@passlock/node 2.0.1 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/effect.d.ts +5 -5
- package/dist/effect.d.ts.map +1 -1
- package/dist/effect.js +2 -2
- package/dist/effect.js.map +1 -1
- package/dist/errors.d.ts +71 -0
- package/dist/errors.d.ts.map +1 -0
- package/dist/errors.js +30 -0
- package/dist/errors.js.map +1 -0
- package/dist/index.d.ts +93 -34
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +87 -30
- package/dist/index.js.map +1 -1
- package/dist/network.d.ts +134 -0
- package/dist/network.d.ts.map +1 -0
- package/dist/network.js +172 -0
- package/dist/network.js.map +1 -0
- package/dist/passkey/passkey.d.ts +132 -0
- package/dist/passkey/passkey.d.ts.map +1 -0
- package/dist/passkey/passkey.js +158 -0
- package/dist/passkey/passkey.js.map +1 -0
- package/dist/principal/principal.d.ts +22 -0
- package/dist/principal/principal.d.ts.map +1 -0
- package/dist/{principal.js → principal/principal.js} +28 -27
- package/dist/principal/principal.js.map +1 -0
- package/dist/safe.d.ts +154 -0
- package/dist/safe.d.ts.map +1 -0
- package/dist/safe.js +147 -0
- package/dist/safe.js.map +1 -0
- package/dist/schemas/errors.d.ts +0 -75
- package/dist/schemas/errors.d.ts.map +1 -1
- package/dist/schemas/errors.js +51 -22
- package/dist/schemas/errors.js.map +1 -1
- package/dist/schemas/passkey.d.ts +41 -19
- package/dist/schemas/passkey.d.ts.map +1 -1
- package/dist/schemas/passkey.js +21 -16
- package/dist/schemas/passkey.js.map +1 -1
- package/dist/schemas/principal.d.ts +46 -6
- package/dist/schemas/principal.d.ts.map +1 -1
- package/dist/schemas/principal.js +6 -6
- package/dist/schemas/principal.js.map +1 -1
- package/dist/schemas/satisfy.d.ts +2 -0
- package/dist/schemas/satisfy.d.ts.map +1 -0
- package/dist/schemas/satisfy.js +2 -0
- package/dist/schemas/satisfy.js.map +1 -0
- package/dist/shared.d.ts +3 -5
- package/dist/shared.d.ts.map +1 -1
- package/dist/shared.js +0 -3
- package/dist/shared.js.map +1 -1
- package/package.json +21 -22
- package/dist/passkey.d.ts +0 -24
- package/dist/passkey.d.ts.map +0 -1
- package/dist/passkey.js +0 -87
- package/dist/passkey.js.map +0 -1
- package/dist/principal.d.ts +0 -18
- package/dist/principal.d.ts.map +0 -1
- package/dist/principal.js.map +0 -1
- package/dist/testUtils.d.ts +0 -11
- package/dist/testUtils.d.ts.map +0 -1
- package/dist/testUtils.js +0 -25
- package/dist/testUtils.js.map +0 -1
- package/dist/unsafe.d.ts +0 -55
- package/dist/unsafe.d.ts.map +0 -1
- package/dist/unsafe.js +0 -52
- package/dist/unsafe.js.map +0 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/passkey/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,EACL,KAAK,EACL,MAAM,EAEN,KAAK,EACL,MAAM,EACN,IAAI,EACJ,MAAM,EACN,MAAM,GACP,MAAM,QAAQ,CAAA;AAEf,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAKjB,MAAM,eAAe,CAAA;AACtB,OAAO,EACL,eAAe,IAAI,qBAAqB,EACxC,cAAc,EACd,aAAa,GACd,MAAM,qBAAqB,CAAA;AAC5B,OAAO,KAAK,cAAc,MAAM,uBAAuB,CAAA;AA+DvD,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAgB,EAAsB,EAAE,CAChE,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA;AAuB5C,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAA;AAkBnD,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAmBpD,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAuBpD,MAAM,CAAC,MAAM,yBAAyB,GAAG,CACvC,OAAgB,EACoB,EAAE;IACtC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC7C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAClC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAClD,IAAI,OAAO,CAAC,IAAI,KAAK,yBAAyB;QAAE,OAAO,KAAK,CAAA;IAE5D,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAED,iCAAiC;AAEjC,MAAM,oBAAoB,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,CAAC;IAChD,aAAa,EAAE,UAAU,MAAM,EAAE;CAClC,CAAC,CAAA;AAEF,MAAM,kBAAkB,GAAG,CACzB,QAAyB,EACzB,MAA8B,EAC9B,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;AAQtE,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAQH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,cAAc,EAAE,EAAE,CACtC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAC/B,EACD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAgBH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IACrC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,EACV;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAUH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAC/C,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AASH,MAAM,kBAAkB,GAAG,CACzB,OAAiC,EACjC,aAAwC,gBAAgB,EACQ,EAAE,CAClE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IACpC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,UAAU,MAAM,YAAY,EAAE,OAAO,CAAC,CAAA;IAEvE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CACb,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,eAAe,CAAC;QACzD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,EAChE,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAUH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EACtC,aAAwC,gBAAgB,EACgB,EAAE,CAC1E,IAAI,CACF,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,EACvC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EACtC,MAAM,CAAC,GAAG,CACR,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;IACpB,OAAO;QACL,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;QAC7B,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;QACjC,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ;QACrC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ;KAChE,CAAA;AACH,CAAC,CAAC,CACH,EACD,MAAM,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IAC3B,IAAI,EAAE,yBAAyB;IAC/B,WAAW;CACZ,CAAC,CAAC,CACJ,CAAA;AAEH,mBAAmB;AAEnB,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAA6B,EAC7B,aAAwC,gBAAgB,EACT,EAAE,CACjD,IAAI,CACF,MAAM,CAAC,mBAAmB,CAAC,IAAqB,EAAE,CAAC,MAAM,EAAE,EAAE,CAC3D,IAAI,CACF,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,EACnE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC;IACrB,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC;IAClC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC;CACnC,CAAC,CACH,CACF,CACF,CAAA;AAMH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EAC3B,aAAwC,gBAAgB,EACR,EAAE,CAClD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,YAAY,EAAE,OAAO,CAAC,CAAA;IACvD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GAAqC,KAAK,CAAC,CAAC,WAAW,CAClE,QAAQ,EACR;QACE,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,qBAAqB,CAAC;QAC9D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC;KACzD,CACF,CAAA;IAED,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EAC5D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA","sourcesContent":["import {\n Array,\n Chunk,\n Effect,\n type Layer,\n Match,\n Option,\n pipe,\n Schema,\n Stream,\n} from \"effect\"\nimport type { satisfy } from \"src/schemas/satisfy.js\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponse,\n type NetworkResponseError,\n} from \"../network.js\"\nimport {\n FindAllPasskeys as FindAllPasskeysSchema,\n ForbiddenError,\n NotFoundError,\n} from \"../schemas/index.js\"\nimport * as PasskeySchemas from \"../schemas/passkey.js\"\nimport type { AuthenticatedOptions } from \"../shared.js\"\n\n/* Passkey */\n\n/**\n * WebAuthn specific passkey data\n */\nexport type Credential = {\n id: string\n userId: string\n username: string\n aaguid: string\n backedUp: boolean\n counter: number\n deviceType: PasskeySchemas.CredentialDeviceType\n transports: ReadonlyArray<PasskeySchemas.Transports>\n publicKey: Uint8Array<ArrayBufferLike>\n rpId: string\n}\n\n/**\n * Passkeys are usually synced across devices **but only within\n * a specific platform/ecosystem** e.g. a passkey created on Apple\n * devices would typically be synced across devices sharing the same\n * iCloud ID.