@lana-commerce/core 13.1.0-alpha.9 → 14.0.0-alpha.2

package/CHANGELOG.md

@@ -7,6 +7,9 @@ This project adheres to [Semantic Versioning][semantic versioning].
 ## [Unreleased]
 
 ### Major Changes
+
+- OAuth APIs of "customer" module were changed in backwards incompatible way. To delete oauth provider you need to specify its type. This is due to the fact that you can connect multiple providers now.
+
 ### Minor Changes
 
 - Add "clear" event to "modules/advancedSearch".
@@ -14,6 +17,9 @@ This project adheres to [Semantic Versioning][semantic versioning].
 - A bunch of internal APIs were removed. While it's a major change, I put it here, because we know for sure that nobody was using those.
 - Add "wrapWebSocket" function to "websocket" lib.
 - Propagate new "meta" field for invoice line item descriptions.
+- Add "webauthn" logic to "customer" module.
+- Add webauthn related fields to customer/shop fragments.
+- "Customer" module: now all signin forms share the custom error type. When custom error happens, it is set on all forms.
 
 ### Patch Changes
 

package/cjs/graphql/fragments/Customer.js

@@ -1,3 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = "fragment Customer on StorefrontCustomer{id email name display_name mobile mobile_notifications accepts_marketing reminder_messages addresses{...FullAddress}mobile mobile_notifications default_billing_address_id default_shipping_address_id default_payment_source_id is_guest password_defined oauth_provider}\n";
+exports.default = "fragment Customer on StorefrontCustomer{id email name display_name mobile mobile_notifications accepts_marketing reminder_messages addresses{...FullAddress}mobile mobile_notifications default_billing_address_id default_shipping_address_id default_payment_source_id is_guest password_defined oauth_providers webauthn_keys{id name created_at}}\n";

package/cjs/graphql/fragments/Shop.js

@@ -1,3 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = "fragment Shop on StorefrontShop{app_domain created_at currency customer_service_email id name product_review_enabled tax_label timezone primary_domain{domain id}customer_oauth_providers{...CustomerOAuthProvider}tips_enabled tips_variant{id}}\n";
+exports.default = "fragment Shop on StorefrontShop{app_domain created_at currency customer_service_email id name product_review_enabled tax_label timezone primary_domain{domain id}customer_oauth_providers{...CustomerOAuthProvider}tips_enabled tips_variant{id}customer_webauthn}\n";

package/cjs/graphql/operations/AddWebauthnMutation.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = "mutation AddWebauthn($shopID:String!$data:WebauthnAdd!){storefrontCustomersWebauthn(shop_id:$shopID data:$data)}";

package/cjs/graphql/operations/DeleteWebauthnMutation.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = "mutation DeleteWebauthn($shopID:String!$ids:[String!]!){storefrontCustomersWebauthnDelete(shop_id:$shopID ids:$ids)}";

package/cjs/graphql/operations/DisconnectOAuth2Mutation.js

@@ -1,3 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = "mutation DisconnectOAuth2($shopID:String!){storefrontCustomersOauthDelete(shop_id:$shopID)}";
+exports.default = "mutation DisconnectOAuth2($shopID:String!$provider:CustomerOAuthProviderKind!){storefrontCustomersOauthDelete(shop_id:$shopID provider:$provider)}";

package/cjs/graphql/operations/InitWebauthnMutation.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = "mutation InitWebauthn($shopID:String!$name:String$email:String){storefrontCustomersInitWebauthn(shop_id:$shopID name:$name email:$email){session_id options}}";

