@glideidentity/web-client-sdk 5.0.0 → 5.0.1

package/dist/core/phone-auth/strategies/link.js

@@ -1,9 +1,4 @@
 "use strict";
-/**
- * Link Strategy Handler
- * Handles authentication via app links (iOS and Android)
- * Opens authentication app while keeping user on current page
- */
 var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {
@@ -21,10 +16,6 @@ class LinkHandler {
         this.isCancelled = false;
         this.isPollingInProgress = false;
     }
-    /**
-     * Invoke link-based authentication
-     * Opens authentication app while keeping user on current page
-     */
     invoke(data, options) {
         return __awaiter(this, void 0, void 0, function* () {
             console.log('[Link Auth] 🔗 invoke() called with data:', JSON.stringify(data, null, 2));
@@ -33,7 +24,6 @@ class LinkHandler {
                 maxPollingAttempts: options.maxPollingAttempts,
                 pollingEndpoint: options.pollingEndpoint
             }) : 'none');
-            // Extract link data from prepare response
             const linkData = data.data;
             if (!linkData || !linkData.url) {
                 throw new Error('Invalid link data: missing URL');
@@ -41,36 +31,23 @@ class LinkHandler {
             const sessionKey = data.session.session_key;
             console.log('[Link Auth] Session key:', sessionKey);
             console.log('[Link Auth] Link URL:', linkData.url);
-            // Open authentication app without navigating away from current page
             this.openAuthenticationLink(linkData.url);
-            // Notify that link was opened
             if (options === null || options === void 0 ? void 0 : options.onLinkOpened) {
                 options.onLinkOpened();
             }
-            // Start polling for authentication status
-            // Use constant interval (no exponential backoff)
             return this.startPolling(sessionKey, linkData, options);
         });
     }
-    /**
-     * Open authentication link without navigating away
-     */
     openAuthenticationLink(url) {
-        // Always use window.open - Works best for App Clips and Android deep links
-        // Must be called in direct response to user action to avoid popup blocker
         const newWindow = window.open(url, '_blank');
         if (!newWindow || newWindow.closed || typeof newWindow.closed === 'undefined') {
-            // Popup was blocked - this can happen if not called from user gesture
             console.warn('[LinkHandler] Failed to open app link - popup may have been blocked');
         }
     }
-    /**
-     * Start polling for authentication status with constant interval
-     */
     startPolling(sessionKey, linkData, options) {
         return __awaiter(this, void 0, void 0, function* () {
-            const interval = (options === null || options === void 0 ? void 0 : options.pollingInterval) || 2000; // Fixed 2 second interval
-            const maxAttempts = (options === null || options === void 0 ? void 0 : options.maxPollingAttempts) || 30; // 1 minute with 2s interval
+            const interval = (options === null || options === void 0 ? void 0 : options.pollingInterval) || 2000;
+            const maxAttempts = (options === null || options === void 0 ? void 0 : options.maxPollingAttempts) || 30;
             let attempts = 0;
             console.log('[Link Auth] 🚀 Starting polling:', {
                 sessionKey,
@@ -80,25 +57,22 @@ class LinkHandler {
             });
             return new Promise((resolve, reject) => {
                 this.isPollingActive = true;
-                this.pollingReject = reject; // Store reject function for cancel()
+                this.pollingReject = reject;
                 const poll = () => __awaiter(this, void 0, void 0, function* () {
                     if (!this.isPollingActive) {
-                        return; // Polling was stopped
+                        return;
                     }
-                    // Skip if another poll is already in progress
                     if (this.isPollingInProgress) {
                         return;
                     }
-                    let statusUrl = ''; // Declare at function scope for catch block access
+                    let statusUrl = '';
                     try {
                         this.isPollingInProgress = true;
-                        // Check max attempts before making the request
                         if (attempts >= maxAttempts) {
                             this.stopPolling();
                             if (options === null || options === void 0 ? void 0 : options.onTimeout) {
                                 options.onTimeout();
                             }
-                            // Calculate actual timeout duration
                             const timeoutSeconds = Math.round((maxAttempts * interval) / 1000);
                             const timeoutMessage = timeoutSeconds >= 60
                                 ? `${Math.floor(timeoutSeconds / 60)} minute${Math.floor(timeoutSeconds / 60) > 1 ? 's' : ''}`