\n *\n * However, if the user also wants to sign in from their Windows\n * or Android/Chrome devices they will need an additional passkey.\n * Therefore when listing the passkeys registered to a user's account\n * it's a good idea to tell them which platform the passkeys relate to.\n *\n * We've also included links to icons (SVG) so you can give your users\n * a quick visual indication.\n */\nexport type Platform = {\n name?: string | undefined\n icon?: string | undefined\n}\n\n/**\n * The server-side component of a passkey\n *\n * @category Passkeys\n */\nexport type Passkey = {\n _tag: \"Passkey\"\n /**\n * Not to be confused with the credential.id\n */\n id: string\n /**\n * Not to be confused with the credential.userId\n */\n userId?: string | undefined\n enabled: boolean\n credential: Credential\n platform?: Platform | undefined\n lastUsed?: number | undefined\n createdAt: number\n updatedAt: number\n}\n\nexport const isPasskey = (payload: unknown): payload is Passkey =>\n Schema.is(PasskeySchemas.Passkey)(payload)\n\n/**\n * needed to ensure the Passkey === Passkey.Type\n * @internal\n * */\nexport type _Passkey = satisfy<typeof PasskeySchemas.Passkey.Type, Passkey>\n\n/* PasskeySummary */\n\nexport type PasskeySummary = {\n readonly _tag: \"PasskeySummary\"\n readonly id: string\n readonly userId: string\n readonly enabled: boolean\n readonly credential: {\n readonly id: string\n readonly userId: string\n }\n readonly lastUsed?: number | undefined\n readonly createdAt: number\n}\n\nexport const isPasskeySummary = (payload: unknown): payload is PasskeySummary =>\n Schema.is(PasskeySchemas.PasskeySummary)(payload)\n\n/**\n * needed to ensure the PasskeySummary === PasskeySummary.Type\n * @internal\n */\nexport type _PasskeySummary = satisfy<\n typeof PasskeySchemas.PasskeySummary.Type,\n PasskeySummary\n>\n\n/* UpdatedPasskeys */\n\nexport type UpdatedPasskeys = {\n _tag: \"UpdatedPasskeys\"\n updated: ReadonlyArray<Passkey>\n}\n\nexport const isUpdatedPasskeys = (\n payload: unknown\n): payload is UpdatedPasskeys =>\n Schema.is(PasskeySchemas.UpdatedPasskeys)(payload)\n\n/**\n * needed to ensure the UpdatedPasskeys === UpdatedPasskeys.Type\n * @internal\n * */\nexport type _UpdatedPasskeys = satisfy<\n typeof PasskeySchemas.UpdatedPasskeys.Type,\n UpdatedPasskeys\n>\n\n/* FindAllPasskeys */\n\nexport type FindAllPasskeys = {\n readonly _tag: \"FindAllPasskeys\"\n readonly cursor: string | null\n readonly records: ReadonlyArray<PasskeySummary>\n}\n\nexport const isFindAllPasskeys = (\n payload: unknown\n): payload is FindAllPasskeys =>\n Schema.is(PasskeySchemas.FindAllPasskeys)(payload)\n\n/**\n * needed to ensure the FindAllPasskeys === FindAllPasskeys.Type\n * @internal\n */\nexport type _FindAllPasskeys = satisfy<\n typeof FindAllPasskeysSchema.Type,\n FindAllPasskeys\n>\n\n/* UpdatedPasskeyUsernames (update names by userId) */\n\nexport type UpdatedPasskeyUsernames = {\n _tag: \"UpdatedPasskeyUsernames\"\n credentials: ReadonlyArray<{\n rpId: string\n userId: string\n username: string\n displayName: string\n }>\n}\n\nexport const isUpdatedPasskeyUsernames = (\n payload: unknown\n): payload is UpdatedPasskeyUsernames => {\n if (typeof payload !== \"object\") return false\n if (payload === null) return false\n if (!(\"_tag\" in payload)) return false\n if (typeof payload._tag !== \"string\") return false\n if (payload._tag !== \"UpdatedPasskeyUsernames\") return false\n\n return true\n}\n\n/* END UpdatedPasskeyUsernames */\n\nconst authorizationHeaders = (apiKey: string) => ({\n authorization: `Bearer ${apiKey}`,\n})\n\nconst decodeResponseJson = <A, I, R>(\n response: NetworkResponse,\n schema: Schema.Schema<A, I, R>\n) => pipe(response.json, Effect.flatMap(Schema.decodeUnknown(schema)))\n\n/* Get Passkey */\n\nexport interface GetPasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const getPasskey = (\n options: GetPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Delete Passkey */\n\nexport interface DeletePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const deletePasskey = (\n options: DeletePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"delete\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (deletedPasskey) =>\n Effect.succeed(deletedPasskey)\n ),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Assign User */\n\n/**\n * @category Passkeys\n */\nexport interface AssignUserOptions extends AuthenticatedOptions {\n passkeyId: string\n\n /**\n * Custom User ID to align with your own systems\n */\n userId: string\n}\n\n// TODO reuse updatePasskey\nexport const assignUser = (\n options: AssignUserOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { userId, passkeyId } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkey */\n\nexport interface UpdatePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n userId?: string\n username?: string\n}\n\nexport const updatePasskey = (\n options: UpdatePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, passkeyId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkeys by userId (currently not exported) */\n\ninterface UpdateUserPasskeyOptions extends AuthenticatedOptions {\n userId: string\n username?: string\n}\n\nconst updateUserPasskeys = (\n options: UpdateUserPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedPasskeys, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/users/${userId}/passkeys/`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: UpdatedPasskeys | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) =>\n decodeResponseJson(res, PasskeySchemas.UpdatedPasskeys),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"UpdatedPasskeys\", (result) => Effect.succeed(result)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update usernames by userId */\n\nexport interface UpdatePasskeyUsernamesOptions extends AuthenticatedOptions {\n userId: string\n username: string\n displayName?: string\n}\n\nexport const updatePasskeyUsernames = (\n options: UpdatePasskeyUsernamesOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedPasskeyUsernames, NotFoundError | ForbiddenError> =>\n pipe(\n updateUserPasskeys(options, fetchLayer),\n Effect.map((result) => result.updated),\n Effect.map(\n Array.map((passkey) => {\n return {\n rpId: passkey.credential.rpId,\n userId: passkey.credential.userId,\n username: passkey.credential.username,\n displayName: options.displayName ?? passkey.credential.username,\n }\n })\n ),\n Effect.map((credentials) => ({\n _tag: \"UpdatedPasskeyUsernames\",\n credentials,\n }))\n )\n\n/* List Passkeys */\n\nexport const listPasskeysStream = (\n options: AuthenticatedOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Stream.Stream<PasskeySummary, ForbiddenError> =>\n pipe(\n Stream.paginateChunkEffect(null as string | null, (cursor) =>\n pipe(\n listPasskeys(cursor ? { ...options, cursor } : options, fetchLayer),\n Effect.map((result) => [\n Chunk.fromIterable(result.records),\n Option.fromNullable(result.cursor),\n ])\n )\n )\n )\n\nexport interface ListPasskeyOptions extends AuthenticatedOptions {\n cursor?: string\n}\n\nexport const listPasskeys = (\n options: ListPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<FindAllPasskeys, ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/`, baseUrl)\n if (options.cursor) {\n url.searchParams.append(\"cursor\", options.cursor)\n }\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: FindAllPasskeys | ForbiddenError = yield* matchStatus(\n response,\n {\n \"2xx\": (res) => decodeResponseJson(res, FindAllPasskeysSchema),\n orElse: (res) => decodeResponseJson(res, ForbiddenError),\n }\n )\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"FindAllPasskeys\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n"]}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import { Effect, type Layer } from "effect";
|
|
2
|
+
import { type NetworkFetch } from "../network.js";
|
|
3
|
+
import { ForbiddenError, InvalidCodeError } from "../schemas/errors.js";
|
|
4
|
+
import { type ExtendedPrincipal, type Principal } from "../schemas/principal.js";
|
|
5
|
+
import type { AuthenticatedOptions, PasslockOptions } from "../shared.js";
|
|
6
|
+
export interface ExchangeCodeOptions extends AuthenticatedOptions {
|
|
7
|
+
code: string;
|
|
8
|
+
}
|
|
9
|
+
export declare const exchangeCode: (options: ExchangeCodeOptions, fetchLayer?: Layer.Layer<NetworkFetch>) => Effect.Effect<ExtendedPrincipal, InvalidCodeError | ForbiddenError>;
|
|
10
|
+
declare const VerificationError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => import("effect/Cause").YieldableError & {
|
|
11
|
+
readonly _tag: "@error/Verification";
|
|
12
|
+
} & Readonly<A>;
|
|
13
|
+
export declare class VerificationError extends VerificationError_base<{
|
|
14
|
+
message: string;
|
|
15
|
+
}> {
|
|
16
|
+
}
|
|
17
|
+
export interface VerifyIdTokenOptions extends PasslockOptions {
|
|
18
|
+
token: string;
|
|
19
|
+
}
|
|
20
|
+
export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Effect.Effect<Principal, VerificationError>;
|
|
21
|
+
export {};
|
|
22
|
+
//# sourceMappingURL=principal.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,MAAM,EAAE,KAAK,KAAK,EAAuB,MAAM,QAAQ,CAAA;AAGtE,OAAO,EAGL,KAAK,YAAY,EAKlB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EACL,KAAK,iBAAiB,EAGtB,KAAK,SAAS,EACf,MAAM,yBAAyB,CAAA;AAEhC,OAAO,KAAK,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAEzE,MAAM,WAAW,mBAAoB,SAAQ,oBAAoB;IAC/D,IAAI,EAAE,MAAM,CAAA;CACb;AAED,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,EAC5B,aAAY,KAAK,CAAC,KAAK,CAAC,YAAY,CAAoB,KACvD,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,gBAAgB,GAAG,cAAc,CAiDlE,CAAA;;;;AAEH,qBAAa,iBAAkB,SAAQ,uBAAwC;IAC7E,OAAO,EAAE,MAAM,CAAA;CAChB,CAAC;CAAG;AAEL,MAAM,WAAW,oBAAqB,SAAQ,eAAe;IAC3D,KAAK,EAAE,MAAM,CAAA;CACd;AAED,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,iBAAiB,CAwC1C,CAAA"}
|
|
@@ -1,48 +1,44 @@
|
|
|
1
|
-
import { FetchHttpClient, HttpClient, HttpClientResponse } from "@effect/platform";
|
|
2
1
|
import { Data, Effect, Match, pipe, Schema } from "effect";
|
|
3
2
|
import * as jose from "jose";
|
|
4
|
-
import {
|
|
5
|
-
import {
|
|
6
|
-
|
|
7
|
-
|
|
3
|
+
import { fetchNetwork, matchStatus, NetworkFetchLive, } from "../network.js";
|
|
4
|
+
import { ForbiddenError, InvalidCodeError } from "../schemas/errors.js";
|
|
5
|
+
import { ExtendedPrincipalSchema, IdTokenSchema, } from "../schemas/principal.js";
|
|
6
|
+
export const exchangeCode = (options, fetchLayer = NetworkFetchLive) => pipe(Effect.gen(function* () {
|
|
8
7
|
const baseUrl = options.endpoint ?? "https://api.passlock.dev";
|
|
9
|
-
const { tenancyId } = options;
|
|
8
|
+
const { tenancyId, code } = options;
|
|
10
9
|
const url = new URL(`/${tenancyId}/principal/${code}`, baseUrl);
|
|
11
|
-
const response = yield*
|
|
12
|
-
headers: {
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
10
|
+
const response = yield* fetchNetwork(url, "get", undefined, {
|
|
11
|
+
headers: {
|
|
12
|
+
authorization: `Bearer ${options.apiKey}`,
|
|
13
|
+
},
|
|
14
|
+
});
|
|
15
|
+
const encoded = yield* matchStatus(response, {
|
|
16
|
+
"2xx": ({ json }) => pipe(json, Effect.flatMap(Schema.decodeUnknown(ExtendedPrincipalSchema))),
|
|
17
|
+
orElse: ({ json }) => pipe(json, Effect.flatMap(Schema.decodeUnknown(Schema.Union(InvalidCodeError, ForbiddenError)))),
|
|
17
18
|
});
|
|
18
19
|
return yield* pipe(Match.value(encoded), Match.tag("ExtendedPrincipal", (principal) => Effect.succeed(principal)), Match.tag("@error/InvalidCode", (err) => Effect.fail(err)), Match.tag("@error/Forbidden", (err) => Effect.fail(err)), Match.exhaustive);
|
|
19
20
|
}), Effect.catchTags({
|
|
21
|
+
"@error/NetworkPayload": (err) => Effect.die(err),
|
|
22
|
+
"@error/NetworkRequest": (err) => Effect.die(err),
|
|
23
|
+
"@error/NetworkResponse": (err) => Effect.die(err),
|
|
20
24
|
ParseError: (err) => Effect.die(err),
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
}), Effect.provide(httpClient));
|
|
24
|
-
const createJwks = (endpoint) => Effect.sync(() => {
|
|
25
|
-
const baseUrl = endpoint ?? "https://api.passlock.dev";
|
|
26
|
-
return jose.createRemoteJWKSet(new URL("/.well-known/jwks.json", baseUrl));
|
|
27
|
-
});
|
|
28
|
-
const createCachedRemoteJwks = pipe(Effect.cachedFunction(createJwks), Effect.runSync);
|
|
29
|
-
export class VerificationFailure extends Data.TaggedError("@error/VerificationFailure") {
|
|
25
|
+
}), Effect.provide(fetchLayer));
|
|
26
|
+
export class VerificationError extends Data.TaggedError("@error/Verification") {
|
|
30
27
|
}
|
|
31
|
-
export const verifyIdToken = (
|
|
28
|
+
export const verifyIdToken = (options) => pipe(Effect.gen(function* () {
|
|
32
29
|
const JWKS = yield* createCachedRemoteJwks(options.endpoint);
|
|
33
30
|
const { payload } = yield* Effect.tryPromise({
|
|
34
31
|
catch: (err) => {
|
|
35
|
-
console.error(err);
|
|
36
32
|
return err instanceof Error
|
|
37
|
-
? new
|
|
38
|
-
: new
|
|
33
|
+
? new VerificationError({ message: err.message })
|
|
34
|
+
: new VerificationError({ message: String(err) });
|
|
39
35
|
},
|
|
40
|
-
try: () => jose.jwtVerify(token, JWKS, {
|
|
36
|
+
try: () => jose.jwtVerify(options.token, JWKS, {
|
|
41
37
|
audience: options.tenancyId,
|
|
42
38
|
issuer: "passlock.dev",
|
|
43
39
|
}),
|
|
44
40
|
});
|
|
45
|
-
const idToken = yield* Schema.decodeUnknown(
|
|
41
|
+
const idToken = yield* Schema.decodeUnknown(IdTokenSchema)({
|
|
46
42
|
...payload,
|
|
47
43
|
_tag: "IdToken",
|
|
48
44
|
});
|
|
@@ -61,4 +57,9 @@ export const verifyIdToken = (token, options) => pipe(Effect.gen(function* () {
|
|
|
61
57
|
};
|
|
62
58
|
return principal;
|
|
63
59
|
}), Effect.catchTag("ParseError", (err) => Effect.die(err)));
|
|
60
|
+
