@passlock/node 2.0.0-beta.2 → 2.0.0-beta.5

package/dist/principal/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/principal/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAE/D,OAAO,EAEL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,aAAa,CAAC;AAIrB,OAAO,EAEL,eAAe,GAGhB,MAAM,cAAc,CAAC;AAItB,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,IAAY,EACZ,OAA6B,EACiB,EAAE,CAChD,IAAI,CACF,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,EAC5B,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,KAAK,CAAC;IACX,SAAS,EAAE,QAAQ;IACnB,SAAS,EAAE,QAAQ;CACpB,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,CAClB,CAAC;AAEJ;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,IAAY,EACZ,OAA6B,EACT,EAAE,CACtB,IAAI,CACF,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,EAC5B,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,EACjB,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClB,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;IACrB,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,IAAI,CACF,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAChB,KAAK,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC,EAC5D,KAAK,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC,EAC7D,KAAK,CAAC,GAAG,CACP,oBAAoB,EACpB,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,eAAe,CAAC,GAAG,CAAC,CAClC,EACD,KAAK,CAAC,GAAG,CACP,kBAAkB,EAClB,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACX,IAAI,eAAe,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CACtD,EACD,KAAK,CAAC,UAAU,EAChB,CAAC,WAAW,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAC7C;IACH,OAAO,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;CAC/C,CAAC,CACH,CACJ,CAAC;AAEJ;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAa,EACb,OAAmB,EACqB,EAAE,CAC1C,IAAI,CACF,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAC9B,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,KAAK,CAAC;IACX,SAAS,EAAE,QAAQ;IACnB,SAAS,EAAE,QAAQ;CACpB,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,CAClB,CAAC;AAEJ;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CACjC,KAAa,EACb,OAAmB,EACC,EAAE,CACtB,IAAI,CACF,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAC9B,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,EACjB,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClB,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;IACrB,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;IACzD,OAAO,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;CAC/C,CAAC,CACH,CACJ,CAAC","sourcesContent":["import { FetchHttpClient } from \"@effect/platform\";\nimport { Effect, Either, identity, Match, pipe } from \"effect\";\n\nimport {\n  type Principal,\n  exchangeCode as exchangeCodeE,\n  verifyIdToken as verifyIdTokenE,\n} from \"./effect.js\";\n\nimport type { VerificationError, InvalidCode } from \"./effect.js\";\n\nimport {\n  type Forbidden,\n  UnexpectedError,\n  type ApiOptions,\n  type AuthorizedApiOptions,\n} from \"../shared.js\";\n\nexport type { VerificationError, Principal } from \"./effect.js\";\n\nexport { isPrincipal } from \"./effect.js\";\n\n/**\n * Call the Passlock backend API to exchange a code for a Principal\n * @param code\n * @package options\n * @returns\n */\nexport const exchangeCode = (\n  code: string,\n  options: AuthorizedApiOptions,\n): Promise<Principal | Forbidden | InvalidCode> =>\n  pipe(\n    exchangeCodeE(code, options),\n    Effect.catchTags({\n      ParseError: (err) => Effect.die(err),\n      RequestError: (err) => Effect.die(err),\n      ResponseError: (err) => Effect.die(err),\n    }),\n    Effect.match({\n      onSuccess: identity,\n      onFailure: identity,\n    }),\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise,\n  );\n\n/**\n * Call the Passlock backend API to exchange a code for a Principal\n * @param code\n * @package options\n * @returns\n */\nexport const exchangeCodeUnsafe = (\n  code: string,\n  options: AuthorizedApiOptions,\n): Promise<Principal> =>\n  pipe(\n    exchangeCodeE(code, options),\n    Effect.either,\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise,\n    (p) =>\n      p.then((response) =>\n        Either.match(response, {\n          onLeft: (err) =>\n            pipe(\n              Match.value(err),\n              Match.tag(\"ParseError\", (err) => new UnexpectedError(err)),\n              Match.tag(\"RequestError\", (err) => new UnexpectedError(err)),\n              Match.tag(\"ResponseError\", (err) => new UnexpectedError(err)),\n              Match.tag(\n                \"@error/InvalidCode\",\n                (err) => new UnexpectedError(err),\n              ),\n              Match.tag(\n                \"@error/Forbidden\",\n                ({ _tag }) =>\n                  new UnexpectedError({ _tag, message: \"Forbidden\" }),\n              ),\n              Match.exhaustive,\n              (serverError) => Promise.reject(serverError),\n            ),\n          onRight: (success) => Promise.resolve(success),\n        }),\n      ),\n  );\n\n/**\n * Decode and verify a Passlock idToken.\n * Note: This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n * @param token\n * @param options\n * @returns\n */\nexport const verifyIdToken = (\n  token: string,\n  options: ApiOptions,\n): Promise<Principal | VerificationError> =>\n  pipe(\n    verifyIdTokenE(token, options),\n    Effect.catchTags({\n      ParseError: (err) => Effect.die(err),\n    }),\n    Effect.match({\n      onSuccess: identity,\n      onFailure: identity,\n    }),\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise,\n  );\n\n/**\n * Decode and verify a Passlock idToken.\n * Note: This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n * @param token\n * @param options\n * @returns\n */\nexport const verifyIdTokenUnsafe = (\n  token: string,\n  options: ApiOptions,\n): Promise<Principal> =>\n  pipe(\n    verifyIdTokenE(token, options),\n    Effect.either,\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise,\n    (p) =>\n      p.then((response) =>\n        Either.match(response, {\n          onLeft: (err) => Promise.reject(new UnexpectedError(err)),\n          onRight: (success) => Promise.resolve(success),\n        }),\n      ),\n  );\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/principal/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC/C,OAAO,EAEL,YAAY,IAAI,aAAa,EAG7B,aAAa,IAAI,cAAc,GAChC,MAAM,cAAc,CAAA;AAErB;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,IAAY,EACZ,OAA4B,EAC0B,EAAE,CACxD,IAAI,CACF,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,EAC5B,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,IAAY,EACZ,OAA4B,EACA,EAAE,CAC9B,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE9F;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAa,EACb,OAA2B,EACe,EAAE,CAC5C,IAAI,CACF,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAC9B,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CACjC,KAAa,EACb,OAA2B,EACP,EAAE,CACtB,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAShG,cAAc,yBAAyB,CAAA","sourcesContent":["import type { Forbidden, InvalidCode } from \"../schemas/errors.js\"\nimport type { ExtendedPrincipal, Principal } from \"../schemas/principal.js\"\nimport { FetchHttpClient } from \"@effect/platform\"\nimport { Effect, identity, pipe } from \"effect\"\nimport {\n  type ExchangeCodeOptions,\n  exchangeCode as exchangeCodeE,\n  type VerificationFailure,\n  type VerifyTokenOptions,\n  verifyIdToken as verifyIdTokenE,\n} from \"./effects.js\"\n\n/**\n * Call the Passlock backend API to exchange a code for a Principal\n * @param code\n * @package options\n * @returns\n */\nexport const exchangeCode = (\n  code: string,\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal | Forbidden | InvalidCode> =>\n  pipe(\n    exchangeCodeE(code, options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise\n  )\n\n/**\n * Call the Passlock backend API to exchange a code for a Principal\n * @param code\n * @package options\n * @returns\n */\nexport const exchangeCodeUnsafe = (\n  code: string,\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal> =>\n  pipe(exchangeCodeE(code, options), Effect.provide(FetchHttpClient.layer), Effect.runPromise)\n\n/**\n * Decode and verify a Passlock idToken.\n * Note: This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n * @param token\n * @param options\n * @returns\n */\nexport const verifyIdToken = (\n  token: string,\n  options: VerifyTokenOptions\n): Promise<Principal | VerificationFailure> =>\n  pipe(\n    verifyIdTokenE(token, options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Decode and verify a Passlock idToken.\n * Note: This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n * @param token\n * @param options\n * @returns\n */\nexport const verifyIdTokenUnsafe = (\n  token: string,\n  options: VerifyTokenOptions\n): Promise<Principal> =>\n  pipe(verifyIdTokenE(token, options), Effect.provide(FetchHttpClient.layer), Effect.runPromise)\n\nexport type { InvalidCode } from \"../schemas/errors.js\"\nexport type {\n  ExchangeCodeOptions,\n  Principal,\n  VerificationFailure,\n  VerifyTokenOptions,\n} from \"./effects.js\"\nexport * from \"../schemas/principal.js\"\n"]}

