@limrun/ui 0.9.0-rc.9 → 0.13.3-rc.1

package/README.md

@@ -4,14 +4,31 @@
 
 See [examples](../../examples/) to see how it can be used.
 
-## Real Device Installation
-
-`@limrun/ui` also includes a browser-based iPhone installation flow:
-
-- `@limrun/ui/device-install/react` exports the headless `useDeviceInstall` hook for clients that want to render their own UI.
-- `@limrun/ui/device-install` exports the guided `DeviceInstallDialog` UI, which walks users through a signed device build, USB access, browser pairing, and installation.
-
-WebUSB requires a Chromium browser and a secure context. Pair records and signing assets, including the `.p12` password, are stored in the browser's IndexedDB.
+## Real Device Installation Primitives
+
+`@limrun/ui` includes browser primitives for building your own iPhone
+installation UI. The package no longer exports a guided install dialog.
+
+- `@limrun/ui/app-store-relay` exports framework-agnostic Apple ID relay and Apple Developer Portal calls for teams, certificates, profiles, bundle IDs, and devices.
+- `@limrun/ui/app-store-relay/react` exports thin React state helpers for Apple ID login.
+- `@limrun/ui/device-build` exports signing asset helpers, signed build triggering, build log watching, and OTA install metadata.
+- `@limrun/ui/device-build/react` exports build state helpers.
+- `@limrun/ui/device-install` exports WebUSB access, pairing, pair-record storage, and install relay primitives.
+- `@limrun/ui/device-install/react` exports focused React state for device access, pairing, and relay installation.
+
+The primitives are intentionally low-level. Your app decides whether to create
+or reuse Apple certificates and provisioning profiles, how to present devices
+and bundle IDs, and when to persist signing assets.
+
+```ts
+import { listAppleTeams, createAppleProfile } from '@limrun/ui/app-store-relay';
+import { startSignedDeviceBuild } from '@limrun/ui/device-build';
+import { requestUSBAccess, pairDevice, startDeviceInstall } from '@limrun/ui/device-install';
+```
+
+WebUSB requires a Chromium browser and a secure context. Pair records and signing
+assets, including the `.p12` password when provided, are stored in the browser's
+IndexedDB only when you call the storage helpers.
 