const createJwks = (endpoint) => Effect.sync(() => {
|
|
61
|
+
const baseUrl = endpoint ?? "https://api.passlock.dev";
|
|
62
|
+
return jose.createRemoteJWKSet(new URL("/.well-known/jwks.json", baseUrl));
|
|
63
|
+
});
|
|
64
|
+
const createCachedRemoteJwks = pipe(Effect.cachedFunction(createJwks), Effect.runSync);
|
|
64
65
|
//# sourceMappingURL=principal.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAc,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAEtE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAIjB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EAEL,uBAAuB,EACvB,aAAa,GAEd,MAAM,yBAAyB,CAAA;AAQhC,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EAC5B,aAAwC,gBAAgB,EACa,EAAE,CACvE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IAEnC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,cAAc,IAAI,EAAE,EAAE,OAAO,CAAC,CAAA;IAE/D,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE;SAC1C;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAClB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC,CAC9D;QACH,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACnB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CACZ,MAAM,CAAC,aAAa,CAClB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAC/C,CACF,CACF;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,SAAS,EAAE,EAAE,CAC3C,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,EACD,KAAK,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAEH,MAAM,OAAO,iBAAkB,SAAQ,IAAI,CAAC,WAAW,CAAC,qBAAqB,CAE3E;CAAG;AAML,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACgB,EAAE,CAC/C,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAE5D,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAC3C,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE;YACb,OAAO,GAAG,YAAY,KAAK;gBACzB,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC;gBACjD,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACrD,CAAC;QACD,GAAG,EAAE,GAAG,EAAE,CACR,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,MAAM,EAAE,cAAc;SACvB,CAAC;KACL,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QACzD,GAAG,OAAO;QACV,IAAI,EAAE,SAAS;KAChB,CAAC,CAAA;IAEF,MAAM,SAAS,GAAc;QAC3B,IAAI,EAAE,WAAW;QACjB,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC;QAClB,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC;QAChC,iBAAiB,EAAE,SAAS;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,OAAO,EAAE;YACP,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC;YAC9B,QAAQ,EAAE,IAAI;SACf;QACD,MAAM,EAAE,OAAO,CAAC,GAAG;KACpB,CAAA;IAED,OAAO,SAAS,CAAA;AAClB,CAAC,CAAC,EACF,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CACxD,CAAA;AAEH,MAAM,UAAU,GAAG,CAAC,QAAiB,EAAE,EAAE,CACvC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE;IACf,MAAM,OAAO,GAAG,QAAQ,IAAI,0BAA0B,CAAA;IAEtD,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC,CAAA;AAC5E,CAAC,CAAC,CAAA;AAEJ,MAAM,sBAAsB,GAAG,IAAI,CACjC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,EACjC,MAAM,CAAC,OAAO,CACf,CAAA","sourcesContent":["import { Data, Effect, type Layer, Match, pipe, Schema } from \"effect\"\n\nimport * as jose from \"jose\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponseError,\n} from \"../network.js\"\nimport { ForbiddenError, InvalidCodeError } from \"../schemas/errors.js\"\nimport {\n type ExtendedPrincipal,\n ExtendedPrincipalSchema,\n IdTokenSchema,\n type Principal,\n} from \"../schemas/principal.js\"\n\nimport type { AuthenticatedOptions, PasslockOptions } from \"../shared.js\"\n\nexport interface ExchangeCodeOptions extends AuthenticatedOptions {\n code: string\n}\n\nexport const exchangeCode = (\n options: ExchangeCodeOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<ExtendedPrincipal, InvalidCodeError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, code } = options\n\n const url = new URL(`/${tenancyId}/principal/${code}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: {\n authorization: `Bearer ${options.apiKey}`,\n },\n })\n\n const encoded: ExtendedPrincipal | InvalidCodeError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": ({ json }) =>\n pipe(\n json,\n Effect.flatMap(Schema.decodeUnknown(ExtendedPrincipalSchema))\n ),\n orElse: ({ json }) =>\n pipe(\n json,\n Effect.flatMap(\n Schema.decodeUnknown(\n Schema.Union(InvalidCodeError, ForbiddenError)\n )\n )\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"ExtendedPrincipal\", (principal) =>\n Effect.succeed(principal)\n ),\n Match.tag(\"@error/InvalidCode\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\nexport class VerificationError extends Data.TaggedError(\"@error/Verification\")<{\n message: string\n}> {}\n\nexport interface VerifyIdTokenOptions extends PasslockOptions {\n token: string\n}\n\nexport const verifyIdToken = (\n options: VerifyIdTokenOptions\n): Effect.Effect<Principal, VerificationError> =>\n pipe(\n Effect.gen(function* () {\n const JWKS = yield* createCachedRemoteJwks(options.endpoint)\n\n const { payload } = yield* Effect.tryPromise({\n catch: (err) => {\n return err instanceof Error\n ? new VerificationError({ message: err.message })\n : new VerificationError({ message: String(err) })\n },\n try: () =>\n jose.jwtVerify(options.token, JWKS, {\n audience: options.tenancyId,\n issuer: \"passlock.dev\",\n }),\n })\n\n const idToken = yield* Schema.decodeUnknown(IdTokenSchema)({\n ...payload,\n _tag: \"IdToken\",\n })\n\n const principal: Principal = {\n _tag: \"Principal\",\n id: idToken[\"jti\"],\n authenticatorId: idToken[\"a:id\"],\n authenticatorType: \"passkey\",\n createdAt: idToken.iat * 1000,\n expiresAt: idToken.exp * 1000,\n passkey: {\n userVerified: idToken[\"pk:uv\"],\n verified: true,\n },\n userId: idToken.sub,\n }\n\n return principal\n }),\n Effect.catchTag(\"ParseError\", (err) => Effect.die(err))\n )\n\nconst createJwks = (endpoint?: string) =>\n Effect.sync(() => {\n const baseUrl = endpoint ?? \"https://api.passlock.dev\"\n\n return jose.createRemoteJWKSet(new URL(\"/.well-known/jwks.json\", baseUrl))\n })\n\nconst createCachedRemoteJwks = pipe(\n Effect.cachedFunction(createJwks),\n Effect.runSync\n)\n"]}
|
package/dist/safe.d.ts
ADDED
|
@@ -0,0 +1,154 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Safe functions that return discriminated unions representing
|
|
3
|
+
* the successful outcome or expected failures.
|
|
4
|
+
*
|
|
5
|
+
* Note: unexpected runtime failures may still throw.
|
|
6
|
+
*
|
|
7
|
+
* @categoryDescription Passkeys
|
|
8
|
+
* Functions and related types for managing passkeys
|
|
9
|
+
*
|
|
10
|
+
* @showCategories
|
|
11
|
+
*
|
|
12
|
+
* @module safe
|
|
13
|
+
*/
|
|
14
|
+
import type { ForbiddenError, InvalidCodeError, NotFoundError, VerificationError } from "./errors.js";
|
|
15
|
+
import type { AssignUserOptions, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions } from "./passkey/passkey.js";
|
|
16
|
+
import type { ExchangeCodeOptions, VerifyIdTokenOptions } from "./principal/principal.js";
|
|
17
|
+
import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
|
|
18
|
+
/**
|
|
19
|
+
* Assign a custom User ID to a passkey. Will be reflected in the next
|
|
20
|
+
* {@link Principal} or {@link ExtendedPrincipal} generated.