package/dist/schemas/errors.d.ts

@@ -0,0 +1,68 @@
+import { Schema } from "effect";
+declare const Unauthorized_base: Schema.TaggedErrorClass<Unauthorized, "@error/Unauthorized", {
+    readonly _tag: Schema.tag<"@error/Unauthorized">;
+}>;
+export declare class Unauthorized extends Unauthorized_base {
+}
+declare const Forbidden_base: Schema.TaggedErrorClass<Forbidden, "@error/Forbidden", {
+    readonly _tag: Schema.tag<"@error/Forbidden">;
+}>;
+export declare class Forbidden extends Forbidden_base {
+}
+declare const InvalidCode_base: Schema.TaggedErrorClass<InvalidCode, "@error/InvalidCode", {
+    readonly _tag: Schema.tag<"@error/InvalidCode">;
+} & {
+    message: typeof Schema.String;
+}>;
+export declare class InvalidCode extends InvalidCode_base {
+}
+declare const InvalidTenancy_base: Schema.TaggedErrorClass<InvalidTenancy, "@error/InvalidTenancy", {
+    readonly _tag: Schema.tag<"@error/InvalidTenancy">;
+} & {
+    message: typeof Schema.String;
+}>;
+export declare class InvalidTenancy extends InvalidTenancy_base {
+}
+declare const PasskeyNotFound_base: Schema.TaggedErrorClass<PasskeyNotFound, "@error/PasskeyNotFound", {
+    readonly _tag: Schema.tag<"@error/PasskeyNotFound">;
+} & {
+    credentialId: typeof Schema.String;
+    message: typeof Schema.String;
+    rpId: typeof Schema.String;
+}>;
+/**
+ * We need the credentialId and rpId to feed into the
+ * client's signalCredentialRemoval function
+ */
+export declare class PasskeyNotFound extends PasskeyNotFound_base {
+}
+declare const NotFound_base: Schema.TaggedErrorClass<NotFound, "@error/NotFound", {
+    readonly _tag: Schema.tag<"@error/NotFound">;
+} & {
+    message: typeof Schema.String;
+}>;
+export declare class NotFound extends NotFound_base {
+}
+declare const InvalidEmail_base: Schema.TaggedErrorClass<InvalidEmail, "@error/InvalidEmail", {
+    readonly _tag: Schema.tag<"@error/InvalidEmail">;
+} & {
+    message: typeof Schema.String;
+}>;
+export declare class InvalidEmail extends InvalidEmail_base {
+}
+declare const DuplicateEmail_base: Schema.TaggedErrorClass<DuplicateEmail, "@error/DuplicateEmail", {
+    readonly _tag: Schema.tag<"@error/DuplicateEmail">;
+} & {
+    message: typeof Schema.String;
+}>;
+export declare class DuplicateEmail extends DuplicateEmail_base {
+}
+declare const BadRequest_base: Schema.TaggedErrorClass<BadRequest, "@error/BadRequest", {
+    readonly _tag: Schema.tag<"@error/BadRequest">;
+} & {
+    message: typeof Schema.String;
+}>;
+export declare class BadRequest extends BadRequest_base {
+}
+export {};
+//# sourceMappingURL=errors.d.ts.map

package/dist/schemas/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/schemas/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;;;;AAE/B,qBAAa,YAAa,SAAQ,iBAA6D;CAAG;;;;AAElG,qBAAa,SAAU,SAAQ,cAAuD;CAAG;;;;;;AAEzF,qBAAa,WAAY,SAAQ,gBAKhC;CAAG;;;;;;AAEJ,qBAAa,cAAe,SAAQ,mBAElC;CAAG;;;;;;;;AAEL;;;GAGG;AACH,qBAAa,eAAgB,SAAQ,oBAOpC;CAAG;;;;;;AAEJ,qBAAa,QAAS,SAAQ,aAE5B;CAAG;;;;;;AAEL,qBAAa,YAAa,SAAQ,iBAGjC;CAAG;;;;;;AAEJ,qBAAa,cAAe,SAAQ,mBAGnC;CAAG;;;;;;AAEJ,qBAAa,UAAW,SAAQ,eAG/B;CAAG"}

package/dist/schemas/errors.js

@@ -0,0 +1,34 @@
+import { Schema } from "effect";
+export class Unauthorized extends Schema.TaggedError()("@error/Unauthorized", {}) {
+}
+export class Forbidden extends Schema.TaggedError()("@error/Forbidden", {}) {
+}
+export class InvalidCode extends Schema.TaggedError("@error/InvalidCode")("@error/InvalidCode", {
+    message: Schema.String,
+}) {
+}
+export class InvalidTenancy extends Schema.TaggedError()("@error/InvalidTenancy", {
+    message: Schema.String,
+}) {
+}
+/**
+ * We need the credentialId and rpId to feed into the
+ * client's signalCredentialRemoval function
+ */
+export class PasskeyNotFound extends Schema.TaggedError("@error/PasskeyNotFound")("@error/PasskeyNotFound", {
+    credentialId: Schema.String,
+    message: Schema.String,
+    rpId: Schema.String,
+}) {
+}
+export class NotFound extends Schema.TaggedError("@error/NotFound")("@error/NotFound", {
+    message: Schema.String,
+}) {
+}
+export class InvalidEmail extends Schema.TaggedError("@error/InvalidEmail")("@error/InvalidEmail", { message: Schema.String }) {
+}
+export class DuplicateEmail extends Schema.TaggedError("@error/DuplicateEmail")("@error/DuplicateEmail", { message: Schema.String }) {
+}
+export class BadRequest extends Schema.TaggedError("@error/BadRequest")("@error/BadRequest", { message: Schema.String }) {
+}
+//# sourceMappingURL=errors.js.map

