@moon-x/core 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/README.md +2 -2
  2. package/dist/{chunk-CDT4MC7S.mjs → chunk-6LTEG7VN.mjs} +0 -39
  3. package/dist/{chunk-SOKLPX7V.mjs → chunk-VVL65GIB.mjs} +10 -0
  4. package/dist/index.d.mts +2 -2
  5. package/dist/index.d.ts +2 -2
  6. package/dist/index.js +10 -0
  7. package/dist/index.mjs +1 -1
  8. package/dist/interfaces-cdKh3sLA.d.mts +192 -0
  9. package/dist/interfaces-pNTEOKaK.d.ts +192 -0
  10. package/dist/lib/index.d.mts +1 -1
  11. package/dist/lib/index.d.ts +1 -1
  12. package/dist/lib/index.js +2 -47
  13. package/dist/lib/index.mjs +3 -15
  14. package/dist/passkey-cache-WnDFQ-v4.d.mts +26 -0
  15. package/dist/passkey-cache-WnDFQ-v4.d.ts +26 -0
  16. package/dist/{post-message-C_99BCBh.d.mts → post-message-CmgAfkOS.d.mts} +2 -0
  17. package/dist/{post-message-C_99BCBh.d.ts → post-message-CmgAfkOS.d.ts} +2 -0
  18. package/dist/react/index.d.mts +1 -0
  19. package/dist/react/index.d.ts +1 -0
  20. package/dist/react/index.js +2 -1
  21. package/dist/react/index.mjs +3 -2
  22. package/dist/sdk/index.d.mts +52 -21
  23. package/dist/sdk/index.d.ts +52 -21
  24. package/dist/sdk/index.js +252 -102
  25. package/dist/sdk/index.mjs +241 -80
  26. package/dist/types/index.d.mts +19 -12
  27. package/dist/types/index.d.ts +19 -12
  28. package/dist/utils/index.d.mts +1 -1
  29. package/dist/utils/index.d.ts +1 -1
  30. package/dist/utils/index.js +10 -0
  31. package/dist/utils/index.mjs +1 -1
  32. package/dist/web/index.d.mts +2 -2
  33. package/dist/web/index.d.ts +2 -2
  34. package/dist/web/index.js +50 -114
  35. package/dist/web/index.mjs +51 -58
  36. package/package.json +6 -2
  37. package/dist/interfaces-9k0eKCc4.d.ts +0 -120
  38. package/dist/interfaces-fNhwnCeY.d.mts +0 -120
  39. package/dist/passkey-cache-B9PT3AWX.d.mts +0 -47
  40. package/dist/passkey-cache-B9PT3AWX.d.ts +0 -47
package/package.json CHANGED
@@ -1,6 +1,7 @@
1
1
  {
2
2
  "name": "@moon-x/core",
3
- "version": "0.2.0",
3
+ "version": "0.4.0",
4
+ "license": "UNLICENSED",
4
5
  "main": "dist/index.js",
5
6
  "types": "dist/index.d.ts",
6
7
  "exports": {
@@ -56,12 +57,15 @@
56
57
  "publishConfig": {
57
58
  "access": "public"
58
59
  },
60
+ "dependencies": {
61
+ "@simplewebauthn/browser": "^13.2.2"
62
+ },
59
63
  "devDependencies": {
60
64
  "@testing-library/react": "16.3.2",
61
65
  "@types/react": "19.2.14",
62
66
  "@types/react-dom": "19.2.3",
63
67
  "@vitest/ui": "1.6.1",
64
- "happy-dom": "13.10.1",
68
+ "happy-dom": "20.8.9",
65
69
  "react": "18.3.1",
66
70
  "react-dom": "18.3.1",
67
71
  "tsup": "8.5.1",
@@ -1,120 +0,0 @@
1
- import { c as PostMessageType, a as PostMessageMethod } from './post-message-C_99BCBh.js';
2
-
3
- /**
4
- * Transport — the bidirectional postMessage channel between the parent
5
- * (web SDK or RN SDK) and the iframe-app. Web wraps
6
- * `createPostMessageClient(iframeRef.current.contentWindow, ...)`; RN
7
- * wraps a `WebViewBridge` over react-native-webview.
8
- *
9
- * `send` resolves with the iframe handler's raw return value and rejects
10
- * with the handler's thrown error (canonical envelope, no
11
- * {success, data} unwrap at the call site).
12
- */
13
- interface Transport {
14
- send<P, R>(type: PostMessageType, method: PostMessageMethod, payload: P): Promise<R>;
15
- /**
16
- * Register a handler for inbound messages from the iframe-app. Only
17
- * needed by the parent-side `*WithUI` flow path, where the modal
18
- * postMessages a result back that the SDK's pending Promise needs to
19
- * resolve. Returns an unregister fn.
