@passlock/client 0.9.22 → 0.9.24

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@passlock/client",
-  "version": "0.9.22",
-  "description": "Easy WebAuthn/FIDO Passkey authentication and social login for web apps. This library works with pretty much any frontend/backend stack including React/Next.js, Vue etc.",
+  "version": "0.9.24",
+  "description": "Passkey authentication and social login for web apps (Typescript). Framework agnostic",
   "keywords": [
     "passkey",
     "passkeys",
@@ -9,6 +9,8 @@
     "google one tap",
     "sign in with google",
     "sign in with apple",
+    "svelte",
+    "sveltekit",
     "react",
     "next",
     "vue",
@@ -19,10 +21,11 @@
     "email": "toby@passlock.dev"
   },
   "license": "MIT",
-  "homepage": "https://github.com/passlock-dev/ts-clients",
+  "homepage": "https://passlock.dev",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/passlock-dev/ts-clients.git"
+    "url": "git+https://github.com/passlock-dev/ts-clients.git",
+    "directory": "packages/client"
   },
   "bugs": {
     "url": "https://github.com/passlock-dev/ts-clients/issues",
@@ -42,45 +45,50 @@
     "!dist/**/*.spec.*"
   ],
   "dependencies": {
+    "@effect/schema": "0.71.0",
     "@github/webauthn-json": "^2.1.1",
-    "effect": "3.4.8",
-    "@passlock/shared": "0.9.22"
+    "effect": "3.6.4",
+    "@passlock/shared": "0.9.24"
   },
   "devDependencies": {
-    "@tsconfig/node18": "^18.2.4",
-    "@types/node": "^20.14.10",
-    "@typescript-eslint/eslint-plugin": "^7.15.0",
-    "@typescript-eslint/parser": "^7.15.0",
-    "@vitest/coverage-v8": "^2.0.3",
-    "@vitest/ui": "^2.0.3",
-    "eslint": "^8.57.0",
+    "@qetza/replacetokens": "^1.7.0",
+    "@total-typescript/tsconfig": "^1.0.4",
+    "@trivago/prettier-plugin-sort-imports": "^4.3.0",
+    "@tsconfig/node20": "^20.1.4",
+    "@types/node": "^22.4.0",
+    "@typescript-eslint/eslint-plugin": "^8.1.0",
+    "@typescript-eslint/parser": "^8.1.0",
+    "@vitest/coverage-v8": "^2.0.5",
+    "@vitest/ui": "^2.0.5",
+    "eslint": "^9.9.0",
     "eslint-config-prettier": "^9.1.0",
-    "eslint-import-resolver-typescript": "^3.6.1",
-    "eslint-plugin-import": "^2.29.1",
-    "jsdom": "^24.1.0",
-    "prettier": "^3.3.2",
-    "publint": "^0.1.9",
-    "rimraf": "^5.0.8",
+    "globals": "^15.9.0",
+    "jsdom": "^24.1.1",
+    "prettier": "^3.3.3",
+    "publint": "^0.2.10",
+    "rimraf": "^6.0.1",
     "tslib": "^2.6.3",
-    "typescript": "^5.5.3",
-    "vite": "^5.3.3",
-    "vitest": "^2.0.3",
-    "vitest-mock-extended": "^1.3.1"
+    "tsx": "^4.17.0",
+    "typescript": "^5.5.4",
+    "vite": "^5.4.1",
+    "vitest": "^2.0.5",
+    "vitest-mock-extended": "^2.0.0"
   },
   "scripts": {
-    "clean": "tsc --build --clean",
+    "clean": "rimraf ./dist",
     "typecheck": "tsc --noEmit",
     "test": "vitest run",
     "test:watch": "vitest dev",
     "test:ui": "vitest --coverage.enabled=true --ui",
     "test:coverage": "vitest run --coverage",
-    "build": "tsc --build && publint",
+    "build": "tsc --build",
     "build:clean": "pnpm run clean && pnpm run build",
-    "build:watch": "tsc --build --watch",
-    "format": "prettier --write \"src/**/*.+(js|ts|json)\"",
-    "lint": "eslint --ext .ts src",
+    "build:readme": "LATEST=${npm_package_version} tsx ../shared/scripts/replace-readme-tokens.ts ./packages/client",
+    "replaceTokens": "LATEST=${npm_package_version} tsx ../shared/scripts/replace-tokens.ts ./packages/client",
+    "build:production": "pnpm run build:clean && pnpm run replaceTokens && echo '' && publint",
+    "format": "prettier --write \"(src|scripts)/**/*.+(js|ts|json)\"",
+    "lint": "eslint ./src",
     "lint:fix": "pnpm run lint --fix",
-    "ncu": "ncu --peer -x @effect/* -x effect",
-    "ncu:save": "ncu --peer -x @effect/* -x effect -u"
+    "upgrade:deps": "ncu --peer -x effect -x @effect/* -i -u"
   }
 }

