@novasamatech/host-papp 0.5.0-8 → 0.5.0-9

package/dist/modules/crypto.js

@@ -1,17 +1,13 @@
-import { gcm } from '@noble/ciphers/aes.js';
 import { p256 } from '@noble/curves/nist.js';
-import { blake2b } from '@noble/hashes/blake2.js';
-import { hkdf } from '@noble/hashes/hkdf.js';
-import { sha256 } from '@noble/hashes/sha2.js';
 import { randomBytes } from '@noble/hashes/utils.js';
-import { HDKD as sr25519HDKD, getPublicKey as sr25519GetPublicKey, secretFromSeed as sr25519SecretFromSeed, sign as sr25519Sign, } from '@scure/sr25519';
+import { HDKD as sr25519HDKD, getPublicKey as sr25519GetPublicKey, secretFromSeed as sr25519SecretFromSeed, sign as sr25519Sign, verify as sr25519Verify, } from '@scure/sr25519';
 import { Bytes, str, u32 } from 'scale-ts';
 // schemas
-function brandedBytesCodec(length) {
+export function BrandedBytesCodec(length) {
     return Bytes(length);
 }
-export const SsPubKey = brandedBytesCodec(32);
-export const EncrPubKey = brandedBytesCodec(65);
+export const SsPubKey = BrandedBytesCodec(32);
+export const EncrPubKey = BrandedBytesCodec(65);
 // helpers
 const textEncoder = new TextEncoder();
 const textDecoder = new TextDecoder();
@@ -21,19 +17,9 @@ export function stringToBytes(str) {
 export function bytesToString(bytes) {
     return textDecoder.decode(bytes);
 }
-export function mergeBytes(...bytes) {
-    const len = bytes.reduce((l, b) => l + b.length, 0);
-    const merged = new Uint8Array(len);
-    let offset = 0;
-    for (const arr of bytes) {
-        merged.set(arr, offset);
-        offset += arr.length;
-    }
-    return merged;
-}
 // statement store key pair
 export const SS_SECRET_SEED_SIZE = 32;
-export function createSsSecret(seed) {
+export function createSsSecret(seed = randomBytes(SS_SECRET_SEED_SIZE)) {
     return sr25519SecretFromSeed(seed);
 }
 export function createSsHardDerivation(secret, derivation) {
@@ -47,38 +33,19 @@ export function getSsPub(secret) {
 export function signWithSsSecret(secret, message) {
     return sr25519Sign(secret, message);
 }
+export function verifyWithSsSecret(message, signature, publicKey) {
+    return sr25519Verify(message, signature, publicKey);
+}
 // encryption key pair
 export const ENCR_SECRET_SEED_SIZE = 48;
-export function createEncrSecret(seed) {
+export function createEncrSecret(seed = randomBytes(ENCR_SECRET_SEED_SIZE)) {
     const { secretKey } = p256.keygen(seed);
     return secretKey;
 }
 export function getEncrPub(secret) {
     return p256.getPublicKey(secret, false);
 }
-// helpers
-export function createRandomSeed(suffix, size) {
-    return blake2b(mergeBytes(randomBytes(128), stringToBytes(suffix)), { dkLen: size });
-}
-export function createStableSeed(value, size) {
-    return blake2b(stringToBytes(value), { dkLen: size });
-}
-export function khash(secret, message) {
-    return blake2b(message, { dkLen: 256 / 8, key: secret });
-}
 export function createSharedSecret(secret, publicKey) {
+    // slicing first byte: @noble/curves adds y offset at the start
     return p256.getSharedSecret(secret, publicKey).slice(1, 33);
 }
-export function encrypt(secret, cipherText) {
-    const nonce = randomBytes(12);
-    const aesKey = hkdf(sha256, secret, new Uint8Array(), new Uint8Array(), 32);
-    const aes = gcm(aesKey, nonce);
-    return aes.encrypt(mergeBytes(nonce, cipherText));
-}
-export function decrypt(secret, message) {
-    const nonce = message.slice(0, 12);
-    const cipherText = message.slice(12);
-    const aesKey = hkdf(sha256, secret, new Uint8Array(), new Uint8Array(), 32);
-    const aes = gcm(aesKey, nonce);
-    return aes.decrypt(cipherText);
-}