package/dist/schemas/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/schemas/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,MAAM,OAAO,YAAa,SAAQ,MAAM,CAAC,WAAW,EAAgB,CAAC,qBAAqB,EAAE,EAAE,CAAC;CAAG;AAElG,MAAM,OAAO,SAAU,SAAQ,MAAM,CAAC,WAAW,EAAa,CAAC,kBAAkB,EAAE,EAAE,CAAC;CAAG;AAEzF,MAAM,OAAO,WAAY,SAAQ,MAAM,CAAC,WAAW,CAAc,oBAAoB,CAAC,CACpF,oBAAoB,EACpB;IACE,OAAO,EAAE,MAAM,CAAC,MAAM;CACvB,CACF;CAAG;AAEJ,MAAM,OAAO,cAAe,SAAQ,MAAM,CAAC,WAAW,EAAkB,CAAC,uBAAuB,EAAE;IAChG,OAAO,EAAE,MAAM,CAAC,MAAM;CACvB,CAAC;CAAG;AAEL;;;GAGG;AACH,MAAM,OAAO,eAAgB,SAAQ,MAAM,CAAC,WAAW,CAAkB,wBAAwB,CAAC,CAChG,wBAAwB,EACxB;IACE,YAAY,EAAE,MAAM,CAAC,MAAM;IAC3B,OAAO,EAAE,MAAM,CAAC,MAAM;IACtB,IAAI,EAAE,MAAM,CAAC,MAAM;CACpB,CACF;CAAG;AAEJ,MAAM,OAAO,QAAS,SAAQ,MAAM,CAAC,WAAW,CAAW,iBAAiB,CAAC,CAAC,iBAAiB,EAAE;IAC/F,OAAO,EAAE,MAAM,CAAC,MAAM;CACvB,CAAC;CAAG;AAEL,MAAM,OAAO,YAAa,SAAQ,MAAM,CAAC,WAAW,CAAe,qBAAqB,CAAC,CACvF,qBAAqB,EACrB,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,CAC3B;CAAG;AAEJ,MAAM,OAAO,cAAe,SAAQ,MAAM,CAAC,WAAW,CAAiB,uBAAuB,CAAC,CAC7F,uBAAuB,EACvB,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,CAC3B;CAAG;AAEJ,MAAM,OAAO,UAAW,SAAQ,MAAM,CAAC,WAAW,CAAa,mBAAmB,CAAC,CACjF,mBAAmB,EACnB,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,CAC3B;CAAG","sourcesContent":["import { Schema } from \"effect\"\n\nexport class Unauthorized extends Schema.TaggedError<Unauthorized>()(\"@error/Unauthorized\", {}) {}\n\nexport class Forbidden extends Schema.TaggedError<Forbidden>()(\"@error/Forbidden\", {}) {}\n\nexport class InvalidCode extends Schema.TaggedError<InvalidCode>(\"@error/InvalidCode\")(\n  \"@error/InvalidCode\",\n  {\n    message: Schema.String,\n  }\n) {}\n\nexport class InvalidTenancy extends Schema.TaggedError<InvalidTenancy>()(\"@error/InvalidTenancy\", {\n  message: Schema.String,\n}) {}\n\n/**\n * We need the credentialId and rpId to feed into the\n * client's signalCredentialRemoval function\n */\nexport class PasskeyNotFound extends Schema.TaggedError<PasskeyNotFound>(\"@error/PasskeyNotFound\")(\n  \"@error/PasskeyNotFound\",\n  {\n    credentialId: Schema.String,\n    message: Schema.String,\n    rpId: Schema.String,\n  }\n) {}\n\nexport class NotFound extends Schema.TaggedError<NotFound>(\"@error/NotFound\")(\"@error/NotFound\", {\n  message: Schema.String,\n}) {}\n\nexport class InvalidEmail extends Schema.TaggedError<InvalidEmail>(\"@error/InvalidEmail\")(\n  \"@error/InvalidEmail\",\n  { message: Schema.String }\n) {}\n\nexport class DuplicateEmail extends Schema.TaggedError<DuplicateEmail>(\"@error/DuplicateEmail\")(\n  \"@error/DuplicateEmail\",\n  { message: Schema.String }\n) {}\n\nexport class BadRequest extends Schema.TaggedError<BadRequest>(\"@error/BadRequest\")(\n  \"@error/BadRequest\",\n  { message: Schema.String }\n) {}\n"]}

package/dist/schemas/index.d.ts

@@ -0,0 +1,5 @@
+export * from "./errors.js";
+export * from "./passkey.js";
+export * from "./principal.js";
+export * from "./signup.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/schemas/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/schemas/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAA;AAC3B,cAAc,cAAc,CAAA;AAC5B,cAAc,gBAAgB,CAAA;AAC9B,cAAc,aAAa,CAAA"}

package/dist/schemas/index.js

@@ -0,0 +1,5 @@
+export * from "./errors.js";
+export * from "./passkey.js";
+export * from "./principal.js";
+export * from "./signup.js";
+//# sourceMappingURL=index.js.map

package/dist/schemas/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/schemas/index.ts"],"names":[],"mappings":"AAAA,cAAc,aAAa,CAAA;AAC3B,cAAc,cAAc,CAAA;AAC5B,cAAc,gBAAgB,CAAA;AAC9B,cAAc,aAAa,CAAA","sourcesContent":["export * from \"./errors.js\"\nexport * from \"./passkey.js\"\nexport * from \"./principal.js\"\nexport * from \"./signup.js\"\n"]}

package/dist/schemas/passkey.d.ts

@@ -0,0 +1,63 @@
+import { Schema } from "effect";
+export declare const UserVerificationSchema: Schema.Literal<["required", "preferred", "discouraged"]>;
+export declare const CredentialDeviceType: readonly ["singleDevice", "multiDevice"];
+export type CredentialDeviceType = (typeof CredentialDeviceType)[number];
+export declare const Transports: readonly ["ble", "hybrid", "internal", "nfc", "usb", "cable", "smart-card"];
+export type Transports = (typeof Transports)[number];
+export declare const Passkey: Schema.TaggedStruct<"Passkey", {
+    createdAt: typeof Schema.Number;
+    credential: Schema.Struct<{
+        aaguid: typeof Schema.String;
+        backedUp: typeof Schema.Boolean;
+        counter: typeof Schema.Number;
+        deviceType: Schema.Literal<["singleDevice", "multiDevice"]>;
+        id: typeof Schema.String;
+        transports: Schema.Array$<Schema.Literal<["ble", "hybrid", "internal", "nfc", "usb", "cable", "smart-card"]>>;
+        userId: typeof Schema.String;
+    }>;
+    enabled: typeof Schema.Boolean;
+    id: typeof Schema.String;
+    lastUsed: Schema.optional<typeof Schema.Number>;
+    platform: Schema.optional<Schema.Struct<{
+        icon: Schema.optional<typeof Schema.String>;
+        name: Schema.optional<typeof Schema.String>;
+    }>>;
+    updatedAt: typeof Schema.Number;
+    userId: Schema.optional<typeof Schema.String>;
+}>;
+export type Passkey = typeof Passkey.Type;
+export declare const isPasskey: (payload: unknown) => payload is Passkey;
+export declare const PasskeySummary: Schema.TaggedStruct<"PasskeySummary", {
+    id: typeof Schema.String;
+    userId: typeof Schema.String;
+    credential: Schema.Struct<{
+        aaguid: typeof Schema.String;
+    }>;
+    enabled: typeof Schema.Boolean;
+    createdAt: typeof Schema.Number;
+    lastUsed: Schema.optional<typeof Schema.Number>;
+}>;
+export type PasskeySummary = typeof PasskeySummary.Type;
+export declare const isPasskeySummary: (payload: unknown) => payload is PasskeySummary;
+export declare const FindAllPasskeys: Schema.TaggedStruct<"FindAllPasskeys", {
+    cursor: Schema.NullOr<typeof Schema.String>;
+    records: Schema.Array$<Schema.TaggedStruct<"PasskeySummary", {
+        id: typeof Schema.String;
+        userId: typeof Schema.String;
+        credential: Schema.Struct<{
+            aaguid: typeof Schema.String;
+        }>;
+        enabled: typeof Schema.Boolean;
+        createdAt: typeof Schema.Number;
+        lastUsed: Schema.optional<typeof Schema.Number>;
+    }>>;
+}>;
+export type FindAllPasskeys = typeof FindAllPasskeys.Type;
+export declare const DeletedPasskey: Schema.TaggedStruct<"DeletedPasskey", {
+    passkeyId: typeof Schema.String;
+    credentialId: typeof Schema.String;
+    rpId: typeof Schema.String;
+}>;
+export type DeletedPasskey = typeof DeletedPasskey.Type;
+export declare const isDeletedPasskey: (payload: unknown) => payload is DeletedPasskey;
+//# sourceMappingURL=passkey.d.ts.map

