@passlock/node 2.0.1 → 2.0.2

package/dist/shared.js.map

@@ -1 +1 @@
-{"version":3,"file":"shared.js","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC/B,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAc9C,MAAM,OAAO,eAAgB,SAAQ,KAAK;IAC/B,IAAI,CAAQ;IAErB,YAAY,IAAuC;QACjD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;IACvB,CAAC;IAEiB,QAAQ,GAAG,GAAW,EAAE,CAAC,GAAG,IAAI,CAAC,OAAO,WAAW,IAAI,CAAC,IAAI,GAAG,CAAA;CAClF;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAAgB,EAAuB,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAA","sourcesContent":["import { Schema } from \"effect\"\nimport { NotFound } from \"./schemas/errors.js\"\n\nexport interface TenancyOptions {\n  tenancyId: string\n  /**\n   * @default https://api.passlock.dev\n   */\n  endpoint?: string\n}\n\nexport interface AuthenticatedTenancyOptions extends TenancyOptions {\n  apiKey: string\n}\n\nexport class UnexpectedError extends Error {\n  readonly _tag: string\n\n  constructor(data: { _tag: string; message: string }) {\n    super(data.message)\n    this._tag = data._tag\n  }\n\n  override readonly toString = (): string => `${this.message} (_tag: ${this._tag})`\n}\n\nexport const isNotFound = (payload: unknown): payload is NotFound => Schema.is(NotFound)(payload)\n"]}
+{"version":3,"file":"shared.js","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":"AAaA,MAAM,OAAO,eAAgB,SAAQ,KAAK;IAC/B,IAAI,CAAQ;IAErB,YAAY,IAAuC;QACjD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;IACvB,CAAC;IAEiB,QAAQ,GAAG,GAAW,EAAE,CACxC,GAAG,IAAI,CAAC,OAAO,WAAW,IAAI,CAAC,IAAI,GAAG,CAAA;CACzC","sourcesContent":["export type PasslockOptions = {\n  tenancyId: string\n\n  /**\n   * @default https://api.passlock.dev\n   */\n  endpoint?: string\n}\n\nexport interface AuthenticatedOptions extends PasslockOptions {\n  apiKey: string\n}\n\nexport class UnexpectedError extends Error {\n  readonly _tag: string\n\n  constructor(data: { _tag: string; message: string }) {\n    super(data.message)\n    this._tag = data._tag\n  }\n\n  override readonly toString = (): string =>\n    `${this.message} (_tag: ${this._tag})`\n}\n"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@passlock/node",
-  "version": "2.0.1",
+  "version": "2.0.2",
   "description": "Passkey authentication for NodeJS backends",
   "keywords": [
     "passkey",
@@ -29,10 +29,10 @@
       "import": "./dist/index.js",
       "default": "./dist/index.js"
     },
-    "./unsafe": {
-      "types": "./dist/unsafe.d.ts",
-      "import": "./dist/unsafe.js",
-      "default": "./dist/unsafe.js"
+    "./safe": {
+      "types": "./dist/safe.d.ts",
+      "import": "./dist/safe.js",
+      "default": "./dist/safe.js"
     },
     "./effect": {
       "types": "./dist/effect.d.ts",
@@ -48,41 +48,44 @@
     "!dist/**/*.spec.*"
   ],
   "dependencies": {
-    "@effect/platform": "^0.94.2",
+    "@effect/platform": "^0.94.5",
     "@effect/platform-node": "^0.104.1",
     "jose": "^6.1.3"
   },
   "devDependencies": {
-    "@biomejs/biome": "^2.3.13",
+    "@biomejs/biome": "^2.4.4",
     "@effect/vitest": "^0.27.0",
-    "@types/node": "25.1.0",
-    "globals": "^17.2.0",
-    "npm-check-updates": "^19.3.2",
+    "@types/node": "25.3.0",
+    "globals": "^17.3.0",
+    "npm-check-updates": "^19.4.1",
     "publint": "0.3.17",
-    "rimraf": "^6.1.2",
+    "rimraf": "^6.1.3",
     "tsx": "4.21.0",
+    "typedoc": "^0.28.17",
     "typescript": "^5.9.3",
+    "vite-tsconfig-paths": "^6.1.1",
     "vitest": "^3.2.4"
   },
   "peerDependencies": {
-    "effect": "3.19.15"
+    "effect": "3.19.19"
   },
   "engines": {
     "node": ">=22"
   },
   "scripts": {
-    "build": "tsc --build",
+    "build": "tsc -p tsconfig.build.json",
     "build:clean": "$npm_execpath run clean:full && $npm_execpath run build",
     "build:production": "$npm_execpath run build:clean && $npm_execpath run build:readme && $npm_execpath run replaceTokens && echo '' && publint",
-    "build:readme": "LATEST=${npm_package_version} tsx ../../scripts/replace-readme-tokens.ts ./packages/node",
-    "clean": "tsc --build --clean",
-    "clean:full": "rimraf dist tsconfig.tsbuildinfo",
-    "replaceTokens": "LATEST=${npm_package_version} tsx ../../scripts/replace-tokens.ts ./packages/node",
+    "build:readme": "VERSION=${npm_package_version} tsx ../../scripts/replace-readme-tokens.ts ./packages/node",
+    "typedoc": "typedoc",
+    "clean": "tsc -p tsconfig.build.json --clean",
+    "clean:full": "rimraf dist tsconfig.build.tsbuildinfo",
+    "replaceTokens": "VERSION=${npm_package_version} tsx ../../scripts/replace-tokens.ts ./packages/node",
     "test:unit": "vitest --project unit run",
     "test:unit:watch": "vitest --project unit",
     "test:integration": "vitest --project integration run",
     "test:all": "vitest --project unit --project integration run",
-    "typecheck": "tsc --noEmit",
+    "typecheck": "tsc -p tsconfig.test.json --noEmit",
     "lint": "biome check .",
     "lint:fix": "biome check --fix .",
     "lint:ci": "biome ci .",

