@lifeready/core 1.0.1 → 1.0.3

package/lib/api/types/lr-graphql.types.d.ts

@@ -0,0 +1,385 @@
+import { Connection, DateTime, GenericScalar, ID, JSONString, LrEmail, Node, TimeStamped } from './graphql.types';
+export declare type UserStripeNode = any;
+export declare type UserPlanNode = any;
+export declare type UserDeleteNode = any;
+export declare type FeaturesNode = any;
+export declare type ScenarioNode = any;
+export declare type SharedScenarioNode = any;
+export declare type TpPasswordResetRequestNode = any;
+export interface PassKeyNode extends Node, TimeStamped {
+    passKeyParams?: GenericScalar;
+    passIdpParams?: GenericScalar;
+    wrappedPassIdpVerifierPrk?: GenericScalar;
+}
+export interface CurrentUserKeyNode extends Node, TimeStamped {
+    passKeys?: PassKeyNode[];
+    passKey?: PassKeyNode;
+    rootKey?: KeyNode;
+    masterKey?: KeyNode;
+    pxk?: KeyNode;
+    sigPxk?: KeyNode;
+}
+export interface UserNode extends Node {
+    username?: string;
+    contactCards?: Connection<ContactCardNode>;
+    currentUserKey?: CurrentUserKeyNode;
+    ownedContactCard?: SharedContactCardNode;
+    receivedContactCard?: SharedContactCardNode;
+    isCurrentUser?: boolean;
+    haveTp?: boolean;
+    stripe?: UserStripeNode;
+    userPlans?: Connection<UserPlanNode>;
+    userDelete?: UserDeleteNode;
+    features?: FeaturesNode;
+}
+export interface ServerTime {
+    timestamp?: string;
+}
+export interface KeyNode extends Node, TimeStamped {
+    pbk?: string;
+}
+export interface ContactCardNode extends Node, TimeStamped {
+    owner?: UserNode;
+    publicDataSig?: string;
+    publicSearchableSig?: string;
+    sigPxk?: KeyNode;
+    defaultFrom?: DateTime;
+    publicData?: string;
+    publicSearchable?: string;
+    cipherData?: string;
+    cipherDataClearJson?: any;
+    key?: KeyNode;
+    plainData?: string;
+    plainDataSig?: string;
+}
+export interface DirectoryNode extends Node, TimeStamped {
+    plainMeta?: JSONString;
+    plainMetaJson?: any;
+    cipherMeta?: string;
+    cipherMetaClearJson?: any;
+    archived?: boolean;
+    keyId?: ID;
+    childFileLinks?: Connection<FileLinkNode>;
+    childDirectoryLinks?: Connection<DirectoryLinkNode>;
+    parentDirectoryLinks?: Connection<DirectoryLinkNode>;
+    nParentDirectoryLinks?: DirectoryLinkNodeLrNList;
+    descendants?: Descendants;
+    accessRoles?: AccessRole[];
+}
+export interface FileNode extends Node, TimeStamped {
+    currentVersion?: FileVersionNode;
+    archived?: boolean;
+    versions?: Connection<FileVersionNode>;
+    keyId?: ID;
+    parentDirectoryLinks?: Connection<FileLinkNode>;
+    nParentDirectoryLinks?: FileLinkNodeLrNList;
+    accessRoles?: AccessRole[];
+}
+export interface DirectoryLinkNode extends Node, TimeStamped {
+    parentDirectory?: DirectoryNode;
+    childDirectory?: DirectoryNode;
+}
+export interface FileLinkNode extends Node, TimeStamped {
+    parentDirectory?: DirectoryNode;
+    childFile?: FileNode;
+}
+export interface DirectoryLinkNodeLrNList {
