@passlock/client 0.9.22 → 0.9.24

package/src/registration/register.test.ts

@@ -1,9 +1,11 @@
-import { Duplicate, InternalBrowserError } from '@passlock/shared/dist/error/error.js'
-import { RegistrationClient } from '@passlock/shared/dist/rpc/registration.js'
 import { Effect as E, Layer as L, Layer, LogLevel, Logger, pipe } from 'effect'
 import { describe, expect, test, vi } from 'vitest'
 import { mock } from 'vitest-mock-extended'
+
+import { Duplicate, InternalBrowserError } from '@passlock/shared/dist/error/error.js'
+
 import * as Fixture from './register.fixture.js'
+import { RegistrationClient } from '../rpc/registration.js'
 import { CreateCredential, RegistrationService, RegistrationServiceLive } from './register.js'
 
 describe('register should', () => {
@@ -70,7 +72,9 @@ describe('register should', () => {
       yield* _(service.registerPasskey(Fixture.registrationRequest))
 
       const rpcClient = yield* _(RegistrationClient)
-      expect(rpcClient.verifyRegistrationCredential).toHaveBeenCalledWith(Fixture.rpcVerificationReq)
+      expect(rpcClient.verifyRegistrationCredential).toHaveBeenCalledWith(
+        Fixture.rpcVerificationReq,
+      )
     })
 
     const rpcClientTest = L.effect(
@@ -114,7 +118,9 @@ describe('register should', () => {
       E.sync(() => {
         const rpcMock = mock<RegistrationClient['Type']>()
 
-        rpcMock.getRegistrationOptions.mockReturnValue(E.fail(new Duplicate({ message: 'User already exists' })))
+        rpcMock.getRegistrationOptions.mockReturnValue(
+          E.fail(new Duplicate({ message: 'User already exists' })),
+        )
 
         return rpcMock
       }),
@@ -147,11 +153,11 @@ describe('register should', () => {
     const createTest = L.effect(
       CreateCredential,
       E.sync(() => {
-        const createTest = vi.fn()
+        const createCredential = vi.fn()
 
-        createTest.mockReturnValue(E.fail(new Duplicate({ message: 'boom!' })))
+        createCredential.mockReturnValue(E.fail(new Duplicate({ message: 'boom!' })))
 
-        return createTest
+        return { createCredential }
       }),
     )
 
@@ -185,11 +191,11 @@ describe('register should', () => {
     const createTest = L.effect(
       CreateCredential,
       E.sync(() => {
-        const createTest = vi.fn()
+        const createCredential = vi.fn()
 
-        createTest.mockReturnValue(E.fail(new InternalBrowserError({ message: 'boom!' })))
+        createCredential.mockReturnValue(E.fail(new InternalBrowserError({ message: 'boom!' })))
 
-        return createTest
+        return { createCredential }
       }),
     )
 

package/src/registration/register.ts

@@ -2,41 +2,37 @@
  * User & passkey registration effects
  */
 import {
-  parseCreationOptionsFromJSON,
   type CredentialCreationOptionsJSON,
+  parseCreationOptionsFromJSON,
 } from '@github/webauthn-json/browser-ponyfill'
-import type { NotSupported } from '@passlock/shared/dist/error/error.js'
-import { Duplicate, InternalBrowserError } from '@passlock/shared/dist/error/error.js'
-import type { OptionsErrors, VerificationErrors } from '@passlock/shared/dist/rpc/registration.js'
-import { OptionsReq, RegistrationClient, VerificationReq } from '@passlock/shared/dist/rpc/registration.js'
-import { VerifyEmail } from '@passlock/shared/dist/schema/email.js'
-import type {
-  RegistrationCredential,
-  UserVerification,
-} from '@passlock/shared/dist/schema/passkey.js'
-import { Principal } from '@passlock/shared/dist/schema/principal.js'
 import { Context, Effect as E, Layer, flow, pipe } from 'effect'
+
+import type { Duplicate, NotSupported } from '@passlock/shared/dist/error/error.js'
+import { InternalBrowserError } from '@passlock/shared/dist/error/error.js'
+import type { OptionsErrors, VerificationErrors } from '@passlock/shared/dist/rpc/registration.js'
+import { OptionsReq, VerificationReq } from '@passlock/shared/dist/rpc/registration.js'
+import type { RegistrationCredential } from '@passlock/shared/dist/schema/passkey.js'
+import type { Principal } from '@passlock/shared/dist/schema/principal.js'
+
 import { Capabilities } from '../capabilities/capabilities.js'
+import { RegistrationClient } from '../rpc/registration.js'
 import { StorageService } from '../storage/storage.js'
-import { UserService } from '../user/user.js'
+import type { UserService } from '../user/user.js'
 
