,4CAA4C;AAC5C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/D,yBAAyB;AACzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAEnE,4DAA4D;AAC5D,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,qBAAqB,EACrB,uBAAuB,EACvB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,eAAe;AACf,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,qBAAqB;AACrB,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG1D,0EAA0E;AAC1E,4CAA4C;AAC5C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/D,yBAAyB;AACzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAEnE,qCAAqC;AACrC,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAEzF,4DAA4D;AAC5D,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,qBAAqB,EACrB,gBAAgB,EAChB,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,0BAA0B,CAAC;AAElC,mBAAmB;AACnB,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC"}
|
|
@@ -0,0 +1,319 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* PasswordProvider — composable password acquisition strategies.
|
|
3
|
+
*
|
|
4
|
+
* Replaces ad-hoc password prompting scattered across CLI consumers
|
|
5
|
+
* (env vars, raw-mode TTY, `/dev/tty` + `stty`, `@clack/prompts`, etc.)
|
|
6
|
+
* with a single, composable abstraction.
|
|
7
|
+
*
|
|
8
|
+
* @example Chained provider (env first, fall back to TTY)
|
|
9
|
+
* ```ts
|
|
10
|
+
* import { PasswordProvider } from '@enbox/auth';
|
|
11
|
+
*
|
|
12
|
+
* const provider = PasswordProvider.chain([
|
|
13
|
+
* PasswordProvider.fromEnv('ENBOX_PASSWORD'),
|
|
14
|
+
* PasswordProvider.fromTty({ prompt: 'Vault password: ' }),
|
|
15
|
+
* ]);
|
|
16
|
+
*
|
|
17
|
+
* const auth = await AuthManager.create({ passwordProvider: provider });
|
|
18
|
+
* ```
|
|
19
|
+
*
|
|
20
|
+
* @module
|
|
21
|
+
*/
|
|
22
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
23
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
24
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
25
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
26
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
27
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
28
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
29
|
+
});
|
|
30
|
+
};
|
|
31
|
+
// ─── Internal helpers ────────────────────────────────────────────
|
|
32
|
+
/**
|
|
33
|
+
* Read a password from a raw-mode TTY stream.
|
|
34
|
+
*
|
|
35
|
+
* Reads character-by-character with no echo. Handles Enter (resolve),
|
|
36
|
+
* Ctrl-C (reject), backspace, and printable characters.
|
|
37
|
+
*
|
|
38
|
+
* @internal Exported for testing only.
|
|
39
|
+
*/
|
|
40
|
+
export function readPasswordRawMode(stdin, stdout, prompt) {
|
|
41
|
+
stdout.write(prompt);
|
|
42
|
+
return new Promise((resolve, reject) => {
|
|
43
|
+
let buf = '';
|
|
44
|
+
stdin.setRawMode(true);
|
|
45
|
+
stdin.setEncoding('utf8');
|
|
46
|
+
stdin.resume();
|
|
47
|
+
const onData = (ch) => {
|
|
48
|
+
const code = ch.charCodeAt(0);
|
|
49
|
+
if (ch === '\r' || ch === '\n') {
|
|
50
|
+
// Enter — done.
|
|
51
|
+
stdin.setRawMode(false);
|
|
52
|
+
stdin.pause();
|
|
53
|
+
stdin.removeListener('data', onData);
|
|
54
|
+
stdout.write('\n');
|
|
55
|
+
resolve(buf);
|
|
56
|
+
}
|
|
57
|
+
else if (code === 3) {
|
|
58
|
+
// Ctrl-C — abort.
|
|
59
|
+
stdin.setRawMode(false);
|
|
60
|
+
stdin.pause();
|
|
61
|
+
stdin.removeListener('data', onData);
|
|
62
|
+
stdout.write('\n');
|
|
63
|
+
reject(new Error('[@enbox/auth] PasswordProvider.fromTty: cancelled by user.'));
|
|
64
|
+
}
|
|
65
|
+
else if (code === 127 || code === 8) {
|
|
66
|
+
// Backspace / Delete.
|
|
67
|
+
if (buf.length > 0) {
|
|
68
|
+
buf = buf.slice(0, -1);
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
else if (code >= 32) {
|
|
72
|
+
// Printable character.
|
|
73
|
+
buf += ch;
|
|
74
|
+
}
|
|
75
|
+
};
|
|
76
|
+
stdin.on('data', onData);
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
/**
|
|
80
|
+
* Read a password from `/dev/tty` using synchronous I/O.
|
|
81
|
+
*
|
|
82
|
+
* Opens `/dev/tty` directly, uses `stty -echo` to suppress input,
|
|
83
|
+
* reads until newline, then restores echo and closes file descriptors.
|
|
84
|
+
*
|
|
85
|
+
* @param prompt - The prompt string to display.
|
|
86
|
+
* @param io - Injectable I/O functions (defaults to `node:fs` + `node:child_process`).
