@interop/was-react 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +20 -0
- package/README.md +410 -0
- package/dist/auth/chapi.d.ts +43 -0
- package/dist/auth/chapi.d.ts.map +1 -0
- package/dist/auth/chapi.js +107 -0
- package/dist/auth/chapi.js.map +1 -0
- package/dist/auth/loginFlow.d.ts +93 -0
- package/dist/auth/loginFlow.d.ts.map +1 -0
- package/dist/auth/loginFlow.js +149 -0
- package/dist/auth/loginFlow.js.map +1 -0
- package/dist/auth/loginRequest.d.ts +66 -0
- package/dist/auth/loginRequest.d.ts.map +1 -0
- package/dist/auth/loginRequest.js +83 -0
- package/dist/auth/loginRequest.js.map +1 -0
- package/dist/auth/verifyResponse.d.ts +52 -0
- package/dist/auth/verifyResponse.d.ts.map +1 -0
- package/dist/auth/verifyResponse.js +138 -0
- package/dist/auth/verifyResponse.js.map +1 -0
- package/dist/auth/verifyResponse.test.d.ts +2 -0
- package/dist/auth/verifyResponse.test.d.ts.map +1 -0
- package/dist/auth/verifyResponse.test.js +282 -0
- package/dist/auth/verifyResponse.test.js.map +1 -0
- package/dist/auth/walletRequestTypes.d.ts +143 -0
- package/dist/auth/walletRequestTypes.d.ts.map +1 -0
- package/dist/auth/walletRequestTypes.js +2 -0
- package/dist/auth/walletRequestTypes.js.map +1 -0
- package/dist/config.d.ts +150 -0
- package/dist/config.d.ts.map +1 -0
- package/dist/config.js +27 -0
- package/dist/config.js.map +1 -0
- package/dist/dev/cli.d.ts +16 -0
- package/dist/dev/cli.d.ts.map +1 -0
- package/dist/dev/cli.js +122 -0
- package/dist/dev/cli.js.map +1 -0
- package/dist/dev/cli.test.d.ts +2 -0
- package/dist/dev/cli.test.d.ts.map +1 -0
- package/dist/dev/cli.test.js +39 -0
- package/dist/dev/cli.test.js.map +1 -0
- package/dist/dev/index.d.ts +10 -0
- package/dist/dev/index.d.ts.map +1 -0
- package/dist/dev/index.js +10 -0
- package/dist/dev/index.js.map +1 -0
- package/dist/dev/provisionDevGrants.d.ts +73 -0
- package/dist/dev/provisionDevGrants.d.ts.map +1 -0
- package/dist/dev/provisionDevGrants.js +176 -0
- package/dist/dev/provisionDevGrants.js.map +1 -0
- package/dist/grants.d.ts +59 -0
- package/dist/grants.d.ts.map +1 -0
- package/dist/grants.js +82 -0
- package/dist/grants.js.map +1 -0
- package/dist/grants.test.d.ts +2 -0
- package/dist/grants.test.d.ts.map +1 -0
- package/dist/grants.test.js +79 -0
- package/dist/grants.test.js.map +1 -0
- package/dist/identity/agents.d.ts +99 -0
- package/dist/identity/agents.d.ts.map +1 -0
- package/dist/identity/agents.js +132 -0
- package/dist/identity/agents.js.map +1 -0
- package/dist/identity/appSession.d.ts +78 -0
- package/dist/identity/appSession.d.ts.map +1 -0
- package/dist/identity/appSession.js +93 -0
- package/dist/identity/appSession.js.map +1 -0
- package/dist/identity/documentLoader.d.ts +20 -0
- package/dist/identity/documentLoader.d.ts.map +1 -0
- package/dist/identity/documentLoader.js +99 -0
- package/dist/identity/documentLoader.js.map +1 -0
- package/dist/identity/initAppSession.d.ts +27 -0
- package/dist/identity/initAppSession.d.ts.map +1 -0
- package/dist/identity/initAppSession.js +30 -0
- package/dist/identity/initAppSession.js.map +1 -0
- package/dist/identity/seedCredential.d.ts +74 -0
- package/dist/identity/seedCredential.d.ts.map +1 -0
- package/dist/identity/seedCredential.js +165 -0
- package/dist/identity/seedCredential.js.map +1 -0
- package/dist/identity/seedCredential.test.d.ts +2 -0
- package/dist/identity/seedCredential.test.d.ts.map +1 -0
- package/dist/identity/seedCredential.test.js +205 -0
- package/dist/identity/seedCredential.test.js.map +1 -0
- package/dist/identity/seedStore.d.ts +27 -0
- package/dist/identity/seedStore.d.ts.map +1 -0
- package/dist/identity/seedStore.js +74 -0
- package/dist/identity/seedStore.js.map +1 -0
- package/dist/index.d.ts +37 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +46 -0
- package/dist/index.js.map +1 -0
- package/dist/mui/ProtectedRoute.d.ts +10 -0
- package/dist/mui/ProtectedRoute.d.ts.map +1 -0
- package/dist/mui/ProtectedRoute.js +54 -0
- package/dist/mui/ProtectedRoute.js.map +1 -0
- package/dist/mui/ReconnectBanner.d.ts +2 -0
- package/dist/mui/ReconnectBanner.d.ts.map +1 -0
- package/dist/mui/ReconnectBanner.js +20 -0
- package/dist/mui/ReconnectBanner.js.map +1 -0
- package/dist/mui/SyncStatusChip.d.ts +2 -0
- package/dist/mui/SyncStatusChip.d.ts.map +1 -0
- package/dist/mui/SyncStatusChip.js +27 -0
- package/dist/mui/SyncStatusChip.js.map +1 -0
- package/dist/mui/index.d.ts +12 -0
- package/dist/mui/index.d.ts.map +1 -0
- package/dist/mui/index.js +12 -0
- package/dist/mui/index.js.map +1 -0
- package/dist/react/WasSessionProvider.d.ts +36 -0
- package/dist/react/WasSessionProvider.d.ts.map +1 -0
- package/dist/react/WasSessionProvider.js +35 -0
- package/dist/react/WasSessionProvider.js.map +1 -0
- package/dist/react/hooks.d.ts +66 -0
- package/dist/react/hooks.d.ts.map +1 -0
- package/dist/react/hooks.js +121 -0
- package/dist/react/hooks.js.map +1 -0
- package/dist/react/index.d.ts +11 -0
- package/dist/react/index.d.ts.map +1 -0
- package/dist/react/index.js +11 -0
- package/dist/react/index.js.map +1 -0
- package/dist/session/appReadyStore.d.ts +10 -0
- package/dist/session/appReadyStore.d.ts.map +1 -0
- package/dist/session/appReadyStore.js +22 -0
- package/dist/session/appReadyStore.js.map +1 -0
- package/dist/session/authStore.d.ts +71 -0
- package/dist/session/authStore.d.ts.map +1 -0
- package/dist/session/authStore.js +347 -0
- package/dist/session/authStore.js.map +1 -0
- package/dist/session/index.d.ts +10 -0
- package/dist/session/index.d.ts.map +1 -0
- package/dist/session/index.js +10 -0
- package/dist/session/index.js.map +1 -0
- package/dist/storage/entityStore.d.ts +51 -0
- package/dist/storage/entityStore.d.ts.map +1 -0
- package/dist/storage/entityStore.js +78 -0
- package/dist/storage/entityStore.js.map +1 -0
- package/dist/storage/localStore.d.ts +144 -0
- package/dist/storage/localStore.d.ts.map +1 -0
- package/dist/storage/localStore.js +289 -0
- package/dist/storage/localStore.js.map +1 -0
- package/dist/storage/rehydrate.d.ts +56 -0
- package/dist/storage/rehydrate.d.ts.map +1 -0
- package/dist/storage/rehydrate.js +87 -0
- package/dist/storage/rehydrate.js.map +1 -0
- package/dist/storage/rehydrate.test.d.ts +2 -0
- package/dist/storage/rehydrate.test.d.ts.map +1 -0
- package/dist/storage/rehydrate.test.js +172 -0
- package/dist/storage/rehydrate.test.js.map +1 -0
- package/dist/storage/storageManager.d.ts +39 -0
- package/dist/storage/storageManager.d.ts.map +1 -0
- package/dist/storage/storageManager.js +68 -0