package/dist/passkey.d.ts

@@ -1,24 +0,0 @@
-import type { AuthenticatedTenancyOptions } from "./shared.js";
-import { HttpClient } from "@effect/platform";
-import { Effect, type Layer, Stream } from "effect";
-import { Forbidden, NotFound } from "./schemas/errors.js";
-import { FindAllPasskeys } from "./schemas/index.js";
-import { DeletedPasskey, Passkey, type PasskeySummary } from "./schemas/passkey.js";
-export type GetPasskeyOptions = AuthenticatedTenancyOptions;
-export declare const getPasskey: (authenticatorId: string, options: GetPasskeyOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<Passkey, NotFound | Forbidden>;
-export type { GetPasskeyOptions as GetAuthenticatorOptions, Passkey };
-type DeleteAuthenticatorOptions = AuthenticatedTenancyOptions;
-export declare const deletePasskey: (passkeyId: string, request: DeleteAuthenticatorOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<DeletedPasskey, NotFound | Forbidden>;
-export type { DeleteAuthenticatorOptions };
-interface AssignUserRequest extends AuthenticatedTenancyOptions {
-    userId: string;
-    passkeyId: string;
-}
-export declare const assignUser: (request: AssignUserRequest, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<Passkey, NotFound | Forbidden>;
-export type { AssignUserRequest };
-export interface ListPasskeyOptions extends AuthenticatedTenancyOptions {
-    cursor?: string;
-}
-export declare const listPasskeysStream: (options: AuthenticatedTenancyOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Stream.Stream<PasskeySummary, Forbidden>;
-export declare const listPasskeys: (options: ListPasskeyOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<FindAllPasskeys, Forbidden>;
-//# sourceMappingURL=passkey.d.ts.map

package/dist/passkey.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"passkey.d.ts","sourceRoot":"","sources":["../src/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,aAAa,CAAA;AAC9D,OAAO,EAEL,UAAU,EAGX,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAS,MAAM,EAAE,KAAK,KAAK,EAA+B,MAAM,EAAE,MAAM,QAAQ,CAAA;AACvF,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AACpD,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAInF,MAAM,MAAM,iBAAiB,GAAG,2BAA2B,CAAA;AAE3D,eAAO,MAAM,UAAU,GACrB,iBAAiB,MAAM,EACvB,SAAS,iBAAiB,EAC1B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS,CAiC3C,CAAA;AAEH,YAAY,EAAE,iBAAiB,IAAI,uBAAuB,EAAE,OAAO,EAAE,CAAA;AAIrE,KAAK,0BAA0B,GAAG,2BAA2B,CAAA;AAE7D,eAAO,MAAM,aAAa,GACxB,WAAW,MAAM,EACjB,SAAS,0BAA0B,EACnC,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,QAAQ,GAAG,SAAS,CAiClD,CAAA;AAEH,YAAY,EAAE,0BAA0B,EAAE,CAAA;AAI1C,UAAU,iBAAkB,SAAQ,2BAA2B;IAC7D,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,EAC1B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS,CAmC3C,CAAA;AAEH,YAAY,EAAE,iBAAiB,EAAE,CAAA;AAIjC,MAAM,WAAW,kBAAmB,SAAQ,2BAA2B;IACrE,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,eAAO,MAAM,kBAAkB,GAC7B,SAAS,2BAA2B,EACpC,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,SAAS,CAWvC,CAAA;AAEH,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,EAC3B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,eAAe,EAAE,SAAS,CAkCxC,CAAA"}

