@explorins/pers-signer 1.0.27 → 1.0.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/browser.cjs.js +64 -38
  2. package/dist/browser.cjs.js.map +1 -1
  3. package/dist/browser.esm.js +64 -38
  4. package/dist/browser.esm.js.map +1 -1
  5. package/dist/index.cjs.js +75 -54
  6. package/dist/index.cjs.js.map +1 -1
  7. package/dist/index.esm.js +75 -54
  8. package/dist/index.esm.js.map +1 -1
  9. package/dist/react-native.cjs.js +75 -54
  10. package/dist/react-native.cjs.js.map +1 -1
  11. package/dist/react-native.esm.js +75 -54
  12. package/dist/react-native.esm.js.map +1 -1
  13. package/package.json +1 -1
package/dist/browser.esm.js CHANGED
@@ -135,13 +135,11 @@ const SIGNER_CONFIG = {
135
135
  * Used as fallback when production signer API is unavailable
136
136
  */
137
137
  STAGING_SIGNER_API_URL: 'https://signer-api-staging.pers.ninja/v1',
138
- // STAGING_SIGNER_API_URL: 'http://localhost:8080/v1',
139
138
  /**
140
139
  * PERS Platform API URLs
141
140
  */
142
141
  DEFAULT_PERS_API_URL: 'https://api.pers.ninja/v2',
143
142
  STAGING_PERS_API_URL: 'https://dev.api.pers.ninja/v2',
144
- // STAGING_PERS_API_URL: 'https://explorins-loyalty.ngrok.io',
145
143
  /**
146
144
  * Default relying party name for WebAuthn operations
147
145
  * This appears in the browser's authentication prompts
@@ -153,8 +151,31 @@ const SIGNER_CONFIG = {
153
151
  */
154
152
  // Default fallback provider for Sepolia testnet (no API key required)
155
153
  const DEFAULT_FALLBACK_PROVIDER = 'https://ethereum-sepolia.publicnode.com';
154
+ /**
155
+ * WebAuthn configuration constants
156
+ */
157
+ const WEBAUTHN_CONFIG = {
158
+ /**
159
+ * Timeout for WebAuthn operations (in milliseconds)
160
+ */
161
+ TIMEOUT: 60000,
162
+ /**
163
+ * User verification requirement
164
+ * 'preferred' - ask for verification if available
165
+ * 'required' - require verification
166
+ * 'discouraged' - don't ask for verification
167
+ */
168
+ USER_VERIFICATION: 'preferred',
169
+ /**
170
+ * Resident key requirement (Passkeys)
171
+ */
172
+ RESIDENT_KEY: 'required',
173
+ /**
174
+ * Authenticator attachment preference
175
+ */
176
+ AUTHENTICATOR_ATTACHMENT: 'platform',
177
+ };
156
178
 
157
- // import serviceState from '../core/ServiceState';
158
179
  /**
159
180
  * Detects the environment (Staging vs Production) based on the JWT token issuer.
160
181
  * Updates the global service state accordingly.
@@ -168,16 +189,8 @@ function detectStagingEnvironmentFromToken(token) {
168
189
  // Check if issuer matches staging URL
169
190
  if (payload.iss === SIGNER_CONFIG.STAGING_PERS_API_URL
170
191
  || SIGNER_CONFIG.STAGING_PERS_API_URL.includes(payload.iss)
171
- || SIGNER_CONFIG.STAGING_SIGNER_API_URL.includes(payload.iss)
172
- // Temporary additional checks for known staging issuers
173
- // || 'https://signer-api-staging.pers.ninja'.includes(payload.iss)
174
- // || 'https://dev.api.pers.ninja/v2'.includes(payload.iss)
175
- ) {
192
+ || SIGNER_CONFIG.STAGING_SIGNER_API_URL.includes(payload.iss)) {
176
193
  return true;
177
- /* } else if (payload.iss === SIGNER_CONFIG.DEFAULT_PERS_API_URL ||
178
- SIGNER_CONFIG.DEFAULT_PERS_API_URL.includes(payload.iss)) {
179
- // Explicitly production
180
- return false; */
181
194
  }
182
195
  }
183
196
  return false;
@@ -1204,11 +1217,11 @@ class TransactionSigningService {
1204
1217
  let provider;
1205
1218
  try {
1206
1219
  // Try primary provider first
1207
- console.info(`[TransactionSigningService] Attempting to connect to primary provider: ${ethersProviderUrl}`);
1220
