@passlock/node 2.0.2 → 2.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/effect.d.ts +2 -2
- package/dist/effect.d.ts.map +1 -1
- package/dist/effect.js +1 -1
- package/dist/effect.js.map +1 -1
- package/dist/errors.d.ts +21 -21
- package/dist/errors.d.ts.map +1 -1
- package/dist/errors.js +16 -11
- package/dist/errors.js.map +1 -1
- package/dist/index.d.ts +39 -14
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +38 -14
- package/dist/index.js.map +1 -1
- package/dist/network.d.ts +134 -0
- package/dist/network.d.ts.map +1 -0
- package/dist/network.js +172 -0
- package/dist/network.js.map +1 -0
- package/dist/passkey/passkey.d.ts +33 -17
- package/dist/passkey/passkey.d.ts.map +1 -1
- package/dist/passkey/passkey.js +113 -66
- package/dist/passkey/passkey.js.map +1 -1
- package/dist/principal/principal.d.ts +7 -7
- package/dist/principal/principal.d.ts.map +1 -1
- package/dist/principal/principal.js +23 -22
- package/dist/principal/principal.js.map +1 -1
- package/dist/safe.d.ts +39 -21
- package/dist/safe.d.ts.map +1 -1
- package/dist/safe.js +30 -13
- package/dist/safe.js.map +1 -1
- package/dist/schemas/errors.d.ts +1 -24
- package/dist/schemas/errors.d.ts.map +1 -1
- package/dist/schemas/errors.js +28 -40
- package/dist/schemas/errors.js.map +1 -1
- package/dist/schemas/passkey.d.ts +33 -9
- package/dist/schemas/passkey.d.ts.map +1 -1
- package/dist/schemas/passkey.js +8 -9
- package/dist/schemas/passkey.js.map +1 -1
- package/package.json +6 -10
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/passkey/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,UAAU,EACV,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EACL,KAAK,EACL,MAAM,EAEN,KAAK,EACL,MAAM,EACN,IAAI,EACJ,MAAM,EACN,MAAM,GACP,MAAM,QAAQ,CAAA;AAEf,OAAO,EAAE,qBAAqB,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAChF,OAAO,EAEL,oBAAoB,EACpB,aAAa,EACb,oBAAoB,GAErB,MAAM,uBAAuB,CAAA;AA4D9B,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAgB,EAAsB,EAAE,CAChE,MAAM,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAA;AAqBnC,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,CAAA;AAiC1C,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,CAAA;AAiB1C,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAiD,eAAe,CAAC,KAAK,EACxB,EAAE,CAChD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,EAAE;QACjD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEvB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC;QACvE,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAClE,QAAQ,CACT;KACJ,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAQH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAiD,eAAe,CAAC,KAAK,EACjB,EAAE,CACvD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,EAAE;QACjD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEvB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CACV,kBAAkB,CAAC,cAAc,CAAC,oBAAoB,CAAC,CAAC,QAAQ,CAAC;QACnE,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAClE,QAAQ,CACT;KACJ,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,cAAc,EAAE,EAAE,CAC7C,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAC/B,EACD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAgBH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAiD,eAAe,CAAC,KAAK,EACxB,EAAE,CAChD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IACrC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,KAAK,CAAC,GAAG,EAAE;QACnD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CACL,iBAAiB,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC,EACtC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAC/B,CAAA;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC;QACvE,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAClE,QAAQ,CACT;KACJ,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACvC,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAQH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAiD,eAAe,CAAC,KAAK,EACxB,EAAE,CAChD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAC/C,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,KAAK,CAAC,GAAG,EAAE;QACnD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CACL,iBAAiB,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAChD,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAC/B,CAAA;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC;QACvE,MAAM,EAAE,GAAG,EAAE,CACX,kBAAkB,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAClE,QAAQ,CACT;KACJ,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACvC,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAEH,mBAAmB;AAEnB,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAA6B,EAC7B,aAAiD,eAAe,CAAC,KAAK,EAC5B,EAAE,CAC5C,IAAI,CACF,MAAM,CAAC,mBAAmB,CAAC,IAAqB,EAAE,CAAC,MAAM,EAAE,EAAE,CAC3D,IAAI,CACF,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,EACnE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC;IACrB,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC;IAClC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC;CACnC,CAAC,CACH,CACF,CACF,CAAA;AAMH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EAC3B,aAAiD,eAAe,CAAC,KAAK,EAC3B,EAAE,CAC7C,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,UAAU,CAAC,UAAU,CAAA;IAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,YAAY,EAAE,OAAO,CAAC,CAAA;IACvD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,EAAE;QACjD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE,EAAE;KACvD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEvB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC9D,KAAK,EAAE,GAAG,EAAE,CACV,kBAAkB,CAAC,cAAc,CAAC,qBAAqB,CAAC,CAAC,QAAQ,CAAC;QACpE,MAAM,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC;KACrE,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EAC5D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACxC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA","sourcesContent":["import {\n FetchHttpClient,\n HttpClient,\n