@passlock/client 0.9.22 → 0.9.23

package/src/connection/connection.test.ts

@@ -1,9 +1,9 @@
-import { RpcConfig } from '@passlock/shared/dist/rpc/config.js'
-import { ConnectionClient } from '@passlock/shared/dist/rpc/connection.js'
-import { Dispatcher } from '@passlock/shared/dist/rpc/dispatcher.js'
 import { Effect as E, Layer as L, Layer, LogLevel, Logger, pipe } from 'effect'
 import { describe, expect, test } from 'vitest'
 import { mock } from 'vitest-mock-extended'
+import { Dispatcher } from '../rpc/client.js'
+import { RpcConfig } from '../rpc/config.js'
+import { ConnectionClient } from '../rpc/connection.js'
 import * as Fixture from './connection.fixture.js'
 import { ConnectionService, ConnectionServiceLive } from './connection.js'
 

package/src/connection/connection.ts

@@ -1,18 +1,19 @@
 /**
  * Hits the rpc endpoint to warm up a lambda
  */
-import type { RpcConfig } from '@passlock/shared/dist/rpc/config.js'
-import { ConnectionClient } from '@passlock/shared/dist/rpc/connection.js'
-import { Dispatcher } from '@passlock/shared/dist/rpc/dispatcher.js'
 import { Context, Effect as E, Layer, flow, pipe } from 'effect'
+import { Dispatcher } from '../rpc/client.js'
+import type { RpcConfig } from '../rpc/config.js'
+import { ConnectionClient } from '../rpc/connection.js'
 
 /* Service */
 
-export type ConnectionService = {
-  preConnect: () => E.Effect<void>
-}
-
-export const ConnectionService = Context.GenericTag<ConnectionService>('@services/ConnectService')
+export class ConnectionService extends Context.Tag('@services/ConnectionService')<
+  ConnectionService,
+  {
+    preConnect: () => E.Effect<void>
+  }
+>() {}
 
 /* Effects */
 

package/src/effect.ts

@@ -1,115 +1,132 @@
 import { create, get as getCredential } from '@github/webauthn-json/browser-ponyfill'
 
-import { AuthenticationClientLive } from '@passlock/shared/dist/rpc/authentication.js'
-import { ConnectionClientLive } from '@passlock/shared/dist/rpc/connection.js'
-import { RegistrationClientLive } from '@passlock/shared/dist/rpc/registration.js'
-import { SocialClientLive } from '@passlock/shared/dist/rpc/social.js'
-import { UserClientLive } from '@passlock/shared/dist/rpc/user.js'
-
 import {
+  type BadRequest,
   Duplicate,
   InternalBrowserError,
-  type BadRequest,
-  type Disabled,
-  type Forbidden,
-  type NotFound,
-  type NotSupported,
-  type Unauthorized,
 } from '@passlock/shared/dist/error/error.js'
 
+import { AuthenticationClientLive } from './rpc/authentication.js'
+import { DispatcherLive } from './rpc/client.js'
+import type { RpcConfig } from './rpc/config.js'
+import { RetrySchedule } from './rpc/config.js'
+import { ConnectionClientLive } from './rpc/connection.js'
+import { RegistrationClientLive } from './rpc/registration.js'
+import { SocialClientLive } from './rpc/social.js'
+import { UserClientLive } from './rpc/user.js'
+
 import type { Principal } from '@passlock/shared/dist/schema/principal.js'
 
-import { Context, Effect as E, Layer as L, Layer, Schedule, pipe } from 'effect'
+import { Effect as E, Layer as L, Layer, Schedule, pipe } from 'effect'
 import type { NoSuchElementException } from 'effect/Cause'
 
 import {
   AuthenticateServiceLive,
+  type AuthenticationErrors,
+  type AuthenticationRequest,
   AuthenticationService,
   GetCredential,
-  type AuthenticationRequest,
 } from './authentication/authenticate.js'
 
