@passlock/client 2.0.0 → 2.0.2

package/README.md

@@ -16,7 +16,7 @@ in README.template.md and outputs to README.md
     <img align="center" width=550 height=50 src="https://passlock-assets.b-cdn.net/images/client-repo-banner.svg" />
   </picture>
   <p align="center">
-    Next generation passkey authentication for Astro, Svelte(kit), Angular and other frameworks. 
+    Next generation passkey authentication for Astro, Sveltekit, Angular and other frameworks. 
     <br />
     <a href="https://passlock.dev"><strong>Project website »</strong></a>
     <br />
@@ -32,27 +32,25 @@ in README.template.md and outputs to README.md
 
 <br />
 
-## Features
+## Key Features
 
-Passkeys and the WebAuthn API are quite complex. We've tried to simplify things for you, whilst still offering you the power and flexibility of the underlying APIs.
+Powerful features including signals and related origin requests...
 
-1. **💪 Powerful** - We expose the full WebAuthn/Passkey featureset including user verification, autofil, backup/sync and more
+1. **🔓 No lock-in**  
+Framework agnostic. Standards compliant.
 
-2. **🫆 Biometrics** - Passlock allows you to add biometric authentication to your webapps
+2. **🔑 Related origins (domain migration)**  
+Accept passkeys from other domains on your site (subject to security constraints).
 
-3. **👌 Headless components** - Giving you 100% control over the UI
+3. **🚀 Zero config passkeys**  
+Works out of the box with sensible defaults.
 
-4. **🧰 Framework agnostic** - Passlock works with all major frontend & backend frameworks 
+4. **📱 Credential management**  
+Programmatically manage passkeys on end user devices
 
-5. **👩‍💻 Dev console** - Something not working? check the unified client/server dev console
-
-6. **🖥️ Management console** - Suspend or revoke access for users, passkeys and more..
-
-7. **🕵️‍♂️ Audit trail** - View a full audit trail for each passkey and user
+5. **💪 Powerful**  
+User verification, autofill, roaming authenticators and more.
 
 ## More information
 
-Please see the [tutorial](https://passlock.dev/getting-started/) and [documentation](https://passlock.dev)
-
-[contact]: https://passlock.dev/contact
-[node]: https://www.npmjs.com/package/@passlock/node
+Please see the [tutorial](https://passlock.dev/getting-started/) and [documentation](https://passlock.dev)

package/README.template.md

@@ -16,7 +16,7 @@ in README.template.md and outputs to README.md
     <img align="center" width=550 height=50 src="#{ASSETS}#/images/client-repo-banner.svg" />
   </picture>
   <p align="center">
-    Next generation passkey authentication for Astro, Svelte(kit), Angular and other frameworks. 
+    Next generation passkey authentication for Astro, Sveltekit, Angular and other frameworks. 
     <br />
     <a href="#{PASSLOCK_SITE}#"><strong>Project website »</strong></a>
     <br />
@@ -32,27 +32,25 @@ in README.template.md and outputs to README.md
 
 <br />
 
-## Features
+## Key Features
 
-Passkeys and the WebAuthn API are quite complex. We've tried to simplify things for you, whilst still offering you the power and flexibility of the underlying APIs.
+Powerful features including signals and related origin requests...
 
-1. **💪 Powerful** - We expose the full WebAuthn/Passkey featureset including user verification, autofil, backup/sync and more
+1. **🔓 No lock-in**  
+Framework agnostic. Standards compliant.
 
-2. **🫆 Biometrics** - Passlock allows you to add biometric authentication to your webapps
+2. **🔑 Related origins (domain migration)**  
+Accept passkeys from other domains on your site (subject to security constraints).
 
-3. **👌 Headless components** - Giving you 100% control over the UI
+3. **🚀 Zero config passkeys**  
+Works out of the box with sensible defaults.
 
-4. **🧰 Framework agnostic** - Passlock works with all major frontend & backend frameworks 
+4. **📱 Credential management**  
+Programmatically manage passkeys on end user devices
 
-5. **👩‍💻 Dev console** - Something not working? check the unified client/server dev console
-
-6. **🖥️ Management console** - Suspend or revoke access for users, passkeys and more..
-
-7. **🕵️‍♂️ Audit trail** - View a full audit trail for each passkey and user
+5. **💪 Powerful**  
+User verification, autofill, roaming authenticators and more.
 