HttpClientRequest,\n HttpClientResponse,\n} from \"@effect/platform\"\n\nimport {\n Chunk,\n Effect,\n type Layer,\n Match,\n Option,\n pipe,\n Schema,\n Stream,\n} from \"effect\"\nimport type { satisfy } from \"src/schemas/satisfy.js\"\nimport { FindAllPasskeysSchema, Forbidden, NotFound } from \"../schemas/index.js\"\nimport {\n type CredentialDeviceType,\n DeletedPasskeySchema,\n PasskeySchema,\n PasskeySummarySchema,\n type Transports,\n} from \"../schemas/passkey.js\"\nimport type { AuthenticatedOptions } from \"../shared.js\"\n\n/**\n * WebAuthn specific passkey data\n */\nexport type Credential = {\n id: string\n userId: string\n username: string\n aaguid: string\n backedUp: boolean\n counter: number\n deviceType: CredentialDeviceType\n transports: ReadonlyArray<Transports>\n publicKey: Uint8Array<ArrayBufferLike>\n}\n\n/**\n * Passkeys are usually synced across devices **but only within\n * a specific platform/ecosystem** e.g. a passkey created on Apple\n * devices would typically be synced across devices sharing the same\n * iCloud ID.\n *\n * However, if the user also wants to sign in from their Windows\n * or Android/Chrome devices they will need an additional passkey.\n * Therefore when listing the passkeys registered to a user's account\n * it's a good idea to tell them which platform the passkeys relate to.\n *\n * We've also included links to icons (SVG) so you can give your users\n * a quick visual indication.\n */\nexport type Platform = {\n name?: string | undefined\n icon?: string | undefined\n}\n\n/**\n * The server-side component of a passkey\n *\n * @category Passkeys\n */\nexport type Passkey = {\n _tag: \"Passkey\"\n /**\n * Not to be confused with the credential.id\n */\n id: string\n /**\n * Not to be confused with the credential.userId\n */\n userId?: string | undefined\n enabled: boolean\n credential: Credential\n platform?: Platform | undefined\n lastUsed?: number | undefined\n createdAt: number\n updatedAt: number\n}\n\nexport const isPasskey = (payload: unknown): payload is Passkey =>\n Schema.is(PasskeySchema)(payload)\n\n/**\n * needed to ensure the Passkey === Passkey.Type\n * @internal\n * */\nexport type _Passkey = satisfy<typeof PasskeySchema.Type, Passkey>\n\nexport type PasskeySummary = {\n readonly _tag: \"PasskeySummary\"\n readonly id: string\n readonly userId: string\n readonly enabled: boolean\n readonly credential: {\n readonly id: string\n readonly userId: string\n }\n readonly lastUsed?: number | undefined\n readonly createdAt: number\n}\n\nexport const isPasskeySummary = (payload: unknown): payload is PasskeySummary =>\n Schema.is(PasskeySummarySchema)(payload)\n\n/**\n * needed to ensure the PasskeySummary === PasskeySummary.Type\n * @internal\n */\nexport type _PasskeySummary = satisfy<\n typeof PasskeySummarySchema.Type,\n PasskeySummary\n>\n\nexport type FindAllPasskeys = {\n readonly _tag: \"FindAllPasskeys\"\n readonly cursor: string | null\n readonly records: ReadonlyArray<PasskeySummary>\n}\n\n/**\n * needed to ensure the FindAllPasskeys === FindAllPasskeys.Type\n * @internal\n */\nexport type _FindAllPasskeys = satisfy<\n typeof FindAllPasskeysSchema.Type,\n FindAllPasskeys\n>\n\nexport type DeletedPasskey = {\n readonly _tag: \"DeletedPasskey\"\n readonly id: string\n readonly credentialId: string\n readonly rpId: string\n}\n\nexport const isDeletedPasskey = (payload: unknown): payload is DeletedPasskey =>\n Schema.is(DeletedPasskeySchema)(payload)\n\n/**\n * needed to ensure the DeletedPasskey === DeletedPasskey.Type\n * @internal\n */\nexport type _DeletedPasskey = satisfy<\n typeof DeletedPasskeySchema.Type,\n DeletedPasskey\n>\n\n/* Get Passkey */\n\nexport interface GetPasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const getPasskey = (\n options: GetPasskeyOptions,\n httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<Passkey, NotFound | Forbidden> =>\n pipe(\n Effect.gen(function* () {\n const client = yield* HttpClient.HttpClient\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* HttpClientRequest.get(url, {\n headers: { Authorization: `Bearer ${options.apiKey}` },\n }).pipe(client.execute)\n\n const encoded = yield* HttpClientResponse.matchStatus(response, {\n \"2xx\": () => HttpClientResponse.schemaBodyJson(PasskeySchema)(response),\n orElse: () =>\n HttpClientResponse.schemaBodyJson(Schema.Union(Forbidden, NotFound))(\n response\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n ParseError: (err) => Effect.die(err),\n RequestError: (err) => Effect.die(err),\n ResponseError: (err) => Effect.die(err),\n }),\n Effect.provide(httpClient)\n )\n\n/* Delete Passkey */\n\nexport interface DeletePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const deletePasskey = (\n options: DeletePasskeyOptions,\n httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<DeletedPasskey, NotFound | Forbidden> =>\n pipe(\n Effect.gen(function* () {\n const client = yield* HttpClient.HttpClient\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* HttpClientRequest.del(url, {\n headers: { Authorization: `Bearer ${options.apiKey}` },\n }).pipe(client.execute)\n\n const encoded = yield* HttpClientResponse.matchStatus(response, {\n \"2xx\": () =>\n HttpClientResponse.schemaBodyJson(DeletedPasskeySchema)(response),\n orElse: () =>\n HttpClientResponse.schemaBodyJson(Schema.Union(Forbidden, NotFound))(\n response\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"DeletedPasskey\", (deletedPasskey) =>\n Effect.succeed(deletedPasskey)\n ),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n ParseError: (err) => Effect.die(err),\n RequestError: (err) => Effect.die(err),\n ResponseError: (err) => Effect.die(err),\n }),\n Effect.provide(httpClient)\n )\n\n/* Assign User */\n\n/**\n * @category Passkeys\n */\nexport interface AssignUserOptions extends AuthenticatedOptions {\n