package/dist/modules/secretStorage.d.ts

@@ -1,12 +1,15 @@
+import type { StorageAdapter } from '@novasamatech/storage-adapter';
 import type { ResultAsync } from 'neverthrow';
-import type { StorageAdapter } from '../adapters/storage/types.js';
+import type { CodecType } from 'scale-ts';
 import type { EncrSecret, SsSecret } from './crypto.js';
-export type SecretStorage = {
-    readSsSecret(accountId: string): ResultAsync<SsSecret | null, Error>;
-    writeSsSecret(accountId: string, value: SsSecret): ResultAsync<void, Error>;
-    clearSsSecret(accountId: string): ResultAsync<void, Error>;
-    readEncrSecret(accountId: string): ResultAsync<EncrSecret | null, Error>;
-    writeEncrSecret(accountId: string, value: EncrSecret): ResultAsync<void, Error>;
-    clearEncrSecret(accountId: string): ResultAsync<void, Error>;
+type UserSecrets = CodecType<typeof UserSecretsCodec>;
+declare const UserSecretsCodec: import("scale-ts").Codec<{
+    SsSecret: SsSecret;
+    EncrSecret: EncrSecret;
+}>;
+export declare function createSecretStorage(salt: string, storage: StorageAdapter): {
+    read(sessionId: string): ResultAsync<UserSecrets | null, Error>;
+    write(sessionId: string, value: UserSecrets): ResultAsync<void, Error>;
+    clear(sessionId: string): ResultAsync<void, Error>;
 };
-export declare function createSecretStorage(appId: string, storage: StorageAdapter): SecretStorage;
+export {};

package/dist/modules/secretStorage.js

@@ -1,40 +1,44 @@
 import { gcm } from '@noble/ciphers/aes.js';
 import { blake2b } from '@noble/hashes/blake2.js';
 import { fromHex, toHex } from '@polkadot-api/utils';
-import { stringToBytes } from './crypto.js';
-export function createSecretStorage(appId, storage) {
-    const ssSecret = rwBytes('SsSecret', appId, storage);
-    const encrSecret = rwBytes('EncrSecret', appId, storage);
+import { fromThrowable } from 'neverthrow';
+import { Struct } from 'scale-ts';
+import { toError } from '../helpers/utils.js';
+import { BrandedBytesCodec, stringToBytes } from './crypto.js';
+const UserSecretsCodec = Struct({
+    SsSecret: BrandedBytesCodec(),
+    EncrSecret: BrandedBytesCodec(),
+});
+export function createSecretStorage(salt, storage) {
+    const baseKey = 'UserSecrets';
+    const encode = fromThrowable(UserSecretsCodec.enc, toError);
+    const decode = fromThrowable((value) => (value ? UserSecretsCodec.dec(value) : null), toError);
+    const encrypt = fromThrowable((value) => {
+        const aes = getAes(salt);
+        return toHex(aes.encrypt(value));
+    }, toError);
+    const decrypt = fromThrowable((value) => {
+        if (value === null) {
+            return null;
+        }
+        const aes = getAes(salt);
+        return aes.decrypt(fromHex(value));
+    }, toError);
     return {
-        readSsSecret: ssSecret.read,
-        writeSsSecret: ssSecret.write,
-        clearSsSecret: ssSecret.clear,
-        readEncrSecret: encrSecret.read,
-        writeEncrSecret: encrSecret.write,
-        clearEncrSecret: encrSecret.clear,
+        read(sessionId) {
+            return storage.read(createKey(baseKey, sessionId)).andThen(decrypt).andThen(decode);
+        },
+        write(sessionId, value) {
+            return encode(value)
+                .andThen(encrypt)
+                .asyncAndThen(value => storage.write(createKey(baseKey, sessionId), value));
+        },
+        clear(sessionId) {
+            return storage.clear(createKey(baseKey, sessionId));
+        },
     };
 }
 const createKey = (key, context) => `${key}_${context}`;
-const rwBytes = (baseKey, appId, storage) => ({
-    read(context) {
-        return storage.read(createKey(baseKey, context)).map(value => {
-            if (value) {
-                const aes = getAes(appId);
-                return aes.decrypt(fromHex(value));
-            }
-            else {
-                return null;
-            }
-        });
-    },
-    write(context, value) {
-        const aes = getAes(appId);
-        return storage.write(createKey(baseKey, context), toHex(aes.encrypt(value)));
-    },
-    clear(context) {
-        return storage.clear(createKey(baseKey, context));
-    },
-});
-function getAes(appId) {
-    return gcm(blake2b(stringToBytes(appId), { dkLen: 16 }), blake2b(stringToBytes('nonce'), { dkLen: 32 }));
+function getAes(salt) {
+    return gcm(blake2b(stringToBytes(salt), { dkLen: 16 }), blake2b(stringToBytes('nonce'), { dkLen: 32 }));
 }