package/cjs/modules/customer.js

@@ -4,6 +4,8 @@ exports.createCustomer = exports.isSamePageParam = exports.createVariantMap = vo
 const tslib_1 = require("tslib");
 const jwt_decode_1 = tslib_1.__importDefault(require("jwt-decode"));
 const effector_1 = require("effector");
+const browser_1 = require("@simplewebauthn/browser");
+const AddWebauthnMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/AddWebauthnMutation.js"));
 const ApplyGiftCardMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/ApplyGiftCardMutation.js"));
 const CancelOrderMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/CancelOrderMutation.js"));
 const CancelSubscriptionMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/CancelSubscriptionMutation.js"));
@@ -13,6 +15,7 @@ const CreatePaymentSourceMutation_js_1 = tslib_1.__importDefault(require("../gra
 const CreateReturnMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/CreateReturnMutation.js"));
 const DeleteFavoriteMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/DeleteFavoriteMutation.js"));
 const DeletePaymentSourceMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/DeletePaymentSourceMutation.js"));
+const DeleteWebauthnMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/DeleteWebauthnMutation.js"));
 const DisconnectOAuth2Mutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/DisconnectOAuth2Mutation.js"));
 const EditSubscriptionMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/EditSubscriptionMutation.js"));
 const GetCustomerAddressesPageDataQuery_js_1 = tslib_1.__importDefault(require("../graphql/operations/GetCustomerAddressesPageDataQuery.js"));
@@ -30,6 +33,7 @@ const GetReturnQuery_js_1 = tslib_1.__importDefault(require("../graphql/operatio
 const GetReturnsPageQuery_js_1 = tslib_1.__importDefault(require("../graphql/operations/GetReturnsPageQuery.js"));
 const GetSubscriptionQuery_js_1 = tslib_1.__importDefault(require("../graphql/operations/GetSubscriptionQuery.js"));
 const GetSubscriptionsPageQuery_js_1 = tslib_1.__importDefault(require("../graphql/operations/GetSubscriptionsPageQuery.js"));
+const InitWebauthnMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/InitWebauthnMutation.js"));
 const ModifyCustomerMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/ModifyCustomerMutation.js"));
 const ModifyFavoriteMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/ModifyFavoriteMutation.js"));
 const NewPasswordMutation_js_1 = tslib_1.__importDefault(require("../graphql/operations/NewPasswordMutation.js"));
@@ -61,6 +65,32 @@ const multiResponseToResponse_js_1 = require("../multiResponseToResponse.js");
 const nonNull_js_1 = require("../nonNull.js");
 const requestResponse_js_1 = require("../effector/requestResponse.js");
 const split_js_1 = require("../effector/split.js");
+function mapSignInResponseToWrongOAuth(params, result) {
+    if (result.kind !== "error")
+        return undefined;
+    const a = result.error.apiError;
+    if (!a || a.code !== codes_js_1.ErrorCode.Unauthorized)
+        return undefined;
+    const m = a.meta;
+    if (!m ||
+        m.email === undefined ||
+        m.oauth_providers === undefined ||
+        m.oauth_session_id === undefined ||
+        m.password_defined === undefined ||
+        m.webauthn_defined === undefined) {
+        return undefined;
+    }
+    return {
+        params,
+        meta: {
+            email: m.email,
+            oauth_providers: m.oauth_providers,
+            oauth_session_id: m.oauth_session_id,
+            password_defined: m.password_defined,
+            webauthn_defined: m.webauthn_defined,
+        },
+    };
+}
 function getCustomerInfo(shopID, id, opts) {
     return tslib_1.__awaiter(this, void 0, void 0, function* () {
         if (!(opts === null || opts === void 0 ? void 0 : opts.authToken))
@@ -248,6 +278,7 @@ function splitRequestResponseData(source) {
 // pages you're not allowed to be in, while being logged in
 const disallowedAuthPages = {
     signup: true,
+    webauthn_signup: true,
     signin: true,
 };
 // it's not allowed to store these pages as lastAuthPage
@@ -255,6 +286,7 @@ const disallowedLastAuthPages = Object.assign(Object.assign({}, disallowedAuthPa
 // only pages you're allowed to be in, while NOT being logged in
 const allowedNoAuthPages = {
     signup: true,
+    webauthn_signup: true,
     signin: true,
