@passlock/client 0.9.30 → 2.0.0-beta.1

package/src/logging/eventLogger.test.ts

@@ -1,104 +0,0 @@
-import { Effect as E, LogLevel, Logger } from 'effect'
-import { describe, expect, test, vi } from 'vitest'
-
-import { eventLoggerLive, logRaw } from './eventLogger.js'
-
-/**
- * Although the core log functionality is tested alongside the logger in the @passlock/shared
- * package, those tests deliberately exclude the event dispatch elements as the package
- * is intended to be agnostic to the runtime environment. This client package however is
- * intented to be run in the browser, so we can plugin a real event dispatcher and ensure
- * it's working as expected.
- */
-
-describe('log', () => {
-  test('log DEBUG to the console', () => {
-    const logStatement = E.logDebug('hello world')
-
-    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
-    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Debug))
-
-    const effect = E.provide(withLogLevel, eventLoggerLive)
-    E.runSync(effect)
-
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('DEBUG'))
-  })
-
-  test('log INFO to the console', () => {
-    const logStatement = E.logInfo('hello world')
-
-    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
-    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Info))
-
-    const effect = E.provide(withLogLevel, eventLoggerLive)
-    E.runSync(effect)
-
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('INFO'))
-  })
-
-  test('log WARN to the console', () => {
-    const logStatement = E.logWarning('hello world')
-
-    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
-    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Warning))
-
-    const effect = E.provide(withLogLevel, eventLoggerLive)
-    E.runSync(effect)
-
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('WARN'))
-  })
-
-  test('log ERROR to the console', () => {
-    const logStatement = E.logError('hello world')
-
-    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
-    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Error))
-
-    const effect = E.provide(withLogLevel, eventLoggerLive)
-    E.runSync(effect)
-
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('ERROR'))
-  })
-
-  test('log raw data to the console', () => {
-    const logStatement = logRaw('hello world')
-    const logSpy = vi.spyOn(globalThis.console, 'log').mockImplementation(() => undefined)
-
-    E.runSync(logStatement)
-
-    expect(logSpy).toHaveBeenCalledWith(expect.stringContaining('hello world'))
-  })
-
-  test('fire a custom log event', () => {
-    const logStatement = E.logWarning('hello world')
-
-    const eventSpy = vi.spyOn(globalThis, 'dispatchEvent').mockImplementation(() => false)
-    const withLogLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Warning))
-
-    const effect = E.provide(withLogLevel, eventLoggerLive)
-
-    E.runSync(effect)
-
-    const expectedEvent = new CustomEvent('PasslogDebugMessage', {
-      detail: 'hello world',
-    })
-
-    expect(eventSpy).toHaveBeenCalledWith(expectedEvent)
-  })
-
-  test('not fire a log event for a debug message', () => {
-    const logStatement = E.logDebug('hello world')
-
-    const eventSpy = vi.spyOn(globalThis, 'dispatchEvent').mockImplementation(() => false)
-    const withDebugLevel = logStatement.pipe(Logger.withMinimumLogLevel(LogLevel.Debug))
-
-    const effect = E.provide(withDebugLevel, eventLoggerLive)
-    E.runSync(effect)
-
-    expect(eventSpy).not.toHaveBeenCalled()
-  })
-})

package/src/logging/eventLogger.ts

@@ -1,41 +0,0 @@
-/**
- * Logger implementation that also fires DOM events.
- * This is useful to allow external code to plug into the logging
- * mechanism. E.g. the Passlock demo subscribes to events to generate
- * a typewriter style effect
- */
-import { Effect as E, LogLevel, Logger } from 'effect'
-
-/**
- * Some log messages span multiple lines/include json etc which is
- * better output without being formatted by Effect's logging framework
- *
- * @param message
- * @returns
- */
-export const logRaw = <T>(message: T) => {
-  return E.sync(() => {
-    console.log(message)
-  })
-}
-
-export const DebugMessage = 'PasslogDebugMessage'
-
-const dispatch = (message: string) => {
-  try {
-    const evt = new CustomEvent(DebugMessage, { detail: message })
-    globalThis.dispatchEvent(evt)
-  } catch {
-    globalThis.console.log('Unable to fire custom event')
-  }
-}
-
-export const eventLoggerLive = Logger.add(
-  Logger.make(({ logLevel, message }) => {
-    if (typeof message === 'string' && logLevel !== LogLevel.Debug) {
-      dispatch(message)
-    } else if (Array.isArray(message) && logLevel !== LogLevel.Debug) {
-      message.forEach(dispatch)
-    }
-  }),
-)