|
|
87
|
+
* @internal Exported for testing only.
|
|
88
|
+
*/
|
|
89
|
+
export function readPasswordDevTty(prompt, io) {
|
|
90
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
91
|
+
// Use injected I/O or import real modules.
|
|
92
|
+
let fsIo;
|
|
93
|
+
if (io) {
|
|
94
|
+
fsIo = io;
|
|
95
|
+
}
|
|
96
|
+
else {
|
|
97
|
+
const { openSync, readSync, writeSync, closeSync } = yield import('node:fs');
|
|
98
|
+
const { execSync } = yield import('node:child_process');
|
|
99
|
+
fsIo = {
|
|
100
|
+
openSync,
|
|
101
|
+
readSync,
|
|
102
|
+
writeSync,
|
|
103
|
+
closeSync,
|
|
104
|
+
execSync: (cmd, opts) => { execSync(cmd, opts); },
|
|
105
|
+
};
|
|
106
|
+
}
|
|
107
|
+
let readFd;
|
|
108
|
+
let writeFd;
|
|
109
|
+
try {
|
|
110
|
+
readFd = fsIo.openSync('/dev/tty', 'r');
|
|
111
|
+
writeFd = fsIo.openSync('/dev/tty', 'w');
|
|
112
|
+
}
|
|
113
|
+
catch (_a) {
|
|
114
|
+
throw new Error('[@enbox/auth] PasswordProvider.fromDevTty: cannot open /dev/tty. ' +
|
|
115
|
+
'No controlling terminal available.');
|
|
116
|
+
}
|
|
117
|
+
try {
|
|
118
|
+
// Suppress echo.
|
|
119
|
+
try {
|
|
120
|
+
fsIo.execSync('stty -echo < /dev/tty', { stdio: 'ignore' });
|
|
121
|
+
}
|
|
122
|
+
catch (_b) {
|
|
123
|
+
// Continue — the user sees their password but the flow works.
|
|
124
|
+
}
|
|
125
|
+
fsIo.writeSync(writeFd, prompt);
|
|
126
|
+
// Cooked-mode read (line-buffered; terminal handles backspace).
|
|
127
|
+
const readBuf = new Uint8Array(256);
|
|
128
|
+
const decoder = new TextDecoder('utf-8');
|
|
129
|
+
let password = '';
|
|
130
|
+
while (true) {
|
|
131
|
+
const bytesRead = fsIo.readSync(readFd, readBuf, 0, readBuf.length, null);
|
|
132
|
+
if (bytesRead === 0) {
|
|
133
|
+
break;
|
|
134
|
+
}
|
|
135
|
+
password += decoder.decode(readBuf.subarray(0, bytesRead), { stream: true });
|
|
136
|
+
const nlIdx = password.indexOf('\n');
|
|
137
|
+
if (nlIdx !== -1) {
|
|
138
|
+
password = password.slice(0, nlIdx);
|
|
139
|
+
break;
|
|
140
|
+
}
|
|
141
|
+
const crIdx = password.indexOf('\r');
|
|
142
|
+
if (crIdx !== -1) {
|
|
143
|
+
password = password.slice(0, crIdx);
|
|
144
|
+
break;
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
fsIo.writeSync(writeFd, '\n');
|
|
148
|
+
return password;
|
|
149
|
+
}
|
|
150
|
+
finally {
|
|
151
|
+
// Restore echo.
|
|
152
|
+
try {
|
|
153
|
+
fsIo.execSync('stty echo < /dev/tty', { stdio: 'ignore' });
|
|
154
|
+
}
|
|
155
|
+
catch ( /* best-effort */_c) { /* best-effort */ }
|
|
156
|
+
fsIo.closeSync(readFd);
|
|
157
|
+
fsIo.closeSync(writeFd);
|
|
158
|
+
}
|
|
159
|
+
});
|
|
160
|
+
}
|
|
161
|
+
// ─── Factory functions ───────────────────────────────────────────
|
|
162
|
+
export var PasswordProvider;
|
|
163
|
+
(function (PasswordProvider) {
|
|
164
|
+
/**
|
|
165
|
+
* Read the password from an environment variable.
|
|
166
|
+
*
|
|
167
|
+
* Throws if the variable is not set or is empty, allowing `chain()`
|
|
168
|
+
* to fall through to the next provider.
|
|
169
|
+
*
|
|
170
|
+
* @param envVar - Name of the environment variable. Default: `'ENBOX_PASSWORD'`.