 ### Releasing
 

package/dist/app-store-relay/index.cjs

@@ -0,0 +1,9 @@
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const s=require("../client-CnbCWvCs.js"),l=require("../index-CMeQfhYy.js"),p=require("../provisioning-D2ZZQeyX.js"),w={name:"RSASSA-PKCS1-v1_5",modulusLength:2048,publicExponent:new Uint8Array([1,0,1]),hash:"SHA-256"};async function P(e){if(!crypto.subtle)throw new Error("WebCrypto is not available in this browser.");const t=await crypto.subtle.generateKey(w,!0,["sign","verify"]),r=new Uint8Array(await crypto.subtle.exportKey("spki",t.publicKey)),i=f(B(0),S(e),r,q(0,new Uint8Array)),n=new Uint8Array(await crypto.subtle.sign("RSASSA-PKCS1-v1_5",t.privateKey,k(i))),a=f(i,f(D("1.2.840.113549.1.1.11"),C()),K(n)),u=new Uint8Array(await crypto.subtle.exportKey("pkcs8",t.privateKey));return{privateKey:t.privateKey,privateKeyPKCS8Base64:y(u),publicKeySPKIBase64:y(r),csrPEM:x("CERTIFICATE REQUEST",a),csrBase64:y(a)}}function I(e){if(!e.certificateBase64&&!e.certificatePEM)throw new Error("certificateBase64 or certificatePEM is required.");const t=l.forge.pki.privateKeyFromPem(U("PRIVATE KEY",e.privateKeyPKCS8Base64)),r=e.certificatePEM?l.forge.pki.certificateFromPem(e.certificatePEM):l.forge.pki.certificateFromAsn1(l.forge.asn1.fromDer(l.forge.util.createBuffer(O(e.certificateBase64)))),i=l.forge.pkcs12.toPkcs12Asn1(t,[r],e.password,{algorithm:"3des",friendlyName:e.friendlyName}),n=l.forge.asn1.toDer(i).getBytes();return F(n)}function S(e){const t=[m("2.5.4.3",R(e.commonName))];return e.emailAddress&&t.push(m("1.2.840.113549.1.9.1",T(e.emailAddress))),f(...t)}function m(e,t){return h(f(D(e),t))}function f(...e){return c(48,A(...e))}function h(...e){return c(49,A(...e))}function q(e,t){return c(160+e,t)}function B(e){return c(2,new Uint8Array([e]))}function C(){return new Uint8Array([5,0])}function R(e){return c(12,new TextEncoder().encode(e))}function T(e){return c(22,new TextEncoder().encode(e))}function K(e){return c(3,A(new Uint8Array([0]),e))}function D(e){const t=e.split(".").map(i=>parseInt(i,10));if(t.length<2||t.some(i=>!Number.isFinite(i)))throw new Error(`Invalid OID: ${e}`);const r=[t[0]*40+t[1]];for(const i of t.slice(2)){const n=[i&127];let a=i>>7;for(;a>0;)n.unshift(a&127|128),a>>=7;r.push(...n)}return c(6,new Uint8Array(r))}function c(e,t){return A(new Uint8Array([e]),E(t.byteLength),t)}function E(e){if(e<128)return new Uint8Array([e]);const t=[];let r=e;for(;r>0;)t.unshift(r&255),r>>=8;return new Uint8Array([128|t.length,...t])}function A(...e){const t=e.reduce((n,a)=>n+a.byteLength,0),r=new Uint8Array(t);let i=0;for(const n of e)r.set(n,i),i+=n.byteLength;return r}function x(e,t){const i=y(t).match(/.{1,64}/g)??[];return`-----BEGIN ${e}-----
+${i.join(`
+`)}
+-----END ${e}-----
+`}function U(e,t){const r=t.match(/.{1,64}/g)??[];return`-----BEGIN ${e}-----
+${r.join(`
+`)}
+-----END ${e}-----
+`}function y(e){let t="";for(const r of e)t+=String.fromCharCode(r);return btoa(t)}function F(e){return btoa(e)}function O(e){return atob(e)}function k(e){const t=new Uint8Array(e.byteLength);return t.set(e),t.buffer}async function o({apiUrl:e,token:t,appleSessionId:r,request:i,label:n="Apple Developer Portal request",validatePortalResponse:a=!0,mapBody:u}){const d=await s.proxyProvisioningRequest(e,r,i,t);return a&&b(d.body,n),u?u(d.body,d):d}async function N(e){return o({...e,request:p.listTeamsRequest(),label:"Apple Developer team list",mapBody:t=>te([...t?.teams??[],...t?.availableProviders??[],...t?.provider?[t.provider]:[]])})}async function $({certificateKind:e="development",teamId:t="",...r}){return o({...r,request:e==="distribution"?p.findDistributionCertificatesRequest(t):p.findDevelopmentCertificatesRequest(t),label:"Apple Developer certificate list",mapBody:i=>i?.certRequests??[]})}async function L({certificateKind:e="development",teamId:t="",csrPEM:r,...i}){return o({...i,request:e==="distribution"?p.submitDistributionCSRRequest({csrPEM:r,teamID:t}):p.submitDevelopmentCSRRequest({csrPEM:r,teamID:t}),label:e==="distribution"?"Apple Distribution certificate creation":"Apple Development certificate creation",mapBody:n=>n?.certRequest})}async function G({certificateKind:e="development",certificateId:t,teamId:r="",...i}){return o({...i,request:e==="distribution"?p.downloadDistributionCertificateRequest(t,r):p.downloadCertificateRequest(t,r),label:"Apple certificate download",validatePortalResponse:!1,mapBody:(n,a)=>a})}async function H({certificateKind:e="development",certificateId:t,teamId:r="",...i}){return o({...i,request:{method:"POST",path:"/account/ios/certificate/revokeCertificate.action",payload:{teamId:r,certificateId:t,type:e==="distribution"?"WXV89964HE":"83Q87W3TGH"}},label:"Apple certificate deletion",mapBody:n=>n})}async function M({teamId:e="",search:t="",...r}){return o({...r,request:p.findBundleIDRequest({bundleID:t,teamID:e}),label:"Apple bundle ID list",mapBody:i=>i?.appIds??