@passlock/node 2.0.0 → 2.0.2

package/README.md

@@ -42,5 +42,4 @@ Node 22+
 
 Please see the [Quick start guide](https://passlock.dev/getting-started/)
 
-[contact]: https://passlock.dev/contact
 [client]: https://www.npmjs.com/package/@passlock/client

package/README.template.md

@@ -42,5 +42,4 @@ Node 22+
 
 Please see the [Quick start guide](#{TUTORIAL}#)
 
-[contact]: https://passlock.dev/contact
 [client]: https://www.npmjs.com/package/@passlock/client

package/dist/effect.d.ts

@@ -0,0 +1,7 @@
+export type { AssignUserOptions as AssignUserRequest, ListPasskeyOptions, } from "./passkey/passkey.js";
+export { assignUser, deletePasskey, getPasskey, listPasskeys, } from "./passkey/passkey.js";
+export type {} from "./principal/principal.js";
+export { exchangeCode, VerificationFailure, verifyIdToken, } from "./principal/principal.js";
+export * from "./schemas/index.js";
+export type { AuthenticatedOptions, PasslockOptions, } from "./shared.js";
+//# sourceMappingURL=effect.d.ts.map

package/dist/effect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"effect.d.ts","sourceRoot":"","sources":["../src/effect.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,iBAAiB,IAAI,iBAAiB,EACtC,kBAAkB,GACnB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,UAAU,EACV,aAAa,EACb,UAAU,EACV,YAAY,GACb,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAC9C,OAAO,EACL,YAAY,EACZ,mBAAmB,EACnB,aAAa,GACd,MAAM,0BAA0B,CAAA;AACjC,cAAc,oBAAoB,CAAA;AAClC,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}

package/dist/effect.js

@@ -0,0 +1,4 @@
+export { assignUser, deletePasskey, getPasskey, listPasskeys, } from "./passkey/passkey.js";
+export { exchangeCode, VerificationFailure, verifyIdToken, } from "./principal/principal.js";
+export * from "./schemas/index.js";
+//# sourceMappingURL=effect.js.map

package/dist/effect.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"effect.js","sourceRoot":"","sources":["../src/effect.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,UAAU,EACV,aAAa,EACb,UAAU,EACV,YAAY,GACb,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EACL,YAAY,EACZ,mBAAmB,EACnB,aAAa,GACd,MAAM,0BAA0B,CAAA;AACjC,cAAc,oBAAoB,CAAA","sourcesContent":["export type {\n  AssignUserOptions as AssignUserRequest,\n  ListPasskeyOptions,\n} from \"./passkey/passkey.js\"\nexport {\n  assignUser,\n  deletePasskey,\n  getPasskey,\n  listPasskeys,\n} from \"./passkey/passkey.js\"\nexport type {} from \"./principal/principal.js\"\nexport {\n  exchangeCode,\n  VerificationFailure,\n  verifyIdToken,\n} from \"./principal/principal.js\"\nexport * from \"./schemas/index.js\"\nexport type {\n  AuthenticatedOptions,\n  PasslockOptions,\n} from \"./shared.js\"\n"]}

package/dist/errors.d.ts

@@ -0,0 +1,71 @@
+/**
+ * @category Authentication
+ */
+export type Unauthorized = {
+    _tag: "@error/Unauthorized";
+    message: string;
+};
+export declare const isUnauthorized: (payload: unknown) => payload is Unauthorized;
+/**
+ * @category Authentication
+ */
+export type Forbidden = {
+    _tag: "@error/Forbidden";
+    message: string;
+};
+export declare const isForbidden: (payload: unknown) => payload is Forbidden;
+/**
+ * @category Principal
+ */
+export type InvalidCode = {
+    _tag: "@error/InvalidCode";
+    message: string;
+};
+export declare const isInvalidCode: (payload: unknown) => payload is InvalidCode;
+/**
+ * @category Principal
+ */
+export type VerificationFailure = {
+    _tag: "@error/VerificationFailure";
+    message: string;
+};
+export declare const isVerificationFailure: (payload: unknown) => payload is VerificationFailure;
+export type InvalidTenancy = {
+    _tag: "@error/InvalidTenancy";
+    message: string;
+};
+export declare const isInvalidTenancy: (payload: unknown) => payload is InvalidTenancy;
+/**
+ * Error payload returned when a passkey cannot be found for a given
+ * authentication attempt.
+ *
+ * @category Passkeys
+ */
+export type PasskeyNotFound = {
+    _tag: "@error/PasskeyNotFound";
+    message: string;
+    credentialId: string;
+    rpId: string;
+};
+export declare const isPasskeyNotFound: (payload: unknown) => payload is PasskeyNotFound;
+export type NotFound = {
+    _tag: "@error/NotFound";
+    message: string;
+};
+export declare const isNotFound: (payload: unknown) => payload is NotFound;
+export type InvalidEmail = {
+    _tag: "@error/InvalidEmail";
+    message: string;
+};
+export declare const isInvalidEmail: (payload: unknown) => payload is InvalidEmail;
+export type DuplicateEmail = {
+    _tag: "@error/DuplicateEmail";
+    message: string;
+};
+export declare const isDuplicateEmail: (payload: unknown) => payload is DuplicateEmail;
+export type BadRequest = {
+    _tag: "@error/BadRequest";
+    message: string;
+};
+export declare const isBadRequest: (payload: unknown) => payload is BadRequest;
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAeA;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB,IAAI,EAAE,qBAAqB,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,cAAc,YAnBf,OAAO,KAAG,OAAO,gBAmB8C,CAAA;AAI3E;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG;IACtB,IAAI,EAAE,kBAAkB,CAAA;IACxB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,WAAW,YA/BZ,OAAO,KAAG,OAAO,aA+BqC,CAAA;AAIlE;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG;IACxB,IAAI,EAAE,oBAAoB,CAAA;IAC1B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,aAAa,YA3Cd,OAAO,KAAG,OAAO,eA2C2C,CAAA;AAIxE;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,IAAI,EAAE,4BAA4B,CAAA;IAClC,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,qBAAqB,YAvDtB,OAAO,KAAG,OAAO,uBAyD5B,CAAA;AAID,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,uBAAuB,CAAA;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,gBAAgB,YAlEjB,OAAO,KAAG,OAAO,kBAoE5B,CAAA;AAID;;;;;GAKG;AACH,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,wBAAwB,CAAA;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,YAAY,EAAE,MAAM,CAAA;IACpB,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAED,eAAO,MAAM,iBAAiB,YArFlB,OAAO,KAAG,OAAO,mBAuF5B,CAAA;AAID,MAAM,MAAM,QAAQ,GAAG;IACrB,IAAI,EAAE,iBAAiB,CAAA;IACvB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,UAAU,YAhGX,OAAO,KAAG,OAAO,YAgGkC,CAAA;AAI/D,MAAM,MAAM,YAAY,GAAG;IACzB,IAAI,EAAE,qBAAqB,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,cAAc,YAzGf,OAAO,KAAG,OAAO,gBAyG8C,CAAA;AAI3E,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,uBAAuB,CAAA;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,gBAAgB,YAlHjB,OAAO,KAAG,OAAO,kBAoH5B,CAAA;AAID,MAAM,MAAM,UAAU,GAAG;IACvB,IAAI,EAAE,mBAAmB,CAAA;IACzB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,YAAY,YA7Hb,OAAO,KAAG,OAAO,cA6HwC,CAAA"}

