@explorins/pers-sdk 2.1.24 → 2.1.27

package/dist/chunks/environment-C_hPDl8L.cjs

@@ -0,0 +1,46 @@
+'use strict';
+
+/**
+ * Environment Detection Utility
+ * Detects runtime environment for platform-specific behaviors
+ */
+/**
+ * Detects the current runtime environment
+ */
+function detectEnvironment() {
+    const global = globalThis;
+    const isNode = typeof process !== 'undefined' &&
+        process.versions?.node != null &&
+        typeof global.window === 'undefined';
+    const isBrowser = typeof global.window !== 'undefined' &&
+        typeof global.document !== 'undefined';
+    const isReactNative = typeof global.navigator?.product === 'string' &&
+        global.navigator.product.toLowerCase() === 'reactnative';
+    const isWeb = isBrowser || isReactNative;
+    const needsNodeStreamPolyfills = isWeb;
+    return {
+        isNode,
+        isBrowser,
+        isReactNative,
+        isWeb,
+        needsNodeStreamPolyfills
+    };
+}
+/**
+ * Global environment info (cached)
+ */
+const environment = detectEnvironment();
+/**
+ * Warns if environment might have bundling issues
+ */
+function warnIfProblematicEnvironment(feature) {
+    if (environment.needsNodeStreamPolyfills) {
+        console.warn(`[PERS SDK] ${feature} may require additional polyfills in web environments. ` +
+            `If you encounter 'readable-stream' errors, ensure proper polyfills are configured.`);
+    }
+}
+
+exports.detectEnvironment = detectEnvironment;
+exports.environment = environment;
+exports.warnIfProblematicEnvironment = warnIfProblematicEnvironment;
+//# sourceMappingURL=environment-C_hPDl8L.cjs.map

package/dist/chunks/environment-C_hPDl8L.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"environment-C_hPDl8L.cjs","sources":["../../src/core/environment.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAUH;;AAEG;SACa,iBAAiB,GAAA;IAC/B,MAAM,MAAM,GAAG,UAAiB;AAEhC,IAAA,MAAM,MAAM,GAAG,OAAO,OAAO,KAAK,WAAW;AAC9B,QAAA,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,IAAI;AAC9B,QAAA,OAAO,MAAM,CAAC,MAAM,KAAK,WAAW;AAEnD,IAAA,MAAM,SAAS,GAAG,OAAO,MAAM,CAAC,MAAM,KAAK,WAAW;AACpC,QAAA,OAAO,MAAM,CAAC,QAAQ,KAAK,WAAW;IAExD,MAAM,aAAa,GAAG,OAAO,MAAM,CAAC,SAAS,EAAE,OAAO,KAAK,QAAQ;QAC7C,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,aAAa;AAE9E,IAAA,MAAM,KAAK,GAAG,SAAS,IAAI,aAAa;IACxC,MAAM,wBAAwB,GAAG,KAAK;IAEtC,OAAO;QACL,MAAM;QACN,SAAS;QACT,aAAa;QACb,KAAK;QACL;KACD;AACH;AAEA;;AAEG;AACI,MAAM,WAAW,GAAG,iBAAiB;AAE5C;;AAEG;AACG,SAAU,4BAA4B,CAAC,OAAe,EAAA;AAC1D,IAAA,IAAI,WAAW,CAAC,wBAAwB,EAAE;AACxC,QAAA,OAAO,CAAC,IAAI,CACV,CAAA,WAAA,EAAc,OAAO,CAAA,uDAAA,CAAyD;AAC9E,YAAA,CAAA,kFAAA,CAAoF,CACrF;IACH;AACF;;;;;;"}