|
|
171
|
+
*
|
|
172
|
+
* @example
|
|
173
|
+
* ```ts
|
|
174
|
+
* const provider = PasswordProvider.fromEnv('MY_APP_PASSWORD');
|
|
175
|
+
* ```
|
|
176
|
+
*/
|
|
177
|
+
function fromEnv(envVar = 'ENBOX_PASSWORD') {
|
|
178
|
+
return {
|
|
179
|
+
getPassword() {
|
|
180
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
181
|
+
const value = process.env[envVar];
|
|
182
|
+
if (!value) {
|
|
183
|
+
throw new Error(`[@enbox/auth] PasswordProvider.fromEnv: environment variable '${envVar}' is not set.`);
|
|
184
|
+
}
|
|
185
|
+
return value;
|
|
186
|
+
});
|
|
187
|
+
},
|
|
188
|
+
};
|
|
189
|
+
}
|
|
190
|
+
PasswordProvider.fromEnv = fromEnv;
|
|
191
|
+
/**
|
|
192
|
+
* Wrap an async callback as a password provider.
|
|
193
|
+
*
|
|
194
|
+
* This is the escape hatch for custom UI (e.g. `@clack/prompts`,
|
|
195
|
+
* Electron dialog, browser modal).
|
|
196
|
+
*
|
|
197
|
+
* @param callback - Called with the password context; must return a password string.
|
|
198
|
+
*
|
|
199
|
+
* @example
|
|
200
|
+
* ```ts
|
|
201
|
+
* const provider = PasswordProvider.fromCallback(async ({ reason }) => {
|
|
202
|
+
* if (reason === 'create') {
|
|
203
|
+
* return await showCreatePasswordDialog();
|
|
204
|
+
* }
|
|
205
|
+
* return await showUnlockDialog();
|
|
206
|
+
* });
|
|
207
|
+
* ```
|
|
208
|
+
*/
|
|
209
|
+
function fromCallback(callback) {
|
|
210
|
+
return { getPassword: callback };
|
|
211
|
+
}
|
|
212
|
+
PasswordProvider.fromCallback = fromCallback;
|
|
213
|
+
/**
|
|
214
|
+
* Prompt for a password via `process.stdin` in raw mode.
|
|
215
|
+
*
|
|
216
|
+
* Input is read character-by-character with no echo. Handles
|
|
217
|
+
* backspace and Ctrl-C (rejects with an error). Only works when
|
|
218
|
+
* `process.stdin.isTTY` is `true`; throws otherwise so `chain()`
|
|
219
|
+
* can fall through to the next provider.
|
|
220
|
+
*
|
|
221
|
+
* Suitable for main CLI processes that own stdin/stdout.
|
|
222
|
+
*
|
|
223
|
+
* @param options - Optional configuration.
|
|
224
|
+
* @param options.prompt - Text to display before reading. Default: `'Vault password: '`.
|
|
225
|
+
*
|
|
226
|
+
* @example
|
|
227
|
+
* ```ts
|
|
228
|
+
* const provider = PasswordProvider.fromTty({ prompt: 'Password: ' });
|
|
229
|
+
* ```
|
|
230
|
+
*/
|
|
231
|
+
function fromTty(options = {}) {
|
|
232
|
+
var _a;
|
|
233
|
+
const prompt = (_a = options.prompt) !== null && _a !== void 0 ? _a : 'Vault password: ';
|
|
234
|
+
return {
|
|
235
|
+
getPassword() {
|
|
236
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
237
|
+
if (!process.stdin.isTTY) {
|
|
238
|
+
throw new Error('[@enbox/auth] PasswordProvider.fromTty: stdin is not a TTY.');
|
|
239
|
+
}
|
|
240
|
+
return readPasswordRawMode(process.stdin, process.stdout, prompt);
|
|
241
|
+
});
|
|
242
|
+
},
|
|
243
|
+
};
|
|
244
|
+
}
|
|
245
|
+
PasswordProvider.fromTty = fromTty;
|
|
246
|
+
/**
|
|
247
|
+
* Prompt for a password via `/dev/tty` (Unix only).
|
|
248
|
+
*
|
|
249
|
+
* Opens `/dev/tty` directly, bypassing `process.stdin`. This is
|
|
250
|
+
* essential for subprocesses where stdin is owned by the parent
|
|
251
|
+
* (e.g. Git credential helpers, SSH, GPG). Uses `stty -echo` to
|
|
252
|
+
* suppress input echo.
|
|
253
|
+
*
|
|
254
|
+
* Throws if `/dev/tty` cannot be opened (e.g. non-Unix platform,
|
|
255
|
+
* no controlling terminal), allowing `chain()` to fall through.
|
|
256
|
+
*
|
|
257
|
+
* @param options - Optional configuration.
|
|
258
|
+
* @param options.prompt - Text to display before reading. Default: `'Vault password: '`.