 ## More information
 
-Please see the [tutorial](#{TUTORIAL}#) and [documentation](#{DOCS}#)
-
-[contact]: https://passlock.dev/contact
-[node]: https://www.npmjs.com/package/@passlock/node
+Please see the [tutorial](#{TUTORIAL}#) and [documentation](#{DOCS}#)

package/dist/errors.d.ts

@@ -0,0 +1,4 @@
+export declare const isTagged: <A extends {
+    _tag: string;
+}>(tag: A["_tag"]) => (payload: unknown) => payload is A;
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,QAAQ,GAClB,CAAC,SAAS;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,MAC1C,SAAS,OAAO,KAAG,OAAO,IAAI,CAS9B,CAAA"}

package/dist/errors.js

@@ -0,0 +1,14 @@
+export const isTagged = (tag) => (payload) => {
+    if (typeof payload !== "object")
+        return false;
+    if (payload === null)
+        return false;
+    if (!("_tag" in payload))
+        return false;
+    if (typeof payload._tag !== "string")
+        return false;
+    if (payload._tag !== tag)
+        return false;
+    return true;
+};
+//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,QAAQ,GACnB,CAA6B,GAAc,EAAE,EAAE,CAC/C,CAAC,OAAgB,EAAgB,EAAE;IACjC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC7C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAElC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAClD,IAAI,OAAO,CAAC,IAAI,KAAK,GAAG;QAAE,OAAO,KAAK,CAAA;IAEtC,OAAO,IAAI,CAAA;AACb,CAAC,CAAA"}