package/dist/schemas/passkey.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.d.ts","sourceRoot":"","sources":["../../src/schemas/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAI/B,eAAO,MAAM,sBAAsB,0DAAyD,CAAA;AAI5F,eAAO,MAAM,oBAAoB,0CAA2C,CAAA;AAC5E,MAAM,MAAM,oBAAoB,GAAG,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAA;AAExE,eAAO,MAAM,UAAU,6EAQb,CAAA;AACV,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,CAAC,CAAA;AAIpD,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;EAsBlB,CAAA;AAEF,MAAM,MAAM,OAAO,GAAG,OAAO,OAAO,CAAC,IAAI,CAAA;AAEzC,eAAO,MAAM,SAAS,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,OAAsC,CAAA;AAE9F,eAAO,MAAM,cAAc;;;;;;;;;EASzB,CAAA;AAEF,MAAM,MAAM,cAAc,GAAG,OAAO,cAAc,CAAC,IAAI,CAAA;AAEvD,eAAO,MAAM,gBAAgB,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,cAC3B,CAAA;AAEpC,eAAO,MAAM,eAAe;;;;;;;;;;;;EAG1B,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,OAAO,eAAe,CAAC,IAAI,CAAA;AAEzD,eAAO,MAAM,cAAc;;;;EAIzB,CAAA;AAEF,MAAM,MAAM,cAAc,GAAG,OAAO,cAAc,CAAC,IAAI,CAAA;AAEvD,eAAO,MAAM,gBAAgB,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,cAC3B,CAAA"}

package/dist/schemas/passkey.js

@@ -0,0 +1,59 @@
+import { Schema } from "effect";
+/* Registration Options */
+export const UserVerificationSchema = Schema.Literal("required", "preferred", "discouraged");
+/* Passkey */
+export const CredentialDeviceType = ["singleDevice", "multiDevice"];
+export const Transports = [
+    "ble",
+    "hybrid",
+    "internal",
+    "nfc",
+    "usb",
+    "cable",
+    "smart-card",
+];
+/* Passkey */
+export const Passkey = Schema.TaggedStruct("Passkey", {
+    createdAt: Schema.Number,
+    credential: Schema.Struct({
+        aaguid: Schema.String,
+        backedUp: Schema.Boolean,
+        counter: Schema.Number,
+        deviceType: Schema.Literal(...CredentialDeviceType),
+        id: Schema.String, // webAuthnId (Base64Url)
+        transports: Schema.Array(Schema.Literal(...Transports)),
+        userId: Schema.String, // webAuthnUserId (Base64Url)
+    }),
+    enabled: Schema.Boolean,
+    id: Schema.String,
+    lastUsed: Schema.optional(Schema.Number),
+    platform: Schema.optional(Schema.Struct({
+        icon: Schema.optional(Schema.String),
+        name: Schema.optional(Schema.String),
+    })),
+    updatedAt: Schema.Number,
+    userId: Schema.optional(Schema.String),
+});
+export const isPasskey = (payload) => Schema.is(Passkey)(payload);
+export const PasskeySummary = Schema.TaggedStruct("PasskeySummary", {
+    id: Schema.String,
+    userId: Schema.String,
+    credential: Schema.Struct({
+        aaguid: Schema.String,
+    }),
+    enabled: Schema.Boolean,
+    createdAt: Schema.Number,
+    lastUsed: Schema.optional(Schema.Number),
+});
+export const isPasskeySummary = (payload) => Schema.is(PasskeySummary)(payload);
+export const FindAllPasskeys = Schema.TaggedStruct("FindAllPasskeys", {
+    cursor: Schema.NullOr(Schema.String),
+    records: Schema.Array(PasskeySummary),
+});
+export const DeletedPasskey = Schema.TaggedStruct("DeletedPasskey", {
+    passkeyId: Schema.String,
+    credentialId: Schema.String,
+    rpId: Schema.String,
+});
+export const isDeletedPasskey = (payload) => Schema.is(DeletedPasskey)(payload);
+//# sourceMappingURL=passkey.js.map