package/dist/errors.js

@@ -0,0 +1,25 @@
+/* Unauthorized */
+const isTagged = (tag) => (payload) => {
+    if (typeof payload !== "object")
+        return false;
+    if (payload === null)
+        return false;
+    if (!("_tag" in payload))
+        return false;
+    if (typeof payload._tag !== "string")
+        return false;
+    if (payload._tag !== tag)
+        return false;
+    return true;
+};
+export const isUnauthorized = isTagged("@error/Unauthorized");
+export const isForbidden = isTagged("@error/Forbidden");
+export const isInvalidCode = isTagged("@error/InvalidCode");
+export const isVerificationFailure = isTagged("@error/VerificationFailure");
+export const isInvalidTenancy = isTagged("@error/InvalidTenancy");
+export const isPasskeyNotFound = isTagged("@error/PasskeyNotFound");
+export const isNotFound = isTagged("@error/NotFound");
+export const isInvalidEmail = isTagged("@error/InvalidEmail");
+export const isDuplicateEmail = isTagged("@error/DuplicateEmail");
+export const isBadRequest = isTagged("@error/BadRequest");
+//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,kBAAkB;AAElB,MAAM,QAAQ,GACZ,CAA6B,GAAc,EAAE,EAAE,CAC/C,CAAC,OAAgB,EAAgB,EAAE;IACjC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC7C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAElC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAClD,IAAI,OAAO,CAAC,IAAI,KAAK,GAAG;QAAE,OAAO,KAAK,CAAA;IAEtC,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAUH,MAAM,CAAC,MAAM,cAAc,GAAG,QAAQ,CAAe,qBAAqB,CAAC,CAAA;AAY3E,MAAM,CAAC,MAAM,WAAW,GAAG,QAAQ,CAAY,kBAAkB,CAAC,CAAA;AAYlE,MAAM,CAAC,MAAM,aAAa,GAAG,QAAQ,CAAc,oBAAoB,CAAC,CAAA;AAYxE,MAAM,CAAC,MAAM,qBAAqB,GAAG,QAAQ,CAC3C,4BAA4B,CAC7B,CAAA;AASD,MAAM,CAAC,MAAM,gBAAgB,GAAG,QAAQ,CACtC,uBAAuB,CACxB,CAAA;AAiBD,MAAM,CAAC,MAAM,iBAAiB,GAAG,QAAQ,CACvC,wBAAwB,CACzB,CAAA;AASD,MAAM,CAAC,MAAM,UAAU,GAAG,QAAQ,CAAW,iBAAiB,CAAC,CAAA;AAS/D,MAAM,CAAC,MAAM,cAAc,GAAG,QAAQ,CAAe,qBAAqB,CAAC,CAAA;AAS3E,MAAM,CAAC,MAAM,gBAAgB,GAAG,QAAQ,CACtC,uBAAuB,CACxB,CAAA;AASD,MAAM,CAAC,MAAM,YAAY,GAAG,QAAQ,CAAa,mBAAmB,CAAC,CAAA","sourcesContent":["/* Unauthorized */\n\nconst isTagged =\n  <A extends { _tag: string }>(tag: A[\"_tag\"]) =>\n  (payload: unknown): payload is A => {\n    if (typeof payload !== \"object\") return false\n    if (payload === null) return false\n\n    if (!(\"_tag\" in payload)) return false\n    if (typeof payload._tag !== \"string\") return false\n    if (payload._tag !== tag) return false\n\n    return true\n  }\n\n/**\n * @category Authentication\n */\nexport type Unauthorized = {\n  _tag: \"@error/Unauthorized\"\n  message: string\n}\n\nexport const isUnauthorized = isTagged<Unauthorized>(\"@error/Unauthorized\")\n\n/* Forbidden */\n\n/**\n * @category Authentication\n */\nexport type Forbidden = {\n  _tag: \"@error/Forbidden\"\n  message: string\n}\n\nexport const isForbidden = isTagged<Forbidden>(\"@error/Forbidden\")\n\n/* InvalidCode */\n\n/**\n * @category Principal\n */\nexport type InvalidCode = {\n  _tag: \"@error/InvalidCode\"\n  message: string\n}\n\nexport const isInvalidCode = isTagged<InvalidCode>(\"@error/InvalidCode\")\n\n/* VerificationFailure */\n\n/**\n * @category Principal\n */\nexport type VerificationFailure = {\n  _tag: \"@error/VerificationFailure\"\n  message: string\n}\n\nexport const isVerificationFailure = isTagged<VerificationFailure>(\n  \"@error/VerificationFailure\"\n)\n\n/* InvalidTenancy */\n\nexport type InvalidTenancy = {\n  _tag: \"@error/InvalidTenancy\"\n  message: string\n}\n\nexport const isInvalidTenancy = isTagged<InvalidTenancy>(\n  \"@error/InvalidTenancy\"\n)\n\n/* PasskeyNotFound */\n\n/**\n * Error payload returned when a passkey cannot be found for a given\n * authentication attempt.\n *\n * @category Passkeys\n */\nexport type PasskeyNotFound = {\n  _tag: \"@error/PasskeyNotFound\"\n  message: string\n  credentialId: string\n  rpId: string\n}\n\nexport const isPasskeyNotFound = isTagged<PasskeyNotFound>(\n  \"@error/PasskeyNotFound\"\n)\n\n/* NotFound */\n\nexport type NotFound = {\n  _tag: \"@error/NotFound\"\n  message: string\n}\n\nexport const isNotFound = isTagged<NotFound>(\"@error/NotFound\")\n\n/* InvalidEmail */\n\nexport type InvalidEmail = {\n  _tag: \"@error/InvalidEmail\"\n  message: string\n}\n\nexport const isInvalidEmail = isTagged<InvalidEmail>(\"@error/InvalidEmail\")\n\n/* DuplicateEmail */\n\nexport type DuplicateEmail = {\n  _tag: \"@error/DuplicateEmail\"\n  message: string\n}\n\nexport const isDuplicateEmail = isTagged<DuplicateEmail>(\n  \"@error/DuplicateEmail\"\n)\n\n/* BadRequest */\n\nexport type BadRequest = {\n  _tag: \"@error/BadRequest\"\n  message: string\n}\n\nexport const isBadRequest = isTagged<BadRequest>(\"@error/BadRequest\")\n"]}

