@enbox/auth 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/auth-manager.js +496 -0
- package/dist/esm/auth-manager.js.map +1 -0
- package/dist/esm/events.js +65 -0
- package/dist/esm/events.js.map +1 -0
- package/dist/esm/flows/dwn-discovery.js +281 -0
- package/dist/esm/flows/dwn-discovery.js.map +1 -0
- package/dist/esm/flows/dwn-registration.js +122 -0
- package/dist/esm/flows/dwn-registration.js.map +1 -0
- package/dist/esm/flows/import-identity.js +175 -0
- package/dist/esm/flows/import-identity.js.map +1 -0
- package/dist/esm/flows/local-connect.js +141 -0
- package/dist/esm/flows/local-connect.js.map +1 -0
- package/dist/esm/flows/session-restore.js +109 -0
- package/dist/esm/flows/session-restore.js.map +1 -0
- package/dist/esm/flows/wallet-connect.js +199 -0
- package/dist/esm/flows/wallet-connect.js.map +1 -0
- package/dist/esm/identity-session.js +33 -0
- package/dist/esm/identity-session.js.map +1 -0
- package/dist/esm/index.js +50 -0
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/storage/storage.js +152 -0
- package/dist/esm/storage/storage.js.map +1 -0
- package/dist/esm/types.js +30 -0
- package/dist/esm/types.js.map +1 -0
- package/dist/esm/vault/vault-manager.js +95 -0
- package/dist/esm/vault/vault-manager.js.map +1 -0
- package/dist/types/auth-manager.d.ts +176 -0
- package/dist/types/auth-manager.d.ts.map +1 -0
- package/dist/types/events.d.ts +36 -0
- package/dist/types/events.d.ts.map +1 -0
- package/dist/types/flows/dwn-discovery.d.ts +157 -0
- package/dist/types/flows/dwn-discovery.d.ts.map +1 -0
- package/dist/types/flows/dwn-registration.d.ts +39 -0
- package/dist/types/flows/dwn-registration.d.ts.map +1 -0
- package/dist/types/flows/import-identity.d.ts +35 -0
- package/dist/types/flows/import-identity.d.ts.map +1 -0
- package/dist/types/flows/local-connect.d.ts +29 -0
- package/dist/types/flows/local-connect.d.ts.map +1 -0
- package/dist/types/flows/session-restore.d.ts +27 -0
- package/dist/types/flows/session-restore.d.ts.map +1 -0
- package/dist/types/flows/wallet-connect.d.ts +44 -0
- package/dist/types/flows/wallet-connect.d.ts.map +1 -0
- package/dist/types/identity-session.d.ts +52 -0
- package/dist/types/identity-session.d.ts.map +1 -0
- package/dist/types/index.d.ts +45 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/storage/storage.d.ts +54 -0
- package/dist/types/storage/storage.d.ts.map +1 -0
- package/dist/types/types.d.ts +312 -0
- package/dist/types/types.d.ts.map +1 -0
- package/dist/types/vault/vault-manager.d.ts +57 -0
- package/dist/types/vault/vault-manager.d.ts.map +1 -0
- package/package.json +71 -0
- package/src/auth-manager.ts +569 -0
- package/src/events.ts +66 -0
- package/src/flows/dwn-discovery.ts +300 -0
- package/src/flows/dwn-registration.ts +157 -0
- package/src/flows/import-identity.ts +217 -0
- package/src/flows/local-connect.ts +171 -0
- package/src/flows/session-restore.ts +135 -0
- package/src/flows/wallet-connect.ts +225 -0
- package/src/identity-session.ts +65 -0
- package/src/index.ts +89 -0
- package/src/storage/storage.ts +136 -0
- package/src/types.ts +388 -0
- package/src/vault/vault-manager.ts +89 -0
|
@@ -0,0 +1,141 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Local DID connect flow.
|
|
3
|
+
*
|
|
4
|
+
* Creates or reconnects a local identity with vault-protected keys.
|
|
5
|
+
* This replaces the "Mode D/E" paths in Enbox.connect().
|
|
6
|
+
* @module
|
|
7
|
+
*/
|
|
8
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
9
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
10
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
11
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
12
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
13
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
14
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
15
|
+
});
|
|
16
|
+
};
|
|
17
|
+
import { applyLocalDwnDiscovery } from './dwn-discovery.js';
|
|
18
|
+
import { AuthSession } from '../identity-session.js';
|
|
19
|
+
import { registerWithDwnEndpoints } from './dwn-registration.js';
|
|
20
|
+
import { INSECURE_DEFAULT_PASSWORD, STORAGE_KEYS } from '../types.js';
|
|
21
|
+
/**
|
|
22
|
+
* Execute the local connect flow.
|
|
23
|
+
*
|
|
24
|
+
* - On first launch: initializes the vault, creates a new DID, returns recovery phrase.
|
|
25
|
+
* - On subsequent launches: unlocks the vault and reconnects to the existing identity.
|
|
26
|
+
*/
|
|
27
|
+
export function localConnect(ctx_1) {
|
|
28
|
+
return __awaiter(this, arguments, void 0, function* (ctx, options = {}) {
|
|
29
|
+
var _a, _b, _c, _d, _e, _f, _g, _h;
|
|
30
|
+
const { userAgent, emitter, storage } = ctx;
|
|
31
|
+
const password = (_b = (_a = options.password) !== null && _a !== void 0 ? _a : ctx.defaultPassword) !== null && _b !== void 0 ? _b : INSECURE_DEFAULT_PASSWORD;
|
|
32
|
+
const sync = (_c = options.sync) !== null && _c !== void 0 ? _c : ctx.defaultSync;
|
|
33
|
+
const dwnEndpoints = (_e = (_d = options.dwnEndpoints) !== null && _d !== void 0 ? _d : ctx.defaultDwnEndpoints) !== null && _e !== void 0 ? _e : ['https://enbox-dwn.fly.dev'];
|
|
34
|
+
// Warn if using insecure default.