package/src/authentication/authenticate.fixture.ts

@@ -1,14 +1,16 @@
+import { Effect as E, Layer as L, Option as O } from 'effect'
+
 import {
-  AuthenticationClient,
   OptionsRes,
   VerificationReq,
   VerificationRes,
 } from '@passlock/shared/dist/rpc/authentication.js'
 import { IsExistingUserRes, VerifyEmailRes } from '@passlock/shared/dist/rpc/user.js'
 import type { AuthenticationCredential } from '@passlock/shared/dist/schema/passkey.js'
-import { Effect as E, Layer as L } from 'effect'
+
 import * as Fixtures from '../test/fixtures.js'
-import { GetCredential, type AuthenticationRequest } from './authenticate.js'
+import { AuthenticationClient } from '../rpc/authentication.js'
+import { type AuthenticationRequest, GetCredential } from './authenticate.js'
 
 export const session = 'session'
 export const token = 'token'
@@ -17,7 +19,8 @@ export const authType = 'passkey'
 export const expireAt = Date.now() + 10000
 
 export const request: AuthenticationRequest = {
-  userVerification: 'preferred',
+  userVerification: O.some('preferred'),
+  email: O.none(),
 }
 
 export const rpcOptionsRes = new OptionsRes({
@@ -48,13 +51,13 @@ export const rpcVerificationReq = new VerificationReq({ session, credential })
 
 export const rpcVerificationRes = new VerificationRes({ principal: Fixtures.principal })
 
-export const rpcIsExistingUserRes = new IsExistingUserRes({ existingUser: true })
+export const rpcIsExistingUserRes = new IsExistingUserRes({ existingUser: true, detail: O.none() })
 
 export const rpcVerifyEmailRes = new VerifyEmailRes({ principal: Fixtures.principal })
 
 export const getCredentialTest = L.succeed(
   GetCredential,
-  GetCredential.of(() => E.succeed(credential)),
+  GetCredential.of({ getCredential: () => E.succeed(credential) }),
 )
 
 export const rpcClientTest = L.succeed(
@@ -62,7 +65,7 @@ export const rpcClientTest = L.succeed(
   AuthenticationClient.of({
     getAuthenticationOptions: () => E.succeed(rpcOptionsRes),
     verifyAuthenticationCredential: () => E.succeed(rpcVerificationRes),
-  })
+  }),
 )
 
 export const principal = Fixtures.principal

package/src/authentication/authenticate.test.ts

@@ -1,16 +1,23 @@
-import { AuthenticationClient } from '@passlock/shared/dist/rpc/authentication.js'
-import { Effect as E, Layer as L, Layer, LogLevel, Logger, pipe } from 'effect'
+import { Effect as E, Layer as L, Layer, LogLevel, Logger, Option as O, pipe } from 'effect'
 import { describe, expect, test, vi } from 'vitest'
 import { mock } from 'vitest-mock-extended'
-import { StorageService } from '../storage/storage.js'
+
 import * as Fixture from './authenticate.fixture.js'
+import { AuthenticationClient } from '../rpc/authentication.js'
+import { StorageService } from '../storage/storage.js'
 import { AuthenticateServiceLive, AuthenticationService, GetCredential } from './authenticate.js'
 
 describe('authenticate should', () => {
   test('return a valid principal', async () => {
     const assertions = E.gen(function* (_) {
       const service = yield* _(AuthenticationService)
-      const result = yield* _(service.authenticatePasskey({ userVerification: 'preferred' }))
+
+      const result = yield* _(
+        service.authenticatePasskey({
+          email: O.none(),
+          userVerification: O.some('preferred'),
+        }),
+      )
 
       expect(result).toEqual(Fixture.principal)
     })
@@ -31,7 +38,13 @@ describe('authenticate should', () => {
   test('pass the authentication request to the backend', async () => {
     const assertions = E.gen(function* (_) {
       const service = yield* _(AuthenticationService)
-      yield* _(service.authenticatePasskey({ userVerification: 'preferred' }))
+
+      yield* _(
+        service.authenticatePasskey({
+          email: O.none(),
+          userVerification: O.some('preferred'),
+        }),
+      )
 
