@monterosa/sdk-identify-kit 2.0.0-rc.4 → 2.0.0-rc.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.cjs CHANGED
@@ -305,7 +305,7 @@ class LoginPolicyStore extends sdkUtil.Emitter {
305
305
  * More details on the license can be found at https://www.monterosa.co/sdk/license
306
306
  */
307
307
  /**
308
- * Root-owned credentials slot.
308
+ * Root-owned credentials store.
309
309
  *
310
310
  * Single source of truth at the root of an integration; an internal
311
311
  * mirror at every other level, kept in sync via `Login` / `Logout`
@@ -377,26 +377,18 @@ function getLoginPolicy() {
377
377
  return loginPolicyStore.policy;
378
378
  }
379
379
  /**
380
- * Set the locally-owned login policy.
380
+ * Set the login policy.
381
381
  *
382
- * All `Identify` instances at this level honour the same policy; the
383
- * value is never propagated across the wire (each level of a multi-level
384
- * integration owns its own policy).
382
+ * - `'auto'`: the SDK automatically logs the user in whenever
383
+ * credentials are available.
384
+ * - `'disabled'`: credentials are tracked but no automatic login is
385
+ * attempted.
385
386
  *
386
- * Policy gates the Enmasse `loginTask` only credentials always mirror
387
- * from upstream regardless of policy. A `'disabled'` level still
388
- * receives credentials via the module-load pull and the cascading
389
- * `Login` / `Logout` broadcasts; it just doesn't attempt Enmasse
390
- * validation against them.
387
+ * Each level of a multi-level integration owns its own policy; the
388
+ * value is never propagated to embedded experiences. Idempotent:
389
+ * setting the same policy is a no-op.
391
390
  *
392
- * When the policy transitions to `'auto'`, enqueues a sync-state task
393
- * for every existing identify so that any in-flight session is picked
394
- * up.
395
- *
396
- * Idempotent: setting the same policy that's already in effect is a
397
- * no-op.
398
- *
399
- * @param policy - `'auto'` to enable auto-login, `'disabled'` to opt out.
391
+ * @param policy - `'auto'` or `'disabled'`.
400
392
  */
401
393
  function setLoginPolicy(policy) {
402
394
  if (loginPolicyStore.policy === policy) {
@@ -406,13 +398,12 @@ function setLoginPolicy(policy) {
406
398
  if (policy !== 'auto') {
407
399
  return;
408
400
  }
409
- // On transition to 'auto': if the local credentials slot already
410
- // has a value (typical after the non-root module-load pull, or after
411
- // a setCredentials at the root, or after an upstream Login broadcast
412
- // has cascaded down), enqueue a login task for each existing
413
- // identify. If the slot is empty, do nothing — a future credentials
414
- // arrival via `applyLogin` will trigger the login under this new
415
- // policy.
401
+ // On transition to 'auto': if credentials are currently set (typical
402
+ // after the non-root module-load pull, or after a setCredentials at
403
+ // the root, or after an upstream Login broadcast has cascaded down),
404
+ // enqueue a login task for each existing identify. If no credentials
405
+ // are set, do nothing — a future credentials arrival via `applyLogin`
406
+ // will trigger the login under this new policy.
416
407
  const { credentials } = credentialsStore;
417
408
  if (credentials === null) {
418
409
  return;
@@ -606,13 +597,15 @@ function enqueueLogout(identify) {
606
597
  taskQueue.enqueue(() => logoutTask(identify));
607
598
  }
608
599
  /**
609
- * Apply new credentials at this level: update the slot, enqueue a
610
- * `loginTask` for every existing identify on the null-to-set transition,
611
- * and broadcast `Login` downstream to every embedded experience.
600
+ * Apply new credentials at this level: update the current credentials,
601
+ * enqueue a `loginTask` for every existing identify on the null-to-set
602
+ * transition, and broadcast `Login` downstream to every embedded
603
+ * experience.
612
604
  *
613
- * Idempotent on token refresh: re-setting an already-set slot updates
614
- * the value and broadcasts, but does not re-enqueue logins (their
615
- * `loginTask` would short-circuit on `state === 'logged_in'` anyway).