+    list?: DirectoryLinkNode[];
+}
+export interface FileLinkNodeLrNList {
+    list?: FileLinkNode[];
+}
+export interface Descendants {
+    directories?: Connection<DirectoryNode>;
+    files?: Connection<FileNode>;
+    directoriesCount?: number;
+    filesCount?: number;
+}
+export declare enum AccessRoleChoice {
+    READER = "READER",
+    WRITER = "WRITER",
+    ADMIN = "ADMIN",
+    DENY = "DENY",
+    OWNER = "OWNER"
+}
+export declare enum AccessRoleMethod {
+    inherited = "inherited",
+    direct = "direct"
+}
+export interface AccessRole {
+    issuer?: UserNode;
+    subject?: UserNode;
+    role?: AccessRoleChoice;
+    method?: AccessRoleMethod;
+    inheritedFrom?: DirectoryNode;
+    trustedParty?: TpNode;
+    isIssuer?: boolean;
+}
+export declare enum FileVersionOperation {
+    CREATE = "CREATE",
+    READ = "READ",
+    UPDATE = "UPDATE",
+    REVERT = "REVERT",
+    DELETE = "DELETE"
+}
+export interface FileVersionNode extends Node, TimeStamped {
+    file?: FileNode;
+    state?: FileStateNode;
+    operation?: FileVersionOperation;
+    author?: UserNode;
+}
+export interface FileStateNode extends Node, TimeStamped {
+    plainMeta?: JSONString;
+    plainMetaJson?: any;
+    cipherMeta?: string;
+    cipherMetaClearJson?: any;
+    contentResource?: string;
+    versions?: Connection<FileVersionNode>;
+    keyId: ID;
+}
+export declare enum KeyExchangeOtkState {
+    OTK_INITIATED = "OTK_INITIATED",
+    OTK_ACCEPTED = "OTK_ACCEPTED",
+    OTK_COMPLETED = "OTK_COMPLETED"
+}
+export interface ContactCardSharedCipherData {
+    sharedCipherDataClearJson: any;
+}
+/**
+ * The contents of the one-time key cipher
+ */
+export interface OtKeyCipherClearJson2 {
+    nonce: string;
+    initiator: {
+        oneTimePbk: object;
+        pbk: object;
+        sigPbk: object;
+        message?: any;
+        contactCard?: ContactCardSharedCipherData;
+    };
+}
+export interface KeyExchangeOtkNode extends Node, TimeStamped {
+    state?: KeyExchangeOtkState;
+    sharedKey?: KeyNode;
+    mkSharedKey?: KeyNode;
+    initiatorSigPxk?: KeyNode;
+    responderSigPxk?: KeyNode;
+    initiatorOneTimePbkCipher?: string;
+    otKeyParams?: string;
+    otKeyCipher?: string;
+    otKeyCipherClearJson?: OtKeyCipherClearJson2;
+    responderPbkCipher?: string;
+}
+export declare enum KeyExchangeState {
+    IN_PROGRESS = "IN_PROGRESS",
+    COMPLETED = "COMPLETED",
+    DECLINED = "DECLINED",
+    CANCELLED = "CANCELLED",
+    DELETED = "DELETED"
+}
+export declare enum KeyExchangeMode {
+    OTK = "OTK"
+}
+export interface KeyExchangeNode extends Node, TimeStamped {
+    expiryTime?: DateTime;
+    token?: string;
+    tokenExpiryTime?: DateTime;
+    state?: KeyExchangeState;
+    mode?: KeyExchangeMode;
+    initiator?: UserNode;
+    responder?: UserNode;
+    initiatorRootKeyCipher?: string;
+    responderRootKeyCipher?: string;
+    initiatorActionRequired?: boolean;
+    responderActionRequired?: boolean;
+    createTp?: boolean;
+    otk?: KeyExchangeOtkNode;
+    isInitiator?: boolean;
