@omni2fa/core 0.7.3 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/client/Interfaces/IOmni2FaClient.d.ts +9 -0
  2. package/dist/client/Interfaces/IOmni2FaClient.d.ts.map +1 -1
  3. package/dist/client/Omni2FaClient.d.ts +9 -1
  4. package/dist/client/Omni2FaClient.d.ts.map +1 -1
  5. package/dist/index.cjs +1 -1
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.d.ts +1 -1
  8. package/dist/index.d.ts.map +1 -1
  9. package/dist/index.js +67 -48
  10. package/dist/index.js.map +1 -1
  11. package/dist/types/api.d.ts +19 -0
  12. package/dist/types/api.d.ts.map +1 -1
  13. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -52,13 +52,14 @@ const a = {
52
52
  function T(t) {
53
53
  return S[t] ?? S[a.Unknown];
54
54
  }
55
- const F = "omni2fa:preauth", L = "omni2fa:session", b = "http://omni2fa.local";
55
+ const W = "X-Omni2FA-StepUp", F = "omni2fa:preauth", L = "omni2fa:session", b = "http://omni2fa.local";
56
56
  class K {
57
57
  storage;
58
58
  preAuthKey;
59
59
  sessionKey;
60
60
  basePath;
61
61
  inner;
62
+ stepUpHandler = null;
62
63
  constructor(e) {
63
64
  this.storage = e.storage ?? new _(), this.preAuthKey = e.preAuthStorageKey ?? F, this.sessionKey = e.sessionStorageKey ?? L, this.basePath = new URL(e.baseUrl, b).pathname.replace(/\/$/, ""), this.inner = J({
64
65
  baseUrl: e.baseUrl,
@@ -90,6 +91,23 @@ class K {
90
91
  getSessionToken() {
91
92
  return this.storage.get(this.sessionKey);
92
93
  }
94
+ setStepUpHandler(e) {
95
+ this.stepUpHandler = e;
96
+ }
97
+ /**
98
+ * Run a request and, if it comes back 403 STEP_UP_REQUIRED with a handler registered, confirm 2FA
99
+ * and retry once with the step-up header. Used by the library's own sensitive endpoints; other calls
100
+ * invoke openapi-fetch directly.
101
+ */
102
+ async sendWithStepUp(e) {
103
+ const r = await e({});
104
+ if (r.error !== void 0 && r.response.status === 403 && r.error.code === a.StepUpRequired && this.stepUpHandler !== null) {
105
+ const n = r.error.details?.availableMethods ?? [], o = await this.stepUpHandler(n);
106
+ if (o)
107
+ return e({ [W]: o });
108
+ }
109
+ return r;
110
+ }
93
111
  setToken(e, r) {
94
112
  r === null || r.length === 0 ? this.storage.remove(e) : this.storage.set(e, r);
95
113
  }
@@ -98,11 +116,13 @@ class K {
98
116
  return this.toCall(e, r, n);
99
117
  }
100
118
  async removeMethod(e) {
101
- const { error: r, response: n } = await this.inner.DELETE("/methods/{methodId}", { params: { path: { methodId: e } } });
119
+ const { error: r, response: n } = await this.sendWithStepUp(
120
+ (o) => this.inner.DELETE("/methods/{methodId}", { params: { path: { methodId: e } }, headers: o })
121
+ );
102
122
  return r ? this.errorCall(r, n) : { ok: !0, value: void 0 };
103
123
  }
104
124
  async startTotpEnrollment() {
105
- const { data: e, error: r, response: n } = await this.inner.POST("/enroll/totp/start");
125
+ const { data: e, error: r, response: n } = await this.sendWithStepUp((o) => this.inner.POST("/enroll/totp/start", { headers: o }));
106
126
  return this.toCall(e, r, n);
107
127
  }
108
128
  async confirmTotpEnrollment(e) {
@@ -110,7 +130,7 @@ class K {
110
130
  return this.toCall(r, n, o);
111
131
  }
112
132
  async startEmailEnrollment(e) {
113
- const { data: r, error: n, response: o } = await this.inner.POST("/enroll/email/start", { body: e });
