@moon-x/core 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -148,6 +148,21 @@ interface WebAuthnAssertionResponse {
148
148
  clientExtensionResults?: Record<string, unknown>;
149
149
  authenticatorAttachment?: string;
150
150
  }
151
+ /**
152
+ * RelyingPartyOriginInput — the WebAuthn relying-party origin the
153
+ * presence/register orchestrators thread to `/presence/begin` so the
154
+ * server can rebuild the per-app RP config.
155
+ *
156
+ * Web passes a plain string (`window.location.origin`) — the browser
157
+ * always has an ambient origin. RN has none, so it passes a thunk that
158
+ * derives `https://<rp_id>` from the iframe's `GET_DEK_INFO` (and
159
+ * memoizes the round-trip). Resolved lazily at call time via
160
+ * `resolveRelyingPartyOrigin` — i.e. always after auth, when
161
+ * `GET_DEK_INFO` is answerable.
162
+ */
163
+ type RelyingPartyOriginInput = string | (() => string | Promise<string>);
164
+ /** Resolve a {@link RelyingPartyOriginInput} to its string value. */
165
+ declare const resolveRelyingPartyOrigin: (input: RelyingPartyOriginInput) => Promise<string>;
151
166
  /**
152
167
  * KvStorage — async key/value storage for ID tokens + session metadata.
153
168
  * Web wraps `localStorage` (sync, lifted to a resolved Promise); RN
@@ -189,4 +204,4 @@ interface PlatformImpls {
189
204
  oauth: OAuthOpener;
190
205
  }
191
206
 
192
- export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, WebAuthnAssertionResponse as W, PlatformImpls as a, WebAuthnRequestOptions as b };
207
+ export { type KvStorage as K, type OAuthOpener as O, type PasskeyAssertor as P, type RelyingPartyOriginInput as R, type Transport as T, type WebAuthnAssertionResponse as W, type PlatformImpls as a, type WebAuthnRequestOptions as b, resolveRelyingPartyOrigin as r };
@@ -148,6 +148,21 @@ interface WebAuthnAssertionResponse {
148
148
  clientExtensionResults?: Record<string, unknown>;
149
149
  authenticatorAttachment?: string;
150
150
  }
151
+ /**
152
+ * RelyingPartyOriginInput — the WebAuthn relying-party origin the
153
+ * presence/register orchestrators thread to `/presence/begin` so the
154
+ * server can rebuild the per-app RP config.
155
+ *
156
+ * Web passes a plain string (`window.location.origin`) — the browser
157
+ * always has an ambient origin. RN has none, so it passes a thunk that
158
+ * derives `https://<rp_id>` from the iframe's `GET_DEK_INFO` (and
159
+ * memoizes the round-trip). Resolved lazily at call time via
160
+ * `resolveRelyingPartyOrigin` — i.e. always after auth, when
161
+ * `GET_DEK_INFO` is answerable.
162
+ */
163
+ type RelyingPartyOriginInput = string | (() => string | Promise<string>);
164
+ /** Resolve a {@link RelyingPartyOriginInput} to its string value. */
165
+ declare const resolveRelyingPartyOrigin: (input: RelyingPartyOriginInput) => Promise<string>;
151
166
  /**
152
167
  * KvStorage — async key/value storage for ID tokens + session metadata.
153
168
  * Web wraps `localStorage` (sync, lifted to a resolved Promise); RN
@@ -189,4 +204,4 @@ interface PlatformImpls {
189
204
  oauth: OAuthOpener;
190
205
  }
191
206
 