|
|
35
|
+
if (password === INSECURE_DEFAULT_PASSWORD) {
|
|
36
|
+
console.warn('[@enbox/auth] SECURITY WARNING: No password set. Using insecure default. ' +
|
|
37
|
+
'Set a password via AuthManager.create({ password }) or connect({ password }) ' +
|
|
38
|
+
'to protect your identity vault.');
|
|
39
|
+
}
|
|
40
|
+
let recoveryPhrase;
|
|
41
|
+
// Initialize vault on first launch.
|
|
42
|
+
if (yield userAgent.firstLaunch()) {
|
|
43
|
+
recoveryPhrase = yield userAgent.initialize({
|
|
44
|
+
password,
|
|
45
|
+
recoveryPhrase: options.recoveryPhrase,
|
|
46
|
+
dwnEndpoints,
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
|
+
// Start the agent (unlocks vault if locked, sets agentDid).
|
|
50
|
+
yield userAgent.start({ password });
|
|
51
|
+
emitter.emit('vault-unlocked', {});
|
|
52
|
+
// Apply local DWN discovery (browser redirect payload or persisted endpoint).
|
|
53
|
+
yield applyLocalDwnDiscovery(userAgent, storage, emitter);
|
|
54
|
+
// Find or create the user identity.
|
|
55
|
+
const identities = yield userAgent.identity.list();
|
|
56
|
+
let identity = identities[0];
|
|
57
|
+
let isNewIdentity = false;
|
|
58
|
+
if (!identity) {
|
|
59
|
+
isNewIdentity = true;
|
|
60
|
+
identity = yield userAgent.identity.create({
|
|
61
|
+
didMethod: 'dht',
|
|
62
|
+
metadata: { name: (_g = (_f = options.metadata) === null || _f === void 0 ? void 0 : _f.name) !== null && _g !== void 0 ? _g : 'Default' },
|
|
63
|
+
didOptions: {
|
|
64
|
+
services: [
|
|
65
|
+
{
|
|
66
|
+
id: 'dwn',
|
|
67
|
+
type: 'DecentralizedWebNode',
|
|
68
|
+
serviceEndpoint: dwnEndpoints,
|
|
69
|
+
enc: '#enc',
|
|
70
|
+
sig: '#sig',
|
|
71
|
+
}
|
|
72
|
+
],
|
|
73
|
+
verificationMethods: [
|
|
74
|
+
{
|
|
75
|
+
algorithm: 'Ed25519',
|
|
76
|
+
id: 'sig',
|
|
77
|
+
purposes: ['assertionMethod', 'authentication'],
|
|
78
|
+
},
|
|
79
|
+
{
|
|
80
|
+
algorithm: 'X25519',
|
|
81
|
+
id: 'enc',
|
|
82
|
+
purposes: ['keyAgreement'],
|
|
83
|
+
},
|
|
84
|
+
],
|
|
85
|
+
},
|
|
86
|
+
});
|
|
87
|
+
}
|
|
88
|
+
const connectedDid = (_h = identity.metadata.connectedDid) !== null && _h !== void 0 ? _h : identity.did.uri;
|
|
89
|
+
const delegateDid = identity.metadata.connectedDid ? identity.did.uri : undefined;
|
|
90
|
+
// Register with DWN endpoints (if registration options are provided).
|
|
91
|
+
if (ctx.registration) {
|
|
92
|
+
yield registerWithDwnEndpoints({
|
|
93
|
+
userAgent: userAgent,
|
|
94
|
+
dwnEndpoints,
|
|
95
|
+
agentDid: userAgent.agentDid.uri,
|
|
96
|
+
connectedDid,
|
|
97
|
+
}, ctx.registration);
|
|
98
|
+
}
|
|
99
|
+
// Register sync for new identities.
|
|
100
|
+
if (isNewIdentity && sync !== 'off') {
|
|
101
|
+
yield userAgent.sync.registerIdentity({
|
|
102
|
+
did: connectedDid,
|
|
103
|
+
options: { delegateDid, protocols: [] },
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
// Start sync.
|
|
107
|
+
if (sync !== 'off') {
|
|
108
|
+
const syncMode = sync === undefined ? 'live' : 'poll';
|
|
109
|
+
const syncInterval = sync !== null && sync !== void 0 ? sync : (syncMode === 'live' ? '5m' : '2m');
|
|
110
|
+
userAgent.sync.startSync({ mode: syncMode, interval: syncInterval })
|
|
111
|
+
.catch((error) => {
|
|
112
|
+
console.error('[@enbox/auth] Sync failed:', error);
|
|
113
|
+
});
|
|
114
|
+
}
|
|
115
|
+
// Persist session info.