package/dist/index.d.ts

@@ -1,5 +1,90 @@
-export * from "./passkey/index.js";
-export * from "./principal/index.js";
-export * from "./schemas/index.js";
-export * from "./shared.js";
+/**
+ * Unsafe functions that could potentially throw errors.
+ *
+ * @categoryDescription Passkeys
+ * Functions and related types for managing passkeys
+ *
+ * @showCategories
+ *
+ * @module unsafe
+ */
+import type { AssignUserOptions, DeletedPasskey, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, UpdatePasskeyOptions } from "./passkey/passkey.js";
+import type { ExchangeCodeOptions, VerifyIdTokenOptions } from "./principal/principal.js";
+import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
+/**
+ * Call the Passlock backend API to assign a userId to an authenticator
+ *
+ * @param request
+ * @returns A promise resolving to the updated passkey.
+ * @throws {@link NotFound} if passkey does not exist
+ * @throws {@link Forbidden} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
+ */
+export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey>;
+/**
+ * Call the Passlock backend API to update passkey properties
+ *
+ * @param request
+ * @returns A promise resolving to the updated passkey.
+ *
+ * @category Passkeys
+ */
+export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<Passkey>;
+/**
+ * Call the Passlock backend API to delete an authenticator
+ *
+ * @param options
+ * @returns A promise resolving to the deleted passkey payload.
+ *
+ * @category Passkeys
+ */
+export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<DeletedPasskey>;
+/**
+ * Call the Passlock backend API to fetch an authenticator
+ * @param options
+ * @returns A promise resolving to the passkey.
+ */
+export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey>;
+/**
+ * List passkeys for the given tenancy. Note this could return a cursor,
+ * in which case the function should be called again with the given cursor.
+ *
+ * @param options
+ * @returns A promise resolving to a page of passkey summaries.
+ *
+ * @category Passkeys
+ */
+export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys>;
+/**
+ * Call the Passlock backend API to exchange a code for a Principal
+ *
+ * @param options
+ * @returns A promise resolving to an extended principal.
+ *
+ * @category Principal
+ */
+export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<ExtendedPrincipal>;
+/**
+ * Decode and verify a Passlock idToken.
+ * Note: This will make a network call to the passlock.dev/.well-known/jwks.json
+ * endpoint to fetch the relevant public key. The response will be cached, however
+ * bear in mind that for something like AWS lambda it will make the call on every
+ * cold start so might actually be slower than {@link exchangeCode}
+ *
+ * @param options
+ * @returns A promise resolving to the verified principal.
+ *
+ * @category Principal
+ */
+export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Promise<Principal>;
+export type { BadRequest, DuplicateEmail, Forbidden, InvalidCode, InvalidEmail, InvalidTenancy, NotFound, PasskeyNotFound, Unauthorized, VerificationFailure, } from "./errors.js";
+export { isBadRequest, isDuplicateEmail, isForbidden, isInvalidCode, isInvalidEmail, isInvalidTenancy, isNotFound, isPasskeyNotFound, isUnauthorized, isVerificationFailure, } from "./errors.js";
+export type { AssignUserOptions, Credential, DeletedPasskey, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, PasskeySummary, Platform, UpdatePasskeyOptions, } from "./passkey/passkey.js";
+export { isDeletedPasskey, isPasskey, isPasskeySummary, } from "./passkey/passkey.js";
+export type { ExchangeCodeOptions, VerifyIdTokenOptions, } from "./principal/principal.js";
+export type { CredentialDeviceType, Transports, } from "./schemas/passkey.js";
+export type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
+export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
+export type { AuthenticatedOptions, PasslockOptions, } from "./shared.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,sBAAsB,CAAA;AACpC,cAAc,oBAAoB,CAAA;AAClC,cAAc,aAAa,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,OAAO,KAAK,EACV,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,oBAAoB,EACrB,MAAM,sBAAsB,CAAA;AAQ7B,OAAO,KAAK,EACV,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAKjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE1E;;;;;;;;;GASG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,CACxB,CAAA;AAE/C;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,CAAqD,CAAA;AAEvE;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,cAAc,CAAqD,CAAA;AAE9E;;;;GAIG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,CACxB,CAAA;AAE/C;;;;;;;;GAQG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,KAC1B,OAAO,CAAC,eAAe,CAAoD,CAAA;AAE9E;;;;;;;GAOG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,CAKzB,CAAA;AAEH;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,SAAS,CAKjB,CAAA;AAIH,YAAY,EACV,UAAU,EACV,cAAc,EACd,SAAS,EACT,WAAW,EACX,YAAY,EACZ,cAAc,EACd,QAAQ,EACR,eAAe,EACf,YAAY,EACZ,mBAAmB,GACpB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,qBAAqB,GACtB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,cAAc,EACd,QAAQ,EACR,oBAAoB,GACrB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,gBAAgB,EAChB,SAAS,EACT,gBAAgB,GACjB,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EACV,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,oBAAoB,EACpB,UAAU,GACX,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC1E,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA;AACzE,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}