       const rpcClient = yield* _(AuthenticationClient)
       expect(rpcClient.getAuthenticationOptions).toHaveBeenCalledOnce()
@@ -44,7 +57,9 @@ describe('authenticate should', () => {
         const rpcMock = mock<AuthenticationClient['Type']>()
 
         rpcMock.getAuthenticationOptions.mockReturnValue(E.succeed(Fixture.rpcOptionsRes))
-        rpcMock.verifyAuthenticationCredential.mockReturnValue(E.succeed(Fixture.rpcVerificationRes))
+        rpcMock.verifyAuthenticationCredential.mockReturnValue(
+          E.succeed(Fixture.rpcVerificationRes),
+        )
 
         return rpcMock
       }),
@@ -67,11 +82,19 @@ describe('authenticate should', () => {
   test('send the credential to the backend', async () => {
     const assertions = E.gen(function* (_) {
       const service = yield* _(AuthenticationService)
-      yield* _(service.authenticatePasskey({ userVerification: 'preferred' }))
+
+      yield* _(
+        service.authenticatePasskey({
+          email: O.none(),
+          userVerification: O.some('preferred'),
+        }),
+      )
 
       const rpcClient = yield* _(AuthenticationClient)
       expect(rpcClient.getAuthenticationOptions).toHaveBeenCalledOnce()
-      expect(rpcClient.verifyAuthenticationCredential).toHaveBeenCalledWith(Fixture.rpcVerificationReq)
+      expect(rpcClient.verifyAuthenticationCredential).toHaveBeenCalledWith(
+        Fixture.rpcVerificationReq,
+      )
     })
 
     const rpcClientTest = L.effect(
@@ -80,7 +103,9 @@ describe('authenticate should', () => {
         const rpcMock = mock<AuthenticationClient['Type']>()
 
         rpcMock.getAuthenticationOptions.mockReturnValue(E.succeed(Fixture.rpcOptionsRes))
-        rpcMock.verifyAuthenticationCredential.mockReturnValue(E.succeed(Fixture.rpcVerificationRes))
+        rpcMock.verifyAuthenticationCredential.mockReturnValue(
+          E.succeed(Fixture.rpcVerificationRes),
+        )
 
         return rpcMock
       }),
@@ -103,7 +128,13 @@ describe('authenticate should', () => {
   test('store the credential in local storage', async () => {
     const assertions = E.gen(function* (_) {
       const service = yield* _(AuthenticationService)
-      yield* _(service.authenticatePasskey({ userVerification: 'preferred' }))
+
+      yield* _(
+        service.authenticatePasskey({
+          email: O.none(),
+          userVerification: O.some('preferred'),
+        }),
+      )
 
       const storageService = yield* _(StorageService)
       expect(storageService.storeToken).toHaveBeenCalledWith(Fixture.principal)
@@ -112,7 +143,7 @@ describe('authenticate should', () => {
     const storageServiceTest = L.effect(
       StorageService,
       E.sync(() => {
-        const storageMock = mock<StorageService>()
+        const storageMock = mock<StorageService['Type']>()
 
         storageMock.storeToken.mockReturnValue(E.void)
         storageMock.clearExpiredToken.mockReturnValue(E.void)
@@ -138,7 +169,13 @@ describe('authenticate should', () => {
   test('schedule deletion of the local token', async () => {
     const assertions = E.gen(function* (_) {
       const service = yield* _(AuthenticationService)
-      yield* _(service.authenticatePasskey({ userVerification: 'preferred' }))
+
+      yield* _(
+        service.authenticatePasskey({
+          email: O.none(),
+          userVerification: O.some('preferred'),
+        }),
+      )
 
       const storageService = yield* _(StorageService)
       expect(storageService.clearExpiredToken).toHaveBeenCalledWith('passkey')
@@ -147,7 +184,7 @@ describe('authenticate should', () => {
     const storageServiceTest = L.effect(
       StorageService,
       E.sync(() => {
-        const storageMock = mock<StorageService>()
+        const storageMock = mock<StorageService['Type']>()
 
         storageMock.storeToken.mockReturnValue(E.void)
         storageMock.clearExpiredToken.mockReturnValue(E.void)
@@ -173,20 +210,26 @@ describe('authenticate should', () => {
   test("return an error if the browser can't create a credential", async () => {
     const assertions = E.gen(function* (_) {
       const service = yield* _(AuthenticationService)
-      yield* _(service.authenticatePasskey({ userVerification: 'preferred' }))
 