+    isExpired?: boolean;
+    responderEmailAddress?: LrEmail;
+}
+export interface SharedItems {
+    directories?: Connection<DirectoryNode>;
+    files?: Connection<FileNode>;
+}
+export interface SharedContactCardNode extends Node, TimeStamped {
+    owner?: UserNode;
+    receiver?: UserNode;
+    sharedKey?: KeyNode;
+    sharedCipherData?: string;
+    sharedCipherDataClearJson?: any;
+    sharedCipherDataSig?: string;
+    sharedCipherDataSigPxk?: KeyNode;
+    ownerCipherData?: string;
+    ownerCipherDataClearJson?: any;
+    ownerKey?: KeyNode;
+    ownerPlainData?: string;
+    ownerPlainDataJson?: any;
+    ownerPlainDataSig?: string;
+    receiverCipherData?: string;
+    receiverCipherDataClearJson?: any;
+    receiverKey?: KeyNode;
+}
+export interface UserSharedKeyNode extends Node, TimeStamped {
+    keyExchange?: KeyExchangeNode;
+    user?: UserNode;
+    userPrk?: KeyNode;
+    userSigPrk?: KeyNode;
+    other?: UserNode;
+    otherPbk?: KeyNode;
+    otherSigPbk?: KeyNode;
+    sharedKey?: KeyNode;
+    mkSharedKey?: KeyNode;
+    mkPxk?: KeyNode;
+    mkReshareRequestCipher?: string;
+    mkReshareResponseCipher?: string;
+    mkReshareRequestCipherClearJson?: any;
+    mkReshareResponseCipherClearJson?: any;
+    mkReshareRequestSent?: boolean;
+    mkReshareResponseSent?: boolean;
+}
+export interface CurrentUserSharedKeyNode extends Node, TimeStamped {
+    user?: UserNode;
+    other?: UserNode;
+    userSharedKey?: UserSharedKeyNode;
+}
+export interface TpNode extends Node, TimeStamped {
+    user?: UserNode;
+    other?: UserNode;
+    currentUserSharedKey?: CurrentUserSharedKeyNode;
+    isCompleted?: boolean;
+    sharedKey?: KeyNode;
+    sharedContactCard?: SharedContactCardNode;
+    myContactCard?: SharedContactCardNode;
+    myItems?: SharedItems;
+    sharedItems?: SharedItems;
+    myScenarios?: Connection<ScenarioNode>;
+    sharedScenarios?: Connection<SharedScenarioNode>;
+}
+export declare enum TpAssemblyState {
+    DISABLED = "DISABLED",
+    ENABLED = "ENABLED",
+    CLAIMED = "CLAIMED",
+    APPROVED = "APPROVED",
+    REJECTED = "REJECTED",
+    EXPIRED = "EXPIRED",
+    CANCELLED = "CANCELLED",
+    RESET = "RESET"
+}
+export declare enum TpClaimState {
+    CLAIMED = "CLAIMED",
+    APPROVED = "APPROVED",
+    REJECTED = "REJECTED",
+    EXPIRED = "EXPIRED",
+    CANCELLED = "CANCELLED",
+    RESET = "RESET"
+}
+export declare enum TpClaimApproverState {
+    CLAIMED = "CLAIMED",
+    APPROVED = "APPROVED",
+    REJECTED = "REJECTED"
+}
+export interface TpPasswordResetApproval extends Node, TimeStamped {
+    approverEmail?: string;
+    receiverCipher?: string;
+    receiverCipherClearJson?: any;
+    receiverCipherPartialAssemblyKey?: string;
+    receiverCipherPartialAssemblyKeyClearJson?: any;
+}
+export interface TpPasswordResetUserApprovalNode extends Node, TimeStamped {
+    receiverCipher?: string;
+    receiverCipherClearJson?: any;
+    receiverCipherPartialAssemblyKey?: string;
+    receiverCipherPartialAssemblyKeyClearJson?: any;