package/dist/schemas/passkey.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/schemas/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,0BAA0B;AAE1B,MAAM,CAAC,MAAM,sBAAsB,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,WAAW,EAAE,aAAa,CAAC,CAAA;AAE5F,aAAa;AAEb,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,cAAc,EAAE,aAAa,CAAU,CAAA;AAG5E,MAAM,CAAC,MAAM,UAAU,GAAG;IACxB,KAAK;IACL,QAAQ;IACR,UAAU;IACV,KAAK;IACL,KAAK;IACL,OAAO;IACP,YAAY;CACJ,CAAA;AAGV,aAAa;AAEb,MAAM,CAAC,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE;IACpD,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC;QACxB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,MAAM,CAAC,OAAO;QACxB,OAAO,EAAE,MAAM,CAAC,MAAM;QACtB,UAAU,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,oBAAoB,CAAC;QACnD,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE,yBAAyB;QAC5C,UAAU,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,UAAU,CAAC,CAAC;QACvD,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,6BAA6B;KACrD,CAAC;IACF,OAAO,EAAE,MAAM,CAAC,OAAO;IACvB,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;IACxC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CACvB,MAAM,CAAC,MAAM,CAAC;QACZ,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;QACpC,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;KACrC,CAAC,CACH;IACD,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;CACvC,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAgB,EAAsB,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA;AAE9F,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE;IAClE,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM;IACrB,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC;QACxB,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC;IACF,OAAO,EAAE,MAAM,CAAC,OAAO;IACvB,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;CACzC,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAA;AAEpC,MAAM,CAAC,MAAM,eAAe,GAAG,MAAM,CAAC,YAAY,CAAC,iBAAiB,EAAE;IACpE,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;IACpC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC;CACtC,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAC,YAAY,CAAC,gBAAgB,EAAE;IAClE,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,YAAY,EAAE,MAAM,CAAC,MAAM;IAC3B,IAAI,EAAE,MAAM,CAAC,MAAM;CACpB,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAA","sourcesContent":["import { Schema } from \"effect\"\n\n/* Registration Options */\n\nexport const UserVerificationSchema = Schema.Literal(\"required\", \"preferred\", \"discouraged\")\n\n/* Passkey */\n\nexport const CredentialDeviceType = [\"singleDevice\", \"multiDevice\"] as const\nexport type CredentialDeviceType = (typeof CredentialDeviceType)[number]\n\nexport const Transports = [\n  \"ble\",\n  \"hybrid\",\n  \"internal\",\n  \"nfc\",\n  \"usb\",\n  \"cable\",\n  \"smart-card\",\n] as const\nexport type Transports = (typeof Transports)[number]\n\n/* Passkey */\n\nexport const Passkey = Schema.TaggedStruct(\"Passkey\", {\n  createdAt: Schema.Number,\n  credential: Schema.Struct({\n    aaguid: Schema.String,\n    backedUp: Schema.Boolean,\n    counter: Schema.Number,\n    deviceType: Schema.Literal(...CredentialDeviceType),\n    id: Schema.String, // webAuthnId (Base64Url)\n    transports: Schema.Array(Schema.Literal(...Transports)),\n    userId: Schema.String, // webAuthnUserId (Base64Url)\n  }),\n  enabled: Schema.Boolean,\n  id: Schema.String,\n  lastUsed: Schema.optional(Schema.Number),\n  platform: Schema.optional(\n    Schema.Struct({\n      icon: Schema.optional(Schema.String),\n      name: Schema.optional(Schema.String),\n    })\n  ),\n  updatedAt: Schema.Number,\n  userId: Schema.optional(Schema.String),\n})\n\nexport type Passkey = typeof Passkey.Type\n\nexport const isPasskey = (payload: unknown): payload is Passkey => Schema.is(Passkey)(payload)\n\nexport const PasskeySummary = Schema.TaggedStruct(\"PasskeySummary\", {\n  id: Schema.String,\n  userId: Schema.String,\n  credential: Schema.Struct({\n    aaguid: Schema.String,\n  }),\n  enabled: Schema.Boolean,\n  createdAt: Schema.Number,\n  lastUsed: Schema.optional(Schema.Number),\n})\n\nexport type PasskeySummary = typeof PasskeySummary.Type\n\nexport const isPasskeySummary = (payload: unknown): payload is PasskeySummary =>\n  Schema.is(PasskeySummary)(payload)\n\nexport const FindAllPasskeys = Schema.TaggedStruct(\"FindAllPasskeys\", {\n  cursor: Schema.NullOr(Schema.String),\n  records: Schema.Array(PasskeySummary),\n})\n\nexport type FindAllPasskeys = typeof FindAllPasskeys.Type\n\nexport const DeletedPasskey = Schema.TaggedStruct(\"DeletedPasskey\", {\n  passkeyId: Schema.String,\n  credentialId: Schema.String,\n  rpId: Schema.String,\n})\n\nexport type DeletedPasskey = typeof DeletedPasskey.Type\n\nexport const isDeletedPasskey = (payload: unknown): payload is DeletedPasskey =>\n  Schema.is(DeletedPasskey)(payload)\n"]}

package/dist/schemas/principal.d.ts

@@ -0,0 +1,48 @@
+import { Schema } from "effect";
+export declare const Principal: Schema.TaggedStruct<"Principal", {
+    id: typeof Schema.String;
+    authenticatorId: typeof Schema.String;
+    authenticatorType: Schema.Literal<["passkey"]>;
+    createdAt: typeof Schema.Number;
+    expiresAt: typeof Schema.Number;
+    passkey: Schema.optional<Schema.Struct<{
+        userVerified: typeof Schema.Boolean;
+        verified: typeof Schema.Boolean;
+    }>>;
+    userId: typeof Schema.String;
+}>;
+export type Principal = typeof Principal.Type;
+export declare const isPrincipal: (payload: unknown) => payload is Principal;
+export declare const ExtendedPrincipal: Schema.TaggedStruct<"ExtendedPrincipal", {
+    id: typeof Schema.String;
+    authenticatorId: typeof Schema.String;
+    authenticatorType: Schema.Literal<["passkey"]>;
+    createdAt: typeof Schema.Number;
+    expiresAt: typeof Schema.Number;
+    passkey: Schema.optional<Schema.Struct<{
+        platformName: Schema.optional<typeof Schema.String>;
+        userVerified: typeof Schema.Boolean;
+        verified: typeof Schema.Boolean;
+    }>>;
+    userId: typeof Schema.String;
+    metadata: Schema.Struct<{
+        ipAddress: Schema.optional<typeof Schema.String>;
+        userAgent: Schema.optional<typeof Schema.String>;
+    }>;
+}>;
+export type ExtendedPrincipal = typeof ExtendedPrincipal.Type;
+export declare const isExtendedPrincipal: (payload: unknown) => payload is ExtendedPrincipal;
+export declare const IdToken: Schema.TaggedStruct<"IdToken", {
+    "a:id": typeof Schema.String;
+    "a:typ": typeof Schema.String;
+    aud: typeof Schema.String;
+    exp: typeof Schema.Number;
+    iat: typeof Schema.Number;
+    iss: Schema.Literal<["passlock.dev"]>;
+    jti: typeof Schema.String;
+    "pk:uv": typeof Schema.Boolean;
+    sub: typeof Schema.String;
+}>;
+export type IdToken = typeof IdToken.Type;
+export declare const isIdToken: (payload: unknown) => payload is IdToken;
+//# sourceMappingURL=principal.d.ts.map

package/dist/schemas/principal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../src/schemas/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAI/B,eAAO,MAAM,SAAS;;;;;;;;;;;EAapB,CAAA;AAEF,MAAM,MAAM,SAAS,GAAG,OAAO,SAAS,CAAC,IAAI,CAAA;AAE7C,eAAO,MAAM,WAAW,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,SAA0C,CAAA;AAEpG,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;EAkB5B,CAAA;AAEF,MAAM,MAAM,iBAAiB,GAAG,OAAO,iBAAiB,CAAC,IAAI,CAAA;AAE7D,eAAO,MAAM,mBAAmB,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,iBAC3B,CAAA;AAEvC,eAAO,MAAM,OAAO;;;;;;;;;;EAUlB,CAAA;AAEF,MAAM,MAAM,OAAO,GAAG,OAAO,OAAO,CAAC,IAAI,CAAA;AAEzC,eAAO,MAAM,SAAS,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,OAAsC,CAAA"}

package/dist/schemas/principal.js

@@ -0,0 +1,46 @@
+import { Schema } from "effect";
+/* Principal */
+export const Principal = Schema.TaggedStruct("Principal", {
+    id: Schema.String,
+    authenticatorId: Schema.String,
+    authenticatorType: Schema.Literal("passkey"),
+    createdAt: Schema.Number,
+    expiresAt: Schema.Number,
+    passkey: Schema.optional(Schema.Struct({
+        userVerified: Schema.Boolean,
+        verified: Schema.Boolean,
+    })),
+    userId: Schema.String,
+});
+export const isPrincipal = (payload) => Schema.is(Principal)(payload);
+export const ExtendedPrincipal = Schema.TaggedStruct("ExtendedPrincipal", {
+    id: Schema.String,
+    authenticatorId: Schema.String,
+    authenticatorType: Schema.Literal("passkey"),
+    createdAt: Schema.Number,
+    expiresAt: Schema.Number,
+    passkey: Schema.optional(Schema.Struct({
+        platformName: Schema.optional(Schema.String),
+        userVerified: Schema.Boolean,
+        verified: Schema.Boolean,
+    })),
+    userId: Schema.String,
+    metadata: Schema.Struct({
+        ipAddress: Schema.optional(Schema.String),
+        userAgent: Schema.optional(Schema.String),
+    }),
+});
+export const isExtendedPrincipal = (payload) => Schema.is(ExtendedPrincipal)(payload);
+export const IdToken = Schema.TaggedStruct("IdToken", {
+    "a:id": Schema.String,
+    "a:typ": Schema.String,
+    aud: Schema.String,
+    exp: Schema.Number,
+    iat: Schema.Number,
+    iss: Schema.Literal("passlock.dev"),
+    jti: Schema.String,
+    "pk:uv": Schema.Boolean,
+    sub: Schema.String,
+});
+export const isIdToken = (payload) => Schema.is(IdToken)(payload);
+//# sourceMappingURL=principal.js.map

