@moon-x/core 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/{chunk-SOKLPX7V.mjs → chunk-VVL65GIB.mjs} +10 -0
- package/dist/index.d.mts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +10 -0
- package/dist/index.mjs +1 -1
- package/dist/{interfaces-9k0eKCc4.d.ts → interfaces-Bm7fGOAI.d.ts} +73 -24
- package/dist/{interfaces-fNhwnCeY.d.mts → interfaces-CYtJHALV.d.mts} +73 -24
- package/dist/{post-message-C_99BCBh.d.ts → post-message-CmgAfkOS.d.mts} +2 -0
- package/dist/{post-message-C_99BCBh.d.mts → post-message-CmgAfkOS.d.ts} +2 -0
- package/dist/react/index.d.mts +1 -0
- package/dist/react/index.d.ts +1 -0
- package/dist/react/index.js +2 -1
- package/dist/react/index.mjs +2 -1
- package/dist/sdk/index.d.mts +26 -12
- package/dist/sdk/index.d.ts +26 -12
- package/dist/sdk/index.js +57 -8
- package/dist/sdk/index.mjs +46 -8
- package/dist/types/index.d.mts +19 -3
- package/dist/types/index.d.ts +19 -3
- package/dist/utils/index.d.mts +1 -1
- package/dist/utils/index.d.ts +1 -1
- package/dist/utils/index.js +10 -0
- package/dist/utils/index.mjs +1 -1
- package/dist/web/index.d.mts +2 -2
- package/dist/web/index.d.ts +2 -2
- package/dist/web/index.js +23 -116
- package/dist/web/index.mjs +24 -60
- package/package.json +6 -2
package/README.md
CHANGED
|
@@ -64,6 +64,16 @@ var PostMessageMethod = {
|
|
|
64
64
|
// begin/verify HTTP calls (where the session JWT lives).
|
|
65
65
|
PASSKEY_REGISTER_BEGIN: "PASSKEY_REGISTER_BEGIN",
|
|
66
66
|
PASSKEY_REGISTER_VERIFY: "PASSKEY_REGISTER_VERIFY",
|
|
67
|
+
// Passkey-asserted step-up ("presence token"). Same split as register:
|
|
68
|
+
// parent owns the WebAuthn API call; iframe owns the begin/verify
|
|
69
|
+
// HTTP halves (where the session JWT lives). Mints a short-lived
|
|
70
|
+
// (`tt:"presence"`) JWT app backends can verify over JWKS.
|
|
71
|
+
// CRITICAL: parent MUST strip response.userHandle from the assertion
|
|
72
|
+
// before posting PASSKEY_PRESENCE_VERIFY. The userHandle carries DEK
|
|
73
|
+
// material in MoonX's overloaded model and has no business reaching
|
|
74
|
+
// the server. The server also defensively never reads it.
|
|
75
|
+
PASSKEY_PRESENCE_BEGIN: "PASSKEY_PRESENCE_BEGIN",
|
|
76
|
+
PASSKEY_PRESENCE_VERIFY: "PASSKEY_PRESENCE_VERIFY",
|
|
67
77
|
GET_PASSKEY_STATUS: "GET_PASSKEY_STATUS",
|
|
68
78
|
// Parent-side passkey assertion plumbing. Parent calls GET_DEK_INFO
|
|
69
79
|
// to learn which credential IDs to put in allowCredentials and to
|
package/dist/index.d.mts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { AccessTokenClaims, AppConfigRequest, AppConfigResponse, AttachOAuthTokenRequest, AttachOAuthTokenResponse, AuthAppearance, AuthFlow, AuthFlowComponent, AuthLoginMethod, AuthProviderConfig, BaseGetBalanceParams, BaseGetBalanceResult, BaseGetTokenAccountsParams, BaseSendTransactionParams, BaseSendTransactionResult, BaseSignMessageParams, BaseSignMessageResult, BaseSignTransactionParams, BaseSignTransactionResult, BaseTokenClaims, BaseUIOptions, BaseWalletHooks, ContractUIOptions, CreateWalletResponse, DefaultFundingMethod, DeleteSessionRequest, DeleteSessionResponse, DetachOAuthTokenRequest, DeviceFingerprint, DisplayMode, EmailOtpConfig, EmailOtpFlowState, EthereumFundingConfig, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, EthereumSendTransactionParams, EthereumSendTransactionRequest, EthereumSendTransactionResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSwitchChainParams, ExportKeyConfig, Factor, FlexibleTheme, FundWalletConfig, FundingEvents, FundingMethod, FundingUIConfig, GetCurrentSessionRequest, GetCurrentSessionResponse, Hex, IdentityTokenClaims, IdpProvider, IsAuthenticatedRequest, IsAuthenticatedResponse, LoginTokenBundle, LogoutRequest, LogoutResponse, MessageTypeProperty, MessageTypes, MoonKeyThemeConfig, MoonPaySignRequest, MoonPaySignResponse, MpcKeyShares, Network, OAuthRequest, OAuthResponse, OnrampFundingSettings, PasskeyEnrollConfig, PasskeySettings, PreferredCardProvider, PrefillConfig, PublicEthereumWallet, PublicSessionData, PublicWallet, RefreshSessionRequest, RefreshSessionResponse, RetrieveWalletKeyRequest, RetrieveWalletKeyResponse, SdkSettings, SendEmailOtpRequest, SendEmailOtpResponse, SendTransactionConfig, SendTransactionRequest, SessionData, SharesDeviceRequest, SharesDeviceResponse, Sign7702AuthorizationError, Sign7702AuthorizationParams, Sign7702AuthorizationResponse, Sign7702AuthorizationResult, SignMessageConfig, SignTransactionConfig, SignTypedDataError, SignTypedDataParams, SignTypedDataResponse, SignTypedDataResult, SmsSettings, SolanaChain, SolanaFundingConfig, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, TransactionCommitment, TransactionEncoding, TransactionUIOptions, TypedMessage, UseFundWalletInterface, UsersMePublicResponse, UsersMeRequest, UsersMeResponse, VerifiedSession, VerifyEmailOtpRequest, VerifyEmailOtpResponse, VerifyEmailOtpUser, VerifyOAuthTokenRequest, VerifyOAuthTokenResponse, VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, Wallet, WalletChain, WalletChainType, WalletConnectConfig, WalletCreationError, WalletError, WalletErrorCode, WalletKeyRequest, WalletListEntry, WalletRegistrationNonceRequest, WalletRegistrationNonceResponse, WalletType, WalletVerifyRequest } from './types/index.mjs';
