@enbox/auth 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/auth-manager.js +94 -167
- package/dist/esm/auth-manager.js.map +1 -1
- package/dist/esm/connect/import.js +131 -0
- package/dist/esm/connect/import.js.map +1 -0
- package/dist/esm/connect/lifecycle.js +235 -0
- package/dist/esm/connect/lifecycle.js.map +1 -0
- package/dist/esm/connect/local.js +91 -0
- package/dist/esm/connect/local.js.map +1 -0
- package/dist/esm/{flows/session-restore.js → connect/restore.js} +34 -56
- package/dist/esm/connect/restore.js.map +1 -0
- package/dist/esm/{flows/wallet-connect.js → connect/wallet.js} +28 -35
- package/dist/esm/connect/wallet.js.map +1 -0
- package/dist/esm/{flows/dwn-discovery.js → discovery.js} +2 -2
- package/dist/esm/discovery.js.map +1 -0
- package/dist/esm/index.js +4 -4
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/{flows/dwn-registration.js → registration.js} +2 -2
- package/dist/esm/registration.js.map +1 -0
- package/dist/esm/types.js +2 -0
- package/dist/esm/types.js.map +1 -1
- package/dist/esm/wallet-connect-client.js +188 -0
- package/dist/esm/wallet-connect-client.js.map +1 -0
- package/dist/types/auth-manager.d.ts +20 -6
- package/dist/types/auth-manager.d.ts.map +1 -1
- package/dist/types/connect/import.d.ts +25 -0
- package/dist/types/connect/import.d.ts.map +1 -0
- package/dist/types/connect/lifecycle.d.ts +152 -0
- package/dist/types/connect/lifecycle.d.ts.map +1 -0
- package/dist/types/connect/local.d.ts +18 -0
- package/dist/types/connect/local.d.ts.map +1 -0
- package/dist/types/connect/restore.d.ts +18 -0
- package/dist/types/connect/restore.d.ts.map +1 -0
- package/dist/types/{flows/wallet-connect.d.ts → connect/wallet.d.ts} +5 -14
- package/dist/types/connect/wallet.d.ts.map +1 -0
- package/dist/types/{flows/dwn-discovery.d.ts → discovery.d.ts} +3 -3
- package/dist/types/discovery.d.ts.map +1 -0
- package/dist/types/index.d.ts +5 -4
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/{flows/dwn-registration.d.ts → registration.d.ts} +2 -2
- package/dist/types/registration.d.ts.map +1 -0
- package/dist/types/types.d.ts +6 -3
- package/dist/types/types.d.ts.map +1 -1
- package/dist/types/wallet-connect-client.d.ts +89 -0
- package/dist/types/wallet-connect-client.d.ts.map +1 -0
- package/package.json +9 -5
- package/src/auth-manager.ts +94 -188
- package/src/connect/import.ts +148 -0
- package/src/connect/lifecycle.ts +321 -0
- package/src/connect/local.ts +101 -0
- package/src/connect/restore.ts +117 -0
- package/src/{flows/wallet-connect.ts → connect/wallet.ts} +37 -54
- package/src/{flows/dwn-discovery.ts → discovery.ts} +4 -3
- package/src/index.ts +5 -4
- package/src/{flows/dwn-registration.ts → registration.ts} +2 -2
- package/src/types.ts +7 -3
- package/src/wallet-connect-client.ts +278 -0
- package/dist/esm/flows/dwn-discovery.js.map +0 -1
- package/dist/esm/flows/dwn-registration.js.map +0 -1
- package/dist/esm/flows/import-identity.js +0 -177
- package/dist/esm/flows/import-identity.js.map +0 -1
- package/dist/esm/flows/local-connect.js +0 -158
- package/dist/esm/flows/local-connect.js.map +0 -1
- package/dist/esm/flows/session-restore.js.map +0 -1
- package/dist/esm/flows/wallet-connect.js.map +0 -1
- package/dist/esm/vault/vault-manager.js +0 -95
- package/dist/esm/vault/vault-manager.js.map +0 -1
- package/dist/types/flows/dwn-discovery.d.ts.map +0 -1
- package/dist/types/flows/dwn-registration.d.ts.map +0 -1
- package/dist/types/flows/import-identity.d.ts +0 -35
- package/dist/types/flows/import-identity.d.ts.map +0 -1
- package/dist/types/flows/local-connect.d.ts +0 -31
- package/dist/types/flows/local-connect.d.ts.map +0 -1
- package/dist/types/flows/session-restore.d.ts +0 -29
- package/dist/types/flows/session-restore.d.ts.map +0 -1
- package/dist/types/flows/wallet-connect.d.ts.map +0 -1
- package/dist/types/vault/vault-manager.d.ts +0 -57
- package/dist/types/vault/vault-manager.d.ts.map +0 -1
- package/src/flows/import-identity.ts +0 -219
- package/src/flows/local-connect.ts +0 -192
- package/src/flows/session-restore.ts +0 -155
- package/src/vault/vault-manager.ts +0 -89
|
@@ -1,89 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* VaultManager wraps {@link HdIdentityVault} with a high-level API
|
|
3
|
-
* and emits events on lock/unlock.
