@passflow/core 0.0.1 → 0.2.0

package/dist/lib/token/delivery-manager.d.ts

@@ -0,0 +1,121 @@
+/**
+ * Token Delivery Manager
+ *
+ * Manages token delivery mode state and session validity for the SDK.
+ * Supports three delivery modes: JSON body, cookie, and mobile.
+ * Persists delivery mode to storage for session continuity.
+ *
+ * @module token/delivery-manager
+ */
+import type { StorageManager } from '../storage';
+export declare enum TokenDeliveryMode {
+    JsonBody = "json_body",
+    Cookie = "cookie",
+    Mobile = "mobile",
+    /**
+     * BFF (Backend-for-Frontend) mode.
+     * Tokens are sent to BFF server which stores them in httpOnly cookies.
+     * Only ID token is kept locally for user info display.
+     */
+    BFF = "bff"
+}
+export declare enum SessionState {
+    Unknown = "unknown",// Initial state, not yet determined
+    Valid = "valid",// Session is valid (cookie mode trust state)
+    Invalid = "invalid"
+}
+export declare class TokenDeliveryManager {
+    private storageManager;
+    private mode;
+    private sessionState;
+    private isInitializedFlag;
+    private readonly STORAGE_PREFIX;
+    private readonly DELIVERY_MODE_KEY;
+    private readonly SESSION_STATE_KEY;
+    constructor(storageManager: StorageManager);
+    /**
+     * Set the token delivery mode
+     */
+    setMode(mode: TokenDeliveryMode): void;
+    /**
+     * Get the current token delivery mode
+     */
+    getMode(): TokenDeliveryMode;
+    /**
+     * Check if currently in cookie mode
+     */
+    isCookieMode(): boolean;
+    /**
+     * Check if currently in JSON body mode
+     */
+    isJsonMode(): boolean;
+    /**
+     * Check if currently in mobile mode
+     */
+    isMobileMode(): boolean;
+    /**
+     * Check if currently in BFF mode
+     */
+    isBFFMode(): boolean;
+    /**
+     * Check if delivery mode has been initialized from a server response
+     */
+    isInitialized(): boolean;
+    /**
+     * Mark session as valid (successful authentication or token refresh)
+     */
+    setSessionValid(): void;
+    /**
+     * Mark session as invalid (received 401 or logout)
+     */
+    setSessionInvalid(): void;
+    /**
+     * Reset session state to unknown (used during authentication flows)
+     */
+    setSessionUnknown(): void;
+    /**
+     * Check if session is valid
+     */
+    isSessionValid(): boolean;
+    /**
+     * Check if session state is unknown (not yet determined)
+     */
+    isSessionUnknown(): boolean;
+    /**
+     * Check if session is invalid
+     */
+    isSessionInvalid(): boolean;
+    /**
+     * Get current session state
+     */
+    getSessionState(): SessionState;
+    /**
+     * Reset delivery manager to initial state
+     */
+    reset(): void;
+    /**
+     * Load persisted delivery mode from storage
+     */
+    private loadPersistedMode;
+    /**
+     * Load persisted session state from storage
+     */
+    private loadPersistedSessionState;
+    /**
+     * Persist delivery mode to storage
+     */
+    private persistMode;
+    /**
+     * Persist session state to storage
+     */
+    private persistSessionState;
+    /**
+     * Clear persisted delivery mode from storage
+     */
+    private clearPersistedMode;
+    /**
+     * Clear persisted session state from storage
+     */
+    private clearPersistedSessionState;
+}
+//# sourceMappingURL=delivery-manager.d.ts.map