|
|
1
|
+
export { AccessTokenClaims, AppConfigRequest, AppConfigResponse, AttachOAuthTokenRequest, AttachOAuthTokenResponse, AuthAppearance, AuthFlow, AuthFlowComponent, AuthLoginMethod, AuthProviderConfig, BaseGetBalanceParams, BaseGetBalanceResult, BaseGetTokenAccountsParams, BaseSendTransactionParams, BaseSendTransactionResult, BaseSignMessageParams, BaseSignMessageResult, BaseSignTransactionParams, BaseSignTransactionResult, BaseTokenClaims, BaseUIOptions, BaseWalletHooks, ContractUIOptions, CreateWalletResponse, DefaultFundingMethod, DeleteSessionRequest, DeleteSessionResponse, DetachOAuthTokenRequest, DeviceFingerprint, DisplayMode, EmailOtpConfig, EmailOtpFlowState, EthereumFundingConfig, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, EthereumSendTransactionParams, EthereumSendTransactionRequest, EthereumSendTransactionResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSwitchChainParams, ExportKeyConfig, Factor, FlexibleTheme, FundWalletConfig, FundingEvents, FundingMethod, FundingUIConfig, GetCurrentSessionRequest, GetCurrentSessionResponse, Hex, IdentityTokenClaims, IdpProvider, IsAuthenticatedRequest, IsAuthenticatedResponse, LoginTokenBundle, LogoutRequest, LogoutResponse, MessageTypeProperty, MessageTypes, MoonKeyThemeConfig, MoonPaySignRequest, MoonPaySignResponse, MpcKeyShares, Network, OAuthRequest, OAuthResponse, OnrampFundingSettings, PasskeyEnrollConfig, PasskeySettings, PreferredCardProvider, PrefillConfig, PresenceTokenClaims, PublicEthereumWallet, PublicSessionData, PublicWallet, RefreshSessionRequest, RefreshSessionResponse, RetrieveWalletKeyRequest, RetrieveWalletKeyResponse, SdkSettings, SendEmailOtpRequest, SendEmailOtpResponse, SendTransactionConfig, SendTransactionRequest, SessionData, SharesDeviceRequest, SharesDeviceResponse, Sign7702AuthorizationError, Sign7702AuthorizationParams, Sign7702AuthorizationResponse, Sign7702AuthorizationResult, SignMessageConfig, SignTransactionConfig, SignTypedDataError, SignTypedDataParams, SignTypedDataResponse, SignTypedDataResult, SmsSettings, SolanaChain, SolanaFundingConfig, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, TransactionCommitment, TransactionEncoding, TransactionUIOptions, TypedMessage, UseFundWalletInterface, UsersMePublicResponse, UsersMeRequest, UsersMeResponse, VerifiedSession, VerifyEmailOtpRequest, VerifyEmailOtpResponse, VerifyEmailOtpUser, VerifyOAuthTokenRequest, VerifyOAuthTokenResponse, VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, Wallet, WalletChain, WalletChainType, WalletConnectConfig, WalletCreationError, WalletError, WalletErrorCode, WalletKeyRequest, WalletListEntry, WalletRegistrationNonceRequest, WalletRegistrationNonceResponse, WalletType, WalletVerifyRequest } from './types/index.mjs';
|
|
2
2
|
export { getIframeOrigin, getIframeUrl, getMoonKeyApiUrl } from './utils/index.mjs';
|
|
3
|
-
export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from './post-message-
|
|
3
|
+
export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from './post-message-CmgAfkOS.mjs';
|
|
4
4
|
export { B as BlockExplorer, C as Chain, a as ChainLikeWithId, E as EthereumChainConfig, N as NativeCurrency, R as RpcConfig, b as RpcUrls } from './chain-C9dvKXUY.mjs';
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { AccessTokenClaims, AppConfigRequest, AppConfigResponse, AttachOAuthTokenRequest, AttachOAuthTokenResponse, AuthAppearance, AuthFlow, AuthFlowComponent, AuthLoginMethod, AuthProviderConfig, BaseGetBalanceParams, BaseGetBalanceResult, BaseGetTokenAccountsParams, BaseSendTransactionParams, BaseSendTransactionResult, BaseSignMessageParams, BaseSignMessageResult, BaseSignTransactionParams, BaseSignTransactionResult, BaseTokenClaims, BaseUIOptions, BaseWalletHooks, ContractUIOptions, CreateWalletResponse, DefaultFundingMethod, DeleteSessionRequest, DeleteSessionResponse, DetachOAuthTokenRequest, DeviceFingerprint, DisplayMode, EmailOtpConfig, EmailOtpFlowState, EthereumFundingConfig, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, EthereumSendTransactionParams, EthereumSendTransactionRequest, EthereumSendTransactionResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSwitchChainParams, ExportKeyConfig, Factor, FlexibleTheme, FundWalletConfig, FundingEvents, FundingMethod, FundingUIConfig, GetCurrentSessionRequest, GetCurrentSessionResponse, Hex, IdentityTokenClaims, IdpProvider, IsAuthenticatedRequest, IsAuthenticatedResponse, LoginTokenBundle, LogoutRequest, LogoutResponse, MessageTypeProperty, MessageTypes, MoonKeyThemeConfig, MoonPaySignRequest, MoonPaySignResponse, MpcKeyShares, Network, OAuthRequest, OAuthResponse, OnrampFundingSettings, PasskeyEnrollConfig, PasskeySettings, PreferredCardProvider, PrefillConfig, PublicEthereumWallet, PublicSessionData, PublicWallet, RefreshSessionRequest, RefreshSessionResponse, RetrieveWalletKeyRequest, RetrieveWalletKeyResponse, SdkSettings, SendEmailOtpRequest, SendEmailOtpResponse, SendTransactionConfig, SendTransactionRequest, SessionData, SharesDeviceRequest, SharesDeviceResponse, Sign7702AuthorizationError, Sign7702AuthorizationParams, Sign7702AuthorizationResponse, Sign7702AuthorizationResult, SignMessageConfig, SignTransactionConfig, SignTypedDataError, SignTypedDataParams, SignTypedDataResponse, SignTypedDataResult, SmsSettings, SolanaChain, SolanaFundingConfig, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, TransactionCommitment, TransactionEncoding, TransactionUIOptions, TypedMessage, UseFundWalletInterface, UsersMePublicResponse, UsersMeRequest, UsersMeResponse, VerifiedSession, VerifyEmailOtpRequest, VerifyEmailOtpResponse, VerifyEmailOtpUser, VerifyOAuthTokenRequest, VerifyOAuthTokenResponse, VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, Wallet, WalletChain, WalletChainType, WalletConnectConfig, WalletCreationError, WalletError, WalletErrorCode, WalletKeyRequest, WalletListEntry, WalletRegistrationNonceRequest, WalletRegistrationNonceResponse, WalletType, WalletVerifyRequest } from './types/index.js';
|
|
1
|
+
export { AccessTokenClaims, AppConfigRequest, AppConfigResponse, AttachOAuthTokenRequest, AttachOAuthTokenResponse, AuthAppearance, AuthFlow, AuthFlowComponent, AuthLoginMethod, AuthProviderConfig, BaseGetBalanceParams, BaseGetBalanceResult, BaseGetTokenAccountsParams, BaseSendTransactionParams, BaseSendTransactionResult, BaseSignMessageParams, BaseSignMessageResult, BaseSignTransactionParams, BaseSignTransactionResult, BaseTokenClaims, BaseUIOptions, BaseWalletHooks, ContractUIOptions, CreateWalletResponse, DefaultFundingMethod, DeleteSessionRequest, DeleteSessionResponse, DetachOAuthTokenRequest, DeviceFingerprint, DisplayMode, EmailOtpConfig, EmailOtpFlowState, EthereumFundingConfig, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, EthereumSendTransactionParams, EthereumSendTransactionRequest, EthereumSendTransactionResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSwitchChainParams, ExportKeyConfig, Factor, FlexibleTheme, FundWalletConfig, FundingEvents, FundingMethod, FundingUIConfig, GetCurrentSessionRequest, GetCurrentSessionResponse, Hex, IdentityTokenClaims, IdpProvider, IsAuthenticatedRequest, IsAuthenticatedResponse, LoginTokenBundle, LogoutRequest, LogoutResponse, MessageTypeProperty, MessageTypes, MoonKeyThemeConfig, MoonPaySignRequest, MoonPaySignResponse, MpcKeyShares, Network, OAuthRequest, OAuthResponse, OnrampFundingSettings, PasskeyEnrollConfig, PasskeySettings, PreferredCardProvider, PrefillConfig, PresenceTokenClaims, PublicEthereumWallet, PublicSessionData, PublicWallet, RefreshSessionRequest, RefreshSessionResponse, RetrieveWalletKeyRequest, RetrieveWalletKeyResponse, SdkSettings, SendEmailOtpRequest, SendEmailOtpResponse, SendTransactionConfig, SendTransactionRequest, SessionData, SharesDeviceRequest, SharesDeviceResponse, Sign7702AuthorizationError, Sign7702AuthorizationParams, Sign7702AuthorizationResponse, Sign7702AuthorizationResult, SignMessageConfig, SignTransactionConfig, SignTypedDataError, SignTypedDataParams, SignTypedDataResponse, SignTypedDataResult, SmsSettings, SolanaChain, SolanaFundingConfig, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, TransactionCommitment, TransactionEncoding, TransactionUIOptions, TypedMessage, UseFundWalletInterface, UsersMePublicResponse, UsersMeRequest, UsersMeResponse, VerifiedSession, VerifyEmailOtpRequest, VerifyEmailOtpResponse, VerifyEmailOtpUser, VerifyOAuthTokenRequest, VerifyOAuthTokenResponse, VerifySiweWalletRegistrationRequest, WALLET_ERROR_CODES, Wallet, WalletChain, WalletChainType, WalletConnectConfig, WalletCreationError, WalletError, WalletErrorCode, WalletKeyRequest, WalletListEntry, WalletRegistrationNonceRequest, WalletRegistrationNonceResponse, WalletType, WalletVerifyRequest } from './types/index.js';
|
|
2
2
|
export { getIframeOrigin, getIframeUrl, getMoonKeyApiUrl } from './utils/index.js';
|
|
3
|
-
export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from './post-message-
|
|
3
|
+
export { F as FORWARDED_ERROR_FIELDS, P as PostMessageClient, a as PostMessageMethod, b as PostMessageServer, c as PostMessageType } from './post-message-CmgAfkOS.js';
|
|
4
4
|
export { B as BlockExplorer, C as Chain, a as ChainLikeWithId, E as EthereumChainConfig, N as NativeCurrency, R as RpcConfig, b as RpcUrls } from './chain-C9dvKXUY.js';
|
package/dist/index.js
CHANGED
|
@@ -190,6 +190,16 @@ var PostMessageMethod = {
|
|
|
190
190
|
// begin/verify HTTP calls (where the session JWT lives).
