@enbox/auth 0.5.0 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/auth-manager.js +240 -171
- package/dist/esm/auth-manager.js.map +1 -1
- package/dist/esm/connect/import.js +131 -0
- package/dist/esm/connect/import.js.map +1 -0
- package/dist/esm/connect/lifecycle.js +378 -0
- package/dist/esm/connect/lifecycle.js.map +1 -0
- package/dist/esm/connect/local.js +105 -0
- package/dist/esm/connect/local.js.map +1 -0
- package/dist/esm/connect/restore.js +117 -0
- package/dist/esm/connect/restore.js.map +1 -0
- package/dist/esm/connect/wallet.js +80 -0
- package/dist/esm/connect/wallet.js.map +1 -0
- package/dist/esm/{flows/dwn-discovery.js → discovery.js} +2 -2
- package/dist/esm/discovery.js.map +1 -0
- package/dist/esm/index.js +13 -19
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/permissions.js +41 -0
- package/dist/esm/permissions.js.map +1 -0
- package/dist/esm/{flows/dwn-registration.js → registration.js} +2 -2
- package/dist/esm/registration.js.map +1 -0
- package/dist/esm/types.js +4 -0
- package/dist/esm/types.js.map +1 -1
- package/dist/esm/wallet-connect-client.js +188 -0
- package/dist/esm/wallet-connect-client.js.map +1 -0
- package/dist/types/auth-manager.d.ts +89 -11
- package/dist/types/auth-manager.d.ts.map +1 -1
- package/dist/types/connect/import.d.ts +25 -0
- package/dist/types/connect/import.d.ts.map +1 -0
- package/dist/types/connect/lifecycle.d.ts +199 -0
- package/dist/types/connect/lifecycle.d.ts.map +1 -0
- package/dist/types/connect/local.d.ts +23 -0
- package/dist/types/connect/local.d.ts.map +1 -0
- package/dist/types/connect/restore.d.ts +18 -0
- package/dist/types/connect/restore.d.ts.map +1 -0
- package/dist/types/connect/wallet.d.ts +21 -0
- package/dist/types/connect/wallet.d.ts.map +1 -0
- package/dist/types/{flows/dwn-discovery.d.ts → discovery.d.ts} +3 -3
- package/dist/types/discovery.d.ts.map +1 -0
- package/dist/types/index.d.ts +14 -19
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/permissions.d.ts +18 -0
- package/dist/types/permissions.d.ts.map +1 -0
- package/dist/types/{flows/dwn-registration.d.ts → registration.d.ts} +2 -2
- package/dist/types/registration.d.ts.map +1 -0
- package/dist/types/types.d.ts +154 -4
- package/dist/types/types.d.ts.map +1 -1
- package/dist/types/wallet-connect-client.d.ts +86 -0
- package/dist/types/wallet-connect-client.d.ts.map +1 -0
- package/package.json +9 -5
- package/src/auth-manager.ts +258 -191
- package/src/connect/import.ts +148 -0
- package/src/connect/lifecycle.ts +487 -0
- package/src/connect/local.ts +116 -0
- package/src/connect/restore.ts +133 -0
- package/src/connect/wallet.ts +89 -0
- package/src/{flows/dwn-discovery.ts → discovery.ts} +4 -3
- package/src/index.ts +20 -19
- package/src/permissions.ts +48 -0
- package/src/{flows/dwn-registration.ts → registration.ts} +2 -2
- package/src/types.ts +171 -4
- package/src/wallet-connect-client.ts +275 -0
- package/dist/esm/flows/dwn-discovery.js.map +0 -1
- package/dist/esm/flows/dwn-registration.js.map +0 -1
- package/dist/esm/flows/import-identity.js +0 -177
- package/dist/esm/flows/import-identity.js.map +0 -1
- package/dist/esm/flows/local-connect.js +0 -158
- package/dist/esm/flows/local-connect.js.map +0 -1
- package/dist/esm/flows/session-restore.js +0 -125
- package/dist/esm/flows/session-restore.js.map +0 -1
- package/dist/esm/flows/wallet-connect.js +0 -200
- package/dist/esm/flows/wallet-connect.js.map +0 -1
- package/dist/esm/vault/vault-manager.js +0 -95
- package/dist/esm/vault/vault-manager.js.map +0 -1
- package/dist/types/flows/dwn-discovery.d.ts.map +0 -1
- package/dist/types/flows/dwn-registration.d.ts.map +0 -1
- package/dist/types/flows/import-identity.d.ts +0 -35
- package/dist/types/flows/import-identity.d.ts.map +0 -1
- package/dist/types/flows/local-connect.d.ts +0 -31
- package/dist/types/flows/local-connect.d.ts.map +0 -1
- package/dist/types/flows/session-restore.d.ts +0 -29
- package/dist/types/flows/session-restore.d.ts.map +0 -1
- package/dist/types/flows/wallet-connect.d.ts +0 -44
- package/dist/types/flows/wallet-connect.d.ts.map +0 -1
- package/dist/types/vault/vault-manager.d.ts +0 -57
- package/dist/types/vault/vault-manager.d.ts.map +0 -1
- package/src/flows/import-identity.ts +0 -219
- package/src/flows/local-connect.ts +0 -192
- package/src/flows/session-restore.ts +0 -155
- package/src/flows/wallet-connect.ts +0 -226
- package/src/vault/vault-manager.ts +0 -89
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"import-identity.js","sourceRoot":"","sources":["../../../src/flows/import-identity.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;;;;;;;;;;AAKH,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAmB3C;;;;;GAKG;AACH,MAAM,UAAgB,gBAAgB,CACpC,GAAkB,EAClB,OAAgC;;;QAEhC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;QAC7C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAC7C,MAAM,YAAY,GAAG,MAAA,MAAA,OAAO,CAAC,YAAY,mCAAI,GAAG,CAAC,mBAAmB,mCAAI,CAAC,2BAA2B,CAAC,CAAC;QAEtG,iDAAiD;QACjD,gEAAgE;QAChE,IAAI,MAAM,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC;YAClC,MAAM,SAAS,CAAC,UAAU,CAAC;gBACzB,QAAQ;gBACR,cAAc;gBACd,YAAY;aACb,CAAC,CAAC;QACL,CAAC;QAED,MAAM,SAAS,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;QAEnC,qDAAqD;QACrD,oEAAoE;QACpE,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnD,IAAI,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;QAC7B,IAAI,aAAa,GAAG,KAAK,CAAC;QAE1B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,aAAa,GAAG,IAAI,CAAC;YACrB,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,SAAS,EAAI,KAAK;gBAClB,QAAQ,EAAK,EAAE,IAAI,EAAE,SAAS,EAAE;gBAChC,UAAU,EAAG;oBACX,QAAQ,EAAE;wBACR;4BACE,EAAE,EAAgB,KAAK;4BACvB,IAAI,EAAc,sBAAsB;4BACxC,eAAe,EAAG,YAAY;4BAC9B,GAAG,EAAe,MAAM;4BACxB,GAAG,EAAe,MAAM;yBACzB;qBACF;oBACD,mBAAmB,EAAE;wBACnB;4BACE,SAAS,EAAG,SAAS;4BACrB,EAAE,EAAU,KAAK;4BACjB,QAAQ,EAAI,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;yBAClD;wBACD;4BACE,SAAS,EAAG,QAAQ;4BACpB,EAAE,EAAU,KAAK;4BACjB,QAAQ,EAAI,CAAC,cAAc,CAAC;yBAC7B;qBACF;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QAED,MAAM,YAAY,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;QAEtC,sEAAsE;QACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,wBAAwB,CAC5B;gBACE,SAAS,EAAG,SAAS;gBACrB,YAAY;gBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;gBAClC,YAAY;gBACZ,OAAO,EAAK,OAAO;aACpB,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;QACJ,CAAC;QAED,2BAA2B;QAC3B,IAAI,aAAa,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACpC,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QAC3F,CAAC;QAED,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;iBACjE,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAE9D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAG,YAAY;YACrB,IAAI,EAAK,QAAQ,CAAC,QAAQ,CAAC,IAAI;SAChC,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE;SACvD,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA;AAED;;;;;GAKG;AACH,MAAM,UAAgB,kBAAkB,CACtC,GAAkB,EAClB,OAAkC;;;QAElC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAE7C,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC/C,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;SAC3C,CAAC,CAAC;QAEH,MAAM,YAAY,GAAG,MAAA,QAAQ,CAAC,QAAQ,CAAC,YAAY,mCAAI,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;QACxE,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QAElF,sEAAsE;QACtE,+EAA+E;QAC/E,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,YAAY,GAAG,MAAA,GAAG,CAAC,mBAAmB,mCAAI,CAAC,2BAA2B,CAAC,CAAC;YAC9E,MAAM,wBAAwB,CAC5B;gBACE,SAAS,EAAG,SAAS;gBACrB,YAAY;gBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;gBAClC,YAAY;gBACZ,OAAO,EAAK,OAAO;aACpB,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;QACJ,CAAC;QAED,2BAA2B;QAC3B,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC;gBACpC,GAAG,EAAO,YAAY;gBACtB,OAAO,EAAG,EAAE,WAAW,EAAE,SAAS,EAAE,EAAE,EAAE;aACzC,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;iBACjE,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAE9D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE;SACpE,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
|
@@ -1,158 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Local DID connect flow.