package/dist/index.js

@@ -1,5 +1,85 @@
-export * from "./passkey/index.js";
-export * from "./principal/index.js";
-export * from "./schemas/index.js";
-export * from "./shared.js";
+/**
+ * Unsafe functions that could potentially throw errors.
+ *
+ * @categoryDescription Passkeys
+ * Functions and related types for managing passkeys
+ *
+ * @showCategories
+ *
+ * @module unsafe
+ */
+import { FetchHttpClient } from "@effect/platform";
+import { Effect, pipe } from "effect";
+import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, updatePasskey as updatePasskeyE, } from "./passkey/passkey.js";
+import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE, } from "./principal/principal.js";
+/**
+ * Call the Passlock backend API to assign a userId to an authenticator
+ *
+ * @param request
+ * @returns A promise resolving to the updated passkey.
+ * @throws {@link NotFound} if passkey does not exist
+ * @throws {@link Forbidden} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
+ */
+export const assignUser = (request) => pipe(assignUserE(request), Effect.runPromise);
+/**
+ * Call the Passlock backend API to update passkey properties
+ *
+ * @param request
+ * @returns A promise resolving to the updated passkey.
+ *
+ * @category Passkeys
+ */
+export const updatePasskey = (request) => pipe(updatePasskeyE(request), Effect.runPromise);
+/**
+ * Call the Passlock backend API to delete an authenticator
+ *
+ * @param options
+ * @returns A promise resolving to the deleted passkey payload.
+ *
+ * @category Passkeys
+ */
+export const deletePasskey = (options) => pipe(deletePasskeyE(options), Effect.runPromise);
+/**
+ * Call the Passlock backend API to fetch an authenticator
+ * @param options
+ * @returns A promise resolving to the passkey.
+ */
+export const getPasskey = (options) => pipe(getPasskeyE(options), Effect.runPromise);
+/**
+ * List passkeys for the given tenancy. Note this could return a cursor,
+ * in which case the function should be called again with the given cursor.
+ *
+ * @param options
+ * @returns A promise resolving to a page of passkey summaries.
+ *
+ * @category Passkeys
+ */
+export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.runPromise);
+/**
+ * Call the Passlock backend API to exchange a code for a Principal
+ *
+ * @param options
+ * @returns A promise resolving to an extended principal.
+ *
+ * @category Principal
+ */
+export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.provide(FetchHttpClient.layer), Effect.runPromise);
+/**
+ * Decode and verify a Passlock idToken.
+ * Note: This will make a network call to the passlock.dev/.well-known/jwks.json
+ * endpoint to fetch the relevant public key. The response will be cached, however
+ * bear in mind that for something like AWS lambda it will make the call on every
+ * cold start so might actually be slower than {@link exchangeCode}
+ *
+ * @param options
+ * @returns A promise resolving to the verified principal.
+ *
+ * @category Principal
+ */
+export const verifyIdToken = (options) => pipe(verifyIdTokenE(options), Effect.provide(FetchHttpClient.layer), Effect.runPromise);
+export { isBadRequest, isDuplicateEmail, isForbidden, isInvalidCode, isInvalidEmail, isInvalidTenancy, isNotFound, isPasskeyNotFound, isUnauthorized, isVerificationFailure, } from "./errors.js";
+export { isDeletedPasskey, isPasskey, isPasskeySummary, } from "./passkey/passkey.js";
+export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAA;AAClC,cAAc,sBAAsB,CAAA;AACpC,cAAc,oBAAoB,CAAA;AAClC,cAAc,aAAa,CAAA","sourcesContent":["export * from \"./passkey/index.js\"\nexport * from \"./principal/index.js\"\nexport * from \"./schemas/index.js\"\nexport * from \"./shared.js\"\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAWrC,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EACL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,0BAA0B,CAAA;AAGjC;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAAoB,EAAE,CACzE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE/C;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACX,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEvE;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACJ,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE9E;;;;GAIG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAAoB,EAAE,CACzE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE/C;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EACD,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE9E;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EACA,EAAE,CAC9B,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACT,EAAE,CACtB,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,CAClB,CAAA;AAgBH,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,qBAAqB,GACtB,MAAM,aAAa,CAAA;AAcpB,OAAO,EACL,gBAAgB,EAChB,SAAS,EACT,gBAAgB,GACjB,MAAM,sBAAsB,CAAA;AAU7B,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA","sourcesContent":["/**\n * Unsafe functions that could potentially throw errors.\n *\n * @categoryDescription Passkeys\n * Functions and related types for managing passkeys\n *\n * @showCategories\n *\n * @module unsafe\n */\n\nimport { FetchHttpClient } from \"@effect/platform\"\nimport { Effect, pipe } from \"effect\"\nimport type {\n  AssignUserOptions,\n  DeletedPasskey,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  UpdatePasskeyOptions,\n} from \"./passkey/passkey.js\"\nimport {\n  assignUser as assignUserE,\n  deletePasskey as deletePasskeyE,\n  getPasskey as getPasskeyE,\n  listPasskeys as listPasskeysE,\n  updatePasskey as updatePasskeyE,\n} from \"./passkey/passkey.js\"\nimport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nimport {\n  exchangeCode as exchangeCodeE,\n  verifyIdToken as verifyIdTokenE,\n} from \"./principal/principal.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\n\n/**\n * Call the Passlock backend API to assign a userId to an authenticator\n *\n * @param request\n * @returns A promise resolving to the updated passkey.\n * @throws {@link NotFound} if passkey does not exist\n * @throws {@link Forbidden} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const assignUser = (request: AssignUserOptions): Promise<Passkey> =>\n  pipe(assignUserE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to update passkey properties\n *\n * @param request\n * @returns A promise resolving to the updated passkey.\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n  request: UpdatePasskeyOptions\n): Promise<Passkey> => pipe(updatePasskeyE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to delete an authenticator\n *\n * @param options\n * @returns A promise resolving to the deleted passkey payload.\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n  options: DeletePasskeyOptions\n): Promise<DeletedPasskey> => pipe(deletePasskeyE(options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to fetch an authenticator\n * @param options\n * @returns A promise resolving to the passkey.\n */\nexport const getPasskey = (options: GetPasskeyOptions): Promise<Passkey> =>\n  pipe(getPasskeyE(options), Effect.runPromise)\n\n/**\n * List passkeys for the given tenancy. Note this could return a cursor,\n * in which case the function should be called again with the given cursor.\n *\n * @param options\n * @returns A promise resolving to a page of passkey summaries.\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n  options: ListPasskeyOptions\n): Promise<FindAllPasskeys> => pipe(listPasskeysE(options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to exchange a code for a Principal\n *\n * @param options\n * @returns A promise resolving to an extended principal.\n *\n * @category Principal\n */\nexport const exchangeCode = (\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal> =>\n  pipe(\n    exchangeCodeE(options),\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise\n  )\n\n/**\n * Decode and verify a Passlock idToken.\n * Note: This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n *\n * @param options\n * @returns A promise resolving to the verified principal.\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n  options: VerifyIdTokenOptions\n): Promise<Principal> =>\n  pipe(\n    verifyIdTokenE(options),\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise\n  )\n\n/* Re-exports */\n\nexport type {\n  BadRequest,\n  DuplicateEmail,\n  Forbidden,\n  InvalidCode,\n  InvalidEmail,\n  InvalidTenancy,\n  NotFound,\n  PasskeyNotFound,\n  Unauthorized,\n  VerificationFailure,\n} from \"./errors.js\"\nexport {\n  isBadRequest,\n  isDuplicateEmail,\n  isForbidden,\n  isInvalidCode,\n  isInvalidEmail,\n  isInvalidTenancy,\n  isNotFound,\n  isPasskeyNotFound,\n  isUnauthorized,\n  isVerificationFailure,\n} from \"./errors.js\"\nexport type {\n  AssignUserOptions,\n  Credential,\n  DeletedPasskey,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  PasskeySummary,\n  Platform,\n  UpdatePasskeyOptions,\n} from \"./passkey/passkey.js\"\nexport {\n  isDeletedPasskey,\n  isPasskey,\n  isPasskeySummary,\n} from \"./passkey/passkey.js\"\nexport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nexport type {\n  CredentialDeviceType,\n  Transports,\n} from \"./schemas/passkey.js\"\nexport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nexport { isExtendedPrincipal, isPrincipal } from \"./schemas/principal.js\"\nexport type {\n  AuthenticatedOptions,\n  PasslockOptions,\n} from \"./shared.js\"\n"]}