|
|
21
|
+
*
|
|
22
|
+
* **Note:** This does not change the underlying WebAuthn credential's `userId`.
|
|
23
|
+
* Instead we apply a layer of indirection.
|
|
24
|
+
*
|
|
25
|
+
* @see {@link Principal}
|
|
26
|
+
* @see {@link ExtendedPrincipal}
|
|
27
|
+
* @see [credential](https://passlock.dev/rest-api/credential/)
|
|
28
|
+
*
|
|
29
|
+
* @param request
|
|
30
|
+
* @returns A promise resolving to either a passkey or an API error.
|
|
31
|
+
*
|
|
32
|
+
* @category Passkeys
|
|
33
|
+
*/
|
|
34
|
+
export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey | NotFoundError | ForbiddenError>;
|
|
35
|
+
/**
|
|
36
|
+
* Can also be used to assign a custom User ID, but also allows you to update
|
|
37
|
+
* the username.
|
|
38
|
+
*
|
|
39
|
+
* **Important:** changing the username has no bearing on authentication, as
|
|
40
|
+
* it's typically only used in the client-side component of the passkey
|
|
41
|
+
* (so the user knows which account the passkey relates to).
|
|
42
|
+
*
|
|
43
|
+
* However you might choose to align the username in your vault with the
|
|
44
|
+
* client-side component to simplify end user support.
|
|
45
|
+
*
|
|
46
|
+
* @param request
|
|
47
|
+
* @returns A promise resolving to either a passkey or an API error.
|
|
48
|
+
*
|
|
49
|
+
* @category Passkeys
|
|
50
|
+
*/
|
|
51
|
+
export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<Passkey | NotFoundError | ForbiddenError>;
|
|
52
|
+
/**
|
|
53
|
+
* Update the username for all passkeys belonging to a given user.
|
|
54
|
+
*
|
|
55
|
+
* **Important:** changing the username has no bearing on authentication, as
|
|
56
|
+
* it's typically only used in the client-side component of the passkey
|
|
57
|
+
* (so the user knows which account the passkey relates to).
|
|
58
|
+
*
|
|
59
|
+
* However you might choose to align the username in your vault with the
|
|
60
|
+
* client-side component to simplify end user support.
|
|
61
|
+
*
|
|
62
|
+
* @param request
|
|
63
|
+
* @returns A promise resolving to either updated passkey usernames or an API error.
|
|
64
|
+
*
|
|
65
|
+
* @category Passkeys
|
|
66
|
+
*/
|
|
67
|
+
export declare const updatePasskeyUsernames: (request: UpdatePasskeyUsernamesOptions) => Promise<UpdatedPasskeyUsernames | NotFoundError | ForbiddenError>;
|
|
68
|
+
/**
|
|
69
|
+
* Delete a passkey from your vault.
|
|
70
|
+
*
|
|
71
|
+
* **Note:** The user will still retain the passkey on their device so
|
|
72
|
+
* you will need to either:
|
|
73
|
+
*
|
|
74
|
+
* a) Use the @passlock/client functions to delete the passkey from the user's device.
|
|
75
|
+
* b) Remind the user to delete the passkey
|
|
76
|
+
*
|
|
77
|
+
* See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.
|
|
78
|
+
*
|
|
79
|
+
* In addition, during authentication you should handle a missing passkey scenario.
|
|
80
|
+
* This happens when a user tries to authenticate with a passkey that is missing from
|
|
81
|
+
* your vault. The @passlock/client library can help with this. See
|
|
82
|
+
* [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
|
|
83
|
+
*
|
|
84
|
+
* @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)
|
|
85
|
+
* @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
|
|
86
|
+
*
|
|
87
|
+
* @param options
|
|
88
|
+
* @returns A promise resolving to either the deleted passkey or an API error.
|
|
89
|
+
*
|
|
90
|
+
* @category Passkeys
|
|
91
|
+
*/
|
|
92
|
+
export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<Passkey | ForbiddenError | NotFoundError>;
|
|
93
|
+
/**
|
|
94
|
+
* Fetch details about a passkey. **Important**: Not to be confused with
|
|
95
|
+
* the {@link exchangeCode} or {@link verifyIdToken} functions, which
|
|
96
|
+
* return details about specific authentication or registration operations.
|
|
97
|
+
* Use this function for passkey management, not authentication.
|
|
98
|
+
*
|
|
99
|
+
* @param options
|
|
100
|
+
* @returns A promise resolving to either passkey details or an API error.
|
|
101
|
+
*
|
|
102
|
+
* @category Passkeys
|
|
103
|
+
*/
|
|
104
|
+
export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey | ForbiddenError | NotFoundError>;
|
|
105
|
+
/**
|
|
106
|
+
* List passkeys for the given tenancy. Note: This could return a cursor.
|
|
107
|
+
* If so, call again, passing the cursor back in.
|
|
108
|
+
*
|
|
109
|
+
* @param options
|
|
110
|
+
* @returns A promise resolving to a page of passkey summaries or an API error.
|
|
111
|
+
*
|
|
112
|
+
* @category Passkeys
|
|
113
|
+
*/
|
|
114
|
+
export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys | ForbiddenError>;
|
|
115
|
+
/**
|
|
116
|
+
* The @passlock/client library generates codes, which you should send to
|
|
117
|
+
* your backend. Use this function to exchange the code for details about
|
|
118
|
+
* the registration or authentication operation. **Note:** a code is valid
|
|
119
|
+
* for 5 minutes.
|
|
120
|
+
*
|
|
121
|
+
* @see {@link ExtendedPrincipal}
|
|
122
|
+
*
|
|
123
|
+
* @param options
|
|
124
|
+
* @returns A promise resolving to an extended principal or an API error.
|
|
125
|
+
*
|
|
126
|
+
* @category Principal
|
|
127
|
+
*/
|
|
128
|
+
export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<ExtendedPrincipal | ForbiddenError | InvalidCodeError>;
|
|
129
|
+
/**
|
|
130
|
+
* Decode and verify an id_token (JWT) locally.
|
|
131
|
+
* **Note:** This will make a network call to
|
|
132
|
+
* `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
|
|
133
|
+
* to fetch the relevant public key. The response will be cached, however
|
|
134
|
+
* bear in mind that for something like AWS Lambda it will make the call on every
|
|
135
|
+
* cold start so might actually be slower than {@link exchangeCode}
|
|
136
|
+
*
|
|
137
|
+
* @see {@link Principal}
|
|
138
|
+
*
|
|
139
|
+
* @param options
|
|
140
|
+
* @returns A promise resolving to a verified principal or verification failure.