package/dist/modules/session/helpers.d.ts

@@ -1,5 +1,5 @@
 import type { Account } from './types.js';
-export declare function createSessionId(accountA: Account, accountB: Account): Uint8Array<ArrayBufferLike>;
+export declare function createSessionId(sharedSecret: Uint8Array, accountA: Account, accountB: Account): Uint8Array<ArrayBufferLike>;
 export declare function createRequestChannel(session: Uint8Array): Uint8Array<ArrayBufferLike>;
 export declare function createResponseChannel(session: Uint8Array): Uint8Array<ArrayBufferLike>;
 export declare function createAccount(accountId: Uint8Array, publicKey: Uint8Array, pin?: string): Account;

package/dist/modules/session/helpers.js

@@ -1,6 +1,6 @@
 import { mergeUint8 } from '@polkadot-api/utils';
 import { khash, stringToBytes } from '../crypto.js';
-export function createSessionId(accountA, accountB) {
+export function createSessionId(sharedSecret, accountA, accountB) {
     const sessionPrefix = stringToBytes('session');
     const pinSeparator = stringToBytes('/');
     function makePin(pin) {
@@ -12,7 +12,7 @@ export function createSessionId(accountA, accountB) {
         makePin(accountA.pin),
         makePin(accountB.pin),
     ]);
-    return khash(accountA.publicKey, mergeUint8(sessionPrefix, accountSessionParams));
+    return khash(sharedSecret, mergeUint8(sessionPrefix, accountSessionParams));
 }
 export function createRequestChannel(session) {
     return khash(session, stringToBytes('request'));

package/dist/modules/session/session.js

@@ -1,10 +1,10 @@
+import { toHex } from '@polkadot-api/utils';
 import { okAsync } from 'neverthrow';
-import { toHex } from 'polkadot-api/utils';
 import { storageListView } from '../storageView.js';
 import { createSessionId } from './helpers.js';
 export function createSession({ ownAccount, peerAccount, transport, storage, codec, }) {
-    // const ownSession = createSessionId(ownAccount, peerAccount);
-    const peerSession = createSessionId(peerAccount, ownAccount);
+    // const ownSession = createSessionId(peerAccount.publicKey, ownAccount, peerAccount);
+    const peerSession = createSessionId(peerAccount.publicKey, peerAccount, ownAccount);
     const processedStorage = storageListView({
         key: `ProcessesMessages_${toHex(peerSession)}`,
         storage,
@@ -15,19 +15,23 @@ export function createSession({ ownAccount, peerAccount, transport, storage, cod
     let subscriptions = [];
     return {
         subscribe(callback) {
-            const unsub = transport.handleRequest(ownAccount, peerAccount, codec, async (message) => {
-                processedStorage.read().andThen(processed => {
-                    if (processed.includes(message.requestId)) {
-                        return okAsync();
-                    }
-                    return callback(message.data).andThen(processed => {
-                        if (processed) {
-                            return processedStorage.mutate(p => p.concat(message.requestId));
-                        }
-                        else {
+            const unsub = transport.subscribe({ ownAccount, peerAccount, codec }, async (messages) => {
+                processedStorage.read().map(processed => {
+                    for (const message of messages) {
+                        if (message.type === 'response')
+                            continue;
+                        if (processed.includes(message.requestId)) {
                             return okAsync();
                         }
-                    });
+                        callback(message.data).andThen(processed => {
+                            if (processed) {
+                                return processedStorage.mutate(p => p.concat(message.requestId));
+                            }
+                            else {
+                                return okAsync();
+                            }
+                        });
+                    }
                 });
             });
             subscriptions.push(unsub);