@@ -112,11 +86,6 @@ class LinkHandler {
                             reject(new Error(`Authentication timeout after ${timeoutMessage}`));
                             return;
                         }
-                        // Build public status endpoint URL
-                        // Use the same priority logic as Desktop strategy:
-                        // 1. options?.pollingEndpoint (already contains invoke options OR client config from client.ts)
-                        // 2. Backend-provided status_url from linkData
-                        // 3. Hardcoded fallback to API server
                         let endpoint = options === null || options === void 0 ? void 0 : options.pollingEndpoint;
                         let endpointSource = 'options';
                         if (!endpoint && linkData.status_url) {
@@ -127,14 +96,11 @@ class LinkHandler {
                         console.log('  - options?.pollingEndpoint:', options === null || options === void 0 ? void 0 : options.pollingEndpoint);
                         console.log('  - linkData.status_url:', linkData.status_url);
                         console.log('  - selected endpoint:', endpoint, 'from source:', endpointSource);
-                        // Build the status URL based on endpoint format (same as Desktop)
                         if (endpoint && (endpoint.startsWith('http://') || endpoint.startsWith('https://'))) {
-                            // Full URL provided
                             if (endpoint.includes('{{session_id}}')) {
                                 statusUrl = endpoint.replace('{{session_id}}', sessionKey);
                             }
                             else if (!endpoint.includes(sessionKey)) {
-                                // If it doesn't already contain the session ID, check if it's a base URL
                                 const url = new URL(endpoint);
                                 statusUrl = `${url.protocol}//${url.host}/public/public/status/${sessionKey}`;
                             }
@@ -143,43 +109,34 @@ class LinkHandler {
                             }
                         }
                         else if (endpoint && endpoint !== '') {
-                            // Relative path provided (e.g. '/api/phone-auth/status')
                             const origin = typeof window !== 'undefined' ? window.location.origin : '';
                             if (endpoint.includes('{{session_id}}')) {
                                 statusUrl = origin + endpoint.replace('{{session_id}}', sessionKey);
                             }
                             else {
-                                // Append session ID to the provided endpoint
                                 statusUrl = origin + endpoint + '/' + sessionKey;
                             }
                         }
                         else {
-                            // No endpoint provided - use hardcoded fallback
                             statusUrl = `https://api.glideidentity.app/public/public/status/${sessionKey}`;
                             endpointSource = 'fallback';
                         }
                         console.log(`[Link Auth] Using ${endpointSource} endpoint: ${statusUrl}`);
-                        // Poll public status endpoint - no authentication required
                         console.log(`[Link Auth] Polling status (attempt ${attempts}/${maxAttempts}): ${statusUrl}`);
                         const response = yield fetch(statusUrl, {
                             method: 'GET',
                             headers: {
                                 'Accept': 'application/json'
-                                // No Authorization header needed for public endpoint
                             }
                         });
                         console.log(`[Link Auth] Poll response - Status: ${response.status}, OK: ${response.ok}`);
-                        // Handle based on HTTP status code
                         if (response.status === 200) {
-                            // Session is active (pending or completed)
                             const result = yield response.json();
                             console.log('[Link Auth] Poll response data:', JSON.stringify(result, null, 2));
                             if (result.status === 'completed') {
-                                // Authentication completed successfully
                                 console.log('[Link Auth] ✅ Authentication COMPLETED! Session:', sessionKey);
                                 console.log('[Link Auth] Full completion result:', JSON.stringify(result, null, 2));
                                 this.stopPolling();
-                                // Authentication completed successfully
                                 if (options === null || options === void 0 ? void 0 : options.onStatusUpdate) {
                                     options.onStatusUpdate({
                                         status: 'authenticated',
@@ -187,8 +144,7 @@ class LinkHandler {
