@passlock/client 0.9.0

package/src/event/event.ts

@@ -0,0 +1,25 @@
+/**
+ * Fire DOM events
+ */
+import { InternalBrowserError } from '@passlock/shared/dist/error/error'
+import { Effect } from 'effect'
+
+
+export const DebugMessage = 'PasslogDebugMessage'
+
+export const fireEvent = (message: string) => {
+  return Effect.try({
+    try: () => {
+      const evt = new CustomEvent(DebugMessage, { detail: message })
+      globalThis.dispatchEvent(evt)
+    },
+    catch: () => {
+      return new InternalBrowserError({ message: 'Unable to fire custom event' })
+    },
+  })
+}
+
+export function isPasslockEvent(event: Event): event is CustomEvent {
+  if (event.type !== DebugMessage) return false
+  return 'detail' in event
+}

package/src/index.ts

@@ -0,0 +1,275 @@
+import type {
+  BadRequest,
+  Disabled,
+  Duplicate,
+  Forbidden,
+  NotFound,
+  NotSupported,
+  Unauthorized,
+} from '@passlock/shared/dist/error/error'
+import { RpcConfig } from '@passlock/shared/dist/rpc/rpc'
+import { Effect as E, Layer as L, Layer, Option, Runtime, Scope, pipe } from 'effect'
+import { type AuthenticationRequest, AuthenticationService } from './authentication/authenticate'
+import { Capabilities } from './capabilities/capabilities'
+import { ConnectionService } from './connection/connection'
+import { allRequirements } from './effect'
+import { EmailService, type VerifyRequest } from './email/email'
+import { type RegistrationRequest, RegistrationService } from './registration/register'
+import { type AuthType, Storage, StorageService } from './storage/storage'
+import { type Email, UserService } from './user/user'
+import { ErrorCode } from '@passlock/shared/dist/error/error'
+export { ErrorCode } from '@passlock/shared/dist/error/error'
+
+export class PasslockError extends Error {
+  readonly _tag = 'PasslockError'
+  readonly code: ErrorCode
+
+  constructor(message: string, code: ErrorCode) {
+    super(message)
+    this.code = code
+  }
+
+  static readonly isError = (error: unknown): error is PasslockError => {
+    return (
+      typeof error === 'object' &&
+      error !== null &&
+      '_tag' in error &&
+      error['_tag'] === 'PasslockError'
+    )
+  }
+}
+
+type PasslockErrors =
+  | BadRequest
+  | NotSupported
+  | Duplicate
+  | Unauthorized
+  | Forbidden
+  | Disabled
+  | NotFound
+
+const hasMessage = (defect: unknown): defect is { message: string } => {
+  return (
+    typeof defect === 'object' &&
+    defect !== null &&
+    'message' in defect &&
+    typeof defect['message'] === 'string'
+  )
+}
+
+const transformErrors = <A, R>(
+  effect: E.Effect<A, PasslockErrors, R>,
+): E.Effect<A | PasslockError, never, R> => {
+  const withErrorHandling = E.catchTags(effect, {
+    NotSupported: e => E.succeed(new PasslockError(e.message, ErrorCode.NotSupported)),
+    BadRequest: e => E.succeed(new PasslockError(e.message, ErrorCode.BadRequest)),
+    Duplicate: e => E.succeed(new PasslockError(e.message, ErrorCode.Duplicate)),
+    Unauthorized: e => E.succeed(new PasslockError(e.message, ErrorCode.Unauthorized)),
+    Forbidden: e => E.succeed(new PasslockError(e.message, ErrorCode.Forbidden)),
+    Disabled: e => E.succeed(new PasslockError(e.message, ErrorCode.Disabled)),
+    NotFound: e => E.succeed(new PasslockError(e.message, ErrorCode.NotFound)),
+  })
+
+  const sandboxed = E.sandbox(withErrorHandling)
+
+  const withSandboxing = E.catchTags(sandboxed, {
+    Die: ({ defect }) => {
+      return hasMessage(defect)
+        ? E.succeed(new PasslockError(defect.message, ErrorCode.InternalServerError))
+        : E.succeed(new PasslockError('Sorry, something went wrong', ErrorCode.InternalServerError))
+    },
+
+    Interrupt: () => {
+      return E.succeed(new PasslockError('Operation aborted', ErrorCode.InternalBrowserError))
+    },
+
+    Sequential: errors => {
+      console.error(errors)
+      return E.succeed(new PasslockError('Sorry, something went wrong', ErrorCode.InternalServerError))
+    },
+
+    Parallel: errors => {
+      console.error(errors)
+      return E.succeed(new PasslockError('Sorry, something went wrong', ErrorCode.InternalServerError))
+    },
+  })
+
+  return E.unsandbox(withSandboxing)
+}
+
+type Requirements =
+  | UserService
+  | RegistrationService
+  | AuthenticationService
+  | ConnectionService
+  | EmailService
+  | StorageService
+  | Capabilities
+
+export class Passlock {
+  private readonly runtime: Runtime.Runtime<Requirements>
+
+  constructor(config: { tenancyId: string; clientId: string; endpoint: string }) {
+    const rpcConfig = Layer.succeed(RpcConfig, RpcConfig.of(config))
+    const storage = Layer.succeed(Storage, Storage.of(globalThis.localStorage))
+    const allLayers = pipe(allRequirements, L.provide(rpcConfig), L.provide(storage))