passkeyId: string\n\n /**\n * Custom User ID to align with your own systems\n */\n userId: string\n}\n\n// TODO reuse updatePasskey\nexport const assignUser = (\n options: AssignUserOptions,\n httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<Passkey, NotFound | Forbidden> =>\n pipe(\n Effect.gen(function* () {\n const client = yield* HttpClient.HttpClient\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { userId, passkeyId } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* HttpClientRequest.patch(url, {\n headers: { Authorization: `Bearer ${options.apiKey}` },\n }).pipe(\n HttpClientRequest.bodyJson({ userId }),\n Effect.flatMap(client.execute)\n )\n\n const encoded = yield* HttpClientResponse.matchStatus(response, {\n \"2xx\": () => HttpClientResponse.schemaBodyJson(PasskeySchema)(response),\n orElse: () =>\n HttpClientResponse.schemaBodyJson(Schema.Union(NotFound, Forbidden))(\n response\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n HttpBodyError: (err) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n RequestError: (err) => Effect.die(err),\n ResponseError: (err) => Effect.die(err),\n }),\n Effect.provide(httpClient)\n )\n\nexport interface UpdatePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n userId?: string\n username?: string\n}\n\nexport const updatePasskey = (\n options: UpdatePasskeyOptions,\n httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<Passkey, NotFound | Forbidden> =>\n pipe(\n Effect.gen(function* () {\n const client = yield* HttpClient.HttpClient\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { userId, passkeyId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* HttpClientRequest.patch(url, {\n headers: { Authorization: `Bearer ${options.apiKey}` },\n }).pipe(\n HttpClientRequest.bodyJson({ userId, username }),\n Effect.flatMap(client.execute)\n )\n\n const encoded = yield* HttpClientResponse.matchStatus(response, {\n \"2xx\": () => HttpClientResponse.schemaBodyJson(PasskeySchema)(response),\n orElse: () =>\n HttpClientResponse.schemaBodyJson(Schema.Union(NotFound, Forbidden))(\n response\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n HttpBodyError: (err) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n RequestError: (err) => Effect.die(err),\n ResponseError: (err) => Effect.die(err),\n }),\n Effect.provide(httpClient)\n )\n\n/* List Passkeys */\n\nexport const listPasskeysStream = (\n options: AuthenticatedOptions,\n httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Stream.Stream<PasskeySummary, Forbidden> =>\n pipe(\n Stream.paginateChunkEffect(null as string | null, (cursor) =>\n pipe(\n listPasskeys(cursor ? { ...options, cursor } : options, httpClient),\n Effect.map((result) => [\n Chunk.fromIterable(result.records),\n Option.fromNullable(result.cursor),\n ])\n )\n )\n )\n\nexport interface ListPasskeyOptions extends AuthenticatedOptions {\n cursor?: string\n}\n\nexport const listPasskeys = (\n options: ListPasskeyOptions,\n httpClient: Layer.Layer<HttpClient.HttpClient> = FetchHttpClient.layer\n): Effect.Effect<FindAllPasskeys, Forbidden> =>\n pipe(\n Effect.gen(function* () {\n const client = yield* HttpClient.HttpClient\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/`, baseUrl)\n if (options.cursor) {\n url.searchParams.append(\"cursor\", options.cursor)\n }\n\n const response = yield* HttpClientRequest.get(url, {\n headers: { Authorization: `Bearer ${options.apiKey}` },\n }).pipe(client.execute)\n\n const encoded = yield* HttpClientResponse.matchStatus(response, {\n \"2xx\": () =>\n HttpClientResponse.schemaBodyJson(FindAllPasskeysSchema)(response),\n orElse: () => HttpClientResponse.schemaBodyJson(Forbidden)(response),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"FindAllPasskeys\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n ParseError: (err) => Effect.die(err),\n RequestError: (err) => Effect.die(err),\n ResponseError: (err) => Effect.die(err),\n }),\n Effect.provide(httpClient)\n )\n"]}
|
|
1
|
+
{"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/passkey/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,EACL,KAAK,EACL,MAAM,EAEN,KAAK,EACL,MAAM,EACN,IAAI,EACJ,MAAM,EACN,MAAM,GACP,MAAM,QAAQ,CAAA;AAEf,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAKjB,MAAM,eAAe,CAAA;AACtB,OAAO,EACL,eAAe,IAAI,qBAAqB,EACxC,cAAc,EACd,aAAa,GACd,MAAM,qBAAqB,CAAA;AAC5B,OAAO,KAAK,cAAc,MAAM,uBAAuB,CAAA;AA+DvD,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAgB,EAAsB,EAAE,CAChE,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA;AAuB5C,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAA;AAkBnD,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAmBpD,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAuBpD,MAAM,CAAC,MAAM,yBAAyB,GAAG,CACvC,OAAgB,EACoB,EAAE;IACtC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC7C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAClC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAClD,IAAI,OAAO,CAAC,IAAI,KAAK,yBAAyB;QAAE,OAAO,KAAK,CAAA;IAE5D,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAED,iCAAiC;AAEjC,MAAM,oBAAoB,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,CAAC;IAChD,aAAa,EAAE,UAAU,MAAM,EAAE;CAClC,CAAC,CAAA;AAEF,MAAM,kBAAkB,GAAG,CACzB,QAAyB,EACzB,MAA8B,EAC9B,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;AAQtE,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAQH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,cAAc,EAAE,EAAE,CACtC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAC/B,EACD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAgBH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IACrC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,EACV;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAUH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAC/C,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AASH,MAAM,kBAAkB,GAAG,