605
+ * Idempotent on token refresh: re-setting when credentials are already
606
+ * present updates the value and broadcasts, but does not re-enqueue
607
+ * logins (their `loginTask` would short-circuit on
608
+ * `state === 'logged_in'` anyway).
616
609
  *
617
610
  * @internal
618
611
  */
@@ -629,10 +622,10 @@ function applyLogin(credentials) {
629
622
  }
630
623
  }
631
624
  /**
632
- * Clear credentials at this level: null out the slot, enqueue a
633
- * `logoutTask` for every existing identify on the set-to-null
634
- * transition, and broadcast `Logout` downstream to every embedded
635
- * experience.
625
+ * Clear credentials at this level: clear the current credentials,
626
+ * enqueue a `logoutTask` for every existing identify on the
627
+ * set-to-null transition, and broadcast `Logout` downstream to every
628
+ * embedded experience.
636
629
  *
637
630
  * @internal
638
631
  */
@@ -655,11 +648,11 @@ function applyLogout() {
655
648
  * `loginPolicy` — token presence is the customer-side sign-in state and
656
649
  * must mirror upstream whether or not we choose to validate against
657
650
  * Enmasse. Best-effort: a missing or non-identify-kit parent silently
658
- * resolves with no slot change.
651
+ * resolves with no change to the current credentials.
659
652
  *
660
- * Uses {@link applyLogin} so the slot update cascades downstream to
661
- * this level's own embedded experiences and per-identify loginTasks
662
- * are enqueued under `loginPolicy === 'auto'`.
653
+ * Uses {@link applyLogin} so the update cascades downstream to this
654
+ * level's own embedded experiences and per-identify loginTasks are
655
+ * enqueued under `loginPolicy === 'auto'`.
663
656
  *
664
657
  * @internal
665
658
  */
@@ -714,7 +707,10 @@ function getIdentify(sdkOrOptions, options) {
714
707
  return identify;
715
708
  }
716
709
  /**
717
- * Requests a user login.
710
+ * Request a user login.
711
+ *
712
+ * When called from an embedded experience, the request is relayed to
713
+ * the parent application — the host that owns the auth UI handles it.
718
714
  *
719
715
  * @example
720
716
  * ```javascript
@@ -725,20 +721,14 @@ function getIdentify(sdkOrOptions, options) {
725
721
  *
726
722
  * try {
727
723
  * await requestLogin();
728
- *
729
724
  * console.log('Login request successful');
730
725
  * } catch (err) {
731
726
  * console.error('Error requesting login:', err.message)
732
727
  * }
733
728
  * ```
734
729
  *
735
- * @remarks
736
- * - If the app is running within a third-party application that uses
737
- * the Monterosa SDK, the function delegates to the parent app
738
- * to handle the login process.
739
- *
740
- * @returns A Promise that resolves with `void` when the login request
741
- * is completed.
730
+ * @returns A Promise that resolves once the login request has been
731
+ * delivered.
742
732
  */
743
733
  async function requestLogin() {
744
734
  if (sdkLauncherKit.getParentApplication() !== null) {
@@ -748,16 +738,14 @@ async function requestLogin() {
748
738
  requestsEmitter.emit(IdentifyEvent.LoginRequested);
749
739
  }
750
740
  /**
751
- * Read the current credentials, pulling from the parent application when
752
- * called from an embedded experience.
741
+ * Read the current credentials.
753
742
  *
754
- * At the root this returns the canonical slot value. At a non-root
755
- * experience this dispatches a `GetCredentials` request upstream and
756
- * resolves with the response, ensuring the caller always sees the
757
- * authoritative value rather than a possibly-stale local mirror.
743
+ * When called from an embedded experience, fetches the credentials
744
+ * from the parent application so the caller always sees the
745
+ * authoritative value.
758
746
  *
759
- * @returns A Promise that resolves to the current credentials, or `null`
760
- * if none are set.
747
+ * @returns A Promise that resolves to the current credentials, or
748
+ * `null` if none are set.
761
749
  */
762
750
  async function getCredentials() {
763
751
  if (sdkLauncherKit.getParentApplication() === null) {
@@ -766,7 +754,10 @@ async function getCredentials() {
766
754
  return sendParentRequest(IdentifyAction.GetCredentials);
767
755
  }
768
756
  /**
769
- * Requests a user logout.
