@passlock/node 2.0.1 → 2.0.3

package/dist/effect.d.ts

@@ -1,7 +1,7 @@
-export type { AssignUserRequest, DeleteAuthenticatorOptions, GetAuthenticatorOptions, ListPasskeyOptions, } from "./passkey.js";
-export type { ExchangeCodeOptions, VerifyTokenOptions } from "./principal.js";
-export type { AuthenticatedTenancyOptions, TenancyOptions } from "./shared.js";
-export { assignUser, deletePasskey, getPasskey, listPasskeys, } from "./passkey.js";
-export { exchangeCode, VerificationFailure, verifyIdToken } from "./principal.js";
+export type { AssignUserOptions, ListPasskeyOptions, } from "./passkey/passkey.js";
+export { assignUser, deletePasskey, getPasskey, listPasskeys, } from "./passkey/passkey.js";
+export type {} from "./principal/principal.js";
+export { exchangeCode, VerificationError, verifyIdToken, } from "./principal/principal.js";
 export * from "./schemas/index.js";
+export type { AuthenticatedOptions, PasslockOptions, } from "./shared.js";
 //# sourceMappingURL=effect.d.ts.map

package/dist/effect.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"effect.d.ts","sourceRoot":"","sources":["../src/effect.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,iBAAiB,EACjB,0BAA0B,EAC1B,uBAAuB,EACvB,kBAAkB,GACnB,MAAM,cAAc,CAAA;AACrB,YAAY,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AAC7E,YAAY,EAAE,2BAA2B,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC9E,OAAO,EACL,UAAU,EACV,aAAa,EACb,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AACjF,cAAc,oBAAoB,CAAA"}
+{"version":3,"file":"effect.d.ts","sourceRoot":"","sources":["../src/effect.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,UAAU,EACV,aAAa,EACb,UAAU,EACV,YAAY,GACb,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAC9C,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,aAAa,GACd,MAAM,0BAA0B,CAAA;AACjC,cAAc,oBAAoB,CAAA;AAClC,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}

package/dist/effect.js

@@ -1,4 +1,4 @@
-export { assignUser, deletePasskey, getPasskey, listPasskeys, } from "./passkey.js";
-export { exchangeCode, VerificationFailure, verifyIdToken } from "./principal.js";
+export { assignUser, deletePasskey, getPasskey, listPasskeys, } from "./passkey/passkey.js";
+export { exchangeCode, VerificationError, verifyIdToken, } from "./principal/principal.js";
 export * from "./schemas/index.js";
 //# sourceMappingURL=effect.js.map

package/dist/effect.js.map

@@ -1 +1 @@
-{"version":3,"file":"effect.js","sourceRoot":"","sources":["../src/effect.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,UAAU,EACV,aAAa,EACb,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AACjF,cAAc,oBAAoB,CAAA","sourcesContent":["export type {\n  AssignUserRequest,\n  DeleteAuthenticatorOptions,\n  GetAuthenticatorOptions,\n  ListPasskeyOptions,\n} from \"./passkey.js\"\nexport type { ExchangeCodeOptions, VerifyTokenOptions } from \"./principal.js\"\nexport type { AuthenticatedTenancyOptions, TenancyOptions } from \"./shared.js\"\nexport {\n  assignUser,\n  deletePasskey,\n  getPasskey,\n  listPasskeys,\n} from \"./passkey.js\"\nexport { exchangeCode, VerificationFailure, verifyIdToken } from \"./principal.js\"\nexport * from \"./schemas/index.js\"\n"]}
+{"version":3,"file":"effect.js","sourceRoot":"","sources":["../src/effect.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,UAAU,EACV,aAAa,EACb,UAAU,EACV,YAAY,GACb,MAAM,sBAAsB,CAAA;AAE7B,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,aAAa,GACd,MAAM,0BAA0B,CAAA;AACjC,cAAc,oBAAoB,CAAA","sourcesContent":["export type {\n  AssignUserOptions,\n  ListPasskeyOptions,\n} from \"./passkey/passkey.js\"\nexport {\n  assignUser,\n  deletePasskey,\n  getPasskey,\n  listPasskeys,\n} from \"./passkey/passkey.js\"\nexport type {} from \"./principal/principal.js\"\nexport {\n  exchangeCode,\n  VerificationError,\n  verifyIdToken,\n} from \"./principal/principal.js\"\nexport * from \"./schemas/index.js\"\nexport type {\n  AuthenticatedOptions,\n  PasslockOptions,\n} from \"./shared.js\"\n"]}