CACzB,OAAiC,EACjC,aAAwC,gBAAgB,EACQ,EAAE,CAClE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IACpC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,UAAU,MAAM,YAAY,EAAE,OAAO,CAAC,CAAA;IAEvE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CACb,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,eAAe,CAAC;QACzD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,EAChE,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAUH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EACtC,aAAwC,gBAAgB,EACgB,EAAE,CAC1E,IAAI,CACF,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,EACvC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EACtC,MAAM,CAAC,GAAG,CACR,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;IACpB,OAAO;QACL,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;QAC7B,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;QACjC,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ;QACrC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ;KAChE,CAAA;AACH,CAAC,CAAC,CACH,EACD,MAAM,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IAC3B,IAAI,EAAE,yBAAyB;IAC/B,WAAW;CACZ,CAAC,CAAC,CACJ,CAAA;AAEH,mBAAmB;AAEnB,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAA6B,EAC7B,aAAwC,gBAAgB,EACT,EAAE,CACjD,IAAI,CACF,MAAM,CAAC,mBAAmB,CAAC,IAAqB,EAAE,CAAC,MAAM,EAAE,EAAE,CAC3D,IAAI,CACF,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,EACnE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC;IACrB,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC;IAClC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC;CACnC,CAAC,CACH,CACF,CACF,CAAA;AAMH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EAC3B,aAAwC,gBAAgB,EACR,EAAE,CAClD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,YAAY,EAAE,OAAO,CAAC,CAAA;IACvD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GAAqC,KAAK,CAAC,CAAC,WAAW,CAClE,QAAQ,EACR;QACE,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,qBAAqB,CAAC;QAC9D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC;KACzD,CACF,CAAA;IAED,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EAC5D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA","sourcesContent":["import {\n Array,\n Chunk,\n Effect,\n type Layer,\n Match,\n Option,\n pipe,\n Schema,\n Stream,\n} from \"effect\"\nimport type { satisfy } from \"src/schemas/satisfy.js\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponse,\n type NetworkResponseError,\n} from \"../network.js\"\nimport {\n FindAllPasskeys as FindAllPasskeysSchema,\n ForbiddenError,\n NotFoundError,\n} from \"../schemas/index.js\"\nimport * as PasskeySchemas from \"../schemas/passkey.js\"\nimport type { AuthenticatedOptions } from \"../shared.js\"\n\n/* Passkey */\n\n/**\n * WebAuthn specific passkey data\n */\nexport type Credential = {\n id: string\n userId: string\n username: string\n aaguid: string\n backedUp: boolean\n counter: number\n deviceType: PasskeySchemas.CredentialDeviceType\n transports: ReadonlyArray<PasskeySchemas.Transports>\n publicKey: Uint8Array<ArrayBufferLike>\n rpId: string\n}\n\n/**\n * Passkeys are usually synced across devices **but only within\n * a specific platform/ecosystem** e.g. a passkey created on Apple\n * devices would typically be synced across devices sharing the same\n * iCloud ID.\n *\n * However, if the user also wants to sign in from their Windows\n * or Android/Chrome devices they will need an additional passkey.\n * Therefore when listing the passkeys registered to a user's account\n * it's a good idea to tell them which platform the passkeys relate to.\n *\n * We've also included links to icons (SVG) so you can give your users\n * a quick visual indication.\n */\nexport type Platform = {\n name?: string | undefined\n icon?: string | undefined\n}\n\n/**\n * The server-side component of a passkey\n *\n * @category Passkeys\n */\nexport type Passkey = {\n _tag: \"Passkey\"\n /**\n * Not to be confused with the credential.id\n */\n id: string\n /**\n * Not to be confused with the credential.userId\n */\n userId?: string | undefined\n enabled: boolean\n credential: Credential\n platform?: Platform | undefined\n lastUsed?: number | undefined\n createdAt: number\n updatedAt: number\n}\n\nexport const isPasskey = (payload: unknown): payload is Passkey =>\n Schema.is(PasskeySchemas.Passkey)(payload)\n\n/**\n * needed to ensure the Passkey === Passkey.Type\n * @internal\n * */\nexport type _Passkey = satisfy<typeof PasskeySchemas.Passkey.Type, Passkey>\n\n/* PasskeySummary */\n\nexport type PasskeySummary = {\n readonly _tag: \"PasskeySummary\"\n readonly id: string\n readonly userId: string\n readonly enabled: boolean\n readonly credential: {\n readonly id: string\n readonly userId: string\n }\n readonly lastUsed?: number | undefined\n readonly createdAt: number\n}\n\nexport const isPasskeySummary = (payload: unknown): payload is PasskeySummary =>\n Schema.is(PasskeySchemas.PasskeySummary)(payload)\n\n/**\n * needed to ensure the PasskeySummary === PasskeySummary.Type\n * @internal\n */\nexport type _PasskeySummary = satisfy<\n typeof PasskeySchemas.PasskeySummary.Type,\n PasskeySummary\n>\n\n/* UpdatedPasskeys */\n\nexport type UpdatedPasskeys = {\n _tag: \"UpdatedPasskeys\"\n updated: ReadonlyArray<Passkey>\n}\n\nexport const isUpdatedPasskeys = (\n payload: unknown\n): payload is UpdatedPasskeys =>\n Schema.is(PasskeySchemas.UpdatedPasskeys)(payload)\n\n/**\n * needed to ensure the UpdatedPasskeys === UpdatedPasskeys.Type\n * @internal\n * */\nexport type _UpdatedPasskeys = satisfy<\n typeof PasskeySchemas.UpdatedPasskeys.Type,\n UpdatedPasskeys\n>\n\n/* FindAllPasskeys */\n\nexport type FindAllPasskeys = {\n readonly _tag: \"FindAllPasskeys\"\n readonly cursor: string | null\n readonly records: ReadonlyArray<PasskeySummary>\n}\n\nexport const isFindAllPasskeys = (\n payload: unknown\n): payload is FindAllPasskeys =>\n Schema.is(PasskeySchemas.FindAllPasskeys)(payload)\n\n/**\n * needed to ensure the FindAllPasskeys === FindAllPasskeys.Type\n * @internal\n */\nexport type _FindAllPasskeys = satisfy<\n typeof FindAllPasskeysSchema.Type,\n FindAllPasskeys\n>\n\n/* UpdatedPasskeyUsernames (update names by userId) */\n\nexport type UpdatedPasskeyUsernames = {\n _tag: \"UpdatedPasskeyUsernames\"\n credentials: ReadonlyArray<{\n rpId: string\n userId: string\n username: string\n displayName: string\n }>\n}\n\nexport const isUpdatedPasskeyUsernames = (\n payload: unknown\n): payload is UpdatedPasskeyUsernames => {\n if (typeof payload !