npm - @passkeykit/sso - Versions diffs - 1.0.0 - Mend

@passkeykit/sso 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,155 @@
+# @passkeykit/sso
+SSO client library for DanielTech satellite apps. Provides session management, inactivity tracking, SSO callback handling, and admin elevation — all configurable via a single factory function.
+## Install
+```bash
+npm install @passkeykit/sso
+```
+## Quick Start
+```ts
+import { createSSOClient } from '@passkeykit/sso';
+const sso = createSSOClient({
+  verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+});
+```
+## Configuration
+| Option | Type | Default | Description |
+|---|---|---|---|
+| `verifyUrl` | `string` | **required** | Token verification endpoint URL |
+| `ssoUrl` | `string` | `https://user.danieltech.dev` | SSO login page URL |
+| `callbackPath` | `string` | `/auth/callback` | Callback path on your app |
+| `sessionDuration` | `number` | 30 days (ms) | Absolute session lifetime |
+| `inactivityTimeout` | `number` | `Infinity` | Idle timeout before re-auth (ms). Set `0` or `Infinity` to disable |
+| `sessionKey` | `string` | `sso_session` | localStorage key for session data |
+| `activityKey` | `string` | `sso_last_activity` | localStorage key for activity timestamp |
+| `elevationDuration` | `number` | 15 min (ms) | Duration of admin elevation after re-auth |
+### Per-App Examples
+```ts
+// Meds — 5h inactivity, custom callback path
+const sso = createSSOClient({
+  verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+  callbackPath: '/?sso_callback=1',
+  inactivityTimeout: 5 * 60 * 60 * 1000,
+});
+// Groceries — 12h inactivity
+const sso = createSSOClient({
+  verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+  inactivityTimeout: 12 * 60 * 60 * 1000,
+});
+// MediaBox — no inactivity timeout (default)
+const sso = createSSOClient({
+  verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+});
+```
+## API
+### `createSSOClient(config): SSOClient`
+Returns an `SSOClient` with the following methods:
+#### Session
+- **`getSession(): SSOSession | null`** — Returns the current session, or `null` if expired or inactive.
+- **`clearSession(): void`** — Removes session and activity data from localStorage.
+- **`redirectToSSO(): void`** — Redirects the browser to the SSO login page with the correct callback URL.
+- **`handleSSOCallback(token: string): Promise<SSOSession | null>`** — Verifies a JWT token via the `verifyUrl` endpoint, stores the session, and returns it.
+#### Activity Tracking
+- **`touchActivity(): void`** — Records current timestamp as last activity.
+- **`startActivityTracking(): () => void`** — Listens for `pointerdown`, `keydown`, and `scroll` events (30s throttle). Returns a cleanup function.
+#### Admin Elevation
+- **`isElevated(): boolean`** — Checks if the current admin session has been elevated (re-authenticated).
+- **`elevateSession(): void`** — Redirects to SSO for re-authentication with an elevation flag.
+- **`completeElevation(): boolean`** — Call after SSO callback to finalize elevation. Returns `true` if elevation was completed.
+- **`stepDown(): void`** — Drops the elevated status.
+### Types
+```ts
+interface SSOSession {
+  userId: string;
+  name: string;
+  email: string;
+  role: string;
+  token: string;
+  expires: number;
+  elevated?: boolean;
+  elevatedUntil?: number;
+}
+```
+## Integration Pattern
+Replace your app's inline `src/lib/sso.ts` with a thin wrapper:
+```ts
+// src/lib/sso.ts
+import { createSSOClient } from '@passkeykit/sso';
+const PUSH_URL = import.meta.env.VITE_PUSH_URL || 'https://push.danieltech.dev';
+export const sso = createSSOClient({
+  verifyUrl: `${PUSH_URL}/api/auth/sso-verify`,
+  inactivityTimeout: 5 * 60 * 60 * 1000, // app-specific
+});
+// Re-export for convenience
+export type { SSOSession, SSOClient } from '@passkeykit/sso';
+```
+Then update imports:
+```diff
+- import { getSession, redirectToSSO } from '@/lib/sso';
++ import { sso } from '@/lib/sso';
++ // use sso.getSession(), sso.redirectToSSO(), etc.