package/dist/chunks/environment-DEI_L882.js

@@ -0,0 +1,42 @@
+/**
+ * Environment Detection Utility
+ * Detects runtime environment for platform-specific behaviors
+ */
+/**
+ * Detects the current runtime environment
+ */
+function detectEnvironment() {
+    const global = globalThis;
+    const isNode = typeof process !== 'undefined' &&
+        process.versions?.node != null &&
+        typeof global.window === 'undefined';
+    const isBrowser = typeof global.window !== 'undefined' &&
+        typeof global.document !== 'undefined';
+    const isReactNative = typeof global.navigator?.product === 'string' &&
+        global.navigator.product.toLowerCase() === 'reactnative';
+    const isWeb = isBrowser || isReactNative;
+    const needsNodeStreamPolyfills = isWeb;
+    return {
+        isNode,
+        isBrowser,
+        isReactNative,
+        isWeb,
+        needsNodeStreamPolyfills
+    };
+}
+/**
+ * Global environment info (cached)
+ */
+const environment = detectEnvironment();
+/**
+ * Warns if environment might have bundling issues
+ */
+function warnIfProblematicEnvironment(feature) {
+    if (environment.needsNodeStreamPolyfills) {
+        console.warn(`[PERS SDK] ${feature} may require additional polyfills in web environments. ` +
+            `If you encounter 'readable-stream' errors, ensure proper polyfills are configured.`);
+    }
+}
+
+export { detectEnvironment as d, environment as e, warnIfProblematicEnvironment as w };
+//# sourceMappingURL=environment-DEI_L882.js.map

package/dist/chunks/environment-DEI_L882.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"environment-DEI_L882.js","sources":["../../src/core/environment.ts"],"sourcesContent":[null],"names":[],"mappings":"AAAA;;;AAGG;AAUH;;AAEG;SACa,iBAAiB,GAAA;IAC/B,MAAM,MAAM,GAAG,UAAiB;AAEhC,IAAA,MAAM,MAAM,GAAG,OAAO,OAAO,KAAK,WAAW;AAC9B,QAAA,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,IAAI;AAC9B,QAAA,OAAO,MAAM,CAAC,MAAM,KAAK,WAAW;AAEnD,IAAA,MAAM,SAAS,GAAG,OAAO,MAAM,CAAC,MAAM,KAAK,WAAW;AACpC,QAAA,OAAO,MAAM,CAAC,QAAQ,KAAK,WAAW;IAExD,MAAM,aAAa,GAAG,OAAO,MAAM,CAAC,SAAS,EAAE,OAAO,KAAK,QAAQ;QAC7C,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,aAAa;AAE9E,IAAA,MAAM,KAAK,GAAG,SAAS,IAAI,aAAa;IACxC,MAAM,wBAAwB,GAAG,KAAK;IAEtC,OAAO;QACL,MAAM;QACN,SAAS;QACT,aAAa;QACb,KAAK;QACL;KACD;AACH;AAEA;;AAEG;AACI,MAAM,WAAW,GAAG,iBAAiB;AAE5C;;AAEG;AACG,SAAU,4BAA4B,CAAC,OAAe,EAAA;AAC1D,IAAA,IAAI,WAAW,CAAC,wBAAwB,EAAE;AACxC,QAAA,OAAO,CAAC,IAAI,CACV,CAAA,WAAA,EAAc,OAAO,CAAA,uDAAA,CAAyD;AAC9E,YAAA,CAAA,kFAAA,CAAoF,CACrF;IACH;AACF;;;;"}

package/dist/chunks/{pers-sdk-DkCRHY5i.js → pers-sdk-C-3E3svL.js}

@@ -675,8 +675,114 @@ class AuthTokenManager {
         const token = await this.getRefreshToken();
         return !!token;
     }
+    /**
+     * Clears only the refresh token.
+     * Used when DPoP keys are regenerated, invalidating the token binding.
+     */
+    async clearRefreshToken() {
+        this.cache.refreshToken = null;
+        await this.storage.remove(AUTH_STORAGE_KEYS.REFRESH_TOKEN);
+    }
 }
 