package/dist/schemas/principal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../src/schemas/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,eAAe;AAEf,MAAM,CAAC,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE;IACxD,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,eAAe,EAAE,MAAM,CAAC,MAAM;IAC9B,iBAAiB,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;IAC5C,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,OAAO,EAAE,MAAM,CAAC,QAAQ,CACtB,MAAM,CAAC,MAAM,CAAC;QACZ,YAAY,EAAE,MAAM,CAAC,OAAO;QAC5B,QAAQ,EAAE,MAAM,CAAC,OAAO;KACzB,CAAC,CACH;IACD,MAAM,EAAE,MAAM,CAAC,MAAM;CACtB,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,OAAgB,EAAwB,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAA;AAEpG,MAAM,CAAC,MAAM,iBAAiB,GAAG,MAAM,CAAC,YAAY,CAAC,mBAAmB,EAAE;IACxE,EAAE,EAAE,MAAM,CAAC,MAAM;IACjB,eAAe,EAAE,MAAM,CAAC,MAAM;IAC9B,iBAAiB,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;IAC5C,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,OAAO,EAAE,MAAM,CAAC,QAAQ,CACtB,MAAM,CAAC,MAAM,CAAC;QACZ,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;QAC5C,YAAY,EAAE,MAAM,CAAC,OAAO;QAC5B,QAAQ,EAAE,MAAM,CAAC,OAAO;KACzB,CAAC,CACH;IACD,MAAM,EAAE,MAAM,CAAC,MAAM;IACrB,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC;QACtB,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;QACzC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;KAC1C,CAAC;CACH,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,OAAgB,EAAgC,EAAE,CACpF,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,CAAA;AAEvC,MAAM,CAAC,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE;IACpD,MAAM,EAAE,MAAM,CAAC,MAAM;IACrB,OAAO,EAAE,MAAM,CAAC,MAAM;IACtB,GAAG,EAAE,MAAM,CAAC,MAAM;IAClB,GAAG,EAAE,MAAM,CAAC,MAAM;IAClB,GAAG,EAAE,MAAM,CAAC,MAAM;IAClB,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC;IACnC,GAAG,EAAE,MAAM,CAAC,MAAM;IAClB,OAAO,EAAE,MAAM,CAAC,OAAO;IACvB,GAAG,EAAE,MAAM,CAAC,MAAM;CACnB,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAgB,EAAsB,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA","sourcesContent":["import { Schema } from \"effect\"\n\n/* Principal */\n\nexport const Principal = Schema.TaggedStruct(\"Principal\", {\n  id: Schema.String,\n  authenticatorId: Schema.String,\n  authenticatorType: Schema.Literal(\"passkey\"),\n  createdAt: Schema.Number,\n  expiresAt: Schema.Number,\n  passkey: Schema.optional(\n    Schema.Struct({\n      userVerified: Schema.Boolean,\n      verified: Schema.Boolean,\n    })\n  ),\n  userId: Schema.String,\n})\n\nexport type Principal = typeof Principal.Type\n\nexport const isPrincipal = (payload: unknown): payload is Principal => Schema.is(Principal)(payload)\n\nexport const ExtendedPrincipal = Schema.TaggedStruct(\"ExtendedPrincipal\", {\n  id: Schema.String,\n  authenticatorId: Schema.String,\n  authenticatorType: Schema.Literal(\"passkey\"),\n  createdAt: Schema.Number,\n  expiresAt: Schema.Number,\n  passkey: Schema.optional(\n    Schema.Struct({\n      platformName: Schema.optional(Schema.String),\n      userVerified: Schema.Boolean,\n      verified: Schema.Boolean,\n    })\n  ),\n  userId: Schema.String,\n  metadata: Schema.Struct({\n    ipAddress: Schema.optional(Schema.String),\n    userAgent: Schema.optional(Schema.String),\n  }),\n})\n\nexport type ExtendedPrincipal = typeof ExtendedPrincipal.Type\n\nexport const isExtendedPrincipal = (payload: unknown): payload is ExtendedPrincipal =>\n  Schema.is(ExtendedPrincipal)(payload)\n\nexport const IdToken = Schema.TaggedStruct(\"IdToken\", {\n  \"a:id\": Schema.String,\n  \"a:typ\": Schema.String,\n  aud: Schema.String,\n  exp: Schema.Number,\n  iat: Schema.Number,\n  iss: Schema.Literal(\"passlock.dev\"),\n  jti: Schema.String,\n  \"pk:uv\": Schema.Boolean,\n  sub: Schema.String,\n})\n\nexport type IdToken = typeof IdToken.Type\n\nexport const isIdToken = (payload: unknown): payload is IdToken => Schema.is(IdToken)(payload)\n"]}

package/dist/schemas/signup.d.ts

@@ -0,0 +1,13 @@
+import { Schema } from "effect";
+export declare const SignupPayload: Schema.Struct<{
+    email: typeof Schema.String;
+    firstName: typeof Schema.String;
+    lastName: typeof Schema.String;
+}>;
+export type SignupPayload = typeof SignupPayload.Type;
+export declare const TenancyData: Schema.TaggedStruct<"TenancyData", {
+    apiKey: Schema.Redacted<typeof Schema.String>;
+    tenancyId: typeof Schema.String;
+}>;
+export type TenancyData = typeof TenancyData.Type;
+//# sourceMappingURL=signup.d.ts.map

package/dist/schemas/signup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signup.d.ts","sourceRoot":"","sources":["../../src/schemas/signup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,eAAO,MAAM,aAAa;;;;EAIxB,CAAA;AAEF,MAAM,MAAM,aAAa,GAAG,OAAO,aAAa,CAAC,IAAI,CAAA;AAErD,eAAO,MAAM,WAAW;;;EAGtB,CAAA;AAEF,MAAM,MAAM,WAAW,GAAG,OAAO,WAAW,CAAC,IAAI,CAAA"}

package/dist/schemas/signup.js

@@ -0,0 +1,11 @@
+import { Schema } from "effect";
+export const SignupPayload = Schema.Struct({
+    email: Schema.String,
+    firstName: Schema.String,
+    lastName: Schema.String,
+});
+export const TenancyData = Schema.TaggedStruct("TenancyData", {
+    apiKey: Schema.Redacted(Schema.String),
+    tenancyId: Schema.String,
+});
+//# sourceMappingURL=signup.js.map