- package/dist/storage/storageManager.js.map +1 -0
- package/dist/storage/syncController.d.ts +79 -0
- package/dist/storage/syncController.d.ts.map +1 -0
- package/dist/storage/syncController.js +189 -0
- package/dist/storage/syncController.js.map +1 -0
- package/dist/storage/syncStatusStore.d.ts +17 -0
- package/dist/storage/syncStatusStore.d.ts.map +1 -0
- package/dist/storage/syncStatusStore.js +19 -0
- package/dist/storage/syncStatusStore.js.map +1 -0
- package/dist/storage/wasRemoteStore.d.ts +73 -0
- package/dist/storage/wasRemoteStore.d.ts.map +1 -0
- package/dist/storage/wasRemoteStore.js +76 -0
- package/dist/storage/wasRemoteStore.js.map +1 -0
- package/dist/storage/wasSync.d.ts +42 -0
- package/dist/storage/wasSync.d.ts.map +1 -0
- package/dist/storage/wasSync.js +34 -0
- package/dist/storage/wasSync.js.map +1 -0
- package/dist/sync/changesQuery.d.ts +44 -0
- package/dist/sync/changesQuery.d.ts.map +1 -0
- package/dist/sync/changesQuery.js +61 -0
- package/dist/sync/changesQuery.js.map +1 -0
- package/dist/sync/changesQuery.test.d.ts +2 -0
- package/dist/sync/changesQuery.test.d.ts.map +1 -0
- package/dist/sync/changesQuery.test.js +145 -0
- package/dist/sync/changesQuery.test.js.map +1 -0
- package/dist/sync/docCipher.d.ts +68 -0
- package/dist/sync/docCipher.d.ts.map +1 -0
- package/dist/sync/docCipher.js +89 -0
- package/dist/sync/docCipher.js.map +1 -0
- package/dist/sync/feedMasterPort.d.ts +30 -0
- package/dist/sync/feedMasterPort.d.ts.map +1 -0
- package/dist/sync/feedMasterPort.js +58 -0
- package/dist/sync/feedMasterPort.js.map +1 -0
- package/dist/sync/index.d.ts +21 -0
- package/dist/sync/index.d.ts.map +1 -0
- package/dist/sync/index.js +21 -0
- package/dist/sync/index.js.map +1 -0
- package/dist/sync/lww.d.ts +29 -0
- package/dist/sync/lww.d.ts.map +1 -0
- package/dist/sync/lww.js +28 -0
- package/dist/sync/lww.js.map +1 -0
- package/dist/sync/lww.test.d.ts +2 -0
- package/dist/sync/lww.test.d.ts.map +1 -0
- package/dist/sync/lww.test.js +28 -0
- package/dist/sync/lww.test.js.map +1 -0
- package/dist/sync/lwwConflictHandler.d.ts +49 -0
- package/dist/sync/lwwConflictHandler.d.ts.map +1 -0
- package/dist/sync/lwwConflictHandler.js +65 -0
- package/dist/sync/lwwConflictHandler.js.map +1 -0
- package/dist/sync/lwwConflictHandler.test.d.ts +2 -0
- package/dist/sync/lwwConflictHandler.test.d.ts.map +1 -0
- package/dist/sync/lwwConflictHandler.test.js +78 -0
- package/dist/sync/lwwConflictHandler.test.js.map +1 -0
- package/dist/sync/pushWrites.d.ts +57 -0
- package/dist/sync/pushWrites.d.ts.map +1 -0
- package/dist/sync/pushWrites.js +159 -0
- package/dist/sync/pushWrites.js.map +1 -0
- package/dist/sync/pushWrites.test.d.ts +2 -0
- package/dist/sync/pushWrites.test.d.ts.map +1 -0
- package/dist/sync/pushWrites.test.js +287 -0
- package/dist/sync/pushWrites.test.js.map +1 -0
- package/dist/sync/syncedDocSchema.d.ts +22 -0
- package/dist/sync/syncedDocSchema.d.ts.map +1 -0
- package/dist/sync/syncedDocSchema.js +26 -0
- package/dist/sync/syncedDocSchema.js.map +1 -0
- package/dist/sync/types.d.ts +194 -0
- package/dist/sync/types.d.ts.map +1 -0
- package/dist/sync/types.js +36 -0
- package/dist/sync/types.js.map +1 -0
- package/dist/sync/wasReplication.d.ts +47 -0
- package/dist/sync/wasReplication.d.ts.map +1 -0
- package/dist/sync/wasReplication.js +55 -0
- package/dist/sync/wasReplication.js.map +1 -0
- package/dist/sync/wasSyncPort.d.ts +45 -0
- package/dist/sync/wasSyncPort.d.ts.map +1 -0
- package/dist/sync/wasSyncPort.js +170 -0
- package/dist/sync/wasSyncPort.js.map +1 -0
- package/package.json +142 -0
|
@@ -0,0 +1,282 @@
|
|
|
1
|
+
/*!
|
|
2
|
+
* Copyright (c) 2026 Interop Alliance. All rights reserved.
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* verifyResponse tests. A mock "wallet" (its own did:key identity, distinct
|
|
6
|
+
* from the app's) signs presentations exactly the way freewallet does --
|
|
7
|
+
* Ed25519Signature2020 DIDAuth proof over a VP with the app-key VC embedded
|
|
8
|
+
* and/or a `zcap` grant array (bare term added to the context) -- and the
|
|
9
|
+
* RP-side checks are exercised against good and crafted-bad inputs.
|
|
10
|
+
*/
|
|
11
|
+
import { beforeAll, describe, expect, it } from 'vitest';
|
|
12
|
+
import * as vc from '@interop/vc';
|
|
13
|
+
import { Ed25519Signature2020 } from '@interop/ed25519-signature';
|
|
14
|
+
import { CapabilityAgent } from '@interop/webkms-client';
|
|
15
|
+
import { issueSeedCredential } from '../identity/seedCredential.js';
|
|
16
|
+
import { createDocumentLoader } from '../identity/documentLoader.js';
|
|
17
|
+
import { deriveIdentity } from '../identity/agents.js';
|
|
18
|
+
import { checkGrants, grantsOf, verifyLoginPresentation } from './verifyResponse.js';
|
|
19
|
+
const ORIGIN = 'http://localhost:5173';
|
|
20
|
+
const SERVER_URL = 'http://localhost:3999';
|
|
21
|
+
const SPACE_URL = `${SERVER_URL}/space/e2e-space`;
|
|
22
|
+
const CONFIG = {
|
|
23
|
+
credentialType: 'TestAppKey',
|
|
24
|
+
vocabBase: 'urn:test-app:vocab#'
|
|
25
|
+
};
|
|
26
|
+
const TEST_COLLECTIONS = [
|
|
27
|
+
'action-items',
|
|
28
|
+
'projects',
|
|
29
|
+
'goals',
|
|
30
|
+
'questions',
|
|
31
|
+
'answers',
|
|
32
|
+
'web-links',
|
|
33
|
+
'thoughts',
|
|
34
|
+
'current-focus'
|
|
35
|
+
];
|
|
36
|
+
const documentLoader = createDocumentLoader();
|
|
37
|
+
const ZCAP_TERM_CONTEXT = {
|
|
38
|
+
'@protected': true,
|
|
39
|
+
zcap: { '@id': 'urn:freewallet:vocab#zcap', '@container': '@set' }
|
|
40
|
+
};
|
|
41
|
+
let wallet;
|
|
42
|
+
let appDid;
|
|
43
|
+
let appSeed;
|
|
44
|
+
beforeAll(async () => {
|
|
45
|
+
const agent = await CapabilityAgent.fromSeed({
|
|
46
|
+
seed: crypto.getRandomValues(new Uint8Array(32)),
|
|
47
|
+
handle: 'mock-wallet',
|
|
48
|
+
keyName: 'wallet-key'
|
|
49
|
+
});
|
|
50
|
+
wallet = {
|
|
51
|
+
holder: agent.id,
|
|
52
|
+
suite: new Ed25519Signature2020({ signer: agent.getSigner() })
|
|
53
|
+
};
|
|
54
|
+
appSeed = crypto.getRandomValues(new Uint8Array(32));
|
|
55
|
+
appDid = (await deriveIdentity({ seed: appSeed })).controllerDid;
|
|
56
|
+
});
|
|
57
|
+
/** An UNSIGNED structural grant (checkGrants is structural, not cryptographic). */
|
|
58
|
+
function grantFor({ collectionId, controller = appDid, expires = new Date(Date.now() + 86_400_000).toISOString(), actions = ['GET', 'HEAD', 'PUT', 'POST', 'DELETE'], spaceUrl = SPACE_URL }) {
|
|
59
|
+
return {
|
|
60
|
+
'@context': 'https://w3id.org/zcap/v1',
|
|
61
|
+
id: `urn:zcap:${crypto.randomUUID()}`,
|
|
62
|
+
controller,