|
|
141
|
+
*
|
|
142
|
+
* @category Principal
|
|
143
|
+
*/
|
|
144
|
+
export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Promise<Principal | VerificationError>;
|
|
145
|
+
export type { BadRequestError, DuplicateEmailError, ForbiddenError, InvalidCodeError, InvalidEmailError, InvalidTenancyError, NotFoundError, PasskeyNotFoundError, UnauthorizedError, VerificationError, } from "./errors.js";
|
|
146
|
+
export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
|
|
147
|
+
export type { AssignUserOptions, Credential, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, PasskeySummary, Platform, UpdatedPasskeys, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions, } from "./passkey/passkey.js";
|
|
148
|
+
export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
|
|
149
|
+
export type { ExchangeCodeOptions, VerifyIdTokenOptions, } from "./principal/principal.js";
|
|
150
|
+
export type { CredentialDeviceType, Transports, } from "./schemas/passkey.js";
|
|
151
|
+
export type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
|
|
152
|
+
export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
|
|
153
|
+
export type { AuthenticatedOptions, PasslockOptions, } from "./shared.js";
|
|
154
|
+
//# sourceMappingURL=safe.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"safe.d.ts","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,KAAK,EACV,cAAc,EACd,gBAAgB,EAChB,aAAa,EACb,iBAAiB,EAClB,MAAM,aAAa,CAAA;AACpB,OAAO,KAAK,EACV,iBAAiB,EACjB,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,EAC9B,MAAM,sBAAsB,CAAA;AAS7B,OAAO,KAAK,EACV,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAKjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE1E;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,KACzB,OAAO,CAAC,OAAO,GAAG,aAAa,GAAG,cAAc,CAKhD,CAAA;AAEH;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,GAAG,aAAa,GAAG,cAAc,CAKhD,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,sBAAsB,GACjC,SAAS,6BAA6B,KACrC,OAAO,CAAC,uBAAuB,GAAG,aAAa,GAAG,cAAc,CAKhE,CAAA;AAEH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,GAAG,cAAc,GAAG,aAAa,CAKhD,CAAA;AAEH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,KACzB,OAAO,CAAC,OAAO,GAAG,cAAc,GAAG,aAAa,CAKhD,CAAA;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,KAC1B,OAAO,CAAC,eAAe,GAAG,cAAc,CAKxC,CAAA;AAEH;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,GAAG,cAAc,GAAG,gBAAgB,CAK7D,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,SAAS,GAAG,iBAAiB,CAKrC,CAAA;AAIH,YAAY,EACV,eAAe,EACf,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,iBAAiB,EACjB,UAAU,EACV,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,cAAc,EACd,QAAQ,EACR,eAAe,EACf,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EACV,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,oBAAoB,EACpB,UAAU,GACX,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC1E,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA;AACzE,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}
|
package/dist/safe.js
ADDED
|
@@ -0,0 +1,147 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Safe functions that return discriminated unions representing
|
|
3
|
+
* the successful outcome or expected failures.
|
|
4
|
+
*
|
|
5
|
+
* Note: unexpected runtime failures may still throw.
|
|
6
|
+
*
|
|
7
|
+
* @categoryDescription Passkeys
|
|
8
|
+
* Functions and related types for managing passkeys
|
|
9
|
+
*
|
|
10
|
+
* @showCategories
|
|
11
|
+
*
|
|
12
|
+
* @module safe
|
|
13
|
+
*/
|
|
14
|
+
import { Effect, identity, pipe } from "effect";
|
|
15
|
+
import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, updatePasskey as updatePasskeyE, updatePasskeyUsernames as updatePasskeyUsernamesE, } from "./passkey/passkey.js";
|
|
16
|
+
import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE, } from "./principal/principal.js";
|
|
17
|
+
/**
|
|
18
|
+
* Assign a custom User ID to a passkey. Will be reflected in the next
|
|
19
|
+
* {@link Principal} or {@link ExtendedPrincipal} generated.
|
|
20
|
+
*
|
|
21
|
+
* **Note:** This does not change the underlying WebAuthn credential's `userId`.
|
|
22
|
+
* Instead we apply a layer of indirection.
|
|
23
|
+
*
|
|
24
|
+
* @see {@link Principal}
|
|
25
|
+
* @see {@link ExtendedPrincipal}
|
|
26
|
+
* @see [credential](https://passlock.dev/rest-api/credential/)
|
|
27
|
+
*
|
|
28
|
+
* @param request
|
|
29
|
+
* @returns A promise resolving to either a passkey or an API error.
|
|
30
|
+
*
|
|
31
|
+
* @category Passkeys
|
|
32
|
+
*/
|
|
33
|
+
export const assignUser = (request) => pipe(assignUserE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
34
|
+
/**
|
|
35
|
+
* Can also be used to assign a custom User ID, but also allows you to update
|
|
36
|
+
* the username.
|
|
37
|
+
*
|
|
38
|
+
* **Important:** changing the username has no bearing on authentication, as
|
|
39
|
+
* it's typically only used in the client-side component of the passkey
|
|
40
|
+
* (so the user knows which account the passkey relates to).
|
|
41
|
+
*
|
|
42
|
+
* However you might choose to align the username in your vault with the
|
|
43
|
+
* client-side component to simplify end user support.
|
|
44
|
+
*
|
|
45
|
+
* @param request
|
|
46
|
+
* @returns A promise resolving to either a passkey or an API error.
|
|
47
|
+
*
|
|
48
|
+
* @category Passkeys
|
|
49
|
+
*/
|
|
50
|
+
export const updatePasskey = (request) => pipe(updatePasskeyE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
51
|
+
/**
|
|
52
|
+
* Update the username for all passkeys belonging to a given user.
|
|
53
|
+
*
|
|
54
|
+
* **Important:** changing the username has no bearing on authentication, as
|
|
55
|
+
* it's typically only used in the client-side component of the passkey
|
|
56
|
+
* (so the user knows which account the passkey relates to).
|
|
57
|
+
*
|
|
58
|
+
* However you might choose to align the username in your vault with the
|
|
59
|
+
* client-side component to simplify end user support.
|
|
60
|
+
*
|
|
61
|
+
* @param request
|
|
62
|
+
* @returns A promise resolving to either updated passkey usernames or an API error.
|
|
63
|
+
*
|
|
64
|
+
* @category Passkeys
|
|
65
|
+
*/
|
|
66
|
+
export const updatePasskeyUsernames = (request) => pipe(updatePasskeyUsernamesE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
67
|
+
/**
|
|
68
|
+
* Delete a passkey from your vault.
|
|
69
|
+
*
|
|
70
|
+
* **Note:** The user will still retain the passkey on their device so
|
|
71
|
+
* you will need to either:
|
|
72
|
+
*
|
|
73
|
+
* a) Use the @passlock/client functions to delete the passkey from the user's device.
|
|
74
|
+
* b) Remind the user to delete the passkey
|
|
75
|
+
*
|
|
76
|
+
* See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.
|
|
77
|
+
*
|
|
78
|
+
* In addition, during authentication you should handle a missing passkey scenario.
|
|
79
|
+
* This happens when a user tries to authenticate with a passkey that is missing from
|
|
80
|
+
* your vault. The @passlock/client library can help with this. See
|
|
81
|
+
* [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
|
|
82
|
+
*
|
|
83
|
+
* @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)
|
|
84
|
+
* @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
|
|
85
|
+
*
|
|
86
|
+
* @param options
|
|
87
|
+
* @returns A promise resolving to either the deleted passkey or an API error.
|
|
88
|
+
*
|
|
89
|
+
* @category Passkeys
|
|
90
|
+
*/
|
|
91
|
+
export const deletePasskey = (options) => pipe(deletePasskeyE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
92
|
+
/**
|
|
93
|
+
* Fetch details about a passkey. **Important**: Not to be confused with
|
|
94
|
+
* the {@link exchangeCode} or {@link verifyIdToken} functions, which
|
|
95
|
+
* return details about specific authentication or registration operations.
|
|
96
|
+
* Use this function for passkey management, not authentication.
|
|
97
|
+
*
|
|
98
|
+
* @param options
|
|
99
|
+
* @returns A promise resolving to either passkey details or an API error.
|
|
100
|
+
*
|
|
101
|
+
* @category Passkeys
|
|
102
|
+
*/
|
|
103
|
+
export const getPasskey = (options) => pipe(getPasskeyE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
104
|
+
/**
|
|
105
|
+
* List passkeys for the given tenancy. Note: This could return a cursor.
|
|
106
|
+
* If so, call again, passing the cursor back in.
|
|
107
|
+
*
|
|
108
|
+
* @param options
|
|
109
|
+
* @returns A promise resolving to a page of passkey summaries or an API error.