package/dist/schemas/signup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signup.js","sourceRoot":"","sources":["../../src/schemas/signup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,MAAM,CAAC,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC;IACzC,KAAK,EAAE,MAAM,CAAC,MAAM;IACpB,SAAS,EAAE,MAAM,CAAC,MAAM;IACxB,QAAQ,EAAE,MAAM,CAAC,MAAM;CACxB,CAAC,CAAA;AAIF,MAAM,CAAC,MAAM,WAAW,GAAG,MAAM,CAAC,YAAY,CAAC,aAAa,EAAE;IAC5D,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;IACtC,SAAS,EAAE,MAAM,CAAC,MAAM;CACzB,CAAC,CAAA","sourcesContent":["import { Schema } from \"effect\"\n\nexport const SignupPayload = Schema.Struct({\n  email: Schema.String,\n  firstName: Schema.String,\n  lastName: Schema.String,\n})\n\nexport type SignupPayload = typeof SignupPayload.Type\n\nexport const TenancyData = Schema.TaggedStruct(\"TenancyData\", {\n  apiKey: Schema.Redacted(Schema.String),\n  tenancyId: Schema.String,\n})\n\nexport type TenancyData = typeof TenancyData.Type\n"]}

package/dist/shared.d.ts

@@ -1,32 +1,14 @@
-import { Schema } from "effect";
-export interface ApiOptions {
+import { NotFound } from "./schemas/errors.js";
+export interface TenancyOptions {
     tenancyId: string;
     /**
      * @default https://api.passlock.dev
      */
     endpoint?: string;
 }
-export interface AuthorizedApiOptions extends ApiOptions {
+export interface AuthenticatedTenancyOptions extends TenancyOptions {
     apiKey: string;
 }
-declare const NotFound_base: Schema.TaggedErrorClass<NotFound, "@error/NotFound", {
-    readonly _tag: Schema.tag<"@error/NotFound">;
-} & {
-    message: typeof Schema.String;
-}>;
-export declare class NotFound extends NotFound_base {
-    static isNotFound: (payload: unknown) => payload is NotFound;
-}
-declare const Unauthorized_base: Schema.TaggedErrorClass<Unauthorized, "@error/Unauthorized", {
-    readonly _tag: Schema.tag<"@error/Unauthorized">;
-}>;
-export declare class Unauthorized extends Unauthorized_base {
-}
-declare const Forbidden_base: Schema.TaggedErrorClass<Forbidden, "@error/Forbidden", {
-    readonly _tag: Schema.tag<"@error/Forbidden">;
-}>;
-export declare class Forbidden extends Forbidden_base {
-}
 export declare class UnexpectedError extends Error {
     readonly _tag: string;
     constructor(data: {
@@ -35,5 +17,5 @@ export declare class UnexpectedError extends Error {
     });
     readonly toString: () => string;
 }
-export {};
+export declare const isNotFound: (payload: unknown) => payload is NotFound;
 //# sourceMappingURL=shared.d.ts.map

package/dist/shared.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAqB,SAAQ,UAAU;IACtD,MAAM,EAAE,MAAM,CAAC;CAChB;;;;;;AAED,qBAAa,QAAS,SAAQ,aAK7B;IACC,MAAM,CAAC,UAAU,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,QAAQ,CAC5B;CAChC;;;;AAGD,qBAAa,YAAa,SAAQ,iBAGjC;CAAG;;;;AAGJ,qBAAa,SAAU,SAAQ,cAG9B;CAAG;AAEJ,qBAAa,eAAgB,SAAQ,KAAK;IACxC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;gBAEV,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE;IAKnD,SAAkB,QAAQ,QAAO,MAAM,CACE;CAC1C"}
+{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAE9C,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,2BAA4B,SAAQ,cAAc;IACjE,MAAM,EAAE,MAAM,CAAA;CACf;AAED,qBAAa,eAAgB,SAAQ,KAAK;IACxC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;gBAET,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE;IAKnD,SAAkB,QAAQ,QAAO,MAAM,CAA0C;CAClF;AAED,eAAO,MAAM,UAAU,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,QAAwC,CAAA"}

package/dist/shared.js

@@ -1,15 +1,5 @@
 import { Schema } from "effect";
-export class NotFound extends Schema.TaggedError("@error/NotFound")("@error/NotFound", {
-    message: Schema.String,
-}) {
-    static isNotFound = (payload) => Schema.is(NotFound)(payload);
-}
-// Define a schema for the "Unauthorized" error
-export class Unauthorized extends Schema.TaggedError()("@error/Unauthorized", {}) {
-}
-// Define a schema for the "Unauthorized" error
-export class Forbidden extends Schema.TaggedError()("@error/Forbidden", {}) {
-}
+import { NotFound } from "./schemas/errors.js";
 export class UnexpectedError extends Error {
     _tag;
     constructor(data) {
@@ -18,4 +8,5 @@ export class UnexpectedError extends Error {
     }
     toString = () => `${this.message} (_tag: ${this._tag})`;
 }
+export const isNotFound = (payload) => Schema.is(NotFound)(payload);
 //# sourceMappingURL=shared.js.map

package/dist/shared.js.map

@@ -1 +1 @@
-{"version":3,"file":"shared.js","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAchC,MAAM,OAAO,QAAS,SAAQ,MAAM,CAAC,WAAW,CAAW,iBAAiB,CAAC,CAC3E,iBAAiB,EACjB;IACE,OAAO,EAAE,MAAM,CAAC,MAAM;CACvB,CACF;IACC,MAAM,CAAC,UAAU,GAAG,CAAC,OAAgB,EAAuB,EAAE,CAC5D,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC;;AAGjC,+CAA+C;AAC/C,MAAM,OAAO,YAAa,SAAQ,MAAM,CAAC,WAAW,EAAgB,CAClE,qBAAqB,EACrB,EAAE,CACH;CAAG;AAEJ,+CAA+C;AAC/C,MAAM,OAAO,SAAU,SAAQ,MAAM,CAAC,WAAW,EAAa,CAC5D,kBAAkB,EAClB,EAAE,CACH;CAAG;AAEJ,MAAM,OAAO,eAAgB,SAAQ,KAAK;IAC/B,IAAI,CAAS;IAEtB,YAAY,IAAuC;QACjD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACpB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;IACxB,CAAC;IAEiB,QAAQ,GAAG,GAAW,EAAE,CACxC,GAAG,IAAI,CAAC,OAAO,WAAW,IAAI,CAAC,IAAI,GAAG,CAAC;CAC1C","sourcesContent":["import { Schema } from \"effect\";\n\nexport interface ApiOptions {\n  tenancyId: string;\n  /**\n   * @default https://api.passlock.dev\n   */\n  endpoint?: string;\n}\n\nexport interface AuthorizedApiOptions extends ApiOptions {\n  apiKey: string;\n}\n\nexport class NotFound extends Schema.TaggedError<NotFound>(\"@error/NotFound\")(\n  \"@error/NotFound\",\n  {\n    message: Schema.String,\n  },\n) {\n  static isNotFound = (payload: unknown): payload is NotFound =>\n    Schema.is(NotFound)(payload);\n}\n\n// Define a schema for the \"Unauthorized\" error\nexport class Unauthorized extends Schema.TaggedError<Unauthorized>()(\n  \"@error/Unauthorized\",\n  {},\n) {}\n\n// Define a schema for the \"Unauthorized\" error\nexport class Forbidden extends Schema.TaggedError<Forbidden>()(\n  \"@error/Forbidden\",\n  {},\n) {}\n\nexport class UnexpectedError extends Error {\n  readonly _tag: string;\n\n  constructor(data: { _tag: string; message: string }) {\n    super(data.message);\n    this._tag = data._tag;\n  }\n\n  override readonly toString = (): string =>\n    `${this.message} (_tag: ${this._tag})`;\n}\n"]}
+{"version":3,"file":"shared.js","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC/B,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAc9C,MAAM,OAAO,eAAgB,SAAQ,KAAK;IAC/B,IAAI,CAAQ;IAErB,YAAY,IAAuC;QACjD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;IACvB,CAAC;IAEiB,QAAQ,GAAG,GAAW,EAAE,CAAC,GAAG,IAAI,CAAC,OAAO,WAAW,IAAI,CAAC,IAAI,GAAG,CAAA;CAClF;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAAgB,EAAuB,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAA","sourcesContent":["import { Schema } from \"effect\"\nimport { NotFound } from \"./schemas/errors.js\"\n\nexport interface TenancyOptions {\n  tenancyId: string\n  /**\n   * @default https://api.passlock.dev\n   */\n  endpoint?: string\n}\n\nexport interface AuthenticatedTenancyOptions extends TenancyOptions {\n  apiKey: string\n}\n\nexport class UnexpectedError extends Error {\n  readonly _tag: string\n\n  constructor(data: { _tag: string; message: string }) {\n    super(data.message)\n    this._tag = data._tag\n  }\n\n  override readonly toString = (): string => `${this.message} (_tag: ${this._tag})`\n}\n\nexport const isNotFound = (payload: unknown): payload is NotFound => Schema.is(NotFound)(payload)\n"]}