-import { capabilitiesLive } from './capabilities/capabilities.js'
+import { Capabilities, capabilitiesLive } from './capabilities/capabilities.js'
 import { ConnectionService, ConnectionServiceLive } from './connection/connection.js'
-import { EmailService, EmailServiceLive, URLQueryString, type VerifyRequest } from './email/email.js'
+import {
+  EmailService,
+  EmailServiceLive,
+  URLQueryString,
+  type VerifyEmailErrors,
+  type VerifyRequest,
+} from './email/email.js'
 
 import {
   CreateCredential,
+  type RegistrationErrors,
+  type RegistrationRequest,
   RegistrationService,
   RegistrationServiceLive,
-  type RegistrationRequest,
 } from './registration/register.js'
 
 import {
-  Storage,
+  type AuthenticateOidcReq,
+  type AuthenticationErrors as OidcAuthenticationErrors,
+  type RegistrationErrors as OidcRegistrationErrors,
+  type RegisterOidcReq,
+  SocialService,
+  SocialServiceLive,
+} from './social/social.js'
+import {
+  type AuthType,
+  BrowserStorage,
   StorageService,
   StorageServiceLive,
-  type AuthType,
   type StoredToken,
 } from './storage/storage.js'
 
-import { RetrySchedule, RpcConfig } from '@passlock/shared/dist/rpc/config.js'
-import { DispatcherLive } from '@passlock/shared/dist/rpc/dispatcher.js'
-import { SocialService, SocialServiceLive, type RegisterOidcReq } from './social/social.js'
-import { UserService, UserServiceLive, type Email } from './user/user.js'
+import {
+  type Email,
+  type ResendEmail,
+  type ResendEmailErrors,
+  UserService,
+  UserServiceLive,
+} from './user/user.js'
 
 /* Layers */
 
 const createCredentialLive = L.succeed(
   CreateCredential,
-  CreateCredential.of((options: CredentialCreationOptions) =>
-    pipe(
-      E.tryPromise({
-        try: () => create(options),
-        catch: e => {
-          if (e instanceof Error && e.message.includes('excludeCredentials')) {
-            return new Duplicate({
-              message: 'Passkey already registered to this device or cloud account',
-            })
-          } else {
-            return new InternalBrowserError({
-              message: 'Unable to create credential',
-              detail: String(e),
-            })
-          }
-        },
-      }),
-      E.map(credential => credential.toJSON())
-    ),
-  ),
+  CreateCredential.of({
+    createCredential: options =>
+      pipe(
+        E.tryPromise({
+          try: () => create(options),
+          catch: e => {
+            if (e instanceof Error && e.message.includes('excludeCredentials')) {
+              return new Duplicate({
+                message: 'Passkey already registered to this device or cloud account',
+              })
+            } else {
+              return new InternalBrowserError({
+                message: 'Unable to create credential',
+                detail: String(e),
+              })
+            }
+          },
+        }),
+        E.map(credential => credential.toJSON()),
+      ),
+  }),
 )
 
 const getCredentialLive = L.succeed(
   GetCredential,
-  GetCredential.of((options: CredentialRequestOptions) =>
-    pipe(
-      E.tryPromise({
-        try: () => getCredential(options),
-        catch: e =>
-          new InternalBrowserError({
-            message: 'Unable to get authentication credential',
-            detail: String(e),
-          }),
-      }),
-      E.map(credential => credential.toJSON()),
-    ),
-  ),
+  GetCredential.of({
+    getCredential: (options: CredentialRequestOptions) =>
+      pipe(
+        E.tryPromise({
+          try: () => getCredential(options),
+          catch: e =>
+            new InternalBrowserError({
+              message: 'Unable to get authentication credential',
+              detail: String(e),
+            }),
+        }),
+        E.map(credential => credential.toJSON()),
+      ),
+  }),
 )
 
 const schedule = Schedule.intersect(Schedule.recurs(3), Schedule.exponential('100 millis'))
 
 const retryScheduleLive = L.succeed(RetrySchedule, RetrySchedule.of({ schedule }))
 
-/* RPC Clients */
+/* Services */
 const dispatcherLive = pipe(DispatcherLive, L.provide(retryScheduleLive))
 const connectClientLive = pipe(ConnectionClientLive, L.provide(dispatcherLive))
 const registerClientLive = pipe(RegistrationClientLive, L.provide(dispatcherLive))
 const authenticateClientLive = pipe(AuthenticationClientLive, L.provide(dispatcherLive))
 const socialClientLive = pipe(SocialClientLive, L.provide(dispatcherLive))
 const userClientLive = pipe(UserClientLive, L.provide(dispatcherLive))
-
 const storageServiceLive = StorageServiceLive
-
 const userServiceLive = pipe(UserServiceLive, L.provide(userClientLive))
 
 const registrationServiceLive = pipe(
@@ -149,10 +166,7 @@ const emailServiceLive = pipe(
   L.provide(storageServiceLive),
 )
 