                                         data: result
                                     });
                                 }
-                                // Return the authentication result
-                                this.pollingReject = undefined; // Clear reject function on success
+                                this.pollingReject = undefined;
                                 resolve({
                                     authenticated: true,
                                     credential: result.credential || sessionKey,
@@ -202,9 +158,8 @@ class LinkHandler {
                                 });
                             }
                             else if (result.status === 'pending') {
-                                // Continue polling
                                 console.log('[Link Auth] Status still pending, continuing to poll...');
-                                attempts++; // Increment attempts after successful poll
+                                attempts++;
                                 if (options === null || options === void 0 ? void 0 : options.onStatusUpdate) {
                                     options.onStatusUpdate({
                                         status: 'pending',
@@ -213,13 +168,11 @@ class LinkHandler {
                                 }
                             }
                             else {
-                                // Unexpected status value
                                 console.log('[Link Auth] ⚠️ Unexpected status value:', result.status, 'Full result:', JSON.stringify(result, null, 2));
-                                attempts++; // Increment for unexpected status too
+                                attempts++;
                             }
                         }
                         else if (response.status === 410) {
-                            // Session expired
                             console.log('[Link Auth] ❌ Session expired (410)');
                             this.stopPolling();
                             const errorData = yield response.json().catch(() => ({ message: 'Session expired' }));
@@ -235,7 +188,6 @@ class LinkHandler {
                             reject(new Error(errorData.message || 'Session expired'));
                         }
                         else if (response.status === 422) {
-                            // Authentication failed
                             console.log('[Link Auth] ❌ Authentication failed (422)');
                             this.stopPolling();
                             const errorData = yield response.json().catch(() => ({ message: 'Authentication failed' }));
@@ -244,7 +196,6 @@ class LinkHandler {
                             const errorMsg = isUserCancelled
                                 ? 'User cancelled authentication'
                                 : (errorData.message || 'Verification failed');
-                            // Authentication failed
                             if (options === null || options === void 0 ? void 0 : options.onStatusUpdate) {
                                 options.onStatusUpdate({
                                     status: 'error',
@@ -254,7 +205,6 @@ class LinkHandler {
                             reject(new Error(errorMsg));
                         }
                         else if (response.status === 404) {
-                            // Session not found
                             console.log('[Link Auth] ❌ Session not found (404)');
                             this.stopPolling();
                             if (options === null || options === void 0 ? void 0 : options.onStatusUpdate) {
@@ -266,7 +216,6 @@ class LinkHandler {
                             reject(new Error('Session not found'));
                         }
                         else if (response.status === 400) {
-                            // Invalid session key
                             console.log('[Link Auth] ❌ Invalid session key (400)');
                             this.stopPolling();
                             const errorData = yield response.json().catch(() => ({ message: 'Invalid session key' }));
@@ -274,9 +223,8 @@ class LinkHandler {
                             reject(new Error(errorData.message || 'Invalid session key'));
                         }
                         else {
-                            // Unexpected status - continue polling
                             console.log('[Link Auth] ⚠️ Unexpected HTTP status:', response.status, 'continuing to poll...');
-                            attempts++; // Increment for unexpected HTTP status
+                            attempts++;
                             try {
                                 const body = yield response.text();
                                 console.log('[Link Auth] Response body:', body);
@@ -287,9 +235,8 @@ class LinkHandler {
                         }
                     }
                     catch (error) {
-                        // Network or other error - continue polling