|
|
259
|
+
*
|
|
260
|
+
* @example
|
|
261
|
+
* ```ts
|
|
262
|
+
* // For git credential helpers:
|
|
263
|
+
* const provider = PasswordProvider.fromDevTty();
|
|
264
|
+
* ```
|
|
265
|
+
*/
|
|
266
|
+
function fromDevTty(options = {}) {
|
|
267
|
+
var _a;
|
|
268
|
+
const prompt = (_a = options.prompt) !== null && _a !== void 0 ? _a : 'Vault password: ';
|
|
269
|
+
return {
|
|
270
|
+
getPassword() {
|
|
271
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
272
|
+
return readPasswordDevTty(prompt);
|
|
273
|
+
});
|
|
274
|
+
},
|
|
275
|
+
};
|
|
276
|
+
}
|
|
277
|
+
PasswordProvider.fromDevTty = fromDevTty;
|
|
278
|
+
/**
|
|
279
|
+
* Compose multiple providers with automatic fallback.
|
|
280
|
+
*
|
|
281
|
+
* Tries each provider in order. If a provider throws, the next one
|
|
282
|
+
* is tried. If all providers fail, the last error is rethrown.
|
|
283
|
+
*
|
|
284
|
+
* @param providers - Ordered list of providers to try.
|
|
285
|
+
*
|
|
286
|
+
* @example
|
|
287
|
+
* ```ts
|
|
288
|
+
* // Try env var first, then interactive TTY, then /dev/tty for subprocesses.
|
|
289
|
+
* const provider = PasswordProvider.chain([
|
|
290
|
+
* PasswordProvider.fromEnv('ENBOX_PASSWORD'),
|
|
291
|
+
* PasswordProvider.fromTty(),
|
|
292
|
+
* PasswordProvider.fromDevTty(),
|
|
293
|
+
* ]);
|
|
294
|
+
* ```
|
|
295
|
+
*/
|
|
296
|
+
function chain(providers) {
|
|
297
|
+
if (providers.length === 0) {
|
|
298
|
+
throw new Error('[@enbox/auth] PasswordProvider.chain: at least one provider is required.');
|
|
299
|
+
}
|
|
300
|
+
return {
|
|
301
|
+
getPassword(context) {
|
|
302
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
303
|
+
let lastError;
|
|
304
|
+
for (const provider of providers) {
|
|
305
|
+
try {
|
|
306
|
+
return yield provider.getPassword(context);
|
|
307
|
+
}
|
|
308
|
+
catch (err) {
|
|
309
|
+
lastError = err instanceof Error ? err : new Error(String(err));
|
|
310
|
+
}
|
|
311
|
+
}
|
|
312
|
+
throw lastError !== null && lastError !== void 0 ? lastError : new Error('[@enbox/auth] PasswordProvider.chain: all providers failed.');
|
|
313
|
+
});
|
|
314
|
+
},
|
|
315
|
+
};
|
|
316
|
+
}
|
|
317
|
+
PasswordProvider.chain = chain;
|
|
318
|
+
})(PasswordProvider || (PasswordProvider = {}));
|
|
319
|
+
//# sourceMappingURL=password-provider.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"password-provider.js","sourceRoot":"","sources":["../../src/password-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;AAsDH,oEAAoE;AAEpE;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CACjC,KAAkB,EAClB,MAAmB,EACnB,MAAc;IAEd,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAErB,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC7C,IAAI,GAAG,GAAG,EAAE,CAAC;QACb,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACvB,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC1B,KAAK,CAAC,MAAM,EAAE,CAAC;QAEf,MAAM,MAAM,GAAG,CAAC,EAAU,EAAQ,EAAE;YAClC,MAAM,IAAI,GAAG,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAE9B,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC/B,gBAAgB;gBAChB,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBACxB,KAAK,CAAC,KAAK,EAAE,CAAC;gBACd,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;gBACrC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,CAAC;YACf,CAAC;iBAAM,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACtB,kBAAkB;gBAClB,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBACxB,KAAK,CAAC,KAAK,EAAE,CAAC;gBACd,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;gBACrC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACnB,MAAM,CAAC,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC,CAAC;YAClF,CAAC;iBAAM,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACtC,sBAAsB;gBACtB,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACnB,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;iBAAM,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC;gBACtB,uBAAuB;gBACvB,GAAG,IAAI,EAAE,CAAC;YACZ,CAAC;QACH,CAAC,CAAC;QAEF,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;AACL,CAAC;AAWD;;;;;;;;;GASG;AACH,MAAM,UAAgB,kBAAkB,CACtC,MAAc,EACd,EAAa;;QAEb,2CAA2C;QAC3C,IAAI,IAAc,CAAC;QACnB,IAAI,EAAE,EAAE,CAAC;YACP,IAAI,GAAG,EAAE,CAAC;QACZ,CAAC;aAAM,CAAC;YACN,