|
|
63
|
+
parentCapability: `urn:zcap:root:${encodeURIComponent(spaceUrl)}`,
|
|
64
|
+
invocationTarget: collectionId ? `${spaceUrl}/${collectionId}` : spaceUrl,
|
|
65
|
+
allowedAction: actions,
|
|
66
|
+
expires
|
|
67
|
+
};
|
|
68
|
+
}
|
|
69
|
+
/** The full wallet-shaped grant set: RW collection grants + space read. */
|
|
70
|
+
function fullGrantSet() {
|
|
71
|
+
const grants = TEST_COLLECTIONS.map(id => grantFor({ collectionId: id }));
|
|
72
|
+
grants.push(grantFor({ actions: ['GET', 'HEAD'] }));
|
|
73
|
+
return grants;
|
|
74
|
+
}
|
|
75
|
+
/** Signs a wallet-style VP with optional embedded VC and zcap array. */
|
|
76
|
+
async function walletVp({ challenge, domain = ORIGIN, credential, zcaps }) {
|
|
77
|
+
const presentation = vc.createPresentation({
|
|
78
|
+
holder: wallet.holder,
|
|
79
|
+
...(credential && { verifiableCredential: [credential] }),
|
|
80
|
+
verify: false,
|
|
81
|
+
version: 1.0
|
|
82
|
+
});
|
|
83
|
+
if (zcaps && zcaps.length > 0) {
|
|
84
|
+
const base = presentation['@context'];
|
|
85
|
+
presentation['@context'] = [
|
|
86
|
+
...(Array.isArray(base) ? base : [base]),
|
|
87
|
+
ZCAP_TERM_CONTEXT
|
|
88
|
+
];
|
|
89
|
+
presentation.zcap = zcaps;
|
|
90
|
+
}
|
|
91
|
+
return (await vc.signPresentation({
|
|
92
|
+
presentation: presentation,
|
|
93
|
+
challenge,
|
|
94
|
+
domain,
|
|
95
|
+
documentLoader,
|
|
96
|
+
suite: wallet.suite
|
|
97
|
+
}));
|
|
98
|
+
}
|
|
99
|
+
describe('verifyLoginPresentation', () => {
|
|
100
|
+
it('accepts a wallet-signed VP with an embedded app key and grants', async () => {
|
|
101
|
+
const challenge = crypto.randomUUID();
|
|
102
|
+
const credential = await issueSeedCredential({
|
|
103
|
+
seed: appSeed,
|
|
104
|
+
origin: ORIGIN,
|
|
105
|
+
config: CONFIG,
|
|
106
|
+
documentLoader
|
|
107
|
+
});
|
|
108
|
+
const presentation = await walletVp({
|
|
109
|
+
challenge,
|
|
110
|
+
credential,
|
|
111
|
+
zcaps: fullGrantSet()
|
|
112
|
+
});
|
|
113
|
+
await expect(verifyLoginPresentation({
|
|
114
|
+
presentation,
|
|
115
|
+
challenge,
|
|
116
|
+
domain: ORIGIN,
|
|
117
|
+
documentLoader
|
|
118
|
+
})).resolves.toBeUndefined();
|
|
119
|
+
expect(grantsOf(presentation)).toHaveLength(TEST_COLLECTIONS.length + 1);
|
|
120
|
+
});
|
|
121
|
+
it('rejects a challenge mismatch', async () => {
|
|
122
|
+
const presentation = await walletVp({ challenge: 'sent-nonce' });
|
|
123
|
+
await expect(verifyLoginPresentation({
|
|
124
|
+
presentation,
|
|
125
|
+
challenge: 'other-nonce',
|
|
126
|
+
domain: ORIGIN,
|
|
127
|
+
documentLoader
|
|
128
|
+
})).rejects.toThrow();
|
|
129
|
+
});
|
|
130
|
+
it('rejects a domain mismatch', async () => {
|
|
131
|
+
const challenge = crypto.randomUUID();
|
|
132
|
+
const presentation = await walletVp({
|
|
133
|
+
challenge,
|
|
134
|
+
domain: 'https://evil.example'
|
|
135
|
+
});
|
|
136
|
+
await expect(verifyLoginPresentation({
|
|
137
|
+
presentation,
|
|
138
|
+
challenge,
|
|
139
|
+
domain: ORIGIN,
|
|
140
|
+
documentLoader
|
|
141
|
+
})).rejects.toThrow(/domain/);
|
|
142
|
+
});
|
|
143
|
+
it('rejects a tampered presentation', async () => {
|
|
144
|
+
const challenge = crypto.randomUUID();
|
|
145
|
+
const presentation = await walletVp({
|
|
146
|
+
challenge,
|
|
147
|
+
zcaps: fullGrantSet()
|
|
148
|
+
});
|
|
149
|
+
const tampered = {
|
|
150
|
+
...presentation,
|
|
151
|
+
zcap: [
|
|
152
|
+
...presentation.zcap.slice(1),
|
|
153
|
+
grantFor({
|
|
154
|
+
collectionId: 'injected',
|
|
155
|
+
controller: 'did:example:mallory'
|
|
156
|
+
})
|
|
157
|
+
]
|
|
158
|
+
};
|
|
159
|
+
await expect(verifyLoginPresentation({
|
|
160
|
+
presentation: tampered,
|
|
161
|
+
challenge,
|
|
162
|
+
domain: ORIGIN,
|
|
163
|
+
documentLoader
|
|
164
|
+
})).rejects.toThrow();
|
|
165
|
+
});
|
|
166
|
+
it('rejects an unsigned presentation', async () => {
|
|
167
|
+
const presentation = {
|
|
168
|
+
'@context': ['https://www.w3.org/2018/credentials/v1'],
|
|
169
|
+
type: ['VerifiablePresentation']
|
|
170
|
+
};
|
|
171
|
+
await expect(verifyLoginPresentation({
|
|
172
|
+
presentation,
|
|
173
|
+
challenge: 'x',
|
|
174
|
+
domain: ORIGIN,
|
|
175
|
+
documentLoader
|
|
176
|
+
})).rejects.toThrow();
|
|
177
|
+
});
|
|
178
|
+
it('rejects a tampered embedded credential', async () => {
|
|
179
|
+
const challenge = crypto.randomUUID();
|
|
180
|
+
const credential = await issueSeedCredential({
|
|
181
|
+
seed: appSeed,
|
|
182
|
+
origin: ORIGIN,
|
|
183
|
+
config: CONFIG,
|
|
184
|
+
documentLoader
|
|
185
|
+
});
|
|
186
|
+
const subject = credential.credentialSubject;
|
|
187
|
+
const tamperedVc = {
|
|
188
|
+
...credential,
|
|
189
|
+
credentialSubject: { ...subject, origin: 'https://evil.example' }
|
|
190
|
+
};
|
|
191
|
+
const presentation = await walletVp({ challenge });
|
|
192
|
+
presentation.verifiableCredential =
|
|
193
|
+
[tamperedVc];
|
|
194
|
+
await expect(verifyLoginPresentation({
|
|
195
|
+
presentation,
|
|
196
|
+
challenge,
|
|
197
|
+
domain: ORIGIN,
|
|
198
|
+
documentLoader
|
|
199
|
+
})).rejects.toThrow();
|
|
200
|
+
});
|
|
201
|
+
});
|
|
202
|
+
describe('checkGrants', () => {
|
|
203
|
+
it('accepts the full wallet grant set and reports topology + expiry', () => {
|
|
204
|
+
const soon = new Date(Date.now() + 3_600_000).toISOString();
|
|
205
|
+
const later = new Date(Date.now() + 86_400_000).toISOString();
|
|
206
|
+
const grants = TEST_COLLECTIONS.map((id, index) => grantFor({ collectionId: id, expires: index === 0 ? soon : later }));
|
|
207
|
+
grants.push(grantFor({ actions: ['GET', 'HEAD'], expires: later }));
|
|
208
|
+
const checked = checkGrants({
|
|
209
|
+
grants,
|
|
210
|
+
controllerDid: appDid,
|
|
211
|
+
collections: TEST_COLLECTIONS,
|
|
212
|
+
expectedServerUrl: SERVER_URL
|
|
213
|
+
});
|
|
214
|
+
expect(checked.parsed.serverUrl).toBe(SERVER_URL);
|
|
215
|
+
expect(checked.parsed.spaceId).toBe('e2e-space');
|
|
216
|
+
expect(Object.keys(checked.parsed.byCollectionId)).toHaveLength(TEST_COLLECTIONS.length);
|
|
217
|
+
expect(checked.expires).toBe(soon);
|
|
218
|
+
});
|
|
219
|
+
it('rejects an empty grant set', () => {
|
|
220
|
+
expect(() => checkGrants({
|
|
221
|
+
grants: [],
|
|
222
|
+
controllerDid: appDid,
|
|
223
|
+
collections: TEST_COLLECTIONS
|
|
224
|
+
})).toThrow(/no storage grants/);
|
|
225
|
+
});
|
|
226
|
+
it('rejects a grant controlled by another DID', () => {
|
|
227
|
+
const grants = fullGrantSet();
|
|
228
|
+
grants[0].controller = 'did:example:mallory';
