@lit-protocol/vincent-app-sdk 0.0.4-ea

package/dist/src/abilityClient/vincentAbilityClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vincentAbilityClient.js","sourceRoot":"","sources":["../../../src/abilityClient/vincentAbilityClient.ts"],"names":[],"mappings":";AAAA,4CAA4C;;AAiH5C,0DAqYC;AApfD,mCAAgC;AAChC,6BAAwB;AAKxB,uDAAsD;AACtD,yEAOoD;AAMpD,iFAAsF;AACtF,mGAAgG;AAChG,6DAIkC;AAClC,8DAGmC;AACnC,sEAA0E;AAC1E,6CAKsB;AAEtB,MAAM,mBAAmB,GAAG,0CAA0C,CAAC;AAEvE,MAAM,cAAc,GAAG,CAAC,GAAQ,EAAE,KAAU,EAAE,EAAE;IAC9C,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;AAC9D,CAAC,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAiEK;AACL,SAAgB,uBAAuB,CAUrC,MAiBD;;IAQC,MAAM,EAAE,qBAAqB,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC;IACvD,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,wBAAwB,EAAE,GAAG,qBAAqB,CAAC;IAEpF,IAAA,wCAA6B,EAAC,wBAAwB,CAAC,CAAC;IAExD,MAAM,OAAO,GAAG,uBAAW,CAAC,KAAK,CAAC;IAElC,MAAM,oBAAoB,GAAG,CAAC,MAAA,cAAc,CAAC,aAAa,CAAC,oBAAoB,mCAC7E,OAAC,CAAC,SAAS,EAAE,CAAyB,CAAC;IACzC,MAAM,iBAAiB,GAAG,CAAC,MAAA,cAAc,CAAC,aAAa,CAAC,iBAAiB,mCACvE,OAAC,CAAC,SAAS,EAAE,CAAsB,CAAC;IAEtC,OAAO;QACL,KAAK,CAAC,QAAQ,CACZ,gBAA8C,EAC9C,EACE,MAAM,EACN,sBAAsB,GAGvB;YAID,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,MAAM,EAAE,CAAC,CAAC;YAC9E,MAAM,sBAAsB,GAAG,eAAM,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,YAAY,CAAC,UAAU,EAAE,CAAC,CAAC;YAExF,qIAAqI;YACrI,MAAM,WAAW,GAAG;gBAClB,UAAU,EAAE;oBACV,gBAAgB,EAAE,sBAAsB;oBACxC,0BAA0B;iBAC3B;gBACD,cAAc,EAAE,OAAO;gBACvB,oBAAoB;gBACpB,yBAAyB;aACnB,CAAC;YAET,MAAM,YAAY,GAAG,IAAA,yBAAc,EACjC,gBAAgB,EAChB,cAAc,CAAC,mBAAmB,EAClC,UAAU,EACV,OAAO,CACR,CAAC;YAEF,IAAI,IAAA,qCAAwB,EAAC,YAAY,CAAC,EAAE,CAAC;gBAC3C,OAAO,IAAA,6DAA4C,EAAC;oBAClD,GAAG,YAAY;oBACf,OAAO,EAAE,WAAW;iBACrB,CAIA,CAAC;YACJ,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,IAAA,qBAAU,EAAC;gBACnC,sBAAsB,EAAE,0CAA+B;gBACvD,iBAAiB,EAAE,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,mBAAmB;gBAChD,aAAa,EAAE,sBAAsB;aACtC,CAAC,CAAC;YACH,WAAW,CAAC,UAAU,CAAC,gBAAgB,GAAG,WAAW,CAAC;YAEtD,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;YAExC,MAAM,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,mCAAwB,EAAC;gBAC5E,gBAAgB,EAAE,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,mBAAmB;gBAC/C,mBAAmB,EAAE,sBAAsB;gBAC3C,wBAAwB,EAAE,sBAAsB;gBAChD,cAAc,EAAE,OAAO;aACxB,CAAC,CAAC;YACH,WAAW,CAAC,KAAK,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YACrC,WAAW,CAAC,UAAU,GAAG,UAAU,CAAC,QAAQ,EAAE,CAAC;YAE/C,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;YAErF,MAAM,kBAAkB,GAAG,MAAM,IAAA,8CAAyB,EAAC;gBACzD,qBAAqB;gBACrB,aAAa,EAAE,YAA4C;gBAC3D,eAAe;gBACf,OAAO,EAAE;oBACP,GAAG,WAAW;oBACd,MAAM;iBACP;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;gBAC7B,OAAO,CAAC,GAAG,CACT,+EAA+E,EAC/E;oBACE,gBAAgB;oBAChB,sBAAsB;oBACtB,MAAM;iBACP,CACF,CAAC;gBACF,IAAI,CAAC,kBAAkB,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;oBAC9C,OAAO,IAAA,6DAA4C,EAAC;wBAClD,OAAO,EAAE,kBAAkB;qBAC5B,CAIA,CAAC;gBACJ,CAAC;gBAED,OAAO,IAAA,6DAA4C,EAAC;oBAClD,OAAO,EAAE,kBAAkB;iBAC5B,CAIA,CAAC;YACJ,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;YAE1C,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,QAAQ,CAClD,EAAE,aAAa,EAAE,YAAY,EAAE,EAC/B,kBAAkB,CACnB,CAAC;YAEF,IACE,IAAA,qDAAwC,EAAC,cAAc,CAAC;gBACxD,IAAA,4CAA+B,EAAC,cAAc,CAAC,EAC/C,CAAC;gBACD,OAAO,CAAC,GAAG,CACT,yFAAyF,EACzF,IAAI,CAAC,SAAS,CACZ;oBACE,+BAA+B,EAAE,IAAA,4CAA+B,EAAC,cAAc,CAAC;oBAChF,wCAAwC,EACtC,IAAA,qDAAwC,EAAC,cAAc,CAAC;oBAC1D,cAAc;iBACf,EACD,cAAc,CACf,CACF,CAAC;gBACF,wFAAwF;gBACxF,OAAO,cAIN,CAAC;YACJ,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC;YAChF,OAAO;gBACL,GAAG,cAAc;gBACjB,OAAO,EAAE,kBAAkB;aAK5B,CAAC;QACJ,CAAC;QAED,KAAK,CAAC,OAAO,CACX,gBAA8C,EAC9C,OAA6B;YAI7B,MAAM,YAAY,GAAG,IAAA,yBAAc,EACjC,gBAAgB,EAChB,cAAc,CAAC,mBAAmB,EAClC,SAAS,EACT,OAAO,CACR