package/dist/lib/token/delivery-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delivery-manager.d.ts","sourceRoot":"","sources":["../../../lib/token/delivery-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD,oBAAY,iBAAiB;IAC3B,QAAQ,cAAc;IACtB,MAAM,WAAW;IACjB,MAAM,WAAW;IACjB;;;;OAIG;IACH,GAAG,QAAQ;CACZ;AAED,oBAAY,YAAY;IACtB,OAAO,YAAY,CAAE,oCAAoC;IACzD,KAAK,UAAU,CAAE,6CAA6C;IAC9D,OAAO,YAAY;CACpB;AAED,qBAAa,oBAAoB;IASnB,OAAO,CAAC,cAAc;IARlC,OAAO,CAAC,IAAI,CAAiD;IAC7D,OAAO,CAAC,YAAY,CAAsC;IAC1D,OAAO,CAAC,iBAAiB,CAAS;IAElC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAe;IAC9C,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAyC;IAC3E,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAyC;gBAEvD,cAAc,EAAE,cAAc;IAKlD;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,iBAAiB,GAAG,IAAI;IAMtC;;OAEG;IACH,OAAO,IAAI,iBAAiB;IAI5B;;OAEG;IACH,YAAY,IAAI,OAAO;IAIvB;;OAEG;IACH,UAAU,IAAI,OAAO;IAIrB;;OAEG;IACH,YAAY,IAAI,OAAO;IAIvB;;OAEG;IACH,SAAS,IAAI,OAAO;IAIpB;;OAEG;IACH,aAAa,IAAI,OAAO;IAIxB;;OAEG;IACH,eAAe,IAAI,IAAI;IAKvB;;OAEG;IACH,iBAAiB,IAAI,IAAI;IAKzB;;OAEG;IACH,iBAAiB,IAAI,IAAI;IAKzB;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;OAEG;IACH,gBAAgB,IAAI,OAAO;IAI3B;;OAEG;IACH,gBAAgB,IAAI,OAAO;IAI3B;;OAEG;IACH,eAAe,IAAI,YAAY;IAI/B;;OAEG;IACH,KAAK,IAAI,IAAI;IAQb;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAezB;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAcjC;;OAEG;IACH,OAAO,CAAC,WAAW;IAQnB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAQ3B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAQ1B;;OAEG;IACH,OAAO,CAAC,0BAA0B;CAOnC"}

package/dist/lib/{token-service → token}/index.d.ts

@@ -1,4 +1,4 @@
-export * from './service';
 export * from './membership';
+export * from './service';
 export * from './token';
 //# sourceMappingURL=index.d.ts.map

package/dist/lib/token/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/token/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,WAAW,CAAC;AAC1B,cAAc,SAAS,CAAC"}

package/dist/lib/token/membership.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"membership.d.ts","sourceRoot":"","sources":["../../../lib/token/membership.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,MAAM,GAAG;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,MAAM,CAAC,EAAE,eAAe,EAAE,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,KAAK,GAAG;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,KAAK,CAAC;IACb,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG;QACb,SAAS,EAAE,MAAM,CAAC;QAClB,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;QACxB,aAAa,EAAE,MAAM,CAAC;QACtB,MAAM,EAAE;YACN,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;SACzB,CAAC;QACF,WAAW,EAAE;YAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;SAAE,CAAC;KACxC,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,iBAAiB,CAAC;IACvB,OAAO,EAAE,gBAAgB,EAAE,CAAC;CAC7B,CAAC;AAEF,eAAO,MAAM,eAAe,GAAI,KAAK,iBAAiB,KAAG,cAmBxD,CAAC"}

package/dist/lib/{token-service → token}/service.d.ts

@@ -1,7 +1,17 @@
-import { StorageManager } from '../storage-manager';
+/**
+ * Token Service
+ *
+ * JWT token parsing, validation, and utility functions.
+ * Provides platform-agnostic Base64 decoding for SSR/Node.js support.
+ * Handles token expiry calculations with configurable buffer time.
+ *
+ * @module token
+ */
+import { StorageManager } from '../storage';
 import { Token, TokenType } from './token';
 export declare class TokenService {
     protected storageManager: StorageManager;
+    constructor(storageManager: StorageManager);
     /**
      * Checks if a token is not exists or expired.
      *
@@ -22,9 +32,11 @@ export declare class TokenService {
  * Checks if a token is expired.
  *
  * @param {Token} token - The token to check.
- * @returns {boolean} Returns true if the token is expired, false otherwise.
+ * @param {number} bufferSeconds - Time buffer in seconds to consider token expired early
+ *                                 This prevents race conditions where token expires during request
+ * @returns {boolean} Returns true if the token is expired or will expire within buffer time, false otherwise.
  */
-export declare function isTokenExpired(token: Token): boolean;
+export declare function isTokenExpired(token: Token, bufferSeconds?: number): boolean;
 /**
  * Parse token from string. Please be aware that this method does not check if the token signature and if the token is valid.
  *