== \"object\") return false\n if (payload === null) return false\n if (!(\"_tag\" in payload)) return false\n if (typeof payload._tag !== \"string\") return false\n if (payload._tag !== \"UpdatedPasskeyUsernames\") return false\n\n return true\n}\n\n/* END UpdatedPasskeyUsernames */\n\nconst authorizationHeaders = (apiKey: string) => ({\n authorization: `Bearer ${apiKey}`,\n})\n\nconst decodeResponseJson = <A, I, R>(\n response: NetworkResponse,\n schema: Schema.Schema<A, I, R>\n) => pipe(response.json, Effect.flatMap(Schema.decodeUnknown(schema)))\n\n/* Get Passkey */\n\nexport interface GetPasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const getPasskey = (\n options: GetPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Delete Passkey */\n\nexport interface DeletePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const deletePasskey = (\n options: DeletePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"delete\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (deletedPasskey) =>\n Effect.succeed(deletedPasskey)\n ),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Assign User */\n\n/**\n * @category Passkeys\n */\nexport interface AssignUserOptions extends AuthenticatedOptions {\n passkeyId: string\n\n /**\n * Custom User ID to align with your own systems\n */\n userId: string\n}\n\n// TODO reuse updatePasskey\nexport const assignUser = (\n options: AssignUserOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { userId, passkeyId } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkey */\n\nexport interface UpdatePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n userId?: string\n username?: string\n}\n\nexport const updatePasskey = (\n options: UpdatePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, passkeyId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkeys by userId (currently not exported) */\n\ninterface UpdateUserPasskeyOptions extends AuthenticatedOptions {\n userId: string\n username?: string\n}\n\nconst updateUserPasskeys = (\n options: UpdateUserPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedPasskeys, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/users/${userId}/passkeys/`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: UpdatedPasskeys | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) =>\n decodeResponseJson(res, PasskeySchemas.UpdatedPasskeys),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"UpdatedPasskeys\", (result) => Effect.succeed(result)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update usernames by userId */\n\nexport interface UpdatePasskeyUsernamesOptions extends AuthenticatedOptions {\n userId: string\n username: string\n displayName?: string\n}\n\nexport const updatePasskeyUsernames = (\n options: UpdatePasskeyUsernamesOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedPasskeyUsernames, NotFoundError | ForbiddenError> =>\n pipe(\n updateUserPasskeys(options, fetchLayer),\n Effect.map((result) => result.updated),\n Effect.map(\n Array.map((passkey) => {\n return {\n rpId: passkey.credential.rpId,\n userId: passkey.credential.userId,\n username: passkey.credential.username,\n displayName: options.displayName ?? passkey.credential.username,\n }\n })\n ),\n Effect.map((credentials) => ({\n _tag: \"UpdatedPasskeyUsernames\",\n credentials,\n }))\n )\n\n/* List Passkeys */\n\nexport const listPasskeysStream = (\n options: AuthenticatedOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Stream.Stream<PasskeySummary, ForbiddenError> =>\n pipe(\n Stream.paginateChunkEffect(null as string | null, (cursor) =>\n pipe(\n listPasskeys(cursor ? { ...options, cursor } : options, fetchLayer),\n Effect.map((result) => [\n Chunk.fromIterable(result.records),\n Option.fromNullable(result.cursor),\n ])\n )\n )\n )\n\nexport interface ListPasskeyOptions extends AuthenticatedOptions {\n cursor?: string\n}\n\nexport const listPasskeys = (\n options: ListPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<FindAllPasskeys, ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/`, baseUrl)\n if (options.cursor) {\n url.searchParams.append(\"cursor\", options.cursor)\n }\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: FindAllPasskeys | ForbiddenError = yield* matchStatus(\n response,\n {\n \"2xx\": (res) => decodeResponseJson(res, FindAllPasskeysSchema),\n orElse: (res) => decodeResponseJson(res, ForbiddenError),\n }\n )\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"FindAllPasskeys\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n"]}
|
|
@@ -1,22 +1,22 @@
|
|
|
1
|
-
import { HttpClient } from "@effect/platform";
|
|
2
1
|
import { Effect, type Layer } from "effect";
|
|
3
|
-
import {
|
|
2
|
+
import { type NetworkFetch } from "../network.js";
|
|
3
|
+
import { ForbiddenError, InvalidCodeError } from "../schemas/errors.js";
|
|
4
4
|
import { type ExtendedPrincipal, type Principal } from "../schemas/principal.js";
|
|
5
5
|
import type { AuthenticatedOptions, PasslockOptions } from "../shared.js";
|
|
6
6
|
export interface ExchangeCodeOptions extends AuthenticatedOptions {
|
|
7
7
|
code: string;
|
|
8
8
|
}
|
|
9
|
-
export declare const exchangeCode: (options: ExchangeCodeOptions,
|
|
10
|
-
declare const
|
|
11
|
-
readonly _tag: "@error/