,CAAC;YAEF,IAAI,IAAA,qCAAwB,EAAC,YAAY,CAAC,EAAE,CAAC;gBAC3C,OAAO;oBACL,GAAG,YAAY;oBACf,OAAO;iBACkF,CAAC;YAC9F,CAAC;YAED,MAAM,aAAa,GAAG,MAAM,IAAA,2CAAwB,EAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YAClE,MAAM,WAAW,GAAG,MAAM,IAAA,qEAAiC,EAAC,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC,CAAC;YAE7F,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,SAAS,CAAC;gBAC3C,MAAM,EAAE,OAAO;gBACf,WAAW;gBACX,QAAQ,EAAE;oBACR,aAAa,EAAE,YAAY;oBAC3B,OAAO;oBACP,wBAAwB;iBACzB;aACF,CAAC,CAAC;YAEH,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;YACrC,OAAO,CAAC,GAAG,CAAC,4DAA4D,EAAE;gBACxE,QAAQ;gBACR,OAAO;aACR,CAAC,CAAC;YAEH,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;gBACrB,OAAO,IAAA,4DAA2C,EAAC;oBACjD,YAAY,EAAE,6CAA6C,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,cAAc,EAAE,CAAC,CAAC,EAAE;iBACzG,CAIA,CAAC;YACJ,CAAC;YAED,IAAI,YAAY,GAAG,QAAQ,CAAC;YAE5B,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACjC,kGAAkG;gBAClG,IAAI,CAAC;oBACH,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;oBACpC,6DAA6D;gBAC/D,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,OAAO,IAAA,4DAA2C,EAAC;wBACjD,YAAY,EAAE,6CAA6C,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,cAAc,CAAC,EAAE;qBACtG,CAIA,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,IAAI,CAAC,IAAA,kDAAqC,EAAC,YAAY,CAAC,EAAE,CAAC;gBACzD,OAAO,CAAC,GAAG,CACT,iFAAiF,EACjF,EAAE,YAAY,EAAE,OAAO,EAAE,CAC1B,CAAC;gBAEF,OAAO,IAAA,4DAA2C,EAAC;oBACjD,YAAY,EAAE,6CAA6C,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,cAAc,CAAC,EAAE;iBAC1G,CAIA,CAAC;YACJ,CAAC;YAED,MAAM,0BAA0B,GAI5B,YAAY,CAAC;YAEjB,OAAO,CAAC,GAAG,CACT,iDAAiD,EACjD,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,cAAc,CAAC,CAC7C,CAAC;YAEF,MAAM,EAAE,cAAc,EAAE,sBAAsB,EAAE,GAAG,0BAA0B,CAAC;YAE9E,IACE,IAAA,qDAAwC,EAAC,sBAAsB,CAAC;gBAChE,IAAA,4CAA+B,EAAC,sBAAsB,CAAC,EACvD,CAAC;gBACD,OAAO,CAAC,GAAG,CACT,0FAA0F,EAC1F,IAAI,CAAC,SAAS,CACZ;oBACE,+BAA+B,EAC7B,IAAA,4CAA+B,EAAC,sBAAsB,CAAC;oBACzD,wCAAwC,EACtC,IAAA,qDAAwC,EAAC,sBAAsB,CAAC;oBAClE,sBAAsB;iBACvB,EACD,cAAc,CACf,CACF,CAAC;gBACF,wFAAwF;gBACxF,OAAO,IAAA,4DAA2C,EAAC;oBACjD,GAAG,CAAC,sBAAsB,CAAC,YAAY;wBACrC,CAAC,CAAC,EAAE,YAAY,EAAE,sBAAsB,CAAC,YAAY,EAAE;wBACvD,CAAC,CAAC,EAAE,CAAC;oBACP,GAAG,CAAC,sBAAsB,CAAC,qBAAqB;wBAC9C,CAAC,CAAC,EAAE,qBAAqB,EAAE,sBAAsB,CAAC,qBAAqB,EAAE;wBACzE,CAAC,CAAC,EAAE,CAAC;oBACP,OAAO,EAAE,0BAA0B,CAAC,cAAc;iBACnD,CAIA,CAAC;YACJ,CAAC;YAED,wDAAwD;YACxD,qFAAqF;YACrF,gFAAgF;YAChF,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO,IAAA,4DAA2C,EAAC;oBACjD,OAAO,EAAE,cAAc;iBACxB,CAIA,CAAC;YACJ,CAAC;YAED,MAAM,mBAAmB,GAAG,IAAA,oCAAyB,EAAC;gBACpD,KAAK,EAAE,sBAAsB;gBAC7B,mBAAmB,EAAE,oBAAoB;gBACzC,mBAAmB,EAAE,iBAAiB;aACvC,CAAC,CAAC;YAEH,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,GAAG,mBAAmB,CAAC;YAExD,OAAO,CAAC,GAAG,CAAC,oCAAoC,UAAU,aAAa,CAAC,CAAC;YAEzE,6DAA6D;YAC7D,MAAM,aAAa,GAAG,IAAA,yBAAc,EAClC,sBAAsB,CAAC,MAAM,EAC7B,WAAW,EACX,SAAS,EACT,QAAQ,CACT,CAAC;YAEF,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,aAAa,CAAC,CAAC;YAEhD,IAAI,IAAA,qCAAwB,EAAC,aAAa,CAAC,EAAE,CAAC;gBAC5C,sCAAsC;gBACtC,OAAO,aAIN,CAAC;YACJ,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,sBAAsB,CAAC,CAAC;YAEvE,kFAAkF;YAClF,IAAI,IAAA,qCAAwB,EAAC,sBAAsB,CAAC,EAAE,CAAC;gBACrD,OAAO,IAAA,oDAAmC,EAAC;oBACzC,GAAG,CAAC,sBAAsB,CAAC,YAAY;wBACrC,CAAC,CAAC,EAAE,YAAY,EAAE,sBAAsB,CAAC,YAAY,EAAE;wBACvD,CAAC,CAAC,EAAE,CAAC;oBACP,GAAG,CAAC,sBAAsB,CAAC,qBAAqB;wBAC9C,CAAC,CAAC,EAAE,qBAAqB,EAAE,sBAAsB,CAAC,qBAAqB,EAAE;wBACzE,CAAC,CAAC,EAAE,CAAC;oBACP,MAAM,EAAE,aAAa;oBACrB,OAAO,EAAE,0BAA0B,CAAC,cAAc;iBACnD,CAIA,CAAC;YACJ,CAAC;YAED,MAAM,GAAG,GAA6C,aAAa,CAAC;YAEpE,OAAO,IAAA,oDAAmC,EAAC;gBACzC,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,0BAA0B,CAAC,cAAc;aACnD,CAA2F,CAAC;QAC/F,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/src/expressMiddleware/express.d.ts