package/dist/errors.d.ts

@@ -0,0 +1,71 @@
+/**
+ * @category Authentication
+ */
+export type UnauthorizedError = {
+    _tag: "@error/Unauthorized";
+    message: string;
+};
+export declare const isUnauthorizedError: (payload: unknown) => payload is UnauthorizedError;
+/**
+ * @category Authentication
+ */
+export type ForbiddenError = {
+    _tag: "@error/Forbidden";
+    message: string;
+};
+export declare const isForbiddenError: (payload: unknown) => payload is ForbiddenError;
+/**
+ * @category Principal
+ */
+export type InvalidCodeError = {
+    _tag: "@error/InvalidCode";
+    message: string;
+};
+export declare const isInvalidCodeError: (payload: unknown) => payload is InvalidCodeError;
+/**
+ * @category Principal
+ */
+export type VerificationError = {
+    _tag: "@error/Verification";
+    message: string;
+};
+export declare const isVerificationError: (payload: unknown) => payload is VerificationError;
+export type InvalidTenancyError = {
+    _tag: "@error/InvalidTenancy";
+    message: string;
+};
+export declare const isInvalidTenancyError: (payload: unknown) => payload is InvalidTenancyError;
+/**
+ * Error payload returned when a passkey cannot be found for a given
+ * authentication attempt.
+ *
+ * @category Passkeys
+ */
+export type PasskeyNotFoundError = {
+    _tag: "@error/PasskeyNotFound";
+    message: string;
+    credentialId: string;
+    rpId: string;
+};
+export declare const isPasskeyNotFoundError: (payload: unknown) => payload is PasskeyNotFoundError;
+export type NotFoundError = {
+    _tag: "@error/NotFound";
+    message: string;
+};
+export declare const isNotFoundError: (payload: unknown) => payload is NotFoundError;
+export type InvalidEmailError = {
+    _tag: "@error/InvalidEmail";
+    message: string;
+};
+export declare const isInvalidEmailError: (payload: unknown) => payload is InvalidEmailError;
+export type DuplicateEmailError = {
+    _tag: "@error/DuplicateEmail";
+    message: string;
+};
+export declare const isDuplicateEmailError: (payload: unknown) => payload is DuplicateEmailError;
+export type BadRequestError = {
+    _tag: "@error/BadRequest";
+    message: string;
+};
+export declare const isBadRequestError: (payload: unknown) => payload is BadRequestError;
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAsBA;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC9B,IAAI,EAAE,qBAAqB,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,mBAAmB,YArBpB,OAAO,KAAG,OAAO,qBAuB5B,CAAA;AAID;;GAEG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,EAAE,kBAAkB,CAAA;IACxB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,gBAAgB,YAnCjB,OAAO,KAAG,OAAO,kBAmC+C,CAAA;AAI5E;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,IAAI,EAAE,oBAAoB,CAAA;IAC1B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,kBAAkB,YA/CnB,OAAO,KAAG,OAAO,oBAgDqB,CAAA;AAIlD;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC9B,IAAI,EAAE,qBAAqB,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,mBAAmB,YA5DpB,OAAO,KAAG,OAAO,qBA8D5B,CAAA;AAID,MAAM,MAAM,mBAAmB,GAAG;IAChC,IAAI,EAAE,uBAAuB,CAAA;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,qBAAqB,YAvEtB,OAAO,KAAG,OAAO,uBAyE5B,CAAA;AAID;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC,IAAI,EAAE,wBAAwB,CAAA;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,YAAY,EAAE,MAAM,CAAA;IACpB,IAAI,EAAE,MAAM,CAAA;CACb,CAAA;AAED,eAAO,MAAM,sBAAsB,YA1FvB,OAAO,KAAG,OAAO,wBA4F5B,CAAA;AAID,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,iBAAiB,CAAA;IACvB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,eAAe,YArGhB,OAAO,KAAG,OAAO,iBAqG4C,CAAA;AAIzE,MAAM,MAAM,iBAAiB,GAAG;IAC9B,IAAI,EAAE,qBAAqB,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,mBAAmB,YA9GpB,OAAO,KAAG,OAAO,qBAgH5B,CAAA;AAID,MAAM,MAAM,mBAAmB,GAAG;IAChC,IAAI,EAAE,uBAAuB,CAAA;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,qBAAqB,YAzHtB,OAAO,KAAG,OAAO,uBA2H5B,CAAA;AAID,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,mBAAmB,CAAA;IACzB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,eAAO,MAAM,iBAAiB,YApIlB,OAAO,KAAG,OAAO,mBAoIkD,CAAA"}