package/dist/passkey.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"passkey.js","sourceRoot":"","sources":["../src/passkey.ts"],"names":[],"mappings":"AACA,OAAO,EACL,eAAe,EACf,UAAU,EACV,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAE,KAAK,EAAE,MAAM,EAAc,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AACvF,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AACpD,OAAO,EAAE,cAAc,EAAE,OAAO,EAAuB,MAAM,sBAAsB,CAAA;AAMnF,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,eAAuB,EACvB,OAA0B,EAC1B,aAAiD,eAAe,CAAC,KAAK,EACxB,EAAE,CAChD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,eAAe,EAAE,EAAE,OAAO,CAAC,CAAA;IAEzE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,EAAE;QACjD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEvB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC;QACjE,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;KACjF,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAQH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,SAAiB,EACjB,OAAmC,EACnC,aAAiD,eAAe,CAAC,KAAK,EACjB,EAAE,CACvD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,EAAE;QACjD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEvB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC;QACxE,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;KACjF,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,cAAc,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,EAC/E,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAWH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAiD,eAAe,CAAC,KAAK,EACxB,EAAE,CAChD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IACrC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,KAAK,CAAC,GAAG,EAAE;QACnD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;IAE/E,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC;QACjE,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC;KACjF,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACvC,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAUH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAAoC,EACpC,aAAiD,eAAe,CAAC,KAAK,EAC5B,EAAE,CAC5C,IAAI,CACF,MAAM,CAAC,mBAAmB,CAAC,IAAqB,EAAE,CAAC,MAAM,EAAE,EAAE,CAC3D,IAAI,CACF,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,EACnE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC;IACrB,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC;IAClC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC;CACnC,CAAC,CACH,CACF,CACF,CAAA;AAEH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EAC3B,aAAiD,eAAe,CAAC,KAAK,EAC3B,EAAE,CAC7C,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,YAAY,EAAE,OAAO,CAAC,CAAA;IACvD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,EAAE;QACjD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEvB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,QAAQ,CAAC;QACzE,MAAM,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC;KACrE,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EAC5D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA","sourcesContent":["import type { AuthenticatedTenancyOptions } from \"./shared.js\"\nimport {\n  FetchHttpClient,\n  HttpClient,\n  HttpClientRequest,\n  HttpClientResponse,\n} from \"@effect/platform\"\nimport { Chunk, Effect, type Layer, Match, Option, pipe, Schema, Stream } from \"effect\"\nimport { Forbidden, NotFound } from \"./schemas/errors.js\"\nimport { FindAllPasskeys } from \"./schemas/index.js\"\nimport { DeletedPasskey, Passkey, type PasskeySummary } from \"./schemas/passkey.js\"\n\n/* Get Passkey */\n\nexport type GetPasskeyOptions = AuthenticatedTenancyOptions\n\nexport const getPasskey = (\n  authenticatorId: string,\n  options: GetPasskeyOptions,\n  httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<Passkey, NotFound | Forbidden> =>\n  pipe(\n    Effect.gen(function* () {\n      const client = yield* HttpClient.HttpClient\n      const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n      const { tenancyId } = options\n\n      const url = new URL(`/${tenancyId}/passkeys/${authenticatorId}`, baseUrl)\n\n      const response = yield* HttpClientRequest.get(url, {\n        headers: { Authorization: `Bearer ${options.apiKey}` },\n      }).pipe(client.execute)\n\n      const encoded = yield* HttpClientResponse.matchStatus(response, {\n        \"2xx\": () => HttpClientResponse.schemaBodyJson(Passkey)(response),\n        orElse: () =>\n          HttpClientResponse.schemaBodyJson(Schema.Union(Forbidden, NotFound))(response),\n      })\n\n      return yield* pipe(\n        Match.value(encoded),\n        Match.tag(\"Passkey\", (data) => Effect.succeed(data)),\n        Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n        Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n        Match.exhaustive\n      )\n    }),\n    Effect.catchTags({\n      ParseError: (err) => Effect.die(err),\n      RequestError: (err) => Effect.die(err),\n      ResponseError: (err) => Effect.die(err),\n    }),\n    Effect.provide(httpClient)\n  )\n\nexport type { GetPasskeyOptions as GetAuthenticatorOptions, Passkey }\n\n/* Delete Passkey */\n\ntype DeleteAuthenticatorOptions = AuthenticatedTenancyOptions\n\nexport const deletePasskey = (\n  passkeyId: string,\n  request: DeleteAuthenticatorOptions,\n  httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<DeletedPasskey, NotFound | Forbidden> =>\n  pipe(\n    Effect.gen(function* () {\n      const client = yield* HttpClient.HttpClient\n      const baseUrl = request.endpoint ?? \"https://api.passlock.dev\"\n      const { tenancyId } = request\n\n      const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n      const response = yield* HttpClientRequest.del(url, {\n        headers: { Authorization: `Bearer ${request.apiKey}` },\n      }).pipe(client.execute)\n\n      const encoded = yield* HttpClientResponse.matchStatus(response, {\n        \"2xx\": () => HttpClientResponse.schemaBodyJson(DeletedPasskey)(response),\n        orElse: () =>\n          HttpClientResponse.schemaBodyJson(Schema.Union(Forbidden, NotFound))(response),\n      })\n\n      return yield* pipe(\n        Match.value(encoded),\n        Match.tag(\"DeletedPasskey\", (deletedPasskey) => Effect.succeed(deletedPasskey)),\n        Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n        Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n        Match.exhaustive\n      )\n    }),\n    Effect.catchTags({\n      ParseError: (err) => Effect.die(err),\n      RequestError: (err) => Effect.die(err),\n      ResponseError: (err) => Effect.die(err),\n    }),\n    Effect.provide(httpClient)\n  )\n\nexport type { DeleteAuthenticatorOptions }\n\n/* Assign User */\n\ninterface AssignUserRequest extends AuthenticatedTenancyOptions {\n  userId: string\n  passkeyId: string\n}\n\nexport const assignUser = (\n  request: AssignUserRequest,\n  httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<Passkey, NotFound | Forbidden> =>\n  pipe(\n    Effect.gen(function* () {\n      const client = yield* HttpClient.HttpClient\n      const baseUrl = request.endpoint ?? \"https://api.passlock.dev\"\n      const { userId, passkeyId } = request\n      const { tenancyId } = request\n\n      const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n      const response = yield* HttpClientRequest.patch(url, {\n        headers: { Authorization: `Bearer ${request.apiKey}` },\n      }).pipe(HttpClientRequest.bodyJson({ userId }), Effect.flatMap(client.execute))\n\n      const encoded = yield* HttpClientResponse.matchStatus(response, {\n        \"2xx\": () => HttpClientResponse.schemaBodyJson(Passkey)(response),\n        orElse: () =>\n          HttpClientResponse.schemaBodyJson(Schema.Union(NotFound, Forbidden))(response),\n      })\n\n      return yield* pipe(\n        Match.value(encoded),\n        Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n        Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n        Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n        Match.exhaustive\n      )\n    }),\n    Effect.catchTags({\n      HttpBodyError: (err) => Effect.die(err),\n      ParseError: (err) => Effect.die(err),\n      RequestError: (err) => Effect.die(err),\n      ResponseError: (err) => Effect.die(err),\n    }),\n    Effect.provide(httpClient)\n  )\n\nexport type { AssignUserRequest }\n\n/* List Passkeys */\n\nexport interface ListPasskeyOptions extends AuthenticatedTenancyOptions {\n  cursor?: string\n}\n\nexport const listPasskeysStream = (\n  options: AuthenticatedTenancyOptions,\n  httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Stream.Stream<PasskeySummary, Forbidden> =>\n  pipe(\n    Stream.paginateChunkEffect(null as string | null, (cursor) =>\n      pipe(\n        listPasskeys(cursor ? { ...options, cursor } : options, httpClient),\n        Effect.map((result) => [\n          Chunk.fromIterable(result.records),\n          Option.fromNullable(result.cursor),\n        ])\n      )\n    )\n  )\n\nexport const listPasskeys = (\n  options: ListPasskeyOptions,\n  httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<FindAllPasskeys, Forbidden> =>\n  pipe(\n    Effect.gen(function* () {\n      const client = yield* HttpClient.HttpClient\n      const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n      const { tenancyId } = options\n\n      const url = new URL(`/${tenancyId}/passkeys/`, baseUrl)\n      if (options.cursor) {\n        url.searchParams.append(\"cursor\", options.cursor)\n      }\n\n      const response = yield* HttpClientRequest.get(url, {\n        headers: { Authorization: `Bearer ${options.apiKey}` },\n      }).pipe(client.execute)\n\n      const encoded = yield* HttpClientResponse.matchStatus(response, {\n        \"2xx\": () => HttpClientResponse.schemaBodyJson(FindAllPasskeys)(response),\n        orElse: () => HttpClientResponse.schemaBodyJson(Forbidden)(response),\n      })\n\n      return yield* pipe(\n        Match.value(encoded),\n        Match.tag(\"FindAllPasskeys\", (data) => Effect.succeed(data)),\n        Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n        Match.exhaustive\n      )\n    }),\n    Effect.catchTags({\n      ParseError: (err) => Effect.die(err),\n      RequestError: (err) => Effect.die(err),\n      ResponseError: (err) => Effect.die(err),\n    }),\n    Effect.provide(httpClient)\n  )\n"]}