@@ -0,0 +1,63 @@
+import type { NextFunction, Request, Response } from 'express';
+import type { AuthenticatedRequestHandler } from './types';
+/** Returns an Express middleware function to authenticate a user using a JWT token, and a type-guard wrapper function
+ * for type-safe usage of route handlers guarded by the middleware.
+ *
+ * The `middleware()` function:
+ * - Checks the `Authorization` header for a Bearer token, verifies the token, and checks its audience.
+ * - If the token is valid, it attaches the user information (decoded JWT, and raw JWT string) to the request object
+ * - If the token is missing or invalid, it returns a 401 Unauthorized response with an error message.
+ *
+ * Designate what field on `req` should be set with the JWT with the `userKey` configuration option.
+ *
+ * The `handler()` function:
+ * - Provides a type-safe reference to `req` where the `userKey` you have provided is correctly inferred to the appropriate type
+ * - Note that it is still your responsibility to ensure you have attached the `middleware` somewhere in the chain before you use the `handler()`
+ *   - If you forget, the `handler()` function will throw an error if the expected `req[userKey]` does not exist.
+ *
+ * See [express.js documentation](https://expressjs.com/en/guide/writing-middleware.html) for details on writing your route handler
+ * @category API
+ *
+ * @example
+ * ```typescript
+ * import { createVincentUserMiddleware } from '@lit-protocol/vincent-app-sdk/expressMiddleware';
+ *
+ * // In your environment configuration
+ * const ALLOWED_AUDIENCE = 'https://yourapp.example.com';
+ * const VINCENT_APP_ID = 555; // Provided by the vincent app registry
+ *
+ * const { middleware, handler } = createVincentUserMiddleware({
+ *  allowedAudience: ALLOWED_AUDIENCE,
+ *  requiredAppId: VINCENT_APP_ID,
+ *  userKey: 'vincentUser',
+ * });
+ *
+ * // Apply to routes that require authentication; req is guaranteed authenticated because it is wrapped in `handler()`
+ * app.get('/protected-resource', middleware, handler((req, res) => {
+ *     // handler() gives you the correct inferred type of `req[userKey]`
+ *     const pkpAddress = req.vincentUser.decodedJWT.payload.pkp.ethAddress;
+ *     const appInfo = req.vincentUser.decodedJWT.payload.app;
+ *
+ *     if(appInfo) {
+ *       res.json({ message: `Hello, user with PKP address ${pkpAddress}. You are authenticated for app ${appInfo.id} @ v${appInfo.version}` });
+ *       return;
+ *     }
+ *
+ *     res.json({ message: `Hello, user with PKP address ${pkpAddress}.` });
+ *   })
+ * );
+ * ```
+ *
+ * See the code below for the implementation used by the `middleware` returned by this function. You can adapt this logic
+ * to the HTTP framework of your choice.
+ *
+ */
+export declare function createVincentUserMiddleware<const UserKey extends string>(config: {
+    allowedAudience: string;
+    userKey: UserKey;
+    requiredAppId: number | undefined;
+}): {
+    middleware: (req: Request, res: Response, next: NextFunction) => Promise<void>;
+    handler: (handler: AuthenticatedRequestHandler<UserKey>) => (req: Request, res: Response, next: NextFunction) => void | Promise<void>;
+};
+//# sourceMappingURL=express.d.ts.map

package/dist/src/expressMiddleware/express.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"express.d.ts","sourceRoot":"","sources":["../../../src/expressMiddleware/express.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE/D,OAAO,KAAK,EAAwB,2BAA2B,EAAkB,MAAM,SAAS,CAAC;AAwBjG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmDG;AACH,wBAAgB,2BAA2B,CAAC,KAAK,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,EAAE;IAChF,eAAe,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;CACnC;sBA8BoB,OAAO,OAAO,QAAQ,QAAQ,YAAY;iEArBnD,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY;EAJ1D"}