[]})}async function _({teamId:e="",bundleId:t,name:r,...i}){return o({...i,request:p.createBundleIDRequest({bundleID:t,teamID:e,name:r}),label:"Apple bundle ID creation",mapBody:n=>n?.appId})}async function j({teamId:e="",appIdId:t,bundleId:r,name:i,...n}){return o({...n,request:{method:"POST",path:"/account/ios/identifiers/updateAppId.action",payload:{teamId:e,appIdId:t,...r?{identifier:r}:{},...i?{name:i}:{}}},label:"Apple bundle ID update",mapBody:a=>a?.appId})}async function V({teamId:e="",appIdId:t,...r}){return o({...r,request:{method:"POST",path:"/account/ios/identifiers/deleteAppId.action",payload:{teamId:e,appIdId:t}},label:"Apple bundle ID deletion",mapBody:i=>i})}async function W({teamId:e="",deviceUDID:t="",...r}){return o({...r,request:p.findDeviceRequest({deviceUDID:t,teamID:e}),label:"Apple device list",mapBody:i=>i?.devices??[]})}async function Q({teamId:e="",deviceUDID:t,name:r,...i}){return o({...i,request:p.registerDeviceRequest({deviceUDID:t,teamID:e,name:r}),label:"Apple device registration",mapBody:n=>n?.device})}async function J({teamId:e="",deviceId:t,name:r,...i}){return o({...i,request:{method:"POST",path:"/account/ios/device/updateDevice.action",payload:{teamId:e,deviceId:t,...r?{name:r}:{}}},label:"Apple device update",mapBody:n=>n?.device})}async function X({teamId:e="",deviceId:t,...r}){return o({...r,request:{method:"POST",path:"/account/ios/device/deleteDevice.action",payload:{teamId:e,deviceId:t}},label:"Apple device deletion",mapBody:i=>i})}async function Y({profileKind:e="development",teamId:t="",bundleId:r="",...i}){return o({...i,request:e==="adhoc"?p.findAdHocProfilesRequest({bundleID:r,teamID:t}):p.findDevelopmentProfilesRequest({bundleID:r,teamID:t}),label:"Apple provisioning profile list",mapBody:n=>n?.provisioningProfiles??[]})}async function z({profileKind:e="development",teamId:t="",bundleId:r,appIdId:i,certificateIds:n,deviceIds:a,name:u,...d}){const[v]=n;if(!v)throw new Error("At least one certificate ID is required to create an Apple provisioning profile.");return o({...d,request:e==="adhoc"?p.createAdHocProfileRequest({bundleID:r,teamID:t,appIDID:i,certificateID:v,deviceIDs:a,name:u}):p.createDevelopmentProfileRequest({bundleID:r,teamID:t,appIDID:i,certificateID:v,deviceIDs:a,name:u}),label:"Apple provisioning profile creation",mapBody:g=>g?.provisioningProfile})}async function Z({teamId:e="",profileId:t,...r}){return o({...r,request:p.downloadProfileRequest(t,e),label:"Apple provisioning profile download",validatePortalResponse:!1,mapBody:(i,n)=>n})}async function ee({teamId:e="",profileId:t,...r}){return o({...r,request:{method:"POST",path:"/account/ios/profile/deleteProvisioningProfile.action",payload:{teamId:e,provisioningProfileId:t}},label:"Apple provisioning profile deletion",mapBody:i=>i})}function b(e,t){if(!e)throw new Error(`${t} returned an empty response.`);if(e.resultCode!==void 0&&e.resultCode!==0)throw new Error(`${t} failed: ${e.userString??e.resultString??e.resultCode}`)}function te(e){const t=new Set,r=[];for(const i of e){const n=String(i.teamId??i.providerId??i.publicProviderId??i.name??JSON.stringify(i));t.has(n)||(t.add(n),r.push(i))}return r}exports.createAppleRelaySession=s.createAppleRelaySession;exports.deleteAppleRelaySession=s.deleteAppleRelaySession;exports.fetchAppleAccountSession=s.fetchAppleAccountSession;exports.proxyPhoneTwoFactorCode=s.proxyPhoneTwoFactorCode;exports.proxySrpComplete=s.proxySrpComplete;exports.proxySrpInit=s.proxySrpInit;exports.proxyTwoFactorCode=s.proxyTwoFactorCode;exports.startBrowserOwnedAppleIDLogin=s.startBrowserOwnedAppleIDLogin;exports.triggerPhoneTwoFactor=s.triggerPhoneTwoFactor;exports.triggerTrustedDeviceTwoFactor=s.triggerTrustedDeviceTwoFactor;exports.AppleGsaSrpClient=l.AppleGsaSrpClient;exports.assertAppleDeveloperPortalResponseOK=b;exports.createAppleBundleID=_;exports.createAppleCertificate=L;exports.createAppleProfile=z;exports.deleteAppleBundleID=V;exports.deleteAppleCertificate=H;exports.deleteAppleDevice=X;exports.deleteAppleProfile=ee;exports.downloadAppleCertificate=G;exports.downloadAppleProfile=Z;exports.exportAppleCertificateP12=I;exports.generateAppleSigningKeyAndCSR=P;exports.listAppleBundleIDs=M;exports.listAppleCertificates=$;exports.listAppleDevices=W;exports.listAppleProfiles=Y;exports.listAppleTeams=N;exports.registerAppleDevice=Q;exports.requestAppleProvisioning=o;exports.updateAppleBundleID=j;exports.updateAppleDevice=J;