package/dist/lib/token/service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../../lib/token/service.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAuB3C,qBAAa,YAAY;IACvB,SAAS,CAAC,cAAc,EAAE,cAAc,CAAC;gBAE7B,cAAc,EAAE,cAAc;IAI1C;;;;;OAKG;IACH,kBAAkB,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO;IAQ7C;;;;;;OAMG;IACH,cAAc,CAAC,SAAS,EAAE,SAAS,GAAG,KAAK,GAAG,SAAS;CAKxD;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,KAAK,EAAE,aAAa,SAA8B,GAAG,OAAO,CAGjG;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,WAAW,EAAE,MAAM,GAAG,KAAK,CAwBrD"}

package/dist/lib/token/token.d.ts

@@ -0,0 +1,55 @@
+import { RawUserMembership, UserMembership } from './membership';
+export type Token = {
+    aud: string[];
+    exp: number;
+    iat: number;
+    iss: string;
+    jti: string;
+    sub: string;
+    type: string;
+    email?: string;
+    phonenumber?: string;
+    passflow_tm?: RawUserMembership;
+    payload?: unknown;
+    membership?: UserMembership;
+};
+export type InvitationToken = Token & {
+    email: string;
+    inviter_id: string;
+    inviter_name: string;
+    redirect_url: string;
+    tenant_name: string;
+};
+/**
+ * Token types used in the Passflow SDK.
+ *
+ * Note: Some enum values intentionally differ from keys for API compatibility.
+ * The values match what the Passflow API returns in token payloads.
+ *
+ * @example
+ * // access_token key maps to 'access' value (API response format)
+ * TokenType.access_token === 'access' // true
+ */
+export declare enum TokenType {
+    /** ID token - contains user identity claims */
+    id_token = "id_token",
+    /** Access token - for API authorization. Maps to 'access' in API responses */
+    access_token = "access",
+    /** Refresh token - for obtaining new access tokens. Maps to 'refresh' in API responses */
+    refresh_token = "refresh",
+    /** Invitation token - for accepting user invitations */
+    invite_token = "invite",
+    /** Password reset token - for password reset flows */
+    reset_token = "reset",
+    /** Web cookie token - for web-based session management */
+    web_cookie = "web-cookie",
+    /** Management token - for administrative operations */
+    management = "management",
+    /** Sign-in token - for authentication flows */
+    signin = "signin",
+    /** Actor token - for impersonation and delegated access */
+    actor = "actor",
+    /** Two-factor authentication challenge token - for 2FA flows */
+    two_factor = "2fa"
+}
+//# sourceMappingURL=token.d.ts.map

package/dist/lib/token/token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../lib/token/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAEjE,MAAM,MAAM,KAAK,GAAG;IAClB,GAAG,EAAE,MAAM,EAAE,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,cAAc,CAAC;CAC7B,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG;IACpC,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF;;;;;;;;;GASG;AACH,oBAAY,SAAS;IACnB,+CAA+C;IAC/C,QAAQ,aAAa;IACrB,8EAA8E;IAC9E,YAAY,WAAW;IACvB,0FAA0F;IAC1F,aAAa,YAAY;IACzB,wDAAwD;IACxD,YAAY,WAAW;IACvB,sDAAsD;IACtD,WAAW,UAAU;IACrB,0DAA0D;IAC1D,UAAU,eAAe;IACzB,uDAAuD;IACvD,UAAU,eAAe;IACzB,+CAA+C;IAC/C,MAAM,WAAW;IACjB,2DAA2D;IAC3D,KAAK,UAAU;IACf,gEAAgE;IAChE,UAAU,QAAQ;CACnB"}