+class IndexedDBTokenStorage {
+    constructor() {
+        this.supportsObjects = true;
+        this.dbPromise = null;
+        if (typeof indexedDB === 'undefined') {
+            console.warn('IndexedDB is not available in this environment');
+        }
+    }
+    getDB() {
+        if (this.dbPromise)
+            return this.dbPromise;
+        this.dbPromise = new Promise((resolve, reject) => {
+            if (typeof indexedDB === 'undefined') {
+                return reject(new Error('IndexedDB not supported'));
+            }
+            const request = indexedDB.open(IndexedDBTokenStorage.DB_NAME, IndexedDBTokenStorage.DB_VERSION);
+            request.onupgradeneeded = (event) => {
+                const db = event.target.result;
+                if (!db.objectStoreNames.contains(IndexedDBTokenStorage.STORE_NAME)) {
+                    db.createObjectStore(IndexedDBTokenStorage.STORE_NAME);
+                }
+            };
+            request.onsuccess = (event) => {
+                resolve(event.target.result);
+            };
+            request.onerror = (event) => {
+                reject(event.target.error);
+            };
+        });
+        return this.dbPromise;
+    }
+    async get(key) {
+        try {
+            const db = await this.getDB();
+            return new Promise((resolve, reject) => {
+                const transaction = db.transaction(IndexedDBTokenStorage.STORE_NAME, 'readonly');
+                const store = transaction.objectStore(IndexedDBTokenStorage.STORE_NAME);
+                const request = store.get(key);
+                request.onsuccess = () => resolve(request.result || null);
+                request.onerror = () => reject(request.error);
+            });
+        }
+        catch (e) {
+            console.warn('[IndexedDBTokenStorage] Failed to get key', key, e);
+            return null;
+        }
+    }
+    async set(key, value) {
+        try {
+            const db = await this.getDB();
+            return new Promise((resolve, reject) => {
+                const transaction = db.transaction(IndexedDBTokenStorage.STORE_NAME, 'readwrite');
+                const store = transaction.objectStore(IndexedDBTokenStorage.STORE_NAME);
+                const request = store.put(value, key);
+                request.onsuccess = () => resolve();
+                request.onerror = () => reject(request.error);
+            });
+        }
+        catch (e) {
+            console.error('[IndexedDBTokenStorage] Failed to set key', key, e);
+            throw e;
+        }
+    }
+    async remove(key) {
+        try {
+            const db = await this.getDB();
+            return new Promise((resolve, reject) => {
+                const transaction = db.transaction(IndexedDBTokenStorage.STORE_NAME, 'readwrite');
+                const store = transaction.objectStore(IndexedDBTokenStorage.STORE_NAME);
+                const request = store.delete(key);
+                request.onsuccess = () => resolve();
+                request.onerror = () => reject(request.error);
+            });
+        }
+        catch (e) {
+            console.warn('[IndexedDBTokenStorage] Failed to remove key', key, e);
+        }
+    }
+    async clear() {
+        try {
+            const db = await this.getDB();
+            return new Promise((resolve, reject) => {
+                const transaction = db.transaction(IndexedDBTokenStorage.STORE_NAME, 'readwrite');
+                const store = transaction.objectStore(IndexedDBTokenStorage.STORE_NAME);
+                const request = store.clear();
+                request.onsuccess = () => resolve();
+                request.onerror = () => reject(request.error);
+            });
+        }
+        catch (e) {
+            console.warn('[IndexedDBTokenStorage] Failed to clear storage', e);
+        }
+    }
+}
+IndexedDBTokenStorage.DB_NAME = 'pers-sdk-storage';
+IndexedDBTokenStorage.STORE_NAME = 'auth-tokens';
+IndexedDBTokenStorage.DB_VERSION = 1;
+
 class WebDPoPCryptoProvider {
     get crypto() {
         // Basic environment check
@@ -811,13 +917,30 @@ const DPOP_STORAGE_KEYS = {
     PRIVATE: 'pers_dpop_private_key'
 };
 class DPoPManager {
-    constructor(storage, cryptoProvider) {
+    constructor(storage, cryptoProvider, callbacks) {
         this.storage = storage;
         this.memoryKeyPair = null;
         this.cryptoProvider = cryptoProvider || new WebDPoPCryptoProvider();
+        this.callbacks = callbacks || {};
+    }
+    /**
+     * Checks if DPoP keys exist in storage without generating new ones.
+     * Useful for detecting if a key regeneration would be needed.
+     */
+    async hasStoredKeys() {
+        if (this.memoryKeyPair)
+            return true;
+        const storedPublic = await this.storage.get(DPOP_STORAGE_KEYS.PUBLIC);
+        const storedPrivate = await this.storage.get(DPOP_STORAGE_KEYS.PRIVATE);
+        return !!(storedPublic && storedPrivate);
     }
     /**
      * Ensures a DPoP key pair exists, loading from storage or generating new one.
+     *
+     * IMPORTANT: If keys are regenerated (not loaded from storage), this will
+     * invalidate any refresh tokens bound to the old keys. The onKeysRegenerated
+     * callback should clear the refresh token to prevent "DPoP proof does not
+     * match refresh token binding" errors.