package/dist/app-store-relay/index.d.ts

@@ -0,0 +1,102 @@
+import { AppleDeveloperPortalAppID, AppleDeveloperPortalDevice, AppleDeveloperPortalResponse, AppleDeveloperPortalTeam, AppleProvisioningRequest, AppleRelayResponse } from '../core/device-install/apple';
+export * from '../core/device-install/apple/client';
+export * from '../core/device-install/apple/crypto';
+export * from '../core/device-install/apple/gsa-srp';
+export type { AppleDeveloperPortalAppID, AppleDeveloperPortalDevice, AppleDeveloperPortalResponse, AppleDeveloperPortalTeam, AppleProvisioningRequest, AppleRelayResponse, } from '../core/device-install/apple';
+export { createAppleRelaySession, deleteAppleRelaySession, fetchAppleAccountSession, proxyPhoneTwoFactorCode, proxySrpComplete, proxySrpInit, proxyTwoFactorCode, triggerPhoneTwoFactor, triggerTrustedDeviceTwoFactor, } from '../core/device-install/apple';
+export type AppleRelayClientOptions = {
+    apiUrl: string;
+    token?: string;
+    appleSessionId: string;
+};
+export type AppleTeamScopedOptions = AppleRelayClientOptions & {
+    teamId?: string;
+};
+export type AppleCertificateKind = 'development' | 'distribution';
+export type AppleProfileKind = 'development' | 'adhoc';
+export type RequestAppleProvisioningOptions<T = unknown> = AppleRelayClientOptions & {
+    request: AppleProvisioningRequest;
+    label?: string;
+    validatePortalResponse?: boolean;
+    mapBody?: (body: AppleDeveloperPortalResponse | undefined, response: AppleRelayResponse<T>) => T;
+};
+export type MappedAppleProvisioningOptions<T> = RequestAppleProvisioningOptions<T> & {
+    mapBody: (body: AppleDeveloperPortalResponse | undefined, response: AppleRelayResponse<T>) => T;
+};
+export type ListAppleCertificatesOptions = AppleTeamScopedOptions & {
+    certificateKind?: AppleCertificateKind;
+};
+export type CreateAppleCertificateOptions = AppleTeamScopedOptions & {
+    certificateKind?: AppleCertificateKind;
+    csrPEM: string;
+};
+export type DownloadAppleCertificateOptions = AppleTeamScopedOptions & {
+    certificateKind?: AppleCertificateKind;
+    certificateId: string;
+};
+export type DeleteAppleCertificateOptions = DownloadAppleCertificateOptions;
+export type ListAppleBundleIDsOptions = AppleTeamScopedOptions & {
+    search?: string;
+};
+export type CreateAppleBundleIDOptions = AppleTeamScopedOptions & {
+    bundleId: string;
+    name?: string;
+};
+export type UpdateAppleBundleIDOptions = AppleTeamScopedOptions & {
+    appIdId: string;
+    bundleId?: string;
+    name?: string;
+};
+export type DeleteAppleBundleIDOptions = AppleTeamScopedOptions & {
+    appIdId: string;
+};
+export type ListAppleDevicesOptions = AppleTeamScopedOptions & {
+    deviceUDID?: string;
+};
+export type RegisterAppleDeviceOptions = AppleTeamScopedOptions & {
+    deviceUDID: string;
+    name?: string;
+};
+export type UpdateAppleDeviceOptions = AppleTeamScopedOptions & {
+    deviceId: string;
+    name?: string;
+};
+export type DeleteAppleDeviceOptions = AppleTeamScopedOptions & {
+    deviceId: string;
+};
+export type ListAppleProfilesOptions = AppleTeamScopedOptions & {
+    profileKind?: AppleProfileKind;
+    bundleId?: string;
+};
+export type CreateAppleProfileOptions = AppleTeamScopedOptions & {
+    profileKind?: AppleProfileKind;
+    bundleId: string;
+    appIdId: string;
+    certificateIds: string[];
+    deviceIds: string[];
+    name?: string;
+};
+export type DownloadAppleProfileOptions = AppleTeamScopedOptions & {
+    profileId: string;
+};
+export type DeleteAppleProfileOptions = DownloadAppleProfileOptions;
+export declare function requestAppleProvisioning<T>(options: MappedAppleProvisioningOptions<T>): Promise<T>;
+export declare function requestAppleProvisioning<T = AppleDeveloperPortalResponse>(options: RequestAppleProvisioningOptions<T>): Promise<AppleRelayResponse<T>>;
+export declare function listAppleTeams(options: AppleRelayClientOptions): Promise<AppleDeveloperPortalTeam[]>;
+export declare function listAppleCertificates({ certificateKind, teamId, ...options }: ListAppleCertificatesOptions): Promise<Record<string, unknown>[]>;
+export declare function createAppleCertificate({ certificateKind, teamId, csrPEM, ...options }: CreateAppleCertificateOptions): Promise<Record<string, unknown> | undefined>;
+export declare function downloadAppleCertificate({ certificateKind, certificateId, teamId, ...options }: DownloadAppleCertificateOptions): Promise<AppleRelayResponse>;
+export declare function deleteAppleCertificate({ certificateKind, certificateId, teamId, ...options }: DeleteAppleCertificateOptions): Promise<AppleDeveloperPortalResponse | undefined>;
+export declare function listAppleBundleIDs({ teamId, search, ...options }: ListAppleBundleIDsOptions): Promise<AppleDeveloperPortalAppID[]>;
+export declare function createAppleBundleID({ teamId, bundleId, name, ...options }: CreateAppleBundleIDOptions): Promise<Record<string, unknown> | undefined>;
+export declare function updateAppleBundleID({ teamId, appIdId, bundleId, name, ...options }: UpdateAppleBundleIDOptions): Promise<Record<string, unknown> | undefined>;
+export declare function deleteAppleBundleID({ teamId, appIdId, ...options }: DeleteAppleBundleIDOptions): Promise<AppleDeveloperPortalResponse | undefined>;
+export declare function listAppleDevices({ teamId, deviceUDID, ...options }: ListAppleDevicesOptions): Promise<AppleDeveloperPortalDevice[]>;
+export declare function registerAppleDevice({ teamId, deviceUDID, name, ...options }: RegisterAppleDeviceOptions): Promise<Record<string, unknown> | undefined>;
+export declare function updateAppleDevice({ teamId, deviceId, name, ...options }: UpdateAppleDeviceOptions): Promise<Record<string, unknown> | undefined>;
+export declare function deleteAppleDevice({ teamId, deviceId, ...options }: DeleteAppleDeviceOptions): Promise<AppleDeveloperPortalResponse | undefined>;
+export declare function listAppleProfiles({ profileKind, teamId, bundleId, ...options }: ListAppleProfilesOptions): Promise<Record<string, unknown>[]>;
+export declare function createAppleProfile({ profileKind, teamId, bundleId, appIdId, certificateIds, deviceIds, name, ...options }: CreateAppleProfileOptions): Promise<Record<string, unknown> | undefined>;
+export declare function downloadAppleProfile({ teamId, profileId, ...options }: DownloadAppleProfileOptions): Promise<AppleRelayResponse>;
+export declare function deleteAppleProfile({ teamId, profileId, ...options }: DeleteAppleProfileOptions): Promise<AppleDeveloperPortalResponse | undefined>;
+export declare function assertAppleDeveloperPortalResponseOK(response: AppleDeveloperPortalResponse | undefined, label: string): void;