     confirm: true,
     reset_password: true,
@@ -355,6 +387,70 @@ function createSignupPageGraph(binding) {
 //===================================================================================================================
 //===================================================================================================================
 //===================================================================================================================
+function createWebauthnSignupPageGraph(binding) {
+    const init = defineInitBlank(binding);
+    const form = (0, form_js_1.createForm)({
+        name: (0, form_js_1.createStringField)("name", "", [validator_js_1.validNonEmpty, validator_js_1.validMaxLength250]),
+        email: (0, form_js_1.createStringField)("email", "", [validator_js_1.validNonEmpty, validator_js_1.validEmail, validator_js_1.validMaxLength250]),
+        accepts_marketing: (0, form_js_1.createBooleanField)("accepts_marketing", false),
+    });
+    (0, effector_1.forward)({
+        from: init.event,
+        to: form.reset,
+    });
+    const signupFx = (0, effector_1.createEffect)((p) => tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const { shopID, opts } = p.config;
+        const resp = yield (0, request_js_1.request)(InitWebauthnMutation_js_1.default)({
+            shopID,
+            email: p.data.email,
+            name: p.data.name,
+        }, opts);
+        if (resp.kind !== "data") {
+            return resp;
+        }
+        let sessionID;
+        let credential;
+        try {
+            sessionID = resp.data.session_id;
+            credential = yield (0, browser_1.startRegistration)({ optionsJSON: JSON.parse(resp.data.options).publicKey });
+        }
+        catch (err) {
+            console.error(err);
+            return { kind: "custom_error", text: "webauthn failure" };
+        }
+        return (0, request_js_1.request)(SignUpMutation_js_1.default)({
+            shopID,
+            data: {
+                email: p.data.email,
+                webauthn_credential: JSON.stringify(credential),
+                webauthn_session_id: sessionID,
+                accepts_marketing: p.data.accepts_marketing,
+                timezone_hint: (0, getTimezone_js_1.getTimezone)(),
+            },
+        }, opts);
+    }));
+    (0, effector_1.guard)({
+        source: (0, effector_1.sample)(binding.internalConfig, form.submitted, (config, data) => ({ config, data })),
+        filter: binding.everythingIdle,
+        target: signupFx,
+    });
+    const { data: signupData, error: signupError } = (0, requestResponse_js_1.requestResponseSplit)(signupFx.doneData);
+    // success
+    (0, effector_1.forward)({
+        from: signupData.filterMap((v) => v[0].token || undefined),
+        to: binding.setJWT,
+    });
+    // failure
+    handleFormFailure({ source: signupError, form, unexpectedError: binding.unexpectedError }, { from: "[0]." });
+    return {
+        init,
+        form,
+        somethingIsPending: (0, combineSome_js_1.combineSome)(init.pending, signupFx.pending),
+    };
+}
+//===================================================================================================================
+//===================================================================================================================
+//===================================================================================================================
 function createResetPasswordPageGraph(binding) {
     const init = defineInitBlank(binding);
     // forms, we use shared fields here
@@ -1656,6 +1752,17 @@ function createSigninPageGraph(binding) {
     const init = defineInitBlank(binding);
     const setSignInMode = (0, effector_1.createEvent)();
     const signInMode = (0, effector_1.restore)(setSignInMode, "email-otp-init");
+    const setWrongOAuth = (0, effector_1.createEvent)();
+    const wrongOAuth = (0, effector_1.restore)(setWrongOAuth, null);
+    const wrongOAuthInfo = (0, effector_1.createStore)(null);
+    wrongOAuthInfo.on(setWrongOAuth, (_, v) => v
+        ? {
+            email: v.meta.email,
+            oauthProviders: v.meta.oauth_providers,
+            passwordDefined: v.meta.password_defined,
+            webauthnDefined: v.meta.webauthn_defined,
+        }
+        : null);
     const form = (0, form_js_1.createFormWithCustomError)({