package/dist/src/expressMiddleware/express.js

@@ -0,0 +1,125 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createVincentUserMiddleware = createVincentUserMiddleware;
+const jwt_1 = require("../jwt");
+const utils_1 = require("../jwt/core/utils");
+function assertAuthenticatedRequest(req, userKey) {
+    // @ts-expect-error It's an assertion
+    if (!(userKey in req) || typeof req[userKey] !== 'object' || !req[userKey]) {
+        throw new Error('Request is not an AuthenticatedRequest: Missing or invalid "user" property');
+    }
+    // Cast with a type assertion
+    const user = req[userKey];
+    const { decodedJWT, rawJWT } = user;
+    if (typeof rawJWT !== 'string' || !(0, utils_1.isDefinedObject)(decodedJWT)) {
+        throw new Error('Request is not an AuthenticatedRequest: Invalid "user" properties');
+    }
+}
+/** Returns an Express middleware function to authenticate a user using a JWT token, and a type-guard wrapper function
+ * for type-safe usage of route handlers guarded by the middleware.
+ *
+ * The `middleware()` function:
+ * - Checks the `Authorization` header for a Bearer token, verifies the token, and checks its audience.
+ * - If the token is valid, it attaches the user information (decoded JWT, and raw JWT string) to the request object
+ * - If the token is missing or invalid, it returns a 401 Unauthorized response with an error message.
+ *
+ * Designate what field on `req` should be set with the JWT with the `userKey` configuration option.
+ *
+ * The `handler()` function:
+ * - Provides a type-safe reference to `req` where the `userKey` you have provided is correctly inferred to the appropriate type
+ * - Note that it is still your responsibility to ensure you have attached the `middleware` somewhere in the chain before you use the `handler()`
+ *   - If you forget, the `handler()` function will throw an error if the expected `req[userKey]` does not exist.
+ *
+ * See [express.js documentation](https://expressjs.com/en/guide/writing-middleware.html) for details on writing your route handler
+ * @category API
+ *
+ * @example
+ * ```typescript
+ * import { createVincentUserMiddleware } from '@lit-protocol/vincent-app-sdk/expressMiddleware';
+ *
+ * // In your environment configuration
+ * const ALLOWED_AUDIENCE = 'https://yourapp.example.com';
+ * const VINCENT_APP_ID = 555; // Provided by the vincent app registry
+ *
+ * const { middleware, handler } = createVincentUserMiddleware({
+ *  allowedAudience: ALLOWED_AUDIENCE,
+ *  requiredAppId: VINCENT_APP_ID,
+ *  userKey: 'vincentUser',
+ * });
+ *
+ * // Apply to routes that require authentication; req is guaranteed authenticated because it is wrapped in `handler()`
+ * app.get('/protected-resource', middleware, handler((req, res) => {
+ *     // handler() gives you the correct inferred type of `req[userKey]`
+ *     const pkpAddress = req.vincentUser.decodedJWT.payload.pkp.ethAddress;
+ *     const appInfo = req.vincentUser.decodedJWT.payload.app;
+ *
+ *     if(appInfo) {
+ *       res.json({ message: `Hello, user with PKP address ${pkpAddress}. You are authenticated for app ${appInfo.id} @ v${appInfo.version}` });
+ *       return;
+ *     }
+ *
+ *     res.json({ message: `Hello, user with PKP address ${pkpAddress}.` });
+ *   })
+ * );
+ * ```
+ *
+ * See the code below for the implementation used by the `middleware` returned by this function. You can adapt this logic
+ * to the HTTP framework of your choice.
+ *
+ */
+function createVincentUserMiddleware(config) {
+    return {
+        middleware: getAuthenticateUserExpressHandler(config),
+        handler: authenticatedRequestHandler(config.userKey),
+    };
+}
+function authenticatedRequestHandler(userKey) {
+    return function (handler) {
+        return (req, res, next) => {
+            try {
+                assertAuthenticatedRequest(req, userKey);
+                return handler(req, res, next);
+            }
+            catch (_a) {
+                res.status(401).json({ error: 'Not authenticated' });
+            }
+        };
+    };
+}
+// #region expressHandlerTSDocExample
+function getAuthenticateUserExpressHandler({ allowedAudience, requiredAppId, userKey, }) {
+    return async (req, res, next) => {
+        const authHeader = req.headers.authorization;
+        if (!authHeader) {
+            res.status(401).json({ error: 'No token provided' });
+            return;
+        }
+        const parts = authHeader.split(' ');
+        if (parts.length !== 2) {
+            res.status(401).json({ error: `Invalid authorization header - expected "Bearer <token>"` });
+            return;
+        }
+        const [scheme, rawJWT] = parts;
+        if (!/^Bearer$/i.test(scheme)) {
+            res.status(401).json({ error: `Expected "Bearer" scheme, got "${scheme}"` });
+            return;
+        }
+        try {
+            const decodedJWT = (0, jwt_1.verify)({ jwt: rawJWT, expectedAudience: allowedAudience, requiredAppId });
+            if (!decodedJWT) {
+                res.status(401).json({ error: 'Invalid token' });
+                return;
+            }
+            req[userKey] = {
+                decodedJWT,
+                rawJWT,
+            };
+            next();
+        }
+        catch (e) {
+            res.status(401).json({ error: `Invalid token: ${e.message}` });
+        }
+    };
+}
+// #endregion expressHandlerTSDocExample
+//# sourceMappingURL=express.js.map

package/dist/src/expressMiddleware/express.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"express.js","sourceRoot":"","sources":["../../../src/expressMiddleware/express.ts"],"names":[],"mappings":";;AA8EA,kEASC;AAnFD,gCAAgC;AAChC,6CAAoD;AAEpD,SAAS,0BAA0B,CACjC,GAAY,EACZ,OAAgB;IAEhB,qCAAqC;IACrC,IAAI,CAAC,CAAC,OAAO,IAAI,GAAG,CAAC,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3E,MAAM,IAAI,KAAK,CAAC,4EAA4E,CAAC,CAAC;IAChG,CAAC;IAED,6BAA6B;IAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAA4B,CAAC;IAErD,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IAEpC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,IAAA,uBAAe,EAAC,UAAU,CAAC,EAAE,CAAC;QAC/D,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;IACvF,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmDG;AACH,SAAgB,2BAA2B,CAA+B,MAIzE;IACC,OAAO;QACL,UAAU,EAAE,iCAAiC,CAAC,MAAM,CAAC;QACrD,OAAO,EAAE,2BAA2B,CAAC,MAAM,CAAC,OAAO,CAAC;KACrD,CAAC;AACJ,CAAC;AAED,SAAS,2BAA2B,CAA+B,OAAgB;IACjF,OAAO,UAAU,OAA6C;QAC5D,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YACzD,IAAI,CAAC;gBACH,0BAA0B,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;gBACzC,OAAO,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;YACjC,CAAC;YAAC,WAAM,CAAC;gBACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;YACvD,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAED,qCAAqC;AACrC,SAAS,iCAAiC,CAA+B,EACvE,eAAe,EACf,aAAa,EACb,OAAO,GAKR;IACC,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;YACrD,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0DAA0D,EAAE,CAAC,CAAC;YAC5F,OAAO;QACT,CAAC;QAED,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC;QAC/B,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kCAAkC,MAAM,GAAG,EAAE,CAAC,CAAC;YAC7E,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAA,YAAM,EAAC,EAAE,GAAG,EAAE,MAAM,EAAE,gBAAgB,EAAE,eAAe,EAAE,aAAa,EAAE,CAAC,CAAC;YAC7F,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;gBACjD,OAAO;YACT,CAAC;YAEA,GAAiD,CAAC,OAAO,CAAC,GAAG;gBAC5D,UAAU;gBACV,MAAM;aACW,CAAC;YAEpB,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAmB,CAAW,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AACD,wCAAwC"}