package/dist/lib/types/index.d.ts

@@ -1,12 +1,13 @@
-import { Token } from '../token-service';
+import { Token } from '../token';
+import { SessionState, TokenDeliveryMode } from '../token/delivery-manager';
 export type Tokens = {
-    access_token: string;
+    access_token?: string;
     id_token?: string;
     refresh_token?: string;
     scopes?: string[];
 };
 export type ParsedTokens = {
-    access_token: Token;
+    access_token?: Token;
     id_token?: Token;
     refresh_token?: Token;
     scopes?: string[];
@@ -19,4 +20,5 @@ export type SessionParams = {
     expiredSession?: () => Promise<void>;
     doRefresh?: boolean;
 };
+export { TokenDeliveryMode, SessionState };
 //# sourceMappingURL=index.d.ts.map

package/dist/lib/types/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,MAAM,MAAM,MAAM,GAAG;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,YAAY,EAAE,KAAK,CAAC;IACpB,QAAQ,CAAC,EAAE,KAAK,CAAC;IACjB,aAAa,CAAC,EAAE,KAAK,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,aAAa,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,YAAY,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9G,cAAc,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IACrC,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAE5E,MAAM,MAAM,MAAM,GAAG;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,YAAY,CAAC,EAAE,KAAK,CAAC;IACrB,QAAQ,CAAC,EAAE,KAAK,CAAC;IACjB,aAAa,CAAC,EAAE,KAAK,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,aAAa,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,YAAY,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9G,cAAc,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IACrC,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC;AAGF,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,CAAC"}

package/dist/lib/utils/validation.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Validates JWT token format (not signature, just structure)
+ * Checks that the token has 3 parts separated by dots and each part is valid base64url
+ *
+ * @param token - The token string to validate
+ * @returns true if the token has valid JWT format, false otherwise
+ */
+export declare function isValidJWTFormat(token: string): boolean;
+/**
+ * Sanitizes error messages from URL parameters to prevent XSS
+ * Removes HTML tags and limits length
+ *
+ * @param message - The error message to sanitize
+ * @returns Sanitized error message
+ */
+export declare function sanitizeErrorMessage(message: string): string;
+/**
+ * Validates email format using RFC 5322 simplified pattern
+ *
+ * @param email - The email string to validate
+ * @returns true if valid email format, false otherwise
+ */
+export declare function isValidEmail(email: string): boolean;
+/**
+ * Validates phone number format (E.164 format)
+ *
+ * @param phone - The phone number string to validate
+ * @returns true if valid phone format, false otherwise
+ */
+export declare function isValidPhoneNumber(phone: string): boolean;
+/**
+ * Validates username format
+ *
+ * @param username - The username string to validate
+ * @returns true if valid username format, false otherwise
+ */
+export declare function isValidUsername(username: string): boolean;
+/**
+ * Validates TOTP code format (6 or 8 numeric digits)
+ *
+ * @param code - The TOTP code to validate
+ * @param digits - Expected number of digits (6 or 8, defaults to 6 for backward compatibility)
+ * @returns true if valid TOTP code format, false otherwise
+ */
+export declare function isValidTOTPCode(code: string, digits?: 6 | 8): boolean;
+/**
+ * Normalizes and validates recovery code format
+ * Converts to uppercase and removes whitespace
+ *
+ * @param code - The recovery code to normalize and validate
+ * @returns Normalized recovery code if valid, null if invalid
+ */
+export declare function normalizeRecoveryCode(code: string): string | null;
+//# sourceMappingURL=validation.d.ts.map

package/dist/lib/utils/validation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../../lib/utils/validation.ts"],"names":[],"mappings":"AAEA;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CASvD;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAK5D;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CASnD;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAQzD;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CASzD;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,GAAE,CAAC,GAAG,CAAK,GAAG,OAAO,CAMxE;AAED;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAcjE"}

package/dist/tests/storage/fake-storage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fake-storage.d.ts","sourceRoot":"","sources":["../../../tests/storage/fake-storage.ts"],"names":[],"mappings":"AAAA,qBAAa,WAAW;IACtB,IAAI,sBAA6B;IAEjC,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAIzC,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAInC,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;CAG9B"}

package/dist/tests/storage/storage-manager.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage-manager.test.d.ts","sourceRoot":"","sources":["../../../tests/storage/storage-manager.test.ts"],"names":[],"mappings":""}