|
|
116
|
+
yield storage.set(STORAGE_KEYS.PREVIOUSLY_CONNECTED, 'true');
|
|
117
|
+
yield storage.set(STORAGE_KEYS.ACTIVE_IDENTITY, connectedDid);
|
|
118
|
+
const identityInfo = {
|
|
119
|
+
didUri: connectedDid,
|
|
120
|
+
name: identity.metadata.name,
|
|
121
|
+
connectedDid: identity.metadata.connectedDid,
|
|
122
|
+
};
|
|
123
|
+
const session = new AuthSession({
|
|
124
|
+
agent: userAgent,
|
|
125
|
+
did: connectedDid,
|
|
126
|
+
delegateDid,
|
|
127
|
+
recoveryPhrase,
|
|
128
|
+
identity: identityInfo,
|
|
129
|
+
});
|
|
130
|
+
emitter.emit('identity-added', { identity: identityInfo });
|
|
131
|
+
emitter.emit('session-start', {
|
|
132
|
+
session: {
|
|
133
|
+
did: session.did,
|
|
134
|
+
delegateDid,
|
|
135
|
+
identity: identityInfo,
|
|
136
|
+
},
|
|
137
|
+
});
|
|
138
|
+
return session;
|
|
139
|
+
});
|
|
140
|
+
}
|
|
141
|
+
//# sourceMappingURL=local-connect.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"local-connect.js","sourceRoot":"","sources":["../../../src/flows/local-connect.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;;;;;;;;;;AAOH,OAAO,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAatE;;;;;GAKG;AACH,MAAM,UAAgB,YAAY;yDAChC,GAAwB,EACxB,UAA+B,EAAE;;QAEjC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAE5C,MAAM,QAAQ,GAAG,MAAA,MAAA,OAAO,CAAC,QAAQ,mCAAI,GAAG,CAAC,eAAe,mCAAI,yBAAyB,CAAC;QACtF,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAC7C,MAAM,YAAY,GAAG,MAAA,MAAA,OAAO,CAAC,YAAY,mCAAI,GAAG,CAAC,mBAAmB,mCAAI,CAAC,2BAA2B,CAAC,CAAC;QAEtG,kCAAkC;QAClC,IAAI,QAAQ,KAAK,yBAAyB,EAAE,CAAC;YAC3C,OAAO,CAAC,IAAI,CACV,2EAA2E;gBAC3E,+EAA+E;gBAC/E,iCAAiC,CAClC,CAAC;QACJ,CAAC;QAED,IAAI,cAAkC,CAAC;QAEvC,oCAAoC;QACpC,IAAI,MAAM,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC;YAClC,cAAc,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC;gBAC1C,QAAQ;gBACR,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,YAAY;aACb,CAAC,CAAC;QACL,CAAC;QAED,4DAA4D;QAC5D,MAAM,SAAS,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;QAEnC,8EAA8E;QAC9E,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAE1D,oCAAoC;QACpC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnD,IAAI,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;QAC7B,IAAI,aAAa,GAAG,KAAK,CAAC;QAE1B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,aAAa,GAAG,IAAI,CAAC;YACrB,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,SAAS,EAAI,KAAK;gBAClB,QAAQ,EAAK,EAAE,IAAI,EAAE,MAAA,MAAA,OAAO,CAAC,QAAQ,0CAAE,IAAI,mCAAI,SAAS,EAAE;gBAC1D,UAAU,EAAG;oBACX,QAAQ,EAAE;wBACR;4BACE,EAAE,EAAgB,KAAK;4BACvB,IAAI,EAAc,sBAAsB;4BACxC,eAAe,EAAG,YAAY;4BAC9B,GAAG,EAAe,MAAM;4BACxB,GAAG,EAAe,MAAM;yBACzB;qBACF;oBACD,mBAAmB,EAAE;wBACnB;4BACE,SAAS,EAAG,SAAS;4BACrB,EAAE,EAAU,KAAK;4BACjB,QAAQ,EAAI,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;yBAClD;wBACD;4BACE,SAAS,EAAG,QAAQ;4BACpB,EAAE,EAAU,KAAK;4BACjB,QAAQ,EAAI,CAAC,cAAc,CAAC;yBAC7B;qBACF;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QAED,MAAM,YAAY,GAAG,MAAA,QAAQ,CAAC,QAAQ,CAAC,YAAY,mCAAI,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;QACxE,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QAElF,sEAAsE;QACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,wBAAwB,CAC5B;gBACE,SAAS,EAAG,SAAS;gBACrB,YAAY;gBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;gBAClC,YAAY;aACb,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,aAAa,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACpC,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC;gBACpC,GAAG,EAAO,YAAY;gBACtB,OAAO,EAAG,EAAE,WAAW,EAAE,SAAS,EAAE,EAAE,EAAE;aACzC,CAAC,CAAC;QACL,CAAC;QAED,cAAc;QACd,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;iBACjE,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;gBACxB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YACrD,CAAC,CAAC,CAAC;QACP,CAAC;QAED,wBAAwB;QACxB,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAE9D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,cAAc;YACd,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE;gBACP,GAAG,EAAQ,OAAO,CAAC,GAAG;gBACtB,WAAW;gBACX,QAAQ,EAAG,YAAY;aACxB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Session restore flow.
|
|
3
|
+
*
|
|
4
|
+
* Restores a previously established session from persisted storage,
|
|
5
|
+
* replacing the "previouslyConnected" pattern in apps.
|
|
6
|
+
* @module
|
|
7
|
+
*/
|
|
8
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
9
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
10
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
11
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
12
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
13
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
14
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
15
|
+
});
|
|
16
|
+
};
|
|
17
|
+
import { applyLocalDwnDiscovery } from './dwn-discovery.js';
|
|
18
|
+
import { AuthSession } from '../identity-session.js';
|
|
19
|
+
import { INSECURE_DEFAULT_PASSWORD, STORAGE_KEYS } from '../types.js';
|
|
20
|
+
/**
|
|
21
|
+
* Attempt to restore a previous session.
|
|
22
|
+
*
|
|
23
|
+
* Returns `undefined` if no previous session exists.
|
|
24
|
+
* Returns an `AuthSession` if the session was successfully restored.
|
|
25
|
+
*/
|
|
26
|
+
export function restoreSession(ctx_1) {
|
|
27
|
+
return __awaiter(this, arguments, void 0, function* (ctx, options = {}) {
|
|
28
|
+
var _a, _b, _c;
|
|
29
|
+
const { userAgent, emitter, storage } = ctx;
|
|
30
|
+
// Check if there was a previous session.