133
+ const { data: r, error: n, response: o } = await this.sendWithStepUp((l) => this.inner.POST("/enroll/email/start", { body: e, headers: l }));
114
134
  return this.toCall(r, n, o);
115
135
  }
116
136
  async confirmEmailEnrollment(e) {
@@ -122,7 +142,7 @@ class K {
122
142
  return this.toCall(r, n, o);
123
143
  }
124
144
  async startWebAuthnEnrollment() {
125
- const { data: e, error: r, response: n } = await this.inner.POST("/enroll/webauthn/start");
145
+ const { data: e, error: r, response: n } = await this.sendWithStepUp((o) => this.inner.POST("/enroll/webauthn/start", { headers: o }));
126
146
  return this.toCall(e, r, n);
127
147
  }
128
148
  async confirmWebAuthnEnrollment(e) {
@@ -158,7 +178,7 @@ class K {
158
178
  return this.toCall(r, n, o);
159
179
  }
160
180
  async regenerateRecoveryCodes() {
161
- const { data: e, error: r, response: n } = await this.inner.POST("/recovery-codes/regenerate");
181
+ const { data: e, error: r, response: n } = await this.sendWithStepUp((o) => this.inner.POST("/recovery-codes/regenerate", { headers: o }));
162
182
  return this.toCall(e, r, n);
163
183
  }
164
184
  toCall(e, r, n) {
@@ -180,7 +200,7 @@ class K {
180
200
  };
181
201
  }
182
202
  }
183
- class te {
203
+ class ne {
184
204
  get(e) {
185
205
  return globalThis.sessionStorage?.getItem(e) ?? null;
186
206
  }
@@ -191,7 +211,7 @@ class te {
191
211
  globalThis.sessionStorage?.removeItem(e);
192
212
  }
193
213
  }
194
- class ne {
214
+ class oe {
195
215
  get(e) {
196
216
  return globalThis.localStorage?.getItem(e) ?? null;
197
217
  }
@@ -210,7 +230,7 @@ class s extends Error {
210
230
  super(r), this.name = "Omni2FaApiError", this.code = e, this.httpStatus = n, this.details = o;
211
231
  }
212
232
  }
213
- const W = {
233
+ const $ = {
214
234
  enrollmentId: null,
215
235
  otpAuthUri: null,
216
236
  secret: null,
@@ -219,7 +239,7 @@ const W = {
219
239
  errorCode: null,
220
240
  errorMessage: null
221
241
  };
222
- function $(t) {
242
+ function H(t) {
223
243
  return h({
224
244
  types: {
225
245
  context: {},
@@ -246,7 +266,7 @@ function $(t) {
246
266
  }).createMachine({
247
267
  id: "totpEnrollment",
248
268
  initial: "idle",
249
- context: W,
269
+ context: $,
250
270
  states: {
251
271
  idle: {
252
272
  on: {
@@ -314,7 +334,7 @@ function y({ context: t }) {
314
334
  function k(t, e) {
315
335
  e instanceof s ? (t.errorCode = e.code, t.errorMessage = e.message) : (t.errorCode = "UNKNOWN", t.errorMessage = e instanceof Error ? e.message : null);
316
336
  }
317
- const H = {
337
+ const V = {
318
338
  enrollmentId: null,
319
339
  email: null,
320
340
  expiresAt: null,
@@ -324,7 +344,7 @@ const H = {
324
344
  errorCode: null,
325
345
  errorMessage: null
326
346
  };
327
- function V(t) {
347
+ function Y(t) {
328
348
  return h({
329
349
  types: {
330
350
  context: {},
@@ -357,7 +377,7 @@ function V(t) {
357
377
  }).createMachine({
358
378
  id: "emailEnrollment",
359
379
  initial: "idle",
360
- context: H,
380
+ context: V,
361
381
  states: {
362
382
  idle: {
363
383
  on: {
@@ -466,7 +486,7 @@ function d(t) {
466
486
  function D(t) {
467
487
  return (t ?? []).map((e) => ({ ...e, id: m(e.id) }));
468
488
  }
469
- async function Y(t) {
489