package/dist/app-store-relay/index.js

@@ -0,0 +1,430 @@
+import { p as b } from "../client-Bk1N3XIF.mjs";
+import { c as Ie, d as he, f as Pe, a as qe, b as Be, e as Se, g as Re, s as Ce, t as Te, h as Ee } from "../client-Bk1N3XIF.mjs";
+import { f as p } from "../index-BXg7HdIs.mjs";
+import { A as Ue } from "../index-BXg7HdIs.mjs";
+import { l as D, f as w, a as g, s as I, b as h, d as P, c as q, e as B, g as S, h as R, r as C, i as T, j as E, k as K, m as U, n as x } from "../provisioning-CdseoMJQ.mjs";
+const k = {
+  name: "RSASSA-PKCS1-v1_5",
+  modulusLength: 2048,
+  publicExponent: new Uint8Array([1, 0, 1]),
+  hash: "SHA-256"
+};
+async function te(e) {
+  if (!crypto.subtle)
+    throw new Error("WebCrypto is not available in this browser.");
+  const t = await crypto.subtle.generateKey(k, !0, ["sign", "verify"]), r = new Uint8Array(await crypto.subtle.exportKey("spki", t.publicKey)), n = u(
+    $(0),
+    F(e),
+    r,
+    O(0, new Uint8Array())
+  ), i = new Uint8Array(
+    await crypto.subtle.sign("RSASSA-PKCS1-v1_5", t.privateKey, J(n))
+  ), o = u(
+    n,
+    u(m("1.2.840.113549.1.1.11"), L()),
+    M(i)
+  ), c = new Uint8Array(await crypto.subtle.exportKey("pkcs8", t.privateKey));
+  return {
+    privateKey: t.privateKey,
+    privateKeyPKCS8Base64: d(c),
+    publicKeySPKIBase64: d(r),
+    csrPEM: j("CERTIFICATE REQUEST", o),
+    csrBase64: d(o)
+  };
+}
+function re(e) {
+  if (!e.certificateBase64 && !e.certificatePEM)
+    throw new Error("certificateBase64 or certificatePEM is required.");
+  const t = p.pki.privateKeyFromPem(
+    V("PRIVATE KEY", e.privateKeyPKCS8Base64)
+  ), r = e.certificatePEM ? p.pki.certificateFromPem(e.certificatePEM) : p.pki.certificateFromAsn1(
+    p.asn1.fromDer(p.util.createBuffer(Q(e.certificateBase64)))
+  ), n = p.pkcs12.toPkcs12Asn1(t, [r], e.password, {
+    algorithm: "3des",
+    friendlyName: e.friendlyName
+  }), i = p.asn1.toDer(n).getBytes();
+  return W(i);
+}
+function F(e) {
+  const t = [A("2.5.4.3", H(e.commonName))];
+  return e.emailAddress && t.push(A("1.2.840.113549.1.9.1", G(e.emailAddress))), u(...t);
+}
+function A(e, t) {
+  return N(u(m(e), t));
+}
+function u(...e) {
+  return s(48, f(...e));
+}
+function N(...e) {
+  return s(49, f(...e));
+}
+function O(e, t) {
+  return s(160 + e, t);
+}
+function $(e) {
+  return s(2, new Uint8Array([e]));
+}
+function L() {
+  return new Uint8Array([5, 0]);
+}
+function H(e) {
+  return s(12, new TextEncoder().encode(e));
+}
+function G(e) {
+  return s(22, new TextEncoder().encode(e));
+}
+function M(e) {
+  return s(3, f(new Uint8Array([0]), e));
+}
+function m(e) {
+  const t = e.split(".").map((n) => parseInt(n, 10));
+  if (t.length < 2 || t.some((n) => !Number.isFinite(n)))
+    throw new Error(`Invalid OID: ${e}`);
+  const r = [t[0] * 40 + t[1]];
+  for (const n of t.slice(2)) {
+    const i = [n & 127];
+    let o = n >> 7;
+    for (; o > 0; )
+      i.unshift(o & 127 | 128), o >>= 7;
+    r.push(...i);
+  }
+  return s(6, new Uint8Array(r));
+}
+function s(e, t) {
+  return f(new Uint8Array([e]), _(t.byteLength), t);
+}
+function _(e) {
+  if (e < 128)
+    return new Uint8Array([e]);
+  const t = [];
+  let r = e;
+  for (; r > 0; )
+    t.unshift(r & 255), r >>= 8;
+  return new Uint8Array([128 | t.length, ...t]);
+}
+function f(...e) {
+  const t = e.reduce((i, o) => i + o.byteLength, 0), r = new Uint8Array(t);
+  let n = 0;
+  for (const i of e)
+    r.set(i, n), n += i.byteLength;
+  return r;
+}
+function j(e, t) {
+  const n = d(t).match(/.{1,64}/g) ?? [];
+  return `-----BEGIN ${e}-----
+${n.join(`
+`)}
+-----END ${e}-----
+`;
+}
+function V(e, t) {
+  const r = t.match(/.{1,64}/g) ?? [];
+  return `-----BEGIN ${e}-----
+${r.join(`
+`)}
+-----END ${e}-----
+`;
+}
+function d(e) {
+  let t = "";
