@oxyhq/services 5.26.4 → 5.27.0

package/dist/web/types/core/mixins/OxyServices.location.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Location Methods Mixin
+ */
+import type { OxyServicesBase } from '../OxyServices.base';
+export declare function OxyServicesLocationMixin<T extends typeof OxyServicesBase>(Base: T): {
+    new (...args: any[]): {
+        /**
+         * Update user location
+         * @param latitude - Latitude coordinate
+         * @param longitude - Longitude coordinate
+         * @returns Location update result
+         */
+        updateLocation(latitude: number, longitude: number): Promise<any>;
+        /**
+         * Get nearby users
+         * @param radius - Optional search radius in meters
+         * @returns Array of nearby users
+         */
+        getNearbyUsers(radius?: number): Promise<any[]>;
+        httpService: import("../HttpService").HttpService;
+        cloudURL: string;
+        config: import("../OxyServices.base").OxyConfig;
+        makeRequest<T_1>(method: "GET" | "POST" | "PUT" | "PATCH" | "DELETE", url: string, data?: any, options?: import("../HttpService").RequestOptions): Promise<T_1>;
+        getBaseURL(): string;
+        getClient(): import("../HttpService").HttpService;
+        getMetrics(): {
+            totalRequests: number;
+            successfulRequests: number;
+            failedRequests: number;
+            cacheHits: number;
+            cacheMisses: number;
+            averageResponseTime: number;
+        };
+        clearCache(): void;
+        clearCacheEntry(key: string): void;
+        getCacheStats(): {
+            size: number;
+            hits: number;
+            misses: number;
+            hitRate: number;
+        };
+        getCloudURL(): string;
+        setTokens(accessToken: string, refreshToken?: string): void;
+        clearTokens(): void;
+        getCurrentUserId(): string | null;
+        hasValidToken(): boolean;
+        getAccessToken(): string | null;
+        waitForAuth(timeoutMs?: number): Promise<boolean>;
+        withAuthRetry<T_1>(operation: () => Promise<T_1>, operationName: string, options?: {
+            maxRetries?: number;
+            retryDelay?: number;
+            authTimeoutMs?: number;
+        }): Promise<T_1>;
+        validate(): Promise<boolean>;
+        handleError(error: unknown): Error;
+        healthCheck(): Promise<{
+            status: string;
+            users?: number;
+            timestamp?: string;
+            [key: string]: any;
+        }>;
+    };
+    __resetTokensForTests(): void;
+} & T;

package/dist/web/types/core/mixins/OxyServices.payment.d.ts

@@ -0,0 +1,111 @@
+/**
+ * Payment Methods Mixin
+ *
+ * Provides methods for payment processing and management
+ */
+import type { OxyServicesBase } from '../OxyServices.base';
+export declare function OxyServicesPaymentMixin<T extends typeof OxyServicesBase>(Base: T): {
+    new (...args: any[]): {
+        /**
+         * Create a payment
+         * @param data - Payment data
+         * @returns Created payment object
+         */
+        createPayment(data: any): Promise<any>;
+        /**
+         * Get payment by ID
+         * @param paymentId - The payment ID
+         * @returns Payment object
+         */
+        getPayment(paymentId: string): Promise<any>;
+        /**
+         * Get user payments
+         * @returns Array of user payments
+         */
+        getUserPayments(): Promise<any[]>;
+        /**
+         * Get user subscription
+         * @param userId - The user ID
+         * @returns Subscription object
+         */
+        getSubscription(userId: string): Promise<any>;
+        /**
+         * Get current user's subscription
+         * @returns Subscription object
+         */
+        getCurrentUserSubscription(): Promise<any>;
+        /**
+         * Get user wallet
+         * @param userId - The user ID
+         * @returns Wallet object with balance
+         */
+        getWallet(userId: string): Promise<any>;
+        /**
+         * Get current user's wallet
+         * @returns Wallet object with balance
+         */
+        getCurrentUserWallet(): Promise<any>;
+        /**
+         * Get wallet transaction history
+         * @param userId - The user ID
+         * @param options - Pagination options
+         * @returns Transaction history
+         */
+        getWalletTransactions(userId: string, options?: {
+            limit?: number;
+            offset?: number;
+        }): Promise<any>;
+        /**
+         * Get current user's wallet transaction history
+         * @param options - Pagination options
+         * @returns Transaction history
+         */
+        getCurrentUserWalletTransactions(options?: {
+            limit?: number;
+            offset?: number;
+        }): Promise<any>;
+        httpService: import("../HttpService").HttpService;
+        cloudURL: string;
+        config: import("../OxyServices.base").OxyConfig;
+        makeRequest<T_1>(method: "GET" | "POST" | "PUT" | "PATCH" | "DELETE", url: string, data?: any, options?: import("../HttpService").RequestOptions): Promise<T_1>;
+        getBaseURL(): string;
+        getClient(): import("../HttpService").HttpService;
+        getMetrics(): {
+            totalRequests: number;
+            successfulRequests: number;
+            failedRequests: number;
+            cacheHits: number;
+            cacheMisses: number;
+            averageResponseTime: number;
+        };
+        clearCache(): void;
+        clearCacheEntry(key: string): void;
+        getCacheStats(): {
+            size: number;
+            hits: number;
+            misses: number;
+            hitRate: number;
+        };
+        getCloudURL(): string;
+        setTokens(accessToken: string, refreshToken?: string): void;
+        clearTokens(): void;
+        getCurrentUserId(): string | null;
+        hasValidToken(): boolean;
+        getAccessToken(): string | null;
+        waitForAuth(timeoutMs?: number): Promise<boolean>;
+        withAuthRetry<T_1>(operation: () => Promise<T_1>, operationName: string, options?: {
+            maxRetries?: number;
+            retryDelay?: number;
+            authTimeoutMs?: number;
+        }): Promise<T_1>;
+        validate(): Promise<boolean>;
+        handleError(error: unknown): Error;
+        healthCheck(): Promise<{
+            status: string;
+            users?: number;
+            timestamp?: string;
+            [key: string]: any;
+        }>;
+    };
+    __resetTokensForTests(): void;
+} & T;