|
|
191
191
|
PASSKEY_REGISTER_BEGIN: "PASSKEY_REGISTER_BEGIN",
|
|
192
192
|
PASSKEY_REGISTER_VERIFY: "PASSKEY_REGISTER_VERIFY",
|
|
193
|
+
// Passkey-asserted step-up ("presence token"). Same split as register:
|
|
194
|
+
// parent owns the WebAuthn API call; iframe owns the begin/verify
|
|
195
|
+
// HTTP halves (where the session JWT lives). Mints a short-lived
|
|
196
|
+
// (`tt:"presence"`) JWT app backends can verify over JWKS.
|
|
197
|
+
// CRITICAL: parent MUST strip response.userHandle from the assertion
|
|
198
|
+
// before posting PASSKEY_PRESENCE_VERIFY. The userHandle carries DEK
|
|
199
|
+
// material in MoonX's overloaded model and has no business reaching
|
|
200
|
+
// the server. The server also defensively never reads it.
|
|
201
|
+
PASSKEY_PRESENCE_BEGIN: "PASSKEY_PRESENCE_BEGIN",
|
|
202
|
+
PASSKEY_PRESENCE_VERIFY: "PASSKEY_PRESENCE_VERIFY",
|
|
193
203
|
GET_PASSKEY_STATUS: "GET_PASSKEY_STATUS",
|
|
194
204
|
// Parent-side passkey assertion plumbing. Parent calls GET_DEK_INFO
|
|
195
205
|
// to learn which credential IDs to put in allowCredentials and to
|
package/dist/index.mjs
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { c as PostMessageType, a as PostMessageMethod } from './post-message-
|
|
1
|
+
import { c as PostMessageType, a as PostMessageMethod } from './post-message-CmgAfkOS.js';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* Transport — the bidirectional postMessage channel between the parent
|
|
@@ -27,14 +27,26 @@ interface Transport {
|
|
|
27
27
|
isReady(): boolean;
|
|
28
28
|
}
|
|
29
29
|
/**
|
|
30
|
-
* PasskeyAssertor — runs the WebAuthn ceremony in the *parent*
|
|
31
|
-
* user activation lives — cross-origin iframes/WebViews can't
|
|
32
|
-
* get their own click handler).
|
|
30
|
+
* PasskeyAssertor — runs the WebAuthn assertion ceremony in the *parent*
|
|
31
|
+
* (where user activation lives — cross-origin iframes/WebViews can't
|
|
32
|
+
* reliably get their own click handler).
|
|
33
33
|
*
|
|
34
|
-
*
|
|
35
|
-
*
|
|
36
|
-
*
|
|
37
|
-
*
|
|
34
|
+
* Two methods, two distinct flow shapes:
|
|
35
|
+
*
|
|
36
|
+
* - `assert` is the DEK-unwrap path: empty allowCredentials, harvests
|
|
37
|
+
* userHandle (= DEK wrap key in MoonX's overloaded model), consumed
|
|
38
|
+
* locally by the iframe-app. Never crosses the server boundary.
|
|
39
|
+
*
|
|
40
|
+
* - `assertForServer` is the server-roundtrip path (presence step-up,
|
|
41
|
+
* future passkey sign-in): server issues options, browser asserts,
|
|
42
|
+
* server verifies the signature. userHandle is stripped on the
|
|
43
|
+
* platform boundary (DEK hygiene) — the strip happens INSIDE the
|
|
44
|
+
* assertor impl, not in the orchestrator, so no caller can bypass
|
|
45
|
+
* it.
|
|
46
|
+
*
|
|
47
|
+
* Registration is handled separately via `@simplewebauthn/browser`'s
|
|
48
|
+
* `startRegistration` on web / `passkeyCreate` from
|
|
49
|
+
* `react-native-passkeys` on RN; this interface is assertion-only.
|
|
38
50
|
*/
|
|
39
51
|
interface PasskeyAssertor {
|
|
40
52
|
/**
|
|
@@ -58,23 +70,60 @@ interface PasskeyAssertor {
|
|
|
58
70
|
userHandleB64url: string;
|
|
59
71
|
}>;
|
|
60
72
|
/**
|
|
61
|
-
* Run a WebAuthn
|
|
62
|
-
*
|
|
63
|
-
*
|
|
73
|
+
* Run a WebAuthn assertion for a SERVER-VERIFIED flow (presence
|
|
74
|
+
* step-up, future passkey sign-in). Takes a full
|
|
75
|
+
* `PublicKeyCredentialRequestOptionsJSON` (the server-issued
|
|
76
|
+
* `optionsJSON`) and returns the standard
|
|
77
|
+
* `AuthenticationResponseJSON` with `response.userHandle`
|
|
78
|
+
* **stripped** — DEK hygiene is enforced inside the impl so the
|
|
79
|
+
* orchestrator (and any future caller) cannot forget it.
|
|
80
|
+
*
|
|
81
|
+
* The returned object goes straight onto the wire to /presence/verify
|
|
82
|
+
* (or the future /login/verify). Each platform-specific impl is
|
|
83
|
+
* responsible for: (a) running the underlying ceremony, (b)
|
|
84
|
+
* shaping the result into AuthenticationResponseJSON, and (c) the
|
|
85
|
+
* userHandle strip.
|
|
64
86
|
*/
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
87
|
+
assertForServer(opts: {
|
|
88
|
+
optionsJSON: WebAuthnRequestOptions;
|
|
89
|
+
}): Promise<WebAuthnAssertionResponse>;
|
|
90
|
+
}
|
|
91
|
+
/**
|
|
92
|
+
* Subset of `PublicKeyCredentialRequestOptionsJSON` we forward to the
|
|
93
|
+
* platform impl. Kept loose-typed so a server adding fields doesn't
|
|
94
|
+
* require an interface change here.