package/src/registration/register.fixture.ts

@@ -1,96 +0,0 @@
-import { Effect as E, Layer as L, Option as O } from 'effect'
-
-import {
-  OptionsReq,
-  OptionsRes,
-  VerificationReq,
-  VerificationRes,
-} from '@passlock/shared/dist/rpc/registration.js'
-import type { RegistrationCredential } from '@passlock/shared/dist/schema/passkey.js'
-
-import * as Fixtures from '../test/fixtures.js'
-import { RegistrationClient } from '../rpc/registration.js'
-import { UserService } from '../user/user.js'
-import { CreateCredential, type RegistrationRequest } from './register.js'
-
-export const session = 'session'
-export const token = 'token'
-export const code = 'code'
-export const authType = 'passkey'
-export const expireAt = Date.now() + 10000
-
-export const registrationRequest: RegistrationRequest = {
-  email: 'jdoe@gmail.com',
-  givenName: O.some('john'),
-  familyName: O.some('doe'),
-  userVerification: O.none(),
-  verifyEmail: O.none(),
-}
-
-export const rpcOptionsReq = new OptionsReq(registrationRequest)
-
-export const registrationOptions: OptionsRes = {
-  session,
-  publicKey: {
-    rp: {
-      name: 'passlock',
-      id: 'passlock.dev',
-    },
-    user: {
-      name: 'john doe',
-      id: 'jdoe',
-      displayName: 'john doe',
-    },
-    challenge: 'FKZSl_saKu5OXjLLwoq8eK3wlD8XgpGiS10SszW5RiE',
-    pubKeyCredParams: [],
-  },
-}
-
-export const rpcOptionsRes = new OptionsRes(registrationOptions)
-
-export const credential: RegistrationCredential = {
-  type: 'public-key',
-  id: '1',
-  rawId: '1',
-  response: {
-    transports: [],
-    clientDataJSON: '',
-    attestationObject: '',
-  },
-  clientExtensionResults: {},
-}
-
-export const rpcVerificationReq = new VerificationReq({
-  session,
-  credential,
-  verifyEmail: O.none(),
-})
-
-export const rpcVerificationRes = new VerificationRes({ principal: Fixtures.principal })
-
-export const createCredentialTest = L.succeed(
-  CreateCredential,
-  CreateCredential.of({ createCredential: () => E.succeed(credential) }),
-)
-
-export const userServiceTest = L.succeed(
-  UserService,
-  UserService.of({
-    isExistingUser: () => E.succeed(false),
-    resendVerificationEmail: () => E.succeed(true),
-  }),
-)
-
-export const rpcClientTest = L.succeed(
-  RegistrationClient,
-  RegistrationClient.of({
-    getRegistrationOptions: () => E.succeed(rpcOptionsRes),
-    verifyRegistrationCredential: () => E.succeed(rpcVerificationRes),
-  }),
-)
-
-export const principal = Fixtures.principal
-
-export const capabilitiesTest = Fixtures.capabilitiesTest
-
-export const storageServiceTest = Fixtures.storageServiceTest