package/dist/errors.js

@@ -0,0 +1,30 @@
+/*
+ * Publicly exposed errors.
+ * The errors we receive from the API live in the schemas/errors.ts module.
+ * The errors here have the same shape but they are simple types
+ * so are easier for non Effect consumers to handle.
+ */
+const isTagged = (tag) => (payload) => {
+    if (typeof payload !== "object")
+        return false;
+    if (payload === null)
+        return false;
+    if (!("_tag" in payload))
+        return false;
+    if (typeof payload._tag !== "string")
+        return false;
+    if (payload._tag !== tag)
+        return false;
+    return true;
+};
+export const isUnauthorizedError = isTagged("@error/Unauthorized");
+export const isForbiddenError = isTagged("@error/Forbidden");
+export const isInvalidCodeError = isTagged("@error/InvalidCode");
+export const isVerificationError = isTagged("@error/Verification");
+export const isInvalidTenancyError = isTagged("@error/InvalidTenancy");
+export const isPasskeyNotFoundError = isTagged("@error/PasskeyNotFound");
+export const isNotFoundError = isTagged("@error/NotFound");
+export const isInvalidEmailError = isTagged("@error/InvalidEmail");
+export const isDuplicateEmailError = isTagged("@error/DuplicateEmail");
+export const isBadRequestError = isTagged("@error/BadRequest");
+//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,QAAQ,GACZ,CAA6B,GAAc,EAAE,EAAE,CAC/C,CAAC,OAAgB,EAAgB,EAAE;IACjC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC7C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAElC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAClD,IAAI,OAAO,CAAC,IAAI,KAAK,GAAG;QAAE,OAAO,KAAK,CAAA;IAEtC,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAYH,MAAM,CAAC,MAAM,mBAAmB,GAAG,QAAQ,CACzC,qBAAqB,CACtB,CAAA;AAYD,MAAM,CAAC,MAAM,gBAAgB,GAAG,QAAQ,CAAiB,kBAAkB,CAAC,CAAA;AAY5E,MAAM,CAAC,MAAM,kBAAkB,GAC7B,QAAQ,CAAmB,oBAAoB,CAAC,CAAA;AAYlD,MAAM,CAAC,MAAM,mBAAmB,GAAG,QAAQ,CACzC,qBAAqB,CACtB,CAAA;AASD,MAAM,CAAC,MAAM,qBAAqB,GAAG,QAAQ,CAC3C,uBAAuB,CACxB,CAAA;AAiBD,MAAM,CAAC,MAAM,sBAAsB,GAAG,QAAQ,CAC5C,wBAAwB,CACzB,CAAA;AASD,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAgB,iBAAiB,CAAC,CAAA;AASzE,MAAM,CAAC,MAAM,mBAAmB,GAAG,QAAQ,CACzC,qBAAqB,CACtB,CAAA;AASD,MAAM,CAAC,MAAM,qBAAqB,GAAG,QAAQ,CAC3C,uBAAuB,CACxB,CAAA;AASD,MAAM,CAAC,MAAM,iBAAiB,GAAG,QAAQ,CAAkB,mBAAmB,CAAC,CAAA","sourcesContent":["/*\n * Publicly exposed errors.\n * The errors we receive from the API live in the schemas/errors.ts module.\n * The errors here have the same shape but they are simple types\n * so are easier for non Effect consumers to handle.\n */\n\nconst isTagged =\n  <A extends { _tag: string }>(tag: A[\"_tag\"]) =>\n  (payload: unknown): payload is A => {\n    if (typeof payload !== \"object\") return false\n    if (payload === null) return false\n\n    if (!(\"_tag\" in payload)) return false\n    if (typeof payload._tag !== \"string\") return false\n    if (payload._tag !== tag) return false\n\n    return true\n  }\n\n/* Unauthorized */\n\n/**\n * @category Authentication\n */\nexport type UnauthorizedError = {\n  _tag: \"@error/Unauthorized\"\n  message: string\n}\n\nexport const isUnauthorizedError = isTagged<UnauthorizedError>(\n  \"@error/Unauthorized\"\n)\n\n/* Forbidden */\n\n/**\n * @category Authentication\n */\nexport type ForbiddenError = {\n  _tag: \"@error/Forbidden\"\n  message: string\n}\n\nexport const isForbiddenError = isTagged<ForbiddenError>(\"@error/Forbidden\")\n\n/* InvalidCode */\n\n/**\n * @category Principal\n */\nexport type InvalidCodeError = {\n  _tag: \"@error/InvalidCode\"\n  message: string\n}\n\nexport const isInvalidCodeError =\n  isTagged<InvalidCodeError>(\"@error/InvalidCode\")\n\n/* VerificationFailure */\n\n/**\n * @category Principal\n */\nexport type VerificationError = {\n  _tag: \"@error/Verification\"\n  message: string\n}\n\nexport const isVerificationError = isTagged<VerificationError>(\n  \"@error/Verification\"\n)\n\n/* InvalidTenancy */\n\nexport type InvalidTenancyError = {\n  _tag: \"@error/InvalidTenancy\"\n  message: string\n}\n\nexport const isInvalidTenancyError = isTagged<InvalidTenancyError>(\n  \"@error/InvalidTenancy\"\n)\n\n/* PasskeyNotFound */\n\n/**\n * Error payload returned when a passkey cannot be found for a given\n * authentication attempt.\n *\n * @category Passkeys\n */\nexport type PasskeyNotFoundError = {\n  _tag: \"@error/PasskeyNotFound\"\n  message: string\n  credentialId: string\n  rpId: string\n}\n\nexport const isPasskeyNotFoundError = isTagged<PasskeyNotFoundError>(\n  \"@error/PasskeyNotFound\"\n)\n\n/* NotFound */\n\nexport type NotFoundError = {\n  _tag: \"@error/NotFound\"\n  message: string\n}\n\nexport const isNotFoundError = isTagged<NotFoundError>(\"@error/NotFound\")\n\n/* InvalidEmail */\n\nexport type InvalidEmailError = {\n  _tag: \"@error/InvalidEmail\"\n  message: string\n}\n\nexport const isInvalidEmailError = isTagged<InvalidEmailError>(\n  \"@error/InvalidEmail\"\n)\n\n/* DuplicateEmail */\n\nexport type DuplicateEmailError = {\n  _tag: \"@error/DuplicateEmail\"\n  message: string\n}\n\nexport const isDuplicateEmailError = isTagged<DuplicateEmailError>(\n  \"@error/DuplicateEmail\"\n)\n\n/* BadRequest */\n\nexport type BadRequestError = {\n  _tag: \"@error/BadRequest\"\n  message: string\n}\n\nexport const isBadRequestError = isTagged<BadRequestError>(\"@error/BadRequest\")\n"]}