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;YAC7E,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;YACxD,IAAI,GAAG;gBACL,QAAQ;gBACR,QAAQ;gBACR,SAAS;gBACT,SAAS;gBACT,QAAQ,EAAE,CAAC,GAAW,EAAE,IAAuB,EAAQ,EAAE,GAAG,QAAQ,CAAC,GAAG,EAAE,IAAW,CAAC,CAAC,CAAC,CAAC;aAC1F,CAAC;QACJ,CAAC;QAED,IAAI,MAAc,CAAC;QACnB,IAAI,OAAe,CAAC;QAEpB,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;YACxC,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC;QAAC,WAAM,CAAC;YACP,MAAM,IAAI,KAAK,CACb,mEAAmE;gBACnE,oCAAoC,CACrC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,iBAAiB;YACjB,IAAI,CAAC;gBACH,IAAI,CAAC,QAAQ,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;YAC9D,CAAC;YAAC,WAAM,CAAC;gBACP,8DAA8D;YAChE,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAEhC,gEAAgE;YAChE,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;YACpC,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;YACzC,IAAI,QAAQ,GAAG,EAAE,CAAC;YAElB,OAAO,IAAI,EAAE,CAAC;gBACZ,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;gBAC1E,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;oBAAC,MAAM;gBAAC,CAAC;gBAE/B,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;gBAE7E,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;oBAAC,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;oBAAC,MAAM;gBAAC,CAAC;gBAEjE,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;oBAAC,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;oBAAC,MAAM;gBAAC,CAAC;YACnE,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAC9B,OAAO,QAAQ,CAAC;QAClB,CAAC;gBAAS,CAAC;YACT,gBAAgB;YAChB,IAAI,CAAC;gBAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;YAAC,CAAC;YAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;YAC/F,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YACvB,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;CAAA;AAED,oEAAoE;AAGpE,MAAM,KAAW,gBAAgB,CAgKhC;AAhKD,WAAiB,gBAAgB;IAE/B;;;;;;;;;;;;OAYG;IACH,SAAgB,OAAO,CAAC,MAAM,GAAG,gBAAgB;QAC/C,OAAO;YACC,WAAW;;oBACf,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBAClC,IAAI,CAAC,KAAK,EAAE,CAAC;wBACX,MAAM,IAAI,KAAK,CACb,iEAAiE,MAAM,eAAe,CACvF,CAAC;oBACJ,CAAC;oBACD,OAAO,KAAK,CAAC;gBACf,CAAC;aAAA;SACF,CAAC;IACJ,CAAC;IAZe,wBAAO,UAYtB,CAAA;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,SAAgB,YAAY,CAC1B,QAAuD;QAEvD,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC;IACnC,CAAC;IAJe,6BAAY,eAI3B,CAAA;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,SAAgB,OAAO,CAAC,UAA+B,EAAE;;QACvD,MAAM,MAAM,GAAG,MAAA,OAAO,CAAC,MAAM,mCAAI,kBAAkB,CAAC;QAEpD,OAAO;YACC,WAAW;;oBACf,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;wBACzB,MAAM,IAAI,KAAK,CACb,6DAA6D,CAC9D,CAAC;oBACJ,CAAC;oBAED,OAAO,mBAAmB,CACxB,OAAO,CAAC,KAA+B,EACvC,OAAO,CAAC,MAAM,EACd,MAAM,CACP,CAAC;gBACJ,CAAC;aAAA;SACF,CAAC;IACJ,CAAC;IAlBe,wBAAO,UAkBtB,CAAA;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACH,SAAgB,UAAU,CAAC,UAA+B,EAAE;;QAC1D,MAAM,MAAM,GAAG,MAAA,OAAO,CAAC,MAAM,mCAAI,kBAAkB,CAAC;QAEpD,OAAO;YACC,WAAW;;oBACf,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAC;gBACpC,CAAC;aAAA;SACF,CAAC;IACJ,CAAC;IARe,2BAAU,aAQzB,CAAA;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,SAAgB,KAAK,CAAC,SAA6B;QACjD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAC;QAC9F,CAAC;QAED,OAAO;YACC,WAAW,CAAC,OAAwB;;oBACxC,IAAI,SAA4B,CAAC;oBAEjC,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;wBACjC,IAAI,CAAC;4BACH,OAAO,MAAM,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;wBAC7C,CAAC;wBAAC,OAAO,GAAG,EAAE,CAAC;4BACb,SAAS,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;wBAClE,CAAC;oBACH,CAAC;oBAED,MAAM,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;gBAC9F,CAAC;aAAA;SACF,CAAC;IACJ,CAAC;IApBe,sBAAK,QAoBpB,CAAA;AACH,CAAC,EAhKgB,gBAAgB,KAAhB,gBAAgB,QAgKhC"}
|
package/dist/esm/types.js
CHANGED
|
@@ -19,12 +19,20 @@ export const STORAGE_KEYS = {
|
|
|
19
19
|
/** The connected DID (for wallet-connected sessions). */
|
|
20
20
|
CONNECTED_DID: 'enbox:auth:connectedDid',
|
|
21
21
|
/**
|
|
22
|
-
* The base URL of the local DWN server discovered via the `dwn://
|
|
22
|
+
* The base URL of the local DWN server discovered via the `dwn://connect`
|
|
23
23
|
* browser redirect flow. Persisted so subsequent page loads can skip the
|
|
24
24
|
* redirect and inject the endpoint directly.