|
|
229
|
+
expect(() => checkGrants({
|
|
230
|
+
grants,
|
|
231
|
+
controllerDid: appDid,
|
|
232
|
+
collections: TEST_COLLECTIONS
|
|
233
|
+
})).toThrow(/controlled by/);
|
|
234
|
+
});
|
|
235
|
+
it('rejects an expired grant', () => {
|
|
236
|
+
const grants = fullGrantSet();
|
|
237
|
+
grants[2].expires = new Date(Date.now() - 1000).toISOString();
|
|
238
|
+
expect(() => checkGrants({
|
|
239
|
+
grants,
|
|
240
|
+
controllerDid: appDid,
|
|
241
|
+
collections: TEST_COLLECTIONS
|
|
242
|
+
})).toThrow(/expired/);
|
|
243
|
+
});
|
|
244
|
+
it('rejects a grant set on the wrong server', () => {
|
|
245
|
+
expect(() => checkGrants({
|
|
246
|
+
grants: fullGrantSet(),
|
|
247
|
+
controllerDid: appDid,
|
|
248
|
+
collections: TEST_COLLECTIONS,
|
|
249
|
+
expectedServerUrl: 'http://localhost:4000'
|
|
250
|
+
})).toThrow(/expected/);
|
|
251
|
+
});
|
|
252
|
+
it('rejects a grant set spanning two spaces', () => {
|
|
253
|
+
const grants = fullGrantSet();
|
|
254
|
+
grants.push(grantFor({
|
|
255
|
+
collectionId: 'projects',
|
|
256
|
+
spaceUrl: `${SERVER_URL}/space/other-space`
|
|
257
|
+
}));
|
|
258
|
+
expect(() => checkGrants({
|
|
259
|
+
grants,
|
|
260
|
+
controllerDid: appDid,
|
|
261
|
+
collections: TEST_COLLECTIONS
|
|
262
|
+
})).toThrow(/two spaces/);
|
|
263
|
+
});
|
|
264
|
+
it('rejects a set missing a collection', () => {
|
|
265
|
+
const grants = TEST_COLLECTIONS.slice(1).map(id => grantFor({ collectionId: id }));
|
|
266
|
+
expect(() => checkGrants({
|
|
267
|
+
grants,
|
|
268
|
+
controllerDid: appDid,
|
|
269
|
+
collections: TEST_COLLECTIONS
|
|
270
|
+
})).toThrow(new RegExp(`No grant covers the "${TEST_COLLECTIONS[0]}"`));
|
|
271
|
+
});
|
|
272
|
+
it('rejects a collection grant with insufficient actions', () => {
|
|
273
|
+
const grants = fullGrantSet();
|
|
274
|
+
grants[0].allowedAction = ['GET', 'HEAD'];
|
|
275
|
+
expect(() => checkGrants({
|
|
276
|
+
grants,
|
|
277
|
+
controllerDid: appDid,
|
|
278
|
+
collections: TEST_COLLECTIONS
|
|
279
|
+
})).toThrow(/lacks required actions/);
|
|
280
|
+
});
|
|
281
|
+
});
|
|
282
|
+
//# sourceMappingURL=verifyResponse.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verifyResponse.test.js","sourceRoot":"","sources":["../../src/auth/verifyResponse.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH;;;;;;GAMG;AACH,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAA;AACxD,OAAO,KAAK,EAAE,MAAM,aAAa,CAAA;AACjC,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAA;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AAMxD,OAAO,EACL,mBAAmB,EAEpB,MAAM,+BAA+B,CAAA;AACtC,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAA;AACpE,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA;AACtD,OAAO,EACL,WAAW,EACX,QAAQ,EACR,uBAAuB,EACxB,MAAM,qBAAqB,CAAA;AAE5B,MAAM,MAAM,GAAG,uBAAuB,CAAA;AACtC,MAAM,UAAU,GAAG,uBAAuB,CAAA;AAC1C,MAAM,SAAS,GAAG,GAAG,UAAU,kBAAkB,CAAA;AACjD,MAAM,MAAM,GAAyB;IACnC,cAAc,EAAE,YAAY;IAC5B,SAAS,EAAE,qBAAqB;CACjC,CAAA;AACD,MAAM,gBAAgB,GAAG;IACvB,cAAc;IACd,UAAU;IACV,OAAO;IACP,WAAW;IACX,SAAS;IACT,WAAW;IACX,UAAU;IACV,eAAe;CAChB,CAAA;AACD,MAAM,cAAc,GAAG,oBAAoB,EAAE,CAAA;AAE7C,MAAM,iBAAiB,GAAG;IACxB,YAAY,EAAE,IAAI;IAClB,IAAI,EAAE,EAAE,KAAK,EAAE,2BAA2B,EAAE,YAAY,EAAE,MAAM,EAAE;CAC1D,CAAA;AAOV,IAAI,MAAsB,CAAA;AAC1B,IAAI,MAAc,CAAA;AAClB,IAAI,OAAmB,CAAA;AAEvB,SAAS,CAAC,KAAK,IAAI,EAAE;IACnB,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,QAAQ,CAAC;QAC3C,IAAI,EAAE,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,EAAE,aAAa;QACrB,OAAO,EAAE,YAAY;KACtB,CAAC,CAAA;IACF,MAAM,GAAG;QACP,MAAM,EAAE,KAAK,CAAC,EAAE;QAChB,KAAK,EAAE,IAAI,oBAAoB,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,SAAS,EAAE,EAAE,CAAC;KAC/D,CAAA;IACD,OAAO,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAA;IACpD,MAAM,GAAG,CAAC,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,aAAa,CAAA;AAClE,CAAC,CAAC,CAAA;AAEF,mFAAmF;AACnF,SAAS,QAAQ,CAAC,EAChB,YAAY,EACZ,UAAU,GAAG,MAAM,EACnB,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE,EACzD,OAAO,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAClD,QAAQ,GAAG,SAAS,EAOrB;IACC,OAAO;QACL,UAAU,EAAE,0BAA0B;QACtC,EAAE,EAAE,YAAY,MAAM,CAAC,UAAU,EAAE,EAAE;QACrC,UAAU;QACV,gBAAgB,EAAE,iBAAiB,kBAAkB,CAAC,QAAQ,CAAC,EAAE;QACjE,gBAAgB,EAAE,YAAY,CAAC,CAAC,CAAC,GAAG,QAAQ,IAAI,YAAY,EAAE,CAAC,CAAC,CAAC,QAAQ;QACzE,aAAa,EAAE,OAAO;QACtB,OAAO;KACY,CAAA;AACvB,CAAC;AAED,2EAA2E;AAC3E,SAAS,YAAY;IACnB,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;IACzE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;IACnD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,wEAAwE;AACxE,KAAK,UAAU,QAAQ,CAAC,EACtB,SAAS,EACT,MAAM,GAAG,MAAM,EACf,UAAU,EACV,KAAK,EAMN;IACC,MAAM,YAAY,GAAG,EAAE,CAAC,kBAAkB,CAAC;QACzC,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,GAAG,CAAC,UAAU,IAAI,EAAE,oBAAoB,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;QACzD,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,GAAG;KACb,CAA4C,CAAA;IAC7C,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,YAAY,CAAC,UAAU,CAAC,CAAA;QACrC,YAAY,CAAC,UAAU,CAAC,GAAG;YACzB,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACxC,iBAAiB;SAClB,CAAA;QACD,YAAY,CAAC,IAAI,GAAG,KAAK,CAAA;IAC3B,CAAC;IACD,OAAO,CAAC,MAAM,EAAE,CAAC,gBAAgB,CAAC;QAChC,YAAY,EAAE,YAA0C;QACxD,SAAS;QACT,MAAM;QACN,cAAc;QACd,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,CAAC,CAA4B,CAAA;AAChC,CAAC;AAED,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,EAAE,CAAC,gEAAgE,EAAE,KAAK,IAAI,EAAE;QAC9E,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QACrC,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC;YAC3C,IAAI,EAAE,OAAO;YACb,MAAM,EAAE,MAAM;YACd,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CAAA;QACF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC;YAClC,SAAS;YACT,UAAU;YACV,KAAK,EAAE,YAAY,EAAE;SACtB,CAAC,CAAA;QACF,MAAM,MAAM,CACV,uBAAuB,CAAC;YACtB,YAAY;YACZ,SAAS;YACT,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CACH,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAA;QAC1B,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IAC1E,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;QAC5C,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC,CAAA;QAChE,MAAM,MAAM,CACV,uBAAuB,CAAC;YACtB,YAAY;YACZ,SAAS,EAAE,aAAa;YACxB,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACrB,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,2BAA2B,EAAE,KAAK,IAAI,EAAE;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QACrC,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC;YAClC,SAAS;YACT,MAAM,EAAE,sBAAsB;SAC/B,CAAC,CAAA;QACF,MAAM