package/dist/index.d.ts

@@ -1,5 +1,246 @@
-export type { PasslockOptions } from "./shared/options";
-export * from "./logger/index";
-export * from "./passkey/index";
-export { isUnexpectedError, UnexpectedError } from "./shared/network";
+/**
+ * _unsafe_ functions that could throw an error. Be sure to catch errors and use one of the
+ * type guards to narrow the thrown error down to a specific type.
+ *
+ * @categoryDescription Passkeys (core)
+ * Creating, updating, authenticating and deleting passkeys.
+ *
+ * @categoryDescription Passkeys (other)
+ * Testing for browser capabilities related to passkeys, type guards and other utilities.
+ *
+ * @showCategories
+ * @module unsafe
+ */
+import { Logger } from "./logger";
+import type { PasslockOptions } from "./options";
+import type { AuthenticationOptions, AuthenticationSuccess } from "./passkey/authentication/authentication";
+import type { RegistrationOptions, RegistrationSuccess } from "./passkey/registration/registration";
+import type { CredentialMapping, UpdatePasskeyOptions } from "./passkey/signals/signals";
+/**
+ * Registers a passkey on the user's device, then saves the server-side component in your vault.
+ * If successful, this function returns a `code` or `id_token` (JWT). The code and/or jwt should
+ * be sent to your backend for verification. See
+ * [register a passkey](https://passlock.dev/passkeys/registration/) in the documentation.
+ *
+ * @param options
+ *
+ * @returns A successful registration payload.
+ *
+ * @see {@link isRegistrationSuccess}
+ * @see {@link isPasskeyUnsupportedError}
+ * @see {@link isDuplicatePasskeyError}
+ * @see {@link isOtherPasskeyError}
+ *
+ * @throws {@link RegistrationError} (alias to a union of potential errors)
+ * @throws {@link PasskeyUnsupportedError} if the device does not support passkeys
+ * @throws {@link DuplicatePasskeyError} if `allowCredentials` includes a passkey that already exists on the device
+ * @throws {@link OtherPasskeyError} typically a low level failure
+ * @throws {@link NetworkError}
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const username = "jdoe@gmail.com";
+ *
+ * try {
+ *   const result = await registerPasskey({ tenancyId, username });
+ *   // send this to your backend for verification
+ *   console.log(result.code);
+ * } catch (error) {
+ *   if (isPasskeyUnsupportedError(error)) {
+ *     alert("passkeys not supported on this device");
+ *   } else {
+ *     console.error(error);
+ *   }
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export declare const registerPasskey: (options: RegistrationOptions, 
+/** @hidden */
+logger?: typeof Logger.Service) => Promise<RegistrationSuccess>;
+/**
+ * Asks the client to present a passkey, which is then verified against the server-side component in your vault.
+ * If successful, this function returns a `code` or `id_token` (JWT). The code and/or jwt should
+ * be sent to your backend for verification. See
+ * [authenticate a passkey](https://passlock.dev/passkeys/authentication/) in the documentation.
+ *
+ * @param options
+ *
+ * @returns A successful authentication payload.
+ *
+ * @see {@link isAuthenticationSuccess}
+ * @see {@link isPasskeyUnsupportedError}
+ * @see {@link isPasskeyNotFoundError}
+ * @see {@link isOtherPasskeyError}
+ *
+ * @throws {@link AuthenticationError} (alias to a union of potential errors)
+ * @throws {@link PasskeyUnsupportedError} if the device does not support passkeys
+ * @throws {@link PasskeyNotFoundError} if the passkey is orhpaned i.e. deleted from the vault but still present on the local device
+ * @throws {@link OtherPasskeyError} typically a low level failure
+ * @throws {@link NetworkError}
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ *
+ * try {
+ *   const result = await authenticatePasskey({ tenancyId });
+ *   // send this to your backend for verification
+ *   console.log(result.code);
+ * } catch (error) {
+ *   if (isPasskeyUnsupportedError(error)) {
+ *     alert("passkeys not supported on this device");
+ *   } else {
+ *     console.error(error);
+ *   }
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export declare const authenticatePasskey: (options: AuthenticationOptions, 