package/dist/passkey/passkey.d.ts

@@ -0,0 +1,116 @@
+import { HttpClient } from "@effect/platform";
+import { Effect, type Layer, Stream } from "effect";
+import { Forbidden, NotFound } from "../schemas/index.js";
+import { type CredentialDeviceType, type Transports } from "../schemas/passkey.js";
+import type { AuthenticatedOptions } from "../shared.js";
+/**
+ * WebAuthn specific passkey data
+ */
+export type Credential = {
+    id: string;
+    userId: string;
+    username: string;
+    aaguid: string;
+    backedUp: boolean;
+    counter: number;
+    deviceType: CredentialDeviceType;
+    transports: ReadonlyArray<Transports>;
+    publicKey: Uint8Array<ArrayBufferLike>;
+};
+/**
+ * Passkeys are usually synced across devices **but only within
+ * a specific platform/ecosystem** e.g. a passkey created on Apple
+ * devices would typically be synced across devices sharing the same
+ * iCloud ID.
+ *
+ * However, if the user also wants to sign in from their Windows
+ * or Android/Chrome devices they will need an additional passkey.
+ * Therefore when listing the passkeys registered to a user's account
+ * it's a good idea to tell them which platform the passkeys relate to.
+ *
+ * We've also included links to icons (SVG) so you can give your users
+ * a quick visual indication.
+ */
+export type Platform = {
+    name?: string | undefined;
+    icon?: string | undefined;
+};
+/**
+ * The server-side component of a passkey
+ *
+ * @category Passkeys
+ */
+export type Passkey = {
+    _tag: "Passkey";
+    /**
+     * Not to be confused with the credential.id
+     */
+    id: string;
+    /**
+     * Not to be confused with the credential.userId
+     */
+    userId?: string | undefined;
+    enabled: boolean;
+    credential: Credential;
+    platform?: Platform | undefined;
+    lastUsed?: number | undefined;
+    createdAt: number;
+    updatedAt: number;
+};
+export declare const isPasskey: (payload: unknown) => payload is Passkey;
+export type PasskeySummary = {
+    readonly _tag: "PasskeySummary";
+    readonly id: string;
+    readonly userId: string;
+    readonly enabled: boolean;
+    readonly credential: {
+        readonly id: string;
+        readonly userId: string;
+    };
+    readonly lastUsed?: number | undefined;
+    readonly createdAt: number;
+};
+export declare const isPasskeySummary: (payload: unknown) => payload is PasskeySummary;
+export type FindAllPasskeys = {
+    readonly _tag: "FindAllPasskeys";
+    readonly cursor: string | null;
+    readonly records: ReadonlyArray<PasskeySummary>;
+};
+export type DeletedPasskey = {
+    readonly _tag: "DeletedPasskey";
+    readonly id: string;
+    readonly credentialId: string;
+    readonly rpId: string;
+};
+export declare const isDeletedPasskey: (payload: unknown) => payload is DeletedPasskey;
+export interface GetPasskeyOptions extends AuthenticatedOptions {
+    passkeyId: string;
+}
+export declare const getPasskey: (options: GetPasskeyOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<Passkey, NotFound | Forbidden>;
+export interface DeletePasskeyOptions extends AuthenticatedOptions {
+    passkeyId: string;
+}
+export declare const deletePasskey: (options: DeletePasskeyOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<DeletedPasskey, NotFound | Forbidden>;
+/**
+ * @category Passkeys
+ */
+export interface AssignUserOptions extends AuthenticatedOptions {
+    passkeyId: string;
+    /**
+     * Custom User ID to align with your own systems
+     */
+    userId: string;
+}
+export declare const assignUser: (options: AssignUserOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<Passkey, NotFound | Forbidden>;
+export interface UpdatePasskeyOptions extends AuthenticatedOptions {
+    passkeyId: string;
+    userId?: string;
+    username?: string;
+}
+export declare const updatePasskey: (options: UpdatePasskeyOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<Passkey, NotFound | Forbidden>;
+export declare const listPasskeysStream: (options: AuthenticatedOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Stream.Stream<PasskeySummary, Forbidden>;
+export interface ListPasskeyOptions extends AuthenticatedOptions {
+    cursor?: string;
+}
+export declare const listPasskeys: (options: ListPasskeyOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<FindAllPasskeys, Forbidden>;
+//# sourceMappingURL=passkey.d.ts.map