package/dist/src/expressMiddleware/index.d.ts

@@ -0,0 +1,14 @@
+/** Express middleware is used to add a VincentJWT-specific authentication to your Express.js server routes
+ *
+ * All functionality is encapsulated into a single factory function -- see {@link createVincentUserMiddleware} for details
+ *
+ * You can see the source for the Express authentication handler below; use this as a reference to implement
+ * your own midddleware/authentication for other frameworks! Pull requests are welcome.
+ * {@includeCode ./express.ts#expressHandlerTSDocExample}
+ *
+ * @packageDocumentation
+ * @module expressMiddleware
+ * */
+export { createVincentUserMiddleware } from './express';
+export type { AuthenticatedRequest, AuthenticatedRequestHandler, ExtractRequestHandlerParams, VincentJWTData, } from './types';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/expressMiddleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/expressMiddleware/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;KAUK;AAEL,OAAO,EAAE,2BAA2B,EAAE,MAAM,WAAW,CAAC;AAExD,YAAY,EACV,oBAAoB,EACpB,2BAA2B,EAC3B,2BAA2B,EAC3B,cAAc,GACf,MAAM,SAAS,CAAC"}

package/dist/src/expressMiddleware/index.js

@@ -0,0 +1,17 @@
+"use strict";
+/** Express middleware is used to add a VincentJWT-specific authentication to your Express.js server routes
+ *
+ * All functionality is encapsulated into a single factory function -- see {@link createVincentUserMiddleware} for details
+ *
+ * You can see the source for the Express authentication handler below; use this as a reference to implement
+ * your own midddleware/authentication for other frameworks! Pull requests are welcome.
+ * {@includeCode ./express.ts#expressHandlerTSDocExample}
+ *
+ * @packageDocumentation
+ * @module expressMiddleware
+ * */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createVincentUserMiddleware = void 0;
+var express_1 = require("./express");
+Object.defineProperty(exports, "createVincentUserMiddleware", { enumerable: true, get: function () { return express_1.createVincentUserMiddleware; } });
+//# sourceMappingURL=index.js.map

package/dist/src/expressMiddleware/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/expressMiddleware/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;KAUK;;;AAEL,qCAAwD;AAA/C,sHAAA,2BAA2B,OAAA"}

package/dist/src/expressMiddleware/types.d.ts

@@ -0,0 +1,31 @@
+import type { NextFunction, Request, RequestHandler, Response } from 'express';
+import type { VincentJWT } from '../jwt/types';
+/** Extract the params type from the original Express.js RequestHandler
+ *
+ * You probably don't need this type; see { @link createVincentUserMiddleware } for details
+ *
+ * @category Interfaces
+ * */
+export type ExtractRequestHandlerParams<T> = T extends RequestHandler<infer P, infer ResBody, infer ReqBody, infer ReqQuery, infer Locals> ? [P, ResBody, ReqBody, ReqQuery, Locals] : never;
+/**
+ * An Express.js RequestHandler that guarantees the request is authenticated with a PKP address
+ *
+ * You probably don't need this type; see { @link createVincentUserMiddleware } for details
+ *
+ * @category Interfaces
+ * */
+export type AuthenticatedRequestHandler<UserKey extends string, P = ExtractRequestHandlerParams<RequestHandler>[0], ResBody = ExtractRequestHandlerParams<RequestHandler>[1], ReqBody = ExtractRequestHandlerParams<RequestHandler>[2], ReqQuery = ExtractRequestHandlerParams<RequestHandler>[3], Locals extends Record<string, any> = ExtractRequestHandlerParams<RequestHandler>[4]> = (req: AuthenticatedRequest<UserKey, P, ResBody, ReqBody, ReqQuery>, res: Response<ResBody, Locals>, next: NextFunction) => void | Promise<void>;
+export interface VincentJWTData {
+    decodedJWT: VincentJWT;
+    rawJWT: string;
+}
+/** An interface that extends the Express.js Request interface to include authenticated user data
+ *
+ * You probably don't need this type; see { @link createVincentUserMiddleware } for details
+ *
+ * @category Interfaces
+ * */
+export type AuthenticatedRequest<UserKey extends string, P = any, ResBody = any, ReqBody = any, ReqQuery = any> = Request<P, ResBody, ReqBody, ReqQuery> & {
+    [K in UserKey]: VincentJWTData;
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/src/expressMiddleware/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/expressMiddleware/types.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE/E,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE/C;;;;;KAKK;AACL,MAAM,MAAM,2BAA2B,CAAC,CAAC,IACvC,CAAC,SAAS,cAAc,CAAC,MAAM,CAAC,EAAE,MAAM,OAAO,EAAE,MAAM,OAAO,EAAE,MAAM,QAAQ,EAAE,MAAM,MAAM,CAAC,GACzF,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,GACvC,KAAK,CAAC;AAEZ;;;;;;KAMK;AACL,MAAM,MAAM,2BAA2B,CACrC,OAAO,SAAS,MAAM,EACtB,CAAC,GAAG,2BAA2B,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAClD,OAAO,GAAG,2BAA2B,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EACxD,OAAO,GAAG,2BAA2B,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EACxD,QAAQ,GAAG,2BAA2B,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EACzD,MAAM,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,2BAA2B,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IACjF,CACF,GAAG,EAAE,oBAAoB,CAAC,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,EACjE,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,EAC9B,IAAI,EAAE,YAAY,KACf,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE1B,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;;KAKK;AACL,MAAM,MAAM,oBAAoB,CAC9B,OAAO,SAAS,MAAM,EACtB,CAAC,GAAG,GAAG,EACP,OAAO,GAAG,GAAG,EACb,OAAO,GAAG,GAAG,EACb,QAAQ,GAAG,GAAG,IACZ,OAAO,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,GAAG;KAC1C,CAAC,IAAI,OAAO,GAAG,cAAc;CAC/B,CAAC"}