+    approverEmail?: string;
+}
+export interface TpPasswordResetUserApprover {
+    name?: string;
+    email?: string;
+    state?: TpClaimApproverState;
+}
+export interface TpPasswordResetUserSubAssembly {
+    singleReject?: boolean;
+    quorum?: number;
+    approvers?: TpPasswordResetUserApprover[];
+}
+export interface TpPasswordResetUserAssembly {
+    singleReject?: boolean;
+    quorum?: number;
+    subAssemblies?: TpPasswordResetUserSubAssembly[];
+}
+export interface TpPasswordResetUserNode {
+    username?: string;
+    resetUsername?: string;
+    state?: TpClaimState;
+    passKey?: PassKeyNode;
+    masterKey?: KeyNode;
+    pxk?: KeyNode;
+    sessionEncryptionKey?: string;
+    approvals?: TpPasswordResetUserApprovalNode[];
+    assemblyCipherData?: string;
+    wrappedAssemblyKeyVerifierPrk?: string;
+    assembly?: TpPasswordResetUserAssembly;
+}
+export interface TpPasswordResetNode extends Node, TimeStamped {
+    assembly?: TpAssemblyNode;
+    request?: TpPasswordResetRequestNode;
+    applied?: boolean;
+}
+export interface TpAssemblyNode extends Node, TimeStamped {
+    id?: ID;
+    singleReject?: boolean;
+    quorum?: number;
+    subjectKey?: KeyNode;
+    assemblyKey?: KeyNode;
+    assemblyCipherData?: string;
+    assemblyCipherDataClearJson?: any;
+    subAssemblies?: Connection<TpSubAssemblyNode>;
+}
+export interface TpSubAssemblyNode extends Node, TimeStamped {
+    singleReject?: boolean;
+    quorum?: number;
+    subjectCipherData?: string;
+    subjectCipherDataClearJson?: string;
+    approvers?: Connection<TpAssemblyApproverNode>;
+}
+export interface TpAssemblyApproverNode extends Node, TimeStamped {
+    sharedKey?: KeyNode;
+    sharedCipherData?: string;
+    sharedCipherApprovalData?: string;
+    tp?: TpNode;
+}
+export interface SharedTpPasswordResetNode extends Node, TimeStamped {
+    assembly?: SharedTpAssemblyNode;
+    tp?: TpNode;
+    sharedRequest?: SharedTpPasswordResetRequestNode;
+}
+export interface SharedTpAssemblyNode extends Node, TimeStamped {
+    asApprovers?: Connection<TpAssemblyAsApproverNode>;
+}
+export interface TpAssemblyAsApproverNode extends Node, TimeStamped {
+    sharedKey?: KeyNode;
+    sharedCipherData?: string;
+}
+export interface SharedTpPasswordResetRequestNode extends Node, TimeStamped {
+    claim?: SharedTpClaimNode;
+    pxk?: KeyNode;
+}
+export interface SharedTpClaimNode extends Node, TimeStamped {
+    state?: TpClaimState;
+    asClaimApprovers?: Connection<SharedTpClaimApproverNode>;
+}
+export interface SharedTpClaimApproverNode extends Node, TimeStamped {
+    state?: TpClaimApproverState;
+    sharedKey?: KeyNode;
+    sharedCipherApprovalData?: string;
+    sharedCipherPartialAssemblyKey?: string;
+    receiverApprovals?: Connection<SharedTpClaimReceiverApprovalNode>;
+}
+export interface SharedTpClaimReceiverApprovalNode extends Node, TimeStamped {
+    pxk?: KeyNode;
+}
+export declare enum LockState {
+    UNLOCKED = "UNLOCKED",
+    MUTEX_LOCKED = "MUTEX_LOCKED"
+}