         email: (0, form_js_1.createStringField)("email", "", [validator_js_1.validNonEmpty, validator_js_1.validEmail, validator_js_1.validMaxLength250]),
         password: (0, form_js_1.createStringField)("password", "", [validator_js_1.validNonEmpty]),
@@ -1666,6 +1773,11 @@ function createSigninPageGraph(binding) {
     const formOTPComplete = (0, form_js_1.createFormWithCustomError)({
         code: (0, form_js_1.createStringField)("code", "", [validator_js_1.validNonEmpty, validator_js_1.validMaxLength250]),
     }, null);
+    const setErrorOnAllForms = (0, effector_1.createEvent)();
+    (0, effector_1.forward)({
+        from: setErrorOnAllForms,
+        to: [form.setError, formOTPInit.setError, formOTPComplete.setError],
+    });
     (0, effector_1.forward)({
         from: init.event,
         to: [form.reset, formOTPInit.reset, formOTPComplete.reset],
@@ -1701,7 +1813,44 @@ function createSigninPageGraph(binding) {
         filter: binding.everythingIdle,
         target: signInViaEmailCompleteFx,
     });
-    // email/password form
+    const signInViaWebauthnFx = (0, effector_1.createEffect)((p) => tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const { shopID, opts } = p.config;
+        const resp = yield (0, request_js_1.request)(InitWebauthnMutation_js_1.default)({ shopID }, opts);
+        if (resp.kind !== "data") {
+            return resp;
+        }
+        let sessionID;
+        let credential;
+        try {
+            sessionID = resp.data.session_id;
+            credential = yield (0, browser_1.startAuthentication)({ optionsJSON: JSON.parse(resp.data.options).publicKey });
+        }
+        catch (err) {
+            console.error(err);
+            return { kind: "custom_error", text: "webauthn failure" };
+        }
+        return (0, request_js_1.request)(SignInMutation_js_1.default)({
+            shopID,
+            data: {
+                webauthn_credential: JSON.stringify(credential),
+                webauthn_session_id: sessionID,
+            },
+        }, opts);
+    }));
+    // webauthn
+    {
+        const { data: signinData } = (0, requestResponse_js_1.requestResponseSplit)(signInViaWebauthnFx.doneData);
+        // success
+        (0, effector_1.forward)({
+            from: signinData.filterMap((v) => v.token || undefined),
+            to: binding.setJWT,
+        });
+        // failure
+        (0, split_js_1.splitMap)(signInViaWebauthnFx.done)
+            .map((e) => (e.result.kind !== "system_error" ? "unauthorized_webauthn" : undefined), setErrorOnAllForms)
+            .map((e) => (e.result.kind !== "data" ? e.result : undefined), handleFormFailure({ form, unexpectedError: binding.unexpectedError }));
+    }
+    // email/password form (oauth flow also goes here)
     {
         const { data: signinData } = (0, requestResponse_js_1.requestResponseSplit)(signinFx.doneData);
         // success
@@ -1710,7 +1859,8 @@ function createSigninPageGraph(binding) {
             to: binding.setJWT,
         });
         // failure
-        (0, split_js_1.splitMap)(signinFx.done)
+        (0, split_js_1.splitMap)(signinFx.done) // we use "done" here because we need "e.params.data.email" for logic
+            .map((e) => mapSignInResponseToWrongOAuth(e.params, e.result), setWrongOAuth)
             .map((e) => {
             var _a;
             return e.result.kind === "error" && ((_a = e.result.error.apiError) === null || _a === void 0 ? void 0 : _a.code) === codes_js_1.ErrorCode.Unauthorized
@@ -1718,7 +1868,7 @@ function createSigninPageGraph(binding) {
                     ? "unauthorized"
                     : "unauthorized_oauth"
                 : undefined;
-        }, form.setError)
+        }, setErrorOnAllForms)
             .map((e) => (e.result.kind !== "data" ? e.result : undefined), handleFormFailure({ form, unexpectedError: binding.unexpectedError }));
     }
     // OTP init form
@@ -1731,7 +1881,7 @@ function createSigninPageGraph(binding) {
         });
         // failure
         (0, split_js_1.splitMap)(error)
-            .map((e) => { var _a; return e.kind === "error" && ((_a = e.error.apiError) === null || _a === void 0 ? void 0 : _a.code) === codes_js_1.ErrorCode.TryAgainLater ? "try_again_later" : undefined; }, formOTPInit.setError)