|
|
25
25
|
*
|
|
26
26
|
* @see https://github.com/enboxorg/enbox/issues/589
|
|
27
27
|
*/
|
|
28
28
|
LOCAL_DWN_ENDPOINT: 'enbox:auth:localDwnEndpoint',
|
|
29
|
+
/**
|
|
30
|
+
* JSON-serialised `Record<string, RegistrationTokenData>` for DWN endpoint
|
|
31
|
+
* registration tokens. Automatically loaded before registration and saved
|
|
32
|
+
* after new/refreshed tokens are obtained when `persistTokens` is enabled.
|
|
33
|
+
*
|
|
34
|
+
* @see https://github.com/enboxorg/enbox/issues/690
|
|
35
|
+
*/
|
|
36
|
+
REGISTRATION_TOKENS: 'enbox:auth:registrationTokens',
|
|
29
37
|
};
|
|
30
38
|
//# sourceMappingURL=types.js.map
|
package/dist/esm/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AA0cH,oEAAoE;AAEpE,gEAAgE;AAChE,MAAM,CAAC,MAAM,yBAAyB,GAAG,wBAAwB,CAAC;AAElE;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,oDAAoD;IACpD,oBAAoB,EAAE,gCAAgC;IAEtD,+CAA+C;IAC/C,eAAe,EAAE,2BAA2B;IAE5C,4DAA4D;IAC5D,YAAY,EAAE,wBAAwB;IAEtC,yDAAyD;IACzD,aAAa,EAAE,yBAAyB;IAExC;;;;;;OAMG;IACH,kBAAkB,EAAE,6BAA6B;IAEjD;;;;;;OAMG;IACH,mBAAmB,EAAE,+BAA+B;CAC5C,CAAC"}
|
|
@@ -9,7 +9,7 @@ import { EnboxUserAgent } from '@enbox/agent';
|
|
|
9
9
|
import type { PortableIdentity } from '@enbox/agent';
|
|
10
10
|
import { AuthSession } from './identity-session.js';
|
|
11
11
|
import { VaultManager } from './vault/vault-manager.js';
|
|
12
|
-
import type { AuthEvent, AuthEventHandler, AuthManagerOptions, AuthState, DisconnectOptions, IdentityInfo, ImportFromPhraseOptions, ImportFromPortableOptions, LocalConnectOptions, RestoreSessionOptions, WalletConnectOptions } from './types.js';
|
|
12
|
+
import type { AuthEvent, AuthEventHandler, AuthManagerOptions, AuthState, DisconnectOptions, HeadlessConnectOptions, IdentityInfo, ImportFromPhraseOptions, ImportFromPortableOptions, LocalConnectOptions, RestoreSessionOptions, ShutdownOptions, WalletConnectOptions } from './types.js';
|
|
13
13
|
/**
|
|
14
14
|
* The primary entry point for authentication and identity management.
|
|
15
15
|
*
|
|
@@ -51,10 +51,19 @@ export declare class AuthManager {
|
|
|
51
51
|
private _session;
|
|
52
52
|
private _state;
|
|
53
53
|
private _isConnecting;
|
|
54
|
+
private _isShutDown;
|
|
54
55
|
private _defaultPassword?;
|
|
56
|
+
private _passwordProvider?;
|
|
55
57
|
private _defaultSync?;
|
|
56
58
|
private _defaultDwnEndpoints?;
|
|
57
59
|
private _registration?;
|
|
60
|
+
/**
|
|
61
|
+
* The local DWN server endpoint discovered during `create()`, if any.
|
|
62
|
+
* `undefined` means no local server was found. This is set before any
|
|
63
|
+
* event listeners are attached, so consumers should check this property
|
|
64
|
+
* after `create()` returns rather than relying solely on events.
|
|
65
|
+
*/
|
|
66
|
+
private _localDwnEndpoint?;
|
|
58
67
|
private constructor();
|
|
59
68
|
/**
|
|
60
69
|
* Create a new AuthManager instance.
|
|
@@ -79,7 +88,7 @@ export declare class AuthManager {
|
|
|
79
88
|
*/
|
|
80
89
|
connect(options?: LocalConnectOptions): Promise<AuthSession>;
|
|
81
90
|
/**
|
|
82
|
-
* Connect to an external wallet via the
|
|
91
|
+
* Connect to an external wallet via the Enbox Connect relay protocol.
|
|
83
92
|
*
|
|
84
93
|
* This runs the full WalletConnect flow: generates a URI for QR display,
|
|
85
94
|
* validates the PIN, imports the delegated DID, and processes grants.