package/dist/modules/statementStore.d.ts

@@ -1,4 +1,4 @@
-import type { UserSession } from '../components/user/userSessionStorage.js';
+import type { UserSession } from '../sso/session/ssoSessionStorage.js';
 import type { SsSecret } from './crypto.js';
 import type { Account } from './session/types.js';
 export declare function createUserSession(hostAccount: Account, peerAccount: Account): UserSession;
@@ -8,5 +8,5 @@ type StatementPayload = {
     topics: Uint8Array[];
     data: Uint8Array;
 };
-export declare function createStatement(secret: SsSecret, payload: StatementPayload): Promise<import("@polkadot-api/sdk-statement").SignedStatement>;
+export declare function createStatement(secret: SsSecret, payload: StatementPayload): import("neverthrow").ResultAsync<import("@polkadot-api/sdk-statement").SignedStatement, Error>;
 export {};

package/dist/modules/statementStore.js

@@ -1,6 +1,8 @@
 import { getStatementSigner } from '@polkadot-api/sdk-statement';
 import { Binary } from '@polkadot-api/substrate-bindings';
 import { nanoid } from 'nanoid';
+import { fromPromise } from 'neverthrow';
+import { toError } from '../helpers/utils.js';
 import { getSsPub, signWithSsSecret } from './crypto.js';
 export function createUserSession(hostAccount, peerAccount) {
     return {
@@ -11,10 +13,10 @@ export function createUserSession(hostAccount, peerAccount) {
 }
 export function createStatement(secret, payload) {
     const signer = getStatementSigner(getSsPub(secret), 'sr25519', data => signWithSsSecret(secret, data));
-    return signer.sign({
+    return fromPromise(signer.sign({
         priority: payload.priority,
         channel: Binary.fromBytes(payload.channel),
         topics: payload.topics.map(Binary.fromBytes),
         data: Binary.fromBytes(payload.data),
-    });
+    }), toError);
 }

package/dist/modules/storageView.d.ts

@@ -9,17 +9,17 @@ type Params<T> = {
     to(value: T): string | null;
 };
 export declare function storageView<T>({ storage, initial, key, from, to, autosync }: Params<T>): {
-    read(): ResultAsync<T, Error>;
-    write(value: T): ResultAsync<T, Error> | ResultAsync<null, Error>;
-    clear(): ResultAsync<void, Error>;
+    read(): any;
+    write(value: T): any;
+    clear(): any;
     subscribe(fn: (value: T) => void): () => void;
 };
 export declare function storageListView<T>(params: Params<T[]>): {
     add(value: T): ResultAsync<T, Error>;
     mutate(fn: (value: T[]) => T[]): ResultAsync<T[], Error>;
-    read(): ResultAsync<T[], Error>;
-    write(value: T[]): ResultAsync<T[], Error> | ResultAsync<null, Error>;
-    clear(): ResultAsync<void, Error>;
+    read(): any;
+    write(value: T[]): any;
+    clear(): any;
     subscribe(fn: (value: T[]) => void): () => void;
 };
 export {};