+            .map((e) => { var _a; return e.kind === "error" && ((_a = e.error.apiError) === null || _a === void 0 ? void 0 : _a.code) === codes_js_1.ErrorCode.TryAgainLater ? "try_again_later" : undefined; }, setErrorOnAllForms)
             .fallback(handleFormFailure({ form: formOTPInit, unexpectedError: binding.unexpectedError }));
     }
     // OTP complete form
@@ -1744,7 +1894,7 @@ function createSigninPageGraph(binding) {
         });
         // failure
         (0, split_js_1.splitMap)(error)
-            .map((e) => { var _a; return (e.kind === "error" && ((_a = e.error.apiError) === null || _a === void 0 ? void 0 : _a.code) === codes_js_1.ErrorCode.NotFound ? "unauthorized" : undefined); }, formOTPComplete.setError)
+            .map((e) => { var _a; return (e.kind === "error" && ((_a = e.error.apiError) === null || _a === void 0 ? void 0 : _a.code) === codes_js_1.ErrorCode.NotFound ? "unauthorized" : undefined); }, setErrorOnAllForms)
             .fallback(handleFormFailure({ form: formOTPComplete, unexpectedError: binding.unexpectedError }));
     }
     // oauth flow
@@ -1768,6 +1918,28 @@ function createSigninPageGraph(binding) {
         filter: binding.everythingIdle,
         target: signinFx,
     });
+    const webauthnClick = (0, effector_1.createEvent)();
+    (0, effector_1.guard)({
+        source: (0, effector_1.sample)(binding.internalConfig, webauthnClick, (config, data) => ({ config, data })),
+        filter: binding.everythingIdle,
+        target: signInViaWebauthnFx,
+    });
+    const connectWrongOAuth = (0, effector_1.createEvent)();
+    const cancelWrongOAuth = (0, effector_1.createEvent)();
+    (0, effector_1.guard)({
+        source: (0, effector_1.sample)(wrongOAuth, connectWrongOAuth, (w) => w
+            ? {
+                config: w.params.config,
+                data: Object.assign(Object.assign({}, w.params.data), { oauth_session_id: w.meta.oauth_session_id }),
+            }
+            : undefined).filterMap((v) => v),
+        filter: binding.everythingIdle,
+        target: signinFx,
+    });
+    (0, effector_1.forward)({
+        from: cancelWrongOAuth.map(() => null),
+        to: setWrongOAuth,
+    });
     return {
         init,
         form,
@@ -1776,6 +1948,10 @@ function createSigninPageGraph(binding) {
         signInMode,
         setSignInMode,
         oauth2Click,
+        webauthnClick,
+        wrongOAuthInfo,
+        connectWrongOAuth,
+        cancelWrongOAuth,
         somethingIsPending: (0, combineSome_js_1.combineSome)(init.pending, signinFx.pending),
     };
 }
@@ -1825,7 +2001,7 @@ function createOAuth2UtilsGraph(binding) {
     }));
     const disconnectFx = (0, effector_1.createEffect)((p) => tslib_1.__awaiter(this, void 0, void 0, function* () {
         const { shopID, opts } = p.config;
-        return (0, request_js_1.request)(DisconnectOAuth2Mutation_js_1.default)({ shopID }, opts);
+        return (0, request_js_1.request)(DisconnectOAuth2Mutation_js_1.default)({ shopID, provider: p.data }, opts);
     }));
     // connect flow
     {
@@ -1888,6 +2064,92 @@ function createOAuth2UtilsGraph(binding) {
         somethingIsPending: (0, combineSome_js_1.combineSome)(connectFx.pending, disconnectFx.pending),
     };
 }
+//--------------------------------------------------------------------------------------------------------------------
+//--------------------------------------------------------------------------------------------------------------------
+//--------------------------------------------------------------------------------------------------------------------
+// not really a part of any page, but somewhat follows page graph conventions, except it doesn't have init.
+function createWebauthnUtilsGraph(binding) {
+    const createWebauthn = (0, effector_1.createEvent)();
+    const deleteWebauthn = (0, effector_1.createEvent)();
+    const createFx = (0, effector_1.createEffect)((p) => tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const { shopID, opts } = p.config;
+        if (!p.data) {
+            return { kind: "custom_error", text: "no customer info" };
+        }
+        const email = p.data.customer.email;
+        const name = p.data.customer.name;
+        const resp = yield (0, request_js_1.request)(InitWebauthnMutation_js_1.default)({ shopID, email, name }, opts);
+        if (resp.kind !== "data") {
+            return resp;
+        }