|
|
31
|
+
const previouslyConnected = yield storage.get(STORAGE_KEYS.PREVIOUSLY_CONNECTED);
|
|
32
|
+
if (previouslyConnected !== 'true') {
|
|
33
|
+
return undefined;
|
|
34
|
+
}
|
|
35
|
+
const password = (_b = (_a = options.password) !== null && _a !== void 0 ? _a : ctx.defaultPassword) !== null && _b !== void 0 ? _b : INSECURE_DEFAULT_PASSWORD;
|
|
36
|
+
// Warn if using insecure default.
|
|
37
|
+
if (password === INSECURE_DEFAULT_PASSWORD) {
|
|
38
|
+
console.warn('[@enbox/auth] SECURITY WARNING: No password set. Using insecure default. ' +
|
|
39
|
+
'Set a password to protect your identity vault.');
|
|
40
|
+
}
|
|
41
|
+
// Start the agent (initializes + unlocks vault).
|
|
42
|
+
if (yield userAgent.firstLaunch()) {
|
|
43
|
+
// Vault doesn't exist yet — this shouldn't happen if previouslyConnected is true.
|
|
44
|
+
// Clean up the stale flag and return undefined.
|
|
45
|
+
yield storage.remove(STORAGE_KEYS.PREVIOUSLY_CONNECTED);
|
|
46
|
+
return undefined;
|
|
47
|
+
}
|
|
48
|
+
yield userAgent.start({ password });
|
|
49
|
+
emitter.emit('vault-unlocked', {});
|
|
50
|
+
// Apply local DWN discovery (browser redirect payload or persisted endpoint).
|
|
51
|
+
yield applyLocalDwnDiscovery(userAgent, storage, emitter);
|
|
52
|
+
// Determine which identity to reconnect.
|
|
53
|
+
const activeIdentityDid = yield storage.get(STORAGE_KEYS.ACTIVE_IDENTITY);
|
|
54
|
+
const storedDelegateDid = yield storage.get(STORAGE_KEYS.DELEGATE_DID);
|
|
55
|
+
// First try the connected identity (wallet-connected sessions).
|
|
56
|
+
let identity = yield userAgent.identity.connectedIdentity();
|
|
57
|
+
if (!identity) {
|
|
58
|
+
// Try to find the specific active identity.
|
|
59
|
+
if (activeIdentityDid) {
|
|
60
|
+
identity = yield userAgent.identity.get({ didUri: activeIdentityDid });
|
|
61
|
+
}
|
|
62
|
+
// Fall back to the first available identity.
|
|
63
|
+
if (!identity) {
|
|
64
|
+
const identities = yield userAgent.identity.list();
|
|
65
|
+
identity = identities[0];
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
if (!identity) {
|
|
69
|
+
// No identity found — clean up stale session data.
|
|
70
|
+
yield storage.remove(STORAGE_KEYS.PREVIOUSLY_CONNECTED);
|
|
71
|
+
yield storage.remove(STORAGE_KEYS.ACTIVE_IDENTITY);
|
|
72
|
+
yield storage.remove(STORAGE_KEYS.DELEGATE_DID);
|
|
73
|
+
yield storage.remove(STORAGE_KEYS.CONNECTED_DID);
|
|
74
|
+
return undefined;
|
|
75
|
+
}
|
|
76
|
+
const connectedDid = (_c = identity.metadata.connectedDid) !== null && _c !== void 0 ? _c : identity.did.uri;
|
|
77
|
+
const delegateDid = identity.metadata.connectedDid
|
|
78
|
+
? identity.did.uri
|
|
79
|
+
: (storedDelegateDid !== null && storedDelegateDid !== void 0 ? storedDelegateDid : undefined);
|
|
80
|
+
// Start sync.
|
|
81
|
+
const sync = ctx.defaultSync;
|
|
82
|
+
if (sync !== 'off') {
|
|
83
|
+
const syncMode = sync === undefined ? 'live' : 'poll';
|
|
84
|
+
const syncInterval = sync !== null && sync !== void 0 ? sync : (syncMode === 'live' ? '5m' : '2m');
|
|
85
|
+
userAgent.sync.startSync({ mode: syncMode, interval: syncInterval })
|
|
86
|
+
.catch((err) => {
|
|
87
|
+
console.error('[@enbox/auth] Sync failed:', err);
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
// Update persisted session info.