package/dist/web/types/core/mixins/OxyServices.popup.d.ts

@@ -0,0 +1,205 @@
+import type { OxyServicesBase } from '../OxyServices.base';
+import type { SessionLoginResponse } from '../../models/session';
+export interface PopupAuthOptions {
+    width?: number;
+    height?: number;
+    timeout?: number;
+    mode?: 'login' | 'signup';
+}
+export interface SilentAuthOptions {
+    timeout?: number;
+}
+/**
+ * Popup-based Cross-Domain Authentication Mixin
+ *
+ * Implements OAuth2-style authentication using popup windows and postMessage.
+ * This is the primary authentication method for modern browsers, providing a
+ * Google-like experience without full page redirects.
+ *
+ * Flow:
+ * 1. Opens small popup window to auth.oxy.so
+ * 2. User signs in (auth.oxy.so sets its own first-party cookie)
+ * 3. auth.oxy.so sends token back via postMessage
+ * 4. Popup closes, parent app has the session
+ *
+ * Features:
+ * - No full page redirect (preserves app state)
+ * - Works across different domains (homiio.com, mention.earth, etc.)
+ * - Silent refresh using hidden iframe for seamless SSO
+ * - CSRF protection via state parameter
+ * - XSS protection via origin validation
+ *
+ * Browser Support: All modern browsers (IE11+)
+ */
+export declare function OxyServicesPopupAuthMixin<T extends typeof OxyServicesBase>(Base: T): {
+    new (...args: any[]): {
+        /**
+         * Sign in using popup window
+         *
+         * Opens a centered popup window to auth.oxy.so where the user can sign in.
+         * The popup automatically closes after successful authentication and the
+         * session is returned to the parent window.
+         *
+         * @param options - Popup configuration options
+         * @returns Session with access token and user data
+         * @throws {OxyAuthenticationError} If popup is blocked or auth fails
+         *
+         * @example
+         * ```typescript
+         * const handleSignIn = async () => {
+         *   try {
+         *     const session = await oxyServices.signInWithPopup();
+         *     console.log('Signed in:', session.user);
+         *   } catch (error) {
+         *     if (error.message.includes('blocked')) {
+         *       alert('Please allow popups for this site');
+         *     }
+         *   }
+         * };
+         * ```
+         */
+        signInWithPopup(options?: PopupAuthOptions): Promise<SessionLoginResponse>;
+        /**
+         * Sign up using popup window
+         *
+         * Same as signInWithPopup but opens the signup page by default.
+         *
+         * @param options - Popup configuration options
+         * @returns Session with access token and user data
+         */
+        signUpWithPopup(options?: PopupAuthOptions): Promise<SessionLoginResponse>;
+        /**
+         * Silent sign-in using hidden iframe
+         *
+         * Attempts to automatically re-authenticate the user without any UI.
+         * This is what enables seamless SSO across all Oxy domains.
+         *
+         * How it works:
+         * 1. Creates hidden iframe pointing to auth.oxy.so/silent-auth
+         * 2. If user has valid session at auth.oxy.so, it sends token via postMessage
+         * 3. If not, iframe responds with null (no error thrown)
+         *
+         * This should be called on app startup to check for existing sessions.
+         *
+         * @param options - Silent auth options
+         * @returns Session if user is signed in, null otherwise
+         *
+         * @example
+         * ```typescript
+         * useEffect(() => {
+         *   const checkAuth = async () => {
+         *     const session = await oxyServices.silentSignIn();
+         *     if (session) {
+         *       setUser(session.user);
+         *     }