      */
     async ensureKeyPair() {
         if (this.memoryKeyPair)
@@ -833,10 +956,12 @@ class DPoPManager {
                 return this.memoryKeyPair;
             }
             catch (e) {
-                console.warn('Corrupted DPoP keys in storage, regenerating.');
+                console.warn('[DPoPManager] Corrupted DPoP keys in storage, regenerating.');
             }
         }
         // Generate new key pair
+        // IMPORTANT: This invalidates any existing refresh tokens bound to the old keys
+        console.info('[DPoPManager] Generating new DPoP key pair');
         // Adaptation: If storage supports raw objects (like IndexedDB or Native Keychain),
         // we can generate Non-Extractable keys for maximum security.
         // If storage is text-only (LocalStorage), we must use Extractable keys to serialize them.
@@ -848,6 +973,15 @@ class DPoPManager {
         await this.storage.set(DPOP_STORAGE_KEYS.PUBLIC, keyPair.publicKey);
         await this.storage.set(DPOP_STORAGE_KEYS.PRIVATE, keyPair.privateKey);
         this.memoryKeyPair = keyPair;
+        // Notify that keys were regenerated - refresh tokens bound to old keys are now invalid
+        if (this.callbacks.onKeysRegenerated) {
+            try {
+                this.callbacks.onKeysRegenerated();
+            }
+            catch (e) {
+                console.warn('[DPoPManager] onKeysRegenerated callback failed:', e);
+            }
+        }
         return keyPair;
     }
     /**
@@ -901,16 +1035,48 @@ class DefaultAuthProvider {
         this.config = config;
         this.authTypeCache = null;
         this.authType = config.authType || AccountOwnerType.USER;
+        // Determine if DPoP can be enabled (requires IndexedDB for key persistence)
+        const canUseDPoP = this.canEnableDPoP();
+        this.dpopEnabled = !!(config.dpop?.enabled && canUseDPoP);
+        if (config.dpop?.enabled && !canUseDPoP) {
+            console.warn('[DefaultAuthProvider] DPoP disabled: IndexedDB not available. CryptoKey persistence requires IndexedDB.');
+        }
         const storage = config.storage || this.createStorage();
         this.tokenManager = new AuthTokenManager(storage);
-        if (config.dpop?.enabled) {
-            this.dpopManager = new DPoPManager(storage, config.dpop.cryptoProvider);
+        if (this.dpopEnabled) {
+            this.dpopManager = new DPoPManager(storage, config.dpop?.cryptoProvider, {
+                // When DPoP keys are regenerated (corrupted/missing), the refresh token
+                // bound to the old keys becomes invalid. Clear it to prevent
+                // "DPoP proof does not match refresh token binding" errors.
+                onKeysRegenerated: () => {
+                    console.info('[DefaultAuthProvider] DPoP keys regenerated, clearing invalid refresh token');
+                    this.tokenManager.clearRefreshToken().catch(err => {
+                        console.warn('[DefaultAuthProvider] Failed to clear refresh token:', err);
+                    });
+                }
+            });
         }
     }
+    canEnableDPoP() {
+        // DPoP requires IndexedDB for proper CryptoKey persistence
+        // LocalStorage cannot serialize CryptoKey objects correctly
+        return typeof window !== 'undefined' && typeof indexedDB !== 'undefined';
+    }
     createStorage() {
-        return typeof window === 'undefined' || typeof localStorage === 'undefined'
-            ? new MemoryTokenStorage()
-            : new LocalStorageTokenStorage();
+        // Server-side: use memory storage
+        if (typeof window === 'undefined') {
+            return new MemoryTokenStorage();
+        }
+        // Browser with DPoP enabled: use IndexedDB for CryptoKey persistence
+        if (this.dpopEnabled) {
+            return new IndexedDBTokenStorage();
+        }
+        // Browser without DPoP: use LocalStorage
+        if (typeof localStorage !== 'undefined') {
+            return new LocalStorageTokenStorage();
+        }
+        // Fallback
+        return new MemoryTokenStorage();
     }
     getToken() {
         return this.tokenManager.getAccessToken();
@@ -992,6 +1158,10 @@ class DefaultAuthProvider {
     async hasValidToken() {
         return this.tokenManager.hasAccessToken();
     }
+    async setAuthType(_authType) {
+        // No-op: authType is derived from JWT payload via getAuthType()
+        // @see getAuthType() - reads accountType directly from JWT
+    }
     async getAuthType() {
         // Read from JWT instead of separate storage for single source of truth
         const token = await this.tokenManager.getAccessToken();
@@ -1031,12 +1201,14 @@ class DefaultAuthProvider {
  * Exported for consumers who need version info.
  * Used internally for X-SDK-Version header.
  *
+ * Version is injected at build time via @rollup/plugin-replace
+ *
  * @module @explorins/pers-sdk/core
  */
 /** SDK package name */
-const SDK_NAME = '@explorins/pers-sdk';
-/** SDK version - TODO: Load dynamically from package.json */
-const SDK_VERSION = '2.1.1';
+const SDK_NAME = "@explorins/pers-sdk";
+/** SDK version - injected from package.json at build time */
+const SDK_VERSION = "2.1.27";
 /** Full SDK identifier for headers */
 const SDK_USER_AGENT = `${SDK_NAME}/${SDK_VERSION}`;
 