                         console.error('[Link Auth] 🔴 Polling error:', error.message || error);
-                        attempts++; // Increment for error case
+                        attempts++;
                         console.error('[Link Auth] Error details:', {
                             name: error.name,
                             message: error.message,
@@ -298,7 +245,6 @@ class LinkHandler {
                             attempt: attempts,
                             error: error
                         });
-                        // Check if it's a CORS error (common on mobile)
                         if (error.message && error.message.toLowerCase().includes('failed')) {
                             console.error('[Link Auth] ⚠️ Possible CORS issue. Status URL:', statusUrl);
                             console.error('[Link Auth] Make sure the API endpoint allows CORS from your ngrok domain');
@@ -311,20 +257,14 @@ class LinkHandler {
                         }
                     }
                     finally {
-                        // Always clear the polling flag when done
                         this.isPollingInProgress = false;
                     }
                 });
-                // Start initial poll immediately
                 poll();
-                // Set up constant interval polling (no backoff)
                 this.pollingInterval = setInterval(poll, interval);
             });
         });
     }
-    /**
-     * Stop polling
-     */
     stopPolling() {
         console.log('[Link Auth] 🏁 Stopping polling');
         this.isPollingActive = false;
@@ -334,9 +274,6 @@ class LinkHandler {
             this.pollingInterval = undefined;
         }
     }
-    /**
-     * Format response for backend processing
-     */
     formatResponse(response) {
         if (!response.authenticated || !response.credential) {
             throw new Error('Authentication not completed');
@@ -347,40 +284,25 @@ class LinkHandler {
             type: 'link'
         };
     }
-    /**
-     * Check if link strategy is supported
-     * Returns true for mobile devices (iOS and Android)
-     */
     isSupported() {
-        // Link strategy is supported on mobile devices
         const isMobile = /iPhone|iPad|iPod|Android/i.test(navigator.userAgent);
         return isMobile;
     }
-    /**
-     * Clean up resources (stop polling if active)
-     */
     cleanup() {
         this.stopPolling();
         this.isCancelled = false;
         this.onCancel = undefined;
         this.pollingReject = undefined;
     }
-    /**
-     * Check if polling is currently active
-     */
     isPolling() {
         return this.pollingInterval !== undefined;
     }
-    /**
-     * Cancel the ongoing authentication
-     */
     cancel() {
         var _a;
         console.log('[Link Auth] Cancelling authentication');
         this.isCancelled = true;
         this.stopPolling();
         (_a = this.onCancel) === null || _a === void 0 ? void 0 : _a.call(this);
-        // Immediately reject the polling promise
         if (this.pollingReject) {
             this.pollingReject({
                 code: 'USER_DENIED',

package/dist/core/phone-auth/strategies/ts43.d.ts

@@ -1,28 +1,9 @@
-/**
- * TS-43 Strategy Handler
- * Handles Digital Credentials API authentication for Android/Chromium
- * Properly manages session objects with session_key, nonce, and enc_key
- */
 import type { StrategyHandler } from './types';
 import type { PrepareResponse } from '../types';
 export declare class TS43Handler implements StrategyHandler {
-    /**
-     * Invoke TS-43 authentication using Digital Credentials API
-     * The data structure from backend is already in the correct format for navigator.credentials.get
-     */
     invoke(data: PrepareResponse): Promise<any>;
-    /**
-     * Format the credential response for backend processing
-     * Include the session key so backend can retrieve the full session
-     */
     formatResponse(response: any): any;
-    /**
-     * Check if Digital Credentials API is supported
-     */
     isSupported(): boolean;
-    /**
-     * Get browser support information
-     */
     getBrowserSupportInfo(): {
         supported: boolean;
         browser: string;

package/dist/core/phone-auth/strategies/ts43.js

@@ -1,9 +1,4 @@
 "use strict";
-/**
- * TS-43 Strategy Handler
- * Handles Digital Credentials API authentication for Android/Chromium
- * Properly manages session objects with session_key, nonce, and enc_key
- */
 var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {
@@ -16,43 +11,31 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.TS43Handler = void 0;
 class TS43Handler {
-    /**
-     * Invoke TS-43 authentication using Digital Credentials API
-     * The data structure from backend is already in the correct format for navigator.credentials.get
-     */
     invoke(data) {
         return __awaiter(this, void 0, void 0, function* () {
-            // Validate session structure - only session_key is actually required