757
+ * Request a user logout.
758
+ *
759
+ * When called from an embedded experience, the request is relayed to
760
+ * the parent application — the host that owns the auth UI handles it.
770
761
  *
771
762
  * @example
772
763
  * ```javascript
@@ -777,20 +768,14 @@ async function getCredentials() {
777
768
  *
778
769
  * try {
779
770
  * await requestLogout();
780
- *
781
771
  * console.log('Logout request successful');
782
772
  * } catch (err) {
783
773
  * console.error('Error requesting logout:', err.message)
784
774
  * }
785
775
  * ```
786
776
  *
787
- * @remarks
788
- * - If the app is running within a third-party application that uses
789
- * the Monterosa SDK, the function delegates to the parent app
790
- * to handle the logout process.
791
- *
792
- * @returns A Promise that resolves with `void` when the logout request
793
- * is completed.
777
+ * @returns A Promise that resolves once the logout request has been
778
+ * delivered.
794
779
  */
795
780
  async function requestLogout() {
796
781
  if (sdkLauncherKit.getParentApplication() !== null) {
@@ -826,6 +811,8 @@ async function getSessionSignature(identify, credentials) {
826
811
  return signature;
827
812
  }
828
813
  /**
814
+ * @internal
815
+ *
829
816
  * A memoized version of the `getSessionSignature` function. Memo key is
830
817
  * the credentials token, so both leaf-side and bridge-side callers share
831
818
  * the same cache for the same token.
@@ -835,12 +822,10 @@ const getSessionSignatureMemoized = sdkUtil.memoizePromise(getSessionSignature,
835
822
  clearOnReject: true,
836
823
  });
837
824
  /**
838
- * Fetches user data for the given credentials.
825
+ * Fetch user data for the given credentials.
839
826
  *
840
- * Credentials are required explicitly so the precondition is visible at
841
- * the call site — without them the function cannot be called. Obtain a
842
- * `Credentials` value via {@link getCredentials} or the
843
- * {@link onCredentialsUpdated} callback.
827
+ * Credentials are required explicitly. Obtain a value via
828
+ * {@link getCredentials} or the {@link onCredentialsUpdated} callback.
844
829
  *
845
830
  * @example
846
831
  * ```javascript
@@ -863,16 +848,13 @@ const getSessionSignatureMemoized = sdkUtil.memoizePromise(getSessionSignature,
863
848
  * ```
864
849
  *
865
850
  * @remarks
866
- * Cached on the identify instance after the first successful fetch.
867
- * Cleared on {@link clearCredentials} via the logout path.
868
- *
869
- * @param identify - An instance of `IdentifyKit` that provides the user
870
- * identification functionality.
871
- * @param credentials - The user's authentication credentials. The
872
- * request authorises against the value's token.
873
- * @returns A Promise that resolves to a key-value object representing
874
- * user data. The structure and content of the user data object depend
875
- * on the identify service provider and may vary.
851
+ * Cached after the first successful fetch and reset when credentials
852
+ * are cleared.
853
+ *
854
+ * @param identify - The IdentifyKit instance.
855
+ * @param credentials - The user's authentication credentials.
856
+ * @returns A Promise that resolves to a key-value object of user data.
857
+ * The structure depends on the identify service provider.
876
858
  */
877
859
  async function getUserData(identify, credentials) {
878
860
  if (identify.userData !== null) {
@@ -884,7 +866,12 @@ async function getUserData(identify, credentials) {
884
866
  return data;
885
867
  }
886
868
  /**
887
- * Sets the user's authentication credentials.
869
+ * Set the user's authentication credentials.
870
+ *
871
+ * The credentials become the active credentials for the entire
872
+ * integration. When called from an embedded experience, the call is
873
+ * relayed to the parent application so that every level of the
874
+ * integration sees the new value.
888
875
  *
889
876
  * @example
890
877
  * ```javascript
@@ -896,18 +883,9 @@ async function getUserData(identify, credentials) {
896
883
  * await setCredentials({ token: 'abc123' });
897
884
  * ```
898
885
  *
899
- * @remarks
900
- * - At the root of an integration, the credentials are stored locally
901
- * and a `Login` broadcast is sent to every embedded experience.