package/dist/src/expressMiddleware/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/src/expressMiddleware/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/expressMiddleware/types.ts"],"names":[],"mappings":""}

package/dist/src/index.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,CAAC"}

package/dist/src/index.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=index.js.map

package/dist/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":""}

package/dist/src/internal/LitNodeClient/LitNodeClientInstance.d.ts

@@ -0,0 +1,14 @@
+import type { LIT_NETWORKS_KEYS } from '@lit-protocol/types';
+import { LitNodeClient } from '@lit-protocol/lit-node-client';
+export declare class LitNodeClientInstance {
+    private readonly litNodeClientInstance;
+    private isConnected;
+    private connectHandle;
+    constructor({ network }: {
+        network: LIT_NETWORKS_KEYS;
+    });
+    connect(): Promise<boolean>;
+    disconnect(): Promise<void>;
+    get litNodeClient(): LitNodeClient;
+}
+//# sourceMappingURL=LitNodeClientInstance.d.ts.map

package/dist/src/internal/LitNodeClient/LitNodeClientInstance.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"LitNodeClientInstance.d.ts","sourceRoot":"","sources":["../../../../src/internal/LitNodeClient/LitNodeClientInstance.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAE7D,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D,qBAAa,qBAAqB;IAChC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAgB;IAEtD,OAAO,CAAC,WAAW,CAAS;IAE5B,OAAO,CAAC,aAAa,CAAiC;gBAE1C,EAAE,OAAO,EAAE,EAAE;QAAE,OAAO,EAAE,iBAAiB,CAAA;KAAE;IAOjD,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC;IA4B3B,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAqBjC,IAAI,aAAa,IAAI,aAAa,CAEjC;CACF"}

package/dist/src/internal/LitNodeClient/LitNodeClientInstance.js

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LitNodeClientInstance = void 0;
+const lit_node_client_1 = require("@lit-protocol/lit-node-client");
+class LitNodeClientInstance {
+    constructor({ network }) {
+        this.isConnected = false;
+        this.connectHandle = null;
+        this.litNodeClientInstance = new lit_node_client_1.LitNodeClient({
+            debug: true,
+            litNetwork: network,
+        });
+    }
+    async connect() {
+        if (!this.isConnected) {
+            // Coalesce concurrent calls
+            if (this.connectHandle) {
+                return this.connectHandle;
+            }
+            // Stash a handle so concurrent calls to connect are coaelesced into 1
+            this.connectHandle = this.litNodeClientInstance.connect().then(() => true);
+            try {
+                // Don't return until we know the result of pending connect attempt
+                await this.connectHandle;
+                this.isConnected = true;
+            }
+            catch (e) {
+                // We allow multiple calls to (retries!) to `connect()` even in case where one succeeded
+                // if `isConnected` is false (e.g. a prior attempt failed)
+                this.isConnected = false;
+                throw e;
+            }
+            finally {
+                this.connectHandle = null;
+            }
+            return this.isConnected;
+        }
+        return true;
+    }
+    async disconnect() {
+        if (!this.isConnected && this.connectHandle) {
+            // Wait for connect attempt to finish so we don't end up just re-adding the listener when it finishes.
+            try {
+                await this.connectHandle;
+                // eslint-disable-next-line @typescript-eslint/no-unused-vars
+            }
+            catch (e) {
+                /* Ignore errors on connect; we're disconnecting! */
+            }
+        }
+        try {
+            await this.litNodeClientInstance.disconnect();
+        }
+        catch (e) {
+            /* We did our best */
+            console.log('Failed to disconnect from LitNodeClientInstance.', e.message);
+        }
+        finally {
+            this.isConnected = false;
+        }
+    }
+    get litNodeClient() {
+        return this.litNodeClientInstance;
+    }
+}
+exports.LitNodeClientInstance = LitNodeClientInstance;
+//# sourceMappingURL=LitNodeClientInstance.js.map

package/dist/src/internal/LitNodeClient/LitNodeClientInstance.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"LitNodeClientInstance.js","sourceRoot":"","sources":["../../../../src/internal/LitNodeClient/LitNodeClientInstance.ts"],"names":[],"mappings":";;;AAEA,mEAA8D;AAE9D,MAAa,qBAAqB;IAOhC,YAAY,EAAE,OAAO,EAAkC;QAJ/C,gBAAW,GAAG,KAAK,CAAC;QAEpB,kBAAa,GAA4B,IAAI,CAAC;QAGpD,IAAI,CAAC,qBAAqB,GAAG,IAAI,+BAAa,CAAC;YAC7C,KAAK,EAAE,IAAI;YACX,UAAU,EAAE,OAAO;SACpB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,4BAA4B;YAC5B,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC,aAAa,CAAC;YAC5B,CAAC;YAED,sEAAsE;YACtE,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;YAE3E,IAAI,CAAC;gBACH,mEAAmE;gBACnE,MAAM,IAAI,CAAC,aAAa,CAAC;gBACzB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YAC1B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,wFAAwF;gBACxF,0DAA0D;gBAC1D,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;gBACzB,MAAM,CAAC,CAAC;YACV,CAAC;oBAAS,CAAC;gBACT,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC5B,CAAC;YACD,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC5C,sGAAsG;YACtG,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC;gBACzB,6DAA6D;YAC/D,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,oDAAoD;YACtD,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE,CAAC;QAChD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,qBAAqB;YACrB,OAAO,CAAC,GAAG,CAAC,kDAAkD,EAAG,CAAW,CAAC,OAAO,CAAC,CAAC;QACxF,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,qBAAqB,CAAC;IACpC,CAAC;CACF;AAlED,sDAkEC"}

package/dist/src/internal/LitNodeClient/getLitNodeClient.d.ts

@@ -0,0 +1,7 @@
+import type { LitNodeClient } from '@lit-protocol/lit-node-client';
+import type { LIT_NETWORKS_KEYS } from '@lit-protocol/types';
+export declare function getLitNodeClientInstance({ network, }: {
+    network: LIT_NETWORKS_KEYS;
+}): Promise<LitNodeClient>;
+export declare function disconnectLitNodeClientInstance(): Promise<boolean>;
+//# sourceMappingURL=getLitNodeClient.d.ts.map