-const socialServiceLive = pipe(
-  SocialServiceLive,
-  L.provide(socialClientLive),
-)
+const socialServiceLive = pipe(SocialServiceLive, L.provide(socialClientLive))
 
 export const allRequirements = Layer.mergeAll(
   capabilitiesLive,
@@ -165,98 +179,75 @@ export const allRequirements = Layer.mergeAll(
   socialServiceLive,
 )
 
-export class Config extends Context.Tag('Config')<
-  Config,
-  {
-    tenancyId: string
-    clientId: string
-    endpoint?: string
-  }
->() {}
-
-const storageLive = Layer.effect(
-  Storage,
-  E.sync(() => Storage.of(globalThis.localStorage)),
+const browserStorageLive = Layer.effect(
+  BrowserStorage,
+  E.sync(() => BrowserStorage.of(globalThis.localStorage)),
 )
 
-const exchangeConfig = <A, E>(effect: E.Effect<A, E, RpcConfig | Storage>) => {
-  return pipe(
-    Config,
-    E.flatMap(config => E.provideService(effect, RpcConfig, RpcConfig.of(config))),
-    effect => E.provide(effect, storageLive),
-  )
-}
-
-export const preConnect = (): E.Effect<void, never, Config> =>
+export const preConnect = (): E.Effect<void, never, RpcConfig> =>
   pipe(
     ConnectionService,
     E.flatMap(service => service.preConnect()),
     E.provide(connectionServiceLive),
-    exchangeConfig,
   )
 
-export const isRegistered = (email: Email): E.Effect<boolean, BadRequest, Config> =>
+export const isPasskeySupport: E.Effect<boolean> = pipe(
+  Capabilities,
+  E.flatMap(service => service.isPasskeySupport),
+  E.provide(capabilitiesLive),
+)
+
+export const isExistingUser = (request: Email): E.Effect<boolean, BadRequest, RpcConfig> =>
   pipe(
     UserService,
-    E.flatMap(service => service.isExistingUser(email)),
+    E.flatMap(service => service.isExistingUser(request)),
     E.provide(userServiceLive),
-    exchangeConfig,
   )
 
-export type RegistrationErrors = NotSupported | BadRequest | Duplicate | Unauthorized | Forbidden
-
 export const registerPasskey = (
   request: RegistrationRequest,
-): E.Effect<Principal, RegistrationErrors, Config> =>
+): E.Effect<Principal, RegistrationErrors, RpcConfig> =>
   pipe(
     RegistrationService,
     E.flatMap(service => service.registerPasskey(request)),
     E.provide(registrationServiceLive),
-    exchangeConfig,
+    E.provide(browserStorageLive),
   )
 
-export type AuthenticationErrors =
-  | NotSupported
-  | BadRequest
-  | NotFound
-  | Disabled
-  | Unauthorized
-  | Forbidden
-
 export const authenticatePasskey = (
   request: AuthenticationRequest,
-): E.Effect<Principal, AuthenticationErrors, Config> =>
-  pipe(
+): E.Effect<Principal, AuthenticationErrors, RpcConfig> => pipe(
     AuthenticationService,
     E.flatMap(service => service.authenticatePasskey(request)),
     E.provide(authenticationServiceLive),
-    exchangeConfig,
+    E.provide(browserStorageLive),
   )
 
-export type VerifyEmailErrors =
-  | NotSupported
-  | BadRequest
-  | NotFound
-  | Disabled
-  | Unauthorized
-  | Forbidden
-
 export const verifyEmailCode = (
   request: VerifyRequest,
-): E.Effect<Principal, VerifyEmailErrors, Config> =>
+): E.Effect<Principal, VerifyEmailErrors, RpcConfig> =>
   pipe(
     EmailService,
     E.flatMap(service => service.verifyEmailCode(request)),
     E.provide(emailServiceLive),
-    exchangeConfig,
+    E.provide(browserStorageLive),
   )
 