package/dist/passkey/passkey.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.d.ts","sourceRoot":"","sources":["../../src/passkey/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,UAAU,EAGX,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EAEL,MAAM,EACN,KAAK,KAAK,EAKV,MAAM,EACP,MAAM,QAAQ,CAAA;AAEf,OAAO,EAAyB,SAAS,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAChF,OAAO,EACL,KAAK,oBAAoB,EAIzB,KAAK,UAAU,EAChB,MAAM,uBAAuB,CAAA;AAC9B,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAA;AAExD;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,EAAE,EAAE,MAAM,CAAA;IACV,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,OAAO,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,UAAU,EAAE,oBAAoB,CAAA;IAChC,UAAU,EAAE,aAAa,CAAC,UAAU,CAAC,CAAA;IACrC,SAAS,EAAE,UAAU,CAAC,eAAe,CAAC,CAAA;CACvC,CAAA;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,MAAM,QAAQ,GAAG;IACrB,IAAI,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACzB,IAAI,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC1B,CAAA;AAED;;;;GAIG;AACH,MAAM,MAAM,OAAO,GAAG;IACpB,IAAI,EAAE,SAAS,CAAA;IACf;;OAEG;IACH,EAAE,EAAE,MAAM,CAAA;IACV;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,UAAU,CAAA;IACtB,QAAQ,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAA;IAC/B,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,eAAO,MAAM,SAAS,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,OACrB,CAAA;AAQnC,MAAM,MAAM,cAAc,GAAG;IAC3B,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAA;IAC/B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAA;IACzB,QAAQ,CAAC,UAAU,EAAE;QACnB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;QACnB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;KACxB,CAAA;IACD,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACtC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAA;CAC3B,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,cACrB,CAAA;AAW1C,MAAM,MAAM,eAAe,GAAG;IAC5B,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAA;IAChC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;IAC9B,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC,cAAc,CAAC,CAAA;CAChD,CAAA;AAWD,MAAM,MAAM,cAAc,GAAG;IAC3B,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAA;IAC/B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAA;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,SAAS,OAAO,KAAG,OAAO,IAAI,cACrB,CAAA;AAa1C,MAAM,WAAW,iBAAkB,SAAQ,oBAAoB;IAC7D,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,EAC1B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS,CAmC3C,CAAA;AAIH,MAAM,WAAW,oBAAqB,SAAQ,oBAAoB;IAChE,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,EAC7B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,QAAQ,GAAG,SAAS,CAsClD,CAAA;AAIH;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,oBAAoB;IAC7D,SAAS,EAAE,MAAM,CAAA;IAEjB;;OAEG;IACH,MAAM,EAAE,MAAM,CAAA;CACf;AAGD,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,EAC1B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS,CAwC3C,CAAA;AAEH,MAAM,WAAW,oBAAqB,SAAQ,oBAAoB;IAChE,SAAS,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,EAC7B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS,CAwC3C,CAAA;AAIH,eAAO,MAAM,kBAAkB,GAC7B,SAAS,oBAAoB,EAC7B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,SAAS,CAWvC,CAAA;AAEH,MAAM,WAAW,kBAAmB,SAAQ,oBAAoB;IAC9D,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,EAC3B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,eAAe,EAAE,SAAS,CAmCxC,CAAA"}