|
|
9
|
+
export declare const exchangeCode: (options: ExchangeCodeOptions, fetchLayer?: Layer.Layer<NetworkFetch>) => Effect.Effect<ExtendedPrincipal, InvalidCodeError | ForbiddenError>;
|
|
10
|
+
declare const VerificationError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => import("effect/Cause").YieldableError & {
|
|
11
|
+
readonly _tag: "@error/Verification";
|
|
12
12
|
} & Readonly<A>;
|
|
13
|
-
export declare class
|
|
13
|
+
export declare class VerificationError extends VerificationError_base<{
|
|
14
14
|
message: string;
|
|
15
15
|
}> {
|
|
16
16
|
}
|
|
17
17
|
export interface VerifyIdTokenOptions extends PasslockOptions {
|
|
18
18
|
token: string;
|
|
19
19
|
}
|
|
20
|
-
export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Effect.Effect<Principal,
|
|
20
|
+
export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Effect.Effect<Principal, VerificationError>;
|
|
21
21
|
export {};
|
|
22
22
|
//# sourceMappingURL=principal.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,MAAM,EAAE,KAAK,KAAK,EAAuB,MAAM,QAAQ,CAAA;AAGtE,OAAO,EAGL,KAAK,YAAY,EAKlB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EACL,KAAK,iBAAiB,EAGtB,KAAK,SAAS,EACf,MAAM,yBAAyB,CAAA;AAEhC,OAAO,KAAK,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAEzE,MAAM,WAAW,mBAAoB,SAAQ,oBAAoB;IAC/D,IAAI,EAAE,MAAM,CAAA;CACb;AAED,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,EAC5B,aAAY,KAAK,CAAC,KAAK,CAAC,YAAY,CAAoB,KACvD,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,gBAAgB,GAAG,cAAc,CAiDlE,CAAA;;;;AAEH,qBAAa,iBAAkB,SAAQ,uBAAwC;IAC7E,OAAO,EAAE,MAAM,CAAA;CAChB,CAAC;CAAG;AAEL,MAAM,WAAW,oBAAqB,SAAQ,eAAe;IAC3D,KAAK,EAAE,MAAM,CAAA;CACd;AAED,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,iBAAiB,CAwC1C,CAAA"}
|
|
@@ -1,41 +1,37 @@
|
|
|
1
|
-
import { FetchHttpClient, HttpClient, HttpClientResponse, } from "@effect/platform";
|
|
2
1
|
import { Data, Effect, Match, pipe, Schema } from "effect";
|
|
3
2
|
import * as jose from "jose";
|
|
4
|
-
import {
|
|
3
|
+
import { fetchNetwork, matchStatus, NetworkFetchLive, } from "../network.js";
|
|
4
|
+
import { ForbiddenError, InvalidCodeError } from "../schemas/errors.js";
|
|
5
5
|
import { ExtendedPrincipalSchema, IdTokenSchema, } from "../schemas/principal.js";
|
|
6
|
-
export const exchangeCode = (options,
|
|
7
|
-
const client = yield* HttpClient.HttpClient;
|
|
6
|
+
export const exchangeCode = (options, fetchLayer = NetworkFetchLive) => pipe(Effect.gen(function* () {
|
|
8
7
|
const baseUrl = options.endpoint ?? "https://api.passlock.dev";
|
|
9
8
|
const { tenancyId, code } = options;
|
|
10
9
|
const url = new URL(`/${tenancyId}/principal/${code}`, baseUrl);
|
|
11
|
-
const response = yield*
|
|
12
|
-
headers: {
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
10
|
+
const response = yield* fetchNetwork(url, "get", undefined, {
|
|
11
|
+
headers: {
|
|
12
|
+
authorization: `Bearer ${options.apiKey}`,
|
|
13
|
+
},
|
|
14
|
+
});
|
|
15
|
+
const encoded = yield* matchStatus(response, {
|
|
16
|
+
"2xx": ({ json }) => pipe(json, Effect.flatMap(Schema.decodeUnknown(ExtendedPrincipalSchema))),
|
|
17
|
+
orElse: ({ json }) => pipe(json, Effect.flatMap(Schema.decodeUnknown(Schema.Union(InvalidCodeError, ForbiddenError)))),
|
|
17
18
|
});
|
|
18
19
|
return yield* pipe(Match.value(encoded), Match.tag("ExtendedPrincipal", (principal) => Effect.succeed(principal)), Match.tag("@error/InvalidCode", (err) => Effect.fail(err)), Match.tag("@error/Forbidden", (err) => Effect.fail(err)), Match.exhaustive);
|
|
19
20
|
}), Effect.catchTags({
|
|
21
|
+
"@error/NetworkPayload": (err) => Effect.die(err),
|
|
22
|
+
"@error/NetworkRequest": (err) => Effect.die(err),
|
|
23
|
+
"@error/NetworkResponse": (err) => Effect.die(err),
|
|
20
24
|
ParseError: (err) => Effect.die(err),
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
}), Effect.provide(httpClient));
|
|
24
|
-
const createJwks = (endpoint) => Effect.sync(() => {
|
|
25
|
-
const baseUrl = endpoint ?? "https://api.passlock.dev";
|
|
26
|
-
return jose.createRemoteJWKSet(new URL("/.well-known/jwks.json", baseUrl));
|
|
27
|
-
});
|
|
28
|
-
const createCachedRemoteJwks = pipe(Effect.cachedFunction(createJwks), Effect.runSync);
|
|
29
|
-
export class VerificationFailure extends Data.TaggedError("@error/VerificationFailure") {
|
|
25
|
+
}), Effect.provide(fetchLayer));
|
|
26
|
+
export class VerificationError extends Data.TaggedError("@error/Verification") {
|
|
30
27
|
}
|
|
31
28
|
export const verifyIdToken = (options) => pipe(Effect.gen(function* () {
|
|
32
29
|
const JWKS = yield* createCachedRemoteJwks(options.endpoint);
|
|
33
30
|
const { payload } = yield* Effect.tryPromise({
|
|
34
31
|
catch: (err) => {
|
|
35
|
-
console.error(err);
|
|
36
32
|
return err instanceof Error
|
|
37
|
-
? new
|
|
38
|
-
: new
|
|
33
|
+
? new VerificationError({ message: err.message })
|
|
34
|
+
: new VerificationError({ message: String(err) });
|
|
39
35
|
},
|
|
40
36
|
try: () => jose.jwtVerify(options.token, JWKS, {
|
|
41
37
|
audience: options.tenancyId,
|
|
@@ -61,4 +57,9 @@ export const verifyIdToken = (options) => pipe(Effect.gen(function* () {
|
|
|
61
57
|
};
|
|
62
58
|
return principal;
|
|
63
59
|
}), Effect.catchTag("ParseError", (err) => Effect.die(err)));
|
|
60
|
+
const createJwks = (endpoint) => Effect.sync(() => {
|
|
61
|
+
const baseUrl = endpoint ?? "https://api.passlock.dev";
|
|
62
|
+
return jose.createRemoteJWKSet(new URL("/.well-known/jwks.json", baseUrl));
|
|
63
|
+
});
|
|
64
|
+
const createCachedRemoteJwks = pipe(Effect.cachedFunction(createJwks), Effect.runSync);
|
|
64
65
|