+/** @hidden */
+logger?: typeof Logger.Service) => Promise<AuthenticationSuccess>;
+/**
+ * Attempt to update the username or display name for a passkey (client-side only).
+ *
+ * Useful if the user has changed their account identifier. For example, they register
+ * using jdoe@gmail.com but later change their account username to jdoe@yahoo.com.
+ * Even after you update their account details in your backend, their local password
+ * manager will continue to display jdoe@gmail.com.
+ *
+ * By calling this function and supplying a new username/display name, their local
+ * password manager will align with their updated account identifier.
+ *
+ * @param options
+ * @returns Update status
+ * @see {@link isUpdateError}
+ * @throws {@link UpdateError} if the passkey cannot be updated
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const passkeyId = "myPasskeyId";
+ * const username = "newUsername@gmail.com";
+ * const displayName = "New Account Name";
+ *
+ * try {
+ *   const result = await updatePasskey({ tenancyId, passkeyId, username, displayName });
+ *   console.log("passkey updated");
+ * } catch (error) {
+ *   console.error(error);
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export declare const updatePasskey: (options: UpdatePasskeyOptions, 
+/** @hidden */
+logger?: typeof Logger.Service) => Promise<boolean>;
+/**
+ * Attempts to delete a passkey from a local device. There are two scenarios in which this function proves useful:
+ *
+ * 1. **Deleting a passkey**. Use the `@passlock/node` package or make  vanilla REST calls from your
+ * backend to delete the server-side component, then use this function to delete the client-side component.
+ *
+ * 2. **Missing passkey**. The user tried to present a passkey, but the server-side component could not be found.
+ * Remove the passkey from the local device to prevent it happening again.
+ *
+ * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) and
+ * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/) in the documentation.
+ *
+ * @param identifiers Passkey identifier or credential mapping.
+ * @param options Passlock tenancy and endpoint options.
+ * @returns Delete status
+ * @see {@link isDeleteError}
+ * @throws {@link DeleteError} if the passkey cannot be deleted
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const passkeyId = "myPasskeyId";
+ *
+ * try {
+ *   const result = await deletePasskey(passkeyId, { tenancyId });
+ *   console.log("passkey deleted");
+ * } catch (error) {
+ *   console.error(error);
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export declare const deletePasskey: (identifiers: string | CredentialMapping, options: PasslockOptions, 
+/** @hidden */
+logger?: typeof Logger.Service) => Promise<boolean>;
+/**
+ * Attempt to prune local passkeys by keeping only the passkey IDs you trust.
+ *
+ * This is useful when your backend is the source of truth for which passkeys
+ * should still exist for a given account on this device.
+ *
+ * @param passkeyIds IDs to keep on-device.
+ * @param options Passlock tenancy and endpoint options.
+ * @returns `true` if local passkeys were pruned.
+ * @see {@link isPruningError}
+ *
+ * @throws {@link PruningError}
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const activePasskeyIds = ["passkey-1", "passkey-2"];
+ *
+ * try {
+ *   const result = await prunePasskeys(activePasskeyIds, { tenancyId });
+ *   console.log("local passkeys pruned", result);
+ * } catch (error) {
+ *   if (isPruningError(error)) {
+ *     console.error(error.code);
+ *   } else {
+ *     console.error(error);
+ *   }
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export declare const prunePasskeys: (passkeyIds: Array<string>, options: PasslockOptions, 
+/** @hidden */
+logger?: typeof Logger.Service) => Promise<boolean>;
+/**
+ * Does the local device support programmatic passkey deletion
+ *
+ * @returns `true` if local passkey deletion is supported.
+ *
+ * @category Passkeys (other)
+ */
+export declare const isPasskeyDeleteSupport: () => boolean;
+/**
+ * Does the local device support programmatic passkey pruning
+ *
+ * @returns `true` if local passkey pruning is supported.