package/lib/auth/auth.config.d.ts

@@ -0,0 +1,5 @@
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import { LifeReadyConfig } from '../life-ready.config';
+export declare function handleCognitoCallback<T>(method: (callback: (err?: Error, result?: T) => void) => void): Promise<T>;
+export declare const awsFetch: (authUrl: string) => (url: any, options: any) => Promise<Response>;
+export declare const configureAmplifyAuth: ({ authUrl: authUrl, userPoolId, userPoolWebClientId }: LifeReadyConfig, auth: AuthClass) => () => void;

package/lib/auth/auth.gql.d.ts

@@ -0,0 +1,15 @@
+export declare const PasswordChangeRequestMutation: import("graphql").DocumentNode;
+export declare const PasswordChangeMutation: import("graphql").DocumentNode;
+export declare const PasswordChangeConfigQuery: import("graphql").DocumentNode;
+export interface SetSessionEncryptionKeyMutation {
+    setSessionEncryptionKey: {
+        sessionEncryptionKey: string;
+    };
+}
+export declare const SetSessionEncryptionKeyMutation: import("../_common/ast").TypedDocumentNode<SetSessionEncryptionKeyMutation>;
+export interface ClearSessionEncryptionKeyMutation {
+    clearSessionEncryptionKey: {
+        sessionEncryptionKey: string;
+    };
+}
+export declare const ClearSessionEncryptionKeyMutation: import("../_common/ast").TypedDocumentNode<ClearSessionEncryptionKeyMutation>;

package/lib/auth/auth.types.d.ts

@@ -0,0 +1,66 @@
+import { CognitoUser } from '@aws-amplify/auth';
+import { JWK } from 'node-jose';
+import { TpPasswordResetUserNode } from '../api/types';
+import { PassIdpParams, PassKeyParams } from '../cryptography/cryptography.types';
+import { UserPlan } from '../plan/plan.types';
+import { CurrentUserKey, MainContactCard } from '../users/profile.types';
+import { UserDelete } from '../users/user.types';
+export interface PassKeyBundle {
+    passKeyParams: PassKeyParams;
+    passKey: JWK.Key;
+    passIdpParams: PassIdpParams;
+    passIdp: JWK.Key;
+    passIdpVerifier: JWK.Key;
+    wrappedPassIdpVerifierPrk: object;
+}
+export declare class CognitoChallengeUser extends CognitoUser {
+    recoveryStatus: RecoveryStatus;
+    challengeName: 'SMS_MFA' | 'SOFTWARE_TOKEN_MFA';
+    challengeParam: any;
+    isTpPasswordResetUser: boolean;
+}
+export declare enum FeatureAction {
+    ACCESS = "access"
+}
+export declare class Features {
+    myVault: FeatureAction[];
+    tpVault: FeatureAction[];
+    shareVault: FeatureAction[];
+}
+export declare class CurrentUser {
+    id: string;
+    sub: string;
+    username: string;
+    currentUserKey: CurrentUserKey;
+    email: string;
+    emailVerified: boolean;
+    phone: string;
+    phoneVerified: boolean;
+    getAccessJwtToken: () => string;
+    contactCard: MainContactCard;
+    userDelete?: UserDelete;
+    userPlans: UserPlan[];
+    features: Features;
+    hasTPVaultAccess: boolean;
+    sessionEncryptionKey: string;
+}
+export interface TpPasswordResetUser extends TpPasswordResetUserNode {
+    sub: string;
+}
+export declare class LoginResult {
+    hasChallenge: boolean;
+    challenge?: CognitoChallengeUser;
+    user?: CurrentUser;
+    resetUser?: TpPasswordResetUserNode;
+}
+export declare class RegisterResult {
+    username: string;
+    userId: string;
+    preSignUpToken: string;
+    userSub: string;
+}
+export declare enum RecoveryStatus {
+    NONE = "none",
+    NEW_PASSWORD = "new-password",
+    OLD_PASSWORD = "old-password"
+}