-export const verifyEmailLink = (): E.Effect<Principal, VerifyEmailErrors, Config> =>
+export const verifyEmailLink: E.Effect<Principal, VerifyEmailErrors, RpcConfig> = pipe(
+  EmailService,
+  E.flatMap(service => service.verifyEmailLink()),
+  E.provide(emailServiceLive),
+  E.provide(browserStorageLive),
+)
+
+export const resendVerificationEmail = (
+  request: ResendEmail,
+): E.Effect<void, ResendEmailErrors, RpcConfig> =>
   pipe(
-    EmailService,
-    E.flatMap(service => service.verifyEmailLink()),
-    E.provide(emailServiceLive),
-    exchangeConfig,
+    UserService,
+    E.flatMap(service => service.resendVerificationEmail(request)),
+    E.provide(userServiceLive),
+    E.provide(browserStorageLive),
   )
 
 export const getSessionToken = (
@@ -266,20 +257,30 @@ export const getSessionToken = (
     StorageService,
     E.flatMap(service => service.getToken(authType)),
     E.provide(storageServiceLive),
-    E.provide(storageLive),
+    E.provide(browserStorageLive),
   )
 
-export const clearExpiredTokens = (): E.Effect<void> =>
+export const clearExpiredTokens: E.Effect<void> = pipe(
+  StorageService,
+  E.flatMap(service => service.clearExpiredTokens),
+  E.provide(storageServiceLive),
+  E.provide(browserStorageLive),
+)
+
+export const registerOidc = (
+  request: RegisterOidcReq,
+): E.Effect<Principal, OidcRegistrationErrors, RpcConfig> =>
   pipe(
-    StorageService,
-    E.flatMap(service => service.clearExpiredTokens),
-    E.provide(storageServiceLive),
-    E.provide(storageLive),
+    SocialService,
+    E.flatMap(service => service.registerOidc(request)),
+    E.provide(socialServiceLive),
   )
 
-export const authenticateOIDC = (request: RegisterOidcReq) => 
+export const authenticateOidc = (
+  request: AuthenticateOidcReq,
+): E.Effect<Principal, OidcAuthenticationErrors, RpcConfig> =>
   pipe(
     SocialService,
-    E.flatMap(service => service.registerOidc(request)),
-    E.provide(socialServiceLive)
-  )
+    E.flatMap(service => service.authenticateOidc(request)),
+    E.provide(socialServiceLive),
+  )

package/src/email/email.fixture.ts

@@ -1,6 +1,7 @@
-import { UserClient, VerifyEmailReq, VerifyEmailRes } from '@passlock/shared/dist/rpc/user.js'
-import { Effect as E, Layer as L } from 'effect'
+import { VerifyEmailReq, VerifyEmailRes } from '@passlock/shared/dist/rpc/user.js'
+import { Effect as E, Layer as L, Option as O } from 'effect'
 import { AuthenticationService } from '../authentication/authenticate.js'
+import { UserClient } from '../rpc/user.js'
 import * as Fixtures from '../test/fixtures.js'
 import { URLQueryString } from './email.js'
 
@@ -28,7 +29,7 @@ export const rpcVerifyEmailRes = new VerifyEmailRes({ principal: Fixtures.princi
 export const rpcClientTest = L.succeed(
   UserClient,
   UserClient.of({
-    isExistingUser: () => E.succeed({ existingUser: true }),
+    isExistingUser: () => E.succeed({ existingUser: true, detail: O.none() }),
     verifyEmail: () => E.succeed(rpcVerifyEmailRes),
     resendVerificationEmail: () => E.fail(Fixtures.notImplemented),
   }),

package/src/email/email.test.ts

@@ -1,9 +1,9 @@
-import { UserClient } from '@passlock/shared/dist/rpc/user.js'
 import { Effect as E, Layer as L, LogLevel, Logger, pipe } from 'effect'
 import { NoSuchElementException } from 'effect/Cause'
 import { describe, expect, test } from 'vitest'
 import { mock } from 'vitest-mock-extended'
 import { AuthenticationService } from '../authentication/authenticate.js'
+import { UserClient } from '../rpc/user.js'
 import { StorageService } from '../storage/storage.js'
 import * as Fixture from './email.fixture.js'
 import { EmailService, EmailServiceLive } from './email.js'
@@ -42,7 +42,7 @@ describe('verifyEmailCode should', () => {
     const storageServiceTest = L.effect(
       StorageService,
       E.sync(() => {
-        const storageServiceMock = mock<StorageService>()
+        const storageServiceMock = mock<StorageService['Type']>()
 