+ async function q(t) {
470
490
  const e = JSON.parse(t), r = {
471
491
  ...e,
472
492
  challenge: m(e.challenge),
@@ -510,7 +530,7 @@ async function P(t) {
510
530
  }
511
531
  });
512
532
  }
513
- const q = {
533
+ const B = {
514
534
  enrollmentId: null,
515
535
  optionsJson: null,
516
536
  name: null,
@@ -519,7 +539,7 @@ const q = {
519
539
  errorCode: null,
520
540
  errorMessage: null
521
541
  };
522
- function B(t) {
542
+ function G(t) {
523
543
  return h({
524
544
  types: {
525
545
  context: {},
@@ -533,7 +553,7 @@ function B(t) {
533
553
  return e.value;
534
554
  }),
535
555
  registerAndConfirm: i(async ({ input: e }) => {
536
- const r = await Y(e.optionsJson), n = await t.confirmWebAuthnEnrollment({
556
+ const r = await q(e.optionsJson), n = await t.confirmWebAuthnEnrollment({
537
557
  enrollmentId: e.enrollmentId,
538
558
  attestationResponseJson: r,
539
559
  name: e.name
@@ -546,7 +566,7 @@ function B(t) {
546
566
  }).createMachine({
547
567
  id: "webauthnEnrollment",
548
568
  initial: "idle",
549
- context: q,
569
+ context: B,
550
570
  states: {
551
571
  idle: {
552
572
  on: {
@@ -567,7 +587,7 @@ function B(t) {
567
587
  },
568
588
  onError: {
569
589
  target: "failed",
570
- actions: ({ context: e, event: r }) => U(e, r.error)
590
+ actions: ({ context: e, event: r }) => O(e, r.error)
571
591
  }
572
592
  }
573
593
  },
@@ -586,31 +606,31 @@ function B(t) {
586
606
  },
587
607
  onError: {
588
608
  target: "failed",
589
- actions: ({ context: e, event: r }) => U(e, r.error)
609
+ actions: ({ context: e, event: r }) => O(e, r.error)
590
610
  }
591
611
  }
592
612
  },
593
613
  enrolled: {
594
614
  on: {
595
- reset: { target: "idle", actions: O }
615
+ reset: { target: "idle", actions: U }
596
616
  }
597
617
  },
598
618
  failed: {
599
619
  on: {
600
620
  retry: { target: "starting" },
601
- reset: { target: "idle", actions: O }
621
+ reset: { target: "idle", actions: U }
602
622
  }
603
623
  }
604
624
  }
605
625
  });
606
626
  }
607
- function O({ context: t }) {
627
+ function U({ context: t }) {
608
628
  t.enrollmentId = null, t.optionsJson = null, t.name = null, t.methodId = null, t.recoveryCodes = null, t.errorCode = null, t.errorMessage = null;
609
629
  }
610
- function U(t, e) {
630
+ function O(t, e) {
611
631
  e instanceof s ? (t.errorCode = e.code, t.errorMessage = e.message) : (t.errorCode = "UNKNOWN", t.errorMessage = e instanceof Error ? e.message : null);
612
632
  }
613
- const G = {
633
+ const X = {
614
634
  methodId: null,
615
635
  methodType: null,
616
636
  userId: null,
@@ -621,7 +641,7 @@ const G = {
621
641
  errorCode: null,
622
642
  errorMessage: null
623
643
  };
624
- function X(t) {
644
+ function j(t) {
625
645
  return h({
626
646
  types: {
627
647
  context: {},
@@ -662,7 +682,7 @@ function X(t) {
662
682
  }).createMachine({
663
683
  id: "challenge",
664
684
  initial: "idle",
665
- context: G,
685
+ context: X,
666
686
  states: {
667
687
  idle: {
668
688
  on: {
@@ -804,12 +824,12 @@ function C({ context: t }) {
804
824
  function c(t, e) {
805
825
  e instanceof s ? (t.errorCode = e.code, t.errorMessage = e.message) : (t.errorCode = "UNKNOWN", t.errorMessage = e instanceof Error ? e.message : null);
806
826
  }
807
- const j = {
827
+ const z = {
808
828
  items: [],
809