package/dist/index.d.ts

@@ -1,56 +1,115 @@
-import type { AssignUserRequest, DeleteAuthenticatorOptions, GetAuthenticatorOptions, ListPasskeyOptions, Passkey } from "./passkey.js";
-import type { ExchangeCodeOptions, VerificationFailure, VerifyTokenOptions } from "./principal.js";
-import type { Forbidden, InvalidCode, NotFound } from "./schemas/errors.js";
-import type { DeletedPasskey, FindAllPasskeys } from "./schemas/passkey.js";
+/**
+ * Unsafe functions that could potentially throw errors.
+ *
+ * @categoryDescription Passkeys
+ * Functions and related types for managing passkeys
+ *
+ * @showCategories
+ *
+ * @module unsafe
+ */
+import type { AssignUserOptions, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions } from "./passkey/passkey.js";
+import type { ExchangeCodeOptions, VerifyIdTokenOptions } from "./principal/principal.js";
 import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
 /**
  * Call the Passlock backend API to assign a userId to an authenticator
+ *
  * @param request
+ * @returns A promise resolving to the updated passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
+ */
+export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey>;
+/**
+ * Call the Passlock backend API to update passkey properties
+ *
+ * @param request
+ * @returns A promise resolving to the updated passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
+ */
+export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<Passkey>;
+/**
+ * Call the Passlock backend API to update all passkeys for a given user
+ *
  * @param request
- * @returns
+ * @returns A promise resolving to updated usernames for matching passkeys.
+ * @throws {@link NotFoundError} if no passkeys are found for the given user
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export declare const assignUser: (request: AssignUserRequest) => Promise<Passkey | NotFound | Forbidden>;
+export declare const updatePasskeyUsernames: (request: UpdatePasskeyUsernamesOptions) => Promise<UpdatedPasskeyUsernames>;
 /**
  * Call the Passlock backend API to delete an authenticator
+ *
  * @param options
- * @param options
- * @returns
+ * @returns A promise resolving to the deleted passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export declare const deletePasskey: (passkeyId: string, options: DeleteAuthenticatorOptions) => Promise<DeletedPasskey | Forbidden | NotFound>;
+export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<Passkey>;
 /**
  * Call the Passlock backend API to fetch an authenticator
- * @param request
- * @param request
- * @returns
+ *
+ * @param options
+ * @returns A promise resolving to the passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export declare const getPasskey: (authenticatorId: string, options: GetAuthenticatorOptions) => Promise<Passkey | Forbidden | NotFound>;
+export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey>;
 /**
- * List passkeys for the given tenancy. Note this could return a cursor, in which case the function chould be called with the given cursor.
+ * List passkeys for the given tenancy. Note this could return a cursor,
+ * in which case the function should be called again with the given cursor.
+ *
  * @param options
- * @returns
+ * @returns A promise resolving to a page of passkey summaries.
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys | Forbidden>;
+export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys>;
 /**
- * Call the Passlock backend API to exchange a code for a Principal
- * @param code
- * @package options
- * @returns
+ * Call the Passlock backend API to exchange a code for an ExtendedPrincipal
+ *
+ * @param options
+ * @returns A promise resolving to an extended principal.
+ * @throws {@link InvalidCodeError} if the code is invalid or expired
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Principal
  */
-export declare const exchangeCode: (code: string, options: ExchangeCodeOptions) => Promise<ExtendedPrincipal | Forbidden | InvalidCode>;
+export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<ExtendedPrincipal>;
 /**
- * Decode and verify a Passlock idToken.
- * Note: This will make a network call to the passlock.dev/.well-known/jwks.json
- * endpoint to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS lambda it will make the call on every
+ * Decode and verify a Passlock `id_token` (JWT).
+ * Note: This will make a network call to
+ * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
+ * to fetch the relevant public key. The response will be cached, however
+ * bear in mind that for something like AWS Lambda it will make the call on every