+ //console.info(`[TransactionSigningService] Attempting to connect to primary provider: ${ethersProviderUrl}`);
1208
1221
  provider = new JsonRpcProvider(ethersProviderUrl);
1209
1222
  // Test the connection with a simple call
1210
1223
  await provider.getNetwork();
1211
- console.info(`[TransactionSigningService] Successfully connected to primary provider`);
1224
+ //console.info(`[TransactionSigningService] Successfully connected to primary provider`);
1212
1225
  }
1213
1226
  catch (primaryError) {
1214
1227
  console.warn(`[TransactionSigningService] Primary provider failed, falling back to: ${DEFAULT_FALLBACK_PROVIDER}`, primaryError);
@@ -1216,7 +1229,7 @@ class TransactionSigningService {
1216
1229
  provider = new JsonRpcProvider(DEFAULT_FALLBACK_PROVIDER);
1217
1230
  // Test the fallback connection
1218
1231
  await provider.getNetwork();
1219
- console.info(`[TransactionSigningService] Successfully connected to fallback provider`);
1232
+ //console.info(`[TransactionSigningService] Successfully connected to fallback provider`);
1220
1233
  }
1221
1234
  catch (fallbackError) {
1222
1235
  console.error(`[TransactionSigningService] Both primary and fallback providers failed`, { primaryError, fallbackError });
@@ -1280,13 +1293,13 @@ class TransactionSigningService {
1280
1293
  // Validate input parameters first using TransactionValidator
1281
1294
  TransactionValidator.validateSigningParams(params);
1282
1295
  const { transactionId, authTokens, ethersProviderUrl } = params;
1283
- console.info(`[TransactionSigningService] Starting signature process for ${transactionId}`);
1296
+ // console.info(`[TransactionSigningService] Starting signature process for ${transactionId}`);
1284
1297
  try {
1285
1298
  // Step 2: Prepare wallet for signing
1286
1299
  const wallet = await this.prepareWallet(authTokens, ethersProviderUrl);
1287
1300
  // Step 3: Execute transaction signing
1288
1301
  const signature = await this.executeTransactionSigning(wallet, signingData);
1289
- console.info(`[TransactionSigningService] Completed signing successfully: ${transactionId}`);
1302
+ // console.info(`[TransactionSigningService] Completed signing successfully: ${transactionId}`);
1290
1303
  return {
1291
1304
  success: true,
1292
1305
  transactionId,
@@ -1755,7 +1768,6 @@ class PersSignerSDK {
1755
1768
  * @throws {Error} If required configuration is missing
1756
1769
  */
1757
1770
  constructor(config) {
1758
- // console.log('DEBUG: v1.2.0')
1759
1771
  this.config = config;
1760
1772
  setConfigProvider(new WebConfigProvider({
1761
1773
  apiUrl: config.apiUrl || SIGNER_CONFIG.DEFAULT_SIGNER_API_URL,
@@ -1964,10 +1976,12 @@ class PersSignerSDK {
1964
1976
  authTokens,
1965
1977
  ethersProviderUrl: this.config.ethersProviderUrl ?? DEFAULT_FALLBACK_PROVIDER
1966
1978
  }, signingData);
1967
- this.triggerStatusUpdate(SigningStatus.COMPLETED, 'Transaction signed successfully', {
1968
- transactionId: payload.transactionId,
1969
- signature: result.signature
1970
- }, statusCallback);
1979
+ if (result.success) {
1980
+ this.triggerStatusUpdate(SigningStatus.COMPLETED, 'Transaction signed successfully', {
1981
+ transactionId: payload.transactionId,
1982
+ signature: result.signature
1983
+ }, statusCallback);
1984
+ }
1971
1985
  return result;
1972
1986
  }
1973
1987
  catch (error) {
@@ -2111,6 +2125,28 @@ class PersSignerSDK {
2111
2125
  }
2112
2126
  }
2113
2127
 
2128
+ /**
2129
+ * Get the WebAuthn configuration based on the current environment.
2130
+ * This logic is shared between browser and React Native implementations
2131
+ * to ensure consistent behavior while respecting platform differences.