|
|
95
|
+
*/
|
|
96
|
+
interface WebAuthnRequestOptions {
|
|
97
|
+
challenge: string;
|
|
98
|
+
rpId?: string;
|
|
99
|
+
allowCredentials?: Array<{
|
|
100
|
+
id: string;
|
|
101
|
+
type?: string;
|
|
102
|
+
transports?: string[];
|
|
77
103
|
}>;
|
|
104
|
+
userVerification?: string;
|
|
105
|
+
timeout?: number;
|
|
106
|
+
extensions?: Record<string, unknown>;
|
|
107
|
+
}
|
|
108
|
+
/**
|
|
109
|
+
* Standard `AuthenticationResponseJSON` shape, with `userHandle`
|
|
110
|
+
* deliberately optional because the assertForServer contract is that
|
|
111
|
+
* impls strip it before returning. The field stays in the type so a
|
|
112
|
+
* server-side decoder can still parse it (= undefined) without a
|
|
113
|
+
* union mismatch.
|
|
114
|
+
*/
|
|
115
|
+
interface WebAuthnAssertionResponse {
|
|
116
|
+
id: string;
|
|
117
|
+
rawId: string;
|
|
118
|
+
type: string;
|
|
119
|
+
response: {
|
|
120
|
+
clientDataJSON: string;
|
|
121
|
+
authenticatorData: string;
|
|
122
|
+
signature: string;
|
|
123
|
+
userHandle?: undefined;
|
|
124
|
+
};
|
|
125
|
+
clientExtensionResults?: Record<string, unknown>;
|
|
126
|
+
authenticatorAttachment?: string;
|
|
78
127
|
}
|
|
79
128
|
/**
|
|
80
129
|
* KvStorage — async key/value storage for ID tokens + session metadata.
|
|
@@ -117,4 +166,4 @@ interface PlatformImpls {
|
|
|
117
166
|
oauth: OAuthOpener;
|
|
118
167
|
}
|
|
119
168
|
|
|
120
|
-
export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, PlatformImpls as a };
|
|
169
|
+
export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, WebAuthnAssertionResponse as W, PlatformImpls as a, WebAuthnRequestOptions as b };
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { c as PostMessageType, a as PostMessageMethod } from './post-message-
|
|
1
|
+
import { c as PostMessageType, a as PostMessageMethod } from './post-message-CmgAfkOS.mjs';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* Transport — the bidirectional postMessage channel between the parent
|
|
@@ -27,14 +27,26 @@ interface Transport {
|
|
|
27
27
|
isReady(): boolean;
|
|
28
28
|
}
|
|
29
29
|
/**
|
|
30
|
-
* PasskeyAssertor — runs the WebAuthn ceremony in the *parent*
|
|
31
|
-
* user activation lives — cross-origin iframes/WebViews can't
|
|
32
|
-
* get their own click handler).
|
|
30
|
+
* PasskeyAssertor — runs the WebAuthn assertion ceremony in the *parent*
|
|
31
|
+
* (where user activation lives — cross-origin iframes/WebViews can't
|
|
32
|
+
* reliably get their own click handler).
|
|
33
33
|
*
|
|
34
|
-
*
|
|
35
|
-
*
|
|
36
|
-
*
|
|
37
|
-
*
|
|
34
|
+
* Two methods, two distinct flow shapes:
|
|
35
|
+
*
|
|
36
|
+
* - `assert` is the DEK-unwrap path: empty allowCredentials, harvests
|
|
37
|
+
* userHandle (= DEK wrap key in MoonX's overloaded model), consumed
|
|
38
|
+
* locally by the iframe-app. Never crosses the server boundary.
|
|
39
|
+
*
|
|
40
|
+
* - `assertForServer` is the server-roundtrip path (presence step-up,
|
|
41
|
+
* future passkey sign-in): server issues options, browser asserts,
|
|
42
|
+
* server verifies the signature. userHandle is stripped on the
|
|
43
|
+
* platform boundary (DEK hygiene) — the strip happens INSIDE the
|
|
44
|
+
* assertor impl, not in the orchestrator, so no caller can bypass
|
|
45
|
+
* it.
|
|
46
|
+
*
|
|
47
|
+
* Registration is handled separately via `@simplewebauthn/browser`'s
|
|
48
|
+
* `startRegistration` on web / `passkeyCreate` from
|
|
49
|
+
* `react-native-passkeys` on RN; this interface is assertion-only.
|
|
38
50
|
*/
|
|
39
51
|
interface PasskeyAssertor {
|
|
40
52
|
/**
|
|
@@ -58,23 +70,60 @@ interface PasskeyAssertor {
|
|
|
58
70
|
userHandleB64url: string;
|
|
59
71
|
}>;
|
|
60
72
|
/**
|
|
61
|
-
* Run a WebAuthn
|
|
62
|
-
*
|
|
63
|
-
*
|
|
73
|
+
* Run a WebAuthn assertion for a SERVER-VERIFIED flow (presence
|
|
74
|
+
* step-up, future passkey sign-in). Takes a full
|
|
75
|
+
* `PublicKeyCredentialRequestOptionsJSON` (the server-issued
|
|
76
|
+
* `optionsJSON`) and returns the standard
|
|
77
|
+
* `AuthenticationResponseJSON` with `response.userHandle`
|
|
78
|
+
* **stripped** — DEK hygiene is enforced inside the impl so the
|
|
79
|
+
* orchestrator (and any future caller) cannot forget it.
|
|
80
|
+
*
|
|
81
|
+
* The returned object goes straight onto the wire to /presence/verify
|
|
82
|
+
* (or the future /login/verify). Each platform-specific impl is
|
|
83
|
+
* responsible for: (a) running the underlying ceremony, (b)
|
|
84
|
+
* shaping the result into AuthenticationResponseJSON, and (c) the
|
|
85
|
+
* userHandle strip.
|
|
64
86
|
*/
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
87
|
+
assertForServer(opts: {
|
|
88
|
+
optionsJSON: WebAuthnRequestOptions;
|
|
89
|
+
}): Promise<WebAuthnAssertionResponse>;
|
|
90
|
+
}
|
|
91
|
+
/**
|
|
92
|
+
* Subset of `PublicKeyCredentialRequestOptionsJSON` we forward to the
|
|
93
|
+
* platform impl. Kept loose-typed so a server adding fields doesn't
|
|
94
|
+
* require an interface change here.