         storageServiceMock.getToken.mockReturnValue(E.succeed(Fixture.storedToken))
         storageServiceMock.clearToken.mockReturnValue(E.void)
@@ -77,7 +77,7 @@ describe('verifyEmailCode should', () => {
     const storageServiceTest = L.effect(
       StorageService,
       E.sync(() => {
-        const storageServiceMock = mock<StorageService>()
+        const storageServiceMock = mock<StorageService['Type']>()
 
         storageServiceMock.getToken.mockReturnValue(E.fail(new NoSuchElementException()))
         storageServiceMock.clearToken.mockReturnValue(E.void)
@@ -89,7 +89,7 @@ describe('verifyEmailCode should', () => {
     const authServiceTest = L.effect(
       AuthenticationService,
       E.sync(() => {
-        const authServiceMock = mock<AuthenticationService>()
+        const authServiceMock = mock<AuthenticationService['Type']>()
 
         authServiceMock.authenticatePasskey.mockReturnValue(E.succeed(Fixture.principal))
 

package/src/email/email.ts

@@ -3,11 +3,12 @@
  */
 import { BadRequest } from '@passlock/shared/dist/error/error.js'
 import type { VerifyEmailErrors as RpcErrors } from '@passlock/shared/dist/rpc/user.js'
-import { UserClient, VerifyEmailReq } from '@passlock/shared/dist/rpc/user.js'
+import { VerifyEmailReq } from '@passlock/shared/dist/rpc/user.js'
 import type { Principal } from '@passlock/shared/dist/schema/principal.js'
 import { Context, Effect as E, Layer, Option as O, flow, identity, pipe } from 'effect'
-import { AuthenticationService, type AuthenticationErrors } from '../authentication/authenticate.js'
-import { StorageService } from '../storage/storage.js'
+import { type AuthenticationErrors, AuthenticationService } from '../authentication/authenticate.js'
+import { UserClient } from '../rpc/user.js'
+import { StorageService, type StoredToken } from '../storage/storage.js'
 
 /* Requests */
 
@@ -21,19 +22,20 @@ export type VerifyEmailErrors = RpcErrors | AuthenticationErrors
 
 /* Dependencies */
 
-export class URLQueryString extends Context.Tag('URLQueryString')<
+export class URLQueryString extends Context.Tag('@utils/URLQueryString')<
   URLQueryString,
   E.Effect<string>
 >() {}
 
 /* Service */
 
-export type EmailService = {
-  verifyEmailCode: (request: VerifyRequest) => E.Effect<Principal, VerifyEmailErrors>
-  verifyEmailLink: () => E.Effect<Principal, VerifyEmailErrors>
-}
-
-export const EmailService = Context.GenericTag<EmailService>('@services/EmailService')
+export class EmailService extends Context.Tag('@services/EmailService')<
+  EmailService,
+  {
+    verifyEmailCode: (request: VerifyRequest) => E.Effect<Principal, VerifyEmailErrors>
+    verifyEmailLink: () => E.Effect<Principal, VerifyEmailErrors>
+  }
+>() {}
 
 /* Utils */
 
@@ -56,12 +58,18 @@ const getToken = () => {
       onFailure: () =>
         // No token, need to authenticate the user
         pipe(
-          authenticationService.authenticatePasskey({ userVerification: 'preferred' }),
-          E.map(principal => ({
-            token: principal.token,
-            authType: principal.authStatement.authType,
-            expiresAt: principal.expireAt.getTime(),
-          })),
+          authenticationService.authenticatePasskey({
+            userVerification: O.some('preferred'),
+            email: O.none(),
+          }),
+          E.map(
+            principal =>
+              ({
+                token: principal.jti,
+                authType: principal.authType,
+                expiry: principal.exp.getTime(),
+              }) as StoredToken,
+          ),
         ),
     })