 /* Requests */
 
-export type RegistrationRequest = {
-  email: string
-  givenName: string
-  familyName: string
-  userVerification?: UserVerification
-  verifyEmail?: VerifyEmail
-}
+export type RegistrationRequest = OptionsReq
 
 /* Dependencies */
 
-export type CreateCredential = (
-  request: CredentialCreationOptions,
-) => E.Effect<RegistrationCredential, InternalBrowserError | Duplicate>
-
-export const CreateCredential = Context.GenericTag<CreateCredential>('@services/Create')
+export class CreateCredential extends Context.Tag('@services/CreateCredential')<
+  CreateCredential,
+  {
+    createCredential: (
+      request: CredentialCreationOptions,
+    ) => E.Effect<RegistrationCredential, InternalBrowserError | Duplicate>
+  }
+>() {}
 
 /* Errors */
 
@@ -44,13 +40,12 @@ export type RegistrationErrors = NotSupported | OptionsErrors | VerificationErro
 
 /* Service */
 
-export type RegistrationService = {
-  registerPasskey: (request: RegistrationRequest) => E.Effect<Principal, RegistrationErrors>
-}
-
-export const RegistrationService = Context.GenericTag<RegistrationService>(
-  '@services/RegistrationService',
-)
+export class RegistrationService extends Context.Tag('@services/RegistrationService')<
+  RegistrationService,
+  {
+    registerPasskey: (request: RegistrationRequest) => E.Effect<Principal, RegistrationErrors>
+  }
+>() {}
 
 /* Utilities */
 
@@ -94,7 +89,12 @@ const verifyCredential = (request: VerificationReq) => {
 
 /* Effects */
 
-type Dependencies = Capabilities | CreateCredential | StorageService | UserService | RegistrationClient
+type Dependencies =
+  | Capabilities
+  | CreateCredential
+  | StorageService
+  | UserService
+  | RegistrationClient
 
 export const registerPasskey = (
   request: RegistrationRequest,
@@ -105,10 +105,10 @@ export const registerPasskey = (
     yield* _(capabilities.passkeySupport)
 
     yield* _(E.logInfo('Fetching registration options from Passlock'))
-    const { options, session } = yield* _(fetchOptions(new OptionsReq(request)))
+    const { options, session } = yield* fetchOptions(new OptionsReq(request))
 
     yield* _(E.logInfo('Building new credential'))
-    const createCredential = yield* _(CreateCredential)
+    const { createCredential } = yield* _(CreateCredential)
     const credential = yield* _(createCredential(options))
 
     yield* _(E.logInfo('Storing credential public key in Passlock'))
@@ -145,7 +145,9 @@ export const RegistrationServiceLive = Layer.effect(
   RegistrationService,
   E.gen(function* (_) {
     const context = yield* _(
-      E.context<CreateCredential | RegistrationClient | Capabilities | StorageService | UserService>(),
+      E.context<
+        CreateCredential | RegistrationClient | Capabilities | StorageService | UserService
+      >(),
     )
 