192
- export type { KvStorage as K, OAuthOpener as O, PasskeyAssertor as P, Transport as T, WebAuthnAssertionResponse as W, PlatformImpls as a, WebAuthnRequestOptions as b };
207
+ export { type KvStorage as K, type OAuthOpener as O, type PasskeyAssertor as P, type RelyingPartyOriginInput as R, type Transport as T, type WebAuthnAssertionResponse as W, type PlatformImpls as a, type WebAuthnRequestOptions as b, resolveRelyingPartyOrigin as r };
@@ -1,5 +1,5 @@
1
- import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-BdIeMGGD.mjs';
2
- export { O as OAuthOpener, a as PlatformImpls, W as WebAuthnAssertionResponse, b as WebAuthnRequestOptions } from '../interfaces-BdIeMGGD.mjs';
1
+ import { T as Transport, P as PasskeyAssertor, R as RelyingPartyOriginInput, K as KvStorage } from '../interfaces-BWxOajnD.mjs';
2
+ export { O as OAuthOpener, a as PlatformImpls, W as WebAuthnAssertionResponse, b as WebAuthnRequestOptions, r as resolveRelyingPartyOrigin } from '../interfaces-BWxOajnD.mjs';
3
3
  import { C as CachedAssertion } from '../passkey-cache-WnDFQ-v4.mjs';
4
4
  import { EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSendTransactionParams, EthereumSendTransactionResult, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SendEmailOtpResponse, PublicWallet, ProvisionEphemeralSignerParams, ProvisionEphemeralSignerResult, ListEphemeralSignersResult, RevokeEphemeralSignerParams } from '../types/index.mjs';
5
5
  import '../post-message-Z6cLf0mS.mjs';
@@ -20,7 +20,7 @@ declare const getPresenceToken: ({ transport, passkey, publishableKey, relyingPa
20
20
  transport: Transport;
21
21
  passkey: PasskeyAssertor;
22
22
  publishableKey: string;
23
- relyingPartyOrigin: string;
23
+ relyingPartyOrigin: RelyingPartyOriginInput;
24
24
  }) => Promise<GetPresenceTokenResult>;
25
25
 
26
26
  interface ScopedPresenceToken {
@@ -37,7 +37,7 @@ declare const getInternalPresenceTokens: ({ transport, passkey, publishableKey,
37
37
  transport: Transport;
38
38
  passkey: PasskeyAssertor;
39
39
  publishableKey: string;
40
- relyingPartyOrigin: string;
40
+ relyingPartyOrigin: RelyingPartyOriginInput;
41
41
  scopes?: string[];
42
42
  scopeCounts?: Record<string, number>;
43
43
  }) => Promise<GetInternalPresenceTokensResult>;
@@ -47,7 +47,7 @@ declare const getHeadlessEthereumMethods: ({ transport, passkey, publishableKey,
47
47
  transport: Transport;
48
48
  passkey: PasskeyAssertor;
49
49
  publishableKey: string;
50
- relyingPartyOrigin: string;
50
+ relyingPartyOrigin: RelyingPartyOriginInput;
51
51
  }) => {
52
52
  signEthereumMessageHeadless: (params: EthereumSignMessageParams) => Promise<EthereumSignMessageResult>;
53
53
  signEthereumTransactionHeadless: (params: EthereumSignTransactionParams) => Promise<EthereumSignTransactionResult>;
@@ -69,7 +69,7 @@ declare const getHeadlessSolanaMethods: ({ transport, passkey, publishableKey, r
69
69
  transport: Transport;
70
70
  passkey: PasskeyAssertor;
71
71
  publishableKey: string;
72
- relyingPartyOrigin: string;
72
+ relyingPartyOrigin: RelyingPartyOriginInput;
73
73
  }) => {
74
74
  signSolanaMessageHeadless: (params: SolanaSignMessageParams) => Promise<SolanaSignMessageResult>;
75
75
  signSolanaTransactionHeadless: (params: SolanaSignTransactionParams) => Promise<SolanaSignTransactionResult>;
@@ -123,7 +123,7 @@ declare const getHeadlessGeneralMethods: ({ transport, passkey, storage, publish
123
123
  passkey: PasskeyAssertor;
124
124
  storage: KvStorage;
125
125
  publishableKey: string;
126
- relyingPartyOrigin: string;
126
+ relyingPartyOrigin: RelyingPartyOriginInput;
127
127
  setIsAuthenticated?: (isAuth: boolean) => void;
128
128
  setUser?: (user: unknown | null) => void;
129
129
  }) => {
@@ -208,4 +208,4 @@ declare class EphemeralSignerSignError extends Error {
208
208
  }
209
209
  declare function signWithEphemeralSigner(input: EphemeralSignerSignInput): Promise<EphemeralSignerSignResult>;
210
210
 