package/dist/principal.d.ts

@@ -1,18 +0,0 @@
-import type { AuthenticatedTenancyOptions, TenancyOptions } from "./shared.js";
-import { HttpClient } from "@effect/platform";
-import { Effect, type Layer } from "effect";
-import { Forbidden, InvalidCode } from "./schemas/errors.js";
-import { ExtendedPrincipal, type Principal } from "./schemas/principal.js";
-type ExchangeCodeOptions = AuthenticatedTenancyOptions;
-export declare const exchangeCode: (code: string, options: ExchangeCodeOptions, httpClient?: Layer.Layer<HttpClient.HttpClient>) => Effect.Effect<ExtendedPrincipal, InvalidCode | Forbidden>;
-type VerifyTokenOptions = TenancyOptions;
-declare const VerificationFailure_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => import("effect/Cause").YieldableError & {
-    readonly _tag: "@error/VerificationFailure";
-} & Readonly<A>;
-export declare class VerificationFailure extends VerificationFailure_base<{
-    message: string;
-}> {
-}
-export declare const verifyIdToken: (token: string, options: VerifyTokenOptions) => Effect.Effect<Principal, VerificationFailure>;
-export type { ExchangeCodeOptions, Principal, VerifyTokenOptions };
-//# sourceMappingURL=principal.d.ts.map

package/dist/principal.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../src/principal.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,2BAA2B,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC9E,OAAO,EAAmB,UAAU,EAAsB,MAAM,kBAAkB,CAAA;AAClF,OAAO,EAAQ,MAAM,EAAE,KAAK,KAAK,EAAuB,MAAM,QAAQ,CAAA;AAEtE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AAC5D,OAAO,EAAE,iBAAiB,EAAW,KAAK,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAEnF,KAAK,mBAAmB,GAAG,2BAA2B,CAAA;AAEtD,eAAO,MAAM,YAAY,GACvB,MAAM,MAAM,EACZ,SAAS,mBAAmB,EAC5B,aAAY,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,CAAyB,KACrE,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,WAAW,GAAG,SAAS,CAmCxD,CAAA;AAEH,KAAK,kBAAkB,GAAG,cAAc,CAAA;;;;AAWxC,qBAAa,mBAAoB,SAAQ,yBAA+C;IACtF,OAAO,EAAE,MAAM,CAAA;CAChB,CAAC;CAAG;AAEL,eAAO,MAAM,aAAa,GACxB,OAAO,MAAM,EACb,SAAS,kBAAkB,KAC1B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,mBAAmB,CAyC5C,CAAA;AAEH,YAAY,EAAE,mBAAmB,EAAE,SAAS,EAAE,kBAAkB,EAAE,CAAA"}