package/dist/modules/transport/crypto.js

@@ -2,12 +2,14 @@ import { gcm } from '@noble/ciphers/aes.js';
 import { hkdf } from '@noble/hashes/hkdf.js';
 import { sha256 } from '@noble/hashes/sha2.js';
 import { randomBytes } from '@noble/hashes/utils.js';
-import { mergeUint8 } from '@polkadot-api/utils';
+import { mergeBytes } from '../crypto.js';
 export function encrypt(secret, cipherText) {
     const nonce = randomBytes(12);
-    const aesKey = hkdf(sha256, secret, new Uint8Array(), new Uint8Array(), 32);
+    const salt = new Uint8Array(); // secure enough since P256 random keys provide enough entropy
+    const info = new Uint8Array(); // no need to introduce any context
+    const aesKey = hkdf(sha256, secret, salt, info, 32);
     const aes = gcm(aesKey, nonce);
-    return aes.encrypt(mergeUint8(nonce, cipherText));
+    return aes.encrypt(mergeBytes(nonce, cipherText));
 }
 export function decrypt(secret, message) {
     const nonce = message.slice(0, 12);

package/dist/modules/transport/transport.d.ts

@@ -1,7 +1,9 @@
 import type { Statement } from '@polkadot-api/sdk-statement';
+import type { ResultAsync } from 'neverthrow';
 import type { Codec } from 'scale-ts';
 import type { StatementAdapter } from '../../adapters/statement/types.js';
 import type { Callback } from '../../types.js';
+import type { SsSecret } from '../crypto.js';
 import type { Account } from '../session/types.js';
 import type { TransportError } from './codec.js';
 export type Transport = ReturnType<typeof createTransport>;
@@ -21,7 +23,20 @@ type Params = {
 };
 export declare function createTransport({ adapter }: Params): {
     subscribeSession(sessionId: Uint8Array, callback: Callback<Statement[]>): VoidFunction;
-    subscribe<T>(ownAccount: Account, peerAccount: Account, codec: Codec<T>, callback: Callback<Message<T>[]>): VoidFunction;
-    handleRequest<T>(ownAccount: Account, peerAccount: Account, codec: Codec<T>, callback: Callback<RequestMessage<T>>): VoidFunction;
+    subscribe<T>({ ownAccount, peerAccount, codec, }: {
+        ownAccount: Account;
+        peerAccount: Account;
+        codec: Codec<T>;
+    }, callback: Callback<Message<T>[]>): VoidFunction;
+    handleRequest<T>(params: {
+        ownAccount: Account;
+        peerAccount: Account;
+        codec: Codec<T>;
+    }, callback: Callback<RequestMessage<T>>): VoidFunction;
+    submitRequest({ ownAccount, peerAccount, secret }: {
+        ownAccount: Account;
+        peerAccount: Account;
+        secret: SsSecret;
+    }, message: Uint8Array): ResultAsync<void, Error>;
 };
 export {};

package/dist/modules/transport/transport.js

@@ -1,7 +1,8 @@
 import { Result, fromThrowable, ok } from 'neverthrow';
 import { nonNullable, toError } from '../../helpers/utils.js';
 import { decrypt } from '../crypto.js';
-import { createSessionId } from '../session/helpers.js';
+import { createRequestChannel, createSessionId } from '../session/helpers.js';
+import { createStatement } from '../statementStore.js';
 import { StatementData } from './codec.js';
 const decryptResults = fromThrowable(decrypt, toError);
 function mapMessage(statementData) {
@@ -27,8 +28,8 @@ export function createTransport({ adapter }) {
         subscribeSession(sessionId, callback) {
             return adapter.subscribeStatements([sessionId], callback);
         },
-        subscribe(ownAccount, peerAccount, codec, callback) {
-            const sessionId = createSessionId(peerAccount, ownAccount);
+        subscribe({ ownAccount, peerAccount, codec, }, callback) {
+            const sessionId = createSessionId(peerAccount.publicKey, peerAccount, ownAccount);
             const statementDataCodec = StatementData(codec);
             return adapter.subscribeStatements([sessionId], statements => {
                 Result.combine(statements.map(statement => {
@@ -46,11 +47,20 @@ export function createTransport({ adapter }) {
                 });
             });
         },
-        handleRequest(ownAccount, peerAccount, codec, callback) {
-            return transport.subscribe(ownAccount, peerAccount, codec, messages => {
+        handleRequest(params, callback) {
+            return transport.subscribe(params, messages => {
                 messages.filter(m => m.type === 'request').forEach(callback);
             });
         },
+        submitRequest({ ownAccount, peerAccount, secret }, message) {
+            const sessionId = createSessionId(peerAccount.publicKey, ownAccount, peerAccount);
+            return createStatement(secret, {
+                channel: createRequestChannel(sessionId),
+                priority: 0,
+                topics: [sessionId],
+                data: message,
+            }).andThen(adapter.submitStatement);
+        },
     };
     return transport;
 }