             if (!data.session || !data.session.session_key) {
                 throw new Error('Invalid TS43 session: missing required session_key');
             }
-            // Check if Digital Credentials API is available
             if (!this.isSupported()) {
                 throw new Error('Digital Credentials API not supported in this browser');
             }
-            // Extract TS43 data from the prepare response
             const ts43Data = data.data;
-            // The data is already in the correct format from backend
-            // Just pass it through to navigator.credentials.get
             const credentialRequest = {
                 digital: {
                     requests: [{
-                            protocol: ts43Data.protocol, // e.g., "openid4vp-v1-unsigned"
-                            data: ts43Data.data // Pass the entire data object as-is
+                            protocol: ts43Data.protocol,
+                            data: ts43Data.data
                         }]
                 }
             };
             try {
-                // @ts-ignore - Digital Credentials API types not yet in TypeScript
                 const credential = yield navigator.credentials.get(credentialRequest);
                 if (!credential) {
                     throw new Error('No credential received from Digital Credentials API');
                 }
-                // @ts-ignore - credential.data is not typed yet
                 return credential;
             }
             catch (error) {
-                // Handle browser-specific errors
                 if (error instanceof Error) {
                     if (error.name === 'NotAllowedError') {
                         throw new Error('User denied the authentication request');
@@ -68,13 +51,8 @@ class TS43Handler {
             }
         });
     }
-    /**
-     * Format the credential response for backend processing
-     * Include the session key so backend can retrieve the full session
-     */
     formatResponse(response) {
         var _a;
-        // Extract vp_token from the response
         const vpToken = (_a = response.data) === null || _a === void 0 ? void 0 : _a.vp_token;
         if (!vpToken) {
             throw new Error('Invalid TS43 response: missing vp_token');
@@ -84,20 +62,12 @@ class TS43Handler {
             type: 'ts43'
         };
     }
-    /**
-     * Check if Digital Credentials API is supported
-     */
     isSupported() {
         if (typeof window === 'undefined') {
             return false;
         }
-        // Check for DigitalCredential constructor
-        // @ts-ignore - DigitalCredential not yet in TypeScript
         return 'DigitalCredential' in window;
     }
-    /**
-     * Get browser support information
-     */
     getBrowserSupportInfo() {
         if (typeof window === 'undefined') {
             return {
@@ -117,7 +87,6 @@ class TS43Handler {
                 browser: isChrome ? 'Chrome' : isEdge ? 'Edge' : 'Chromium'
             };
         }
-        // Provide specific guidance based on browser
         if ((isChrome || isEdge) && isAndroid) {
             return {
                 supported: false,

package/dist/core/phone-auth/strategies/types.js

@@ -1,6 +1,2 @@
 "use strict";
-/**
- * Strategy Handler Interface
- * Defines the contract for authentication strategy implementations
- */
 Object.defineProperty(exports, "__esModule", { value: true });

package/dist/core/phone-auth/type-guards.js

@@ -1,10 +1,4 @@
 "use strict";
-/**
- * Type Guards and Helper Functions for Phone Authentication
- *
- * These utilities help developers work with the SDK responses in a type-safe way
- * without having to write their own type checking logic.
- */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.requiresUserAction = exports.requiresPolling = exports.isHeadlessResult = void 0;
 exports.isExtendedResponse = isExtendedResponse;
@@ -16,24 +10,6 @@ exports.isDesktopStrategy = isDesktopStrategy;
 exports.getStrategy = getStrategy;
 exports.hasPollingControls = hasPollingControls;
 exports.hasTrigger = hasTrigger;
-/**
- * Type guard to check if the result is an ExtendedResponse (extended mode)
- * or a Credential (standard mode).
- *
- * @example
- * ```typescript
- * const result = await invokeSecurePrompt(sdkRequest, { executionMode: 'extended' });
- *
- * if (isExtendedResponse(result)) {
- *   // TypeScript knows this is ExtendedResponse
- *   console.log(result.strategy);
- *   await result.cancel();
- * } else {
- *   // TypeScript knows this is a Credential
- *   const processedResult = await verifyPhoneNumberCredential(result, session);
- * }
- * ```
- */
 function isExtendedResponse(result) {
     return result &&
         typeof result === 'object' &&
@@ -42,41 +18,16 @@ function isExtendedResponse(result) {
         'cancel' in result &&
         typeof result.cancel === 'function';
 }
-/**
- * Type guard to check if the result is a Credential (standard mode response).
- * A credential is either a string token or an object without ExtendedResponse properties.