,MAAM,CACV,uBAAuB,CAAC;YACtB,YAAY;YACZ,SAAS;YACT,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAC7B,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QACrC,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC;YAClC,SAAS;YACT,KAAK,EAAE,YAAY,EAAE;SACtB,CAAC,CAAA;QACF,MAAM,QAAQ,GAAG;YACf,GAAG,YAAY;YACf,IAAI,EAAE;gBACJ,GAAI,YAA6C,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC/D,QAAQ,CAAC;oBACP,YAAY,EAAE,UAAU;oBACxB,UAAU,EAAE,qBAAqB;iBAClC,CAAC;aACH;SACyB,CAAA;QAC5B,MAAM,MAAM,CACV,uBAAuB,CAAC;YACtB,YAAY,EAAE,QAAQ;YACtB,SAAS;YACT,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACrB,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,YAAY,GAAG;YACnB,UAAU,EAAE,CAAC,wCAAwC,CAAC;YACtD,IAAI,EAAE,CAAC,wBAAwB,CAAC;SACK,CAAA;QACvC,MAAM,MAAM,CACV,uBAAuB,CAAC;YACtB,YAAY;YACZ,SAAS,EAAE,GAAG;YACd,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACrB,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;QACtD,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QACrC,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC;YAC3C,IAAI,EAAE,OAAO;YACb,MAAM,EAAE,MAAM;YACd,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,UAAU,CAAC,iBAA4C,CAAA;QACvE,MAAM,UAAU,GAAG;YACjB,GAAG,UAAU;YACb,iBAAiB,EAAE,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,sBAAsB,EAAE;SACzC,CAAA;QAC1B,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,EAAE,SAAS,EAAE,CAAC,CACjD;QAAC,YAAmD,CAAC,oBAAoB;YACxE,CAAC,UAAU,CAAC,CAAA;QACd,MAAM,MAAM,CACV,uBAAuB,CAAC;YACtB,YAAY;YACZ,SAAS;YACT,MAAM,EAAE,MAAM;YACd,cAAc;SACf,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACrB,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,EAAE,CAAC,iEAAiE,EAAE,GAAG,EAAE;QACzE,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE,CAAA;QAC3D,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE,CAAA;QAC7D,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,CAChD,QAAQ,CAAC,EAAE,YAAY,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CACpE,CAAA;QACD,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,CAAA;QACnE,MAAM,OAAO,GAAG,WAAW,CAAC;YAC1B,MAAM;YACN,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;YAC7B,iBAAiB,EAAE,UAAU;SAC9B,CAAC,CAAA;QACF,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACjD,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;QAChD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,YAAY,CAC7D,gBAAgB,CAAC,MAAM,CACxB,CAAA;QACD,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACpC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,CAAC,GAAG,EAAE,CACV,WAAW,CAAC;YACV,MAAM,EAAE,EAAE;YACV,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;SAC9B,CAAC,CACH,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;IAChC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,MAAM,GAAG,YAAY,EAAE,CAC5B;QAAC,MAAM,CAAC,CAAC,CAA4B,CAAC,UAAU,GAAG,qBAAqB,CAAA;QACzE,MAAM,CAAC,GAAG,EAAE,CACV,WAAW,CAAC;YACV,MAAM;YACN,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;SAC9B,CAAC,CACH,CAAC,OAAO,CAAC,eAAe,CAAC,CAAA;IAC5B,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;QAClC,MAAM,MAAM,GAAG,YAAY,EAAE,CAC5B;QAAC,MAAM,CAAC,CAAC,CAAyB,CAAC,OAAO,GAAG,IAAI,IAAI,CACpD,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAClB,CAAC,WAAW,EAAE,CAAA;QACf,MAAM,CAAC,GAAG,EAAE,CACV,WAAW,CAAC;YACV,MAAM;YACN,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;SAC9B,CAAC,CACH,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACtB,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,CAAC,GAAG,EAAE,CACV,WAAW,CAAC;YACV,MAAM,EAAE,YAAY,EAAE;YACtB,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;YAC7B,iBAAiB,EAAE,uBAAuB;SAC3C,CAAC,CACH,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;IACvB,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,MAAM,GAAG,YAAY,EAAE,CAAA;QAC7B,MAAM,CAAC,IAAI,CACT,QAAQ,CAAC;YACP,YAAY,EAAE,UAAU;YACxB,QAAQ,EAAE,GAAG,UAAU,oBAAoB;SAC5C,CAAC,CACH,CAAA;QACD,MAAM,CAAC,GAAG,EAAE,CACV,WAAW,CAAC;YACV,MAAM;YACN,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;SAC9B,CAAC,CACH,CAAC,OAAO,CAAC,YAAY,CAAC,CAAA;IACzB,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAChD,QAAQ,CAAC,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC,CAC/B,CAAA;QACD,MAAM,CAAC,GAAG,EAAE,CACV,WAAW,CAAC;YACV,MAAM;YACN,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;SAC9B,CAAC,CACH,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,wBAAwB,gBAAgB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;IACvE,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,MAAM,GAAG,YAAY,EAAE,CAC5B;QAAC,MAAM,CAAC,CAAC,CAAiC,CAAC,aAAa,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;QAC3E,MAAM,CAAC,GAAG,EAAE,CACV,WAAW,CAAC;YACV,MAAM;YACN,aAAa,EAAE,MAAM;YACrB,WAAW,EAAE,gBAAgB;SAC9B,CAAC,CACH,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAA;IACrC,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}
|
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
/*!
|
|
2
|
+
* Copyright (c) 2026 Interop Alliance. All rights reserved.
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* VC API message types for external messages to the wallet -- either offers of
|
|
6
|
+
* credentials (`IVpOffer`) or requests for credentials / DID Authentication
|
|
7
|
+
* (`IVpRequest`).
|
|
8
|
+
*
|
|
9
|
+
* These messages arrive today via CHAPI popups, but the shapes are transport
|
|
10
|
+
* agnostic so the same classification/compose logic can later back other entry
|
|
11
|
+
* points (QR scan, paste-into-Add-Credential) without dragging React or CHAPI
|
|
12
|
+
* along.
|
|
13
|
+
*
|
|
14
|
+
* @see https://w3c-ccg.github.io/vp-request-spec/
|
|
15
|
+
*/
|
|
16
|
+
import type { IVerifiableCredential, IVerifiablePresentation, IZcap } from '@interop/data-integrity-core';
|
|
17
|
+
/**
|
|
18
|
+
* The union of VC API message types the wallet can classify. Zcap and exchange
|
|
19
|
+
* invitation / issue request messages are deferred to later work.
|
|
20
|
+
*/
|
|
21
|
+
export type WalletAPIMessage = IVPRequest | IVPOffer;
|
|
22
|
+
/**
|
|
23
|
+
* "I'm offering the following credentials" -- a Verifiable Presentation offered
|
|
24
|
+
* to the wallet for storage.
|
|
25
|
+
*
|
|
26
|
+
* @see https://vcplayground.org/docs/n/chapi/wallets/native/#vc-api
|
|
27
|
+
*/
|
|
28
|
+
export type IVPOffer = {
|
|
29
|
+
credentialRequestOrigin?: string;
|
|
30
|
+
verifiablePresentation: IVerifiablePresentation;
|
|
31
|
+
redirectUrl?: string;
|
|
32
|
+
};
|
|
33
|
+
/**
|
|
34
|
+
* "The following things are requested" -- a Verifiable Presentation Request
|
|
35
|
+
* asking the wallet to share credentials and/or prove DID Authentication.