//# sourceMappingURL=principal.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"principal.js","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAc,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAEtE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAIjB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EAEL,uBAAuB,EACvB,aAAa,GAEd,MAAM,yBAAyB,CAAA;AAQhC,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EAC5B,aAAwC,gBAAgB,EACa,EAAE,CACvE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IAEnC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,cAAc,IAAI,EAAE,EAAE,OAAO,CAAC,CAAA;IAE/D,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE;SAC1C;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAClB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC,CAC9D;QACH,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACnB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CACZ,MAAM,CAAC,aAAa,CAClB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAC/C,CACF,CACF;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,SAAS,EAAE,EAAE,CAC3C,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,EACD,KAAK,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAEH,MAAM,OAAO,iBAAkB,SAAQ,IAAI,CAAC,WAAW,CAAC,qBAAqB,CAE3E;CAAG;AAML,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACgB,EAAE,CAC/C,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAE5D,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAC3C,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE;YACb,OAAO,GAAG,YAAY,KAAK;gBACzB,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC;gBACjD,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACrD,CAAC;QACD,GAAG,EAAE,GAAG,EAAE,CACR,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,MAAM,EAAE,cAAc;SACvB,CAAC;KACL,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QACzD,GAAG,OAAO;QACV,IAAI,EAAE,SAAS;KAChB,CAAC,CAAA;IAEF,MAAM,SAAS,GAAc;QAC3B,IAAI,EAAE,WAAW;QACjB,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC;QAClB,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC;QAChC,iBAAiB,EAAE,SAAS;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,OAAO,EAAE;YACP,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC;YAC9B,QAAQ,EAAE,IAAI;SACf;QACD,MAAM,EAAE,OAAO,CAAC,GAAG;KACpB,CAAA;IAED,OAAO,SAAS,CAAA;AAClB,CAAC,CAAC,EACF,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CACxD,CAAA;AAEH,MAAM,UAAU,GAAG,CAAC,QAAiB,EAAE,EAAE,CACvC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE;IACf,MAAM,OAAO,GAAG,QAAQ,IAAI,0BAA0B,CAAA;IAEtD,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC,CAAA;AAC5E,CAAC,CAAC,CAAA;AAEJ,MAAM,sBAAsB,GAAG,IAAI,CACjC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,EACjC,MAAM,CAAC,OAAO,CACf,CAAA","sourcesContent":["import { Data, Effect, type Layer, Match, pipe, Schema } from \"effect\"\n\nimport * as jose from \"jose\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponseError,\n} from \"../network.js\"\nimport { ForbiddenError, InvalidCodeError } from \"../schemas/errors.js\"\nimport {\n type ExtendedPrincipal,\n ExtendedPrincipalSchema,\n IdTokenSchema,\n type Principal,\n} from \"../schemas/principal.js\"\n\nimport type { AuthenticatedOptions, PasslockOptions } from \"../shared.js\"\n\nexport interface ExchangeCodeOptions extends AuthenticatedOptions {\n code: string\n}\n\nexport const exchangeCode = (\n options: ExchangeCodeOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<ExtendedPrincipal, InvalidCodeError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, code } = options\n\n const url = new URL(`/${tenancyId}/principal/${code}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: {\n authorization: `Bearer ${options.apiKey}`,\n },\n })\n\n const encoded: ExtendedPrincipal | InvalidCodeError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": ({ json }) =>\n pipe(\n json,\n Effect.flatMap(Schema.decodeUnknown(ExtendedPrincipalSchema))\n ),\n orElse: ({ json }) =>\n pipe(\n json,\n Effect.flatMap(\n Schema.decodeUnknown(\n Schema.Union(InvalidCodeError, ForbiddenError)\n )\n )\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"ExtendedPrincipal\", (principal) =>\n Effect.succeed(principal)\n ),\n Match.tag(\"@error/InvalidCode\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\nexport class VerificationError extends Data.TaggedError(\"@error/Verification\")<{\n message: string\n}> {}\n\nexport interface VerifyIdTokenOptions extends PasslockOptions {\n token: string\n}\n\nexport const verifyIdToken = (\n options: VerifyIdTokenOptions\n): Effect.Effect<Principal, VerificationError> =>\n pipe(\n Effect.gen(function* () {\n const JWKS = yield* createCachedRemoteJwks(options.endpoint)\n\n const { payload } = yield* Effect.tryPromise({\n catch: (err) => {\n return err instanceof Error\n ? new VerificationError({ message: err.message })\n : new VerificationError({ message: String(err) })\n },\n try: () =>\n jose.jwtVerify(options.token, JWKS, {\n audience: options.tenancyId,\n issuer: \"passlock.dev\",\n }),\n })\n\n const idToken = yield* Schema.decodeUnknown(IdTokenSchema)({\n ...payload,\n _tag: \"IdToken\",\n })\n\n const principal: Principal = {\n _tag: \"Principal\",\n id: idToken[\"jti\"],\n authenticatorId: idToken[\"a:id\"],\n authenticatorType: \"passkey\",\n createdAt: idToken.iat * 1000,\n expiresAt: idToken.exp * 1000,\n passkey: {\n userVerified: idToken[\"pk:uv\"],\n verified: true,\n },\n userId: idToken.sub,\n }\n\n return principal\n }),\n Effect.catchTag(\"ParseError\", (err) => Effect.die(err))\n )\n\nconst createJwks = (endpoint?: string) =>\n Effect.sync(() => {\n const baseUrl = endpoint ?? \"https://api.passlock.dev\"\n\n return jose.createRemoteJWKSet(new URL(\"/.well-known/jwks.json\", baseUrl))\n })\n\nconst createCachedRemoteJwks = pipe(\n Effect.cachedFunction(createJwks),\n Effect.runSync\n)\n"]}
|
package/dist/safe.d.ts
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Safe functions that
|
|
3
|
-
*
|
|
4
|
-
*
|
|
2
|
+
* Safe functions that return discriminated unions representing
|
|
3
|
+
* the successful outcome or expected failures.