+        let sessionID;
+        let credential;
+        try {
+            sessionID = resp.data.session_id;
+            credential = yield (0, browser_1.startRegistration)({ optionsJSON: JSON.parse(resp.data.options).publicKey });
+        }
+        catch (err) {
+            console.error(err);
+            return { kind: "custom_error", text: "webauthn failure" };
+        }
+        return (0, request_js_1.request)(AddWebauthnMutation_js_1.default)({ shopID, data: { webauthn_credential: JSON.stringify(credential), webauthn_session_id: sessionID } }, opts);
+    }));
+    const deleteFx = (0, effector_1.createEffect)((p) => tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const { shopID, opts } = p.config;
+        return (0, request_js_1.request)(DeleteWebauthnMutation_js_1.default)({ shopID, ids: p.data }, opts);
+    }));
+    // create flow
+    {
+        (0, effector_1.guard)({
+            source: (0, effector_1.sample)((0, effector_1.combine)({ config: binding.internalConfig, customerInfo: binding.customerInfo }), createWebauthn, ({ config, customerInfo }, _data) => ({ config, data: customerInfo })),
+            filter: binding.everythingIdle,
+            target: createFx,
+        });
+        const { data: connectData, error: connectError } = (0, requestResponse_js_1.requestResponseSplit)(createFx.doneData);
+        // success
+        (0, effector_1.forward)({
+            from: connectData,
+            to: binding.fetchCustomerInfoNow,
+        });
+        (0, effector_1.forward)({
+            from: connectData.map(() => "webauthn_created"),
+            to: binding.message,
+        });
+        // failure
+        (0, effector_1.forward)({
+            from: connectError,
+            to: binding.unexpectedError,
+        });
+    }
+    // delete flow
+    {
+        (0, effector_1.guard)({
+            source: (0, effector_1.sample)(binding.internalConfig, deleteWebauthn, (config, data) => ({ config, data })),
+            filter: binding.everythingIdle,
+            target: deleteFx,
+        });
+        const { data: disconnectData, error: disconnectError } = (0, requestResponse_js_1.requestResponseSplit)(deleteFx.doneData);
+        // success
+        (0, effector_1.forward)({
+            from: disconnectData,
+            to: binding.fetchCustomerInfoNow,
+        });
+        (0, effector_1.forward)({
+            from: disconnectData.map(() => "webauthn_deleted"),
+            to: binding.message,
+        });
+        // failure
+        (0, effector_1.forward)({
+            from: disconnectError,
+            to: binding.unexpectedError,
+        });
+    }
+    return {
+        createWebauthn,
+        deleteWebauthn,
+        somethingIsPending: (0, combineSome_js_1.combineSome)(createFx.pending, deleteFx.pending),
+    };
+}
 function createCustomer(config, init) {
     var _a;
     const currency = config.currency || (0, effector_1.createStore)(config.shopCurrency);
@@ -1957,6 +2219,7 @@ function createCustomer(config, init) {
         message,
         fetchCustomerInfoNow,
         oauth2,
+        customerInfo,
     };
     config.jwt.on(setJWT, (_, v) => v);
     customerInfo.on(setFavorites, (pv, favorites) => {
@@ -1994,6 +2257,7 @@ function createCustomer(config, init) {
     const pages = {
         signin: createSigninPageGraph(binding),
         signup: createSignupPageGraph(binding),
+        webauthnSignup: createWebauthnSignupPageGraph(binding),
         resetPassword: createResetPasswordPageGraph(binding),
         addresses: createAddressesPageGraph(binding),
         favorites: createFavoritesPageGraph(binding),
@@ -2009,6 +2273,7 @@ function createCustomer(config, init) {
         paymentMethods: createPaymentMethodsPageGraph(binding),
     };
     const oauth2Utils = createOAuth2UtilsGraph(binding);
+    const webauthnUtils = createWebauthnUtilsGraph(binding);
     const currentPage = (0, effector_1.createStore)(null);
     const loadPage = (0, effector_1.createEvent)();
     const loadPageExt = (0, effector_1.sample)(currentPage, loadPage, (p, param) => ({
@@ -2017,6 +2282,7 @@ function createCustomer(config, init) {
     }));
     const loadSignin = loadPageExt.filterMap((v) => (v.param.kind === "signin" ? Object.assign(Object.assign({}, v), { param: v.param }) : undefined));