20
- */
21
- register?<P, R>(type: PostMessageType, method: PostMessageMethod, handler: (payload: P) => Promise<R> | R): () => void;
22
- /**
23
- * Whether the underlying iframe / WebView is loaded and ready to
24
- * receive messages. SDK methods short-circuit with "SDK not ready"
25
- * before calling `send` if this returns false.
26
- */
27
- isReady(): boolean;
28
- }
29
- /**
30
- * PasskeyAssertor — runs the WebAuthn ceremony in the *parent* (where
31
- * user activation lives — cross-origin iframes/WebViews can't reliably
32
- * get their own click handler).
33
- *
34
- * Both `assert` and `create` use empty `allowCredentials` on the
35
- * underlying API to force the discoverable-login codepath where
36
- * userHandle is REQUIRED. The userHandle bytes are the wrap key the
37
- * iframe-app uses to unwrap the DEK before signing.
38
- */
39
- interface PasskeyAssertor {
40
- /**
41
- * Run a WebAuthn assertion (`navigator.credentials.get` on web,
42
- * `passkeyGet` from react-native-passkeys on RN). Returns the
43
- * platform-decoded base64url forms of the credential id and userHandle.
44
- */
45
- assert(opts: {
46
- rpId: string;
47
- challenge: string;
48
- /**
49
- * The wire `allow_credential_ids_b64url` list from GET_DEK_INFO,
50
- * passed through for platforms that want to use it. Note both
51
- * platforms today pass an empty array to the underlying API; this
52
- * field is informational only (e.g. for telemetry or for a future
53
- * platform that prefers non-discoverable login).
54
- */
55
- allowCredentials: string[];
56
- }): Promise<{
57
- rawIdB64url: string;
58
- userHandleB64url: string;
59
- }>;
60
- /**
61
- * Run a WebAuthn registration (`navigator.credentials.create` on web,
62
- * `passkeyCreate` from react-native-passkeys on RN). Used by passkey
63
- * register flows.
64
- */
65
- create(opts: {
66
- rpId: string;
67
- rpName: string;
68
- userId: Uint8Array;
69
- userName: string;
70
- userDisplayName: string;
71
- challenge: string;
72
- excludeCredentials?: string[];
73
- }): Promise<{
74
- rawIdB64url: string;
75
- clientDataJSONB64url: string;
76
- attestationObjectB64url: string;
77
- }>;
78
- }
79
- /**
80
- * KvStorage — async key/value storage for ID tokens + session metadata.
81
- * Web wraps `localStorage` (sync, lifted to a resolved Promise); RN
82
- * wraps `@react-native-async-storage/async-storage` (natively async).
83
- *
84
- * Always async at the interface to unify both platforms.
85
- */
86
- interface KvStorage {
87
- get(key: string): Promise<string | null>;
88
- set(key: string, value: string): Promise<void>;
89
- remove(key: string): Promise<void>;
90
- }
91
- /**
92
- * OAuthOpener — start an OAuth authorize request and wait for the
93
- * provider redirect to return with `code` + `state`. Web uses a
94
- * full-page redirect or popup (completion picked up by
95
- * `useOAuthCompletion` listening for postMessages); RN uses
96
- * `expo-web-browser.openAuthSessionAsync` (single Promise resolves on
97
- * deep-link callback).
98
- */
99
- interface OAuthOpener {
100
- open(opts: {
101
- authorizeUrl: string;
102
- redirectUrl: string;
103
- }): Promise<{
104
- code: string;
105
- state: string;
106
- }>;
107
- }
108
- /**
109
- * The bundle of platform impls that the SDK factories accept. Provider
110
- * components on each platform construct one of these once and pass it
111
- * through to the factories.
112
- */
113
- interface PlatformImpls {
114
- transport: Transport;
115
- passkey: PasskeyAssertor;
116
- storage: KvStorage;
117
- oauth: OAuthOpener;
118
- }
119
-
120
- export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, PlatformImpls as a };
@@ -1,120 +0,0 @@
1
- import { c as PostMessageType, a as PostMessageMethod } from './post-message-C_99BCBh.mjs';
2
-
3
- /**
4
- * Transport — the bidirectional postMessage channel between the parent
5
- * (web SDK or RN SDK) and the iframe-app. Web wraps
6
- * `createPostMessageClient(iframeRef.current.contentWindow, ...)`; RN
7
- * wraps a `WebViewBridge` over react-native-webview.
8
- *
9
- * `send` resolves with the iframe handler's raw return value and rejects
10
- * with the handler's thrown error (canonical envelope, no
11
- * {success, data} unwrap at the call site).