package/dist/passkey/{effects.js → passkey.js}

@@ -1,18 +1,20 @@
 import { FetchHttpClient, HttpClient, HttpClientRequest, HttpClientResponse, } from "@effect/platform";
-import { Chunk, Effect, Match, Option, pipe, Schema, Stream } from "effect";
-import { Forbidden, NotFound } from "../schemas/errors.js";
-import { FindAllPasskeys } from "../schemas/index.js";
-import { DeletedPasskey, Passkey } from "../schemas/passkey.js";
-export const getPasskey = (authenticatorId, options, httpClient = FetchHttpClient.layer) => pipe(Effect.gen(function* () {
+import { Chunk, Effect, Match, Option, pipe, Schema, Stream, } from "effect";
+import { FindAllPasskeysSchema, Forbidden, NotFound } from "../schemas/index.js";
+import { DeletedPasskeySchema, PasskeySchema, PasskeySummarySchema, } from "../schemas/passkey.js";
+export const isPasskey = (payload) => Schema.is(PasskeySchema)(payload);
+export const isPasskeySummary = (payload) => Schema.is(PasskeySummarySchema)(payload);
+export const isDeletedPasskey = (payload) => Schema.is(DeletedPasskeySchema)(payload);
+export const getPasskey = (options, httpClient = FetchHttpClient.layer) => pipe(Effect.gen(function* () {
     const client = yield* HttpClient.HttpClient;
     const baseUrl = options.endpoint ?? "https://api.passlock.dev";
-    const { tenancyId } = options;
-    const url = new URL(`/${tenancyId}/passkeys/${authenticatorId}`, baseUrl);
+    const { tenancyId, passkeyId } = options;
+    const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl);
     const response = yield* HttpClientRequest.get(url, {
         headers: { Authorization: `Bearer ${options.apiKey}` },
     }).pipe(client.execute);
     const encoded = yield* HttpClientResponse.matchStatus(response, {
-        "2xx": () => HttpClientResponse.schemaBodyJson(Passkey)(response),
+        "2xx": () => HttpClientResponse.schemaBodyJson(PasskeySchema)(response),
         orElse: () => HttpClientResponse.schemaBodyJson(Schema.Union(Forbidden, NotFound))(response),
     });
     return yield* pipe(Match.value(encoded), Match.tag("Passkey", (data) => Effect.succeed(data)), Match.tag("@error/Forbidden", (err) => Effect.fail(err)), Match.tag("@error/NotFound", (err) => Effect.fail(err)), Match.exhaustive);
@@ -21,16 +23,16 @@ export const getPasskey = (authenticatorId, options, httpClient = FetchHttpClien
     RequestError: (err) => Effect.die(err),
     ResponseError: (err) => Effect.die(err),
 }), Effect.provide(httpClient));
-export const deletePasskey = (passkeyId, request, httpClient = FetchHttpClient.layer) => pipe(Effect.gen(function* () {
+export const deletePasskey = (options, httpClient = FetchHttpClient.layer) => pipe(Effect.gen(function* () {
     const client = yield* HttpClient.HttpClient;
-    const baseUrl = request.endpoint ?? "https://api.passlock.dev";
-    const { tenancyId } = request;
+    const baseUrl = options.endpoint ?? "https://api.passlock.dev";
+    const { tenancyId, passkeyId } = options;
     const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl);
     const response = yield* HttpClientRequest.del(url, {
-        headers: { Authorization: `Bearer ${request.apiKey}` },
+        headers: { Authorization: `Bearer ${options.apiKey}` },
     }).pipe(client.execute);
     const encoded = yield* HttpClientResponse.matchStatus(response, {
-        "2xx": () => HttpClientResponse.schemaBodyJson(DeletedPasskey)(response),
+        "2xx": () => HttpClientResponse.schemaBodyJson(DeletedPasskeySchema)(response),
         orElse: () => HttpClientResponse.schemaBodyJson(Schema.Union(Forbidden, NotFound))(response),
     });
     return yield* pipe(Match.value(encoded), Match.tag("DeletedPasskey", (deletedPasskey) => Effect.succeed(deletedPasskey)), Match.tag("@error/Forbidden", (err) => Effect.fail(err)), Match.tag("@error/NotFound", (err) => Effect.fail(err)), Match.exhaustive);
@@ -39,17 +41,38 @@ export const deletePasskey = (passkeyId, request, httpClient = FetchHttpClient.l
     RequestError: (err) => Effect.die(err),
     ResponseError: (err) => Effect.die(err),
 }), Effect.provide(httpClient));
-export const assignUser = (request, httpClient = FetchHttpClient.layer) => pipe(Effect.gen(function* () {
+// TODO reuse updatePasskey