package/dist/src/internal/LitNodeClient/getLitNodeClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"getLitNodeClient.d.ts","sourceRoot":"","sources":["../../../../src/internal/LitNodeClient/getLitNodeClient.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAM7D,wBAAsB,wBAAwB,CAAC,EAC7C,OAAO,GACR,EAAE;IACD,OAAO,EAAE,iBAAiB,CAAC;CAC5B,GAAG,OAAO,CAAC,aAAa,CAAC,CAYzB;AAED,wBAAsB,+BAA+B,qBAMpD"}

package/dist/src/internal/LitNodeClient/getLitNodeClient.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getLitNodeClientInstance = getLitNodeClientInstance;
+exports.disconnectLitNodeClientInstance = disconnectLitNodeClientInstance;
+const LitNodeClientInstance_1 = require("./LitNodeClientInstance");
+let instance = null;
+async function getLitNodeClientInstance({ network, }) {
+    if (instance) {
+        // connect() is idempotent; if we're retrying from outside, attempt to connect again
+        // This is a no-op if already connected 🎉 but if a prior attempt fails, it'll try again.
+        await instance.connect();
+        return instance.litNodeClient;
+    }
+    instance = new LitNodeClientInstance_1.LitNodeClientInstance({ network });
+    await instance.connect();
+    return instance.litNodeClient;
+}
+async function disconnectLitNodeClientInstance() {
+    if (instance) {
+        await instance.disconnect();
+        instance = null;
+    }
+    return true;
+}
+//# sourceMappingURL=getLitNodeClient.js.map

package/dist/src/internal/LitNodeClient/getLitNodeClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"getLitNodeClient.js","sourceRoot":"","sources":["../../../../src/internal/LitNodeClient/getLitNodeClient.ts"],"names":[],"mappings":";;AAOA,4DAgBC;AAED,0EAMC;AA5BD,mEAAgE;AAEhE,IAAI,QAAQ,GAAiC,IAAI,CAAC;AAE3C,KAAK,UAAU,wBAAwB,CAAC,EAC7C,OAAO,GAGR;IACC,IAAI,QAAQ,EAAE,CAAC;QACb,oFAAoF;QACpF,yFAAyF;QACzF,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;QACzB,OAAO,QAAQ,CAAC,aAAa,CAAC;IAChC,CAAC;IAED,QAAQ,GAAG,IAAI,6CAAqB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAClD,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;IAEzB,OAAO,QAAQ,CAAC,aAAa,CAAC;AAChC,CAAC;AAEM,KAAK,UAAU,+BAA+B;IACnD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;QAC5B,QAAQ,GAAG,IAAI,CAAC;IAClB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/src/jwt/accessors.d.ts

@@ -0,0 +1,8 @@
+import type { IRelayPKP } from '@lit-protocol/types';
+import type { VincentJWT, VincentJWTAppSpecific } from './types';
+export declare function getAppInfo(decodedJWT: VincentJWTAppSpecific): {
+    appId: number;
+    version: number;
+};
+export declare function getPKPInfo(decodedJWT: VincentJWT): IRelayPKP;
+//# sourceMappingURL=accessors.d.ts.map

package/dist/src/jwt/accessors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"accessors.d.ts","sourceRoot":"","sources":["../../../src/jwt/accessors.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAErD,OAAO,KAAK,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAIjE,wBAAgB,UAAU,CAAC,UAAU,EAAE,qBAAqB,GAAG;IAC7D,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAMA;AAED,wBAAgB,UAAU,CAAC,UAAU,EAAE,UAAU,GAAG,SAAS,CAE5D"}

package/dist/src/jwt/accessors.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAppInfo = getAppInfo;
+exports.getPKPInfo = getPKPInfo;
+const typeGuards_1 = require("./typeGuards");
+function getAppInfo(decodedJWT) {
+    if (!(0, typeGuards_1.isAppSpecificJWT)(decodedJWT)) {
+        throw new Error('JWT is not app specific');
+    }
+    return { appId: decodedJWT.payload.app.id, version: decodedJWT.payload.app.version };
+}
+function getPKPInfo(decodedJWT) {
+    return decodedJWT.payload.pkp;
+}
+//# sourceMappingURL=accessors.js.map

package/dist/src/jwt/accessors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"accessors.js","sourceRoot":"","sources":["../../../src/jwt/accessors.ts"],"names":[],"mappings":";;AAMA,gCASC;AAED,gCAEC;AAfD,6CAAgD;AAEhD,SAAgB,UAAU,CAAC,UAAiC;IAI1D,IAAI,CAAC,IAAA,6BAAgB,EAAC,UAAU,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;AACvF,CAAC;AAED,SAAgB,UAAU,CAAC,UAAsB;IAC/C,OAAO,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC;AAChC,CAAC"}

package/dist/src/jwt/core/create.d.ts

@@ -0,0 +1,24 @@
+import type { JWTConfig } from '../types';
+/**
+ * Creates a JWT signed by a PKP wallet using the ES256K algorithm
+ *
+ * This function creates a JWT with the provided payload, adding standard claims
+ * like iat (issued at), exp (expiration), and iss (issuer). It also includes the
+ * PKP public key in the payload, which is used for verification.
+ *
+ * @param config - Configuration object containing all parameters for JWT creation
+ * @returns A promise that resolves to the signed JWT string
+ * @hidden
+ * @example
+ * ```typescript
+ * const jwt = await createPKPSignedJWT({
+ *   pkpWallet: pkpWallet,
+ *   pkp: pkpInfo,
+ *   payload: { name: "Lit Protocol User", customField: "value" },
+ *   expiresInMinutes: 30, // expires in 30 minutes
+ *   audience: "example.com" // audience domain
+ * });
+ * ```
+ */
+export declare function create(config: JWTConfig): Promise<string>;
+//# sourceMappingURL=create.d.ts.map

package/dist/src/jwt/core/create.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"create.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,SAAS,EAAyB,MAAM,UAAU,CAAC;AA8CjE;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,MAAM,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAoC/D"}