|
|
@@ -110,8 +119,48 @@ export declare class AuthManager {
|
|
|
110
119
|
* This replaces the manual `previouslyConnected` localStorage pattern.
|
|
111
120
|
*/
|
|
112
121
|
restoreSession(options?: RestoreSessionOptions): Promise<AuthSession | undefined>;
|
|
122
|
+
/**
|
|
123
|
+
* Lightweight vault unlock for one-shot utilities and subprocesses.
|
|
124
|
+
*
|
|
125
|
+
* Unlocks the vault and retrieves the active (or first available)
|
|
126
|
+
* identity **without** starting sync, DWN registration, or persisting
|
|
127
|
+
* session markers. This is the recommended replacement for calling
|
|
128
|
+
* `agent.start({ password })` directly.
|
|
129
|
+
*
|
|
130
|
+
* Typical use cases:
|
|
131
|
+
* - Git credential helpers that need to sign a token and exit
|
|
132
|
+
* - CLI utilities that perform a single operation
|
|
133
|
+
* - Any subprocess that shares a data directory with a long-running daemon
|
|
134
|
+
*
|
|
135
|
+
* @param options - Optional password override.
|
|
136
|
+
* @returns An active AuthSession (with sync disabled).
|
|
137
|
+
*
|
|
138
|
+
* @example
|
|
139
|
+
* ```ts
|
|
140
|
+
* const session = await auth.connectHeadless({ password });
|
|
141
|
+
* const did = session.did; // ready to use
|
|
142
|
+
* await auth.shutdown(); // clean exit
|
|
143
|
+
* ```
|
|
144
|
+
*/
|
|
145
|
+
connectHeadless(options?: HeadlessConnectOptions): Promise<AuthSession>;
|
|
113
146
|
/** The current active session, or `undefined` if not connected. */
|
|
114
147
|
get session(): AuthSession | undefined;
|
|
148
|
+
/**
|
|
149
|
+
* Lock the auth manager.
|
|
150
|
+
*
|
|
151
|
+
* Stops sync, clears the active session, and locks the underlying vault
|
|
152
|
+
* so the password must be provided again to resume. Session storage
|
|
153
|
+
* markers are preserved so {@link restoreSession} can reconnect after
|
|
154
|
+
* the vault is unlocked again.
|
|
155
|
+
*
|
|
156
|
+
* After locking, the state transitions to `'locked'`.
|
|
157
|
+
*
|
|
158
|
+
* @param options - Optional lock configuration.
|
|
159
|
+
* @param options.timeout - Milliseconds to wait for sync to stop. Default: `2000`.
|
|
160
|
+
*/
|
|
161
|
+
lock(options?: {
|
|
162
|
+
timeout?: number;
|
|
163
|
+
}): Promise<void>;
|
|
115
164
|
/**
|
|
116
165
|
* Disconnect the current session.
|
|
117
166
|
*
|
|
@@ -121,6 +170,30 @@ export declare class AuthManager {
|
|
|
121
170
|
* @param options.timeout - Milliseconds to wait for sync to complete.
|
|
122
171
|
*/
|
|
123
172
|
disconnect(options?: DisconnectOptions): Promise<void>;
|
|
173
|
+
/**
|
|
174
|
+
* Gracefully shut down the auth manager, releasing all resources.
|
|
175
|
+
*
|
|
176
|
+
* This goes beyond {@link disconnect} or {@link lock}: it stops sync,
|
|
177
|
+
* clears the active session, locks the vault, and **closes** the
|
|
178
|
+
* underlying storage handles (e.g. LevelDB) so the process can exit
|
|
179
|
+
* without dangling timers or open file descriptors.
|
|
180
|
+
*
|
|
181
|
+
* After calling `shutdown()`, the `AuthManager` instance should not be
|
|
182
|
+
* reused — create a new one via {@link AuthManager.create} if needed.
|
|
183
|
+
*
|
|
184
|
+
* Idempotent: calling `shutdown()` more than once is safe.
|
|
185
|
+
*
|
|
186
|
+
* @param options - Optional shutdown configuration.
|
|
187
|
+
* @param options.timeout - Milliseconds to wait for sync to stop. Default: `2000`.
|
|
188
|
+
*
|
|
189
|
+
* @example
|
|
190
|
+
* ```ts
|
|
191
|
+
* const session = await auth.connectHeadless({ password });
|
|
192
|
+
* // ... perform work ...
|
|
193
|
+
* await auth.shutdown(); // clean exit, no process.exit() needed
|
|
194
|
+
* ```
|
|
195
|
+
*/
|
|
196
|
+
shutdown(options?: ShutdownOptions): Promise<void>;
|
|
124
197
|
/**
|
|
125
198
|
* List all stored identities.