@@ -1966,7 +2138,14 @@ class AuthManager {
      */
     async loginWithRawData(rawUserData) {
         const authService = this.apiClient.getAuthService();
-        return authService.loginUserWithRawData(rawUserData);
+        const result = await authService.loginUserWithRawData(rawUserData);
+        this.events?.emitSuccess({
+            domain: 'authentication',
+            type: 'login_success',
+            userMessage: 'Successfully logged in',
+            details: { user: result.user }
+        });
+        return result;
     }
     /**
      * Get current authenticated user
@@ -2067,6 +2246,11 @@ class AuthManager {
     async clearAuth() {
         const authService = this.apiClient.getAuthService();
         await authService.clearTokens();
+        this.events?.emitSuccess({
+            domain: 'authentication',
+            type: 'logout_success',
+            userMessage: 'Successfully logged out'
+        });
     }
     /**
      * Ensure authentication token is valid
@@ -9936,5 +10120,5 @@ function createPersSDK(httpClient, config) {
     return new PersSDK(httpClient, config);
 }
 
-export { AuthStatus as A, BusinessManager as B, CampaignManager as C, DefaultAuthProvider as D, FileApi as E, FileManager as F, FileService as G, ApiKeyApi as H, WebhookApi as I, WebhookService as J, PersEventsClient as K, LocalStorageTokenStorage as L, MemoryTokenStorage as M, createPersEventsClient as N, PersSDK as P, RedemptionManager as R, SDK_NAME as S, TokenManager as T, UserManager as U, WebDPoPCryptoProvider as W, AuthTokenManager as a, AUTH_STORAGE_KEYS as b, createPersSDK as c, DPOP_STORAGE_KEYS as d, SDK_VERSION as e, SDK_USER_AGENT as f, PersApiClient as g, DEFAULT_PERS_CONFIG as h, buildApiRoot as i, buildWalletEventsWsUrl as j, StaticJwtAuthProvider as k, AuthApi as l, mergeWithDefaults as m, AuthService as n, DPoPManager as o, PersEventEmitter as p, AuthManager as q, UserStatusManager as r, TransactionManager as s, PurchaseManager as t, ApiKeyManager as u, AnalyticsManager as v, DonationManager as w, TriggerSourceManager as x, WebhookManager as y, WalletEventsManager as z };
-//# sourceMappingURL=pers-sdk-DkCRHY5i.js.map
+export { AuthStatus as A, BusinessManager as B, CampaignManager as C, DefaultAuthProvider as D, FileApi as E, FileManager as F, FileService as G, ApiKeyApi as H, IndexedDBTokenStorage as I, WebhookApi as J, WebhookService as K, LocalStorageTokenStorage as L, MemoryTokenStorage as M, PersEventsClient as N, createPersEventsClient as O, PersSDK as P, RedemptionManager as R, SDK_NAME as S, TokenManager as T, UserManager as U, WebDPoPCryptoProvider as W, AuthTokenManager as a, AUTH_STORAGE_KEYS as b, createPersSDK as c, DPOP_STORAGE_KEYS as d, SDK_VERSION as e, SDK_USER_AGENT as f, PersApiClient as g, DEFAULT_PERS_CONFIG as h, buildApiRoot as i, buildWalletEventsWsUrl as j, StaticJwtAuthProvider as k, AuthApi as l, mergeWithDefaults as m, AuthService as n, DPoPManager as o, PersEventEmitter as p, AuthManager as q, UserStatusManager as r, TransactionManager as s, PurchaseManager as t, ApiKeyManager as u, AnalyticsManager as v, DonationManager as w, TriggerSourceManager as x, WebhookManager as y, WalletEventsManager as z };
+//# sourceMappingURL=pers-sdk-C-3E3svL.js.map