package/lib/auth/idle.service.d.ts

@@ -0,0 +1,40 @@
+import { Idle } from '@ng-idle/core';
+import { Keepalive } from '@ng-idle/keepalive';
+import { KeyService } from '../cryptography/key.service';
+import { LifeReadyConfig } from '../life-ready.config';
+import { HttpClient } from '@angular/common/http';
+import { KeepaliveResult } from './idle.types';
+import { Key } from '../cryptography/cryptography.types';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+export interface IdleServiceInit {
+    onTimeout?: (() => any) | (() => Promise<any>) | null;
+    onKeepalive?: (() => any) | (() => Promise<any>) | null;
+    idleSec?: number;
+    timeoutSec?: number;
+    keepAliveIntervalSec?: number;
+}
+export declare class IdleService {
+    private config;
+    private http;
+    private idle;
+    private keepalive;
+    private keyService;
+    private auth;
+    private readonly IDLE_EXPIRY_KEY;
+    private readonly IDLING_KEY;
+    private initCalled;
+    private onTimeout;
+    private onKeepalive;
+    constructor(config: LifeReadyConfig, http: HttpClient, idle: Idle, keepalive: Keepalive, keyService: KeyService, auth: AuthClass);
+    private assertInit;
+    init(params?: IdleServiceInit): Promise<void>;
+    keepalivePost(): Promise<{
+        expiresAfterSeconds: number;
+        keepaliveResult: KeepaliveResult;
+    }>;
+    persistMasterKey(masterKey: Key): Promise<void>;
+    private onPing;
+    start(): Promise<void>;
+    stop(): void;
+    private reset;
+}

package/lib/auth/idle.types.d.ts

@@ -0,0 +1,10 @@
+export declare enum Config {
+    TIMEOUT = 0.01,
+    IDLE = 1200,
+    KEEP_ALIVE_INTERVAL = 60
+}
+export interface KeepaliveResult {
+    session: {
+        expires_after_seconds: number;
+    };
+}

package/lib/auth/lbop.service.d.ts

@@ -0,0 +1,91 @@
+import { LrApolloService } from '../api/lr-apollo.service';
+import { HttpClient } from '@angular/common/http';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import { JWK } from 'node-jose';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { LifeReadyConfig } from '../life-ready.config';
+import { LifeReadyAuthService } from './life-ready-auth.service';
+import { PasswordService } from './password.service';
+import { KeyFactoryService as KFS } from '../cryptography/key-factory.service';
+export interface SetPasswordParams {
+    lbopId: string;
+    newPassword: string;
+    verifiedToken: string;
+    masterKeyId: string;
+    masterKey: JWK.Key;
+}
+export interface VerifyContactParams {
+    email?: string;
+    phone?: string;
+}
+export interface VerifyContactResult {
+    claimId: string;
+}
+export interface ConfirmContactParams {
+    claimId: string;
+    vCode: string;
+}
+export interface ConfirmContactResult {
+    token: string;
+}
+export interface VerifyParams {
+    claimId: string;
+    claimToken: string;
+    lbop: string;
+}
+export interface VerifyResult {
+    lbopId: string;
+    verifiedToken: string;
+    masterKeyId: string;
+    masterKey: JWK.Key;
+}
+export interface ChallengeResult {
+    challenge: any;
+    lbops: any;
+}
+export interface Lbop {
+    id: string;
+    partial?: string;
+    name?: string;
+    lbopString?: string;
+}
+export interface CreateLbopParams {
+    name?: string;
+}
+export declare const CreateLbopQuery: import("graphql").DocumentNode;
+export declare const DeleteLbopQuery: import("graphql").DocumentNode;
+export interface UpdateLbopParams {
+    id: string;
+    name: string;
+}
+export declare const UpdateLbopQuery: import("graphql").DocumentNode;
+export declare const LbopQuery: import("graphql").DocumentNode;
+export declare const LbopsQuery: import("graphql").DocumentNode;
+export declare class LbopService {
+    private config;
+    private http;
+    private lrApollo;
+    private auth;
+    private authService;
+    private keyFactory;
+    private keyService;
+    private encryptionService;
+    private keyGraph;
+    private passwordService;
+    private readonly CLIENT_NONCE_LENGTH;
+    private readonly LBOP_WORDS;
+    constructor(config: LifeReadyConfig, http: HttpClient, lrApollo: LrApolloService, auth: AuthClass, authService: LifeReadyAuthService, keyFactory: KFS, keyService: KeyService, encryptionService: EncryptionService, keyGraph: KeyGraphService, passwordService: PasswordService);
+    private getPartial;
+    remove(id: string): Promise<string>;
+    update({ id, name }: UpdateLbopParams): Promise<Lbop>;
+    get(id: string): Promise<Lbop>;
+    list(): Promise<Lbop[]>;
+    create({ name }: CreateLbopParams): Promise<Lbop>;
+    private verifyLbops;
+    verifyContact(params: VerifyContactParams): Promise<VerifyContactResult>;
+    confirmContact(params: ConfirmContactParams): Promise<ConfirmContactResult>;
+    verify(params: VerifyParams): Promise<VerifyResult>;
+    setPassword(params: SetPasswordParams): Promise<any>;
+}