     return RegistrationService.of({

package/src/rpc/authentication.ts

@@ -0,0 +1,43 @@
+import { Context, Effect as E, Layer } from 'effect'
+
+import {
+  type AuthenticationService,
+  OPTIONS_ENDPOINT,
+  OptionsErrors,
+  OptionsReq,
+  OptionsRes,
+  VERIFY_ENDPOINT,
+  VerificationErrors,
+  VerificationReq,
+  VerificationRes,
+} from '@passlock/shared/dist/rpc/authentication.js'
+
+import { Dispatcher, makePostRequest } from './client.js'
+
+/* Client */
+
+export class AuthenticationClient extends Context.Tag('@passkey/auth/client')<
+  AuthenticationClient,
+  AuthenticationService
+>() {}
+
+export const AuthenticationClientLive = Layer.effect(
+  AuthenticationClient,
+  E.gen(function* (_) {
+    const dispatcher = yield* _(Dispatcher)
+
+    const optionsResolver = makePostRequest(OptionsReq, OptionsRes, OptionsErrors, dispatcher)
+
+    const verifyResolver = makePostRequest(
+      VerificationReq,
+      VerificationRes,
+      VerificationErrors,
+      dispatcher,
+    )
+
+    return {
+      getAuthenticationOptions: req => optionsResolver(OPTIONS_ENDPOINT, req),
+      verifyAuthenticationCredential: req => verifyResolver(VERIFY_ENDPOINT, req),
+    }
+  }),
+)