|
|
4
|
-
* @module
|
|
5
|
-
*/
|
|
6
|
-
|
|
7
|
-
import type { HdIdentityVault, IdentityVaultBackup } from '@enbox/agent';
|
|
8
|
-
|
|
9
|
-
import type { AuthEventEmitter } from '../events.js';
|
|
10
|
-
|
|
11
|
-
/**
|
|
12
|
-
* Manages the encrypted identity vault lifecycle.
|
|
13
|
-
*
|
|
14
|
-
* The vault stores the agent's DID and content encryption key (CEK),
|
|
15
|
-
* protected by a user password using PBES2-HS512+A256KW with a 210K
|
|
16
|
-
* iteration work factor. The vault supports HD key derivation from
|
|
17
|
-
* a BIP-39 mnemonic for recovery.
|
|
18
|
-
*/
|
|
19
|
-
export class VaultManager {
|
|
20
|
-
private readonly _vault: HdIdentityVault;
|
|
21
|
-
private readonly _emitter: AuthEventEmitter;
|
|
22
|
-
|
|
23
|
-
constructor(vault: HdIdentityVault, emitter: AuthEventEmitter) {
|
|
24
|
-
this._vault = vault;
|
|
25
|
-
this._emitter = emitter;
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
/** The underlying vault instance (for advanced usage). */
|
|
29
|
-
get raw(): HdIdentityVault {
|
|
30
|
-
return this._vault;
|
|
31
|
-
}
|
|
32
|
-
|
|
33
|
-
/** Whether the vault has been initialized (has encrypted data). */
|
|
34
|
-
async isInitialized(): Promise<boolean> {
|
|
35
|
-
return this._vault.isInitialized();
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
/** Whether the vault is currently locked (synchronous check). */
|
|
39
|
-
get isLocked(): boolean {
|
|
40
|
-
return this._vault.isLocked();
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
/**
|
|
44
|
-
* Unlock the vault with the given password.
|
|
45
|
-
* Decrypts the CEK into memory so the agent DID can be retrieved.
|
|
46
|
-
*
|
|
47
|
-
* @throws If the password is incorrect or vault is not initialized.
|
|
48
|
-
*/
|
|
49
|
-
async unlock(password: string): Promise<void> {
|
|
50
|
-
await this._vault.unlock({ password });
|
|
51
|
-
this._emitter.emit('vault-unlocked', {});
|
|
52
|
-
}
|
|
53
|
-
|
|
54
|
-
/**
|
|
55
|
-
* Lock the vault, clearing the CEK from memory.
|
|
56
|
-
* After locking, the password must be provided again to unlock.
|
|
57
|
-
*/
|
|
58
|
-
async lock(): Promise<void> {
|
|
59
|
-
await this._vault.lock();
|
|
60
|
-
this._emitter.emit('vault-locked', {});
|
|
61
|
-
}
|
|
62
|
-
|
|
63
|
-
/**
|
|
64
|
-
* Change the vault password. Re-encrypts the CEK with the new password.
|
|
65
|
-
*
|
|
66
|
-
* @throws If the old password is incorrect or vault is locked.
|
|
67
|
-
*/
|
|
68
|
-
async changePassword(oldPassword: string, newPassword: string): Promise<void> {
|
|
69
|
-
await this._vault.changePassword({ oldPassword, newPassword });
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
/**
|
|
73
|
-
* Create a backup of the vault.
|
|
74
|
-
*
|
|
75
|
-
* @throws If the vault is not initialized or is locked.
|
|
76
|
-
*/
|
|
77
|
-
async backup(): Promise<IdentityVaultBackup> {
|
|
78
|
-
return this._vault.backup();
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
/**
|
|
82
|
-
* Restore the vault from a backup.
|
|
83
|
-
*
|
|
84
|
-
* @throws If the password doesn't match the backup's encryption.
|
|
85
|
-
*/
|
|
86
|
-
async restore(backup: IdentityVaultBackup, password: string): Promise<void> {
|
|
87
|
-
await this._vault.restore({ backup, password });
|
|
88
|
-
}
|
|
89
|
-
}
|