package/lib/auth/life-ready-auth.service.d.ts

@@ -0,0 +1,59 @@
+import { Observable } from 'rxjs';
+import { KeyGraphService } from '../cryptography/key-graph.service';
+import { KeyService } from '../cryptography/key.service';
+import { ProfileService } from '../users/profile.service';
+import { CognitoChallengeUser, CurrentUser, TpPasswordResetUser, LoginResult } from './auth.types';
+import { PasswordService } from './password.service';
+import { AuthClass } from '@aws-amplify/auth/lib-esm/Auth';
+import { IdleService } from './idle.service';
+import { KeyFactoryService } from '../cryptography/key-factory.service';
+import { LrGraphQLService } from '../api/lr-graphql';
+import { TpPasswordResetProcessorService } from '../api/query-processor/tp-password-reset-processor.service';
+import { PersistService } from '../api/persist.service';
+import { LifeReadyConfig } from '../life-ready.config';
+import { EncryptionService } from '../cryptography/encryption.service';
+import { Slip39Service } from '../cryptography/slip39.service';
+export declare const initialiseAuth: (authService: LifeReadyAuthService) => () => Promise<void>;
+export interface LoginOptions {
+    tpPasswordResetAutoComplete?: boolean;
+}
+export declare class LifeReadyAuthService {
+    private config;
+    private auth;
+    private keyFactory;
+    private keyService;
+    private profileService;
+    private keyGraphService;
+    private passwordService;
+    private idleService;
+    private lrGraphQL;
+    private tpPasswordResetProcessorService;
+    private persistService;
+    private encryptionService;
+    private slip39Service;
+    private hubSubject;
+    private currentUser;
+    private currentResetUser;
+    constructor(config: LifeReadyConfig, auth: AuthClass, keyFactory: KeyFactoryService, keyService: KeyService, profileService: ProfileService, keyGraphService: KeyGraphService, passwordService: PasswordService, idleService: IdleService, lrGraphQL: LrGraphQLService, tpPasswordResetProcessorService: TpPasswordResetProcessorService, persistService: PersistService, encryptionService: EncryptionService, slip39Service: Slip39Service);
+    initialise(): Promise<void>;
+    private loginIdpImpl;
+    private loginIdp;
+    protected handleSessionEncryptionKey(): Promise<void>;
+    protected handlePostAuth(cognitoUser: CognitoChallengeUser): Promise<void>;
+    login(emailOrPhone: string, password: string, { tpPasswordResetAutoComplete }?: LoginOptions): Promise<LoginResult>;
+    loginImpl(emailOrPhone: string, password: string): Promise<LoginResult>;
+    verifyLogin(challenge: CognitoChallengeUser, password: string, rememberMe: boolean, code: string): Promise<CurrentUser>;
+    handlePasswordRecovery(user: CognitoChallengeUser): Promise<void>;
+    getUserOrResetUser(reload?: boolean): Promise<CurrentUser | TpPasswordResetUser>;
+    getResetUser(reload?: boolean): Promise<TpPasswordResetUser>;
+    getUser(reload?: boolean): Promise<CurrentUser>;
+    private mapTPVaultAccess;
+    private loadUser;
+    watchAuth(): Observable<any>;
+    logout(): Promise<void>;
+    private getUserAttribute;
+    loadResetUser(password?: string): Promise<TpPasswordResetUser>;
+    refreshAccessToken(): Promise<unknown>;
+    completeRequest(newPassword: string): Promise<void>;
+    private recoverAssemblyKey;
+}