|
|
95
|
+
*/
|
|
96
|
+
interface WebAuthnRequestOptions {
|
|
97
|
+
challenge: string;
|
|
98
|
+
rpId?: string;
|
|
99
|
+
allowCredentials?: Array<{
|
|
100
|
+
id: string;
|
|
101
|
+
type?: string;
|
|
102
|
+
transports?: string[];
|
|
77
103
|
}>;
|
|
104
|
+
userVerification?: string;
|
|
105
|
+
timeout?: number;
|
|
106
|
+
extensions?: Record<string, unknown>;
|
|
107
|
+
}
|
|
108
|
+
/**
|
|
109
|
+
* Standard `AuthenticationResponseJSON` shape, with `userHandle`
|
|
110
|
+
* deliberately optional because the assertForServer contract is that
|
|
111
|
+
* impls strip it before returning. The field stays in the type so a
|
|
112
|
+
* server-side decoder can still parse it (= undefined) without a
|
|
113
|
+
* union mismatch.
|
|
114
|
+
*/
|
|
115
|
+
interface WebAuthnAssertionResponse {
|
|
116
|
+
id: string;
|
|
117
|
+
rawId: string;
|
|
118
|
+
type: string;
|
|
119
|
+
response: {
|
|
120
|
+
clientDataJSON: string;
|
|
121
|
+
authenticatorData: string;
|
|
122
|
+
signature: string;
|
|
123
|
+
userHandle?: undefined;
|
|
124
|
+
};
|
|
125
|
+
clientExtensionResults?: Record<string, unknown>;
|
|
126
|
+
authenticatorAttachment?: string;
|
|
78
127
|
}
|
|
79
128
|
/**
|
|
80
129
|
* KvStorage — async key/value storage for ID tokens + session metadata.
|
|
@@ -117,4 +166,4 @@ interface PlatformImpls {
|
|
|
117
166
|
oauth: OAuthOpener;
|
|
118
167
|
}
|
|
119
168
|
|
|
120
|
-
export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, PlatformImpls as a };
|
|
169
|
+
export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, WebAuthnAssertionResponse as W, PlatformImpls as a, WebAuthnRequestOptions as b };
|
|
@@ -40,6 +40,8 @@ declare const PostMessageMethod: {
|
|
|
40
40
|
readonly DETACH_OAUTH: "DETACH_OAUTH";
|
|
41
41
|
readonly PASSKEY_REGISTER_BEGIN: "PASSKEY_REGISTER_BEGIN";
|
|
42
42
|
readonly PASSKEY_REGISTER_VERIFY: "PASSKEY_REGISTER_VERIFY";
|
|
43
|
+
readonly PASSKEY_PRESENCE_BEGIN: "PASSKEY_PRESENCE_BEGIN";
|
|
44
|
+
readonly PASSKEY_PRESENCE_VERIFY: "PASSKEY_PRESENCE_VERIFY";
|
|
43
45
|
readonly GET_PASSKEY_STATUS: "GET_PASSKEY_STATUS";
|
|
44
46
|
readonly GET_DEK_INFO: "GET_DEK_INFO";
|
|
45
47
|
readonly ADD_PASSKEY_WRAP: "ADD_PASSKEY_WRAP";
|
|
@@ -40,6 +40,8 @@ declare const PostMessageMethod: {
|
|
|
40
40
|
readonly DETACH_OAUTH: "DETACH_OAUTH";
|
|
41
41
|
readonly PASSKEY_REGISTER_BEGIN: "PASSKEY_REGISTER_BEGIN";
|
|
42
42
|
readonly PASSKEY_REGISTER_VERIFY: "PASSKEY_REGISTER_VERIFY";
|
|
43
|
+
readonly PASSKEY_PRESENCE_BEGIN: "PASSKEY_PRESENCE_BEGIN";
|
|
44
|
+
readonly PASSKEY_PRESENCE_VERIFY: "PASSKEY_PRESENCE_VERIFY";
|
|
43
45
|
readonly GET_PASSKEY_STATUS: "GET_PASSKEY_STATUS";
|
|
44
46
|
readonly GET_DEK_INFO: "GET_DEK_INFO";
|
|
45
47
|
readonly ADD_PASSKEY_WRAP: "ADD_PASSKEY_WRAP";
|
package/dist/react/index.d.mts
CHANGED
|
@@ -16,6 +16,7 @@ interface MoonKeyHookSDK {
|
|
|
16
16
|
isAuthenticated?: boolean;
|
|
17
17
|
ready?: boolean;
|
|
18
18
|
refreshUser?: () => Promise<unknown>;
|
|
19
|
+
revalidatedAt?: number;
|
|
19
20
|
signEthereumMessageHeadless: (params: unknown) => Promise<unknown>;
|
|
20
21
|
signEthereumTransactionHeadless: (params: unknown) => Promise<unknown>;
|
|
21
22
|
signEthereumTypedDataHeadless: (params: unknown) => Promise<unknown>;
|
package/dist/react/index.d.ts
CHANGED
|
@@ -16,6 +16,7 @@ interface MoonKeyHookSDK {
|
|
|
16
16
|
isAuthenticated?: boolean;
|
|
17
17
|
ready?: boolean;
|
|
18
18
|
refreshUser?: () => Promise<unknown>;
|
|
19
|
+
revalidatedAt?: number;
|
|
19
20
|
signEthereumMessageHeadless: (params: unknown) => Promise<unknown>;
|
|
20
21
|
signEthereumTransactionHeadless: (params: unknown) => Promise<unknown>;
|
|
21
22
|
signEthereumTypedDataHeadless: (params: unknown) => Promise<unknown>;
|
package/dist/react/index.js
CHANGED
|
@@ -174,6 +174,7 @@ var useWallets = (walletType) => {
|
|
|
174
174
|
const [loading, setLoading] = (0, import_react5.useState)(false);
|
|
175
175
|
const [error, setError] = (0, import_react5.useState)(null);
|
|
176
176
|
const isAuthenticated = !!sdk.isAuthenticated;
|
|
177
|
+
const revalidatedAt = sdk.revalidatedAt ?? 0;
|
|
177
178
|
const refresh = (0, import_react5.useCallback)(async () => {
|
|
178
179
|
setLoading(true);
|
|
179
180
|
setError(null);
|
|
@@ -192,7 +193,7 @@ var useWallets = (walletType) => {