|
|
3
|
-
*
|
|
4
|
-
* Creates or reconnects a local identity with vault-protected keys.
|
|
5
|
-
* This replaces the "Mode D/E" paths in Enbox.connect().
|
|
6
|
-
* @module
|
|
7
|
-
*/
|
|
8
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
9
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
10
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
11
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
12
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
13
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
14
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
15
|
-
});
|
|
16
|
-
};
|
|
17
|
-
import { applyLocalDwnDiscovery } from './dwn-discovery.js';
|
|
18
|
-
import { AuthSession } from '../identity-session.js';
|
|
19
|
-
import { registerWithDwnEndpoints } from './dwn-registration.js';
|
|
20
|
-
import { INSECURE_DEFAULT_PASSWORD, STORAGE_KEYS } from '../types.js';
|
|
21
|
-
/**
|
|
22
|
-
* Execute the local connect flow.
|
|
23
|
-
*
|
|
24
|
-
* - On first launch: initializes the vault, creates a new DID, returns recovery phrase.
|
|
25
|
-
* - On subsequent launches: unlocks the vault and reconnects to the existing identity.
|
|
26
|
-
*/
|
|
27
|
-
export function localConnect(ctx_1) {
|
|
28
|
-
return __awaiter(this, arguments, void 0, function* (ctx, options = {}) {
|
|
29
|
-
var _a, _b, _c, _d, _e, _f, _g;
|
|
30
|
-
const { userAgent, emitter, storage } = ctx;
|
|
31
|
-
// Resolve password: explicit option → provider → manager default → insecure fallback.
|
|
32
|
-
const isFirstLaunch = yield userAgent.firstLaunch();
|
|
33
|
-
let password = (_a = options.password) !== null && _a !== void 0 ? _a : ctx.defaultPassword;
|
|
34
|
-
if (!password && ctx.passwordProvider) {
|
|
35
|
-
try {
|
|
36
|
-
password = yield ctx.passwordProvider.getPassword({
|
|
37
|
-
reason: isFirstLaunch ? 'create' : 'unlock',
|
|
38
|
-
});
|
|
39
|
-
}
|
|
40
|
-
catch (_h) {
|
|
41
|
-
// Provider failed — fall through to insecure default.
|
|
42
|
-
}
|
|
43
|
-
}
|
|
44
|
-
password !== null && password !== void 0 ? password : (password = INSECURE_DEFAULT_PASSWORD);
|
|
45
|
-
const sync = (_b = options.sync) !== null && _b !== void 0 ? _b : ctx.defaultSync;
|
|
46
|
-
const dwnEndpoints = (_d = (_c = options.dwnEndpoints) !== null && _c !== void 0 ? _c : ctx.defaultDwnEndpoints) !== null && _d !== void 0 ? _d : ['https://enbox-dwn.fly.dev'];
|
|
47
|
-
// Warn if using insecure default.
|
|
48
|
-
if (password === INSECURE_DEFAULT_PASSWORD) {
|
|
49
|
-
console.warn('[@enbox/auth] SECURITY WARNING: No password set. Using insecure default. ' +
|
|
50
|
-
'Set a password via AuthManager.create({ password }) or connect({ password }) ' +
|
|
51
|
-
'to protect your identity vault.');
|
|
52
|
-
}
|
|
53
|
-
let recoveryPhrase;
|
|
54
|
-
// Initialize vault on first launch.
|
|
55
|
-
if (isFirstLaunch) {
|
|
56
|
-
recoveryPhrase = yield userAgent.initialize({
|
|
57
|
-
password,
|
|
58
|
-
recoveryPhrase: options.recoveryPhrase,
|
|
59
|
-
dwnEndpoints,
|
|
60
|
-
});
|
|
61
|
-
}
|
|
62
|
-
// Start the agent (unlocks vault if locked, sets agentDid).
|
|
63
|
-
yield userAgent.start({ password });
|
|
64
|
-
emitter.emit('vault-unlocked', {});
|
|
65
|
-
// Apply local DWN discovery (browser redirect payload or persisted endpoint).
|
|
66
|
-
// In remote mode, discovery already ran before agent creation — skip.
|
|
67
|
-
if (!userAgent.dwn.isRemoteMode) {
|
|
68
|
-
yield applyLocalDwnDiscovery(userAgent, storage, emitter);
|
|
69
|
-
}
|
|
70
|
-
// Find or create the user identity.