+```
+Or re-export individual functions:
+```ts
+// src/lib/sso.ts
+import { createSSOClient } from '@passkeykit/sso';
+export type { SSOSession } from '@passkeykit/sso';
+const PUSH_URL = import.meta.env.VITE_PUSH_URL || 'https://push.danieltech.dev';
+const sso = createSSOClient({
+  verifyUrl: `${PUSH_URL}/api/auth/sso-verify`,
+  inactivityTimeout: 5 * 60 * 60 * 1000,
+});
+export const {
+  getSession,
+  clearSession,
+  redirectToSSO,
+  handleSSOCallback,
+  touchActivity,
+  startActivityTracking,
+  isElevated,
+  elevateSession,
+  completeElevation,
+  stepDown,
+} = sso;
+```
+This approach preserves existing import signatures so no other files need changes.
+## License
+MIT

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,79 @@
+/**
+ * @passkeykit/sso — SSO client for DanielTech satellite apps.
+ *
+ * Usage:
+ *   import { createSSOClient } from '@passkeykit/sso';
+ *   const sso = createSSOClient({ verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify' });
+ *   // or with inactivity timeout:
+ *   const sso = createSSOClient({ verifyUrl: '...', inactivityTimeout: 5 * 60 * 60 * 1000 });
+ */
+export interface SSOSession {
+    userId: string;
+    name: string;
+    email: string;
+    role: string;
+    token: string;
+    expires: number;
+    elevated?: boolean;
+    elevatedUntil?: number;
+}
+export interface SSOClientConfig {
+    /** URL of the SSO login page. Defaults to 'https://user.danieltech.dev'. */
+    ssoUrl?: string;
+    /** URL of the token verification endpoint. Required. */
+    verifyUrl: string;
+    /** Callback path on the satellite app. Defaults to '/auth/callback'. */
+    callbackPath?: string;
+    /** Absolute session duration in ms. Defaults to 30 days. */
+    sessionDuration?: number;
+    /** Inactivity timeout in ms. Set to 0 or Infinity to disable. Defaults to Infinity (disabled). */
+    inactivityTimeout?: number;
+    /** localStorage key for the session. Defaults to 'sso_session'. */
+    sessionKey?: string;
+    /** localStorage key for activity tracking. Defaults to 'sso_last_activity'. */
+    activityKey?: string;
+    /** Admin elevation duration in ms. Defaults to 15 minutes. */
+    elevationDuration?: number;
+}
+export interface SSOClient {
+    /** Get the current session, or null if expired/inactive. */
+    getSession(): SSOSession | null;
+    /** Clear the current session and activity data. */
+    clearSession(): void;
+    /** Redirect the browser to the SSO login page. */
+    redirectToSSO(): void;
+    /** Handle the SSO callback — verify token and store session. */
+    handleSSOCallback(token: string): Promise<SSOSession | null>;
+    /** Record user activity (for inactivity tracking). */
+    touchActivity(): void;
+    /** Start listening to DOM events for activity tracking. Returns cleanup fn. */
+    startActivityTracking(): () => void;
+    /** Check if the current admin session is elevated. */
+    isElevated(): boolean;
+    /** Redirect to SSO for admin elevation (re-auth). */
+    elevateSession(): void;
+    /** Complete an in-flight elevation after SSO callback. */
+    completeElevation(): boolean;
+    /** Drop admin elevation. */
+    stepDown(): void;
+    /** The resolved config. */
+    config: Required<SSOClientConfig>;
+}
+/**
+ * Create a configured SSO client instance.
+ *
+ * @example
+ * // Minimal — no inactivity timeout
+ * const sso = createSSOClient({
+ *   verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+ * });
+ *
+ * @example
+ * // With 5-hour inactivity timeout
+ * const sso = createSSOClient({
+ *   verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+ *   inactivityTimeout: 5 * 60 * 60 * 1000,
+ * });
+ */
+export declare function createSSOClient(userConfig: SSOClientConfig): SSOClient;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,4EAA4E;IAC5E,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,wDAAwD;IACxD,SAAS,EAAE,MAAM,CAAC;IAClB,wEAAwE;IACxE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,4DAA4D;IAC5D,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kGAAkG;IAClG,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,mEAAmE;IACnE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,+EAA+E;IAC/E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,8DAA8D;IAC9D,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAYD,MAAM,WAAW,SAAS;IACxB,4DAA4D;IAC5D,UAAU,IAAI,UAAU,GAAG,IAAI,CAAC;IAChC,mDAAmD;IACnD,YAAY,IAAI,IAAI,CAAC;IACrB,kDAAkD;IAClD,aAAa,IAAI,IAAI,CAAC;IACtB,gEAAgE;IAChE,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;IAC7D,sDAAsD;IACtD,aAAa,IAAI,IAAI,CAAC;IACtB,+EAA+E;IAC/E,qBAAqB,IAAI,MAAM,IAAI,CAAC;IACpC,sDAAsD;IACtD,UAAU,IAAI,OAAO,CAAC;IACtB,qDAAqD;IACrD,cAAc,IAAI,IAAI,CAAC;IACvB,0DAA0D;IAC1D,iBAAiB,IAAI,OAAO,CAAC;IAC7B,4BAA4B;IAC5B,QAAQ,IAAI,IAAI,CAAC;IACjB,2BAA2B;IAC3B,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC;CACnC;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,eAAe,GAAG,SAAS,CAuJtE"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,180 @@
+/**
+ * @passkeykit/sso — SSO client for DanielTech satellite apps.