+         *   };
+         *   checkAuth();
+         * }, []);
+         * ```
+         */
+        silentSignIn(options?: SilentAuthOptions): Promise<SessionLoginResponse | null>;
+        /**
+         * Open a centered popup window
+         *
+         * @private
+         */
+        openCenteredPopup(url: string, title: string, width: number, height: number): Window | null;
+        /**
+         * Wait for authentication response from popup
+         *
+         * @private
+         */
+        waitForPopupAuth(popup: Window, expectedState: string, timeout: number): Promise<SessionLoginResponse>;
+        /**
+         * Wait for authentication response from iframe
+         *
+         * @private
+         */
+        waitForIframeAuth(iframe: HTMLIFrameElement, timeout: number, expectedOrigin: string): Promise<SessionLoginResponse | null>;
+        /**
+         * Build authentication URL with query parameters
+         *
+         * @private
+         */
+        buildAuthUrl(params: {
+            mode: string;
+            state: string;
+            nonce: string;
+            clientId: string;
+            redirectUri: string;
+        }): string;
+        /**
+         * Generate cryptographically secure state for CSRF protection
+         *
+         * @private
+         */
+        generateState(): string;
+        /**
+         * Generate nonce for replay attack prevention
+         *
+         * @private
+         */
+        generateNonce(): string;
+        /**
+         * Store auth state in session storage
+         *
+         * @private
+         */
+        storeAuthState(state: string, nonce: string): void;
+        /**
+         * Clear auth state from session storage
+         *
+         * @private
+         */
+        clearAuthState(state: string): void;
+        httpService: import("../HttpService").HttpService;
+        cloudURL: string;
+        config: import("../OxyServices.base").OxyConfig;
+        makeRequest<T_1>(method: "GET" | "POST" | "PUT" | "PATCH" | "DELETE", url: string, data?: any, options?: import("../HttpService").RequestOptions): Promise<T_1>;
+        getBaseURL(): string;
+        getClient(): import("../HttpService").HttpService;
+        getMetrics(): {
+            totalRequests: number;
+            successfulRequests: number;
+            failedRequests: number;
+            cacheHits: number;
+            cacheMisses: number;
+            averageResponseTime: number;
+        };
+        clearCache(): void;
+        clearCacheEntry(key: string): void;
+        getCacheStats(): {
+            size: number;
+            hits: number;
+            misses: number;
+            hitRate: number;
+        };
+        getCloudURL(): string;
+        setTokens(accessToken: string, refreshToken?: string): void;
+        clearTokens(): void;
+        getCurrentUserId(): string | null;
+        hasValidToken(): boolean;
+        getAccessToken(): string | null;
+        waitForAuth(timeoutMs?: number): Promise<boolean>;
+        withAuthRetry<T_1>(operation: () => Promise<T_1>, operationName: string, options?: {
+            maxRetries?: number;
+            retryDelay?: number;
+            authTimeoutMs?: number;
+        }): Promise<T_1>;
+        validate(): Promise<boolean>;
+        handleError(error: unknown): Error;
+        healthCheck(): Promise<{
+            status: string;
+            users?: number;
+            timestamp?: string;
+            [key: string]: any;
+        }>;
+    };
+    readonly AUTH_URL: "https://auth.oxy.so";
+    readonly POPUP_WIDTH: 500;
+    readonly POPUP_HEIGHT: 700;
+    readonly POPUP_TIMEOUT: 60000;
+    readonly SILENT_TIMEOUT: 5000;
+    __resetTokensForTests(): void;
+} & T;
+export { OxyServicesPopupAuthMixin as PopupAuthMixin };