- *
- * @example
- * ```typescript
- * if (isCredential(result)) {
- *   // Process the credential directly
- *   const verified = await verifyPhoneNumberCredential(result, session);
- * }
- * ```
- */
 function isCredential(result) {
     if (!result)
         return false;
-    // String credentials are valid
     if (typeof result === 'string')
         return true;
-    // Object credentials should NOT have ExtendedResponse properties
     if (typeof result === 'object') {
         return !('strategy' in result) && !('credential' in result) && !('cancel' in result);
     }
     return false;
 }
-/**
- * Type guard to check if the result is an AuthCredential object.
- *
- * @example
- * ```typescript
- * if (isAuthCredential(result)) {
- *   console.log(result.credential);
- *   console.log(result.authenticated);
- * }
- * ```
- */
 function isAuthCredential(result) {
     return result &&
         typeof result === 'object' &&
@@ -84,115 +35,33 @@ function isAuthCredential(result) {
         'authenticated' in result &&
         'session' in result;
 }
-/**
- * Type guard to check if an ExtendedResponse is using the Link strategy.
- * Link strategy involves opening an app link (App Clip on iOS, app on Android).
- *
- * @example
- * ```typescript
- * if (isExtendedResponse(result) && isLinkStrategy(result)) {
- *   // Re-trigger app opening if needed
- *   result.trigger();
- *   await result.credential;
- * }
- * ```
- */
 function isLinkStrategy(result) {
     return result.strategy === 'link';
 }
-/**
- * Type guard to check if an ExtendedResponse is using the TS43 strategy.
- * TS43 strategy uses the browser's Digital Credentials API.
- *
- * @example
- * ```typescript
- * if (isExtendedResponse(result) && isTS43Strategy(result)) {
- *   // Re-trigger credential request if needed
- *   await result.trigger();
- * }
- * ```
- */
 function isTS43Strategy(result) {
     return result.strategy === 'ts43';
 }
-/**
- * Type guard to check if an ExtendedResponse is using the Desktop strategy.
- * Desktop strategy involves QR codes for cross-device authentication.
- *
- * @example
- * ```typescript
- * if (isExtendedResponse(result) && isDesktopStrategy(result)) {
- *   // Show custom QR code UI
- *   displayQRCode(result.qr_code_data);
- *   await result.start_polling();
- * }
- * ```
- */
 function isDesktopStrategy(result) {
     return result.strategy === 'desktop';
 }
-/**
- * Helper function to safely get the authentication strategy from any result.
- * Returns undefined if the result is not an ExtendedResponse.
- *
- * @example
- * ```typescript
- * const strategy = getStrategy(result);
- * if (strategy === 'link') {
- *   // Handle link strategy
- * }
- * ```
- */
 function getStrategy(result) {
     if (isExtendedResponse(result)) {
         return result.strategy;
     }
     return undefined;
 }
-/**
- * Helper function to determine if a result has polling controls.
- * Link and Desktop strategies have polling controls in extended mode.
- *
- * @example
- * ```typescript
- * if (hasPollingControls(result)) {
- *   await result.start_polling();
- * }
- * ```
- */
 function hasPollingControls(result) {
     if (!isExtendedResponse(result))
         return false;
     return (result.strategy === 'link' && 'start_polling' in result) ||
         (result.strategy === 'desktop' && 'start_polling' in result);
 }
-/**
- * Helper function to determine if a result has a trigger method.
- * Link and TS43 strategies have trigger methods in extended mode.
- *
- * @example
- * ```typescript
- * if (hasTrigger(result)) {
- *   result.trigger();
- * }
- * ```
- */
 function hasTrigger(result) {
     if (!isExtendedResponse(result))
         return false;
     return 'trigger' in result && typeof result.trigger === 'function';
 }
-// Export legacy function names as deprecated aliases for backward compatibility
-/**
- * @deprecated Use isExtendedResponse instead
- */
 exports.isHeadlessResult = isExtendedResponse;
-/**
- * @deprecated Use hasPollingControls instead
- */
 exports.requiresPolling = hasPollingControls;
-/**
- * @deprecated This function is no longer needed as extended mode handles user actions differently
- */
 const requiresUserAction = (result) => false;
 exports.requiresUserAction = requiresUserAction;