package/dist/principal.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"principal.js","sourceRoot":"","sources":["../src/principal.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAA;AAClF,OAAO,EAAE,IAAI,EAAE,MAAM,EAAc,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AACtE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AAC5D,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAkB,MAAM,wBAAwB,CAAA;AAInF,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,IAAY,EACZ,OAA4B,EAC5B,aAAiD,eAAe,CAAC,KAAK,EACX,EAAE,CAC7D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,cAAc,IAAI,EAAE,EAAE,OAAO,CAAC,CAAA;IAE/D,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,IAAI,CAC1B,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE;QACd,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CACH,CAAA;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC,QAAQ,CAAC;QAC3E,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC;KACpF,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,EACxE,KAAK,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAIH,MAAM,UAAU,GAAG,CAAC,QAAiB,EAAE,EAAE,CACvC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE;IACf,MAAM,OAAO,GAAG,QAAQ,IAAI,0BAA0B,CAAA;IAEtD,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC,CAAA;AAC5E,CAAC,CAAC,CAAA;AAEJ,MAAM,sBAAsB,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,CAAA;AAEtF,MAAM,OAAO,mBAAoB,SAAQ,IAAI,CAAC,WAAW,CAAC,4BAA4B,CAEpF;CAAG;AAEL,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAa,EACb,OAA2B,EACoB,EAAE,CACjD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAE5D,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAC3C,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE;YACb,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAClB,OAAO,GAAG,YAAY,KAAK;gBACzB,CAAC,CAAC,IAAI,mBAAmB,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC;gBACnD,CAAC,CAAC,IAAI,mBAAmB,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACvD,CAAC;QACD,GAAG,EAAE,GAAG,EAAE,CACR,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE;YAC1B,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,MAAM,EAAE,cAAc;SACvB,CAAC;KACL,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QACnD,GAAG,OAAO;QACV,IAAI,EAAE,SAAS;KAChB,CAAC,CAAA;IAEF,MAAM,SAAS,GAAc;QAC3B,IAAI,EAAE,WAAW;QACjB,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC;QAClB,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC;QAChC,iBAAiB,EAAE,SAAS;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,OAAO,EAAE;YACP,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC;YAC9B,QAAQ,EAAE,IAAI;SACf;QACD,MAAM,EAAE,OAAO,CAAC,GAAG;KACpB,CAAA;IAED,OAAO,SAAS,CAAA;AAClB,CAAC,CAAC,EACF,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CACxD,CAAA","sourcesContent":["import type { AuthenticatedTenancyOptions, TenancyOptions } from \"./shared.js\"\nimport { FetchHttpClient, HttpClient, HttpClientResponse } from \"@effect/platform\"\nimport { Data, Effect, type Layer, Match, pipe, Schema } from \"effect\"\nimport * as jose from \"jose\"\nimport { Forbidden, InvalidCode } from \"./schemas/errors.js\"\nimport { ExtendedPrincipal, IdToken, type Principal } from \"./schemas/principal.js\"\n\ntype ExchangeCodeOptions = AuthenticatedTenancyOptions\n\nexport const exchangeCode = (\n  code: string,\n  options: ExchangeCodeOptions,\n  httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<ExtendedPrincipal, InvalidCode | Forbidden> =>\n  pipe(\n    Effect.gen(function* () {\n      const client = yield* HttpClient.HttpClient\n      const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n      const { tenancyId } = options\n\n      const url = new URL(`/${tenancyId}/principal/${code}`, baseUrl)\n\n      const response = yield* pipe(\n        client.get(url, {\n          headers: { Authorization: `Bearer ${options.apiKey}` },\n        })\n      )\n\n      const encoded = yield* HttpClientResponse.matchStatus(response, {\n        \"2xx\": () => HttpClientResponse.schemaBodyJson(ExtendedPrincipal)(response),\n        orElse: () =>\n          HttpClientResponse.schemaBodyJson(Schema.Union(InvalidCode, Forbidden))(response),\n      })\n\n      return yield* pipe(\n        Match.value(encoded),\n        Match.tag(\"ExtendedPrincipal\", (principal) => Effect.succeed(principal)),\n        Match.tag(\"@error/InvalidCode\", (err) => Effect.fail(err)),\n        Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n        Match.exhaustive\n      )\n    }),\n    Effect.catchTags({\n      ParseError: (err) => Effect.die(err),\n      RequestError: (err) => Effect.die(err),\n      ResponseError: (err) => Effect.die(err),\n    }),\n    Effect.provide(httpClient)\n  )\n\ntype VerifyTokenOptions = TenancyOptions\n\nconst createJwks = (endpoint?: string) =>\n  Effect.sync(() => {\n    const baseUrl = endpoint ?? \"https://api.passlock.dev\"\n\n    return jose.createRemoteJWKSet(new URL(\"/.well-known/jwks.json\", baseUrl))\n  })\n\nconst createCachedRemoteJwks = pipe(Effect.cachedFunction(createJwks), Effect.runSync)\n\nexport class VerificationFailure extends Data.TaggedError(\"@error/VerificationFailure\")<{\n  message: string\n}> {}\n\nexport const verifyIdToken = (\n  token: string,\n  options: VerifyTokenOptions\n): Effect.Effect<Principal, VerificationFailure> =>\n  pipe(\n    Effect.gen(function* () {\n      const JWKS = yield* createCachedRemoteJwks(options.endpoint)\n\n      const { payload } = yield* Effect.tryPromise({\n        catch: (err) => {\n          console.error(err)\n          return err instanceof Error\n            ? new VerificationFailure({ message: err.message })\n            : new VerificationFailure({ message: String(err) })\n        },\n        try: () =>\n          jose.jwtVerify(token, JWKS, {\n            audience: options.tenancyId,\n            issuer: \"passlock.dev\",\n          }),\n      })\n\n      const idToken = yield* Schema.decodeUnknown(IdToken)({\n        ...payload,\n        _tag: \"IdToken\",\n      })\n\n      const principal: Principal = {\n        _tag: \"Principal\",\n        id: idToken[\"jti\"],\n        authenticatorId: idToken[\"a:id\"],\n        authenticatorType: \"passkey\",\n        createdAt: idToken.iat * 1000,\n        expiresAt: idToken.exp * 1000,\n        passkey: {\n          userVerified: idToken[\"pk:uv\"],\n          verified: true,\n        },\n        userId: idToken.sub,\n      }\n\n      return principal\n    }),\n    Effect.catchTag(\"ParseError\", (err) => Effect.die(err))\n  )\n\nexport type { ExchangeCodeOptions, Principal, VerifyTokenOptions }\n"]}