+    const scope = E.runSync(Scope.make())
+    this.runtime = E.runSync(Layer.toRuntime(allLayers).pipe(Scope.extend(scope)))
+  }
+
+  private readonly runPromise = <A, R extends Requirements>(
+    effect: E.Effect<A, PasslockErrors, R>,
+  ) => {
+    return pipe(
+      transformErrors(effect),
+      E.flatMap(result => (PasslockError.isError(result) ? E.fail(result) : E.succeed(result))),
+      effect => Runtime.runPromise(this.runtime)(effect),
+    )
+  }
+
+  preConnect = () =>
+    pipe(
+      ConnectionService,
+      E.flatMap(service => service.preConnect()),
+      effect => Runtime.runPromise(this.runtime)(effect),
+    )
+
+  isPasskeySupport = () =>
+    pipe(
+      Capabilities,
+      E.flatMap(service => service.isPasskeySupport),
+      effect => Runtime.runPromise(this.runtime)(effect),
+    )
+
+  isExistingPasskey = (email: Email) =>
+    pipe(
+      UserService,
+      E.flatMap(service => service.isExistingUser(email)),
+      effect => this.runPromise(effect),
+    )
+
+  registerPasskey = (request: RegistrationRequest) =>
+    pipe(
+      RegistrationService,
+      E.flatMap(service => service.registerPasskey(request)),
+      effect => this.runPromise(effect),
+    )
+
+  authenticatePasskey = (request: AuthenticationRequest) =>
+    pipe(
+      AuthenticationService,
+      E.flatMap(service => service.authenticatePasskey(request)),
+      effect => this.runPromise(effect),
+    )
+
+  verifyEmailCode = (request: VerifyRequest) =>
+    pipe(
+      EmailService,
+      E.flatMap(service => service.verifyEmailCode(request)),
+      effect => this.runPromise(effect),
+    )
+
+  verifyEmailLink = () =>
+    pipe(
+      EmailService,
+      E.flatMap(service => service.verifyEmailLink()),
+      effect => this.runPromise(effect),
+    )
+
+  getSessionToken = (authType: AuthType) =>
+    pipe(
+      StorageService,
+      E.flatMap(service => service.getToken(authType).pipe(effect => E.option(effect))),
+      E.map(Option.getOrUndefined),
+      effect => Runtime.runSync(this.runtime)(effect)
+    )
+
+  clearExpiredTokens = () =>
+    pipe(
+      StorageService,
+      E.flatMap(service => service.clearExpiredTokens),
+      effect => Runtime.runPromise(this.runtime)(effect)
+    )
+}
+
+export class PasslockSafe {
+  private readonly runtime: Runtime.Runtime<Requirements>
+
+  constructor(config: { tenancyId: string; clientId: string; endpoint: string }) {
+    const rpcConfig = Layer.succeed(RpcConfig, RpcConfig.of(config))
+    const storage = Layer.succeed(Storage, Storage.of(globalThis.localStorage))
+    const allLayers = pipe(allRequirements, L.provide(rpcConfig), L.provide(storage))
+    const scope = E.runSync(Scope.make())
+    this.runtime = E.runSync(Layer.toRuntime(allLayers).pipe(Scope.extend(scope)))
+  }
+
+  private readonly runPromise = <A, R extends Requirements>(
+    effect: E.Effect<A, PasslockErrors, R>,
+  ) => {
+    return pipe(transformErrors(effect), effect => Runtime.runPromise(this.runtime)(effect))
+  }
+
+  isPasskeySupport = () =>
+    pipe(
+      Capabilities,
+      E.flatMap(service => service.isPasskeySupport),
+      effect => Runtime.runPromise(this.runtime)(effect),
+    )
+
+  preConnect = () =>
+    pipe(
+      ConnectionService,
+      E.flatMap(service => service.preConnect()),
+      effect => this.runPromise(effect),
+    )
+
+  isExistingPasskey = (email: Email) =>
+    pipe(
+      UserService,
+      E.flatMap(service => service.isExistingUser(email)),
+      effect => this.runPromise(effect),
+    )
+
+  registerPasskey = (request: RegistrationRequest) =>
+    pipe(
+      RegistrationService,
+      E.flatMap(service => service.registerPasskey(request)),
+      effect => this.runPromise(effect),
+    )
+
+  authenticatePasskey = (request: AuthenticationRequest = {}) =>
+    pipe(
+      AuthenticationService,
+      E.flatMap(service => service.authenticatePasskey(request)),
+      effect => this.runPromise(effect),
+    )
+
+  verifyEmailCode = (request: VerifyRequest) =>
+    pipe(
+      EmailService,
+      E.flatMap(service => service.verifyEmailCode(request)),
+      effect => this.runPromise(effect),
+    )
+
+  verifyEmailLink = () =>
+    pipe(
+      EmailService,
+      E.flatMap(service => service.verifyEmailLink()),
+      effect => this.runPromise(effect),
+    )
+
+  getSessionToken = (authType: AuthType) =>
+    pipe(
+      StorageService,
+      E.flatMap(service => service.getToken(authType).pipe(effect => E.option(effect))),
+      E.map(maybeToken => Option.getOrUndefined(maybeToken)),
+      effect => Runtime.runSync(this.runtime)(effect)
+    )
+
+  clearExpiredTokens = () =>
+    pipe(
+      StorageService,
+      E.flatMap(service => service.clearExpiredTokens),
+      effect => Runtime.runPromise(this.runtime)(effect)
+    )
+}