+ *
+ * @category Passkeys (other)
+ */
+export declare const isPasskeyPruningSupport: () => boolean;
+/**
+ * Does the local device support programmatic passkey updates
+ *
+ * @returns `true` if local passkey updates are supported.
+ *
+ * @category Passkeys (other)
+ */
+export declare const isPasskeyUpdateSupport: () => boolean;
+export type { NetworkError } from "./internal/network";
+export { isNetworkError } from "./internal/network";
+export { LogEvent, Logger, LogLevel, } from "./logger";
+export type { PasslockOptions } from "./options";
+export type { AuthenticationError, AuthenticationEvent, AuthenticationOptions, AuthenticationSuccess, OnAuthenticationEvent, } from "./passkey/authentication/authentication";
+export { AuthenticationHelper, isAuthenticationSuccess, } from "./passkey/authentication/authentication";
+export type { ErrorCode } from "./passkey/errors";
+export { DeleteError, DuplicatePasskeyError, isDeleteError, isDuplicatePasskeyError, isOtherPasskeyError, isPasskeyNotFoundError, isPasskeyUnsupportedError, isPruningError, isUpdateError, OtherPasskeyError, PasskeyNotFoundError, PasskeyUnsupportedError, PruningError, UpdateError, } from "./passkey/errors";
+export type { OnRegistrationEvent, RegistrationError, RegistrationEvent, RegistrationOptions, RegistrationSuccess, } from "./passkey/registration/registration";
+export { isRegistrationSuccess, RegistrationHelper, } from "./passkey/registration/registration";
+export type { UserVerification } from "./passkey/shared";
+export type { CredentialMapping, UpdatePasskeyOptions, } from "./passkey/signals/signals";
+export { isAutofillSupport, isPasskeySupport, } from "./passkey/support";
+export type { Principal } from "./principal";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AACvD,cAAc,gBAAgB,CAAA;AAC9B,cAAc,iBAAiB,CAAA;AAC/B,OAAO,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAIH,OAAO,EAAe,MAAM,EAAE,MAAM,UAAU,CAAA;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,KAAK,EACV,qBAAqB,EACrB,qBAAqB,EACtB,MAAM,yCAAyC,CAAA;AAKhD,OAAO,KAAK,EACV,mBAAmB,EACnB,mBAAmB,EACpB,MAAM,qCAAqC,CAAA;AAK5C,OAAO,KAAK,EACV,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,2BAA2B,CAAA;AAalC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AACH,eAAO,MAAM,eAAe,GAC1B,SAAS,mBAAmB;AAC5B,cAAc;AACd,SAAQ,OAAO,MAAM,CAAC,OAAqB,KAC1C,OAAO,CAAC,mBAAmB,CAM3B,CAAA;AAIH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,eAAO,MAAM,mBAAmB,GAC9B,SAAS,qBAAqB;AAC9B,cAAc;AACd,SAAQ,OAAO,MAAM,CAAC,OAAqB,KAC1C,OAAO,CAAC,qBAAqB,CAM7B,CAAA;AAIH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB;AAC7B,cAAc;AACd,SAAQ,OAAO,MAAM,CAAC,OAAqB,KAC1C,OAAO,CAAC,OAAO,CAGjB,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,eAAO,MAAM,aAAa,GACxB,aAAa,MAAM,GAAG,iBAAiB,EACvC,SAAS,eAAe;AACxB,cAAc;AACd,SAAQ,OAAO,MAAM,CAAC,OAAqB,KAC1C,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,eAAO,MAAM,aAAa,GACxB,YAAY,KAAK,CAAC,MAAM,CAAC,EACzB,SAAS,eAAe;AACxB,cAAc;AACd,SAAQ,OAAO,MAAM,CAAC,OAAqB,KAC1C,OAAO,CAAC,OAAO,CAGjB,CAAA;AAID;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB,eACW,CAAA;AAE9C;;;;;;GAMG;AACH,eAAO,MAAM,uBAAuB,eACW,CAAA;AAE/C;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB,eACW,CAAA;AAI9C,YAAY,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACnD,OAAO,EACL,QAAQ,EACR,MAAM,EACN,QAAQ,GACT,MAAM,UAAU,CAAA;AACjB,YAAY,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAChD,YAAY,EACV,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,yCAAyC,CAAA;AAChD,OAAO,EACL,oBAAoB,EACpB,uBAAuB,GACxB,MAAM,yCAAyC,CAAA;AAChD,YAAY,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AACjD,OAAO,EACL,WAAW,EACX,qBAAqB,EACrB,aAAa,EACb,uBAAuB,EACvB,mBAAmB,EACnB,sBAAsB,EACtB,yBAAyB,EACzB,cAAc,EACd,aAAa,EACb,iBAAiB,EACjB,oBAAoB,EACpB,uBAAuB,EACvB,YAAY,EACZ,WAAW,GACZ,MAAM,kBAAkB,CAAA;AACzB,YAAY,EACV,mBAAmB,EACnB,iBAAiB,EACjB,iBAAiB,EACjB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,qCAAqC,CAAA;AAC5C,OAAO,EACL,qBAAqB,EACrB,kBAAkB,GACnB,MAAM,qCAAqC,CAAA;AAC5C,YAAY,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAA;AACxD,YAAY,EACV,iBAAiB,EACjB,oBAAoB,GACrB,MAAM,2BAA2B,CAAA;AAClC,OAAO,EACL,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA"}