+ *
+ * Usage:
+ *   import { createSSOClient } from '@passkeykit/sso';
+ *   const sso = createSSOClient({ verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify' });
+ *   // or with inactivity timeout:
+ *   const sso = createSSOClient({ verifyUrl: '...', inactivityTimeout: 5 * 60 * 60 * 1000 });
+ */
+const DEFAULTS = {
+    ssoUrl: "https://user.danieltech.dev",
+    callbackPath: "/auth/callback",
+    sessionDuration: 30 * 24 * 60 * 60 * 1000,
+    inactivityTimeout: Infinity,
+    sessionKey: "sso_session",
+    activityKey: "sso_last_activity",
+    elevationDuration: 15 * 60 * 1000,
+};
+/**
+ * Create a configured SSO client instance.
+ *
+ * @example
+ * // Minimal — no inactivity timeout
+ * const sso = createSSOClient({
+ *   verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+ * });
+ *
+ * @example
+ * // With 5-hour inactivity timeout
+ * const sso = createSSOClient({
+ *   verifyUrl: 'https://push.danieltech.dev/api/auth/sso-verify',
+ *   inactivityTimeout: 5 * 60 * 60 * 1000,
+ * });
+ */
+export function createSSOClient(userConfig) {
+    const cfg = {
+        ssoUrl: userConfig.ssoUrl ?? DEFAULTS.ssoUrl,
+        verifyUrl: userConfig.verifyUrl,
+        callbackPath: userConfig.callbackPath ?? DEFAULTS.callbackPath,
+        sessionDuration: userConfig.sessionDuration ?? DEFAULTS.sessionDuration,
+        inactivityTimeout: userConfig.inactivityTimeout ?? DEFAULTS.inactivityTimeout,
+        sessionKey: userConfig.sessionKey ?? DEFAULTS.sessionKey,
+        activityKey: userConfig.activityKey ?? DEFAULTS.activityKey,
+        elevationDuration: userConfig.elevationDuration ?? DEFAULTS.elevationDuration,
+    };
+    function getSession() {
+        try {
+            const raw = localStorage.getItem(cfg.sessionKey);
+            if (!raw)
+                return null;
+            const session = JSON.parse(raw);
+            // Absolute expiry
+            if (Date.now() > session.expires) {
+                clearSession();
+                return null;
+            }
+            // Inactivity check
+            if (cfg.inactivityTimeout !== Infinity && cfg.inactivityTimeout > 0) {
+                const last = localStorage.getItem(cfg.activityKey);
+                if (last && Date.now() - Number(last) > cfg.inactivityTimeout) {
+                    clearSession();
+                    return null;
+                }
+            }
+            return session;
+        }
+        catch {
+            clearSession();
+            return null;
+        }
+    }
+    function clearSession() {
+        localStorage.removeItem(cfg.sessionKey);
+        localStorage.removeItem(cfg.activityKey);
+    }
+    function redirectToSSO() {
+        const callbackUrl = `${globalThis.location.origin}${cfg.callbackPath}`;
+        const loginUrl = `${cfg.ssoUrl}/login?callbackUrl=${encodeURIComponent(callbackUrl)}`;
+        globalThis.location.href = loginUrl;
+    }
+    async function handleSSOCallback(token) {
+        try {
+            const resp = await fetch(cfg.verifyUrl, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify({ token }),
+            });
+            if (!resp.ok)
+                return null;
+            const data = await resp.json();
+            if (!data.valid || !data.user)
+                return null;
+            const session = {
+                userId: data.user.id,
+                name: data.user.name,
+                email: data.user.email,
+                role: data.user.role || "member",
+                token,
+                expires: Date.now() + cfg.sessionDuration,
+            };
+            localStorage.setItem(cfg.sessionKey, JSON.stringify(session));
+            return session;
+        }
+        catch {
+            return null;
+        }
+    }
+    function touchActivity() {
+        localStorage.setItem(cfg.activityKey, String(Date.now()));
+    }
+    function startActivityTracking() {
+        let timer = null;
+        const handler = () => {
+            if (timer)
+                return;
+            timer = setTimeout(() => { timer = null; }, 30000);