|
|
91
|
+
yield storage.set(STORAGE_KEYS.ACTIVE_IDENTITY, connectedDid);
|
|
92
|
+
const identityInfo = {
|
|
93
|
+
didUri: connectedDid,
|
|
94
|
+
name: identity.metadata.name,
|
|
95
|
+
connectedDid: identity.metadata.connectedDid,
|
|
96
|
+
};
|
|
97
|
+
const session = new AuthSession({
|
|
98
|
+
agent: userAgent,
|
|
99
|
+
did: connectedDid,
|
|
100
|
+
delegateDid,
|
|
101
|
+
identity: identityInfo,
|
|
102
|
+
});
|
|
103
|
+
emitter.emit('session-start', {
|
|
104
|
+
session: { did: connectedDid, delegateDid, identity: identityInfo },
|
|
105
|
+
});
|
|
106
|
+
return session;
|
|
107
|
+
});
|
|
108
|
+
}
|
|
109
|
+
//# sourceMappingURL=session-restore.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session-restore.js","sourceRoot":"","sources":["../../../src/flows/session-restore.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;;;;;;;;;;AAOH,OAAO,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,yBAAyB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAWtE;;;;;GAKG;AACH,MAAM,UAAgB,cAAc;yDAClC,GAA0B,EAC1B,UAAiC,EAAE;;QAEnC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAE5C,yCAAyC;QACzC,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;QACjF,IAAI,mBAAmB,KAAK,MAAM,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAA,MAAA,OAAO,CAAC,QAAQ,mCAAI,GAAG,CAAC,eAAe,mCAAI,yBAAyB,CAAC;QAEtF,kCAAkC;QAClC,IAAI,QAAQ,KAAK,yBAAyB,EAAE,CAAC;YAC3C,OAAO,CAAC,IAAI,CACV,2EAA2E;gBAC3E,gDAAgD,CACjD,CAAC;QACJ,CAAC;QAED,iDAAiD;QACjD,IAAI,MAAM,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC;YAClC,kFAAkF;YAClF,gDAAgD;YAChD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;YACxD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,SAAS,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;QAEnC,8EAA8E;QAC9E,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAE1D,yCAAyC;QACzC,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC;QAC1E,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAEvE,gEAAgE;QAChE,IAAI,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,iBAAiB,EAAE,CAAC;QAE5D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,4CAA4C;YAC5C,IAAI,iBAAiB,EAAE,CAAC;gBACtB,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC,CAAC;YACzE,CAAC;YAED,6CAA6C;YAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACnD,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,mDAAmD;YACnD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;YACxD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC;YACnD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;YAChD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;YACjD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,YAAY,GAAG,MAAA,QAAQ,CAAC,QAAQ,CAAC,YAAY,mCAAI,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;QACxE,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;YAChD,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG;YAClB,CAAC,CAAC,CAAC,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,SAAS,CAAC,CAAC;QAErC,cAAc;QACd,MAAM,IAAI,GAAG,GAAG,CAAC,WAAW,CAAC;QAC7B,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;iBACjE,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;gBACtB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;YACnD,CAAC,CAAC,CAAC;QACP,CAAC;QAED,iCAAiC;QACjC,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAE9D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE;SACpE,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
|
@@ -0,0 +1,199 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Wallet connect (OIDC/QR) flow.
|
|
3
|
+
*
|
|
4
|
+
* Connects to an external wallet via the WalletConnect relay protocol,
|
|
5
|
+
* importing a delegated DID with permission grants.
|
|
6
|
+
* This replaces the "Mode B/C" paths in Enbox.connect().
|
|
7
|
+
* @module
|
|
8
|
+
*/
|
|
9
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
10
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
11
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
12
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
13
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
14
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
15
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
16
|
+
});
|
|
17
|
+
};
|
|
18
|
+
var __rest = (this && this.__rest) || function (s, e) {
|
|
19
|
+
var t = {};
|
|
20
|
+
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
|
|
21
|
+
t[p] = s[p];
|
|
22
|
+
if (s != null && typeof Object.getOwnPropertySymbols === "function")
|
|
23
|
+
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
|
|
24
|
+
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
|
|
25
|
+
t[p[i]] = s[p[i]];
|
|
26
|
+
}
|
|
27
|
+
return t;
|
|
28
|
+
};
|
|
29
|
+
import { Convert } from '@enbox/common';
|
|
30
|
+
import { WalletConnect } from '@enbox/agent';
|
|
31
|
+
import { DwnInterface, DwnPermissionGrant } from '@enbox/agent';
|
|
32
|
+
import { AuthSession } from '../identity-session.js';
|
|
33
|
+
import { registerWithDwnEndpoints } from './dwn-registration.js';
|
|
34
|
+
import { STORAGE_KEYS } from '../types.js';
|
|
35
|
+
/**
|
|
36
|
+
* Process connected grants by storing them in the local DWN as the owner.
|
|
37
|
+
*
|
|
38
|
+
* This is the agent-level equivalent of `Enbox.processConnectedGrants()`.
|
|
39
|
+
* It stores each grant, signed as owner, and returns the deduplicated
|
|
40
|
+
* list of protocol URIs represented by the grants.
|
|
41
|
+
*
|
|
42
|
+
* @internal
|
|
43
|
+
*/
|
|
44
|
+
export function processConnectedGrants(params) {
|
|
45
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
46
|
+
const { agent, delegateDid, grants } = params;
|
|
47
|
+
const connectedProtocols = new Set();
|
|
48
|
+
for (const grantMessage of grants) {
|
|
49
|
+
const grant = DwnPermissionGrant.parse(grantMessage);
|
|
50
|
+
// Store the grant as the owner of the DWN so the delegateDid
|
|
51
|
+
// can use it when impersonating the connectedDid.
|
|
52
|
+
const { encodedData } = grantMessage, rawMessage = __rest(grantMessage, ["encodedData"]);
|
|
53
|
+
const dataStream = new Blob([Convert.base64Url(encodedData).toUint8Array()]);
|
|
54
|
+
const { reply } = yield agent.processDwnRequest({
|
|
55
|
+
store: true,
|
|
56
|
+
author: delegateDid,
|
|
57
|
+
target: delegateDid,
|
|
58
|
+
messageType: DwnInterface.RecordsWrite,
|
|
59
|
+
signAsOwner: true,
|
|
60
|
+
rawMessage,
|
|
61
|
+
dataStream,
|
|
62
|
+
});
|
|
63
|
+
if (reply.status.code !== 202) {
|
|
64
|
+
throw new Error(`[@enbox/auth] Failed to process connected grant: ${reply.status.detail}`);
|
|
65
|
+
}
|
|
66
|
+
const protocol = grant.scope.protocol;
|
|
67
|
+
if (protocol) {
|
|
68
|
+
connectedProtocols.add(protocol);
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
return [...connectedProtocols];
|
|
72
|
+
});
|
|
73
|
+
}
|
|
74
|
+
/**
|
|
75
|
+
* Execute the wallet connect flow.