|
|
71
|
-
const identities = yield userAgent.identity.list();
|
|
72
|
-
let identity = identities[0];
|
|
73
|
-
let isNewIdentity = false;
|
|
74
|
-
if (!identity) {
|
|
75
|
-
isNewIdentity = true;
|
|
76
|
-
identity = yield userAgent.identity.create({
|
|
77
|
-
didMethod: 'dht',
|
|
78
|
-
metadata: { name: (_f = (_e = options.metadata) === null || _e === void 0 ? void 0 : _e.name) !== null && _f !== void 0 ? _f : 'Default' },
|
|
79
|
-
didOptions: {
|
|
80
|
-
services: [
|
|
81
|
-
{
|
|
82
|
-
id: 'dwn',
|
|
83
|
-
type: 'DecentralizedWebNode',
|
|
84
|
-
serviceEndpoint: dwnEndpoints,
|
|
85
|
-
enc: '#enc',
|
|
86
|
-
sig: '#sig',
|
|
87
|
-
}
|
|
88
|
-
],
|
|
89
|
-
verificationMethods: [
|
|
90
|
-
{
|
|
91
|
-
algorithm: 'Ed25519',
|
|
92
|
-
id: 'sig',
|
|
93
|
-
purposes: ['assertionMethod', 'authentication'],
|
|
94
|
-
},
|
|
95
|
-
{
|
|
96
|
-
algorithm: 'X25519',
|
|
97
|
-
id: 'enc',
|
|
98
|
-
purposes: ['keyAgreement'],
|
|
99
|
-
},
|
|
100
|
-
],
|
|
101
|
-
},
|
|
102
|
-
});
|
|
103
|
-
}
|
|
104
|
-
const connectedDid = (_g = identity.metadata.connectedDid) !== null && _g !== void 0 ? _g : identity.did.uri;
|
|
105
|
-
const delegateDid = identity.metadata.connectedDid ? identity.did.uri : undefined;
|
|
106
|
-
// Register with DWN endpoints (if registration options are provided).
|
|
107
|
-
if (ctx.registration) {
|
|
108
|
-
yield registerWithDwnEndpoints({
|
|
109
|
-
userAgent: userAgent,
|
|
110
|
-
dwnEndpoints,
|
|
111
|
-
agentDid: userAgent.agentDid.uri,
|
|
112
|
-
connectedDid,
|
|
113
|
-
storage: storage,
|
|
114
|
-
}, ctx.registration);
|
|
115
|
-
}
|
|
116
|
-
// Register sync for new identities.
|
|
117
|
-
if (isNewIdentity && sync !== 'off') {
|
|
118
|
-
yield userAgent.sync.registerIdentity({
|
|
119
|
-
did: connectedDid,
|
|
120
|
-
options: { delegateDid, protocols: [] },
|
|
121
|
-
});
|
|
122
|
-
}
|
|
123
|
-
// Start sync.
|
|
124
|
-
if (sync !== 'off') {
|
|
125
|
-
const syncMode = sync === undefined ? 'live' : 'poll';
|
|
126
|
-
const syncInterval = sync !== null && sync !== void 0 ? sync : (syncMode === 'live' ? '5m' : '2m');
|
|
127
|
-
userAgent.sync.startSync({ mode: syncMode, interval: syncInterval })
|
|
128
|
-
.catch((error) => {
|
|
129
|
-
console.error('[@enbox/auth] Sync failed:', error);
|
|
130
|
-
});
|
|
131
|
-
}
|
|
132
|
-
// Persist session info.
|
|
133
|
-
yield storage.set(STORAGE_KEYS.PREVIOUSLY_CONNECTED, 'true');
|
|
134
|
-
yield storage.set(STORAGE_KEYS.ACTIVE_IDENTITY, connectedDid);
|
|
135
|
-
const identityInfo = {
|
|
136
|
-
didUri: connectedDid,
|
|
137
|
-
name: identity.metadata.name,
|
|
138
|
-
connectedDid: identity.metadata.connectedDid,
|
|
139
|
-
};
|
|
140
|
-
const session = new AuthSession({
|
|
141
|
-
agent: userAgent,
|
|
142
|
-
did: connectedDid,
|
|
143
|
-
delegateDid,
|
|
144
|
-
recoveryPhrase,
|
|
145
|
-
identity: identityInfo,
|
|
146
|
-
});
|
|
147
|
-
emitter.emit('identity-added', { identity: identityInfo });
|
|
148
|
-
emitter.emit('session-start', {
|
|
149
|
-
session: {
|
|
150
|
-
did: session.did,
|
|
151
|
-
delegateDid,
|
|
152
|
-
identity: identityInfo,
|
|
153
|
-
},
|
|
154
|
-
});
|
|
155
|
-
return session;
|
|
156
|
-
});
|
|
157
|
-
}
|
|
158
|
-
//# sourceMappingURL=local-connect.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"local-connect.js","sourceRoot":"","sources":["../../../src/flows/local-connect.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;;;;;;;;;;AAQH,OAAO,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AActE;;;;;GAKG;AACH,MAAM,UAAgB,YAAY;yDAChC,GAAwB,EACxB,UAA+B,EAAE;;QAEjC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAE5C,sFAAsF;QACtF,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,WAAW,EAAE,CAAC;QACpD,IAAI,QAAQ,GAAG,MAAA,OAAO,CAAC,QAAQ,mCAAI,GAAG,CAAC,eAAe,CAAC;QAEvD,IAAI,CAAC,QAAQ,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,GAAG,CAAC,gBAAgB,CAAC,WAAW,CAAC;oBAChD,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;iBAC5C,CAAC,CAAC;YACL,CAAC;YAAC,WAAM,CAAC;gBACP,sDAAsD;YACxD,CAAC;QACH,CAAC;QAED,QAAQ,aAAR,QAAQ,cAAR,QAAQ,IAAR,QAAQ,GAAK,yBAAyB,EAAC;QAEvC,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAC7C,MAAM,YAAY,GAAG,MAAA,MAAA,OAAO,CAAC,YAAY,mCAAI,GAAG,CAAC,mBAAmB,mCAAI,CAAC,2BAA2B,CAAC,CAAC;QAEtG,kCAAkC;QAClC,IAAI,QAAQ,KAAK,yBAAyB,EAAE,CAAC;YAC3C,OAAO,CAAC,IAAI,CACV,2EAA2E;gBAC3E,+EAA+E;gBAC/E,iCAAiC,CAClC,CAAC;QACJ,CAAC;QAED,IAAI,cAAkC,CAAC;QAEvC,oCAAoC;QACpC,IAAI,aAAa,EAAE,CAAC;YAClB,cAAc,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC;gBAC1C,QAAQ;gBACR,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,YAAY;aACb,CAAC,CAAC;QACL,CAAC;QAED,4DAA4D;QAC5D,MAAM,SAAS,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;QAEnC,8EAA8E;QAC9E,sEAAsE;QACtE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YAChC,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAC5D,CAAC;QAED,oCAAoC;QACpC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnD,IAAI,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;QAC7B,IAAI,aAAa,GAAG,KAAK,CAAC;QAE1B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,aAAa,GAAG,IAAI,CAAC;YACrB,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,SAAS,EAAI,KAAK;gBAClB,QAAQ,EAAK,EAAE,IAAI,EAAE,MAAA,MAAA,OAAO,CAAC,QAAQ,0CAAE,IAAI,mCAAI,SAAS,EAAE;gBAC1D,UAAU,EAAG;oBACX,QAAQ,EAAE;wBACR;4BACE,EAAE,EAAgB,KAAK;4BACvB,IAAI,EAAc,sBAAsB;4BACxC,eAAe,EAAG,YAAY;4BAC9B,GAAG,EAAe,MAAM;4BACxB,GAAG,EAAe,MAAM;yBACzB;qBACF;oBACD,mBAAmB,EAAE;wBACnB;4BACE,SAAS,EAAG,SAAS;4BACrB,EAAE,EAAU,KAAK;4BACjB,QAAQ,EAAI,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;yBAClD;wBACD;4BACE,SAAS,EAAG,QAAQ;4BACpB,EAAE,EAAU,KAAK;4BACjB,QAAQ,EAAI,CAAC,cAAc,CAAC;yBAC7B;qBACF;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QAED,MAAM,YAAY,GAAG,MAAA,QAAQ,CAAC,QAAQ,CAAC,YAAY,mCAAI,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;QACxE,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QAElF,sEAAsE;QACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACrB,MAAM,wBAAwB,CAC5B;gBACE,SAAS,EAAG,SAAS;gBACrB,YAAY;gBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;gBAClC,YAAY;gBACZ,OAAO,EAAK,OAAO;aACpB,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,aAAa,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACpC,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC;gBACpC,GAAG,EAAO,YAAY;gBACtB,OAAO,EAAG,EAAE,WAAW,EAAE,SAAS,EAAE,EAAE,EAAE;aACzC,CAAC,CAAC;QACL,CAAC;QAED,cAAc;QACd,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;iBACjE,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;gBACxB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YACrD,CAAC,CAAC,CAAC;QACP,CAAC;QAED,wBAAwB;QACxB,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAE9D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,cAAc;YACd,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE;gBACP,GAAG,EAAQ,OAAO,CAAC,GAAG;gBACtB,WAAW;gBACX,QAAQ,EAAG,YAAY;aACxB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
|
@@ -1,125 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Session restore flow.