211
- export { type AssertPasskeyInParentResult, EphemeralSignerSignError, type EphemeralSignerSignInput, type EphemeralSignerSignResult, type GetInternalPresenceTokensResult, type GetPresenceTokenResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, type ScopedPresenceToken, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, flattenPresenceTokens, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods, getInternalPresenceTokens, getPresenceToken, signWithEphemeralSigner };
211
+ export { type AssertPasskeyInParentResult, EphemeralSignerSignError, type EphemeralSignerSignInput, type EphemeralSignerSignResult, type GetInternalPresenceTokensResult, type GetPresenceTokenResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, RelyingPartyOriginInput, type ScopedPresenceToken, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, flattenPresenceTokens, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods, getInternalPresenceTokens, getPresenceToken, signWithEphemeralSigner };
@@ -1,5 +1,5 @@
1
- import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-1vfik3Ef.js';
2
- export { O as OAuthOpener, a as PlatformImpls, W as WebAuthnAssertionResponse, b as WebAuthnRequestOptions } from '../interfaces-1vfik3Ef.js';
1
+ import { T as Transport, P as PasskeyAssertor, R as RelyingPartyOriginInput, K as KvStorage } from '../interfaces-BZ5GMWS9.js';
2
+ export { O as OAuthOpener, a as PlatformImpls, W as WebAuthnAssertionResponse, b as WebAuthnRequestOptions, r as resolveRelyingPartyOrigin } from '../interfaces-BZ5GMWS9.js';
3
3
  import { C as CachedAssertion } from '../passkey-cache-WnDFQ-v4.js';
4
4
  import { EthereumSignMessageParams, EthereumSignMessageResult, EthereumSignTransactionParams, EthereumSignTransactionResult, EthereumSignTypedDataParams, EthereumSignTypedDataResult, EthereumSignHashParams, EthereumSignHashResult, EthereumSign7702AuthorizationParams, EthereumSign7702AuthorizationResult, EthereumSendTransactionParams, EthereumSendTransactionResult, EthereumGetBalanceParams, EthereumGetBalanceResult, EthereumGetTokenAccountsByOwnerParams, EthereumGetTokenAccountsByOwnerResult, SolanaSignMessageParams, SolanaSignMessageResult, SolanaSignTransactionParams, SolanaSignTransactionResult, SolanaSendTransactionParams, SolanaSendTransactionResult, SolanaGetBalanceParams, SolanaGetBalanceResult, SolanaGetTokenAccountsByOwnerParams, SolanaGetTokenAccountsByOwnerResult, SendEmailOtpResponse, PublicWallet, ProvisionEphemeralSignerParams, ProvisionEphemeralSignerResult, ListEphemeralSignersResult, RevokeEphemeralSignerParams } from '../types/index.js';
5
5
  import '../post-message-Z6cLf0mS.js';
@@ -20,7 +20,7 @@ declare const getPresenceToken: ({ transport, passkey, publishableKey, relyingPa
20
20
  transport: Transport;
21
21
  passkey: PasskeyAssertor;
22
22
  publishableKey: string;
23
- relyingPartyOrigin: string;
23
+ relyingPartyOrigin: RelyingPartyOriginInput;
24
24
  }) => Promise<GetPresenceTokenResult>;
25
25
 
26
26
  interface ScopedPresenceToken {
@@ -37,7 +37,7 @@ declare const getInternalPresenceTokens: ({ transport, passkey, publishableKey,
37
37
  transport: Transport;
38
38
  passkey: PasskeyAssertor;
39
39
  publishableKey: string;
40
- relyingPartyOrigin: string;
40
+ relyingPartyOrigin: RelyingPartyOriginInput;
41
41
  scopes?: string[];
42
42
  scopeCounts?: Record<string, number>;
43
43
  }) => Promise<GetInternalPresenceTokensResult>;
@@ -47,7 +47,7 @@ declare const getHeadlessEthereumMethods: ({ transport, passkey, publishableKey,
47
47
  transport: Transport;
48
48
  passkey: PasskeyAssertor;
49
49
  publishableKey: string;
50
- relyingPartyOrigin: string;
50
+ relyingPartyOrigin: RelyingPartyOriginInput;
51
51
  }) => {
52
52
  signEthereumMessageHeadless: (params: EthereumSignMessageParams) => Promise<EthereumSignMessageResult>;
53
53
  signEthereumTransactionHeadless: (params: EthereumSignTransactionParams) => Promise<EthereumSignTransactionResult>;
@@ -69,7 +69,7 @@ declare const getHeadlessSolanaMethods: ({ transport, passkey, publishableKey, r
69
69
  transport: Transport;
70
70
  passkey: PasskeyAssertor;
71
71
  publishableKey: string;
72
- relyingPartyOrigin: string;
72
+ relyingPartyOrigin: RelyingPartyOriginInput;
73
73
  }) => {
74
74
  signSolanaMessageHeadless: (params: SolanaSignMessageParams) => Promise<SolanaSignMessageResult>;
75
75
  signSolanaTransactionHeadless: (params: SolanaSignTransactionParams) => Promise<SolanaSignTransactionResult>;
@@ -123,7 +123,7 @@ declare const getHeadlessGeneralMethods: ({ transport, passkey, storage, publish
123
123
  passkey: PasskeyAssertor;
124
124
  storage: KvStorage;
125
125
  publishableKey: string;
126
- relyingPartyOrigin: string;
126
+ relyingPartyOrigin: RelyingPartyOriginInput;
127
127
  setIsAuthenticated?: (isAuth: boolean) => void;
128
128
  setUser?: (user: unknown | null) => void;
129
129
  }) => {
@@ -208,4 +208,4 @@ declare class EphemeralSignerSignError extends Error {
208
208
  }
209
209
  declare function signWithEphemeralSigner(input: EphemeralSignerSignInput): Promise<EphemeralSignerSignResult>;
210
210
 