+  for (const r of e)
+    t += String.fromCharCode(r);
+  return btoa(t);
+}
+function W(e) {
+  return btoa(e);
+}
+function Q(e) {
+  return atob(e);
+}
+function J(e) {
+  const t = new Uint8Array(e.byteLength);
+  return t.set(e), t.buffer;
+}
+async function a({
+  apiUrl: e,
+  token: t,
+  appleSessionId: r,
+  request: n,
+  label: i = "Apple Developer Portal request",
+  validatePortalResponse: o = !0,
+  mapBody: c
+}) {
+  const l = await b(e, r, n, t);
+  return o && X(l.body, i), c ? c(l.body, l) : l;
+}
+async function ne(e) {
+  return a({
+    ...e,
+    request: D(),
+    label: "Apple Developer team list",
+    mapBody: (t) => Y([...t?.teams ?? [], ...t?.availableProviders ?? [], ...t?.provider ? [t.provider] : []])
+  });
+}
+async function ie({
+  certificateKind: e = "development",
+  teamId: t = "",
+  ...r
+}) {
+  return a({
+    ...r,
+    request: e === "distribution" ? w(t) : g(t),
+    label: "Apple Developer certificate list",
+    mapBody: (n) => n?.certRequests ?? []
+  });
+}
+async function oe({
+  certificateKind: e = "development",
+  teamId: t = "",
+  csrPEM: r,
+  ...n
+}) {
+  return a({
+    ...n,
+    request: e === "distribution" ? I({ csrPEM: r, teamID: t }) : h({ csrPEM: r, teamID: t }),
+    label: e === "distribution" ? "Apple Distribution certificate creation" : "Apple Development certificate creation",
+    mapBody: (i) => i?.certRequest
+  });
+}
+async function ae({
+  certificateKind: e = "development",
+  certificateId: t,
+  teamId: r = "",
+  ...n
+}) {
+  return a({
+    ...n,
+    request: e === "distribution" ? P(t, r) : q(t, r),
+    label: "Apple certificate download",
+    validatePortalResponse: !1,
+    mapBody: (i, o) => o
+  });
+}
+async function se({
+  certificateKind: e = "development",
+  certificateId: t,
+  teamId: r = "",
+  ...n
+}) {
+  return a({
+    ...n,
+    request: {
+      method: "POST",
+      path: "/account/ios/certificate/revokeCertificate.action",
+      payload: {
+        teamId: r,
+        certificateId: t,
+        type: e === "distribution" ? "WXV89964HE" : "83Q87W3TGH"
+      }
+    },
+    label: "Apple certificate deletion",
+    mapBody: (i) => i
+  });
+}
+async function ce({ teamId: e = "", search: t = "", ...r }) {
+  return a({
+    ...r,
+    request: B({ bundleID: t, teamID: e }),
+    label: "Apple bundle ID list",
+    mapBody: (n) => n?.appIds ?? []
+  });
+}
+async function pe({ teamId: e = "", bundleId: t, name: r, ...n }) {
+  return a({
+    ...n,
+    request: S({ bundleID: t, teamID: e, name: r }),
+    label: "Apple bundle ID creation",
+    mapBody: (i) => i?.appId
+  });
+}
+async function le({
+  teamId: e = "",
+  appIdId: t,
+  bundleId: r,
+  name: n,
+  ...i
+}) {
+  return a({
+    ...i,
+    request: {
+      method: "POST",
+      path: "/account/ios/identifiers/updateAppId.action",
+      payload: {
+        teamId: e,
+        appIdId: t,
+        ...r ? { identifier: r } : {},
+        ...n ? { name: n } : {}
+      }
+    },
+    label: "Apple bundle ID update",
+    mapBody: (o) => o?.appId
+  });
+}
+async function ue({ teamId: e = "", appIdId: t, ...r }) {
+  return a({
+    ...r,
+    request: {
+      method: "POST",
+      path: "/account/ios/identifiers/deleteAppId.action",
+      payload: { teamId: e, appIdId: t }
+    },
+    label: "Apple bundle ID deletion",
+    mapBody: (n) => n
+  });
+}
+async function de({ teamId: e = "", deviceUDID: t = "", ...r }) {
+  return a({
+    ...r,
+    request: R({ deviceUDID: t, teamID: e }),
+    label: "Apple device list",
+    mapBody: (n) => n?.devices ?? []
+  });
+}
+async function fe({ teamId: e = "", deviceUDID: t, name: r, ...n }) {
+  return a({
+    ...n,
+    request: C({ deviceUDID: t, teamID: e, name: r }),
+    label: "Apple device registration",
+    mapBody: (i) => i?.device