|
|
3
|
-
*
|
|
4
|
-
* Restores a previously established session from persisted storage,
|
|
5
|
-
* replacing the "previouslyConnected" pattern in apps.
|
|
6
|
-
* @module
|
|
7
|
-
*/
|
|
8
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
9
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
10
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
11
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
12
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
13
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
14
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
15
|
-
});
|
|
16
|
-
};
|
|
17
|
-
import { applyLocalDwnDiscovery } from './dwn-discovery.js';
|
|
18
|
-
import { AuthSession } from '../identity-session.js';
|
|
19
|
-
import { INSECURE_DEFAULT_PASSWORD, STORAGE_KEYS } from '../types.js';
|
|
20
|
-
/**
|
|
21
|
-
* Attempt to restore a previous session.
|
|
22
|
-
*
|
|
23
|
-
* Returns `undefined` if no previous session exists.
|
|
24
|
-
* Returns an `AuthSession` if the session was successfully restored.
|
|
25
|
-
*/
|
|
26
|
-
export function restoreSession(ctx_1) {
|
|
27
|
-
return __awaiter(this, arguments, void 0, function* (ctx, options = {}) {
|
|
28
|
-
var _a, _b;
|
|
29
|
-
const { userAgent, emitter, storage } = ctx;
|
|
30
|
-
// Check if there was a previous session.
|
|
31
|
-
const previouslyConnected = yield storage.get(STORAGE_KEYS.PREVIOUSLY_CONNECTED);
|
|
32
|
-
if (previouslyConnected !== 'true') {
|
|
33
|
-
return undefined;
|
|
34
|
-
}
|
|
35
|
-
// Resolve password: explicit option → callback → provider → manager default → insecure fallback.
|
|
36
|
-
let password = (_a = options.password) !== null && _a !== void 0 ? _a : ctx.defaultPassword;
|
|
37
|
-
if (!password && options.onPasswordRequired) {
|
|
38
|
-
password = yield options.onPasswordRequired();
|
|
39
|
-
}
|
|
40
|
-
if (!password && ctx.passwordProvider) {
|
|
41
|
-
try {
|
|
42
|
-
password = yield ctx.passwordProvider.getPassword({ reason: 'unlock' });
|
|
43
|
-
}
|
|
44
|
-
catch (_c) {
|
|
45
|
-
// Provider failed — fall through to insecure default.
|
|
46
|
-
}
|
|
47
|
-
}
|
|
48
|
-
password !== null && password !== void 0 ? password : (password = INSECURE_DEFAULT_PASSWORD);
|
|
49
|
-
// Warn if using insecure default.
|
|
50
|
-
if (password === INSECURE_DEFAULT_PASSWORD) {
|
|
51
|
-
console.warn('[@enbox/auth] SECURITY WARNING: No password set. Using insecure default. ' +
|
|
52
|
-
'Set a password to protect your identity vault.');
|
|
53
|
-
}
|
|
54
|
-
// Start the agent (initializes + unlocks vault).
|
|
55
|
-
if (yield userAgent.firstLaunch()) {
|
|
56
|
-
// Vault doesn't exist yet — this shouldn't happen if previouslyConnected is true.
|
|
57
|
-
// Clean up the stale flag and return undefined.
|
|
58
|
-
yield storage.remove(STORAGE_KEYS.PREVIOUSLY_CONNECTED);
|
|
59
|
-
return undefined;
|
|
60
|
-
}
|
|
61
|
-
yield userAgent.start({ password });
|
|
62
|
-
emitter.emit('vault-unlocked', {});
|
|
63
|
-
// Apply local DWN discovery (browser redirect payload or persisted endpoint).
|
|
64
|
-
// In remote mode, discovery already ran before agent creation — skip.
|
|
65
|
-
if (!userAgent.dwn.isRemoteMode) {
|
|
66
|
-
yield applyLocalDwnDiscovery(userAgent, storage, emitter);
|
|
67
|
-
}
|
|
68
|
-
// Determine which identity to reconnect.
|
|
69
|
-
const activeIdentityDid = yield storage.get(STORAGE_KEYS.ACTIVE_IDENTITY);
|
|
70
|
-
const storedDelegateDid = yield storage.get(STORAGE_KEYS.DELEGATE_DID);
|
|
71
|
-
// First try the connected identity (wallet-connected sessions).
|
|
72
|
-
let identity = yield userAgent.identity.connectedIdentity();
|
|
73
|
-
if (!identity) {
|
|
74
|
-
// Try to find the specific active identity.
|
|
75
|
-
if (activeIdentityDid) {
|
|
76
|
-
identity = yield userAgent.identity.get({ didUri: activeIdentityDid });
|
|
77
|
-
}
|
|
78
|
-
// Fall back to the first available identity.
|
|
79
|
-
if (!identity) {
|
|
80
|
-
const identities = yield userAgent.identity.list();
|
|
81
|
-
identity = identities[0];
|
|
82
|
-
}
|
|
83
|
-
}
|
|
84
|
-
if (!identity) {
|
|
85
|
-
// No identity found — clean up stale session data.
|
|
86
|
-
yield storage.remove(STORAGE_KEYS.PREVIOUSLY_CONNECTED);
|
|
87
|
-
yield storage.remove(STORAGE_KEYS.ACTIVE_IDENTITY);
|
|
88
|
-
yield storage.remove(STORAGE_KEYS.DELEGATE_DID);
|
|
89
|
-
yield storage.remove(STORAGE_KEYS.CONNECTED_DID);
|
|
90
|
-
return undefined;
|
|
91
|
-
}
|
|
92
|
-
const connectedDid = (_b = identity.metadata.connectedDid) !== null && _b !== void 0 ? _b : identity.did.uri;
|
|
93
|
-
const delegateDid = identity.metadata.connectedDid
|
|
94
|
-
? identity.did.uri
|
|
95
|
-
: (storedDelegateDid !== null && storedDelegateDid !== void 0 ? storedDelegateDid : undefined);
|
|
96
|
-
// Start sync.