  * cold start so might actually be slower than {@link exchangeCode}
- * @param token
+ *
  * @param options
- * @returns
- */
-export declare const verifyIdToken: (token: string, options: VerifyTokenOptions) => Promise<Principal | VerificationFailure>;
-export type { AssignUserRequest, DeleteAuthenticatorOptions, GetAuthenticatorOptions, ListPasskeyOptions, } from "./passkey.js";
-export type { ExchangeCodeOptions, VerifyTokenOptions } from "./principal.js";
-export type { AuthenticatedTenancyOptions, TenancyOptions } from "./shared.js";
-export { VerificationFailure } from "./principal.js";
-export * from "./schemas/index.js";
+ * @returns A promise resolving to the verified principal.
+ * @throws {@link VerificationError} if token verification fails
+ *
+ * @category Principal
+ */
+export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Promise<Principal>;
+export type { BadRequestError, DuplicateEmailError, ForbiddenError, InvalidCodeError, InvalidEmailError, InvalidTenancyError, NotFoundError, PasskeyNotFoundError, UnauthorizedError, VerificationError, } from "./errors.js";
+export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
+export type { AssignUserOptions, Credential, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, PasskeySummary, Platform, UpdatedPasskeys, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions, } from "./passkey/passkey.js";
+export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
+export type { ExchangeCodeOptions, VerifyIdTokenOptions, } from "./principal/principal.js";
+export type { CredentialDeviceType, Transports, } from "./schemas/passkey.js";
+export type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
+export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
+export type { AuthenticatedOptions, PasslockOptions, } from "./shared.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,iBAAiB,EACjB,0BAA0B,EAC1B,uBAAuB,EACvB,kBAAkB,EAClB,OAAO,EACR,MAAM,cAAc,CAAA;AACrB,OAAO,KAAK,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AAClG,OAAO,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAC3E,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AAC3E,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAW1E;;;;;GAKG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,GAAG,QAAQ,GAAG,SAAS,CAK3F,CAAA;AAEH;;;;;GAKG;AACH,eAAO,MAAM,aAAa,GACxB,WAAW,MAAM,EACjB,SAAS,0BAA0B,KAClC,OAAO,CAAC,cAAc,GAAG,SAAS,GAAG,QAAQ,CAK7C,CAAA;AAEH;;;;;GAKG;AACH,eAAO,MAAM,UAAU,GACrB,iBAAiB,MAAM,EACvB,SAAS,uBAAuB,KAC/B,OAAO,CAAC,OAAO,GAAG,SAAS,GAAG,QAAQ,CAKtC,CAAA;AAEH;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAI,SAAS,kBAAkB,KAAG,OAAO,CAAC,eAAe,GAAG,SAAS,CAK3F,CAAA;AAEH;;;;;GAKG;AACH,eAAO,MAAM,YAAY,GACvB,MAAM,MAAM,EACZ,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,GAAG,SAAS,GAAG,WAAW,CAMnD,CAAA;AAEH;;;;;;;;;GASG;AACH,eAAO,MAAM,aAAa,GACxB,OAAO,MAAM,EACb,SAAS,kBAAkB,KAC1B,OAAO,CAAC,SAAS,GAAG,mBAAmB,CAKvC,CAAA;AAEH,YAAY,EACV,iBAAiB,EACjB,0BAA0B,EAC1B,uBAAuB,EACvB,kBAAkB,GACnB,MAAM,cAAc,CAAA;AACrB,YAAY,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAA;AAC7E,YAAY,EAAE,2BAA2B,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC9E,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAA;AACpD,cAAc,oBAAoB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,KAAK,EACV,iBAAiB,EACjB,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,EAC9B,MAAM,sBAAsB,CAAA;AAS7B,OAAO,KAAK,EACV,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAKjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE1E;;;;;;;;;GASG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,CACxB,CAAA;AAE/C;;;;;;;;;GASG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,CAAqD,CAAA;AAEvE;;;;;;;;;GASG;AACH,eAAO,MAAM,sBAAsB,GACjC,SAAS,6BAA6B,KACrC,OAAO,CAAC,uBAAuB,CACyB,CAAA;AAE3D;;;;;;;;;GASG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,CAAqD,CAAA;AAEvE;;;;;;;;;GASG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,CACxB,CAAA;AAE/C;;;;;;;;;GASG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,KAC1B,OAAO,CAAC,eAAe,CAAoD,CAAA;AAE9E;;;;;;;;;GASG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,CAAoD,CAAA;AAEhF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,SAAS,CAAqD,CAAA;AAIzE,YAAY,EACV,eAAe,EACf,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,iBAAiB,EACjB,UAAU,EACV,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,cAAc,EACd,QAAQ,EACR,eAAe,EACf,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EACV,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,oBAAoB,EACpB,UAAU,GACX,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC1E,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA;AACzE,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}