package/src/rpc/client.ts

@@ -0,0 +1,174 @@
+import * as S from '@effect/schema/Schema'
+import { Context, Effect as E, Layer, pipe } from 'effect'
+
+import { NetworkError } from '@passlock/shared/dist/error/error.js'
+
+import { PASSLOCK_CLIENT_VERSION } from '../version.js'
+import { RetrySchedule, RpcConfig } from './config.js'
+
+export type DispatcherResponse = {
+  status: number
+  body: object
+}
+
+/** To send the JSON to the backend */
+export class Dispatcher extends Context.Tag('@rpc/Dispatcher')<
+  Dispatcher,
+  {
+    get: (path: string) => E.Effect<DispatcherResponse, NetworkError>
+    post: (path: string, body: string) => E.Effect<DispatcherResponse, NetworkError>
+  }
+>() {}
+
+/** Fires off client requests using fetch */
+/** TODO: Write tests */
+/** TODO: Evaluate platform/http client (if now stable) */
+export const DispatcherLive = Layer.effect(
+  Dispatcher,
+  E.gen(function* (_) {
+    const { schedule } = yield* _(RetrySchedule)
+    const { tenancyId, clientId, endpoint: maybeEndpoint } = yield* _(RpcConfig)
+
+    const parseJson = (res: Response, url: string) =>
+      E.tryPromise({
+        try: () => res.json() as Promise<unknown>,
+        catch: e =>
+          new NetworkError({
+            message: 'Unable to extract json response from ' + url,
+            detail: String(e),
+          }),
+      })
+
+    // 400 errors are reflected in the RPC response error channel
+    // so in network terms they're still "ok"
+    const assertNo500s = (res: Response, url: string) => {
+      if (res.status >= 500) {
+        return E.fail(
+          new NetworkError({
+            message: 'Received 500 response code from ' + url,
+          }),
+        )
+      } else return E.void
+    }
+
+    const parseJsonObject = (json: unknown) => {
+      return typeof json === 'object' && json !== null
+        ? E.succeed(json)
+        : E.fail(
+            new NetworkError({
+              message: `Expected JSON object to be returned from RPC endpoint, actual ${typeof json}`,
+            }),
+          )
+    }
+
+    const buildUrl = (_path: string) => {
+      const endpoint = maybeEndpoint || 'https://api.passlock.dev'
+      // drop leading /
+      const path = _path.replace(/^\//, '')
+      return `${endpoint}/${tenancyId}/${path}`
+    }
+
+    return {
+      get: (path: string) => {
+        const effect = E.gen(function* (_) {
+          const headers = {
+            'Accept': 'application/json',
+            'X-CLIENT-ID': clientId,
+            'X-PASSLOCK-CLIENT-VERSION': PASSLOCK_CLIENT_VERSION,
+          }
+
+          const url = buildUrl(path)
+
+          const res = yield* _(
+            E.tryPromise({
+              try: () => fetch(url, { method: 'GET', headers }),
+              catch: e =>
+                new NetworkError({ message: 'Unable to fetch from ' + url, detail: String(e) }),
+            }),
+          )
+
+          const json = yield* _(parseJson(res, url))
+          yield* _(assertNo500s(res, url))
+          const jsonObject = yield* _(parseJsonObject(json))
+
+          return { status: res.status, body: jsonObject }
+        })
+
+        return E.retry(effect, { schedule })
+      },
+
+      post: (_path: string, body: string) => {
+        const effect = E.gen(function* (_) {
+          const headers = {
+            'Content-Type': 'application/json',
+            'Accept': 'application/json',
+            'X-CLIENT-ID': clientId,
+            'X-PASSLOCK-CLIENT-VERSION': PASSLOCK_CLIENT_VERSION,
+          }
+
+          // drop leading /
+          const url = buildUrl(_path)
+
+          const res = yield* _(
+            E.tryPromise({
+              try: () => fetch(url, { method: 'POST', headers, body }),
+              catch: e =>
+                new NetworkError({ message: 'Unable to fetch from ' + url, detail: String(e) }),
+            }),
+          )
+
+          const json = yield* _(parseJson(res, url))
+          yield* _(assertNo500s(res, url))
+          const jsonObject = yield* _(parseJsonObject(json))
+
+          return { status: res.status, body: jsonObject }
+        })
+
+        return E.retry(effect, { schedule })
+      },
+    }
+  }),
+)
+
+export const makeGetRequest =
+  <Res, ResEnc, Err, ErrEnc>(
+    responseSchema: S.Schema<Res, ResEnc, never>,
+    errorSchema: S.Schema<Err, ErrEnc, never>,
+    dispatcher: Dispatcher['Type'],
+  ) =>
+  (path: string) =>
+    pipe(
+      dispatcher.get(path),
+      E.flatMap(res => {
+        if (res.status === 200) return S.decodeUnknown(responseSchema)(res.body)
+        return pipe(
+          S.decodeUnknown(errorSchema)(res.body),
+          E.flatMap(err => E.fail(err)),
+        )
+      }),
+      E.catchTag('ParseError', e => E.die(e)),
+      E.catchTag('NetworkError', e => E.die(e)),
+    )
+
+export const makePostRequest =
+  <Req, ReqEnc, Res, ResEnc, Err, ErrEnc>(
+    requestSchema: S.Schema<Req, ReqEnc, never>,
+    responseSchema: S.Schema<Res, ResEnc, never>,
+    errorSchema: S.Schema<Err, ErrEnc, never>,
+    dispatcher: Dispatcher['Type'],
+  ) =>
+  (path: string, request: Req) => {
+    return pipe(
+      S.encode(requestSchema)(request),
+      E.flatMap(request => dispatcher.post(path, JSON.stringify(request))),
+      E.flatMap(res => {
+        if (res.status === 200) return S.decodeUnknown(responseSchema)(res.body)
+        return pipe(
+          S.decodeUnknown(errorSchema)(res.body),
+          E.flatMap(err => E.fail(err)),
+        )
+      }),
+      E.catchTag('ParseError', e => E.die(e)),
+      E.catchTag('NetworkError', e => E.die(e)),
+    )
+  }

package/src/rpc/config.ts

@@ -0,0 +1,18 @@
+import type { Schedule } from 'effect'
+import { Context } from 'effect'
+
+export class RpcConfig extends Context.Tag('@rpc/RpcConfig')<
+  RpcConfig,
+  {
+    endpoint?: string
+    tenancyId: string
+    clientId: string
+  }
+>() {}
+
+export class RetrySchedule extends Context.Tag('@rpc/RetrySchedule')<
+  RetrySchedule,
+  {
+    schedule: Schedule.Schedule<unknown>
+  }
+>() {}