package/dist/testUtils.d.ts

@@ -1,11 +0,0 @@
-import { type HeadersInit } from "@effect/platform-node/Undici";
-import { Effect, Redacted } from "effect";
-export declare const intTestConfig: Effect.Effect<{
-    tenancyId: string;
-    passkeyId: string;
-    code: string;
-    apiKey: Redacted.Redacted<string>;
-    endpoint: string;
-}, import("effect/ConfigError").ConfigError, never>;
-export declare const getHeaderValue: (headers: HeadersInit, header: string) => string | null;
-//# sourceMappingURL=testUtils.d.ts.map

package/dist/testUtils.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"testUtils.d.ts","sourceRoot":"","sources":["../src/testUtils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,KAAK,WAAW,EAAE,MAAM,8BAA8B,CAAA;AACxE,OAAO,EAAiB,MAAM,EAAgB,QAAQ,EAAE,MAAM,QAAQ,CAAA;AAkBtE,eAAO,MAAM,aAAa;;;;;;mDAQxB,CAAA;AAEF,eAAO,MAAM,cAAc,GAAI,SAAS,WAAW,EAAE,QAAQ,MAAM,KAAG,MAAM,GAAG,IAc9E,CAAA"}

package/dist/testUtils.js

@@ -1,25 +0,0 @@
-import { Headers } from "@effect/platform-node/Undici";
-import { Array, Config, Effect, Option, pipe, Redacted } from "effect";
-const lookupTenancyId = pipe(Config.string("PASSLOCK_TENANCY_ID"), Config.withDefault("itTenancy"));
-const lookupPasskeyId = pipe(Config.string("PASSLOCK_PASSKEY_ID"), Config.withDefault("itPasskey"));
-const lookupCode = pipe(Config.string("PASSLOCK_PRINCIPAL_CODE"), Config.withDefault("itPrincipal"));
-const lookupApiKey = pipe(Config.redacted("PASSLOCK_API_KEY"), Config.withDefault(Redacted.make("itApiKey")));
-const lookupEndpoint = pipe(Config.string("PASSLOCK_ENDPOINT"), Config.withDefault("http://localhost:3000"));
-export const intTestConfig = Effect.gen(function* () {
-    const tenancyId = yield* lookupTenancyId;
-    const passkeyId = yield* lookupPasskeyId;
-    const code = yield* lookupCode;
-    const apiKey = yield* lookupApiKey;
-    const endpoint = yield* lookupEndpoint;
-    return { tenancyId, passkeyId, code, apiKey, endpoint };
-});
-export const getHeaderValue = (headers, header) => {
-    if (headers instanceof Headers) {
-        return headers.get(header);
-    }
-    if (Array.isArray(headers)) {
-        return pipe(Array.findFirst(headers, ([k]) => k === header), Option.map(([_, v]) => v), Option.getOrNull);
-    }
-    return headers["authorization"] ?? null;
-};
-//# sourceMappingURL=testUtils.js.map

package/dist/testUtils.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"testUtils.js","sourceRoot":"","sources":["../src/testUtils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAoB,MAAM,8BAA8B,CAAA;AACxE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAA;AAEtE,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAA;AAEnG,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAA;AAEnG,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAA;AAEpG,MAAM,YAAY,GAAG,IAAI,CACvB,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EACnC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC9C,CAAA;AAED,MAAM,cAAc,GAAG,IAAI,CACzB,MAAM,CAAC,MAAM,CAAC,mBAAmB,CAAC,EAClC,MAAM,CAAC,WAAW,CAAC,uBAAuB,CAAC,CAC5C,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAC/C,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,eAAe,CAAA;IACxC,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,eAAe,CAAA;IACxC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,UAAU,CAAA;IAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,YAAY,CAAA;IAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,cAAc,CAAA;IAEtC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAA;AACzD,CAAC,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,OAAoB,EAAE,MAAc,EAAiB,EAAE;IACpF,IAAI,OAAO,YAAY,OAAO,EAAE,CAAC;QAC/B,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;IAC5B,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,CACT,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,CAAC,EAC/C,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EACzB,MAAM,CAAC,SAAS,CACjB,CAAA;IACH,CAAC;IAED,OAAO,OAAO,CAAC,eAAe,CAAC,IAAI,IAAI,CAAA;AACzC,CAAC,CAAA","sourcesContent":["import { Headers, type HeadersInit } from \"@effect/platform-node/Undici\"\nimport { Array, Config, Effect, Option, pipe, Redacted } from \"effect\"\n\nconst lookupTenancyId = pipe(Config.string(\"PASSLOCK_TENANCY_ID\"), Config.withDefault(\"itTenancy\"))\n\nconst lookupPasskeyId = pipe(Config.string(\"PASSLOCK_PASSKEY_ID\"), Config.withDefault(\"itPasskey\"))\n\nconst lookupCode = pipe(Config.string(\"PASSLOCK_PRINCIPAL_CODE\"), Config.withDefault(\"itPrincipal\"))\n\nconst lookupApiKey = pipe(\n  Config.redacted(\"PASSLOCK_API_KEY\"),\n  Config.withDefault(Redacted.make(\"itApiKey\"))\n)\n\nconst lookupEndpoint = pipe(\n  Config.string(\"PASSLOCK_ENDPOINT\"),\n  Config.withDefault(\"http://localhost:3000\")\n)\n\nexport const intTestConfig = Effect.gen(function* () {\n  const tenancyId = yield* lookupTenancyId\n  const passkeyId = yield* lookupPasskeyId\n  const code = yield* lookupCode\n  const apiKey = yield* lookupApiKey\n  const endpoint = yield* lookupEndpoint\n\n  return { tenancyId, passkeyId, code, apiKey, endpoint }\n})\n\nexport const getHeaderValue = (headers: HeadersInit, header: string): string | null => {\n  if (headers instanceof Headers) {\n    return headers.get(header)\n  }\n\n  if (Array.isArray(headers)) {\n    return pipe(\n      Array.findFirst(headers, ([k]) => k === header),\n      Option.map(([_, v]) => v),\n      Option.getOrNull\n    )\n  }\n\n  return headers[\"authorization\"] ?? null\n}\n"]}