|
|
76
|
+
*
|
|
77
|
+
* 1. Passes the permission requests directly to `WalletConnect.initClient()`.
|
|
78
|
+
* 2. Imports the delegate DID and processes grants.
|
|
79
|
+
* 3. Sets up sync and returns an AuthSession.
|
|
80
|
+
*/
|
|
81
|
+
export function walletConnect(ctx, options) {
|
|
82
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
83
|
+
var _a, _b, _c;
|
|
84
|
+
const { userAgent, emitter, storage } = ctx;
|
|
85
|
+
const sync = (_a = options.sync) !== null && _a !== void 0 ? _a : ctx.defaultSync;
|
|
86
|
+
if (sync === 'off') {
|
|
87
|
+
throw new Error('[@enbox/auth] Sync must be enabled when using wallet connect. ' +
|
|
88
|
+
'Remove sync: "off" or set an interval like "15s".');
|
|
89
|
+
}
|
|
90
|
+
// Run the full OIDC wallet connect flow.
|
|
91
|
+
// permissionRequests are already agent-level ConnectPermissionRequest objects.
|
|
92
|
+
const result = yield WalletConnect.initClient({
|
|
93
|
+
displayName: options.displayName,
|
|
94
|
+
connectServerUrl: options.connectServerUrl,
|
|
95
|
+
walletUri: (_b = options.walletUri) !== null && _b !== void 0 ? _b : 'web5://connect',
|
|
96
|
+
permissionRequests: options.permissionRequests,
|
|
97
|
+
onWalletUriReady: options.onWalletUriReady,
|
|
98
|
+
validatePin: options.validatePin,
|
|
99
|
+
});
|
|
100
|
+
if (!result) {
|
|
101
|
+
throw new Error('[@enbox/auth] Wallet connect flow was cancelled or returned no result.');
|
|
102
|
+
}
|
|
103
|
+
const { delegatePortableDid, connectedDid, delegateGrants } = result;
|
|
104
|
+
// Import the delegated DID as an Identity.
|
|
105
|
+
let identity;
|
|
106
|
+
try {
|
|
107
|
+
identity = yield userAgent.identity.import({
|
|
108
|
+
portableIdentity: {
|
|
109
|
+
portableDid: delegatePortableDid,
|
|
110
|
+
metadata: {
|
|
111
|
+
connectedDid,
|
|
112
|
+
name: 'Default',
|
|
113
|
+
uri: delegatePortableDid.uri,
|
|
114
|
+
tenant: userAgent.agentDid.uri,
|
|
115
|
+
},
|
|
116
|
+
},
|
|
117
|
+
});
|
|
118
|
+
// Process the connected grants using agent primitives.
|
|
119
|
+
const connectedProtocols = yield processConnectedGrants({
|
|
120
|
+
agent: userAgent,
|
|
121
|
+
delegateDid: delegatePortableDid.uri,
|
|
122
|
+
grants: delegateGrants,
|
|
123
|
+
});
|
|
124
|
+
// Register with DWN endpoints (if registration options are provided).
|
|
125
|
+
if (ctx.registration) {
|
|
126
|
+
const dwnEndpoints = (_c = ctx.defaultDwnEndpoints) !== null && _c !== void 0 ? _c : ['https://enbox-dwn.fly.dev'];
|
|
127
|
+
yield registerWithDwnEndpoints({
|
|
128
|
+
userAgent: userAgent,
|
|
129
|
+
dwnEndpoints,
|
|
130
|
+
agentDid: userAgent.agentDid.uri,
|
|
131
|
+
connectedDid,
|
|
132
|
+
}, ctx.registration);
|
|
133
|
+
}
|
|
134
|
+
// Register sync for the connected identity.
|
|
135
|
+
yield userAgent.sync.registerIdentity({
|
|
136
|
+
did: connectedDid,
|
|
137
|
+
options: {
|
|
138
|
+
delegateDid: delegatePortableDid.uri,
|
|
139
|
+
protocols: connectedProtocols,
|
|
140
|
+
},
|
|
141
|
+
});
|
|
142
|
+
// Pull down existing messages from the connected DID's DWN.
|
|
143
|
+
yield userAgent.sync.sync('pull');
|
|
144
|
+
}
|
|
145
|
+
catch (error) {
|
|
146
|
+
// Clean up on failure.
|
|
147
|
+
if (identity) {
|
|
148
|
+
try {
|
|
149
|
+
yield userAgent.did.delete({
|
|
150
|
+
didUri: identity.did.uri,
|
|
151
|
+
tenant: identity.metadata.tenant,
|
|
152
|
+
deleteKey: true,
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
catch ( /* best effort */_d) { /* best effort */ }
|
|
156
|
+
try {
|
|
157
|
+
yield userAgent.identity.delete({ didUri: identity.did.uri });
|
|
158
|
+
}
|
|
159
|
+
catch ( /* best effort */_e) { /* best effort */ }
|
|
160
|
+
}
|
|
161
|
+
const message = error instanceof Error ? error.message : String(error);
|
|
162
|
+
throw new Error(`[@enbox/auth] Wallet connect failed: ${message}`);
|
|
163
|
+
}
|
|
164
|
+
// Start sync.
|
|
165
|
+
const syncMode = sync === undefined ? 'live' : 'poll';
|
|
166
|
+
const syncInterval = sync !== null && sync !== void 0 ? sync : (syncMode === 'live' ? '5m' : '2m');
|
|
167
|
+
userAgent.sync.startSync({ mode: syncMode, interval: syncInterval })
|
|
168
|
+
.catch((err) => {
|
|
169
|
+
console.error('[@enbox/auth] Sync failed:', err);
|
|
170
|
+
});
|
|
171
|
+
const delegateDid = delegatePortableDid.uri;
|
|
172
|
+
// Persist session info.