package/src/logging/eventLogger.test.ts

@@ -0,0 +1,102 @@
+import { Effect as E, LogLevel, Logger } from 'effect'
+import { describe, expect, test, vi } from 'vitest'
+import { eventLoggerLive, logRaw } from './eventLogger'
+
+/**
+ * Although the core log functionality is tested alongside the logger in the @passlock/shared
+ * package, those tests deliberately exclude the event dispatch elements as the package
+ * is intended to be agnostic to the runtime environment. This client package however is
+ * intented to be run in the browser, so we can plugin a real event dispatcher and ensure
+ * it's working as expected.
+ */
+
+describe('log', () => {
+  test('log DEBUG to the console', () => {
+    const logStatement = E.logDebug('hello world')
+
+    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
+    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Debug))
+
+    const effect = E.provide(withLogLevel, eventLoggerLive)
+    E.runSync(effect)
+
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('DEBUG'))
+  })
+
+  test('log INFO to the console', () => {
+    const logStatement = E.logInfo('hello world')
+
+    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
+    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Info))
+
+    const effect = E.provide(withLogLevel, eventLoggerLive)
+    E.runSync(effect)
+
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('INFO'))
+  })
+
+  test('log WARN to the console', () => {
+    const logStatement = E.logWarning('hello world')
+
+    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
+    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Warning))
+
+    const effect = E.provide(withLogLevel, eventLoggerLive)
+    E.runSync(effect)
+
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('WARN'))
+  })
+
+  test('log ERROR to the console', () => {
+    const logStatement = E.logError('hello world')
+
+    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
+    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Error))
+
+    const effect = E.provide(withLogLevel, eventLoggerLive)
+    E.runSync(effect)
+
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('ERROR'))
+  })
+
+  test('log raw data to the console', () => {
+    const logStatement = logRaw('hello world')
+    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
+
+    E.runSync(logStatement)
+
+    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
+  })
+
+  test('fire a custom log event', () => {
+    const logStatement = E.logWarning('hello world')
+
+    const eventSpy = vi.spyOn(globalThis, 'dispatchEvent').mockImplementation(() => false)
+    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Warning))
+
+    const effect = E.provide(withLogLevel, eventLoggerLive)
+    E.runSync(effect)
+
+    const expectedEvent = new CustomEvent('PasslogDebugMessage', {
+      detail: 'hello world',
+    })
+
+    expect(eventSpy).toHaveBeenCalledWith(expectedEvent)
+  })
+
+  test('not fire a log event for a debug message', () => {
+    const logStatement = E.logDebug('hello world')
+
+    const eventSpy = vi.spyOn(globalThis, 'dispatchEvent').mockImplementation(() => false)
+    const withDebugLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Debug))
+
+    const effect = E.provide(withDebugLevel, eventLoggerLive)
+    E.runSync(effect)
+
+    expect(eventSpy).not.toHaveBeenCalled()
+  })
+})