package/dist/unsafe.d.ts

@@ -1,55 +0,0 @@
-import type { AssignUserRequest, DeleteAuthenticatorOptions, GetAuthenticatorOptions, ListPasskeyOptions, Passkey } from "./passkey.js";
-import type { ExchangeCodeOptions, VerifyTokenOptions } from "./principal.js";
-import type { DeletedPasskey, FindAllPasskeys } from "./schemas/passkey.js";
-import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
-/**
- * Call the Passlock backend API to assign a userId to an authenticator
- * @param request
- * @param request
- * @returns
- */
-export declare const assignUser: (request: AssignUserRequest) => Promise<Passkey>;
-/**
- * Call the Passlock backend API to delete an authenticator
- * @param options
- * @param options
- * @returns
- */
-export declare const deletePasskey: (passkeyId: string, options: DeleteAuthenticatorOptions) => Promise<DeletedPasskey>;
-/**
- * Call the Passlock backend API to fetch an authenticator
- * @param authenticatorId
- * @param options
- * @returns
- */
-export declare const getPasskey: (authenticatorId: string, options: GetAuthenticatorOptions) => Promise<Passkey>;
-/**
- * List passkeys for the given tenancy. Note this could return a cursor, in which case the function chould be called with the given cursor.
- * @param options
- * @returns
- */
-export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys>;
-/**
- * Call the Passlock backend API to exchange a code for a Principal
- * @param code
- * @package options
- * @returns
- */
-export declare const exchangeCode: (code: string, options: ExchangeCodeOptions) => Promise<ExtendedPrincipal>;
-/**
- * Decode and verify a Passlock idToken.
- * Note: This will make a network call to the passlock.dev/.well-known/jwks.json
- * endpoint to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS lambda it will make the call on every
- * cold start so might actually be slower than {@link exchangeCode}
- * @param token
- * @param options
- * @returns
- */
-export declare const verifyIdToken: (token: string, options: VerifyTokenOptions) => Promise<Principal>;
-export type { AssignUserRequest, DeleteAuthenticatorOptions, GetAuthenticatorOptions, ListPasskeyOptions, } from "./passkey.js";
-export type { ExchangeCodeOptions, VerifyTokenOptions } from "./principal.js";
-export type { AuthenticatedTenancyOptions, TenancyOptions } from "./shared.js";
-export { VerificationFailure } from "./principal.js";
-export * from "./schemas/index.js";
-//# sourceMappingURL=unsafe.d.ts.map

package/dist/unsafe.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"unsafe.d.ts","sourceRoot":"","sources":["../src/unsafe.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,iBAAiB,EACjB,0BAA0B,EAC1B,uBAAuB,EACvB,kBAAkB,EAClB,OAAO,EACR,MAAM,cAAc,CAAA;AACrB,OAAO,KAAK,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AAC7E,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAW1E;;;;;GAKG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,CACxB,CAAA;AAE/C;;;;;GAKG;AACH,eAAO,MAAM,aAAa,GACxB,WAAW,MAAM,EACjB,SAAS,0BAA0B,KAClC,OAAO,CAAC,cAAc,CAAgE,CAAA;AAEzF;;;;;GAKG;AACH,eAAO,MAAM,UAAU,GACrB,iBAAiB,MAAM,EACvB,SAAS,uBAAuB,KAC/B,OAAO,CAAC,OAAO,CAAmE,CAAA;AAErF;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAI,SAAS,kBAAkB,KAAG,OAAO,CAAC,eAAe,CACjC,CAAA;AAEjD;;;;;GAKG;AACH,eAAO,MAAM,YAAY,GACvB,MAAM,MAAM,EACZ,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,CACkE,CAAA;AAE9F;;;;;;;;;GASG;AACH,eAAO,MAAM,aAAa,GAAI,OAAO,MAAM,EAAE,SAAS,kBAAkB,KAAG,OAAO,CAAC,SAAS,CACI,CAAA;AAEhG,YAAY,EACV,iBAAiB,EACjB,0BAA0B,EAC1B,uBAAuB,EACvB,kBAAkB,GACnB,MAAM,cAAc,CAAA;AACrB,YAAY,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AAC7E,YAAY,EAAE,2BAA2B,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC9E,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAA;AACpD,cAAc,oBAAoB,CAAA"}