|
|
|
192
193
|
return;
|
|
193
194
|
}
|
|
194
195
|
refresh();
|
|
195
|
-
}, [isAuthenticated, refresh]);
|
|
196
|
+
}, [isAuthenticated, revalidatedAt, refresh]);
|
|
196
197
|
return { wallets, loading, error, refresh, refetch: refresh };
|
|
197
198
|
};
|
|
198
199
|
|
package/dist/react/index.mjs
CHANGED
|
@@ -123,6 +123,7 @@ var useWallets = (walletType) => {
|
|
|
123
123
|
const [loading, setLoading] = useState4(false);
|
|
124
124
|
const [error, setError] = useState4(null);
|
|
125
125
|
const isAuthenticated = !!sdk.isAuthenticated;
|
|
126
|
+
const revalidatedAt = sdk.revalidatedAt ?? 0;
|
|
126
127
|
const refresh = useCallback4(async () => {
|
|
127
128
|
setLoading(true);
|
|
128
129
|
setError(null);
|
|
@@ -141,7 +142,7 @@ var useWallets = (walletType) => {
|
|
|
141
142
|
return;
|
|
142
143
|
}
|
|
143
144
|
refresh();
|
|
144
|
-
}, [isAuthenticated, refresh]);
|
|
145
|
+
}, [isAuthenticated, revalidatedAt, refresh]);
|
|
145
146
|
return { wallets, loading, error, refresh, refetch: refresh };
|
|
146
147
|
};
|
|
147
148
|
|
package/dist/sdk/index.d.mts
CHANGED
|
@@ -1,18 +1,30 @@
|
|
|
1
|
-
import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-
|
|
2
|
-
export { O as OAuthOpener, a as PlatformImpls } from '../interfaces-
|
|
1
|
+
import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-CYtJHALV.mjs';
|
|
2
|
+
export { O as OAuthOpener, a as PlatformImpls, W as WebAuthnAssertionResponse, b as WebAuthnRequestOptions } from '../interfaces-CYtJHALV.mjs';
|
|
3
3
|
import { C as CachedAssertion } from '../passkey-cache-B9PT3AWX.mjs';
|
|
4
|
-
import { EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSendTransactionParams, EthereumSendTransactionResult, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, PublicWallet } from '../types/index.mjs';
|
|
5
|
-
import '../post-message-
|
|
4
|
+
import { EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSendTransactionParams, EthereumSendTransactionResult, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SendEmailOtpResponse, PublicWallet } from '../types/index.mjs';
|
|
5
|
+
import '../post-message-CmgAfkOS.mjs';
|
|
6
6
|
import '../chain-C9dvKXUY.mjs';
|
|
7
7
|
|
|
8
8
|
type AssertPasskeyInParentResult = CachedAssertion;
|
|
9
|
-
declare const assertPasskeyInParent: ({ transport, passkey, publishableKey, requireFreshAssertion, }: {
|
|
9
|
+
declare const assertPasskeyInParent: ({ transport, passkey, publishableKey, requireFreshAssertion, validateCredentialInAllowList, }: {
|
|
10
10
|
transport: Transport;
|
|
11
11
|
passkey: PasskeyAssertor;
|
|
12
12
|
publishableKey: string;
|
|
13
13
|
requireFreshAssertion?: boolean;
|
|
14
|
+
validateCredentialInAllowList?: boolean;
|
|
14
15
|
}) => Promise<AssertPasskeyInParentResult>;
|
|
15
16
|
|
|
17
|
+
interface GetPresenceTokenResult {
|
|
18
|
+
presenceToken: string;
|
|
19
|
+
expiresAt: number;
|
|
20
|
+
}
|
|
21
|
+
declare const getPresenceToken: ({ transport, passkey, publishableKey, relyingPartyOrigin, }: {
|
|
22
|
+
transport: Transport;
|
|
23
|
+
passkey: PasskeyAssertor;
|
|
24
|
+
publishableKey: string;
|
|
25
|
+
relyingPartyOrigin: string;
|
|
26
|
+
}) => Promise<GetPresenceTokenResult>;
|
|
27
|
+
|
|
16
28
|
declare const getHeadlessEthereumMethods: ({ transport, passkey, publishableKey, }: {
|
|
17
29
|
transport: Transport;
|
|
18
30
|
passkey: PasskeyAssertor;
|
|
@@ -59,17 +71,19 @@ interface VerifyOAuthParams {
|
|
|
59
71
|
token?: string;
|
|
60
72
|
state?: string;
|
|
61
73
|
}
|
|
62
|
-
declare const getHeadlessAuthenticationMethods: ({ transport, publishableKey,
|
|
74
|
+
declare const getHeadlessAuthenticationMethods: ({ transport, publishableKey, setIsAuthenticated, setUser, }: {
|
|
63
75
|
transport: Transport;
|
|
64
76
|
publishableKey: string;
|
|
65
|
-
emailConfig?: {
|
|
66
|
-
expiresIn?: number;
|
|
67
|
-
};
|
|
68
77
|
setIsAuthenticated?: (isAuth: boolean) => void;
|
|
69
78
|
setUser?: (user: unknown | null) => void;
|
|
70
79
|
}) => {
|
|
71
|
-
/**
|
|
72
|
-
|
|
80
|
+
/**
|
|
81
|
+
* Send a one-time passcode to the user's email address. Returns the
|
|
82
|
+
* server's response — most importantly `expires_at` (unix seconds),
|
|
83
|
+
* which the UI uses to render a countdown that cannot drift from the
|
|
84
|
+
* authoritative server-side TTL.