package/src/rpc/connection.ts

@@ -0,0 +1,30 @@
+import * as S from '@effect/schema/Schema'
+import { Context, Effect as E, Layer } from 'effect'
+
+import {
+  CONNECT_ENDPOINT,
+  ConnectRes,
+  type ConnectionService,
+} from '@passlock/shared/dist/rpc/connection.js'
+
+import { Dispatcher, makeGetRequest } from './client.js'
+
+/* Client */
+
+export class ConnectionClient extends Context.Tag('@connection/client')<
+  ConnectionClient,
+  ConnectionService
+>() {}
+
+export const ConnectionClientLive = Layer.effect(
+  ConnectionClient,
+  E.gen(function* (_) {
+    const dispatcher = yield* _(Dispatcher)
+
+    const preConnectResolver = makeGetRequest(ConnectRes, S.Never, dispatcher)
+
+    return {
+      preConnect: () => preConnectResolver(CONNECT_ENDPOINT),
+    }
+  }),
+)

package/src/rpc/registration.ts

@@ -0,0 +1,41 @@
+import { Context, Effect as E, Layer } from 'effect'
+
+import {
+  OptionsErrors,
+  OptionsReq,
+  OptionsRes,
+  type RegistrationService,
+  VerificationErrors,
+  VerificationReq,
+  VerificationRes,
+} from '@passlock/shared/dist/rpc/registration.js'
+
+import { Dispatcher, makePostRequest } from './client.js'
+
+/* Client */
+
+export class RegistrationClient extends Context.Tag('@passkey/register/client')<
+  RegistrationClient,
+  RegistrationService
+>() {}
+
+export const RegistrationClientLive = Layer.effect(
+  RegistrationClient,
+  E.gen(function* (_) {
+    const dispatcher = yield* _(Dispatcher)
+
+    const optionsResolver = makePostRequest(OptionsReq, OptionsRes, OptionsErrors, dispatcher)
+
+    const verifyResolver = makePostRequest(
+      VerificationReq,
+      VerificationRes,
+      VerificationErrors,
+      dispatcher,
+    )
+
+    return {
+      getRegistrationOptions: req => optionsResolver('/passkey/register/options', req),
+      verifyRegistrationCredential: req => verifyResolver('/passkey/register/verify', req),
+    }
+  }),
+)

package/src/rpc/social.ts

@@ -0,0 +1,45 @@
+import { Context, Effect as E, Layer } from 'effect'
+
+import {
+  AuthOidcErrors,
+  AuthOidcReq,
+  PrincipalRes,
+  RegisterOidcErrors,
+  RegisterOidcReq,
+  type SocialService,
+} from '@passlock/shared/dist/rpc/social.js'
+
+import { Dispatcher, makePostRequest } from './client.js'
+
+/* Client */
+
+export const OIDC_REGISTER_ENDPOINT = '/social/oidc/register'
+export const OIDC_AUTH_ENDPOINT = '/social/oidc/auth'
+
+export class SocialClient extends Context.Tag('@social/client')<SocialClient, SocialService>() {}
+
+export const SocialClientLive = Layer.effect(
+  SocialClient,
+  E.gen(function* (_) {
+    const dispatcher = yield* _(Dispatcher)
+
+    const registerResolver = makePostRequest(
+      RegisterOidcReq,
+      PrincipalRes,
+      RegisterOidcErrors,
+      dispatcher,
+    )
+
+    const authenticateResolver = makePostRequest(
+      AuthOidcReq,
+      PrincipalRes,
+      AuthOidcErrors,
+      dispatcher,
+    )
+
+    return {
+      registerOidc: req => registerResolver(OIDC_REGISTER_ENDPOINT, req),
+      authenticateOidc: req => authenticateResolver(OIDC_AUTH_ENDPOINT, req),
+    }
+  }),
+)