package/dist/tsconfig.tsbuildinfo

@@ -1 +1 @@
-{"root":["../lib/index.ts","../lib/passflow.ts","../lib/store.ts","../lib/api/app.ts","../lib/api/auth.ts","../lib/api/axios-client.ts","../lib/api/index.ts","../lib/api/invitation.ts","../lib/api/model.ts","../lib/api/setting.ts","../lib/api/tenant.ts","../lib/api/user.ts","../lib/constants/index.ts","../lib/device-service/index.ts","../lib/services/auth-service.ts","../lib/services/index.ts","../lib/services/invitation-service.ts","../lib/services/logger.ts","../lib/services/tenant-service.ts","../lib/services/tenant-user-membership.ts","../lib/services/token-cache-service.ts","../lib/services/user-service.ts","../lib/storage-manager/index.ts","../lib/token-service/index.ts","../lib/token-service/membership.ts","../lib/token-service/service.ts","../lib/token-service/token.ts","../lib/types/index.ts","../tests/storage-manager/fake-storage.ts","../tests/storage-manager/storage-manager.test.ts"],"version":"5.8.3"}
+{"root":["../lib/index.ts","../lib/passflow.ts","../lib/store.ts","../lib/api/app.ts","../lib/api/auth.ts","../lib/api/axios-client.ts","../lib/api/index.ts","../lib/api/invitation.ts","../lib/api/model.ts","../lib/api/setting.ts","../lib/api/tenant.ts","../lib/api/two-factor.ts","../lib/api/user.ts","../lib/constants/index.ts","../lib/device/index.ts","../lib/m2m/client.ts","../lib/m2m/errors.ts","../lib/m2m/index.ts","../lib/m2m/types.ts","../lib/services/auth-service.ts","../lib/services/index.ts","../lib/services/invitation-service.ts","../lib/services/logger.ts","../lib/services/tenant-service.ts","../lib/services/tenant-user-membership.ts","../lib/services/token-cache-service.ts","../lib/services/two-factor-service.ts","../lib/services/user-service.ts","../lib/storage/index.ts","../lib/token/delivery-manager.ts","../lib/token/index.ts","../lib/token/membership.ts","../lib/token/service.ts","../lib/token/token.ts","../lib/types/index.ts","../lib/utils/validation.ts","../tests/storage/fake-storage.ts","../tests/storage/storage-manager.test.ts"],"errors":true,"version":"5.9.3"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@passflow/core",
   "description": "Passflow JS SDK",
-  "version": "0.0.1",
+  "version": "0.2.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
@@ -18,7 +18,9 @@
       }
     }
   },
-  "files": ["dist"],
+  "files": [
+    "dist"
+  ],
   "scripts": {
     "dev": "pnpm vite",
     "watch": "vite build --watch",
@@ -36,24 +38,24 @@
     "ci": "biome ci ."
   },
   "devDependencies": {
-    "@babel/core": "^7.26.10",
+    "@babel/core": "^7.28.6",
     "@biomejs/biome": "1.9.4",
     "@types/sinon": "^17.0.4",
     "@types/uuid": "^10.0.0",
-    "@vitejs/plugin-vue": "^5.2.3",
-    "@vitest/coverage-v8": "^3.1.1",
-    "@vitest/ui": "^3.1.1",
+    "@vitejs/plugin-vue": "^5.2.4",
+    "@vitest/coverage-v8": "^3.2.4",
+    "@vitest/ui": "^3.2.4",
     "sinon": "^19.0.5",
-    "typescript": "^5.8.3",
-    "vite": "^6.2.5",
+    "typescript": "^5.9.3",
+    "vite": "^6.4.1",
     "vite-tsconfig-paths": "^5.1.4",
-    "vitest": "^3.1.1"
+    "vitest": "^3.2.4"
   },
   "dependencies": {
-    "@simplewebauthn/browser": "^13.1.0",
+    "@simplewebauthn/browser": "^13.2.2",
     "@simplewebauthn/types": "^12.0.0",
-    "axios": "^1.8.4",
-    "dayjs": "^1.11.13",
+    "axios": "^1.13.2",
+    "dayjs": "^1.11.19",
     "uuid": "^11.1.0"
   },
   "authors": [
@@ -74,8 +76,5 @@
     "type": "git",
     "url": "git+https://github.com/MadAppGang/passflow-js-sdk.git"
   },
-  "pnpm": {
-    "overrides": {}
-  },
   "packageManager": "pnpm@10.8.0"
 }