|
|
36
|
+
*
|
|
37
|
+
* @see https://w3c-ccg.github.io/vp-request-spec/
|
|
38
|
+
*/
|
|
39
|
+
export type IVPRequest = {
|
|
40
|
+
credentialRequestOrigin?: string;
|
|
41
|
+
verifiablePresentationRequest: IVPRDetails;
|
|
42
|
+
redirectUrl?: string;
|
|
43
|
+
};
|
|
44
|
+
/**
|
|
45
|
+
* The body of a Verifiable Presentation Request: one or more queries, plus the
|
|
46
|
+
* `challenge` / `domain` used when a DID Authentication proof is requested.
|
|
47
|
+
*/
|
|
48
|
+
export type IVPRDetails = {
|
|
49
|
+
query: IVPRQuery | IVPRQuery[];
|
|
50
|
+
challenge?: string;
|
|
51
|
+
domain?: string;
|
|
52
|
+
};
|
|
53
|
+
export type IVPRQuery = IQueryByExample | IDIDAuthenticationQuery | IZcapQuery;
|
|
54
|
+
/**
|
|
55
|
+
* A request for one or more VCs matching an example credential shape.
|
|
56
|
+
*
|
|
57
|
+
* @see https://w3c-ccg.github.io/vp-request-spec/#query-by-example
|
|
58
|
+
*/
|
|
59
|
+
export type IQueryByExample = {
|
|
60
|
+
type: 'QueryByExample';
|
|
61
|
+
acceptedCryptosuites?: Array<{
|
|
62
|
+
cryptosuite: string;
|
|
63
|
+
}>;
|
|
64
|
+
credentialQuery: {
|
|
65
|
+
reason?: string;
|
|
66
|
+
example: {
|
|
67
|
+
'@context'?: string | object | Array<string | object>;
|
|
68
|
+
type?: string | string[];
|
|
69
|
+
issuer?: string | object | Array<string | object>;
|
|
70
|
+
[x: string]: unknown;
|
|
71
|
+
};
|
|
72
|
+
};
|
|
73
|
+
};
|
|
74
|
+
/**
|
|
75
|
+
* A request for a proof of DID Authentication (a signed VerifiablePresentation
|
|
76
|
+
* over the request's `challenge` / `domain`).
|
|
77
|
+
*
|
|
78
|
+
* @see https://w3c-ccg.github.io/vp-request-spec/#the-did-authentication-query-format
|
|
79
|
+
*/
|
|
80
|
+
export type IDIDAuthenticationQuery = {
|
|
81
|
+
type: 'DIDAuthentication';
|
|
82
|
+
acceptedMethods?: Array<{
|
|
83
|
+
method: string;
|
|
84
|
+
}>;
|
|
85
|
+
acceptedCryptosuites?: Array<{
|
|
86
|
+
cryptosuite: string;
|
|
87
|
+
}>;
|
|
88
|
+
};
|
|
89
|
+
/**
|
|
90
|
+
* A request for one or more delegated capabilities (zcaps) on the user's WAS
|
|
91
|
+
* storage. `AuthorizationCapabilityQuery` is the canonical type string (VCALM
|
|
92
|
+
* §3.4.4); `ZcapQuery` is a legacy alias sent by DCW / the
|
|
93
|
+
* `wallet-to-webapp-demo`. `capabilityQuery` may be a single detail object or
|
|
94
|
+
* an array of them.
|
|
95
|
+
*
|
|
96
|
+
* @see https://w3c.github.io/vcalm/ -- AuthorizationCapabilityQuery
|
|
97
|
+
*/
|
|
98
|
+
export type IZcapQuery = {
|
|
99
|
+
type: 'AuthorizationCapabilityQuery' | 'ZcapQuery';
|
|
100
|
+
capabilityQuery: ICapabilityQueryDetail | ICapabilityQueryDetail[];
|
|
101
|
+
challenge?: string;
|
|
102
|
+
};
|
|
103
|
+
/**
|
|
104
|
+
* A single requested capability: which actions (`allowedAction`) the RP
|
|
105
|
+
* (`controller`) wants on which storage target (`invocationTarget`), with an
|
|
106
|
+
* optional human-readable `reason` and RP-chosen `referenceId`. The
|
|
107
|
+
* `invocationTarget` is either a plain URL (satisfied only under the user's own
|
|
108
|
+
* Space) or a wallet-defined descriptor object (`urn:was:collection` /
|
|
109
|
+
* `urn:was:space`), resolved by `resolveInvocationTarget`.
|
|
110
|
+
*/
|
|
111
|
+
export type ICapabilityQueryDetail = {
|
|
112
|
+
referenceId?: string;
|
|
113
|
+
reason?: string;
|
|
114
|
+
allowedAction?: string | string[];
|
|
115
|
+
controller: string;
|
|
116
|
+
invocationTarget: string | {
|
|
117
|
+
type: string;
|
|
118
|
+
name?: string;
|
|
119
|
+
};
|
|
120
|
+
};
|
|
121
|
+
/**
|
|
122
|
+
* The wallet's response to a request, delivered by whichever transport received
|
|
123
|
+
* it (CHAPI `respondWith`, a future exchange-URL POST, etc). Delegated zcaps
|
|
124
|
+
* ride *inside* the response VP (as a `zcap` array, embedded before signing),
|
|
125
|
+
* so this shape stays credential-presentation only.
|
|
126
|
+
*/
|
|
127
|
+
export type WalletResponse = {
|
|
128
|
+
verifiablePresentation?: IVerifiablePresentation;
|
|
129
|
+
};
|
|
130
|
+
/**
|
|
131
|
+
* A VP Request classified on two independent axes: whether DID Authentication
|
|
132
|
+
* is requested, and separately what content is asked for (credentials and/or
|
|
133
|
+
* capability delegations). Any combination is valid, including zcap-only. The
|
|
134
|
+
* consent screen renders one section per non-empty axis; the two axes replace
|
|
135
|
+
* the former `'vc' | 'didauth' | 'vc+didauth'` cross-product enum.
|
|
136
|
+
*/
|
|
137
|
+
export type WalletRequestProfile = {
|
|
138
|
+
didAuth: boolean;
|
|
139
|
+
vcQueries: IQueryByExample[];
|
|
140
|
+
zcapRequests: ICapabilityQueryDetail[];
|
|
141
|
+
};
|
|
142
|
+
export type { IVerifiableCredential, IVerifiablePresentation, IZcap };
|
|
143
|
+
//# sourceMappingURL=walletRequestTypes.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"walletRequestTypes.d.ts","sourceRoot":"","sources":["../../src/auth/walletRequestTypes.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH;;;;;;;;;;;GAWG;AACH,OAAO,KAAK,EACV,qBAAqB,EACrB,uBAAuB,EACvB,KAAK,EACN,MAAM,8BAA8B,CAAA;AAErC;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG,UAAU,GAAG,QAAQ,CAAA;AAEpD;;;;;GAKG;AACH,MAAM,MAAM,QAAQ,GAAG;IACrB,uBAAuB,CAAC,EAAE,MAAM,CAAA;IAChC,sBAAsB,EAAE,uBAAuB,CAAA;IAC/C,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED;;;;;GAKG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,uBAAuB,CAAC,EAAE,MAAM,CAAA;IAChC,6BAA6B,EAAE,WAAW,CAAA;IAC1C,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,WAAW,GAAG;IACxB,KAAK,EAAE,SAAS,GAAG,SAAS,EAAE,CAAA;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,SAAS,GAAG,eAAe,GAAG,uBAAuB,GAAG,UAAU,CAAA;AAE9E;;;;GAIG;AACH,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,gBAAgB,CAAA;IACtB,oBAAoB,CAAC,EAAE,KAAK,CAAC;QAAE,WAAW,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IACrD,eAAe,EAAE;QACf,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,OAAO,EAAE;YACP,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAA;YACrD,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;YACxB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAA;YACjD,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;SACrB,CAAA;KACF,CAAA;CACF,CAAA;AAED;;;;;GAKG;AACH,MAAM,MAAM,uBAAuB,GAAG;IACpC,IAAI,EAAE,mBAAmB,CAAA;IACzB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAC3C,oBAAoB,CAAC,EAAE,KAAK,CAAC;QAAE,WAAW,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CACtD,CAAA;AAED;;;;;;;;GAQG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,IAAI,EAAE,8BAA8B,GAAG,WAAW,CAAA;IAClD,eAAe,EAAE,sBAAsB,GAAG,sBAAsB,EAAE,CAAA;IAClE,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,MAAM,sBAAsB,GAAG;IACnC,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,aAAa,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IACjC,UAAU,EAAE,MAAM,CAAA;IAClB,gBAAgB,EAAE,MAAM,GAAG;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAC3D,CAAA;AAED;;;;;GAKG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,sBAAsB,CAAC,EAAE,uBAAuB,CAAA;CACjD,CAAA;AAED;;;;;;GAMG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC,OAAO,EAAE,OAAO,CAAA;IAChB,SAAS,EAAE,eAAe,EAAE,CAAA;IAC5B,YAAY,EAAE,sBAAsB,EAAE,CAAA;CACvC,CAAA;AAED,YAAY,EAAE,qBAAqB,EAAE,uBAAuB,EAAE,KAAK,EAAE,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"walletRequestTypes.js","sourceRoot":"","sources":["../../src/auth/walletRequestTypes.ts"],"names":[],"mappings":""}
|
package/dist/config.d.ts
ADDED
|
@@ -0,0 +1,150 @@
|
|
|
1
|
+
/*!
|
|
2
|
+
* Copyright (c) 2026 Interop Alliance. All rights reserved.