902
- * - When called from an embedded experience, the call is relayed
903
- * upstream via the `SetCredentials` wire action. The credentials are
904
- * ultimately applied at the root and propagate back down via the
905
- * cascading `Login` broadcast.
906
- *
907
- * @param credentials - An object representing the user's authentication
908
- * credentials.
909
- * @returns A Promise that resolves to `void` once the credentials have
910
- * been written (root) or the upstream relay has completed (non-root).
886
+ * @param credentials - The user's authentication credentials.
887
+ * @returns A Promise that resolves once the credentials have been
888
+ * applied.
911
889
  */
912
890
  async function setCredentials(credentials) {
913
891
  if (sdkLauncherKit.getParentApplication() !== null) {
@@ -917,7 +895,11 @@ async function setCredentials(credentials) {
917
895
  applyLogin(credentials);
918
896
  }
919
897
  /**
920
- * Clears the user's authentication credentials.
898
+ * Clear the user's authentication credentials.
899
+ *
900
+ * When called from an embedded experience, the call is relayed to the
901
+ * parent application so that every level of the integration is
902
+ * cleared.
921
903
  *
922
904
  * @example
923
905
  * ```javascript
@@ -929,16 +911,8 @@ async function setCredentials(credentials) {
929
911
  * await clearCredentials();
930
912
  * ```
931
913
  *
932
- * @remarks
933
- * - At the root of an integration, the credentials slot is cleared and
934
- * a `Logout` broadcast is sent to every embedded experience.
935
- * - When called from an embedded experience, the call is relayed
936
- * upstream via the `ClearCredentials` wire action. The slot is
937
- * cleared at the root and the cascading `Logout` broadcast propagates
938
- * back down.
939
- *
940
- * @returns A Promise that resolves to `void` once the slot has been
941
- * cleared (root) or the upstream relay has completed (non-root).
914
+ * @returns A Promise that resolves once the credentials have been
915
+ * cleared.
942
916
  */
943
917
  async function clearCredentials() {
944
918
  if (sdkLauncherKit.getParentApplication() !== null) {
@@ -948,8 +922,7 @@ async function clearCredentials() {
948
922
  applyLogout();
949
923
  }
950
924
  /**
951
- * Registers a callback function that will be called whenever the `LoginState`
952
- * object associated with the `IdentifyKit` instance is updated.
925
+ * Register a callback for `LoginState` updates on the given identify.
953
926
  *
954
927
  * @example
955
928
  * ```javascript
@@ -963,24 +936,17 @@ async function clearCredentials() {
963
936
  * const unsubscribe = onStateUpdated(identify, (state) => {
964
937
  * console.log("State updated:", state);
965
938
  * });
966
- *
967
- * // Call unsubscribe() to unregister the callback function
968
- * // unsubscribe();
969
939
  * ```
970
940
  *
971
- * @param identify - An instance of `IdentifyKit` that provides the user
972
- * identification functionality.
973
- * @param callback - The callback function to register. This function will be
974
- * called with the updated `LoginState` object as its only argument.
975
- * @returns An `Unsubscribe` function that can be called to unregister
976
- * the callback function.
941
+ * @param identify - The IdentifyKit instance.
942
+ * @param callback - Called with the updated `LoginState`.
943
+ * @returns An `Unsubscribe` function.
977
944
  */
978
945
  function onStateUpdated(identify, callback) {
979
946
  return sdkUtil.subscribe(identify, IdentifyEvent.StateUpdated, callback);
980
947
  }
981
948
  /**
982
- * Registers a callback function that will be called whenever the
983
- * credentials slot is updated.
949
+ * Register a callback for updates to the current credentials.
984
950
  *
985
951
  * @example
986
952
  * ```javascript
@@ -996,24 +962,20 @@ function onStateUpdated(identify, callback) {
996
962
  * console.log("Credentials cleared.");
997
963
  * }
998
964
  * });
999
- *
1000
- * // Call unsubscribe() to unregister the callback function
1001
- * // unsubscribe();
1002
965
  * ```
1003
966
  *
1004
- * @param callback - The callback function to register. This function will be
1005
- * called with the updated `Credentials` object as its only argument.