package/dist/papp.d.ts

@@ -1,26 +1,37 @@
-import type { ResultAsync } from 'neverthrow';
-import type { Identity, IdentityAdapter } from './adapters/identity/types.js';
-import type { StatementAdapter } from './adapters/statement/types.js';
-import type { StorageAdapter } from './adapters/storage/types.js';
-import type { AuthComponent } from './components/auth/index.js';
-import type { UserSessionsComponent } from './components/user/index.js';
+import type { LazyClient, StatementStoreAdapter } from '@novasamatech/statement-store';
+import type { StorageAdapter } from '@novasamatech/storage-adapter';
+import type { IdentityAdapter, IdentityRepository } from './identity/types.js';
+import type { AuthComponent } from './sso/auth/impl.js';
+import type { SsoSessionManager } from './sso/sessionManager/impl.js';
 export type PappAdapter = {
     sso: AuthComponent;
-    sessions: UserSessionsComponent;
-    identity: {
-        getIdentity(accountId: string): ResultAsync<Identity | null, Error>;
-        getIdentities(accounts: string[]): ResultAsync<Record<string, Identity | null>, Error>;
-    };
+    sessions: SsoSessionManager;
+    identity: IdentityRepository;
 };
 type Adapters = {
-    statements: StatementAdapter;
+    statementStore: StatementStoreAdapter;
     identities: IdentityAdapter;
     storage: StorageAdapter;
+    lazyClient: LazyClient;
 };
 type Params = {
+    /**
+     * Host app Id.
+     * CAUTION! This value should be stable.
+     */
     appId: string;
+    /**
+     * URL for additional metadata that will be displayed during pairing process.
+     * Content of provided json shound be
+     * ```ts
+     * interface Metadata {
+     *   name: string;
+     *   icon: string; // url for icon. Icon should be a rasterized image with min size 256x256 px.
+     * }
+     * ```
+     */
     metadata: string;
-    adapters?: Adapters;
+    adapters?: Partial<Adapters>;
 };
 export declare function createPappAdapter({ appId, metadata, adapters }: Params): PappAdapter;
 export {};