12
- */
13
- interface Transport {
14
- send<P, R>(type: PostMessageType, method: PostMessageMethod, payload: P): Promise<R>;
15
- /**
16
- * Register a handler for inbound messages from the iframe-app. Only
17
- * needed by the parent-side `*WithUI` flow path, where the modal
18
- * postMessages a result back that the SDK's pending Promise needs to
19
- * resolve. Returns an unregister fn.
20
- */
21
- register?<P, R>(type: PostMessageType, method: PostMessageMethod, handler: (payload: P) => Promise<R> | R): () => void;
22
- /**
23
- * Whether the underlying iframe / WebView is loaded and ready to
24
- * receive messages. SDK methods short-circuit with "SDK not ready"
25
- * before calling `send` if this returns false.
26
- */
27
- isReady(): boolean;
28
- }
29
- /**
30
- * PasskeyAssertor — runs the WebAuthn ceremony in the *parent* (where
31
- * user activation lives — cross-origin iframes/WebViews can't reliably
32
- * get their own click handler).
33
- *
34
- * Both `assert` and `create` use empty `allowCredentials` on the
35
- * underlying API to force the discoverable-login codepath where
36
- * userHandle is REQUIRED. The userHandle bytes are the wrap key the
37
- * iframe-app uses to unwrap the DEK before signing.
38
- */
39
- interface PasskeyAssertor {
40
- /**
41
- * Run a WebAuthn assertion (`navigator.credentials.get` on web,
42
- * `passkeyGet` from react-native-passkeys on RN). Returns the
43
- * platform-decoded base64url forms of the credential id and userHandle.
44
- */
45
- assert(opts: {
46
- rpId: string;
47
- challenge: string;
48
- /**
49
- * The wire `allow_credential_ids_b64url` list from GET_DEK_INFO,
50
- * passed through for platforms that want to use it. Note both
51
- * platforms today pass an empty array to the underlying API; this
52
- * field is informational only (e.g. for telemetry or for a future
53
- * platform that prefers non-discoverable login).
54
- */
55
- allowCredentials: string[];
56
- }): Promise<{
57
- rawIdB64url: string;
58
- userHandleB64url: string;
59
- }>;
60
- /**
61
- * Run a WebAuthn registration (`navigator.credentials.create` on web,
62
- * `passkeyCreate` from react-native-passkeys on RN). Used by passkey
63
- * register flows.
64
- */
65
- create(opts: {
66
- rpId: string;
67
- rpName: string;
68
- userId: Uint8Array;
69
- userName: string;
70
- userDisplayName: string;
71
- challenge: string;
72
- excludeCredentials?: string[];
73
- }): Promise<{
74
- rawIdB64url: string;
75
- clientDataJSONB64url: string;
76
- attestationObjectB64url: string;
77
- }>;
78
- }
79
- /**
80
- * KvStorage — async key/value storage for ID tokens + session metadata.
81
- * Web wraps `localStorage` (sync, lifted to a resolved Promise); RN
82
- * wraps `@react-native-async-storage/async-storage` (natively async).
83
- *
84
- * Always async at the interface to unify both platforms.
85
- */
86
- interface KvStorage {
87
- get(key: string): Promise<string | null>;
88
- set(key: string, value: string): Promise<void>;
89
- remove(key: string): Promise<void>;
90
- }
91
- /**
92
- * OAuthOpener — start an OAuth authorize request and wait for the
93
- * provider redirect to return with `code` + `state`. Web uses a
94
- * full-page redirect or popup (completion picked up by
95
- * `useOAuthCompletion` listening for postMessages); RN uses
96
- * `expo-web-browser.openAuthSessionAsync` (single Promise resolves on
97
- * deep-link callback).
98
- */
99
- interface OAuthOpener {
100
- open(opts: {
101
- authorizeUrl: string;
102
- redirectUrl: string;
103
- }): Promise<{
104
- code: string;
105
- state: string;
106
- }>;
107
- }
108
- /**
109
- * The bundle of platform impls that the SDK factories accept. Provider
110
- * components on each platform construct one of these once and pass it
111
- * through to the factories.
112
- */
113
- interface PlatformImpls {
114
- transport: Transport;
115
- passkey: PasskeyAssertor;
116
- storage: KvStorage;
117
- oauth: OAuthOpener;
118
- }
119
-
120
- export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, PlatformImpls as a };
@@ -1,47 +0,0 @@
1
- interface CachedAssertion {
2
- userHandleB64url: string;
3
- credentialIdB64url: string;
4
- }
5
- declare const setAssertCacheTtlMs: (ms: number) => void;
6
- declare const getAssertCacheTtlMs: () => number;
7
- declare const clearParentAssertCache: () => void;
8
- declare const readParentAssertCache: () => CachedAssertion | null;
9
- declare const writeParentAssertCache: (entry: CachedAssertion) => void;
10
- /**
11
- * Run `fn` inside a try/catch that clears the parent-side assertion
12
- * cache on failure. Used by every wallet-interaction SDK method
13
- * (sign / send / etc.) so that if the operation fails for any reason
14
- * — backend rejection, network error, MPC ceremony failure — the
15
- * next user attempt re-prompts biometric instead of silently reusing
16
- * a possibly-bad cached assertion.