package/src/registration/register.test.ts

@@ -1,216 +0,0 @@
-import { Effect as E, Layer as L, Layer, LogLevel, Logger, pipe } from 'effect'
-import { describe, expect, test, vi } from 'vitest'
-import { mock } from 'vitest-mock-extended'
-
-import { Duplicate, InternalBrowserError } from '@passlock/shared/dist/error/error.js'
-
-import * as Fixture from './register.fixture.js'
-import { RegistrationClient } from '../rpc/registration.js'
-import { CreateCredential, RegistrationService, RegistrationServiceLive } from './register.js'
-
-describe('register should', () => {
-  test('return a valid credential', async () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(RegistrationService)
-      const result = yield* _(service.registerPasskey(Fixture.registrationRequest))
-      expect(result).toEqual(Fixture.principal)
-    })
-
-    const service = pipe(
-      RegistrationServiceLive,
-      L.provide(Fixture.createCredentialTest),
-      L.provide(Fixture.userServiceTest),
-      L.provide(Fixture.capabilitiesTest),
-      L.provide(Fixture.storageServiceTest),
-      L.provide(Fixture.rpcClientTest),
-    )
-
-    const effect = pipe(E.provide(assertions, service), Logger.withMinimumLogLevel(LogLevel.None))
-
-    return E.runPromise(effect)
-  })
-
-  test('pass the registration data to the backend', async () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(RegistrationService)
-      yield* _(service.registerPasskey(Fixture.registrationRequest))
-
-      const rpcClient = yield* _(RegistrationClient)
-      expect(rpcClient.getRegistrationOptions).toHaveBeenCalledWith(Fixture.rpcOptionsReq)
-    })
-
-    const rpcClientTest = L.effect(
-      RegistrationClient,
-      E.sync(() => {
-        const rpcMock = mock<RegistrationClient['Type']>()
-
-        rpcMock.getRegistrationOptions.mockReturnValue(E.succeed(Fixture.rpcOptionsRes))
-        rpcMock.verifyRegistrationCredential.mockReturnValue(E.succeed(Fixture.rpcVerificationRes))
-
-        return rpcMock
-      }),
-    )
-
-    const service = pipe(
-      RegistrationServiceLive,
-      L.provide(Fixture.createCredentialTest),
-      L.provide(Fixture.capabilitiesTest),
-      L.provide(Fixture.storageServiceTest),
-      L.provide(Fixture.userServiceTest),
-      L.provide(rpcClientTest),
-    )
-
-    const layers = Layer.merge(service, rpcClientTest)
-    const effect = pipe(E.provide(assertions, layers), Logger.withMinimumLogLevel(LogLevel.None))
-
-    return E.runPromise(effect)
-  })
-
-  test('send the new credential to the backend', async () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(RegistrationService)
-      yield* _(service.registerPasskey(Fixture.registrationRequest))
-
-      const rpcClient = yield* _(RegistrationClient)
-      expect(rpcClient.verifyRegistrationCredential).toHaveBeenCalledWith(
-        Fixture.rpcVerificationReq,
-      )
-    })
-
-    const rpcClientTest = L.effect(
-      RegistrationClient,
-      E.sync(() => {
-        const rpcMock = mock<RegistrationClient['Type']>()
-
-        rpcMock.getRegistrationOptions.mockReturnValue(E.succeed(Fixture.rpcOptionsRes))
-        rpcMock.verifyRegistrationCredential.mockReturnValue(E.succeed(Fixture.rpcVerificationRes))
-
-        return rpcMock
-      }),
-    )
-
-    const service = pipe(
-      RegistrationServiceLive,
-      L.provide(Fixture.createCredentialTest),
-      L.provide(Fixture.capabilitiesTest),
-      L.provide(Fixture.storageServiceTest),
-      L.provide(Fixture.userServiceTest),