|
|
97
|
-
const sync = ctx.defaultSync;
|
|
98
|
-
if (sync !== 'off') {
|
|
99
|
-
const syncMode = sync === undefined ? 'live' : 'poll';
|
|
100
|
-
const syncInterval = sync !== null && sync !== void 0 ? sync : (syncMode === 'live' ? '5m' : '2m');
|
|
101
|
-
userAgent.sync.startSync({ mode: syncMode, interval: syncInterval })
|
|
102
|
-
.catch((err) => {
|
|
103
|
-
console.error('[@enbox/auth] Sync failed:', err);
|
|
104
|
-
});
|
|
105
|
-
}
|
|
106
|
-
// Update persisted session info.
|
|
107
|
-
yield storage.set(STORAGE_KEYS.ACTIVE_IDENTITY, connectedDid);
|
|
108
|
-
const identityInfo = {
|
|
109
|
-
didUri: connectedDid,
|
|
110
|
-
name: identity.metadata.name,
|
|
111
|
-
connectedDid: identity.metadata.connectedDid,
|
|
112
|
-
};
|
|
113
|
-
const session = new AuthSession({
|
|
114
|
-
agent: userAgent,
|
|
115
|
-
did: connectedDid,
|
|
116
|
-
delegateDid,
|
|
117
|
-
identity: identityInfo,
|
|
118
|
-
});
|
|
119
|
-
emitter.emit('session-start', {
|
|
120
|
-
session: { did: connectedDid, delegateDid, identity: identityInfo },
|
|
121
|
-
});
|
|
122
|
-
return session;
|
|
123
|
-
});
|
|
124
|
-
}
|
|
125
|
-
//# sourceMappingURL=session-restore.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"session-restore.js","sourceRoot":"","sources":["../../../src/flows/session-restore.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;;;;;;;;;;AAQH,OAAO,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,yBAAyB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAYtE;;;;;GAKG;AACH,MAAM,UAAgB,cAAc;yDAClC,GAA0B,EAC1B,UAAiC,EAAE;;QAEnC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAE5C,yCAAyC;QACzC,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;QACjF,IAAI,mBAAmB,KAAK,MAAM,EAAE,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,iGAAiG;QACjG,IAAI,QAAQ,GAAG,MAAA,OAAO,CAAC,QAAQ,mCAAI,GAAG,CAAC,eAAe,CAAC;QAEvD,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;YAC5C,QAAQ,GAAG,MAAM,OAAO,CAAC,kBAAkB,EAAE,CAAC;QAChD,CAAC;QAED,IAAI,CAAC,QAAQ,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,GAAG,CAAC,gBAAgB,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;YAC1E,CAAC;YAAC,WAAM,CAAC;gBACP,sDAAsD;YACxD,CAAC;QACH,CAAC;QAED,QAAQ,aAAR,QAAQ,cAAR,QAAQ,IAAR,QAAQ,GAAK,yBAAyB,EAAC;QAEvC,kCAAkC;QAClC,IAAI,QAAQ,KAAK,yBAAyB,EAAE,CAAC;YAC3C,OAAO,CAAC,IAAI,CACV,2EAA2E;gBAC3E,gDAAgD,CACjD,CAAC;QACJ,CAAC;QAED,iDAAiD;QACjD,IAAI,MAAM,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC;YAClC,kFAAkF;YAClF,gDAAgD;YAChD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;YACxD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,SAAS,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;QAEnC,8EAA8E;QAC9E,sEAAsE;QACtE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YAChC,MAAM,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAC5D,CAAC;QAED,yCAAyC;QACzC,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC;QAC1E,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAEvE,gEAAgE;QAChE,IAAI,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,iBAAiB,EAAE,CAAC;QAE5D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,4CAA4C;YAC5C,IAAI,iBAAiB,EAAE,CAAC;gBACtB,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC,CAAC;YACzE,CAAC;YAED,6CAA6C;YAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACnD,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,mDAAmD;YACnD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC;YACxD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC;YACnD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;YAChD,MAAM,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;YACjD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,YAAY,GAAG,MAAA,QAAQ,CAAC,QAAQ,CAAC,YAAY,mCAAI,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;QACxE,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;YAChD,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG;YAClB,CAAC,CAAC,CAAC,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,SAAS,CAAC,CAAC;QAErC,cAAc;QACd,MAAM,IAAI,GAAG,GAAG,CAAC,WAAW,CAAC;QAC7B,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;iBACjE,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;gBACtB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;YACnD,CAAC,CAAC,CAAC;QACP,CAAC;QAED,iCAAiC;QACjC,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAE9D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE;SACpE,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
|
@@ -1,200 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Wallet connect (Enbox Connect relay) flow.
|
|
3
|
-
*
|
|
4
|
-
* Connects to an external wallet via the Enbox Connect relay protocol,
|
|
5
|
-
* importing a delegated DID with permission grants.
|
|
6
|
-
* This replaces the "Mode B/C" paths in Enbox.connect().
|
|
7
|
-
* @module
|
|
8
|
-
*/
|
|
9
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
10
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
11
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
12
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
13
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
14
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
15
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
16
|
-
});
|
|
17
|
-
};
|
|
18
|
-
var __rest = (this && this.__rest) || function (s, e) {
|
|
19
|
-
var t = {};
|
|
20
|
-
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
|
|
21
|
-
t[p] = s[p];
|
|
22
|
-
if (s != null && typeof Object.getOwnPropertySymbols === "function")
|
|
23
|
-
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
|
|
24
|
-
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
|
|
25
|
-
t[p[i]] = s[p[i]];
|
|
26
|
-
}
|
|
27
|
-
return t;
|
|
28
|
-
};
|
|
29
|
-
import { Convert } from '@enbox/common';
|
|
30
|
-
import { WalletConnect } from '@enbox/agent';
|
|
31
|
-
import { DwnInterface, DwnPermissionGrant } from '@enbox/agent';
|
|
32
|
-
import { AuthSession } from '../identity-session.js';
|
|
33
|
-
import { registerWithDwnEndpoints } from './dwn-registration.js';
|
|
34
|
-
import { STORAGE_KEYS } from '../types.js';
|
|
35
|
-
/**
|
|
36
|
-
* Process connected grants by storing them in the local DWN as the owner.
|
|
37
|
-
*
|
|
38
|
-
* This is the agent-level equivalent of `Enbox.processConnectedGrants()`.
|
|
39
|
-
* It stores each grant, signed as owner, and returns the deduplicated
|
|
40
|
-
* list of protocol URIs represented by the grants.
|
|
41
|
-
*
|
|
42
|
-
* @internal
|
|
43
|
-
*/
|
|
44
|
-
export function processConnectedGrants(params) {
|
|
45
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
46
|
-
const { agent, delegateDid, grants } = params;
|
|
47
|
-
const connectedProtocols = new Set();
|
|
48
|
-
for (const grantMessage of grants) {
|
|
49
|
-
const grant = DwnPermissionGrant.parse(grantMessage);
|
|
50
|
-
// Store the grant as the owner of the DWN so the delegateDid
|
|
51
|
-
// can use it when impersonating the connectedDid.