17
- *
18
- * The cache is set inside the platform-specific `assertPasskeyInParent`
19
- * only on a successful ceremony, so cancellations / activation
20
- * failures don't pollute it. This wrapper specifically handles the
21
- * "assertion succeeded but downstream work failed" case where the
22
- * cache is set but the user is stuck — without the clear, the user
23
- * would have to refresh to escape.
24
- */
25
- declare const withClearOnFailure: <T>(fn: () => Promise<T>) => Promise<T>;
26
- /**
27
- * Generate fresh user.id bytes for a new WebAuthn credential. The
28
- * caller overrides `options.user.id` with these bytes before
29
- * navigator.credentials.create so the authenticator persists them as
30
- * the credential's user.id; on every subsequent assertion they come
31
- * back as response.userHandle and serve as the AES-GCM key for that
32
- * credential's DEK wrap.
33
- *
34
- * Returns the bytes both as base64url (what the WebAuthn options
35
- * accept and what we ship over postMessage) and as raw bytes (for
36
- * any caller that prefers direct binary).
37
- *
38
- * Requires a working `crypto.getRandomValues`. On RN this is provided
39
- * by the `react-native-get-random-values` polyfill that the SDK's
40
- * docs ask consumers to import at app entry.
41
- */
42
- declare const generatePasskeyUserId: () => {
43
- userIdB64url: string;
44
- userIdBytes: Uint8Array;
45
- };
46
-
47
- export { type CachedAssertion as C, getAssertCacheTtlMs as a, writeParentAssertCache as b, clearParentAssertCache as c, generatePasskeyUserId as g, readParentAssertCache as r, setAssertCacheTtlMs as s, withClearOnFailure as w };
@@ -1,47 +0,0 @@
1
- interface CachedAssertion {
2
- userHandleB64url: string;
3
- credentialIdB64url: string;
4
- }
5
- declare const setAssertCacheTtlMs: (ms: number) => void;
6
- declare const getAssertCacheTtlMs: () => number;
7
- declare const clearParentAssertCache: () => void;
8
- declare const readParentAssertCache: () => CachedAssertion | null;
9
- declare const writeParentAssertCache: (entry: CachedAssertion) => void;
10
- /**
11
- * Run `fn` inside a try/catch that clears the parent-side assertion
12
- * cache on failure. Used by every wallet-interaction SDK method
13
- * (sign / send / etc.) so that if the operation fails for any reason
14
- * — backend rejection, network error, MPC ceremony failure — the
15
- * next user attempt re-prompts biometric instead of silently reusing
16
- * a possibly-bad cached assertion.
17
- *
18
- * The cache is set inside the platform-specific `assertPasskeyInParent`
19
- * only on a successful ceremony, so cancellations / activation
20
- * failures don't pollute it. This wrapper specifically handles the
21
- * "assertion succeeded but downstream work failed" case where the
22
- * cache is set but the user is stuck — without the clear, the user
23
- * would have to refresh to escape.
24
- */
25
- declare const withClearOnFailure: <T>(fn: () => Promise<T>) => Promise<T>;
26
- /**
27
- * Generate fresh user.id bytes for a new WebAuthn credential. The
28
- * caller overrides `options.user.id` with these bytes before
29
- * navigator.credentials.create so the authenticator persists them as
30
- * the credential's user.id; on every subsequent assertion they come
31
- * back as response.userHandle and serve as the AES-GCM key for that
32
- * credential's DEK wrap.
33
- *
34
- * Returns the bytes both as base64url (what the WebAuthn options
35
- * accept and what we ship over postMessage) and as raw bytes (for
36
- * any caller that prefers direct binary).
37
- *
38
- * Requires a working `crypto.getRandomValues`. On RN this is provided
39
- * by the `react-native-get-random-values` polyfill that the SDK's
40
- * docs ask consumers to import at app entry.
41
- */
42
- declare const generatePasskeyUserId: () => {
43
- userIdB64url: string;
44
- userIdBytes: Uint8Array;
45
- };
46
-
47
- export { type CachedAssertion as C, getAssertCacheTtlMs as a, writeParentAssertCache as b, clearParentAssertCache as c, generatePasskeyUserId as g, readParentAssertCache as r, setAssertCacheTtlMs as s, withClearOnFailure as w };