package/dist/index.js

@@ -1,52 +1,109 @@
-import { FetchHttpClient } from "@effect/platform";
-import { Effect, identity, pipe } from "effect";
-import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, } from "./passkey.js";
-import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE } from "./principal.js";
+/**
+ * Unsafe functions that could potentially throw errors.
+ *
+ * @categoryDescription Passkeys
+ * Functions and related types for managing passkeys
+ *
+ * @showCategories
+ *
+ * @module unsafe
+ */
+import { Effect, pipe } from "effect";
+import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, updatePasskey as updatePasskeyE, updatePasskeyUsernames as updatePasskeyUsernamesE, } from "./passkey/passkey.js";
+import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE, } from "./principal/principal.js";
 /**
  * Call the Passlock backend API to assign a userId to an authenticator
+ *
+ * @param request
+ * @returns A promise resolving to the updated passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
+ */
+export const assignUser = (request) => pipe(assignUserE(request), Effect.runPromise);
+/**
+ * Call the Passlock backend API to update passkey properties
+ *
  * @param request
+ * @returns A promise resolving to the updated passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
+ */
+export const updatePasskey = (request) => pipe(updatePasskeyE(request), Effect.runPromise);
+/**
+ * Call the Passlock backend API to update all passkeys for a given user
+ *
  * @param request
- * @returns
+ * @returns A promise resolving to updated usernames for matching passkeys.
+ * @throws {@link NotFoundError} if no passkeys are found for the given user
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export const assignUser = (request) => pipe(assignUserE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
+export const updatePasskeyUsernames = (request) => pipe(updatePasskeyUsernamesE(request), Effect.runPromise);
 /**
  * Call the Passlock backend API to delete an authenticator
+ *
  * @param options
- * @param options
- * @returns
+ * @returns A promise resolving to the deleted passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export const deletePasskey = (passkeyId, options) => pipe(deletePasskeyE(passkeyId, options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
+export const deletePasskey = (options) => pipe(deletePasskeyE(options), Effect.runPromise);
 /**
  * Call the Passlock backend API to fetch an authenticator
- * @param request
- * @param request
- * @returns
+ *
+ * @param options
+ * @returns A promise resolving to the passkey.
+ * @throws {@link NotFoundError} if passkey does not exist
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export const getPasskey = (authenticatorId, options) => pipe(getPasskeyE(authenticatorId, options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
+export const getPasskey = (options) => pipe(getPasskeyE(options), Effect.runPromise);
 /**
- * List passkeys for the given tenancy. Note this could return a cursor, in which case the function chould be called with the given cursor.
+ * List passkeys for the given tenancy. Note this could return a cursor,
+ * in which case the function should be called again with the given cursor.
+ *
  * @param options
- * @returns
+ * @returns A promise resolving to a page of passkey summaries.
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Passkeys
  */
-export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
+export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.runPromise);
 /**
- * Call the Passlock backend API to exchange a code for a Principal
- * @param code
- * @package options
- * @returns
+ * Call the Passlock backend API to exchange a code for an ExtendedPrincipal
+ *
+ * @param options
+ * @returns A promise resolving to an extended principal.
+ * @throws {@link InvalidCodeError} if the code is invalid or expired
+ * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
+ *
+ * @category Principal
  */
-export const exchangeCode = (code, options) => pipe(exchangeCodeE(code, options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.provide(FetchHttpClient.layer), Effect.runPromise);
+export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.runPromise);
 /**
- * Decode and verify a Passlock idToken.
- * Note: This will make a network call to the passlock.dev/.well-known/jwks.json
- * endpoint to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS lambda it will make the call on every
+ * Decode and verify a Passlock `id_token` (JWT).
+ * Note: This will make a network call to
+ * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
+ * to fetch the relevant public key. The response will be cached, however
+ * bear in mind that for something like AWS Lambda it will make the call on every
  * cold start so might actually be slower than {@link exchangeCode}
- * @param token
+ *
  * @param options
- * @returns
+ * @returns A promise resolving to the verified principal.
+ * @throws {@link VerificationError} if token verification fails
+ *
+ * @category Principal
  */
-export const verifyIdToken = (token, options) => pipe(verifyIdTokenE(token, options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-export { VerificationFailure } from "./principal.js";
-export * from "./schemas/index.js";
+export const verifyIdToken = (options) => pipe(verifyIdTokenE(options), Effect.runPromise);
+export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
+export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