package/src/logging/eventLogger.ts

@@ -0,0 +1,35 @@
+/**
+ * Logger implementation that also fires DOM events.
+ * This is useful to allow external code to plug into the logging
+ * mechanism. E.g. the Passlock demo subscribes to events to generate
+ * a typewriter style effect
+ */
+import { Effect as E, LogLevel, Logger } from 'effect'
+
+/**
+ * Some log messages span multiple lines/include json etc which is
+ * better output without being formatted by Effect's logging framework
+ *
+ * @param message
+ * @returns
+ */
+export const logRaw = <T>(message: T) => {
+  return E.sync(() => {
+    console.log(message)
+  })
+}
+
+export const DebugMessage = 'PasslogDebugMessage'
+
+export const eventLoggerLive = Logger.add(
+  Logger.make(options => {
+    if (typeof options.message === 'string' && options.logLevel !== LogLevel.Debug) {
+      try {
+        const evt = new CustomEvent(DebugMessage, { detail: options.message })
+        globalThis.dispatchEvent(evt)
+      } catch (e) {
+        globalThis.console.log('Unable to fire custom event')
+      }
+    }
+  }),
+)

package/src/registration/register.fixture.ts

@@ -0,0 +1,94 @@
+import { BadRequest } from '@passlock/shared/dist/error/error'
+import {
+  OptionsReq,
+  OptionsRes,
+  VerificationReq,
+  VerificationRes,
+} from '@passlock/shared/dist/rpc/registration'
+import { RpcClient } from '@passlock/shared/dist/rpc/rpc'
+import type { RegistrationCredential } from '@passlock/shared/dist/schema/schema'
+import { Effect as E, Layer as L } from 'effect'
+import { CreateCredential, type RegistrationRequest } from './register'
+import * as Fixtures from '../test/fixtures'
+import { UserService } from '../user/user'
+
+
+export const session = 'session'
+export const token = 'token'
+export const code = 'code'
+export const authType = 'passkey'
+export const expireAt = Date.now() + 10000
+
+export const registrationRequest: RegistrationRequest = {
+  email: 'jdoe@gmail.com',
+  firstName: 'john',
+  lastName: 'doe',
+}
+
+export const optionsReq = new OptionsReq(registrationRequest)
+
+export const registrationOptions: OptionsRes = {
+  session,
+  publicKey: {
+    rp: {
+      name: 'passlock',
+      id: 'passlock.dev',
+    },
+    user: {
+      name: 'john doe',
+      id: 'jdoe',
+      displayName: 'john doe',
+    },
+    challenge: 'FKZSl_saKu5OXjLLwoq8eK3wlD8XgpGiS10SszW5RiE',
+    pubKeyCredParams: [],
+  },
+}
+
+export const optionsRes = new OptionsRes(registrationOptions)
+
+export const credential: RegistrationCredential = {
+  type: 'public-key',
+  id: '1',
+  rawId: '1',
+  response: {
+    transports: [],
+    clientDataJSON: '',
+    attestationObject: '',
+  },
+  clientExtensionResults: {},
+}
+
+export const verificationReq = new VerificationReq({ session, credential })
+
+export const verificationRes = new VerificationRes({ principal: Fixtures.principal })
+
+export const createCredentialTest = L.succeed(
+  CreateCredential,
+  CreateCredential.of(() => E.succeed(credential)),
+)
+
+export const userServiceTest = L.succeed(
+  UserService,
+  UserService.of({
+    isExistingUser: () => E.succeed(false),
+  }),
+)
+
+export const rpcClientTest = L.succeed(
+  RpcClient,
+  RpcClient.of({
+    preConnect: () => E.succeed({ warmed: true }),
+    isExistingUser: () => E.succeed({ existingUser: true }),
+    verifyEmail: () => E.succeed({ verified: true }),
+    getRegistrationOptions: () => E.succeed(optionsRes),
+    verifyRegistrationCredential: () => E.succeed(verificationRes),
+    getAuthenticationOptions: () => E.fail(new BadRequest({ message: 'Not implemeneted' })),
+    verifyAuthenticationCredential: () => E.succeed({ principal: Fixtures.principal }),
+  }),
+)
+
+export const principal = Fixtures.principal
+
+export const capabilitiesTest = Fixtures.capabilitiesTest
+
+export const storageServiceTest = Fixtures.storageServiceTest