package/dist/src/jwt/core/create.js

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.create = create;
+const tslib_1 = require("tslib");
+const didJWT = tslib_1.__importStar(require("did-jwt"));
+const ethers_1 = require("ethers");
+const utils_1 = require("ethers/lib/utils");
+const base64_1 = require("./utils/base64");
+/**
+ * Creates a signer function compatible with did-jwt that uses a PKP wallet for signing
+ *
+ * This function returns a signing function that conforms to the did-jwt library's
+ * signer interface. When called, it signs data using the PKP wallet, formatting
+ * the signature according to ES256K requirements (without recovery parameter).
+ *
+ * @param pkpWallet - The PKP Ethers wallet instance that will be used for signing
+ * @returns A signing function that takes data and returns a base64url-encoded signature
+ * @private
+ * @example
+ * ```typescript
+ * const pkpWallet = new PKPEthersWallet({ ... });
+ * const signer = createPKPSigner(pkpWallet);
+ * const signature = await signer('data to sign');
+ * ```
+ */
+function createPKPSigner(pkpWallet) {
+    /**
+     * The actual signer function conforming to the did-jwt signer interface
+     *
+     * @param data - The data to sign, either as a string or Uint8Array
+     * @returns A promise that resolves to the base64url-encoded signature
+     */
+    return async (data) => {
+        const dataBytes = typeof data === 'string' ? Uint8Array.from(Buffer.from(data, 'utf8')) : data;
+        const sig = await pkpWallet.signMessage(dataBytes);
+        const { r, s } = ethers_1.ethers.utils.splitSignature(sig);
+        const rBytes = (0, utils_1.arrayify)(r);
+        const sBytes = (0, utils_1.arrayify)(s);
+        // ES256K signature is r and s concatenated (64 bytes total)
+        const sigBytes = new Uint8Array(64);
+        sigBytes.set(rBytes, 0);
+        sigBytes.set(sBytes, 32);
+        return (0, base64_1.toBase64Url)(sigBytes);
+    };
+}
+/**
+ * Creates a JWT signed by a PKP wallet using the ES256K algorithm
+ *
+ * This function creates a JWT with the provided payload, adding standard claims
+ * like iat (issued at), exp (expiration), and iss (issuer). It also includes the
+ * PKP public key in the payload, which is used for verification.
+ *
+ * @param config - Configuration object containing all parameters for JWT creation
+ * @returns A promise that resolves to the signed JWT string
+ * @hidden
+ * @example
+ * ```typescript
+ * const jwt = await createPKPSignedJWT({
+ *   pkpWallet: pkpWallet,
+ *   pkp: pkpInfo,
+ *   payload: { name: "Lit Protocol User", customField: "value" },
+ *   expiresInMinutes: 30, // expires in 30 minutes
+ *   audience: "example.com" // audience domain
+ * });
+ * ```
+ */
+async function create(config) {
+    const { app, pkpWallet, pkp, payload, expiresInMinutes, audience, authentication } = config;
+    const signer = createPKPSigner(pkpWallet);
+    // iat and exp are expressed in seconds https://datatracker.ietf.org/doc/html/rfc7519
+    const iat = Math.floor(Date.now() / 1000);
+    const exp = iat + expiresInMinutes * 60;
+    const walletAddress = await pkpWallet.getAddress();
+    const fullPayload = {
+        ...payload,
+        aud: audience,
+        iat,
+        exp,
+        iss: `did:ethr:${walletAddress}`,
+        pkp,
+        app,
+        authentication: {
+            type: authentication.type,
+            ...(authentication.value ? { value: authentication.value } : {}),
+        },
+    };
+    const jwt = await didJWT.createJWT(fullPayload, {
+        issuer: `did:ethr:${walletAddress}`,
+        signer,
+    }, {
+        alg: 'ES256K',
+    });
+    return jwt;
+}
+//# sourceMappingURL=create.js.map

package/dist/src/jwt/core/create.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"create.js","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":";;AAyEA,wBAoCC;;AA7GD,wDAAkC;AAClC,mCAAgC;AAChC,4CAA4C;AAM5C,2CAA6C;AAE7C;;;;;;;;;;;;;;;;GAgBG;AACH,SAAS,eAAe,CAAC,SAA0B;IACjD;;;;;OAKG;IACH,OAAO,KAAK,EAAE,IAAyB,EAAmB,EAAE;QAC1D,MAAM,SAAS,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE/F,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,eAAM,CAAC,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;QAElD,MAAM,MAAM,GAAG,IAAA,gBAAQ,EAAC,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,GAAG,IAAA,gBAAQ,EAAC,CAAC,CAAC,CAAC;QAE3B,4DAA4D;QAC5D,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACpC,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACxB,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAEzB,OAAO,IAAA,oBAAW,EAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,MAAM,CAAC,MAAiB;IAC5C,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;IAC5F,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAE1C,qFAAqF;IACrF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,GAAG,GAAG,gBAAgB,GAAG,EAAE,CAAC;IAExC,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,UAAU,EAAE,CAAC;IAEnD,MAAM,WAAW,GAA0B;QACzC,GAAG,OAAO;QACV,GAAG,EAAE,QAAQ;QACb,GAAG;QACH,GAAG;QACH,GAAG,EAAE,YAAY,aAAa,EAAE;QAChC,GAAG;QACH,GAAG;QACH,cAAc,EAAE;YACd,IAAI,EAAE,cAAc,CAAC,IAAI;YACzB,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjE;KACF,CAAC;IAEF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,SAAS,CAChC,WAAW,EACX;QACE,MAAM,EAAE,YAAY,aAAa,EAAE;QACnC,MAAM;KACP,EACD;QACE,GAAG,EAAE,QAAQ;KACd,CACF,CAAC;IAEF,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/src/jwt/core/isExpired.d.ts

@@ -0,0 +1,9 @@
+import type { VincentJWT } from '../types';
+/** Checks if a JWT is expired based on its 'exp' claim
+ *
+ * @returns true if expired, false otherwise
+ * @param decodedJWT
+ * @category API
+ */
+export declare function isExpired(decodedJWT: VincentJWT): boolean;
+//# sourceMappingURL=isExpired.d.ts.map

package/dist/src/jwt/core/isExpired.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"isExpired.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/isExpired.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAE3C;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAWzD"}