+export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC/C,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,GAC9B,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,YAAY,IAAI,aAAa,EAAE,aAAa,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAE/F;;;;;GAKG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAA2C,EAAE,CAChG,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,SAAiB,EACjB,OAAmC,EACa,EAAE,CAClD,IAAI,CACF,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,EAClC,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,eAAuB,EACvB,OAAgC,EACS,EAAE,CAC3C,IAAI,CACF,WAAW,CAAC,eAAe,EAAE,OAAO,CAAC,EACrC,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;GAIG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,OAA2B,EAAwC,EAAE,CAChG,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,IAAY,EACZ,OAA4B,EAC0B,EAAE,CACxD,IAAI,CACF,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,EAC5B,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAa,EACb,OAA2B,EACe,EAAE,CAC5C,IAAI,CACF,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAC9B,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAUH,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAA;AACpD,cAAc,oBAAoB,CAAA","sourcesContent":["import type {\n  AssignUserRequest,\n  DeleteAuthenticatorOptions,\n  GetAuthenticatorOptions,\n  ListPasskeyOptions,\n  Passkey,\n} from \"./passkey.js\"\nimport type { ExchangeCodeOptions, VerificationFailure, VerifyTokenOptions } from \"./principal.js\"\nimport type { Forbidden, InvalidCode, NotFound } from \"./schemas/errors.js\"\nimport type { DeletedPasskey, FindAllPasskeys } from \"./schemas/passkey.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nimport { FetchHttpClient } from \"@effect/platform\"\nimport { Effect, identity, pipe } from \"effect\"\nimport {\n  assignUser as assignUserE,\n  deletePasskey as deletePasskeyE,\n  getPasskey as getPasskeyE,\n  listPasskeys as listPasskeysE,\n} from \"./passkey.js\"\nimport { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE } from \"./principal.js\"\n\n/**\n * Call the Passlock backend API to assign a userId to an authenticator\n * @param request\n * @param request\n * @returns\n */\nexport const assignUser = (request: AssignUserRequest): Promise<Passkey | NotFound | Forbidden> =>\n  pipe(\n    assignUserE(request),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Call the Passlock backend API to delete an authenticator\n * @param options\n * @param options\n * @returns\n */\nexport const deletePasskey = (\n  passkeyId: string,\n  options: DeleteAuthenticatorOptions\n): Promise<DeletedPasskey | Forbidden | NotFound> =>\n  pipe(\n    deletePasskeyE(passkeyId, options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Call the Passlock backend API to fetch an authenticator\n * @param request\n * @param request\n * @returns\n */\nexport const getPasskey = (\n  authenticatorId: string,\n  options: GetAuthenticatorOptions\n): Promise<Passkey | Forbidden | NotFound> =>\n  pipe(\n    getPasskeyE(authenticatorId, options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * List passkeys for the given tenancy. Note this could return a cursor, in which case the function chould be called with the given cursor.\n * @param options\n * @returns\n */\nexport const listPasskeys = (options: ListPasskeyOptions): Promise<FindAllPasskeys | Forbidden> =>\n  pipe(\n    listPasskeysE(options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Call the Passlock backend API to exchange a code for a Principal\n * @param code\n * @package options\n * @returns\n */\nexport const exchangeCode = (\n  code: string,\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal | Forbidden | InvalidCode> =>\n  pipe(\n    exchangeCodeE(code, options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.provide(FetchHttpClient.layer),\n    Effect.runPromise\n  )\n\n/**\n * Decode and verify a Passlock idToken.\n * Note: This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n * @param token\n * @param options\n * @returns\n */\nexport const verifyIdToken = (\n  token: string,\n  options: VerifyTokenOptions\n): Promise<Principal | VerificationFailure> =>\n  pipe(\n    verifyIdTokenE(token, options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\nexport type {\n  AssignUserRequest,\n  DeleteAuthenticatorOptions,\n  GetAuthenticatorOptions,\n  ListPasskeyOptions,\n} from \"./passkey.js\"\nexport type { ExchangeCodeOptions, VerifyTokenOptions } from \"./principal.js\"\nexport type { AuthenticatedTenancyOptions, TenancyOptions } from \"./shared.js\"\nexport { VerificationFailure } from \"./principal.js\"\nexport * from \"./schemas/index.js\"\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAYrC,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,EAC/B,sBAAsB,IAAI,uBAAuB,GAClD,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EACL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,0BAA0B,CAAA;AAGjC;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAAoB,EAAE,CACzE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE/C;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACX,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEvE;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EACJ,EAAE,CACpC,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE3D;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACX,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEvE;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAAoB,EAAE,CACzE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE/C;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EACD,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE9E;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EACA,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEhF;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACT,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAgBzE,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AAgBpB,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAU7B,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA","sourcesContent":["/**\n * Unsafe functions that could potentially throw errors.