package/dist/index.js

@@ -1,4 +1,254 @@
-export * from "./logger/index";
-export * from "./passkey/index";
-export { isUnexpectedError, UnexpectedError } from "./shared/network";
+/**
+ * _unsafe_ functions that could throw an error. Be sure to catch errors and use one of the
+ * type guards to narrow the thrown error down to a specific type.
+ *
+ * @categoryDescription Passkeys (core)
+ * Creating, updating, authenticating and deleting passkeys.
+ *
+ * @categoryDescription Passkeys (other)
+ * Testing for browser capabilities related to passkeys, type guards and other utilities.
+ *
+ * @showCategories
+ * @module unsafe
+ */
+import { Micro, pipe } from "effect";
+import { runToPromiseUnsafe } from "./internal";
+import { eventLogger, Logger } from "./logger";
+import { AuthenticationHelper, authenticatePasskey as authenticatePasskeyM, } from "./passkey/authentication/authentication";
+import { RegistrationHelper, registerPasskey as registerPasskeyM, } from "./passkey/registration/registration";
+import { deletePasskey as deletePasskeyM, isPasskeyDeleteSupport as isPasskeyDeleteSupportM, isPasskeyPruningSupport as isPasskeyPruningSupportM, isPasskeyUpdateSupport as isPasskeyUpdateSupportM, prunePasskeys as prunePasskeysM, signalCredentialRemoval, updatePasskey as updatePasskeyM, } from "./passkey/signals/signals";
+/* Registration */
+/**
+ * Registers a passkey on the user's device, then saves the server-side component in your vault.
+ * If successful, this function returns a `code` or `id_token` (JWT). The code and/or jwt should
+ * be sent to your backend for verification. See
+ * [register a passkey](https://passlock.dev/passkeys/registration/) in the documentation.
+ *
+ * @param options
+ *
+ * @returns A successful registration payload.
+ *
+ * @see {@link isRegistrationSuccess}
+ * @see {@link isPasskeyUnsupportedError}
+ * @see {@link isDuplicatePasskeyError}
+ * @see {@link isOtherPasskeyError}
+ *
+ * @throws {@link RegistrationError} (alias to a union of potential errors)
+ * @throws {@link PasskeyUnsupportedError} if the device does not support passkeys
+ * @throws {@link DuplicatePasskeyError} if `allowCredentials` includes a passkey that already exists on the device
+ * @throws {@link OtherPasskeyError} typically a low level failure
+ * @throws {@link NetworkError}
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const username = "jdoe@gmail.com";
+ *
+ * try {
+ *   const result = await registerPasskey({ tenancyId, username });
+ *   // send this to your backend for verification
+ *   console.log(result.code);
+ * } catch (error) {
+ *   if (isPasskeyUnsupportedError(error)) {
+ *     alert("passkeys not supported on this device");
+ *   } else {
+ *     console.error(error);
+ *   }
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export const registerPasskey = async (options, 
+/** @hidden */
+logger = eventLogger) => pipe(registerPasskeyM(options), Micro.provideService(RegistrationHelper, RegistrationHelper.Default), Micro.provideService(Logger, logger), runToPromiseUnsafe);
+/* Authentication */
+/**
+ * Asks the client to present a passkey, which is then verified against the server-side component in your vault.
+ * If successful, this function returns a `code` or `id_token` (JWT). The code and/or jwt should
+ * be sent to your backend for verification. See
+ * [authenticate a passkey](https://passlock.dev/passkeys/authentication/) in the documentation.
+ *
+ * @param options
+ *
+ * @returns A successful authentication payload.
+ *
+ * @see {@link isAuthenticationSuccess}
+ * @see {@link isPasskeyUnsupportedError}
+ * @see {@link isPasskeyNotFoundError}
+ * @see {@link isOtherPasskeyError}
+ *
+ * @throws {@link AuthenticationError} (alias to a union of potential errors)
+ * @throws {@link PasskeyUnsupportedError} if the device does not support passkeys
+ * @throws {@link PasskeyNotFoundError} if the passkey is orhpaned i.e. deleted from the vault but still present on the local device
+ * @throws {@link OtherPasskeyError} typically a low level failure
+ * @throws {@link NetworkError}
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ *
+ * try {
+ *   const result = await authenticatePasskey({ tenancyId });
+ *   // send this to your backend for verification
+ *   console.log(result.code);
+ * } catch (error) {
+ *   if (isPasskeyUnsupportedError(error)) {
+ *     alert("passkeys not supported on this device");
+ *   } else {
+ *     console.error(error);
+ *   }
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export const authenticatePasskey = (options, 
+/** @hidden */