package/src/rpc/user.ts

@@ -0,0 +1,57 @@
+import * as S from '@effect/schema/Schema'
+import { Context, Effect as E, Layer } from 'effect'
+
+import {
+  IsExistingUserReq,
+  IsExistingUserRes,
+  RESEND_EMAIL_ENDPOINT,
+  ResendEmailErrors,
+  ResendEmailReq,
+  ResendEmailRes,
+  USER_STATUS_ENDPOINT,
+  type UserService,
+  VERIFY_EMAIL_ENDPOINT,
+  VerifyEmailErrors,
+  VerifyEmailReq,
+  VerifyEmailRes,
+} from '@passlock/shared/dist/rpc/user.js'
+
+import { Dispatcher, makePostRequest } from './client.js'
+
+/* Client */
+
+export class UserClient extends Context.Tag('@user/client')<UserClient, UserService>() {}
+
+export const UserClientLive = Layer.effect(
+  UserClient,
+  E.gen(function* (_) {
+    const dispatcher = yield* _(Dispatcher)
+
+    const isExistingUserResolver = makePostRequest(
+      IsExistingUserReq,
+      IsExistingUserRes,
+      S.Never,
+      dispatcher,
+    )
+
+    const verifyEmailResolver = makePostRequest(
+      VerifyEmailReq,
+      VerifyEmailRes,
+      VerifyEmailErrors,
+      dispatcher,
+    )
+
+    const resendEmailResolver = makePostRequest(
+      ResendEmailReq,
+      ResendEmailRes,
+      ResendEmailErrors,
+      dispatcher,
+    )
+
+    return {
+      isExistingUser: req => isExistingUserResolver(USER_STATUS_ENDPOINT, req),
+      verifyEmail: req => verifyEmailResolver(VERIFY_EMAIL_ENDPOINT, req),
+      resendVerificationEmail: req => resendEmailResolver(RESEND_EMAIL_ENDPOINT, req),
+    }
+  }),
+)

package/src/social/social.fixture.ts

@@ -1,8 +1,10 @@
+import { Effect as E, Layer as L, Option as O } from 'effect'
+
 import * as Shared from '@passlock/shared/dist/rpc/social.js'
-import { SocialClient } from '@passlock/shared/dist/rpc/social.js'
-import { Effect as E, Layer as L } from 'effect'
+
 import * as Fixtures from '../test/fixtures.js'
-import type { AuthenticateOidcReq, RegisterOidcReq } from './social.js'
+import { SocialClient } from '../rpc/social.js'
+import type { AuthenticateOidcReq } from './social.js'
 
 export const session = 'session'
 export const token = 'token'
@@ -10,30 +12,22 @@ export const code = 'code'
 export const authType = 'passkey'
 export const expireAt = Date.now() + 10000
 
-export const registerOidcReq: RegisterOidcReq = {
+export const registerOidcReq = new Shared.RegisterOidcReq({
   provider: 'google',
   idToken: 'google-token',
   nonce: 'nonce',
-  givenName: 'john',
-  familyName: 'doe'
-}
+  givenName: O.some('john'),
+  familyName: O.some('doe'),
+})
 
-export const authOidcReq: AuthenticateOidcReq = {
+export const authOidcReq: AuthenticateOidcReq = new Shared.AuthOidcReq({
   provider: 'google',
   idToken: 'google-token',
-  nonce: 'nonce'
-}
-
-export const rpcRegisterReq = new Shared.RegisterOidcReq({ 
-  ...registerOidcReq, 
-  ...(registerOidcReq.givenName ? { givenName: registerOidcReq.givenName } : {}),
-  ...(registerOidcReq.familyName ? { familyName: registerOidcReq.familyName } : {})
+  nonce: 'nonce',
 })
 
 export const rpcRegisterRes = new Shared.PrincipalRes({ principal: Fixtures.principal })
 
-export const rpcAuthenticateReq = new Shared.AuthOidcReq({ ...authOidcReq })
-
 export const rpcAuthenticateRes = new Shared.PrincipalRes({ principal: Fixtures.principal })
 
 export const rpcClientTest = L.succeed(
@@ -41,7 +35,7 @@ export const rpcClientTest = L.succeed(
   SocialClient.of({
     registerOidc: () => E.fail(Fixtures.notImplemented),
     authenticateOidc: () => E.fail(Fixtures.notImplemented),
-  })
+  }),
 )
 
 export const principal = Fixtures.principal