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* The central configuration contract for a WAS-backed local-first app: the app
|
|
6
|
+
* identity/origin, the registry of storage collections, the seed-credential
|
|
7
|
+
* naming, and the (all-optional) sync/expiry tuning. An app builds one
|
|
8
|
+
* {@link WasAppConfig} and threads it through the auth, storage, and sync
|
|
9
|
+
* layers.
|
|
10
|
+
*
|
|
11
|
+
* A collection is a logical `key` (the app-side / RxDB collection handle) mapped
|
|
12
|
+
* to its WAS collection `id` (the deliberately unprefixed, generic name shared
|
|
13
|
+
* across interoperable apps). The auth layer consumes only the `id`s; this
|
|
14
|
+
* config layer owns the `{ key, id }` registry the storage layer routes on.
|
|
15
|
+
*
|
|
16
|
+
* The STORE REGISTRY ({@link StoreRegistry}) is the injection seam that replaces
|
|
17
|
+
* the storage-layer's former hardcoded per-entity maps: an app supplies, per
|
|
18
|
+
* collection key, the four handlers the rehydrate mechanism drives (hydrate the
|
|
19
|
+
* whole collection, per-doc upsert/drop of an already-decrypted payload, and
|
|
20
|
+
* clear-on-logout). Expressing each collection as its own set of functions lets
|
|
21
|
+
* an app special-case a singleton collection (e.g. a current-focus doc) without
|
|
22
|
+
* a rigid CRUD interface.
|
|
23
|
+
*/
|
|
24
|
+
import type { SeedCredentialConfig } from './identity/seedCredential.js';
|
|
25
|
+
/**
|
|
26
|
+
* One storage collection: the logical `key` (app-side / RxDB collection handle)
|
|
27
|
+
* mapped to its WAS collection `id` (the generic, interoperable name).
|
|
28
|
+
*/
|
|
29
|
+
export interface WasCollectionConfig {
|
|
30
|
+
/** App-side name; the localStore / RxDB collection handle. */
|
|
31
|
+
key: string;
|
|
32
|
+
/** WAS collection id (the unprefixed, cross-app generic name). */
|
|
33
|
+
id: string;
|
|
34
|
+
}
|
|
35
|
+
/** Optional replication tuning; each field falls back to a documented default. */
|
|
36
|
+
export interface WasSyncConfig {
|
|
37
|
+
/** Replication batch size; `undefined` leaves the adapter default. */
|
|
38
|
+
batchSize?: number;
|
|
39
|
+
/** RxDB `retryTime` backoff (ms); `undefined` leaves the adapter default. */
|
|
40
|
+
retryMs?: number;
|
|
41
|
+
/**
|
|
42
|
+
* Periodic re-sync interval (ms) that keeps an open session converging while
|
|
43
|
+
* the pull side is poll-based. Defaults to {@link DEFAULT_SYNC_POLL_MS}; set
|
|
44
|
+
* to 0 to disable the periodic poll.
|
|
45
|
+
*/
|
|
46
|
+
pollMs?: number;
|
|
47
|
+
}
|
|
48
|
+
/** Optional near-expiry warning tuning; each field has the same default. */
|
|
49
|
+
export interface WasExpiryConfig {
|
|
50
|
+
/**
|
|
51
|
+
* How close to grant expiry (ms) the reconnect warning is raised proactively.
|
|
52
|
+
* Defaults to {@link DEFAULT_EXPIRY_WARNING_MS} (1h).
|
|
53
|
+
*/
|
|
54
|
+
warningMs?: number;
|
|
55
|
+
/**
|
|
56
|
+
* Poll interval (ms) for the near-expiry watch (grant expiry is
|
|
57
|
+
* coarse-grained). Defaults to {@link DEFAULT_EXPIRY_WATCH_MS} (1min).
|
|
58
|
+
*/
|
|
59
|
+
watchMs?: number;
|
|
60
|
+
}
|
|
61
|
+
/**
|
|
62
|
+
* The cohesive, app-wide configuration. Built once by the app and threaded
|
|
63
|
+
* through the auth, storage, and sync layers.
|
|
64
|
+
*/
|
|
65
|
+
export interface WasAppConfig {
|
|
66
|
+
/** Human-readable app name, used in the wallet consent reason lines. */
|
|
67
|
+
appName: string;
|
|
68
|
+
/** This app's own web origin (the anti-phishing bind on the app key). */
|
|
69
|
+
appOrigin: string;
|
|
70
|
+
/**
|
|
71
|
+
* The expected WAS server URL. When set, every granted zcap must target it;
|
|
72
|
+
* grants pointing anywhere else are rejected at login.
|
|
73
|
+
*/
|
|
74
|
+
wasServerUrl?: string;
|
|
75
|
+
/** The CHAPI mediator base URL (the requesting origin is appended). */
|
|
76
|
+
mediatorBase?: string;
|
|
77
|
+
/** The storage collections (logical key to WAS collection id). */
|
|
78
|
+
collections: WasCollectionConfig[];
|
|
79
|
+
/** The seed-credential type name + vocabulary namespace. */
|
|
80
|
+
credential: SeedCredentialConfig;
|
|
81
|
+
/**
|
|
82
|
+
* Base name for the local RxDB database and session IndexedDB naming. Defaults
|
|
83
|
+
* to {@link DEFAULT_DB_NAME}.
|
|
84
|
+
*/
|
|
85
|
+
dbName?: string;
|
|
86
|
+
/**
|
|
87
|
+
* Prefix for this app's `localStorage` keys (e.g. the device id). Defaults to
|
|
88
|
+
* {@link DEFAULT_STORAGE_KEY_PREFIX}. Migrating apps should set their prior
|
|
89
|
+
* prefix so an existing per-install device id is preserved.
|
|
90
|
+
*/
|
|
91
|
+
storageKeyPrefix?: string;
|
|
92
|
+
/** Replication tuning; all fields optional with documented defaults. */
|
|
93
|
+
sync?: WasSyncConfig;
|
|
94
|
+
/** Near-expiry warning tuning; all fields optional with the same default. */
|
|
95
|
+
expiry?: WasExpiryConfig;
|
|
96
|
+
}
|
|
97
|
+
/**
|
|
98
|
+
* One collection's re-hydrate + patch handlers, supplied by the app. The
|
|
99
|
+
* rehydrate mechanism drives these; expressing each collection as its own set of
|
|
100
|
+
* functions lets an app special-case a singleton (e.g. a current-focus doc)
|
|
101
|
+
* without a rigid CRUD interface.
|
|
102
|
+
*/
|
|
103
|
+
export interface StoreRegistryEntry {
|
|
104
|
+
/** Decrypt every live row of this collection into the app's store. */
|
|
105
|
+
hydrate: () => Promise<void>;
|
|
106
|
+
/**
|
|
107
|
+
* Upsert one already-decrypted payload into the store WITHOUT persisting (the
|
|
108
|
+
* sync stream already owns the persisted row).
|
|
109
|
+
*/
|
|
110
|
+
upsert: (doc: {
|
|
111
|
+
id: string;
|
|
112
|
+
}) => void;
|
|
113
|
+
/** Drop one payload (by logical uuid) from the store WITHOUT persisting. */
|
|
114
|
+
drop: (uuid: string) => void;
|
|
115
|
+
/** Empty this collection's store (logout). */
|
|
116
|
+
clear: () => void;
|
|
117
|
+
}
|
|
118
|
+
/**
|
|
119
|
+
* The per-collection store handlers, keyed by the collection logical `key`. The
|
|
120
|
+
* injection seam replacing the storage layer's former hardcoded maps.