+export const assignUser = (options, httpClient = FetchHttpClient.layer) => pipe(Effect.gen(function* () {
     const client = yield* HttpClient.HttpClient;
-    const baseUrl = request.endpoint ?? "https://api.passlock.dev";
-    const { userId, passkeyId } = request;
-    const { tenancyId } = request;
+    const baseUrl = options.endpoint ?? "https://api.passlock.dev";
+    const { userId, passkeyId } = options;
+    const { tenancyId } = options;
     const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl);
     const response = yield* HttpClientRequest.patch(url, {
-        headers: { Authorization: `Bearer ${request.apiKey}` },
+        headers: { Authorization: `Bearer ${options.apiKey}` },
     }).pipe(HttpClientRequest.bodyJson({ userId }), Effect.flatMap(client.execute));
     const encoded = yield* HttpClientResponse.matchStatus(response, {
-        "2xx": () => HttpClientResponse.schemaBodyJson(Passkey)(response),
+        "2xx": () => HttpClientResponse.schemaBodyJson(PasskeySchema)(response),
+        orElse: () => HttpClientResponse.schemaBodyJson(Schema.Union(NotFound, Forbidden))(response),
+    });
+    return yield* pipe(Match.value(encoded), Match.tag("Passkey", (passkey) => Effect.succeed(passkey)), Match.tag("@error/NotFound", (err) => Effect.fail(err)), Match.tag("@error/Forbidden", (err) => Effect.fail(err)), Match.exhaustive);
+}), Effect.catchTags({
+    HttpBodyError: (err) => Effect.die(err),
+    ParseError: (err) => Effect.die(err),
+    RequestError: (err) => Effect.die(err),
+    ResponseError: (err) => Effect.die(err),
+}), Effect.provide(httpClient));
+export const updatePasskey = (options, httpClient = FetchHttpClient.layer) => pipe(Effect.gen(function* () {
+    const client = yield* HttpClient.HttpClient;
+    const baseUrl = options.endpoint ?? "https://api.passlock.dev";
+    const { userId, passkeyId, username } = options;
+    const { tenancyId } = options;
+    const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl);
+    const response = yield* HttpClientRequest.patch(url, {
+        headers: { Authorization: `Bearer ${options.apiKey}` },
+    }).pipe(HttpClientRequest.bodyJson({ userId, username }), Effect.flatMap(client.execute));
+    const encoded = yield* HttpClientResponse.matchStatus(response, {
+        "2xx": () => HttpClientResponse.schemaBodyJson(PasskeySchema)(response),
         orElse: () => HttpClientResponse.schemaBodyJson(Schema.Union(NotFound, Forbidden))(response),
     });
     return yield* pipe(Match.value(encoded), Match.tag("Passkey", (passkey) => Effect.succeed(passkey)), Match.tag("@error/NotFound", (err) => Effect.fail(err)), Match.tag("@error/Forbidden", (err) => Effect.fail(err)), Match.exhaustive);
@@ -59,6 +82,7 @@ export const assignUser = (request, httpClient = FetchHttpClient.layer) => pipe(
     RequestError: (err) => Effect.die(err),
     ResponseError: (err) => Effect.die(err),
 }), Effect.provide(httpClient));
+/* List Passkeys */
 export const listPasskeysStream = (options, httpClient = FetchHttpClient.layer) => pipe(Stream.paginateChunkEffect(null, (cursor) => pipe(listPasskeys(cursor ? { ...options, cursor } : options, httpClient), Effect.map((result) => [
     Chunk.fromIterable(result.records),
     Option.fromNullable(result.cursor),
@@ -75,7 +99,7 @@ export const listPasskeys = (options, httpClient = FetchHttpClient.layer) => pip
         headers: { Authorization: `Bearer ${options.apiKey}` },
     }).pipe(client.execute);
     const encoded = yield* HttpClientResponse.matchStatus(response, {
-        "2xx": () => HttpClientResponse.schemaBodyJson(FindAllPasskeys)(response),
+        "2xx": () => HttpClientResponse.schemaBodyJson(FindAllPasskeysSchema)(response),
         orElse: () => HttpClientResponse.schemaBodyJson(Forbidden)(response),
     });
     return yield* pipe(Match.value(encoded), Match.tag("FindAllPasskeys", (data) => Effect.succeed(data)), Match.tag("@error/Forbidden", (err) => Effect.fail(err)), Match.exhaustive);
@@ -84,4 +108,4 @@ export const listPasskeys = (options, httpClient = FetchHttpClient.layer) => pip
     RequestError: (err) => Effect.die(err),
     ResponseError: (err) => Effect.die(err),
 }), Effect.provide(httpClient));
-//# sourceMappingURL=effects.js.map
+//# sourceMappingURL=passkey.js.map