|
|
173
|
+
yield storage.set(STORAGE_KEYS.PREVIOUSLY_CONNECTED, 'true');
|
|
174
|
+
yield storage.set(STORAGE_KEYS.ACTIVE_IDENTITY, connectedDid);
|
|
175
|
+
yield storage.set(STORAGE_KEYS.DELEGATE_DID, delegateDid);
|
|
176
|
+
yield storage.set(STORAGE_KEYS.CONNECTED_DID, connectedDid);
|
|
177
|
+
const identityInfo = {
|
|
178
|
+
didUri: connectedDid,
|
|
179
|
+
name: identity.metadata.name,
|
|
180
|
+
connectedDid: identity.metadata.connectedDid,
|
|
181
|
+
};
|
|
182
|
+
const session = new AuthSession({
|
|
183
|
+
agent: userAgent,
|
|
184
|
+
did: connectedDid,
|
|
185
|
+
delegateDid,
|
|
186
|
+
identity: identityInfo,
|
|
187
|
+
});
|
|
188
|
+
emitter.emit('identity-added', { identity: identityInfo });
|
|
189
|
+
emitter.emit('session-start', {
|
|
190
|
+
session: {
|
|
191
|
+
did: session.did,
|
|
192
|
+
delegateDid,
|
|
193
|
+
identity: identityInfo,
|
|
194
|
+
},
|
|
195
|
+
});
|
|
196
|
+
return session;
|
|
197
|
+
});
|
|
198
|
+
}
|
|
199
|
+
//# sourceMappingURL=wallet-connect.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"wallet-connect.js","sourceRoot":"","sources":["../../../src/flows/wallet-connect.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAGhE,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAa3C;;;;;;;;GAQG;AACH,MAAM,UAAgB,sBAAsB,CAAC,MAI5C;;QACC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;QAC9C,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE7C,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,kBAAkB,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAErD,6DAA6D;YAC7D,kDAAkD;YAClD,MAAM,EAAE,WAAW,KAAoB,YAAY,EAA3B,UAAU,UAAK,YAAY,EAA7C,eAA8B,CAAe,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,YAAY,EAAc,CAAC,CAAC,CAAC;YAEzF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC;gBAC9C,KAAK,EAAS,IAAI;gBAClB,MAAM,EAAQ,WAAW;gBACzB,MAAM,EAAQ,WAAW;gBACzB,WAAW,EAAG,YAAY,CAAC,YAAY;gBACvC,WAAW,EAAG,IAAI;gBAClB,UAAU;gBACV,UAAU;aACX,CAAC,CAAC;YAEH,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CACb,oDAAoD,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,CAC1E,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAI,KAAK,CAAC,KAAgE,CAAC,QAAQ,CAAC;YAClG,IAAI,QAAQ,EAAE,CAAC;gBACb,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,CAAC,GAAG,kBAAkB,CAAC,CAAC;IACjC,CAAC;CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAgB,aAAa,CACjC,GAAyB,EACzB,OAA6B;;;QAE7B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAE7C,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,gEAAgE;gBAChE,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,yCAAyC;QACzC,+EAA+E;QAC/E,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC;YAC5C,WAAW,EAAU,OAAO,CAAC,WAAW;YACxC,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,SAAS,EAAY,MAAA,OAAO,CAAC,SAAS,mCAAI,gBAAgB;YAC1D,kBAAkB,EAAG,OAAO,CAAC,kBAAkB;YAC/C,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,WAAW,EAAU,OAAO,CAAC,WAAW;SACzC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;QAC5F,CAAC;QAED,MAAM,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;QAErE,2CAA2C;QAC3C,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,gBAAgB,EAAE;oBAChB,WAAW,EAAG,mBAAmB;oBACjC,QAAQ,EAAM;wBACZ,YAAY;wBACZ,IAAI,EAAK,SAAS;wBAClB,GAAG,EAAM,mBAAmB,CAAC,GAAG;wBAChC,MAAM,EAAG,SAAS,CAAC,QAAQ,CAAC,GAAG;qBAChC;iBACF;aACF,CAAC,CAAC;YAEH,uDAAuD;YACvD,MAAM,kBAAkB,GAAG,MAAM,sBAAsB,CAAC;gBACtD,KAAK,EAAS,SAAS;gBACvB,WAAW,EAAG,mBAAmB,CAAC,GAAG;gBACrC,MAAM,EAAQ,cAAc;aAC7B,CAAC,CAAC;YAEH,sEAAsE;YACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;gBACrB,MAAM,YAAY,GAAG,MAAA,GAAG,CAAC,mBAAmB,mCAAI,CAAC,2BAA2B,CAAC,CAAC;gBAC9E,MAAM,wBAAwB,CAC5B;oBACE,SAAS,EAAG,SAAS;oBACrB,YAAY;oBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;oBAClC,YAAY;iBACb,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;YACJ,CAAC;YAED,4CAA4C;YAC5C,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC;gBACpC,GAAG,EAAO,YAAY;gBACtB,OAAO,EAAG;oBACR,WAAW,EAAG,mBAAmB,CAAC,GAAG;oBACrC,SAAS,EAAK,kBAAkB;iBACjC;aACF,CAAC,CAAC;YAEH,4DAA4D;YAC5D,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,uBAAuB;YACvB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC;wBACzB,MAAM,EAAM,QAAQ,CAAC,GAAG,CAAC,GAAG;wBAC5B,MAAM,EAAM,QAAQ,CAAC,QAAQ,CAAC,MAAM;wBACpC,SAAS,EAAG,IAAI;qBACjB,CAAC,CAAC;gBACL,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;gBAE7B,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBAChE,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;YAC/B,CAAC;YAED,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,wCAAwC,OAAO,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,cAAc;QACd,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;aACjE,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;YACtB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEL,MAAM,WAAW,GAAG,mBAAmB,CAAC,GAAG,CAAC;QAE5C,wBAAwB;QACxB,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAC9D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;QAC1D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAE5D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE;gBACP,GAAG,EAAQ,OAAO,CAAC,GAAG;gBACtB,WAAW;gBACX,QAAQ,EAAG,YAAY;aACxB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AuthSession represents an active, authenticated session with a specific identity.