package/dist/lib/device-service/index.d.ts

@@ -1,7 +0,0 @@
-export declare class DeviceService {
-    private storageManager;
-    constructor();
-    getDeviceId(): string;
-    generateUniqueDeviceId(): string;
-}
-//# sourceMappingURL=index.d.ts.map

package/dist/lib/device-service/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/device-service/index.ts"],"names":[],"mappings":"AAIA,qBAAa,aAAa;IACxB,OAAO,CAAC,cAAc,CAAiB;;IAMvC,WAAW,IAAI,MAAM;IAUrB,sBAAsB,IAAI,MAAM;CAGjC"}

package/dist/lib/storage-manager/index.d.ts

@@ -1,37 +0,0 @@
-import { TokenType } from '../token-service';
-import { Tokens } from '../types';
-export type Storage = {
-    setItem: (key: string, value: string) => void;
-    getItem: (key: string) => string | null;
-    removeItem: (key: string) => void;
-};
-export interface StorageManagerParams {
-    storage?: Storage;
-    prefix?: string;
-}
-export declare class StorageManager {
-    private keyStoragePrefix;
-    readonly scopes: string;
-    readonly deviceId: string;
-    readonly invitationToken: string;
-    readonly previousRedirectUrl: string;
-    private storage;
-    constructor({ storage, prefix }?: StorageManagerParams);
-    saveTokens(tokens: Tokens): void;
-    getToken(tokenType: TokenType): string | undefined;
-    getTokens(): Tokens | undefined;
-    getScopes(): string[] | undefined;
-    deleteToken(tokenType: TokenType): void;
-    deleteTokens(): void;
-    getDeviceId(): string | undefined;
-    setDeviceId(deviceId: string): void;
-    deleteDeviceId(): void;
-    setInvitationToken(token: string): void;
-    getInvitationToken(): string | undefined;
-    deleteInvitationToken(): void;
-    setPreviousRedirectUrl(url: string): void;
-    getPreviousRedirectUrl(): string | undefined;
-    deletePreviousRedirectUrl(): void;
-    private getKeyForTokenType;
-}
-//# sourceMappingURL=index.d.ts.map

package/dist/lib/storage-manager/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/storage-manager/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAElC,MAAM,MAAM,OAAO,GAAG;IACpB,OAAO,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IAC9C,OAAO,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,MAAM,GAAG,IAAI,CAAC;IACxC,UAAU,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;CACnC,CAAC;AAEF,MAAM,WAAW,oBAAoB;IACnC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,gBAAgB,CAAM;IAC9B,QAAQ,CAAC,MAAM,SAA2C;IAC1D,QAAQ,CAAC,QAAQ,SAA8C;IAC/D,QAAQ,CAAC,eAAe,SAAqD;IAC7E,QAAQ,CAAC,mBAAmB,SAAyD;IAErF,OAAO,CAAC,OAAO,CAAU;gBAEb,EAAE,OAAO,EAAE,MAAM,EAAE,GAAE,oBAAyB;IAK1D,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAQhC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,MAAM,GAAG,SAAS;IAKlD,SAAS,IAAI,MAAM,GAAG,SAAS;IAW/B,SAAS,IAAI,MAAM,EAAE,GAAG,SAAS;IAIjC,WAAW,CAAC,SAAS,EAAE,SAAS,GAAG,IAAI;IAKvC,YAAY,IAAI,IAAI;IAOpB,WAAW,IAAI,MAAM,GAAG,SAAS;IAIjC,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAInC,cAAc,IAAI,IAAI;IAItB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAIvC,kBAAkB,IAAI,MAAM,GAAG,SAAS;IAIxC,qBAAqB,IAAI,IAAI;IAI7B,sBAAsB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAIzC,sBAAsB,IAAI,MAAM,GAAG,SAAS;IAI5C,yBAAyB,IAAI,IAAI;IAIjC,OAAO,CAAC,kBAAkB;CAG3B"}