+            touchActivity();
+        };
+        touchActivity();
+        globalThis.addEventListener("pointerdown", handler);
+        globalThis.addEventListener("keydown", handler);
+        globalThis.addEventListener("scroll", handler, { passive: true });
+        return () => {
+            globalThis.removeEventListener("pointerdown", handler);
+            globalThis.removeEventListener("keydown", handler);
+            globalThis.removeEventListener("scroll", handler);
+        };
+    }
+    // ── Admin elevation ──────────────────────────────────────────────────
+    function isElevated() {
+        const session = getSession();
+        if (!session || session.role !== "admin")
+            return false;
+        return !!(session.elevated && session.elevatedUntil && Date.now() < session.elevatedUntil);
+    }
+    function elevateSession() {
+        const session = getSession();
+        if (!session || session.role !== "admin")
+            return;
+        localStorage.setItem("sso_elevate_pending", "true");
+        const callbackUrl = `${globalThis.location.origin}${cfg.callbackPath}`;
+        const loginUrl = `${cfg.ssoUrl}/login?callbackUrl=${encodeURIComponent(callbackUrl)}`;
+        globalThis.location.href = loginUrl;
+    }
+    function completeElevation() {
+        const pending = localStorage.getItem("sso_elevate_pending");
+        localStorage.removeItem("sso_elevate_pending");
+        if (!pending)
+            return false;
+        const session = getSession();
+        if (!session || session.role !== "admin")
+            return false;
+        session.elevated = true;
+        session.elevatedUntil = Date.now() + cfg.elevationDuration;
+        localStorage.setItem(cfg.sessionKey, JSON.stringify(session));
+        return true;
+    }
+    function stepDown() {
+        const session = getSession();
+        if (!session)
+            return;
+        session.elevated = false;
+        session.elevatedUntil = undefined;
+        localStorage.setItem(cfg.sessionKey, JSON.stringify(session));
+    }
+    return {
+        getSession,
+        clearSession,
+        redirectToSSO,
+        handleSSOCallback,
+        touchActivity,
+        startActivityTracking,
+        isElevated,
+        elevateSession,
+        completeElevation,
+        stepDown,
+        config: cfg,
+    };
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgCH,MAAM,QAAQ,GAAG;IACf,MAAM,EAAE,6BAA6B;IACrC,YAAY,EAAE,gBAAgB;IAC9B,eAAe,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI;IACzC,iBAAiB,EAAE,QAAQ;IAC3B,UAAU,EAAE,aAAa;IACzB,WAAW,EAAE,mBAAmB;IAChC,iBAAiB,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI;CACzB,CAAC;AA2BX;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,eAAe,CAAC,UAA2B;IACzD,MAAM,GAAG,GAA8B;QACrC,MAAM,EAAE,UAAU,CAAC,MAAM,IAAI,QAAQ,CAAC,MAAM;QAC5C,SAAS,EAAE,UAAU,CAAC,SAAS;QAC/B,YAAY,EAAE,UAAU,CAAC,YAAY,IAAI,QAAQ,CAAC,YAAY;QAC9D,eAAe,EAAE,UAAU,CAAC,eAAe,IAAI,QAAQ,CAAC,eAAe;QACvE,iBAAiB,EAAE,UAAU,CAAC,iBAAiB,IAAI,QAAQ,CAAC,iBAAiB;QAC7E,UAAU,EAAE,UAAU,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU;QACxD,WAAW,EAAE,UAAU,CAAC,WAAW,IAAI,QAAQ,CAAC,WAAW;QAC3D,iBAAiB,EAAE,UAAU,CAAC,iBAAiB,IAAI,QAAQ,CAAC,iBAAiB;KAC9E,CAAC;IAEF,SAAS,UAAU;QACjB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACjD,IAAI,CAAC,GAAG;gBAAE,OAAO,IAAI,CAAC;YACtB,MAAM,OAAO,GAAe,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE5C,kBAAkB;YAClB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;gBACjC,YAAY,EAAE,CAAC;gBACf,OAAO,IAAI,CAAC;YACd,CAAC;YAED,mBAAmB;YACnB,IAAI,GAAG,CAAC,iBAAiB,KAAK,QAAQ,IAAI,GAAG,CAAC,iBAAiB,GAAG,CAAC,EAAE,CAAC;gBACpE,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACnD,IAAI,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,iBAAiB,EAAE,CAAC;oBAC9D,YAAY,EAAE,CAAC;oBACf,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAED,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,YAAY,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,SAAS,YAAY;QACnB,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACxC,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC3C,CAAC;IAED,SAAS,aAAa;QACpB,MAAM,WAAW,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;QACvE,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,MAAM,sBAAsB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;QACtF,UAAU,CAAC,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC;IACtC,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,KAAa;QAC5C,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE;gBACtC,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;gBAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC;aAChC,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,CAAC,EAAE;gBAAE,OAAO,IAAI,CAAC;YAE1B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,IAAI;gBAAE,OAAO,IAAI,CAAC;YAE3C,MAAM,OAAO,GAAe;gBAC1B,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE;gBACpB,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI;gBACpB,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;gBACtB,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,QAAQ;gBAChC,KAAK;gBACL,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,eAAe;aAC1C,CAAC;YAEF,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9D,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,SAAS,aAAa;QACpB,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC;IAED,SAAS,qBAAqB;QAC5B,IAAI,KAAK,GAAyC,IAAI,CAAC;QACvD,MAAM,OAAO,GAAG,GAAG,EAAE;YACnB,IAAI,KAAK;gBAAE,OAAO;YAClB,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,KAAM,CAAC,CAAC;YACpD,aAAa,EAAE,CAAC;QAClB,CAAC,CAAC;QACF,aAAa,EAAE,CAAC;QAChB,UAAU,CAAC,gBAAgB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACpD,UAAU,CAAC,gBAAgB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAChD,UAAU,CAAC,gBAAgB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAClE,OAAO,GAAG,EAAE;YACV,UAAU,CAAC,mBAAmB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YACvD,UAAU,CAAC,mBAAmB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACnD,UAAU,CAAC,mBAAmB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACpD,CAAC,CAAC;IACJ,CAAC;IAED,wEAAwE;IAExE,SAAS,UAAU;QACjB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO;YAAE,OAAO,KAAK,CAAC;QACvD,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,aAAa,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;IAC7F,CAAC;IAED,SAAS,cAAc;QACrB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO;YAAE,OAAO;QACjD,YAAY,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;QACpD,MAAM,WAAW,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;QACvE,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,MAAM,sBAAsB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;QACtF,UAAU,CAAC,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC;IACtC,CAAC;IAED,SAAS,iBAAiB;QACxB,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;QAC5D,YAAY,CAAC,UAAU,CAAC,qBAAqB,CAAC,CAAC;QAC/C,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC3B,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO;YAAE,OAAO,KAAK,CAAC;QACvD,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;QACxB,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,iBAAiB,CAAC;QAC3D,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,SAAS,QAAQ;QACf,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO;YAAE,OAAO;QACrB,OAAO,CAAC,QAAQ,GAAG,KAAK,CAAC;QACzB,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC;QAClC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,OAAO;QACL,UAAU;QACV,YAAY;QACZ,aAAa;QACb,iBAAiB;QACjB,aAAa;QACb,qBAAqB;QACrB,UAAU;QACV,cAAc;QACd,iBAAiB;QACjB,QAAQ;QACR,MAAM,EAAE,GAAG;KACZ,CAAC;AACJ,CAAC"}

package/package.json ADDED Viewed

@@ -0,0 +1,32 @@
+{
+  "name": "@passkeykit/sso",
+  "version": "1.0.0",
+  "description": "SSO client for DanielTech satellite apps — session management, activity tracking, and admin elevation",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": ["dist", "README.md"],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/dnldev/passkey-kit.git",
+    "directory": "packages/sso"
+  },
+  "keywords": ["sso", "passkey", "webauthn", "session", "authentication"],
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "devDependencies": {
+    "typescript": "^5.9.3"
+  }
+}