|
|
3
|
+
* @module
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* An active, authenticated session bound to a specific identity.
|
|
7
|
+
*
|
|
8
|
+
* The session exposes the authenticated **agent**, **did**, and
|
|
9
|
+
* **delegateDid** — the primitives needed to interact with the DWN
|
|
10
|
+
* network. Consumers that use `@enbox/api` can construct an `Enbox`
|
|
11
|
+
* instance from these properties:
|
|
12
|
+
*
|
|
13
|
+
* ```ts
|
|
14
|
+
* import { Enbox } from '@enbox/api';
|
|
15
|
+
*
|
|
16
|
+
* const session = await auth.connect();
|
|
17
|
+
* const enbox = Enbox.connect({
|
|
18
|
+
* agent: session.agent,
|
|
19
|
+
* connectedDid: session.did,
|
|
20
|
+
* delegateDid: session.delegateDid,
|
|
21
|
+
* });
|
|
22
|
+
* ```
|
|
23
|
+
*/
|
|
24
|
+
export class AuthSession {
|
|
25
|
+
constructor(params) {
|
|
26
|
+
this.agent = params.agent;
|
|
27
|
+
this.did = params.did;
|
|
28
|
+
this.delegateDid = params.delegateDid;
|
|
29
|
+
this.recoveryPhrase = params.recoveryPhrase;
|
|
30
|
+
this.identity = params.identity;
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
//# sourceMappingURL=identity-session.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity-session.js","sourceRoot":"","sources":["../../src/identity-session.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,OAAO,WAAW;IAuBtB,YAAY,MAMX;QACC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;QACtB,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACtC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QAC5C,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IAClC,CAAC;CACF"}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @enbox/auth — Headless authentication and identity management SDK.
|
|
3
|
+
*
|
|
4
|
+
* Provides composable, multi-identity-aware authentication that works
|
|
5
|
+
* in both browser and CLI environments. Depends only on `@enbox/agent`
|
|
6
|
+
* and can be used standalone or consumed by `@enbox/api`.
|
|
7
|
+
*
|
|
8
|
+
* @example Standalone auth
|
|
9
|
+
* ```ts
|
|
10
|
+
* import { AuthManager } from '@enbox/auth';
|
|
11
|
+
*
|
|
12
|
+
* const auth = await AuthManager.create({ sync: '15s' });
|
|
13
|
+
* const session = await auth.restoreSession() ?? await auth.connect();
|
|
14
|
+
*
|
|
15
|
+
* // session.agent — the authenticated Enbox agent
|
|
16
|
+
* // session.did — the connected DID URI
|
|
17
|
+
* ```
|
|
18
|
+
*
|
|
19
|
+
* @example With @enbox/api
|
|
20
|
+
* ```ts
|
|
21
|
+
* import { AuthManager } from '@enbox/auth';
|
|
22
|
+
* import { Enbox } from '@enbox/api';
|
|
23
|
+
*
|
|
24
|
+
* const auth = await AuthManager.create({ sync: '15s' });
|
|
25
|
+
* const session = await auth.connect();
|
|
26
|
+
*
|
|
27
|
+
* const enbox = Enbox.connect({
|
|
28
|
+
* agent: session.agent,
|
|
29
|
+
* connectedDid: session.did,
|
|
30
|
+
* delegateDid: session.delegateDid,
|
|
31
|
+
* });
|
|
32
|
+
* ```
|
|
33
|
+
*
|
|
34
|
+
* @packageDocumentation
|
|
35
|
+
*/
|
|
36
|
+
// Core classes
|
|
37
|
+
export { AuthManager } from './auth-manager.js';
|
|
38
|
+
export { AuthSession } from './identity-session.js';
|
|
39
|
+
export { VaultManager } from './vault/vault-manager.js';
|
|
40
|
+
export { AuthEventEmitter } from './events.js';
|
|
41
|
+
// Re-export agent classes so consumers can construct custom agents/vaults
|
|
42
|
+
// without a direct @enbox/agent dependency.
|
|
43
|
+
export { EnboxUserAgent, HdIdentityVault } from '@enbox/agent';
|
|
44
|
+
// Wallet-connect helpers
|
|
45
|
+
export { processConnectedGrants } from './flows/wallet-connect.js';
|
|
46
|
+
// Local DWN discovery (browser dwn:// protocol integration)
|
|
47
|
+
export { applyLocalDwnDiscovery, checkUrlForDwnDiscoveryPayload, clearLocalDwnEndpoint, persistLocalDwnEndpoint, probeLocalDwn, requestLocalDwnDiscovery, restoreLocalDwnEndpoint, } from './flows/dwn-discovery.js';
|
|
48
|
+
// Storage adapters
|
|
49
|
+
export { BrowserStorage, LevelStorage, MemoryStorage, createDefaultStorage } from './storage/storage.js';
|
|
50
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAEH,eAAe;AACf,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,0EAA0E;AAC1E,4CAA4C;AAC5C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/D,yBAAyB;AACzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAEnE,4DAA4D;AAC5D,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,qBAAqB,EACrB,uBAAuB,EACvB,aAAa,EACb,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,0BAA0B,CAAC;AAElC,mBAAmB;AACnB,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC"}
|