     const loadSignup = loadPageExt.filterMap((v) => (v.param.kind === "signup" ? Object.assign(Object.assign({}, v), { param: v.param }) : undefined));
+    const loadWebauthnSignup = loadPageExt.filterMap((v) => v.param.kind === "webauthn_signup" ? Object.assign(Object.assign({}, v), { param: v.param }) : undefined);
     const loadResetPassword = loadPageExt.filterMap((v) => v.param.kind === "reset_password" ? Object.assign(Object.assign({}, v), { param: v.param }) : undefined);
     const loadAddresses = loadPageExt.filterMap((v) => v.param.kind === "addresses" ? Object.assign(Object.assign({}, v), { param: v.param }) : undefined);
     const loadFavorites = loadPageExt.filterMap((v) => v.param.kind === "favorites" ? Object.assign(Object.assign({}, v), { param: v.param }) : undefined);
@@ -2032,6 +2298,7 @@ function createCustomer(config, init) {
     const loadPaymentMethods = loadPageExt.filterMap((v) => v.param.kind === "payment_methods" ? Object.assign(Object.assign({}, v), { param: v.param }) : undefined);
     (0, effector_1.forward)({ from: loadSignin, to: pages.signin.init.load });
     (0, effector_1.forward)({ from: loadSignup, to: pages.signup.init.load });
+    (0, effector_1.forward)({ from: loadWebauthnSignup, to: pages.webauthnSignup.init.load });
     (0, effector_1.forward)({ from: loadResetPassword, to: pages.resetPassword.init.load });
     (0, effector_1.forward)({ from: loadAddresses, to: pages.addresses.init.load });
     (0, effector_1.forward)({ from: loadFavorites, to: pages.favorites.init.load });
@@ -2053,6 +2320,7 @@ function createCustomer(config, init) {
         from: [
             pages.signin.init.loaded,
             pages.signup.init.loaded,
+            pages.webauthnSignup.init.loaded,
             pages.resetPassword.init.loaded,
             pages.addresses.init.loaded,
             pages.favorites.init.loaded,
@@ -2069,7 +2337,7 @@ function createCustomer(config, init) {
         ],
         to: currentPage,
     });
-    const somethingPending = (0, combineSome_js_1.combineSome)(pages.signin.somethingIsPending, pages.signup.somethingIsPending, pages.resetPassword.somethingIsPending, pages.addresses.somethingIsPending, pages.favorites.somethingIsPending, pages.orders.somethingIsPending, pages.subscriptions.somethingIsPending, pages.returns.somethingIsPending, pages.order.somethingIsPending, pages.subscription.somethingIsPending, pages.return.somethingIsPending, pages.createReturn.somethingIsPending, pages.storeCredit.somethingIsPending, pages.profile.somethingIsPending, pages.paymentMethods.somethingIsPending, oauth2Utils.somethingIsPending);
+    const somethingPending = (0, combineSome_js_1.combineSome)(pages.signin.somethingIsPending, pages.signup.somethingIsPending, pages.webauthnSignup.somethingIsPending, pages.resetPassword.somethingIsPending, pages.addresses.somethingIsPending, pages.favorites.somethingIsPending, pages.orders.somethingIsPending, pages.subscriptions.somethingIsPending, pages.returns.somethingIsPending, pages.order.somethingIsPending, pages.subscription.somethingIsPending, pages.return.somethingIsPending, pages.createReturn.somethingIsPending, pages.storeCredit.somethingIsPending, pages.profile.somethingIsPending, pages.paymentMethods.somethingIsPending, oauth2Utils.somethingIsPending, webauthnUtils.somethingIsPending);
     (0, effector_1.forward)({
         from: somethingPending.map((v) => !v),
         to: everythingIdle,
@@ -2150,7 +2418,11 @@ function createCustomer(config, init) {
         to: internalGoTo,
     });
     // customerMenuVisible helper
-    const customerLoggedIn = jwtAndCurrentPage.map(([jwt, currentPage]) => jwt !== "" && currentPage && currentPage.kind !== "signin" && currentPage.kind !== "signup");
+    const customerLoggedIn = jwtAndCurrentPage.map(([jwt, currentPage]) => jwt !== "" &&
+        currentPage &&
+        currentPage.kind !== "signin" &&
+        currentPage.kind !== "signup" &&
+        currentPage.kind !== "webauthn_signup");
     return {
         message,
         logout,
@@ -2169,6 +2441,10 @@ function createCustomer(config, init) {
             connect: oauth2Utils.connectOAuth2,
             disconnect: oauth2Utils.disconnectOAuth2,
         },
+        webauthn: {
+            create: webauthnUtils.createWebauthn,
+            delete: webauthnUtils.deleteWebauthn,
+        },
     };
 }
 exports.createCustomer = createCustomer;