|
|
85
|
+
*/
|
|
86
|
+
sendCode: (params: SendCodeParams) => Promise<SendEmailOtpResponse>;
|
|
73
87
|
/**
|
|
74
88
|
* Verify the OTP and complete the login. The iframe-app handles
|
|
75
89
|
* session persistence; on success the SDK flips isAuthenticated and
|
|
@@ -123,4 +137,4 @@ declare const getHeadlessGeneralMethods: ({ transport, passkey, storage, publish
|
|
|
123
137
|
getUser: () => Promise<unknown>;
|
|
124
138
|
};
|
|
125
139
|
|
|
126
|
-
export { type AssertPasskeyInParentResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods };
|
|
140
|
+
export { type AssertPasskeyInParentResult, type GetPresenceTokenResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods, getPresenceToken };
|
package/dist/sdk/index.d.ts
CHANGED
|
@@ -1,18 +1,30 @@
|
|
|
1
|
-
import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-
|
|
2
|
-
export { O as OAuthOpener, a as PlatformImpls } from '../interfaces-
|
|
1
|
+
import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-Bm7fGOAI.js';
|
|
2
|
+
export { O as OAuthOpener, a as PlatformImpls, W as WebAuthnAssertionResponse, b as WebAuthnRequestOptions } from '../interfaces-Bm7fGOAI.js';
|
|
3
3
|
import { C as CachedAssertion } from '../passkey-cache-B9PT3AWX.js';
|
|
4
|
-
import { EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSendTransactionParams, EthereumSendTransactionResult, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, PublicWallet } from '../types/index.js';
|
|
5
|
-
import '../post-message-
|
|
4
|
+
import { EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSendTransactionParams, EthereumSendTransactionResult, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SendEmailOtpResponse, PublicWallet } from '../types/index.js';
|
|
5
|
+
import '../post-message-CmgAfkOS.js';
|
|
6
6
|
import '../chain-C9dvKXUY.js';
|
|
7
7
|
|
|
8
8
|
type AssertPasskeyInParentResult = CachedAssertion;
|
|
9
|
-
declare const assertPasskeyInParent: ({ transport, passkey, publishableKey, requireFreshAssertion, }: {
|
|
9
|
+
declare const assertPasskeyInParent: ({ transport, passkey, publishableKey, requireFreshAssertion, validateCredentialInAllowList, }: {
|
|
10
10
|
transport: Transport;
|
|
11
11
|
passkey: PasskeyAssertor;
|
|
12
12
|
publishableKey: string;
|
|
13
13
|
requireFreshAssertion?: boolean;
|
|
14
|
+
validateCredentialInAllowList?: boolean;
|
|
14
15
|
}) => Promise<AssertPasskeyInParentResult>;
|
|
15
16
|
|
|
17
|
+
interface GetPresenceTokenResult {
|
|
18
|
+
presenceToken: string;
|
|
19
|
+
expiresAt: number;
|
|
20
|
+
}
|
|
21
|
+
declare const getPresenceToken: ({ transport, passkey, publishableKey, relyingPartyOrigin, }: {
|
|
22
|
+
transport: Transport;
|
|
23
|
+
passkey: PasskeyAssertor;
|
|
24
|
+
publishableKey: string;
|
|
25
|
+
relyingPartyOrigin: string;
|
|
26
|
+
}) => Promise<GetPresenceTokenResult>;
|
|
27
|
+
|
|
16
28
|
declare const getHeadlessEthereumMethods: ({ transport, passkey, publishableKey, }: {
|
|
17
29
|
transport: Transport;
|
|
18
30
|
passkey: PasskeyAssertor;
|
|
@@ -59,17 +71,19 @@ interface VerifyOAuthParams {
|
|
|
59
71
|
token?: string;
|
|
60
72
|
state?: string;
|
|
61
73
|
}
|
|
62
|
-
declare const getHeadlessAuthenticationMethods: ({ transport, publishableKey,
|
|
74
|
+
declare const getHeadlessAuthenticationMethods: ({ transport, publishableKey, setIsAuthenticated, setUser, }: {
|
|
63
75
|
transport: Transport;
|
|
64
76
|
publishableKey: string;
|
|
65
|
-
emailConfig?: {
|
|
66
|
-
expiresIn?: number;
|
|
67
|
-
};
|
|
68
77
|
setIsAuthenticated?: (isAuth: boolean) => void;
|
|
69
78
|
setUser?: (user: unknown | null) => void;
|
|
70
79
|
}) => {
|
|
71
|
-
/**
|
|
72
|
-
|
|
80
|
+
/**
|
|
81
|
+
* Send a one-time passcode to the user's email address. Returns the
|
|
82
|
+
* server's response — most importantly `expires_at` (unix seconds),
|
|
83
|
+
* which the UI uses to render a countdown that cannot drift from the
|
|
84
|
+
* authoritative server-side TTL.
|
|
85
|
+
*/
|
|
86
|
+
sendCode: (params: SendCodeParams) => Promise<SendEmailOtpResponse>;
|
|
73
87
|
/**
|
|
74
88
|
* Verify the OTP and complete the login. The iframe-app handles
|
|
75
89
|
* session persistence; on success the SDK flips isAuthenticated and
|
|
@@ -123,4 +137,4 @@ declare const getHeadlessGeneralMethods: ({ transport, passkey, storage, publish
|
|
|
123
137
|
getUser: () => Promise<unknown>;
|
|
124
138
|
};
|
|
125
139
|
|
|
126
|
-
export { type AssertPasskeyInParentResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods };
|
|
140
|
+
export { type AssertPasskeyInParentResult, type GetPresenceTokenResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods, getPresenceToken };
|