-      L.provide(rpcClientTest),
-    )
-
-    const layers = Layer.merge(service, rpcClientTest)
-    const effect = pipe(E.provide(assertions, layers), Logger.withMinimumLogLevel(LogLevel.None))
-
-    return E.runPromise(effect)
-  })
-
-  test('short-circuit if the user is already registered', async () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(RegistrationService)
-
-      const error = yield* _(service.registerPasskey(Fixture.registrationRequest), E.flip)
-
-      expect(error).toBeInstanceOf(Duplicate)
-    })
-
-    const rpcClientTest = L.effect(
-      RegistrationClient,
-      E.sync(() => {
-        const rpcMock = mock<RegistrationClient['Type']>()
-
-        rpcMock.getRegistrationOptions.mockReturnValue(
-          E.fail(new Duplicate({ message: 'User already exists' })),
-        )
-
-        return rpcMock
-      }),
-    )
-
-    const service = pipe(
-      RegistrationServiceLive,
-      L.provide(Fixture.createCredentialTest),
-      L.provide(Fixture.capabilitiesTest),
-      L.provide(Fixture.storageServiceTest),
-      L.provide(Fixture.userServiceTest),
-      L.provide(rpcClientTest),
-    )
-
-    const layers = Layer.merge(service, rpcClientTest)
-    const effect = pipe(E.provide(assertions, layers), Logger.withMinimumLogLevel(LogLevel.None))
-
-    return E.runPromise(effect)
-  })
-
-  test('return an error if we try to re-register a credential', async () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(RegistrationService)
-
-      const defect = yield* _(service.registerPasskey(Fixture.registrationRequest), E.flip)
-
-      expect(defect).toBeInstanceOf(Duplicate)
-    })
-
-    const createTest = L.effect(
-      CreateCredential,
-      E.sync(() => {
-        const createCredential = vi.fn()
-
-        createCredential.mockReturnValue(E.fail(new Duplicate({ message: 'boom!' })))
-
-        return { createCredential }
-      }),
-    )
-
-    const service = pipe(
-      RegistrationServiceLive,
-      L.provide(Fixture.userServiceTest),
-      L.provide(Fixture.capabilitiesTest),
-      L.provide(Fixture.storageServiceTest),
-      L.provide(Fixture.rpcClientTest),
-      L.provide(createTest),
-    )
-
-    const layers = Layer.merge(service, createTest)
-    const effect = pipe(E.provide(assertions, layers), Logger.withMinimumLogLevel(LogLevel.None))
-
-    return E.runPromise(effect)
-  })
-
-  test("throw an error if the browser can't create a credential", async () => {
-    const assertions = E.gen(function* (_) {
-      const service = yield* _(RegistrationService)
-
-      const defect = yield* _(
-        service.registerPasskey(Fixture.registrationRequest),
-        E.catchAllDefect(defect => E.succeed(defect)),
-      )
-
-      expect(defect).toBeInstanceOf(InternalBrowserError)
-    })
-
-    const createTest = L.effect(
-      CreateCredential,
-      E.sync(() => {
-        const createCredential = vi.fn()
-
-        createCredential.mockReturnValue(E.fail(new InternalBrowserError({ message: 'boom!' })))
-
-        return { createCredential }
-      }),
-    )
-
-    const service = pipe(
-      RegistrationServiceLive,
-      L.provide(Fixture.userServiceTest),
-      L.provide(Fixture.capabilitiesTest),
-      L.provide(Fixture.storageServiceTest),
-      L.provide(Fixture.rpcClientTest),
-      L.provide(createTest),
-    )
-
-    const layers = Layer.merge(service, createTest)
-    const effect = pipe(E.provide(assertions, layers), Logger.withMinimumLogLevel(LogLevel.None))
-
-    return E.runPromise(effect)
-  })
-})