package/dist/testUtils.d.ts

@@ -0,0 +1,11 @@
+import { type HeadersInit } from "@effect/platform-node/Undici";
+import { Effect, Redacted } from "effect";
+export declare const intTestConfig: Effect.Effect<{
+    tenancyId: string;
+    passkeyId: string;
+    code: string;
+    apiKey: Redacted.Redacted<string>;
+    endpoint: string;
+}, import("effect/ConfigError").ConfigError, never>;
+export declare const getHeaderValue: (headers: HeadersInit, header: string) => string | null;
+//# sourceMappingURL=testUtils.d.ts.map

package/dist/testUtils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"testUtils.d.ts","sourceRoot":"","sources":["../src/testUtils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,KAAK,WAAW,EAAE,MAAM,8BAA8B,CAAA;AACxE,OAAO,EAAiB,MAAM,EAAgB,QAAQ,EAAE,MAAM,QAAQ,CAAA;AAkBtE,eAAO,MAAM,aAAa;;;;;;mDAQxB,CAAA;AAEF,eAAO,MAAM,cAAc,GAAI,SAAS,WAAW,EAAE,QAAQ,MAAM,KAAG,MAAM,GAAG,IAc9E,CAAA"}

package/dist/testUtils.js

@@ -0,0 +1,25 @@
+import { Headers } from "@effect/platform-node/Undici";
+import { Array, Config, Effect, Option, pipe, Redacted } from "effect";
+const lookupTenancyId = pipe(Config.string("PASSLOCK_TENANCY_ID"), Config.withDefault("itTenancy"));
+const lookupPasskeyId = pipe(Config.string("PASSLOCK_PASSKEY_ID"), Config.withDefault("itPasskey"));
+const lookupCode = pipe(Config.string("PASSLOCK_PRINCIPAL_CODE"), Config.withDefault("itPrincipal"));
+const lookupApiKey = pipe(Config.redacted("PASSLOCK_API_KEY"), Config.withDefault(Redacted.make("itApiKey")));
+const lookupEndpoint = pipe(Config.string("PASSLOCK_ENDPOINT"), Config.withDefault("http://localhost:3000"));
+export const intTestConfig = Effect.gen(function* () {
+    const tenancyId = yield* lookupTenancyId;
+    const passkeyId = yield* lookupPasskeyId;
+    const code = yield* lookupCode;
+    const apiKey = yield* lookupApiKey;
+    const endpoint = yield* lookupEndpoint;
+    return { tenancyId, passkeyId, code, apiKey, endpoint };
+});
+export const getHeaderValue = (headers, header) => {
+    if (headers instanceof Headers) {
+        return headers.get(header);
+    }
+    if (Array.isArray(headers)) {
+        return pipe(Array.findFirst(headers, ([k]) => k === header), Option.map(([_, v]) => v), Option.getOrNull);
+    }
+    return headers["authorization"] ?? null;
+};
+//# sourceMappingURL=testUtils.js.map

package/dist/testUtils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"testUtils.js","sourceRoot":"","sources":["../src/testUtils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAoB,MAAM,8BAA8B,CAAA;AACxE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAA;AAEtE,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAA;AAEnG,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAA;AAEnG,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAA;AAEpG,MAAM,YAAY,GAAG,IAAI,CACvB,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EACnC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC9C,CAAA;AAED,MAAM,cAAc,GAAG,IAAI,CACzB,MAAM,CAAC,MAAM,CAAC,mBAAmB,CAAC,EAClC,MAAM,CAAC,WAAW,CAAC,uBAAuB,CAAC,CAC5C,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAC/C,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,eAAe,CAAA;IACxC,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,eAAe,CAAA;IACxC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,UAAU,CAAA;IAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,YAAY,CAAA;IAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,cAAc,CAAA;IAEtC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAA;AACzD,CAAC,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,OAAoB,EAAE,MAAc,EAAiB,EAAE;IACpF,IAAI,OAAO,YAAY,OAAO,EAAE,CAAC;QAC/B,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;IAC5B,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,CACT,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,CAAC,EAC/C,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EACzB,MAAM,CAAC,SAAS,CACjB,CAAA;IACH,CAAC;IAED,OAAO,OAAO,CAAC,eAAe,CAAC,IAAI,IAAI,CAAA;AACzC,CAAC,CAAA","sourcesContent":["import { Headers, type HeadersInit } from \"@effect/platform-node/Undici\"\nimport { Array, Config, Effect, Option, pipe, Redacted } from \"effect\"\n\nconst lookupTenancyId = pipe(Config.string(\"PASSLOCK_TENANCY_ID\"), Config.withDefault(\"itTenancy\"))\n\nconst lookupPasskeyId = pipe(Config.string(\"PASSLOCK_PASSKEY_ID\"), Config.withDefault(\"itPasskey\"))\n\nconst lookupCode = pipe(Config.string(\"PASSLOCK_PRINCIPAL_CODE\"), Config.withDefault(\"itPrincipal\"))\n\nconst lookupApiKey = pipe(\n  Config.redacted(\"PASSLOCK_API_KEY\"),\n  Config.withDefault(Redacted.make(\"itApiKey\"))\n)\n\nconst lookupEndpoint = pipe(\n  Config.string(\"PASSLOCK_ENDPOINT\"),\n  Config.withDefault(\"http://localhost:3000\")\n)\n\nexport const intTestConfig = Effect.gen(function* () {\n  const tenancyId = yield* lookupTenancyId\n  const passkeyId = yield* lookupPasskeyId\n  const code = yield* lookupCode\n  const apiKey = yield* lookupApiKey\n  const endpoint = yield* lookupEndpoint\n\n  return { tenancyId, passkeyId, code, apiKey, endpoint }\n})\n\nexport const getHeaderValue = (headers: HeadersInit, header: string): string | null => {\n  if (headers instanceof Headers) {\n    return headers.get(header)\n  }\n\n  if (Array.isArray(headers)) {\n    return pipe(\n      Array.findFirst(headers, ([k]) => k === header),\n      Option.map(([_, v]) => v),\n      Option.getOrNull\n    )\n  }\n\n  return headers[\"authorization\"] ?? null\n}\n"]}