|
|
52
|
-
const { encodedData } = grantMessage, rawMessage = __rest(grantMessage, ["encodedData"]);
|
|
53
|
-
const dataStream = new Blob([Convert.base64Url(encodedData).toUint8Array()]);
|
|
54
|
-
const { reply } = yield agent.processDwnRequest({
|
|
55
|
-
store: true,
|
|
56
|
-
author: delegateDid,
|
|
57
|
-
target: delegateDid,
|
|
58
|
-
messageType: DwnInterface.RecordsWrite,
|
|
59
|
-
signAsOwner: true,
|
|
60
|
-
rawMessage,
|
|
61
|
-
dataStream,
|
|
62
|
-
});
|
|
63
|
-
if (reply.status.code !== 202) {
|
|
64
|
-
throw new Error(`[@enbox/auth] Failed to process connected grant: ${reply.status.detail}`);
|
|
65
|
-
}
|
|
66
|
-
const protocol = grant.scope.protocol;
|
|
67
|
-
if (protocol) {
|
|
68
|
-
connectedProtocols.add(protocol);
|
|
69
|
-
}
|
|
70
|
-
}
|
|
71
|
-
return [...connectedProtocols];
|
|
72
|
-
});
|
|
73
|
-
}
|
|
74
|
-
/**
|
|
75
|
-
* Execute the wallet connect flow.
|
|
76
|
-
*
|
|
77
|
-
* 1. Passes the permission requests directly to `WalletConnect.initClient()`.
|
|
78
|
-
* 2. Imports the delegate DID and processes grants.
|
|
79
|
-
* 3. Sets up sync and returns an AuthSession.
|
|
80
|
-
*/
|
|
81
|
-
export function walletConnect(ctx, options) {
|
|
82
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
83
|
-
var _a, _b, _c;
|
|
84
|
-
const { userAgent, emitter, storage } = ctx;
|
|
85
|
-
const sync = (_a = options.sync) !== null && _a !== void 0 ? _a : ctx.defaultSync;
|
|
86
|
-
if (sync === 'off') {
|
|
87
|
-
throw new Error('[@enbox/auth] Sync must be enabled when using wallet connect. ' +
|
|
88
|
-
'Remove sync: "off" or set an interval like "15s".');
|
|
89
|
-
}
|
|
90
|
-
// Run the Enbox Connect relay flow.
|
|
91
|
-
// permissionRequests are already agent-level ConnectPermissionRequest objects.
|
|
92
|
-
const result = yield WalletConnect.initClient({
|
|
93
|
-
displayName: options.displayName,
|
|
94
|
-
connectServerUrl: options.connectServerUrl,
|
|
95
|
-
walletUri: (_b = options.walletUri) !== null && _b !== void 0 ? _b : 'enbox://connect',
|
|
96
|
-
permissionRequests: options.permissionRequests,
|
|
97
|
-
onWalletUriReady: options.onWalletUriReady,
|
|
98
|
-
validatePin: options.validatePin,
|
|
99
|
-
});
|
|
100
|
-
if (!result) {
|
|
101
|
-
throw new Error('[@enbox/auth] Wallet connect flow was cancelled or returned no result.');
|
|
102
|
-
}
|
|
103
|
-
const { delegatePortableDid, connectedDid, delegateGrants } = result;
|
|
104
|
-
// Import the delegated DID as an Identity.
|
|
105
|
-
let identity;
|
|
106
|
-
try {
|
|
107
|
-
identity = yield userAgent.identity.import({
|
|
108
|
-
portableIdentity: {
|
|
109
|
-
portableDid: delegatePortableDid,
|
|
110
|
-
metadata: {
|
|
111
|
-
connectedDid,
|
|
112
|
-
name: 'Default',
|
|
113
|
-
uri: delegatePortableDid.uri,
|
|
114
|
-
tenant: userAgent.agentDid.uri,
|
|
115
|
-
},
|
|
116
|
-
},
|
|
117
|
-
});
|
|
118
|
-
// Process the connected grants using agent primitives.
|
|
119
|
-
const connectedProtocols = yield processConnectedGrants({
|
|
120
|
-
agent: userAgent,
|
|
121
|
-
delegateDid: delegatePortableDid.uri,
|
|
122
|
-
grants: delegateGrants,
|
|
123
|
-
});
|
|
124
|
-
// Register with DWN endpoints (if registration options are provided).
|
|
125
|
-
if (ctx.registration) {
|
|
126
|
-
const dwnEndpoints = (_c = ctx.defaultDwnEndpoints) !== null && _c !== void 0 ? _c : ['https://enbox-dwn.fly.dev'];
|
|
127
|
-
yield registerWithDwnEndpoints({
|
|
128
|
-
userAgent: userAgent,
|
|
129
|
-
dwnEndpoints,
|
|
130
|
-
agentDid: userAgent.agentDid.uri,
|
|
131
|
-
connectedDid,
|
|
132
|
-
storage: storage,
|
|
133
|
-
}, ctx.registration);
|
|
134
|
-
}
|
|
135
|
-
// Register sync for the connected identity.
|
|
136
|
-
yield userAgent.sync.registerIdentity({
|
|
137
|
-
did: connectedDid,
|
|
138
|
-
options: {
|
|
139
|
-
delegateDid: delegatePortableDid.uri,
|
|
140
|
-
protocols: connectedProtocols,
|
|
141
|
-
},
|
|
142
|
-
});
|
|
143
|
-
// Pull down existing messages from the connected DID's DWN.
|
|
144
|
-
yield userAgent.sync.sync('pull');
|
|
145
|
-
}
|
|
146
|
-
catch (error) {
|
|
147
|
-
// Clean up on failure.
|
|
148
|
-
if (identity) {
|
|
149
|
-
try {
|
|
150
|
-
yield userAgent.did.delete({
|
|
151
|
-
didUri: identity.did.uri,
|
|
152
|
-
tenant: identity.metadata.tenant,
|
|
153
|
-
deleteKey: true,
|
|
154
|
-
});
|
|
155
|
-
}
|
|
156
|
-
catch ( /* best effort */_d) { /* best effort */ }
|
|
157
|
-
try {
|
|
158
|
-
yield userAgent.identity.delete({ didUri: identity.did.uri });
|
|
159
|
-
}
|
|
160
|
-
catch ( /* best effort */_e) { /* best effort */ }
|
|
161
|
-
}
|
|
162
|
-
const message = error instanceof Error ? error.message : String(error);
|
|
163
|
-
throw new Error(`[@enbox/auth] Wallet connect failed: ${message}`);
|
|
164
|
-
}
|
|
165
|
-
// Start sync.
|
|
166
|
-
const syncMode = sync === undefined ? 'live' : 'poll';
|
|
167
|
-
const syncInterval = sync !== null && sync !== void 0 ? sync : (syncMode === 'live' ? '5m' : '2m');
|
|
168
|
-
userAgent.sync.startSync({ mode: syncMode, interval: syncInterval })
|
|
169
|
-
.catch((err) => {
|
|
170
|
-
console.error('[@enbox/auth] Sync failed:', err);
|
|
171
|
-
});
|
|
172
|
-
const delegateDid = delegatePortableDid.uri;
|
|
173
|
-
// Persist session info.