1006
- * If the value `null` is received, it indicates that the credentials have
1007
- * been cleared.
1008
- * @returns An `Unsubscribe` function that can be called to unregister
1009
- * the callback function.
967
+ * @param callback - Called with the updated `Credentials`, or `null`
968
+ * when credentials are cleared.
969
+ * @returns An `Unsubscribe` function.
1010
970
  */
1011
971
  function onCredentialsUpdated(callback) {
1012
972
  return credentialsStore.subscribe(callback);
1013
973
  }
1014
974
  /**
1015
- * Registers a callback function that will be called when a login is requested
1016
- * by an Experience.
975
+ * Register a callback for login requests.
976
+ *
977
+ * Fires when {@link requestLogin} is called at this level — whether by
978
+ * local code or relayed up from an embedded experience.
1017
979
  *
1018
980
  * @example
1019
981
  * ```javascript
@@ -1025,22 +987,19 @@ function onCredentialsUpdated(callback) {
1025
987
  * const unsubscribe = onLoginRequestedByExperience(() => {
1026
988
  * showLoginForm();
1027
989
  * });
1028
- *
1029
- * // Call unsubscribe() to unregister the callback function
1030
- * // unsubscribe();
1031
990
  * ```
1032
991
  *
1033
- * @param callback - The callback function to register. This function will
1034
- * be called when a login is requested by an Experience.
1035
- * @returns An `Unsubscribe` function that can be called to unregister
1036
- * the callback function.
992
+ * @param callback - Called when a login is requested.
993
+ * @returns An `Unsubscribe` function.
1037
994
  */
1038
995
  function onLoginRequestedByExperience(callback) {
1039
996
  return sdkUtil.subscribe(requestsEmitter, IdentifyEvent.LoginRequested, callback);
1040
997
  }
1041
998
  /**
1042
- * Registers a callback function that will be called when a logout is requested
1043
- * by an Experience.
999
+ * Register a callback for logout requests.
1000
+ *
1001
+ * Fires when {@link requestLogout} is called at this level — whether
1002
+ * by local code or relayed up from an embedded experience.
1044
1003
  *
1045
1004
  * @example
1046
1005
  * ```javascript
@@ -1050,24 +1009,17 @@ function onLoginRequestedByExperience(callback) {
1050
1009
  * configure({ host: '...', projectId: '...' });
1051
1010
  *
1052
1011
  * const unsubscribe = onLogoutRequestedByExperience(() => {
1053
- * // logout requested by experience
1054
- * // perform logout from Auth service
1012
+ * // perform logout from auth service
1055
1013
  * });
1056
- *
1057
- * // Call unsubscribe() to unregister the callback function
1058
- * // unsubscribe();
1059
1014
  * ```
1060
1015
  *
1061
- * @param callback - The callback function to register. This function will
1062
- * be called when a logout is requested by an Experience.
1063
- * @returns An `Unsubscribe` function that can be called to unregister
1064
- * the callback function.
1016
+ * @param callback - Called when a logout is requested.
1017
+ * @returns An `Unsubscribe` function.
1065
1018
  */
1066
1019
  function onLogoutRequestedByExperience(callback) {
1067
1020
  return sdkUtil.subscribe(requestsEmitter, IdentifyEvent.LogoutRequested, callback);
1068
1021
  }
1069
1022
  /**
1070
- *
1071
1023
  * @internal
1072
1024
  */
1073
1025
  async function watchConnectionStatus(identify) {
@@ -1112,7 +1064,7 @@ async function watchConnectionStatus(identify) {
1112
1064
  */
1113
1065
  /**
1114
1066
  * Process an incoming `Login` / `Logout` broadcast from the parent
1115
- * application. Updates the local credentials slot, enqueues login/logout
1067
+ * application. Updates the local current credentials, enqueues login/logout
1116
1068
  * for every existing identify, and forwards the broadcast downstream to
1117
1069
  * this level's own embedded experiences — the mechanism that cascades a
1118
1070
  * root-level `setCredentials` through every nested experience.