|
|
110
|
+
*
|
|
111
|
+
* @category Passkeys
|
|
112
|
+
*/
|
|
113
|
+
export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
114
|
+
/**
|
|
115
|
+
* The @passlock/client library generates codes, which you should send to
|
|
116
|
+
* your backend. Use this function to exchange the code for details about
|
|
117
|
+
* the registration or authentication operation. **Note:** a code is valid
|
|
118
|
+
* for 5 minutes.
|
|
119
|
+
*
|
|
120
|
+
* @see {@link ExtendedPrincipal}
|
|
121
|
+
*
|
|
122
|
+
* @param options
|
|
123
|
+
* @returns A promise resolving to an extended principal or an API error.
|
|
124
|
+
*
|
|
125
|
+
* @category Principal
|
|
126
|
+
*/
|
|
127
|
+
export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
128
|
+
/**
|
|
129
|
+
* Decode and verify an id_token (JWT) locally.
|
|
130
|
+
* **Note:** This will make a network call to
|
|
131
|
+
* `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
|
|
132
|
+
* to fetch the relevant public key. The response will be cached, however
|
|
133
|
+
* bear in mind that for something like AWS Lambda it will make the call on every
|
|
134
|
+
* cold start so might actually be slower than {@link exchangeCode}
|
|
135
|
+
*
|
|
136
|
+
* @see {@link Principal}
|
|
137
|
+
*
|
|
138
|
+
* @param options
|
|
139
|
+
* @returns A promise resolving to a verified principal or verification failure.
|
|
140
|
+
*
|
|
141
|
+
* @category Principal
|
|
142
|
+
*/
|
|
143
|
+
export const verifyIdToken = (options) => pipe(verifyIdTokenE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
144
|
+
export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
|
|
145
|
+
export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
|
|
146
|
+
export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
|
|
147
|
+
//# sourceMappingURL=safe.js.map
|
package/dist/safe.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"safe.js","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAkB/C,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,EAC/B,sBAAsB,IAAI,uBAAuB,GAClD,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EACL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,0BAA0B,CAAA;AAGjC;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACyB,EAAE,CACrD,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACsB,EAAE,CACrD,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EAC6B,EAAE,CACrE,IAAI,CACF,uBAAuB,CAAC,OAAO,CAAC,EAChC,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACsB,EAAE,CACrD,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACyB,EAAE,CACrD,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EACgB,EAAE,CAC7C,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EACoC,EAAE,CAClE,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACW,EAAE,CAC1C,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAgBH,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AAgBpB,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAU7B,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA","sourcesContent":["/**\n * Safe functions that return discriminated unions representing\n * the successful outcome or expected failures.\n *\n * Note: unexpected runtime failures may still throw.\n *\n * @categoryDescription Passkeys\n * Functions and related types for managing passkeys\n *\n * @showCategories\n *\n * @module safe\n */\n\nimport { Effect, identity, pipe } from \"effect\"\nimport type {\n ForbiddenError,\n InvalidCodeError,\n NotFoundError,\n VerificationError,\n} from \"./errors.js\"\nimport type {\n AssignUserOptions,\n DeletePasskeyOptions,\n FindAllPasskeys,\n GetPasskeyOptions,\n ListPasskeyOptions,\n Passkey,\n UpdatedPasskeyUsernames,\n UpdatePasskeyOptions,\n UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nimport {\n assignUser as assignUserE,\n deletePasskey as deletePasskeyE,\n getPasskey as getPasskeyE,\n listPasskeys as listPasskeysE,\n updatePasskey as updatePasskeyE,\n updatePasskeyUsernames as updatePasskeyUsernamesE,\n} from \"./passkey/passkey.js\"\nimport type {\n ExchangeCodeOptions,\n VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nimport {\n exchangeCode as exchangeCodeE,\n verifyIdToken as verifyIdTokenE,\n} from \"./principal/principal.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\n\n/**\n * Assign a custom User ID to a passkey. Will be reflected in the next\n * {@link Principal} or {@link ExtendedPrincipal} generated.\n *\n * **Note:** This does not change the underlying WebAuthn credential's `userId`.\n * Instead we apply a layer of indirection.\n *\n * @see {@link Principal}\n * @see {@link ExtendedPrincipal}\n * @see [credential](https://passlock.dev/rest-api/credential/)\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const assignUser = (\n request: AssignUserOptions\n): Promise<Passkey | NotFoundError | ForbiddenError> =>\n pipe(\n assignUserE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Can also be used to assign a custom User ID, but also allows you to update\n * the username.\n *\n * **Important:** changing the username has no bearing on authentication, as\n * it's typically only used in the client-side component of the passkey\n * (so the user knows which account the passkey relates to).\n *\n * However you might choose to align the username in your vault with the\n * client-side component to simplify end user support.\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n request: UpdatePasskeyOptions\n): Promise<Passkey | NotFoundError | ForbiddenError> =>\n pipe(\n updatePasskeyE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Update the username for all passkeys belonging to a given user.\n *\n * **Important:** changing the username has no bearing on authentication, as\n * it's typically only used in the client-side component of the passkey\n * (so the user knows which account the passkey relates to).\n *\n * However you might choose to align the username in your vault with the\n * client-side component to simplify end user support.\n *\n * @param request\n * @returns A promise resolving to either updated passkey usernames or an API error.\n *\n * @category Passkeys\n */\nexport const updatePasskeyUsernames = (\n request: UpdatePasskeyUsernamesOptions\n): Promise<UpdatedPasskeyUsernames | NotFoundError | ForbiddenError> =>\n pipe(\n updatePasskeyUsernamesE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Delete a passkey from your vault.\n *\n * **Note:** The user will still retain the passkey on their device so\n * you will need to either:\n *\n * a) Use the @passlock/client functions to delete the passkey from the user's device.\n * b) Remind the user to delete the passkey\n *\n * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.\n *\n * In addition, during authentication you should handle a missing passkey scenario.\n * This happens when a user tries to authenticate with a passkey that is missing from\n * your vault. The @passlock/client library can help with this. See\n * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)\n * @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @param options\n * @returns A promise resolving to either the deleted passkey or an API error.\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n options: DeletePasskeyOptions\n): Promise<Passkey | ForbiddenError | NotFoundError> =>\n pipe(\n deletePasskeyE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Fetch details about a passkey. **Important**: Not to be confused with\n * the {@link exchangeCode} or {@link verifyIdToken} functions, which\n * return details about specific authentication or registration operations.