|
|
174
|
-
yield storage.set(STORAGE_KEYS.PREVIOUSLY_CONNECTED, 'true');
|
|
175
|
-
yield storage.set(STORAGE_KEYS.ACTIVE_IDENTITY, connectedDid);
|
|
176
|
-
yield storage.set(STORAGE_KEYS.DELEGATE_DID, delegateDid);
|
|
177
|
-
yield storage.set(STORAGE_KEYS.CONNECTED_DID, connectedDid);
|
|
178
|
-
const identityInfo = {
|
|
179
|
-
didUri: connectedDid,
|
|
180
|
-
name: identity.metadata.name,
|
|
181
|
-
connectedDid: identity.metadata.connectedDid,
|
|
182
|
-
};
|
|
183
|
-
const session = new AuthSession({
|
|
184
|
-
agent: userAgent,
|
|
185
|
-
did: connectedDid,
|
|
186
|
-
delegateDid,
|
|
187
|
-
identity: identityInfo,
|
|
188
|
-
});
|
|
189
|
-
emitter.emit('identity-added', { identity: identityInfo });
|
|
190
|
-
emitter.emit('session-start', {
|
|
191
|
-
session: {
|
|
192
|
-
did: session.did,
|
|
193
|
-
delegateDid,
|
|
194
|
-
identity: identityInfo,
|
|
195
|
-
},
|
|
196
|
-
});
|
|
197
|
-
return session;
|
|
198
|
-
});
|
|
199
|
-
}
|
|
200
|
-
//# sourceMappingURL=wallet-connect.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"wallet-connect.js","sourceRoot":"","sources":["../../../src/flows/wallet-connect.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAGhE,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAa3C;;;;;;;;GAQG;AACH,MAAM,UAAgB,sBAAsB,CAAC,MAI5C;;QACC,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;QAC9C,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE7C,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,kBAAkB,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAErD,6DAA6D;YAC7D,kDAAkD;YAClD,MAAM,EAAE,WAAW,KAAoB,YAAY,EAA3B,UAAU,UAAK,YAAY,EAA7C,eAA8B,CAAe,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,YAAY,EAAc,CAAC,CAAC,CAAC;YAEzF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC;gBAC9C,KAAK,EAAS,IAAI;gBAClB,MAAM,EAAQ,WAAW;gBACzB,MAAM,EAAQ,WAAW;gBACzB,WAAW,EAAG,YAAY,CAAC,YAAY;gBACvC,WAAW,EAAG,IAAI;gBAClB,UAAU;gBACV,UAAU;aACX,CAAC,CAAC;YAEH,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CACb,oDAAoD,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,CAC1E,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAI,KAAK,CAAC,KAAgE,CAAC,QAAQ,CAAC;YAClG,IAAI,QAAQ,EAAE,CAAC;gBACb,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,CAAC,GAAG,kBAAkB,CAAC,CAAC;IACjC,CAAC;CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAgB,aAAa,CACjC,GAAyB,EACzB,OAA6B;;;QAE7B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC;QAC5C,MAAM,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,mCAAI,GAAG,CAAC,WAAW,CAAC;QAE7C,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,gEAAgE;gBAChE,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,+EAA+E;QAC/E,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC;YAC5C,WAAW,EAAU,OAAO,CAAC,WAAW;YACxC,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,SAAS,EAAY,MAAA,OAAO,CAAC,SAAS,mCAAI,iBAAiB;YAC3D,kBAAkB,EAAG,OAAO,CAAC,kBAAkB;YAC/C,gBAAgB,EAAK,OAAO,CAAC,gBAAgB;YAC7C,WAAW,EAAU,OAAO,CAAC,WAAW;SACzC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;QAC5F,CAAC;QAED,MAAM,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;QAErE,2CAA2C;QAC3C,IAAI,QAAQ,CAAC;QACb,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACzC,gBAAgB,EAAE;oBAChB,WAAW,EAAG,mBAAmB;oBACjC,QAAQ,EAAM;wBACZ,YAAY;wBACZ,IAAI,EAAK,SAAS;wBAClB,GAAG,EAAM,mBAAmB,CAAC,GAAG;wBAChC,MAAM,EAAG,SAAS,CAAC,QAAQ,CAAC,GAAG;qBAChC;iBACF;aACF,CAAC,CAAC;YAEH,uDAAuD;YACvD,MAAM,kBAAkB,GAAG,MAAM,sBAAsB,CAAC;gBACtD,KAAK,EAAS,SAAS;gBACvB,WAAW,EAAG,mBAAmB,CAAC,GAAG;gBACrC,MAAM,EAAQ,cAAc;aAC7B,CAAC,CAAC;YAEH,sEAAsE;YACtE,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;gBACrB,MAAM,YAAY,GAAG,MAAA,GAAG,CAAC,mBAAmB,mCAAI,CAAC,2BAA2B,CAAC,CAAC;gBAC9E,MAAM,wBAAwB,CAC5B;oBACE,SAAS,EAAG,SAAS;oBACrB,YAAY;oBACZ,QAAQ,EAAI,SAAS,CAAC,QAAQ,CAAC,GAAG;oBAClC,YAAY;oBACZ,OAAO,EAAK,OAAO;iBACpB,EACD,GAAG,CAAC,YAAY,CACjB,CAAC;YACJ,CAAC;YAED,4CAA4C;YAC5C,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC;gBACpC,GAAG,EAAO,YAAY;gBACtB,OAAO,EAAG;oBACR,WAAW,EAAG,mBAAmB,CAAC,GAAG;oBACrC,SAAS,EAAK,kBAAkB;iBACjC;aACF,CAAC,CAAC;YAEH,4DAA4D;YAC5D,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,uBAAuB;YACvB,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC;wBACzB,MAAM,EAAM,QAAQ,CAAC,GAAG,CAAC,GAAG;wBAC5B,MAAM,EAAM,QAAQ,CAAC,QAAQ,CAAC,MAAM;wBACpC,SAAS,EAAG,IAAI;qBACjB,CAAC,CAAC;gBACL,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;gBAE7B,IAAI,CAAC;oBACH,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBAChE,CAAC;gBAAC,QAAQ,iBAAiB,IAAnB,CAAC,CAAC,iBAAiB,CAAC,CAAC;YAC/B,CAAC;YAED,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,KAAK,CAAC,wCAAwC,OAAO,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,cAAc;QACd,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACtD,MAAM,YAAY,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;aACjE,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;YACtB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,GAAG,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEL,MAAM,WAAW,GAAG,mBAAmB,CAAC,GAAG,CAAC;QAE5C,wBAAwB;QACxB,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAC9D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;QAC1D,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QAE5D,MAAM,YAAY,GAAG;YACnB,MAAM,EAAS,YAAY;YAC3B,IAAI,EAAW,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,YAAY,EAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY;SAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC;YAC9B,KAAK,EAAM,SAAS;YACpB,GAAG,EAAQ,YAAY;YACvB,WAAW;YACX,QAAQ,EAAG,YAAY;SACxB,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,OAAO,EAAE;gBACP,GAAG,EAAQ,OAAO,CAAC,GAAG;gBACtB,WAAW;gBACX,QAAQ,EAAG,YAAY;aACxB;SACF,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;CAAA"}
|
|
@@ -1,95 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* VaultManager wraps {@link HdIdentityVault} with a high-level API
|
|
3
|
-
* and emits events on lock/unlock.