package/dist/lib/token-service/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/token-service/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,cAAc,CAAC;AAC7B,cAAc,SAAS,CAAC"}

package/dist/lib/token-service/membership.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"membership.d.ts","sourceRoot":"","sources":["../../../lib/token-service/membership.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,MAAM,GAAG;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,MAAM,CAAC,EAAE,eAAe,EAAE,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,KAAK,GAAG;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,KAAK,CAAC;IACb,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG;QACb,SAAS,EAAE,MAAM,CAAC;QAClB,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;QACxB,aAAa,EAAE,MAAM,CAAC;QACtB,MAAM,EAAE;YACN,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;SACzB,CAAC;QACF,WAAW,EAAE;YAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;SAAE,CAAC;KACxC,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,iBAAiB,CAAC;IACvB,OAAO,EAAE,gBAAgB,EAAE,CAAC;CAC7B,CAAC;AAEF,eAAO,MAAM,eAAe,GAAI,KAAK,iBAAiB,KAAG,cAmBxD,CAAC"}

package/dist/lib/token-service/service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../../lib/token-service/service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAGpD,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAE3C,qBAAa,YAAY;IACvB,SAAS,CAAC,cAAc,iBAAwB;IAEhD;;;;;OAKG;IACH,kBAAkB,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO;IAQ7C;;;;;;OAMG;IACH,cAAc,CAAC,SAAS,EAAE,SAAS,GAAG,KAAK,GAAG,SAAS;CAKxD;AAED;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,KAAK,GAAG,OAAO,CAGpD;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,WAAW,EAAE,MAAM,GAAG,KAAK,CAiBrD"}

package/dist/lib/token-service/token.d.ts

@@ -1,34 +0,0 @@
-import { RawUserMembership, UserMembership } from '../token-service/membership';
-export type Token = {
-    aud: string[];
-    exp: number;
-    iat: number;
-    iss: string;
-    jti: string;
-    sub: string;
-    type: string;
-    email?: string;
-    phonenumber?: string;
-    passflow_tm?: RawUserMembership;
-    payload?: unknown;
-    membership?: UserMembership;
-};
-export type InvitationToken = Token & {
-    email: string;
-    inviter_id: string;
-    inviter_name: string;
-    redirect_url: string;
-    tenant_name: string;
-};
-export declare enum TokenType {
-    id_token = "id_token",
-    access_token = "access",
-    refresh_token = "refresh",
-    invite_token = "invite",
-    reset_token = "reset",
-    web_cookie = "web-cookie",
-    management = "management",
-    signin = "signin",
-    actor = "actor"
-}
-//# sourceMappingURL=token.d.ts.map

package/dist/lib/token-service/token.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"token.d.ts","sourceRoot":"","sources":["../../../lib/token-service/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAEhF,MAAM,MAAM,KAAK,GAAG;IAClB,GAAG,EAAE,MAAM,EAAE,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,cAAc,CAAC;CAC7B,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG;IACpC,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF,oBAAY,SAAS;IACnB,QAAQ,aAAa;IACrB,YAAY,WAAW;IACvB,aAAa,YAAY;IACzB,YAAY,WAAW;IACvB,WAAW,UAAU;IACrB,UAAU,eAAe;IACzB,UAAU,eAAe;IACzB,MAAM,WAAW;IACjB,KAAK,UAAU;CAChB"}

package/dist/tests/storage-manager/fake-storage.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"fake-storage.d.ts","sourceRoot":"","sources":["../../../tests/storage-manager/fake-storage.ts"],"names":[],"mappings":"AAAA,qBAAa,WAAW;IACtB,IAAI,sBAA6B;IAEjC,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAIzC,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAInC,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;CAG9B"}

package/dist/tests/storage-manager/storage-manager.test.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"storage-manager.test.d.ts","sourceRoot":"","sources":["../../../tests/storage-manager/storage-manager.test.ts"],"names":[],"mappings":""}