\n * Use this function for passkey management, not authentication.\n *\n * @param options\n * @returns A promise resolving to either passkey details or an API error.\n *\n * @category Passkeys\n */\nexport const getPasskey = (\n options: GetPasskeyOptions\n): Promise<Passkey | ForbiddenError | NotFoundError> =>\n pipe(\n getPasskeyE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * List passkeys for the given tenancy. Note: This could return a cursor.\n * If so, call again, passing the cursor back in.\n *\n * @param options\n * @returns A promise resolving to a page of passkey summaries or an API error.\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n options: ListPasskeyOptions\n): Promise<FindAllPasskeys | ForbiddenError> =>\n pipe(\n listPasskeysE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * The @passlock/client library generates codes, which you should send to\n * your backend. Use this function to exchange the code for details about\n * the registration or authentication operation. **Note:** a code is valid\n * for 5 minutes.\n *\n * @see {@link ExtendedPrincipal}\n *\n * @param options\n * @returns A promise resolving to an extended principal or an API error.\n *\n * @category Principal\n */\nexport const exchangeCode = (\n options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal | ForbiddenError | InvalidCodeError> =>\n pipe(\n exchangeCodeE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Decode and verify an id_token (JWT) locally.\n * **Note:** This will make a network call to\n * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)\n * to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS Lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n *\n * @see {@link Principal}\n *\n * @param options\n * @returns A promise resolving to a verified principal or verification failure.\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n options: VerifyIdTokenOptions\n): Promise<Principal | VerificationError> =>\n pipe(\n verifyIdTokenE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/* Re-exports */\n\nexport type {\n BadRequestError,\n DuplicateEmailError,\n ForbiddenError,\n InvalidCodeError,\n InvalidEmailError,\n InvalidTenancyError,\n NotFoundError,\n PasskeyNotFoundError,\n UnauthorizedError,\n VerificationError,\n} from \"./errors.js\"\nexport {\n isBadRequestError,\n isDuplicateEmailError,\n isForbiddenError,\n isInvalidCodeError,\n isInvalidEmailError,\n isInvalidTenancyError,\n isNotFoundError,\n isPasskeyNotFoundError,\n isUnauthorizedError,\n isVerificationError,\n} from \"./errors.js\"\nexport type {\n AssignUserOptions,\n Credential,\n DeletePasskeyOptions,\n FindAllPasskeys,\n GetPasskeyOptions,\n ListPasskeyOptions,\n Passkey,\n PasskeySummary,\n Platform,\n UpdatedPasskeys,\n UpdatedPasskeyUsernames,\n UpdatePasskeyOptions,\n UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nexport {\n isPasskey,\n isPasskeySummary,\n isUpdatedPasskeys,\n isUpdatedPasskeyUsernames,\n} from \"./passkey/passkey.js\"\nexport type {\n ExchangeCodeOptions,\n VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nexport type {\n CredentialDeviceType,\n Transports,\n} from \"./schemas/passkey.js\"\nexport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nexport { isExtendedPrincipal, isPrincipal } from \"./schemas/principal.js\"\nexport type {\n AuthenticatedOptions,\n PasslockOptions,\n} from \"./shared.js\"\n"]}
|
package/dist/schemas/errors.d.ts
CHANGED
|
@@ -1,77 +1,2 @@
|
|
|
1
|
-
import { Schema } from "effect";
|
|
2
|
-
declare const Unauthorized_base: Schema.TaggedErrorClass<Unauthorized, "@error/Unauthorized", {
|
|
3
|
-
readonly _tag: Schema.tag<"@error/Unauthorized">;
|
|
4
|
-
}>;
|
|
5
|
-
export declare class Unauthorized extends Unauthorized_base {
|
|
6
|
-
}
|
|
7
|
-
export declare const isUnauthorized: (payload: unknown) => payload is Unauthorized;
|
|
8
|
-
declare const Forbidden_base: Schema.TaggedErrorClass<Forbidden, "@error/Forbidden", {
|
|
9
|
-
readonly _tag: Schema.tag<"@error/Forbidden">;
|
|
10
|
-
}>;
|
|
11
|
-
export declare class Forbidden extends Forbidden_base {
|
|
12
|
-
}
|
|
13
|
-
export declare const isForbidden: (payload: unknown) => payload is Forbidden;
|
|
14
|
-
declare const InvalidCode_base: Schema.TaggedErrorClass<InvalidCode, "@error/InvalidCode", {
|
|
15
|
-
readonly _tag: Schema.tag<"@error/InvalidCode">;
|
|
16
|
-
} & {
|
|
17
|
-
message: typeof Schema.String;
|
|
18
|
-
}>;
|
|
19
|
-
export declare class InvalidCode extends InvalidCode_base {
|
|
20
|
-
}
|
|
21
|
-
export declare const isInvalidCode: (payload: unknown) => payload is InvalidCode;
|
|
22
|
-
declare const InvalidTenancy_base: Schema.TaggedErrorClass<InvalidTenancy, "@error/InvalidTenancy", {
|
|
23
|
-
readonly _tag: Schema.tag<"@error/InvalidTenancy">;
|
|
24
|
-
} & {
|
|
25
|
-
message: typeof Schema.String;
|
|
26
|
-
}>;
|
|
27
|
-
export declare class InvalidTenancy extends InvalidTenancy_base {
|
|
28
|
-
}
|
|
29
|
-
export declare const isInvalidTenancy: (payload: unknown) => payload is InvalidTenancy;
|
|
30
|
-
declare const PasskeyNotFound_base: Schema.TaggedErrorClass<PasskeyNotFound, "@error/PasskeyNotFound", {
|
|
31
|
-
readonly _tag: Schema.tag<"@error/PasskeyNotFound">;
|
|
32
|
-
} & {
|
|
33
|
-
credentialId: typeof Schema.String;
|
|
34
|
-
message: typeof Schema.String;
|
|
35
|
-
rpId: typeof Schema.String;
|
|
36
|
-
}>;
|
|
37
|
-
/**
|
|
38
|
-
* We need the credentialId and rpId to feed into the
|
|
39
|
-
* client's signalCredentialRemoval function
|
|
40
|
-
*/
|
|
41
|
-
export declare class PasskeyNotFound extends PasskeyNotFound_base {
|
|
42
|
-
}
|
|
43
|
-
export declare const isPasskeyNotFound: (payload: unknown) => payload is PasskeyNotFound;
|
|
44
|
-
declare const NotFound_base: Schema.TaggedErrorClass<NotFound, "@error/NotFound", {
|
|
45
|
-
readonly _tag: Schema.tag<"@error/NotFound">;
|
|
46
|
-
} & {
|
|
47
|
-
message: typeof Schema.String;
|
|
48
|
-
}>;
|
|
49
|
-
export declare class NotFound extends NotFound_base {
|
|
50
|
-
}
|
|
51
|
-
export declare const isNotFound: (payload: unknown) => payload is NotFound;
|
|
52
|
-
declare const InvalidEmail_base: Schema.TaggedErrorClass<InvalidEmail, "@error/InvalidEmail", {
|
|
53
|
-
readonly _tag: Schema.tag<"@error/InvalidEmail">;
|
|
54
|
-
} & {
|
|
55
|
-
message: typeof Schema.String;
|
|
56
|
-
}>;
|
|
57
|
-
export declare class InvalidEmail extends InvalidEmail_base {
|
|
58
|
-
}
|
|
59
|
-
export declare const isInvalidEmail: (payload: unknown) => payload is InvalidEmail;
|
|
60
|
-
declare const DuplicateEmail_base: Schema.TaggedErrorClass<DuplicateEmail, "@error/DuplicateEmail", {
|
|
61
|
-
readonly _tag: Schema.tag<"@error/DuplicateEmail">;
|
|
62
|
-
} & {
|
|
63
|
-
message: typeof Schema.String;
|
|
64
|
-
}>;
|
|
65
|
-
export declare class DuplicateEmail extends DuplicateEmail_base {
|
|
66
|
-
}
|
|
67
|
-
export declare const isDuplicateEmail: (payload: unknown) => payload is DuplicateEmail;
|
|
68
|
-
declare const BadRequest_base: Schema.TaggedErrorClass<BadRequest, "@error/BadRequest", {
|
|
69
|
-
readonly _tag: Schema.tag<"@error/BadRequest">;
|
|
70
|
-
} & {
|
|
71
|
-
message: typeof Schema.String;
|
|
72
|
-
}>;
|
|
73
|
-
export declare class BadRequest extends BadRequest_base {
|
|
74
|
-
}
|
|
75
|
-
export declare const isBadRequest: (payload: unknown) => payload is BadRequest;
|
|
76
1
|
export {};
|
|
77
2
|
//# sourceMappingURL=errors.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/schemas/errors.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/schemas/errors.ts"],"names":[],"mappings":""}
|