211
- export { type AssertPasskeyInParentResult, EphemeralSignerSignError, type EphemeralSignerSignInput, type EphemeralSignerSignResult, type GetInternalPresenceTokensResult, type GetPresenceTokenResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, type ScopedPresenceToken, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, flattenPresenceTokens, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods, getInternalPresenceTokens, getPresenceToken, signWithEphemeralSigner };
211
+ export { type AssertPasskeyInParentResult, EphemeralSignerSignError, type EphemeralSignerSignInput, type EphemeralSignerSignResult, type GetInternalPresenceTokensResult, type GetPresenceTokenResult, KvStorage, type LoginWithCodeParams, PasskeyAssertor, RelyingPartyOriginInput, type ScopedPresenceToken, type SendCodeParams, Transport, type VerifyOAuthParams, assertPasskeyInParent, flattenPresenceTokens, getHeadlessAuthenticationMethods, getHeadlessEthereumMethods, getHeadlessGeneralMethods, getHeadlessSolanaMethods, getInternalPresenceTokens, getPresenceToken, signWithEphemeralSigner };
package/dist/sdk/index.js CHANGED
@@ -39,10 +39,14 @@ __export(sdk_exports, {
39
39
  getHeadlessSolanaMethods: () => getHeadlessSolanaMethods,
40
40
  getInternalPresenceTokens: () => getInternalPresenceTokens,
41
41
  getPresenceToken: () => getPresenceToken,
42
+ resolveRelyingPartyOrigin: () => resolveRelyingPartyOrigin,
42
43
  signWithEphemeralSigner: () => signWithEphemeralSigner
43
44
  });
44
45
  module.exports = __toCommonJS(sdk_exports);
45
46
 
47
+ // src/sdk/interfaces.ts
48
+ var resolveRelyingPartyOrigin = async (input) => typeof input === "function" ? input() : input;
49
+
46
50
  // src/lib/auth/authentication-state.ts
47
51
  var AuthenticationState = class {
48
52
  constructor() {
@@ -345,10 +349,11 @@ var getPresenceToken = async ({
345
349
  publishableKey,
346
350
  relyingPartyOrigin
347
351
  }) => {
352
+ const rpOrigin = await resolveRelyingPartyOrigin(relyingPartyOrigin);
348
353
  const { token, optionsJSON } = await transport.send(
349
354
  PostMessageType.AUTH,
350
355
  PostMessageMethod.PASSKEY_PRESENCE_BEGIN,
351
- { publishableKey, relyingPartyOrigin }
356
+ { publishableKey, relyingPartyOrigin: rpOrigin }
352
357
  );
353
358
  const response = await passkey.assertForServer({ optionsJSON });
354
359
  const verify = await transport.send(
@@ -356,7 +361,7 @@ var getPresenceToken = async ({
356
361
  PostMessageMethod.PASSKEY_PRESENCE_VERIFY,
357
362
  {
358
363
  publishableKey,
359
- relyingPartyOrigin,
364
+ relyingPartyOrigin: rpOrigin,
360
365
  token,
361
366
  response
362
367
  }
@@ -376,15 +381,16 @@ var getInternalPresenceTokens = async ({
376
381
  scopes,
377
382
  scopeCounts
378
383
  }) => {
384
+ const rpOrigin = await resolveRelyingPartyOrigin(relyingPartyOrigin);
379
385
  const { token, optionsJSON } = await transport.send(
380
386
  PostMessageType.AUTH,
381
387
  PostMessageMethod.PASSKEY_PRESENCE_BEGIN,
382
- { publishableKey, relyingPartyOrigin }
388
+ { publishableKey, relyingPartyOrigin: rpOrigin }
383
389
  );
384
390
  const { response, userHandleB64url, credentialIdB64url } = await passkey.assertForInternalPresence({ optionsJSON });
385
391
  const verifyPayload = {
386
392
  publishableKey,
387
- relyingPartyOrigin,
393
+ relyingPartyOrigin: rpOrigin,
388
394
  token,
389
395
  response,
390
396
  purpose: "internal"
@@ -1263,5 +1269,6 @@ async function signWithEphemeralSigner(input) {
1263
1269
  getHeadlessSolanaMethods,
1264
1270
  getInternalPresenceTokens,
1265
1271
  getPresenceToken,
1272
+ resolveRelyingPartyOrigin,
1266
1273
  signWithEphemeralSigner
1267
1274
  });
@@ -13,6 +13,9 @@ import {
13
13
  } from "../chunk-I56GRKAG.mjs";
14
14
  import "../chunk-GQKIA37O.mjs";
15
15
 