\n *\n * @categoryDescription Passkeys\n * Functions and related types for managing passkeys\n *\n * @showCategories\n *\n * @module unsafe\n */\n\nimport { Effect, pipe } from \"effect\"\nimport type {\n  AssignUserOptions,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  UpdatedPasskeyUsernames,\n  UpdatePasskeyOptions,\n  UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nimport {\n  assignUser as assignUserE,\n  deletePasskey as deletePasskeyE,\n  getPasskey as getPasskeyE,\n  listPasskeys as listPasskeysE,\n  updatePasskey as updatePasskeyE,\n  updatePasskeyUsernames as updatePasskeyUsernamesE,\n} from \"./passkey/passkey.js\"\nimport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nimport {\n  exchangeCode as exchangeCodeE,\n  verifyIdToken as verifyIdTokenE,\n} from \"./principal/principal.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\n\n/**\n * Call the Passlock backend API to assign a userId to an authenticator\n *\n * @param request\n * @returns A promise resolving to the updated passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const assignUser = (request: AssignUserOptions): Promise<Passkey> =>\n  pipe(assignUserE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to update passkey properties\n *\n * @param request\n * @returns A promise resolving to the updated passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n  request: UpdatePasskeyOptions\n): Promise<Passkey> => pipe(updatePasskeyE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to update all passkeys for a given user\n *\n * @param request\n * @returns A promise resolving to updated usernames for matching passkeys.\n * @throws {@link NotFoundError} if no passkeys are found for the given user\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const updatePasskeyUsernames = (\n  request: UpdatePasskeyUsernamesOptions\n): Promise<UpdatedPasskeyUsernames> =>\n  pipe(updatePasskeyUsernamesE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to delete an authenticator\n *\n * @param options\n * @returns A promise resolving to the deleted passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n  options: DeletePasskeyOptions\n): Promise<Passkey> => pipe(deletePasskeyE(options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to fetch an authenticator\n *\n * @param options\n * @returns A promise resolving to the passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const getPasskey = (options: GetPasskeyOptions): Promise<Passkey> =>\n  pipe(getPasskeyE(options), Effect.runPromise)\n\n/**\n * List passkeys for the given tenancy. Note this could return a cursor,\n * in which case the function should be called again with the given cursor.\n *\n * @param options\n * @returns A promise resolving to a page of passkey summaries.\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n  options: ListPasskeyOptions\n): Promise<FindAllPasskeys> => pipe(listPasskeysE(options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to exchange a code for an ExtendedPrincipal\n *\n * @param options\n * @returns A promise resolving to an extended principal.\n * @throws {@link InvalidCodeError} if the code is invalid or expired\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Principal\n */\nexport const exchangeCode = (\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal> => pipe(exchangeCodeE(options), Effect.runPromise)\n\n/**\n * Decode and verify a Passlock `id_token` (JWT).\n * Note: This will make a network call to\n * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)\n * to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS Lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n *\n * @param options\n * @returns A promise resolving to the verified principal.\n * @throws {@link VerificationError} if token verification fails\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n  options: VerifyIdTokenOptions\n): Promise<Principal> => pipe(verifyIdTokenE(options), Effect.runPromise)\n\n/* Re-exports */\n\nexport type {\n  BadRequestError,\n  DuplicateEmailError,\n  ForbiddenError,\n  InvalidCodeError,\n  InvalidEmailError,\n  InvalidTenancyError,\n  NotFoundError,\n  PasskeyNotFoundError,\n  UnauthorizedError,\n  VerificationError,\n} from \"./errors.js\"\nexport {\n  isBadRequestError,\n  isDuplicateEmailError,\n  isForbiddenError,\n  isInvalidCodeError,\n  isInvalidEmailError,\n  isInvalidTenancyError,\n  isNotFoundError,\n  isPasskeyNotFoundError,\n  isUnauthorizedError,\n  isVerificationError,\n} from \"./errors.js\"\nexport type {\n  AssignUserOptions,\n  Credential,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  PasskeySummary,\n  Platform,\n  UpdatedPasskeys,\n  UpdatedPasskeyUsernames,\n  UpdatePasskeyOptions,\n  UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nexport {\n  isPasskey,\n  isPasskeySummary,\n  isUpdatedPasskeys,\n  isUpdatedPasskeyUsernames,\n} from \"./passkey/passkey.js\"\nexport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nexport type {\n  CredentialDeviceType,\n  Transports,\n} from \"./schemas/passkey.js\"\nexport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nexport { isExtendedPrincipal, isPrincipal } from \"./schemas/principal.js\"\nexport type {\n  AuthenticatedOptions,\n  PasslockOptions,\n} from \"./shared.js\"\n"]}