829
  errorCode: null,
810
830
  errorMessage: null
811
831
  };
812
- function z(t) {
832
+ function Q(t) {
813
833
  return h({
814
834
  types: {
815
835
  context: {},
@@ -832,7 +852,7 @@ function z(t) {
832
852
  }).createMachine({
833
853
  id: "methods",
834
854
  initial: "idle",
835
- context: j,
855
+ context: z,
836
856
  states: {
837
857
  idle: {
838
858
  on: {
@@ -883,19 +903,19 @@ function z(t) {
883
903
  failed: {
884
904
  on: {
885
905
  load: { target: "loading" },
886
- reset: { target: "idle", actions: Q }
906
+ reset: { target: "idle", actions: Z }
887
907
  }
888
908
  }
889
909
  }
890
910
  });
891
911
  }
892
- function Q({ context: t }) {
912
+ function Z({ context: t }) {
893
913
  t.items = [], t.errorCode = null, t.errorMessage = null;
894
914
  }
895
915
  function N(t, e) {
896
916
  e instanceof s ? (t.errorCode = e.code, t.errorMessage = e.message) : (t.errorCode = "UNKNOWN", t.errorMessage = e instanceof Error ? e.message : null);
897
917
  }
898
- const Z = {
918
+ const x = {
899
919
  methodId: null,
900
920
  methodType: null,
901
921
  stepUpToken: null,
@@ -905,7 +925,7 @@ const Z = {
905
925
  errorCode: null,
906
926
  errorMessage: null
907
927
  };
908
- function x(t) {
928
+ function ee(t) {
909
929
  return h({
910
930
  types: {
911
931
  context: {},
@@ -940,7 +960,7 @@ function x(t) {
940
960
  }).createMachine({
941
961
  id: "stepup",
942
962
  initial: "idle",
943
- context: Z,
963
+ context: x,
944
964
  states: {
945
965
  idle: {
946
966
  on: {
@@ -1059,9 +1079,8 @@ function A({ context: t }) {
1059
1079
  function g(t, e) {
1060
1080
  e instanceof s ? (t.errorCode = e.code, t.errorMessage = e.message) : (t.errorCode = "UNKNOWN", t.errorMessage = e instanceof Error ? e.message : null);
1061
1081
  }
1062
- const oe = "X-Omni2FA-StepUp";
1063
1082
  function se(t) {
1064
- const e = new K(t), r = u($(e)), n = u(V(e)), o = u(B(e)), l = u(X(e)), p = u(x(e)), f = u(z(e));
1083
+ const e = new K(t), r = u(H(e)), n = u(Y(e)), o = u(G(e)), l = u(j(e)), p = u(ee(e)), f = u(Q(e));
1065
1084
  return r.start(), n.start(), o.start(), l.start(), p.start(), f.start(), {
1066
1085
  client: e,
1067
1086
  totpEnrollment: r,
@@ -1076,22 +1095,22 @@ function se(t) {
1076
1095
  };
1077
1096
  }
1078
1097
  export {
1079
- ne as LocalStorageStorage,
1098
+ oe as LocalStorageStorage,
1080
1099
  _ as MemoryStorage,
1081
1100
  s as Omni2FaApiError,
1082
1101
  K as Omni2FaClient,
1083
1102
  a as Omni2FaErrorCodes,
1084
- oe as STEP_UP_HEADER,
1085
- te as SessionStorageStorage,
1086
- X as createChallengeMachine,
1087
- V as createEmailEnrollmentMachine,
1088
- z as createMethodsMachine,
1103
+ W as STEP_UP_HEADER,
1104
+ ne as SessionStorageStorage,
1105
+ j as createChallengeMachine,
1106
+ Y as createEmailEnrollmentMachine,
1107
+ Q as createMethodsMachine,
1089
1108
  se as createOmni2Fa,
1090
- x as createStepUpMachine,
1091
- $ as createTotpEnrollmentMachine,
1092
- B as createWebAuthnEnrollmentMachine,
1109
+ ee as createStepUpMachine,
1110
+ H as createTotpEnrollmentMachine,
1111
+ G as createWebAuthnEnrollmentMachine,
1093
1112
  T as getDefaultMessage,
1094
1113
  P as startAuthentication,
1095
- Y as startRegistration
1114
+ q as startRegistration
1096
1115
  };
1097
1116
  //# sourceMappingURL=index.js.map