2132
+ */
2133
+ function getWebAuthnConfig() {
2134
+ // Check if running in a browser environment with window.location available
2135
+ // We use a safe check that won't crash in React Native
2136
+ const isBrowser = typeof window !== 'undefined' && !!window.location && !!window.location.hostname;
2137
+ return {
2138
+ relyingParty: {
2139
+ // In browser, prefer the actual hostname to avoid RP ID mismatch errors
2140
+ // In React Native, use the configured default RP ID
2141
+ id: isBrowser ? window.location.hostname : SIGNER_CONFIG.DEFAULT_RELYING_PARTY_ID,
2142
+ name: SIGNER_CONFIG.DEFAULT_RELYING_PARTY_NAME,
2143
+ // In browser, use the actual origin
2144
+ // In React Native, fallback to the default RP ID (or a configured origin if added later)
2145
+ origin: isBrowser ? window.location.origin : SIGNER_CONFIG.DEFAULT_RELYING_PARTY_ID,
2146
+ }
2147
+ };
2148
+ }
2149
+
2114
2150
  /**
2115
2151
  * Base64URL encoding/decoding utilities
2116
2152
  * Used for WebAuthn credential ID and challenge handling
@@ -2174,9 +2210,8 @@ class BrowserWebAuthnProvider {
2174
2210
  // 1. Prepare options for navigator.credentials.create
2175
2211
  // We construct authenticatorSelection manually to ensure no conflicting legacy properties are present
2176
2212
  const authenticatorSelection = {
2177
- residentKey: 'required', // Force Passkey (discoverable credential)
2178
- // requireResidentKey: true, // REMOVED: Legacy property that can cause conflicts with 1Password
2179
- userVerification: challenge.authenticatorSelection?.userVerification || 'preferred',
2213
+ residentKey: WEBAUTHN_CONFIG.RESIDENT_KEY, // Force Passkey (discoverable credential)
2214
+ userVerification: challenge.authenticatorSelection?.userVerification || WEBAUTHN_CONFIG.USER_VERIFICATION,
2180
2215
  };
2181
2216
  const publicKey = {
2182
2217
  challenge: base64UrlToBuffer(challenge.challenge),
@@ -2192,16 +2227,13 @@ class BrowserWebAuthnProvider {
2192
2227
  pubKeyCredParams: challenge.pubKeyCredParams,
2193
2228
  authenticatorSelection,
2194
2229
  attestation: 'none',
2195
- timeout: challenge.timeout || 60000,
2230
+ timeout: challenge.timeout || WEBAUTHN_CONFIG.TIMEOUT,
2196
2231
  excludeCredentials: challenge.excludeCredentials?.map((cred) => ({
2197
2232
  id: base64UrlToBuffer(cred.id),
2198
2233
  type: 'public-key',
2199
2234
  transports: cred.transports,
2200
2235
  })),
2201
2236
  };
2202
- // console.log('WebAuthn create options:', publicKey);
2203
- // console.log('WebAuthn create challenge:', challenge);
2204
- // console.log('this.config', this.config)
2205
2237
  // 2. Call the browser's native WebAuthn API
2206
2238
  const credential = await navigator.credentials.create({ publicKey });
2207
2239
  if (!credential)
@@ -2225,8 +2257,8 @@ class BrowserWebAuthnProvider {
2225
2257
  const publicKey = {
2226
2258
  challenge: base64UrlToBuffer(challenge.challenge),
2227
2259
  rpId: challenge.rpId || this.config.relyingParty.id,
2228
- userVerification: challenge.userVerification || 'preferred',
2229
- timeout: 60000,
2260
+ userVerification: challenge.userVerification || WEBAUTHN_CONFIG.USER_VERIFICATION,
2261
+ timeout: WEBAUTHN_CONFIG.TIMEOUT,
2230
2262
  allowCredentials: challenge.allowCredentials?.webauthn?.map((cred) => ({
2231
2263
  id: base64UrlToBuffer(cred.id),
2232
2264
  type: 'public-key',
@@ -2265,13 +2297,7 @@ class BrowserWebAuthnProvider {
2265
2297
  * Get WebAuthn provider for browser environments
2266
2298
  */
2267
2299
  async function getBrowserWebAuthnProvider() {
2268
- const config = {
2269
- relyingParty: {
2270
- id: typeof window !== 'undefined' ? window.location.hostname : SIGNER_CONFIG.DEFAULT_RELYING_PARTY_ID,
2271
- name: SIGNER_CONFIG.DEFAULT_RELYING_PARTY_NAME,
2272
- origin: typeof window !== 'undefined' ? window.location.origin : SIGNER_CONFIG.DEFAULT_RELYING_PARTY_ID,
2273
- }
2274
- };
2300
+ const config = getWebAuthnConfig();
2275
2301
  return new BrowserWebAuthnProvider(config);
2276
2302
  }
2277
2303