+  });
+}
+async function ye({ teamId: e = "", deviceId: t, name: r, ...n }) {
+  return a({
+    ...n,
+    request: {
+      method: "POST",
+      path: "/account/ios/device/updateDevice.action",
+      payload: { teamId: e, deviceId: t, ...r ? { name: r } : {} }
+    },
+    label: "Apple device update",
+    mapBody: (i) => i?.device
+  });
+}
+async function Ae({ teamId: e = "", deviceId: t, ...r }) {
+  return a({
+    ...r,
+    request: {
+      method: "POST",
+      path: "/account/ios/device/deleteDevice.action",
+      payload: { teamId: e, deviceId: t }
+    },
+    label: "Apple device deletion",
+    mapBody: (n) => n
+  });
+}
+async function me({
+  profileKind: e = "development",
+  teamId: t = "",
+  bundleId: r = "",
+  ...n
+}) {
+  return a({
+    ...n,
+    request: e === "adhoc" ? T({ bundleID: r, teamID: t }) : E({ bundleID: r, teamID: t }),
+    label: "Apple provisioning profile list",
+    mapBody: (i) => i?.provisioningProfiles ?? []
+  });
+}
+async function ve({
+  profileKind: e = "development",
+  teamId: t = "",
+  bundleId: r,
+  appIdId: n,
+  certificateIds: i,
+  deviceIds: o,
+  name: c,
+  ...l
+}) {
+  const [y] = i;
+  if (!y)
+    throw new Error("At least one certificate ID is required to create an Apple provisioning profile.");
+  return a({
+    ...l,
+    request: e === "adhoc" ? K({
+      bundleID: r,
+      teamID: t,
+      appIDID: n,
+      certificateID: y,
+      deviceIDs: o,
+      name: c
+    }) : U({
+      bundleID: r,
+      teamID: t,
+      appIDID: n,
+      certificateID: y,
+      deviceIDs: o,
+      name: c
+    }),
+    label: "Apple provisioning profile creation",
+    mapBody: (v) => v?.provisioningProfile
+  });
+}
+async function be({ teamId: e = "", profileId: t, ...r }) {
+  return a({
+    ...r,
+    request: x(t, e),
+    label: "Apple provisioning profile download",
+    validatePortalResponse: !1,
+    mapBody: (n, i) => i
+  });
+}
+async function De({ teamId: e = "", profileId: t, ...r }) {
+  return a({
+    ...r,
+    request: {
+      method: "POST",
+      path: "/account/ios/profile/deleteProvisioningProfile.action",
+      payload: { teamId: e, provisioningProfileId: t }
+    },
+    label: "Apple provisioning profile deletion",
+    mapBody: (n) => n
+  });
+}
+function X(e, t) {
+  if (!e)
+    throw new Error(`${t} returned an empty response.`);
+  if (e.resultCode !== void 0 && e.resultCode !== 0)
+    throw new Error(`${t} failed: ${e.userString ?? e.resultString ?? e.resultCode}`);
+}
+function Y(e) {
+  const t = /* @__PURE__ */ new Set(), r = [];
+  for (const n of e) {
+    const i = String(n.teamId ?? n.providerId ?? n.publicProviderId ?? n.name ?? JSON.stringify(n));
+    t.has(i) || (t.add(i), r.push(n));
+  }
+  return r;
+}
+export {
+  Ue as AppleGsaSrpClient,
+  X as assertAppleDeveloperPortalResponseOK,
+  pe as createAppleBundleID,
+  oe as createAppleCertificate,
+  ve as createAppleProfile,
+  Ie as createAppleRelaySession,
+  ue as deleteAppleBundleID,
+  se as deleteAppleCertificate,
+  Ae as deleteAppleDevice,
+  De as deleteAppleProfile,
+  he as deleteAppleRelaySession,
+  ae as downloadAppleCertificate,
+  be as downloadAppleProfile,
+  re as exportAppleCertificateP12,
+  Pe as fetchAppleAccountSession,
+  te as generateAppleSigningKeyAndCSR,
+  ce as listAppleBundleIDs,
+  ie as listAppleCertificates,
+  de as listAppleDevices,
+  me as listAppleProfiles,
+  ne as listAppleTeams,
+  qe as proxyPhoneTwoFactorCode,
+  Be as proxySrpComplete,
+  Se as proxySrpInit,
+  Re as proxyTwoFactorCode,
+  fe as registerAppleDevice,
+  a as requestAppleProvisioning,
+  Ce as startBrowserOwnedAppleIDLogin,
+  Te as triggerPhoneTwoFactor,
+  Ee as triggerTrustedDeviceTwoFactor,
+  le as updateAppleBundleID,
+  ye as updateAppleDevice
+};