-      const getCredential = yield* _(GetCredential)
+      yield* _(
+        service.authenticatePasskey({
+          email: O.none(),
+          userVerification: O.some('preferred'),
+        }),
+      )
+
+      const { getCredential } = yield* _(GetCredential)
       expect(getCredential).toHaveBeenCalledOnce()
     })
 
     const getCredentialTest = L.effect(
       GetCredential,
       E.sync(() => {
-        const getCredentialMock = vi.fn()
+        const getCredential = vi.fn()
 
-        getCredentialMock.mockReturnValue(E.succeed(Fixture.credential))
+        getCredential.mockReturnValue(E.succeed(Fixture.credential))
 
-        return getCredentialMock
+        return { getCredential }
       }),
     )
 

package/src/authentication/authenticate.ts

@@ -2,52 +2,53 @@
  * Passkey authentication effects
  */
 import {
-  parseRequestOptionsFromJSON,
   type CredentialRequestOptionsJSON,
+  parseRequestOptionsFromJSON,
 } from '@github/webauthn-json/browser-ponyfill'
-import {
-  InternalBrowserError,
-  type NotSupported,
-} from '@passlock/shared/dist/error/error.js'
-import type { OptionsErrors, VerificationErrors } from '@passlock/shared/dist/rpc/authentication.js'
-import { AuthenticationClient, OptionsReq, VerificationReq } from '@passlock/shared/dist/rpc/authentication.js'
-import type {
-  AuthenticationCredential,
-  UserVerification,
-} from '@passlock/shared/dist/schema/passkey.js'
-import { Principal } from '@passlock/shared/dist/schema/principal.js'
 import { Context, Effect as E, Layer, flow, pipe } from 'effect'
+
+import { InternalBrowserError, type NotSupported } from '@passlock/shared/dist/error/error.js'
+import {
+  type OptionsErrors,
+  type OptionsReq,
+  type VerificationErrors,
+  VerificationReq,
+} from '@passlock/shared/dist/rpc/authentication.js'
+import type { AuthenticationCredential } from '@passlock/shared/dist/schema/passkey.js'
+import type { Principal } from '@passlock/shared/dist/schema/principal.js'
+
 import { Capabilities } from '../capabilities/capabilities.js'
+import { AuthenticationClient } from '../rpc/authentication.js'
 import { StorageService } from '../storage/storage.js'
 
 /* Requests */
 
-export type AuthenticationRequest = { 
-  email?: string, 
-  userVerification?: UserVerification 
-}
-
+export type AuthenticationRequest = OptionsReq
 /* Errors */
 
 export type AuthenticationErrors = NotSupported | OptionsErrors | VerificationErrors
 
 /* Dependencies */
 
-export type GetCredential = (
-  request: CredentialRequestOptions,
-) => E.Effect<AuthenticationCredential, InternalBrowserError>
-
-export const GetCredential = Context.GenericTag<GetCredential>('@services/Get')
+export class GetCredential extends Context.Tag('@services/GetCredential')<
+  GetCredential,
+  {
+    getCredential: (
+      request: CredentialRequestOptions,
+    ) => E.Effect<AuthenticationCredential, InternalBrowserError>
+  }
+>() {}
 
 /* Service */
 
-export type AuthenticationService = {
-  authenticatePasskey: (request: AuthenticationRequest) => E.Effect<Principal, AuthenticationErrors>
-}
-
-export const AuthenticationService = Context.GenericTag<AuthenticationService>(
-  '@services/AuthenticationService',
-)
+export class AuthenticationService extends Context.Tag('@services/AuthenticationService')<
+  AuthenticationService,
+  {
+    authenticatePasskey: (
+      request: AuthenticationRequest,
+    ) => E.Effect<Principal, AuthenticationErrors>
+  }
+>() {}
 