package/cjs/script.js

@@ -45,6 +45,7 @@ function embedUI(config) {
             shopCurrencies: (0, arrayToDict_js_1.arrayToDict)(config.currencies, (c) => c.currency.code),
             tipsVariantID: config.shop.tips_enabled ? (_b = config.shop.tips_variant) === null || _b === void 0 ? void 0 : _b.id : undefined,
             oauth2Providers: config.shop.customer_oauth_providers,
+            customerWebauthn: config.shop.customer_webauthn,
             stripe: stripeGateway
                 ? {
                     accountID: stripeGateway.account_id,

package/esm/graphql/fragments/Customer.js

@@ -1 +1 @@
-export default "fragment Customer on StorefrontCustomer{id email name display_name mobile mobile_notifications accepts_marketing reminder_messages addresses{...FullAddress}mobile mobile_notifications default_billing_address_id default_shipping_address_id default_payment_source_id is_guest password_defined oauth_provider}\n";
+export default "fragment Customer on StorefrontCustomer{id email name display_name mobile mobile_notifications accepts_marketing reminder_messages addresses{...FullAddress}mobile mobile_notifications default_billing_address_id default_shipping_address_id default_payment_source_id is_guest password_defined oauth_providers webauthn_keys{id name created_at}}\n";

package/esm/graphql/fragments/Shop.js

@@ -1 +1 @@
-export default "fragment Shop on StorefrontShop{app_domain created_at currency customer_service_email id name product_review_enabled tax_label timezone primary_domain{domain id}customer_oauth_providers{...CustomerOAuthProvider}tips_enabled tips_variant{id}}\n";
+export default "fragment Shop on StorefrontShop{app_domain created_at currency customer_service_email id name product_review_enabled tax_label timezone primary_domain{domain id}customer_oauth_providers{...CustomerOAuthProvider}tips_enabled tips_variant{id}customer_webauthn}\n";

package/esm/graphql/operations/AddWebauthnMutation.js

@@ -0,0 +1 @@
+export default "mutation AddWebauthn($shopID:String!$data:WebauthnAdd!){storefrontCustomersWebauthn(shop_id:$shopID data:$data)}";

package/esm/graphql/operations/DeleteWebauthnMutation.js

@@ -0,0 +1 @@
+export default "mutation DeleteWebauthn($shopID:String!$ids:[String!]!){storefrontCustomersWebauthnDelete(shop_id:$shopID ids:$ids)}";

package/esm/graphql/operations/DisconnectOAuth2Mutation.js

@@ -1 +1 @@
-export default "mutation DisconnectOAuth2($shopID:String!){storefrontCustomersOauthDelete(shop_id:$shopID)}";
+export default "mutation DisconnectOAuth2($shopID:String!$provider:CustomerOAuthProviderKind!){storefrontCustomersOauthDelete(shop_id:$shopID provider:$provider)}";

package/esm/graphql/operations/InitWebauthnMutation.js

@@ -0,0 +1 @@
+export default "mutation InitWebauthn($shopID:String!$name:String$email:String){storefrontCustomersInitWebauthn(shop_id:$shopID name:$name email:$email){session_id options}}";