package/dist/unsafe.js

@@ -1,52 +0,0 @@
-import { FetchHttpClient } from "@effect/platform";
-import { Effect, pipe } from "effect";
-import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, } from "./passkey.js";
-import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE } from "./principal.js";
-/**
- * Call the Passlock backend API to assign a userId to an authenticator
- * @param request
- * @param request
- * @returns
- */
-export const assignUser = (request) => pipe(assignUserE(request), Effect.runPromise);
-/**
- * Call the Passlock backend API to delete an authenticator
- * @param options
- * @param options
- * @returns
- */
-export const deletePasskey = (passkeyId, options) => pipe(deletePasskeyE(passkeyId, options), Effect.runPromise);
-/**
- * Call the Passlock backend API to fetch an authenticator
- * @param authenticatorId
- * @param options
- * @returns
- */
-export const getPasskey = (authenticatorId, options) => pipe(getPasskeyE(authenticatorId, options), Effect.runPromise);
-/**
- * List passkeys for the given tenancy. Note this could return a cursor, in which case the function chould be called with the given cursor.
- * @param options
- * @returns
- */
-export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.runPromise);
-/**
- * Call the Passlock backend API to exchange a code for a Principal
- * @param code
- * @package options
- * @returns
- */
-export const exchangeCode = (code, options) => pipe(exchangeCodeE(code, options), Effect.provide(FetchHttpClient.layer), Effect.runPromise);
-/**
- * Decode and verify a Passlock idToken.
- * Note: This will make a network call to the passlock.dev/.well-known/jwks.json
- * endpoint to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS lambda it will make the call on every
- * cold start so might actually be slower than {@link exchangeCode}
- * @param token
- * @param options
- * @returns
- */
-export const verifyIdToken = (token, options) => pipe(verifyIdTokenE(token, options), Effect.provide(FetchHttpClient.layer), Effect.runPromise);
-export { VerificationFailure } from "./principal.js";
-export * from "./schemas/index.js";
-//# sourceMappingURL=unsafe.js.map

package/dist/unsafe.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"unsafe.js","sourceRoot":"","sources":["../src/unsafe.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AACrC,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,GAC9B,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,YAAY,IAAI,aAAa,EAAE,aAAa,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAE/F;;;;;GAKG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAAoB,EAAE,CACzE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE/C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,SAAiB,EACjB,OAAmC,EACV,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEzF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,eAAuB,EACvB,OAAgC,EACd,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAErF;;;;GAIG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,OAA2B,EAA4B,EAAE,CACpF,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEjD;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,IAAY,EACZ,OAA4B,EACA,EAAE,CAC9B,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE9F;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAa,EAAE,OAA2B,EAAsB,EAAE,CAC9F,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAUhG,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAA;AACpD,cAAc,oBAAoB,CAAA","sourcesContent":["import type {\n  AssignUserRequest,\n  DeleteAuthenticatorOptions,\n  GetAuthenticatorOptions,\n  ListPasskeyOptions,\n  Passkey,\n} from \"./passkey.js\"\nimport type { ExchangeCodeOptions, VerifyTokenOptions } from \"./principal.js\"\nimport type { DeletedPasskey, FindAllPasskeys } from \"./schemas/passkey.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nimport { FetchHttpClient } from \"@effect/platform\"\nimport { Effect, pipe } from \"effect\"\nimport {\n  assignUser as assignUserE,\n  deletePasskey as deletePasskeyE,\n  getPasskey as getPasskeyE,\n  listPasskeys as listPasskeysE,\n} from \"./passkey.js\"\nimport { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE } from \"./principal.js\"\n\n/**\n * Call the Passlock backend API to assign a userId to an authenticator\n * @param request\n * @param request\n * @returns\n */\nexport const assignUser = (request: AssignUserRequest): Promise<Passkey> =>\n  pipe(assignUserE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to delete an authenticator\n * @param options\n * @param options\n * @returns\n */\nexport const deletePasskey = (\n  passkeyId: string,\n  options: DeleteAuthenticatorOptions\n): Promise<DeletedPasskey> => pipe(deletePasskeyE(passkeyId, options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to fetch an authenticator\n * @param authenticatorId\n * @param options\n * @returns\n */\nexport const getPasskey = (\n  authenticatorId: string,\n  options: GetAuthenticatorOptions\n): Promise<Passkey> => pipe(getPasskeyE(authenticatorId, options), Effect.runPromise)\n\n/**\n * List passkeys for the given tenancy. Note this could return a cursor, in which case the function chould be called with the given cursor.\n * @param options\n * @returns\n */\nexport const listPasskeys = (options: ListPasskeyOptions): Promise<FindAllPasskeys> =>\n  pipe(listPasskeysE(options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to exchange a code for a Principal\n * @param code\n * @package options\n * @returns\n */\nexport const exchangeCode = (\n  code: string,\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal> =>\n  pipe(exchangeCodeE(code, options), Effect.provide(FetchHttpClient.layer), Effect.runPromise)\n\n/**\n * Decode and verify a Passlock idToken.\n * Note: This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n * @param token\n * @param options\n * @returns\n */\nexport const verifyIdToken = (token: string, options: VerifyTokenOptions): Promise<Principal> =>\n  pipe(verifyIdTokenE(token, options), Effect.provide(FetchHttpClient.layer), Effect.runPromise)\n\nexport type {\n  AssignUserRequest,\n  DeleteAuthenticatorOptions,\n  GetAuthenticatorOptions,\n  ListPasskeyOptions,\n} from \"./passkey.js\"\nexport type { ExchangeCodeOptions, VerifyTokenOptions } from \"./principal.js\"\nexport type { AuthenticatedTenancyOptions, TenancyOptions } from \"./shared.js\"\nexport { VerificationFailure } from \"./principal.js\"\nexport * from \"./schemas/index.js\"\n"]}