16
+ // src/sdk/interfaces.ts
17
+ var resolveRelyingPartyOrigin = async (input) => typeof input === "function" ? input() : input;
18
+
16
19
  // src/sdk/parent-passkey-assert.ts
17
20
  var assertPasskeyInParent = async ({
18
21
  transport,
@@ -56,10 +59,11 @@ var getPresenceToken = async ({
56
59
  publishableKey,
57
60
  relyingPartyOrigin
58
61
  }) => {
62
+ const rpOrigin = await resolveRelyingPartyOrigin(relyingPartyOrigin);
59
63
  const { token, optionsJSON } = await transport.send(
60
64
  PostMessageType.AUTH,
61
65
  PostMessageMethod.PASSKEY_PRESENCE_BEGIN,
62
- { publishableKey, relyingPartyOrigin }
66
+ { publishableKey, relyingPartyOrigin: rpOrigin }
63
67
  );
64
68
  const response = await passkey.assertForServer({ optionsJSON });
65
69
  const verify = await transport.send(
@@ -67,7 +71,7 @@ var getPresenceToken = async ({
67
71
  PostMessageMethod.PASSKEY_PRESENCE_VERIFY,
68
72
  {
69
73
  publishableKey,
70
- relyingPartyOrigin,
74
+ relyingPartyOrigin: rpOrigin,
71
75
  token,
72
76
  response
73
77
  }
@@ -87,15 +91,16 @@ var getInternalPresenceTokens = async ({
87
91
  scopes,
88
92
  scopeCounts
89
93
  }) => {
94
+ const rpOrigin = await resolveRelyingPartyOrigin(relyingPartyOrigin);
90
95
  const { token, optionsJSON } = await transport.send(
91
96
  PostMessageType.AUTH,
92
97
  PostMessageMethod.PASSKEY_PRESENCE_BEGIN,
93
- { publishableKey, relyingPartyOrigin }
98
+ { publishableKey, relyingPartyOrigin: rpOrigin }
94
99
  );
95
100
  const { response, userHandleB64url, credentialIdB64url } = await passkey.assertForInternalPresence({ optionsJSON });
96
101
  const verifyPayload = {
97
102
  publishableKey,
98
- relyingPartyOrigin,
103
+ relyingPartyOrigin: rpOrigin,
99
104
  token,
100
105
  response,
101
106
  purpose: "internal"
@@ -973,5 +978,6 @@ export {
973
978
  getHeadlessSolanaMethods,
974
979
  getInternalPresenceTokens,
975
980
  getPresenceToken,
981
+ resolveRelyingPartyOrigin,
976
982
  signWithEphemeralSigner
977
983
  };
@@ -1,5 +1,5 @@
1
1
  import { P as PostMessageClient } from '../post-message-Z6cLf0mS.mjs';
2
- import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-BdIeMGGD.mjs';
2
+ import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-BWxOajnD.mjs';
3
3
 
4
4
  declare const getCachedPostMessageClient: (contentWindow: Window) => PostMessageClient;
5
5
  /**
@@ -1,5 +1,5 @@
1
1
  import { P as PostMessageClient } from '../post-message-Z6cLf0mS.js';
2
- import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-1vfik3Ef.js';
2
+ import { T as Transport, P as PasskeyAssertor, K as KvStorage } from '../interfaces-BZ5GMWS9.js';
3
3
 
4
4
  declare const getCachedPostMessageClient: (contentWindow: Window) => PostMessageClient;
5
5
  /**
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@moon-x/core",
3
- "version": "0.5.0",
3
+ "version": "0.6.0",
4
4
  "license": "UNLICENSED",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",