 /* Utilities */
 
@@ -102,11 +103,12 @@ export const authenticatePasskey = (
     yield* _(capabilities.passkeySupport)
 
     yield* _(E.logInfo('Fetching authentication options from Passlock'))
-    const { options, session } = yield* _(fetchOptions(new OptionsReq(request)))
+
+    const { options, session } = yield* _(fetchOptions(request))
 
     yield* _(E.logInfo('Looking up credential'))
-    const get = yield* _(GetCredential)
-    const credential = yield* _(get(options))
+    const { getCredential } = yield* _(GetCredential)
+    const credential = yield* _(getCredential(options))
 
     yield* _(E.logInfo('Verifying credential with Passlock'))
     const principal = yield* _(verifyCredential(new VerificationReq({ credential, session })))
@@ -135,7 +137,9 @@ export const authenticatePasskey = (
 export const AuthenticateServiceLive = Layer.effect(
   AuthenticationService,
   E.gen(function* (_) {
-    const context = yield* _(E.context<GetCredential | AuthenticationClient | Capabilities | StorageService>())
+    const context = yield* _(
+      E.context<GetCredential | AuthenticationClient | Capabilities | StorageService>(),
+    )
 
     return AuthenticationService.of({
       authenticatePasskey: flow(authenticatePasskey, E.provide(context)),

package/src/capabilities/capabilities.ts

@@ -1,19 +1,21 @@
 /**
  * Test if the browser supports passkeys, conditional UI etc
  */
-import { NotSupported } from '@passlock/shared/dist/error/error.js'
 import { Context, Effect as E, Layer, identity, pipe } from 'effect'
 
-/* Service */
+import { NotSupported } from '@passlock/shared/dist/error/error.js'
 
-export type Capabilities = {
-  passkeySupport: E.Effect<void, NotSupported>
-  isPasskeySupport: E.Effect<boolean>
-  autofillSupport: E.Effect<void, NotSupported>
-  isAutofillSupport: E.Effect<boolean>
-}
+/* Service */
 
-export const Capabilities = Context.GenericTag<Capabilities>('@services/Capabilities')
+export class Capabilities extends Context.Tag('@services/Capabilities')<
+  Capabilities,
+  {
+    passkeySupport: E.Effect<void, NotSupported>
+    isPasskeySupport: E.Effect<boolean>
+    autofillSupport: E.Effect<void, NotSupported>
+    isAutofillSupport: E.Effect<boolean>
+  }
+>() {}
 
 /* Effects */
 

package/src/connection/connection.fixture.ts

@@ -1,6 +1,9 @@
-import { ConnectionClient, ConnectRes } from '@passlock/shared/dist/rpc/connection.js'
 import { Effect as E, Layer as L } from 'effect'
 
+import { ConnectRes } from '@passlock/shared/dist/rpc/connection.js'
+
+import { ConnectionClient } from '../rpc/connection.js'
+
 export const preConnectRes = new ConnectRes({ warmed: true })
 
 export const rpcClientTest = L.succeed(

package/src/connection/connection.test.ts

@@ -1,10 +1,11 @@
-import { RpcConfig } from '@passlock/shared/dist/rpc/config.js'
-import { ConnectionClient } from '@passlock/shared/dist/rpc/connection.js'
-import { Dispatcher } from '@passlock/shared/dist/rpc/dispatcher.js'
 import { Effect as E, Layer as L, Layer, LogLevel, Logger, pipe } from 'effect'
 import { describe, expect, test } from 'vitest'
 import { mock } from 'vitest-mock-extended'
+
 import * as Fixture from './connection.fixture.js'
+import { Dispatcher } from '../rpc/client.js'
+import { RpcConfig } from '../rpc/config.js'
+import { ConnectionClient } from '../rpc/connection.js'
 import { ConnectionService, ConnectionServiceLive } from './connection.js'
 
 describe('preConnect should', () => {

package/src/connection/connection.ts

@@ -1,18 +1,20 @@
 /**
  * Hits the rpc endpoint to warm up a lambda
  */
-import type { RpcConfig } from '@passlock/shared/dist/rpc/config.js'
-import { ConnectionClient } from '@passlock/shared/dist/rpc/connection.js'
-import { Dispatcher } from '@passlock/shared/dist/rpc/dispatcher.js'
 import { Context, Effect as E, Layer, flow, pipe } from 'effect'
 
-/* Service */
+import { Dispatcher } from '../rpc/client.js'
+import type { RpcConfig } from '../rpc/config.js'
+import { ConnectionClient } from '../rpc/connection.js'
 
-export type ConnectionService = {
-  preConnect: () => E.Effect<void>
-}
+/* Service */
 
-export const ConnectionService = Context.GenericTag<ConnectionService>('@services/ConnectService')
+export class ConnectionService extends Context.Tag('@services/ConnectionService')<
+  ConnectionService,
+  {
+    preConnect: () => E.Effect<void>
+  }
+>() {}
 
 /* Effects */