|
|
4
|
-
* @module
|
|
5
|
-
*/
|
|
6
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
7
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
8
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
9
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
10
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
11
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
12
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
13
|
-
});
|
|
14
|
-
};
|
|
15
|
-
/**
|
|
16
|
-
* Manages the encrypted identity vault lifecycle.
|
|
17
|
-
*
|
|
18
|
-
* The vault stores the agent's DID and content encryption key (CEK),
|
|
19
|
-
* protected by a user password using PBES2-HS512+A256KW with a 210K
|
|
20
|
-
* iteration work factor. The vault supports HD key derivation from
|
|
21
|
-
* a BIP-39 mnemonic for recovery.
|
|
22
|
-
*/
|
|
23
|
-
export class VaultManager {
|
|
24
|
-
constructor(vault, emitter) {
|
|
25
|
-
this._vault = vault;
|
|
26
|
-
this._emitter = emitter;
|
|
27
|
-
}
|
|
28
|
-
/** The underlying vault instance (for advanced usage). */
|
|
29
|
-
get raw() {
|
|
30
|
-
return this._vault;
|
|
31
|
-
}
|
|
32
|
-
/** Whether the vault has been initialized (has encrypted data). */
|
|
33
|
-
isInitialized() {
|
|
34
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
35
|
-
return this._vault.isInitialized();
|
|
36
|
-
});
|
|
37
|
-
}
|
|
38
|
-
/** Whether the vault is currently locked (synchronous check). */
|
|
39
|
-
get isLocked() {
|
|
40
|
-
return this._vault.isLocked();
|
|
41
|
-
}
|
|
42
|
-
/**
|
|
43
|
-
* Unlock the vault with the given password.
|
|
44
|
-
* Decrypts the CEK into memory so the agent DID can be retrieved.
|
|
45
|
-
*
|
|
46
|
-
* @throws If the password is incorrect or vault is not initialized.
|
|
47
|
-
*/
|
|
48
|
-
unlock(password) {
|
|
49
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
50
|
-
yield this._vault.unlock({ password });
|
|
51
|
-
this._emitter.emit('vault-unlocked', {});
|
|
52
|
-
});
|
|
53
|
-
}
|
|
54
|
-
/**
|
|
55
|
-
* Lock the vault, clearing the CEK from memory.
|
|
56
|
-
* After locking, the password must be provided again to unlock.
|
|
57
|
-
*/
|
|
58
|
-
lock() {
|
|
59
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
60
|
-
yield this._vault.lock();
|
|
61
|
-
this._emitter.emit('vault-locked', {});
|
|
62
|
-
});
|
|
63
|
-
}
|
|
64
|
-
/**
|
|
65
|
-
* Change the vault password. Re-encrypts the CEK with the new password.
|
|
66
|
-
*
|
|
67
|
-
* @throws If the old password is incorrect or vault is locked.
|
|
68
|
-
*/
|
|
69
|
-
changePassword(oldPassword, newPassword) {
|
|
70
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
71
|
-
yield this._vault.changePassword({ oldPassword, newPassword });
|
|
72
|
-
});
|
|
73
|
-
}
|
|
74
|
-
/**
|
|
75
|
-
* Create a backup of the vault.
|
|
76
|
-
*
|
|
77
|
-
* @throws If the vault is not initialized or is locked.
|
|
78
|
-
*/
|
|
79
|
-
backup() {
|
|
80
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
81
|
-
return this._vault.backup();
|
|
82
|
-
});
|
|
83
|
-
}
|
|
84
|
-
/**
|
|
85
|
-
* Restore the vault from a backup.
|
|
86
|
-
*
|
|
87
|
-
* @throws If the password doesn't match the backup's encryption.
|
|
88
|
-
*/
|
|
89
|
-
restore(backup, password) {
|
|
90
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
91
|
-
yield this._vault.restore({ backup, password });
|
|
92
|
-
});
|
|
93
|
-
}
|
|
94
|
-
}
|
|
95
|
-
//# sourceMappingURL=vault-manager.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"vault-manager.js","sourceRoot":"","sources":["../../../src/vault/vault-manager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;;;;;;;;;;AAMH;;;;;;;GAOG;AACH,MAAM,OAAO,YAAY;IAIvB,YAAY,KAAsB,EAAE,OAAyB;QAC3D,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QACpB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;IAC1B,CAAC;IAED,0DAA0D;IAC1D,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,mEAAmE;IAC7D,aAAa;;YACjB,OAAO,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QACrC,CAAC;KAAA;IAED,iEAAiE;IACjE,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;IAChC,CAAC;IAED;;;;;OAKG;IACG,MAAM,CAAC,QAAgB;;YAC3B,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;YACvC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;QAC3C,CAAC;KAAA;IAED;;;OAGG;IACG,IAAI;;YACR,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QACzC,CAAC;KAAA;IAED;;;;OAIG;IACG,cAAc,CAAC,WAAmB,EAAE,WAAmB;;YAC3D,MAAM,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC,CAAC;QACjE,CAAC;KAAA;IAED;;;;OAIG;IACG,MAAM;;YACV,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAC9B,CAAC;KAAA;IAED;;;;OAIG;IACG,OAAO,CAAC,MAA2B,EAAE,QAAgB;;YACzD,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;QAClD,CAAC;KAAA;CACF"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"dwn-discovery.d.ts","sourceRoot":"","sources":["../../../src/flows/dwn-discovery.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAKnD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAErD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAElD;;;;;;;;;;GAUG;AACH,wBAAgB,8BAA8B,IAAI,MAAM,GAAG,SAAS,CAkBnE;AA4BD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAwB7B;AAID;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAC3C,OAAO,EAAE,cAAc,EACvB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,IAAI,CAAC,CAEf;AAED;;;;;;;GAOG;AACH,wBAAsB,qBAAqB,CACzC,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,IAAI,CAAC,CAEf;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,cAAc,EACrB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,OAAO,CAAC,CAclB;AAED;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,wBAAsB,sBAAsB,CAC1C,KAAK,EAAE,cAAc,EACrB,OAAO,EAAE,cAAc,EACvB,OAAO,CAAC,EAAE,gBAAgB,GACzB,OAAO,CAAC,OAAO,CAAC,CA2BlB;AAID;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,wBAAgB,wBAAwB,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAuBtE"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"dwn-registration.d.ts","sourceRoot":"","sources":["../../../src/flows/dwn-registration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAMnD,OAAO,KAAK,EACV,mBAAmB,EACnB,qBAAqB,EACrB,cAAc,EACf,MAAM,aAAa,CAAC;AAErB,gBAAgB;AAChB,MAAM,WAAW,mBAAmB;IAClC,0DAA0D;IAC1D,SAAS,EAAE,cAAc,CAAC;IAE1B,sCAAsC;IACtC,YAAY,EAAE,MAAM,EAAE,CAAC;IAEvB,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IAEjB,kDAAkD;IAClD,YAAY,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,OAAO,CAAC,EAAE,cAAc,CAAC;CAC1B;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,mBAAmB,EACxB,YAAY,EAAE,mBAAmB,GAChC,OAAO,CAAC,IAAI,CAAC,CAqHf;AAID;;;;;;;GAOG;AACH,wBAAsB,qBAAqB,CACzC,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC,CAQhD;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,cAAc,EACvB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,qBAAqB,CAAC,GAC5C,OAAO,CAAC,IAAI,CAAC,CAEf"}
|