package/dist/web/types/core/mixins/OxyServices.privacy.d.ts

@@ -0,0 +1,122 @@
+/**
+ * Privacy Methods Mixin (Blocked & Restricted Users)
+ */
+import type { BlockedUser, RestrictedUser } from '../../models/interfaces';
+import type { OxyServicesBase } from '../OxyServices.base';
+export declare function OxyServicesPrivacyMixin<T extends typeof OxyServicesBase>(Base: T): {
+    new (...args: any[]): {
+        /**
+         * Extract user ID from blocked/restricted user object
+         */
+        extractUserId(userIdField: string | {
+            _id: string;
+            username?: string;
+            avatar?: string;
+        }): string;
+        /**
+         * Check if a user is in a list (blocked or restricted)
+         */
+        isUserInList<T_1 extends BlockedUser | RestrictedUser>(userId: string, getUserList: () => Promise<T_1[]>, getIdField: (item: T_1) => string | {
+            _id: string;
+            username?: string;
+            avatar?: string;
+        }): Promise<boolean>;
+        /**
+         * Get list of blocked users
+         * @returns Array of blocked users
+         */
+        getBlockedUsers(): Promise<BlockedUser[]>;
+        /**
+         * Block a user
+         * @param userId - The user ID to block
+         * @returns Success message
+         */
+        blockUser(userId: string): Promise<{
+            message: string;
+        }>;
+        /**
+         * Unblock a user
+         * @param userId - The user ID to unblock
+         * @returns Success message
+         */
+        unblockUser(userId: string): Promise<{
+            message: string;
+        }>;
+        /**
+         * Check if a user is blocked
+         * @param userId - The user ID to check
+         * @returns True if the user is blocked, false otherwise
+         */
+        isUserBlocked(userId: string): Promise<boolean>;
+        /**
+         * Get list of restricted users
+         * @returns Array of restricted users
+         */
+        getRestrictedUsers(): Promise<RestrictedUser[]>;
+        /**
+         * Restrict a user (limit their interactions without fully blocking)
+         * @param userId - The user ID to restrict
+         * @returns Success message
+         */
+        restrictUser(userId: string): Promise<{
+            message: string;
+        }>;
+        /**
+         * Unrestrict a user
+         * @param userId - The user ID to unrestrict
+         * @returns Success message
+         */
+        unrestrictUser(userId: string): Promise<{
+            message: string;
+        }>;
+        /**
+         * Check if a user is restricted
+         * @param userId - The user ID to check
+         * @returns True if the user is restricted, false otherwise
+         */
+        isUserRestricted(userId: string): Promise<boolean>;
+        httpService: import("../HttpService").HttpService;
+        cloudURL: string;
+        config: import("../OxyServices.base").OxyConfig;
+        makeRequest<T_1>(method: "GET" | "POST" | "PUT" | "PATCH" | "DELETE", url: string, data?: any, options?: import("../HttpService").RequestOptions): Promise<T_1>;
+        getBaseURL(): string;
+        getClient(): import("../HttpService").HttpService;
+        getMetrics(): {
+            totalRequests: number;
+            successfulRequests: number;
+            failedRequests: number;
+            cacheHits: number;
+            cacheMisses: number;
+            averageResponseTime: number;
+        };
+        clearCache(): void;
+        clearCacheEntry(key: string): void;
+        getCacheStats(): {
+            size: number;
+            hits: number;
+            misses: number;
+            hitRate: number;
+        };
+        getCloudURL(): string;
+        setTokens(accessToken: string, refreshToken?: string): void;
+        clearTokens(): void;
+        getCurrentUserId(): string | null;
+        hasValidToken(): boolean;
+        getAccessToken(): string | null;
+        waitForAuth(timeoutMs?: number): Promise<boolean>;
+        withAuthRetry<T_1>(operation: () => Promise<T_1>, operationName: string, options?: {
+            maxRetries?: number;
+            retryDelay?: number;
+            authTimeoutMs?: number;
+        }): Promise<T_1>;
+        validate(): Promise<boolean>;
+        handleError(error: unknown): Error;
+        healthCheck(): Promise<{
+            status: string;
+            users?: number;
+            timestamp?: string;
+            [key: string]: any;
+        }>;
+    };
+    __resetTokensForTests(): void;
+} & T;