package/dist/app-store-relay/react.cjs

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const t=require("react"),R=require("../client-CnbCWvCs.js");require("../index-CMeQfhYy.js");function m({limbuildApiUrl:n,token:u}){const[g,o]=t.useState("idle"),[f,i]=t.useState(),[w,l]=t.useState(),[h,d]=t.useState(),[v,c]=t.useState(),r=t.useRef(void 0),S=t.useCallback(async()=>{await r.current?.close().catch(()=>{}),r.current=void 0,i(void 0),l(void 0),d(void 0),c(void 0),o("idle")},[]);t.useEffect(()=>()=>{r.current?.close(),r.current=void 0},[]);const b=t.useCallback(async({accountName:s,password:a})=>{o("authenticating"),c(void 0),await r.current?.close().catch(()=>{});try{const e=await R.startBrowserOwnedAppleIDLogin({limbuildApiUrl:n,token:u,accountName:s,password:a});return r.current=e,i(e),l(e.completeResponse),d(e.twoFactorChallengeResponse),o(e.requiresTwoFactor?"two-factor-required":"authenticated"),e}catch(e){i(void 0),r.current=void 0,c(p(e)),o("error");return}},[n,u]),C=t.useCallback(async s=>{const a=r.current;if(!a)throw new Error("Start Apple ID login before submitting a two-factor code.");o("authenticating"),c(void 0);try{const e=await a.finishTwoFactor(s);return o("authenticated"),e}catch(e){c(p(e)),o("error");return}},[]),y=t.useCallback(async()=>{const s=r.current;if(!s)throw new Error("Start Apple ID login before finalizing the Apple session.");return s.finalize()},[]);return{status:g,session:f,completeResponse:w,twoFactorChallengeResponse:h,error:v,startLogin:b,submitTwoFactorCode:C,finalize:y,close:S}}function p(n){return n instanceof Error?n.message:String(n)}exports.useAppleIDLogin=m;

package/dist/app-store-relay/react.d.ts

@@ -0,0 +1,15 @@
+import { AppleIDLoginInput, AppleIDLoginResult, AppleRelayResponse } from './index';
+export type UseAppleIDLoginOptions = Pick<AppleIDLoginInput, 'limbuildApiUrl' | 'token'>;
+export type AppleIDLoginStatus = 'idle' | 'authenticating' | 'two-factor-required' | 'authenticated' | 'error';
+export type UseAppleIDLoginResult = {
+    status: AppleIDLoginStatus;
+    session?: AppleIDLoginResult;
+    completeResponse?: AppleRelayResponse;
+    twoFactorChallengeResponse?: AppleRelayResponse;
+    error?: string;
+    startLogin: (input: Pick<AppleIDLoginInput, 'accountName' | 'password'>) => Promise<AppleIDLoginResult | undefined>;
+    submitTwoFactorCode: (code: string) => Promise<AppleRelayResponse | undefined>;
+    finalize: () => Promise<AppleRelayResponse | undefined>;
+    close: () => Promise<void>;
+};
+export declare function useAppleIDLogin({ limbuildApiUrl, token }: UseAppleIDLoginOptions): UseAppleIDLoginResult;