|
|
121
|
+
*/
|
|
122
|
+
export type StoreRegistry = Record<string, StoreRegistryEntry>;
|
|
123
|
+
/** Default base name for the local RxDB database + session IndexedDB naming. */
|
|
124
|
+
export declare const DEFAULT_DB_NAME = "was-react";
|
|
125
|
+
/** Default `localStorage` key prefix (e.g. `was-react:deviceId`). */
|
|
126
|
+
export declare const DEFAULT_STORAGE_KEY_PREFIX = "was-react:";
|
|
127
|
+
/**
|
|
128
|
+
* Default periodic re-sync interval (ms). The pull side is poll-based (no
|
|
129
|
+
* server-side live stream yet), so an open session only sees another device's
|
|
130
|
+
* changes when it re-pulls; a low-frequency periodic re-sync keeps open sessions
|
|
131
|
+
* converging live.
|
|
132
|
+
*/
|
|
133
|
+
export declare const DEFAULT_SYNC_POLL_MS = 15000;
|
|
134
|
+
/** Default near-expiry warning threshold (ms): 1 hour. */
|
|
135
|
+
export declare const DEFAULT_EXPIRY_WARNING_MS: number;
|
|
136
|
+
/** Default near-expiry watch poll interval (ms): 1 minute. */
|
|
137
|
+
export declare const DEFAULT_EXPIRY_WATCH_MS: number;
|
|
138
|
+
/**
|
|
139
|
+
* Resolves a localStore/RxDB collection `key` from its WAS collection `id`.
|
|
140
|
+
*
|
|
141
|
+
* @param options {object}
|
|
142
|
+
* @param options.collections {WasCollectionConfig[]} the collection registry
|
|
143
|
+
* @param options.id {string} the WAS collection id
|
|
144
|
+
* @returns {string | undefined}
|
|
145
|
+
*/
|
|
146
|
+
export declare function collectionKeyForId({ collections, id }: {
|
|
147
|
+
collections: WasCollectionConfig[];
|
|
148
|
+
id: string;
|
|
149
|
+
}): string | undefined;
|
|
150
|
+
//# sourceMappingURL=config.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH;;;;;;;;;;;;;;;;;;;GAmBG;AACH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAA;AAExE;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,8DAA8D;IAC9D,GAAG,EAAE,MAAM,CAAA;IACX,kEAAkE;IAClE,EAAE,EAAE,MAAM,CAAA;CACX;AAED,kFAAkF;AAClF,MAAM,WAAW,aAAa;IAC5B,sEAAsE;IACtE,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,6EAA6E;IAC7E,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,4EAA4E;AAC5E,MAAM,WAAW,eAAe;IAC9B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,wEAAwE;IACxE,OAAO,EAAE,MAAM,CAAA;IACf,yEAAyE;IACzE,SAAS,EAAE,MAAM,CAAA;IACjB;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,uEAAuE;IACvE,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,kEAAkE;IAClE,WAAW,EAAE,mBAAmB,EAAE,CAAA;IAClC,4DAA4D;IAC5D,UAAU,EAAE,oBAAoB,CAAA;IAChC;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IACf;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,wEAAwE;IACxE,IAAI,CAAC,EAAE,aAAa,CAAA;IACpB,6EAA6E;IAC7E,MAAM,CAAC,EAAE,eAAe,CAAA;CACzB;AAED;;;;;GAKG;AACH,MAAM,WAAW,kBAAkB;IACjC,sEAAsE;IACtE,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5B;;;OAGG;IACH,MAAM,EAAE,CAAC,GAAG,EAAE;QAAE,EAAE,EAAE,MAAM,CAAA;KAAE,KAAK,IAAI,CAAA;IACrC,4EAA4E;IAC5E,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,CAAA;IAC5B,8CAA8C;IAC9C,KAAK,EAAE,MAAM,IAAI,CAAA;CAClB;AAED;;;GAGG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAA;AAE9D,gFAAgF;AAChF,eAAO,MAAM,eAAe,cAAc,CAAA;AAE1C,qEAAqE;AACrE,eAAO,MAAM,0BAA0B,eAAe,CAAA;AAEtD;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB,QAAQ,CAAA;AAEzC,0DAA0D;AAC1D,eAAO,MAAM,yBAAyB,QAAiB,CAAA;AAEvD,8DAA8D;AAC9D,eAAO,MAAM,uBAAuB,QAAY,CAAA;AAEhD;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,WAAW,EACX,EAAE,EACH,EAAE;IACD,WAAW,EAAE,mBAAmB,EAAE,CAAA;IAClC,EAAE,EAAE,MAAM,CAAA;CACX,GAAG,MAAM,GAAG,SAAS,CAErB"}
|
package/dist/config.js
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/** Default base name for the local RxDB database + session IndexedDB naming. */
|
|
2
|
+
export const DEFAULT_DB_NAME = 'was-react';
|
|
3
|
+
/** Default `localStorage` key prefix (e.g. `was-react:deviceId`). */
|
|
4
|
+
export const DEFAULT_STORAGE_KEY_PREFIX = 'was-react:';
|
|
5
|
+
/**
|
|
6
|
+
* Default periodic re-sync interval (ms). The pull side is poll-based (no
|
|
7
|
+
* server-side live stream yet), so an open session only sees another device's
|
|
8
|
+
* changes when it re-pulls; a low-frequency periodic re-sync keeps open sessions
|
|
9
|
+
* converging live.
|
|
10
|
+
*/
|
|
11
|
+
export const DEFAULT_SYNC_POLL_MS = 15000;
|
|
12
|
+
/** Default near-expiry warning threshold (ms): 1 hour. */
|
|
13
|
+
export const DEFAULT_EXPIRY_WARNING_MS = 60 * 60 * 1000;
|
|
14
|
+
/** Default near-expiry watch poll interval (ms): 1 minute. */
|
|
15
|
+
export const DEFAULT_EXPIRY_WATCH_MS = 60 * 1000;
|
|
16
|
+
/**
|
|
17
|
+
* Resolves a localStore/RxDB collection `key` from its WAS collection `id`.
|
|
18
|
+
*
|
|
19
|
+
* @param options {object}
|
|
20
|
+
* @param options.collections {WasCollectionConfig[]} the collection registry
|
|
21
|
+
* @param options.id {string} the WAS collection id
|
|
22
|
+
* @returns {string | undefined}
|
|
23
|
+
*/
|
|
24
|
+
export function collectionKeyForId({ collections, id }) {
|
|
25
|
+
return collections.find(entry => entry.id === id)?.key;
|
|
26
|
+
}
|
|
27
|
+
//# sourceMappingURL=config.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AA+HA,gFAAgF;AAChF,MAAM,CAAC,MAAM,eAAe,GAAG,WAAW,CAAA;AAE1C,qEAAqE;AACrE,MAAM,CAAC,MAAM,0BAA0B,GAAG,YAAY,CAAA;AAEtD;;;;;GAKG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,KAAK,CAAA;AAEzC,0DAA0D;AAC1D,MAAM,CAAC,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;AAEvD,8DAA8D;AAC9D,MAAM,CAAC,MAAM,uBAAuB,GAAG,EAAE,GAAG,IAAI,CAAA;AAEhD;;;;;;;GAOG;AACH,MAAM,UAAU,kBAAkB,CAAC,EACjC,WAAW,EACX,EAAE,EAIH;IACC,OAAO,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,CAAA;AACxD,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* Decodes a seed string as hex (all hex chars, even length) or base64url.
|
|
4
|
+
*
|
|
5
|
+
* @param input {string}
|
|
6
|
+
* @returns {Uint8Array}
|
|
7
|
+
*/
|
|
8
|
+
export declare function parseSeed(input: string): Uint8Array;
|
|
9
|
+
/**
|
|
10
|
+
* Splits a comma-separated collection-ids string into a trimmed, non-empty list.
|
|
11
|
+
*
|
|
12
|
+
* @param input {string}
|
|
13
|
+
* @returns {string[]}
|
|
14
|
+
*/
|
|
15
|
+
export declare function parseCollections(input: string): string[];
|
|
16
|
+
//# sourceMappingURL=cli.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../../src/dev/cli.ts"],"names":[],"mappings":";AAoCA;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,CAWnD;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAKxD"}
|