package/src/registration/register.ts

@@ -1,158 +0,0 @@
-/**
- * User & passkey registration effects
- */
-import {
-  type CredentialCreationOptionsJSON,
-  parseCreationOptionsFromJSON,
-} from '@github/webauthn-json/browser-ponyfill'
-import { Context, Effect as E, Layer, flow, pipe } from 'effect'
-
-import type { Duplicate, NotSupported } from '@passlock/shared/dist/error/error.js'
-import { InternalBrowserError } from '@passlock/shared/dist/error/error.js'
-import type { OptionsErrors, VerificationErrors } from '@passlock/shared/dist/rpc/registration.js'
-import { OptionsReq, VerificationReq } from '@passlock/shared/dist/rpc/registration.js'
-import type { RegistrationCredential } from '@passlock/shared/dist/schema/passkey.js'
-import type { Principal } from '@passlock/shared/dist/schema/principal.js'
-
-import { Capabilities } from '../capabilities/capabilities.js'
-import { RegistrationClient } from '../rpc/registration.js'
-import { StorageService } from '../storage/storage.js'
-import type { UserService } from '../user/user.js'
-
-/* Requests */
-
-export type RegistrationRequest = OptionsReq
-
-/* Dependencies */
-
-export class CreateCredential extends Context.Tag('@services/CreateCredential')<
-  CreateCredential,
-  {
-    createCredential: (
-      request: CredentialCreationOptions,
-    ) => E.Effect<RegistrationCredential, InternalBrowserError | Duplicate>
-  }
->() {}
-
-/* Errors */
-
-export type RegistrationErrors = NotSupported | OptionsErrors | VerificationErrors
-
-/* Service */
-
-export class RegistrationService extends Context.Tag('@services/RegistrationService')<
-  RegistrationService,
-  {
-    registerPasskey: (request: RegistrationRequest) => E.Effect<Principal, RegistrationErrors>
-  }
->() {}
-
-/* Utilities */
-
-const fetchOptions = (request: OptionsReq) => {
-  return E.gen(function* (_) {
-    yield* _(E.logDebug('Making request'))
-
-    const rpcClient = yield* _(RegistrationClient)
-    const { publicKey, session } = yield* _(rpcClient.getRegistrationOptions(request))
-
-    yield* _(E.logDebug('Converting Passlock options to CredentialCreationOptions'))
-    const options = yield* _(toCreationOptions({ publicKey }))
-
-    return { options, session }
-  })
-}
-
-const toCreationOptions = (jsonOptions: CredentialCreationOptionsJSON) => {
-  return pipe(
-    E.try(() => parseCreationOptionsFromJSON(jsonOptions)),
-    E.mapError(
-      error =>
-        new InternalBrowserError({
-          message: 'Browser was unable to create credential creation options',
-          detail: String(error.error),
-        }),
-    ),
-  )
-}
-
-const verifyCredential = (request: VerificationReq) => {
-  return E.gen(function* (_) {
-    yield* _(E.logDebug('Making request'))
-
-    const rpcClient = yield* _(RegistrationClient)
-    const { principal } = yield* _(rpcClient.verifyRegistrationCredential(request))
-
-    return principal
-  })
-}
-
-/* Effects */
-
-type Dependencies =
-  | Capabilities
-  | CreateCredential
-  | StorageService
-  | UserService
-  | RegistrationClient
-
-export const registerPasskey = (
-  request: RegistrationRequest,
-): E.Effect<Principal, RegistrationErrors, Dependencies> => {
-  const effect = E.gen(function* (_) {
-    yield* _(E.logInfo('Checking if browser supports Passkeys'))
-    const capabilities = yield* _(Capabilities)
-    yield* _(capabilities.passkeySupport)
-
-    yield* _(E.logInfo('Fetching registration options from Passlock'))
-    const { options, session } = yield* fetchOptions(new OptionsReq(request))
-
-    yield* _(E.logInfo('Building new credential'))
-    const { createCredential } = yield* _(CreateCredential)
-    const credential = yield* _(createCredential(options))
-
-    yield* _(E.logInfo('Storing credential public key in Passlock'))
-    const verificationRequest = new VerificationReq({
-      ...request,
-      credential,
-      session,
-    })
-
-    const principal = yield* _(verifyCredential(verificationRequest))
-
-    const storageService = yield* _(StorageService)
-    yield* _(storageService.storeToken(principal))
-    yield* _(E.logDebug('Storing token in local storage'))
-
-    yield* _(E.logDebug('Defering local token deletion'))
-    const delayedClearTokenE = pipe(
-      storageService.clearExpiredToken('passkey'),
-      E.delay('6 minutes'),
-      E.fork,
-    )
-    yield* _(delayedClearTokenE)
-
-    return principal
-  })
-
-  return E.catchTag(effect, 'InternalBrowserError', e => E.die(e))
-}
-
-/* Live */
-
-/* v8 ignore start */
-export const RegistrationServiceLive = Layer.effect(
-  RegistrationService,
-  E.gen(function* (_) {
-    const context = yield* _(
-      E.context<
-        CreateCredential | RegistrationClient | Capabilities | StorageService | UserService
-      >(),
-    )
-
-    return RegistrationService.of({
-      registerPasskey: flow(registerPasskey, E.provide(context)),
-    })
-  }),
-)
-/* v8 ignore stop */

package/src/rpc/authentication.ts

@@ -1,43 +0,0 @@
-import { Context, Effect as E, Layer } from 'effect'
-
-import {
-  type AuthenticationService,
-  OPTIONS_ENDPOINT,
-  OptionsErrors,
-  OptionsReq,
-  OptionsRes,
-  VERIFY_ENDPOINT,
-  VerificationErrors,
-  VerificationReq,
-  VerificationRes,
-} from '@passlock/shared/dist/rpc/authentication.js'
-
-import { Dispatcher, makePostRequest } from './client.js'
-
-/* Client */
-
-export class AuthenticationClient extends Context.Tag('@passkey/auth/client')<
-  AuthenticationClient,
-  AuthenticationService
->() {}
-
-export const AuthenticationClientLive = Layer.effect(
-  AuthenticationClient,
-  E.gen(function* (_) {
-    const dispatcher = yield* _(Dispatcher)
-
-    const optionsResolver = makePostRequest(OptionsReq, OptionsRes, OptionsErrors, dispatcher)
-
-    const verifyResolver = makePostRequest(
-      VerificationReq,
-      VerificationRes,
-      VerificationErrors,
-      dispatcher,
-    )
-
-    return {
-      getAuthenticationOptions: req => optionsResolver(OPTIONS_ENDPOINT, req),
-      verifyAuthenticationCredential: req => verifyResolver(VERIFY_ENDPOINT, req),
-    }
-  }),
-)