|
|
126
199
|
*
|
|
@@ -170,6 +243,14 @@ export declare class AuthManager {
|
|
|
170
243
|
get isConnecting(): boolean;
|
|
171
244
|
/** The underlying EnboxUserAgent (for advanced usage). */
|
|
172
245
|
get agent(): EnboxUserAgent;
|
|
246
|
+
/**
|
|
247
|
+
* The local DWN server endpoint discovered during `create()`, if any.
|
|
248
|
+
*
|
|
249
|
+
* When set, the agent is operating in remote mode (no in-process DWN).
|
|
250
|
+
* This property is available immediately after `create()` returns,
|
|
251
|
+
* before any event listeners are attached.
|
|
252
|
+
*/
|
|
253
|
+
get localDwnEndpoint(): string | undefined;
|
|
173
254
|
private _setState;
|
|
174
255
|
private _guardConcurrency;
|
|
175
256
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-manager.d.ts","sourceRoot":"","sources":["../../src/auth-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,KAAK,EAAkB,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAGrE,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"auth-manager.d.ts","sourceRoot":"","sources":["../../src/auth-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,KAAK,EAAkB,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAGrE,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAMpD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAIxD,OAAO,KAAK,EACV,SAAS,EACT,gBAAgB,EAChB,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,sBAAsB,EACtB,YAAY,EACZ,uBAAuB,EACvB,yBAAyB,EACzB,mBAAmB,EAEnB,qBAAqB,EACrB,eAAe,EAGf,oBAAoB,EACrB,MAAM,YAAY,CAAC;AAGpB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,UAAU,CAAiB;IACnC,OAAO,CAAC,QAAQ,CAAmB;IACnC,OAAO,CAAC,QAAQ,CAAiB;IACjC,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,QAAQ,CAA0B;IAC1C,OAAO,CAAC,MAAM,CAA8B;IAC5C,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,WAAW,CAAS;IAG5B,OAAO,CAAC,gBAAgB,CAAC,CAAS;IAClC,OAAO,CAAC,iBAAiB,CAAC,CAAmB;IAC7C,OAAO,CAAC,YAAY,CAAC,CAAa;IAClC,OAAO,CAAC,oBAAoB,CAAC,CAAW;IACxC,OAAO,CAAC,aAAa,CAAC,CAAsB;IAE5C;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB,CAAC,CAAS;IAEnC,OAAO;IAwBP;;;;;;;;;OASG;WACU,MAAM,CAAC,OAAO,GAAE,kBAAuB,GAAG,OAAO,CAAC,WAAW,CAAC;IAsD3E;;;;;;;;;OASG;IACG,OAAO,CAAC,OAAO,CAAC,EAAE,mBAAmB,GAAG,OAAO,CAAC,WAAW,CAAC;IA2BlE;;;;;;;;;;OAUG;IACG,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,WAAW,CAAC;IA+CxE;;;;;OAKG;IACG,gBAAgB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,WAAW,CAAC;IAyB9E;;;;OAIG;IACG,kBAAkB,CAAC,OAAO,EAAE,yBAAyB,GAAG,OAAO,CAAC,WAAW,CAAC;IAyBlF;;;;;OAKG;IACG,cAAc,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IA2BvF;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,eAAe,CAAC,OAAO,CAAC,EAAE,sBAAsB,GAAG,OAAO,CAAC,WAAW,CAAC;IA+D7E,mEAAmE;IACnE,IAAI,OAAO,IAAI,WAAW,GAAG,SAAS,CAErC;IAED;;;;;;;;;;;;OAYG;IACG,IAAI,CAAC,OAAO,GAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAwB7D;;;;;;;OAOG;IACG,UAAU,CAAC,OAAO,GAAE,iBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC;IAgDhE;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACG,QAAQ,CAAC,OAAO,GAAE,eAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IA2D5D;;;;;OAKG;IACG,cAAc,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;IAS/C;;;;;OAKG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IA2D1D;;;;;;OAMG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA4BnD;;;;;OAKG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAM/D,kEAAkE;IAClE,IAAI,KAAK,IAAI,YAAY,CAExB;IAID;;;;;;OAMG;IACH,EAAE,CAAC,CAAC,SAAS,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI;IAM3E,8BAA8B;IAC9B,IAAI,KAAK,IAAI,SAAS,CAErB;IAED,wCAAwC;IACxC,IAAI,WAAW,IAAI,OAAO,CAEzB;IAED,6CAA6C;IAC7C,IAAI,QAAQ,IAAI,OAAO,CAEtB;IAED,mDAAmD;IACnD,IAAI,YAAY,IAAI,OAAO,CAE1B;IAED,0DAA0D;IAC1D,IAAI,KAAK,IAAI,cAAc,CAE1B;IAED;;;;;;OAMG;IACH,IAAI,gBAAgB,IAAI,MAAM,GAAG,SAAS,CAEzC;IAID,OAAO,CAAC,SAAS;IAOjB,OAAO,CAAC,iBAAiB;CAQ1B"}
|