+logger = eventLogger) => pipe(authenticatePasskeyM(options), Micro.provideService(AuthenticationHelper, AuthenticationHelper.Default), Micro.provideService(Logger, logger), runToPromiseUnsafe);
+/* Signals */
+/**
+ * Attempt to update the username or display name for a passkey (client-side only).
+ *
+ * Useful if the user has changed their account identifier. For example, they register
+ * using jdoe@gmail.com but later change their account username to jdoe@yahoo.com.
+ * Even after you update their account details in your backend, their local password
+ * manager will continue to display jdoe@gmail.com.
+ *
+ * By calling this function and supplying a new username/display name, their local
+ * password manager will align with their updated account identifier.
+ *
+ * @param options
+ * @returns Update status
+ * @see {@link isUpdateError}
+ * @throws {@link UpdateError} if the passkey cannot be updated
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const passkeyId = "myPasskeyId";
+ * const username = "newUsername@gmail.com";
+ * const displayName = "New Account Name";
+ *
+ * try {
+ *   const result = await updatePasskey({ tenancyId, passkeyId, username, displayName });
+ *   console.log("passkey updated");
+ * } catch (error) {
+ *   console.error(error);
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export const updatePasskey = (options, 
+/** @hidden */
+logger = eventLogger) => {
+    const micro = updatePasskeyM(options);
+    return pipe(micro, Micro.provideService(Logger, logger), runToPromiseUnsafe);
+};
+/**
+ * Attempts to delete a passkey from a local device. There are two scenarios in which this function proves useful:
+ *
+ * 1. **Deleting a passkey**. Use the `@passlock/node` package or make  vanilla REST calls from your
+ * backend to delete the server-side component, then use this function to delete the client-side component.
+ *
+ * 2. **Missing passkey**. The user tried to present a passkey, but the server-side component could not be found.
+ * Remove the passkey from the local device to prevent it happening again.
+ *
+ * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) and
+ * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/) in the documentation.
+ *
+ * @param identifiers Passkey identifier or credential mapping.
+ * @param options Passlock tenancy and endpoint options.
+ * @returns Delete status
+ * @see {@link isDeleteError}
+ * @throws {@link DeleteError} if the passkey cannot be deleted
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const passkeyId = "myPasskeyId";
+ *
+ * try {
+ *   const result = await deletePasskey(passkeyId, { tenancyId });
+ *   console.log("passkey deleted");
+ * } catch (error) {
+ *   console.error(error);
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export const deletePasskey = (identifiers, options, 
+/** @hidden */
+logger = eventLogger) => {
+    const micro = typeof identifiers === "string"
+        ? deletePasskeyM(identifiers, options)
+        : signalCredentialRemoval(identifiers);
+    return pipe(micro, Micro.provideService(Logger, logger), runToPromiseUnsafe);
+};
+/**
+ * Attempt to prune local passkeys by keeping only the passkey IDs you trust.
+ *
+ * This is useful when your backend is the source of truth for which passkeys
+ * should still exist for a given account on this device.
+ *
+ * @param passkeyIds IDs to keep on-device.
+ * @param options Passlock tenancy and endpoint options.
+ * @returns `true` if local passkeys were pruned.
+ * @see {@link isPruningError}
+ *
+ * @throws {@link PruningError}
+ *
+ * @example
+ * // from your Passlock console settings
+ * const tenancyId = "myTenancyId";
+ * const activePasskeyIds = ["passkey-1", "passkey-2"];
+ *
+ * try {
+ *   const result = await prunePasskeys(activePasskeyIds, { tenancyId });
+ *   console.log("local passkeys pruned", result);
+ * } catch (error) {
+ *   if (isPruningError(error)) {
+ *     console.error(error.code);
+ *   } else {
+ *     console.error(error);
+ *   }
+ * }
+ *
+ * @category Passkeys (core)
+ */
+export const prunePasskeys = (passkeyIds, options, 
+/** @hidden */
+logger = eventLogger) => {
+    const micro = prunePasskeysM(passkeyIds, options);
+    return pipe(micro, Micro.provideService(Logger, logger), runToPromiseUnsafe);
+};
+/* Support */
+/**
+ * Does the local device support programmatic passkey deletion
+ *
+ * @returns `true` if local passkey deletion is supported.
+ *
+ * @category Passkeys (other)
+ */
+export const isPasskeyDeleteSupport = () => pipe(isPasskeyDeleteSupportM, Micro.runSync);
+/**