package/dist/papp.js

@@ -1,42 +1,23 @@
+import { createLazyClient, createPapiStatementStoreAdapter } from '@novasamatech/statement-store';
+import { createLocalStorageAdapter } from '@novasamatech/storage-adapter';
 import { getWsProvider } from '@polkadot-api/ws-provider';
-import { createIdentityRpcAdapter } from './adapters/identity/rpc.js';
-import { createPapiLazyClient } from './adapters/lazyClient/papi.js';
-import { createPapiStatementAdapter } from './adapters/statement/rpc.js';
-import { createLocalStorageAdapter } from './adapters/storage/localStorage.js';
-import { createAuthComponent } from './components/auth/index.js';
-import { createUserSessionsComponent } from './components/user/index.js';
-import { createUserSessionStorage } from './components/user/userSessionStorage.js';
 import { SS_PROD_ENDPOINTS } from './constants.js';
-import { createTransport } from './modules/transport/transport.js';
+import { createIdentityRepository } from './identity/impl.js';
+import { createIdentityRpcAdapter } from './identity/rpcAdapter.js';
+import { createAuth } from './sso/auth/impl.js';
+import { createSsoSessionManager } from './sso/sessionManager/impl.js';
+import { createUserSecretRepository } from './sso/userSecretRepository.js';
+import { createUserSessionRepository } from './sso/userSessionRepository.js';
 export function createPappAdapter({ appId, metadata, adapters }) {
-    let statements;
-    let identities;
-    let storage;
-    if (adapters) {
-        statements = adapters.statements;
-        identities = adapters.identities;
-        storage = adapters.storage;
-    }
-    else {
-        const lazyPapiAdapter = createPapiLazyClient(getWsProvider(SS_PROD_ENDPOINTS));
-        storage = createLocalStorageAdapter(appId);
-        identities = createIdentityRpcAdapter(lazyPapiAdapter, storage);
-        statements = createPapiStatementAdapter(lazyPapiAdapter);
-    }
-    const transport = createTransport({ adapter: statements });
-    const userSessionStorage = createUserSessionStorage({ storage });
-    const identityComponent = {
-        getIdentity(accountId) {
-            return identities.readIdentities([accountId]).map(map => map[accountId] ?? null);
-        },
-        getIdentities(accounts) {
-            return identities.readIdentities(accounts);
-        },
+    const lazyClient = adapters?.lazyClient ?? createLazyClient(getWsProvider(SS_PROD_ENDPOINTS));
+    const statementStore = adapters?.statementStore ?? createPapiStatementStoreAdapter(lazyClient);
+    const identities = adapters?.identities ?? createIdentityRpcAdapter(lazyClient);
+    const storage = adapters?.storage ?? createLocalStorageAdapter(appId);
+    const ssoSessionRepository = createUserSessionRepository(storage);
+    const userSecretRepository = createUserSecretRepository(appId, storage);
+    return {
+        sso: createAuth({ metadata, statementStore, ssoSessionRepository, userSecretRepository }),
+        sessions: createSsoSessionManager({ storage, statementStore, ssoSessionRepository, userSecretRepository }),
+        identity: createIdentityRepository({ adapter: identities, storage }),
     };
-    const papp = {
-        sso: createAuthComponent({ appId, metadata, transport, userSessionStorage }),
-        sessions: createUserSessionsComponent({ transport, storage, userSessionStorage }),
-        identity: identityComponent,
-    };
-    return papp;
 }

package/dist/sso/auth/impl.d.ts

@@ -0,0 +1,48 @@
+import type { StatementStoreAdapter } from '@novasamatech/statement-store';
+import { ResultAsync } from 'neverthrow';
+import type { UserSecretRepository } from '../userSecretRepository.js';
+import type { StoredUserSession, UserSessionRepository } from '../userSessionRepository.js';
+export type AuthComponent = ReturnType<typeof createAuth>;
+type Params = {
+    metadata: string;
+    statementStore: StatementStoreAdapter;
+    ssoSessionRepository: UserSessionRepository;
+    userSecretRepository: UserSecretRepository;
+};
+export declare function createAuth({ metadata, statementStore, ssoSessionRepository, userSecretRepository }: Params): {
+    status: {
+        read: () => {
+            step: "none";
+        } | {
+            step: "initial";
+        } | {
+            step: "pairing";
+            payload: string;
+        } | {
+            step: "error";
+            message: string;
+        } | {
+            step: "finished";
+            session: StoredUserSession;
+        };
+        subscribe: (fn: (value: {
+            step: "none";
+        } | {
+            step: "initial";
+        } | {
+            step: "pairing";
+            payload: string;
+        } | {
+            step: "error";
+            message: string;
+        } | {
+            step: "finished";
+            session: StoredUserSession;
+        }) => void) => () => void;
+        onFirstSubscribe: (callback: VoidFunction) => import("nanoevents").Unsubscribe;
+        onLastUnsubscribe: (callback: VoidFunction) => import("nanoevents").Unsubscribe;
+    };
+    authenticate(): ResultAsync<StoredUserSession | null, Error>;
+    abortAuthentication(): void;
+};
+export {};