+ * Does the local device support programmatic passkey pruning
+ *
+ * @returns `true` if local passkey pruning is supported.
+ *
+ * @category Passkeys (other)
+ */
+export const isPasskeyPruningSupport = () => pipe(isPasskeyPruningSupportM, Micro.runSync);
+/**
+ * Does the local device support programmatic passkey updates
+ *
+ * @returns `true` if local passkey updates are supported.
+ *
+ * @category Passkeys (other)
+ */
+export const isPasskeyUpdateSupport = () => pipe(isPasskeyUpdateSupportM, Micro.runSync);
+export { isNetworkError } from "./internal/network";
+export { LogEvent, Logger, LogLevel, } from "./logger";
+export { AuthenticationHelper, isAuthenticationSuccess, } from "./passkey/authentication/authentication";
+export { DeleteError, DuplicatePasskeyError, isDeleteError, isDuplicatePasskeyError, isOtherPasskeyError, isPasskeyNotFoundError, isPasskeyUnsupportedError, isPruningError, isUpdateError, OtherPasskeyError, PasskeyNotFoundError, PasskeyUnsupportedError, PruningError, UpdateError, } from "./passkey/errors";
+export { isRegistrationSuccess, RegistrationHelper, } from "./passkey/registration/registration";
+export { isAutofillSupport, isPasskeySupport, } from "./passkey/support";
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,gBAAgB,CAAA;AAC9B,cAAc,iBAAiB,CAAA;AAC/B,OAAO,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AACpC,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAA;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AAM9C,OAAO,EACL,oBAAoB,EACpB,mBAAmB,IAAI,oBAAoB,GAC5C,MAAM,yCAAyC,CAAA;AAKhD,OAAO,EACL,kBAAkB,EAClB,eAAe,IAAI,gBAAgB,GACpC,MAAM,qCAAqC,CAAA;AAK5C,OAAO,EACL,aAAa,IAAI,cAAc,EAC/B,sBAAsB,IAAI,uBAAuB,EACjD,uBAAuB,IAAI,wBAAwB,EACnD,sBAAsB,IAAI,uBAAuB,EACjD,aAAa,IAAI,cAAc,EAC/B,uBAAuB,EACvB,aAAa,IAAI,cAAc,GAChC,MAAM,2BAA2B,CAAA;AAElC,kBAAkB;AAElB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAClC,OAA4B;AAC5B,cAAc;AACd,SAAgC,WAAW,EACb,EAAE,CAChC,IAAI,CACF,gBAAgB,CAAC,OAAO,CAAC,EACzB,KAAK,CAAC,cAAc,CAAC,kBAAkB,EAAE,kBAAkB,CAAC,OAAO,CAAC,EACpE,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EACpC,kBAAkB,CACnB,CAAA;AAEH,oBAAoB;AAEpB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CACjC,OAA8B;AAC9B,cAAc;AACd,SAAgC,WAAW,EACX,EAAE,CAClC,IAAI,CACF,oBAAoB,CAAC,OAAO,CAAC,EAC7B,KAAK,CAAC,cAAc,CAAC,oBAAoB,EAAE,oBAAoB,CAAC,OAAO,CAAC,EACxE,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EACpC,kBAAkB,CACnB,CAAA;AAEH,aAAa;AAEb;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B;AAC7B,cAAc;AACd,SAAgC,WAAW,EACzB,EAAE;IACpB,MAAM,KAAK,GAAG,cAAc,CAAC,OAAO,CAAC,CAAA;IACrC,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,kBAAkB,CAAC,CAAA;AAC9E,CAAC,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,WAAuC,EACvC,OAAwB;AACxB,cAAc;AACd,SAAgC,WAAW,EACzB,EAAE;IACpB,MAAM,KAAK,GACT,OAAO,WAAW,KAAK,QAAQ;QAC7B,CAAC,CAAC,cAAc,CAAC,WAAW,EAAE,OAAO,CAAC;QACtC,CAAC,CAAC,uBAAuB,CAAC,WAAW,CAAC,CAAA;IAE1C,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,kBAAkB,CAAC,CAAA;AAC9E,CAAC,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,UAAyB,EACzB,OAAwB;AACxB,cAAc;AACd,SAAgC,WAAW,EACzB,EAAE;IACpB,MAAM,KAAK,GAAG,cAAc,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;IACjD,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,kBAAkB,CAAC,CAAA;AAC9E,CAAC,CAAA;AAED,aAAa;AAEb;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,GAAG,EAAE,CACzC,IAAI,CAAC,uBAAuB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;AAE9C;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,GAAG,EAAE,CAC1C,IAAI,CAAC,wBAAwB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;AAE/C;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,GAAG,EAAE,CACzC,IAAI,CAAC,uBAAuB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAA;AAK9C,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACnD,OAAO,EACL,QAAQ,EACR,MAAM,EACN,QAAQ,GACT,MAAM,UAAU,CAAA;AASjB,OAAO,EACL,oBAAoB,EACpB,uBAAuB,GACxB,MAAM,yCAAyC,CAAA;AAEhD,OAAO,EACL,WAAW,EACX,qBAAqB,EACrB,aAAa,EACb,uBAAuB,EACvB,mBAAmB,EACnB,sBAAsB,EACtB,yBAAyB,EACzB,cAAc,EACd,aAAa,EACb,iBAAiB,EACjB,oBAAoB,EACpB,uBAAuB,EACvB,YAAY,EACZ,WAAW,GACZ,MAAM,kBAAkB,CAAA;AAQzB,OAAO,EACL,qBAAqB,EACrB,kBAAkB,GACnB,MAAM,qCAAqC,CAAA;AAM5C,OAAO,EACL,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,mBAAmB,CAAA"}

package/dist/internal/index.d.ts

@@ -0,0 +1,4 @@
+export * from "./network";
+export * from "./promise";
+export * from "./tenancy";
+//# sourceMappingURL=index.d.ts.map

package/dist/internal/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/internal/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAA;AACzB,cAAc,WAAW,CAAA;AACzB,cAAc,WAAW,CAAA"}