|
|
4
|
+
*
|
|
5
|
+
* Note: unexpected runtime failures may still throw.
|
|
5
6
|
*
|
|
6
7
|
* @categoryDescription Passkeys
|
|
7
8
|
* Functions and related types for managing passkeys
|
|
@@ -10,15 +11,15 @@
|
|
|
10
11
|
*
|
|
11
12
|
* @module safe
|
|
12
13
|
*/
|
|
13
|
-
import type {
|
|
14
|
-
import type { AssignUserOptions,
|
|
14
|
+
import type { ForbiddenError, InvalidCodeError, NotFoundError, VerificationError } from "./errors.js";
|
|
15
|
+
import type { AssignUserOptions, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions } from "./passkey/passkey.js";
|
|
15
16
|
import type { ExchangeCodeOptions, VerifyIdTokenOptions } from "./principal/principal.js";
|
|
16
17
|
import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
|
|
17
18
|
/**
|
|
18
19
|
* Assign a custom User ID to a passkey. Will be reflected in the next
|
|
19
20
|
* {@link Principal} or {@link ExtendedPrincipal} generated.
|
|
20
21
|
*
|
|
21
|
-
* **Note:** This does not change the underlying WebAuthn credential's
|
|
22
|
+
* **Note:** This does not change the underlying WebAuthn credential's `userId`.
|
|
22
23
|
* Instead we apply a layer of indirection.
|
|
23
24
|
*
|
|
24
25
|
* @see {@link Principal}
|
|
@@ -30,7 +31,7 @@ import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
|
|
|
30
31
|
*
|
|
31
32
|
* @category Passkeys
|
|
32
33
|
*/
|
|
33
|
-
export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey |
|
|
34
|
+
export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey | NotFoundError | ForbiddenError>;
|
|
34
35
|
/**
|
|
35
36
|
* Can also be used to assign a custom User ID, but also allows you to update
|
|
36
37
|
* the username.
|
|
@@ -47,7 +48,23 @@ export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey
|
|
|
47
48
|
*
|
|
48
49
|
* @category Passkeys
|
|
49
50
|
*/
|
|
50
|
-
export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<Passkey |
|
|
51
|
+
export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<Passkey | NotFoundError | ForbiddenError>;
|
|
52
|
+
/**
|
|
53
|
+
* Update the username for all passkeys belonging to a given user.
|
|
54
|
+
*
|
|
55
|
+
* **Important:** changing the username has no bearing on authentication, as
|
|
56
|
+
* it's typically only used in the client-side component of the passkey
|
|
57
|
+
* (so the user knows which account the passkey relates to).
|
|
58
|
+
*
|
|
59
|
+
* However you might choose to align the username in your vault with the
|
|
60
|
+
* client-side component to simplify end user support.
|
|
61
|
+
*
|
|
62
|
+
* @param request
|
|
63
|
+
* @returns A promise resolving to either updated passkey usernames or an API error.
|
|
64
|
+
*
|
|
65
|
+
* @category Passkeys
|
|
66
|
+
*/
|
|
67
|
+
export declare const updatePasskeyUsernames: (request: UpdatePasskeyUsernamesOptions) => Promise<UpdatedPasskeyUsernames | NotFoundError | ForbiddenError>;
|
|
51
68
|
/**
|
|
52
69
|
* Delete a passkey from your vault.
|
|
53
70
|
*
|
|
@@ -68,11 +85,11 @@ export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<P
|
|
|
68
85
|
* @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
|
|
69
86
|
*
|
|
70
87
|
* @param options
|
|
71
|
-
* @returns A promise resolving to either deleted
|
|
88
|
+
* @returns A promise resolving to either the deleted passkey or an API error.
|
|
72
89
|
*
|
|
73
90
|
* @category Passkeys
|
|
74
91
|
*/
|
|
75
|
-
export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<
|
|
92
|
+
export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<Passkey | ForbiddenError | NotFoundError>;
|
|
76
93
|
/**
|
|
77
94
|
* Fetch details about a passkey. **Important**: Not to be confused with
|
|
78
95
|
* the {@link exchangeCode} or {@link verifyIdToken} functions, which
|
|
@@ -84,7 +101,7 @@ export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<D
|
|
|
84
101
|
*
|
|
85
102
|
* @category Passkeys
|
|
86
103
|
*/
|
|
87
|
-
export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey |
|
|
104
|
+
export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey | ForbiddenError | NotFoundError>;
|
|
88
105
|
/**
|
|
89
106
|
* List passkeys for the given tenancy. Note: This could return a cursor.
|
|
90
107
|
* If so, call again, passing the cursor back in.
|
|
@@ -94,7 +111,7 @@ export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey
|
|
|
94
111
|
*
|
|
95
112
|
* @category Passkeys
|
|
96
113
|
*/
|
|
97
|
-
export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys |
|
|
114
|
+
export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys | ForbiddenError>;
|
|
98
115
|
/**
|
|
99
116
|
* The @passlock/client library generates codes, which you should send to
|
|
100
117
|
* your backend. Use this function to exchange the code for details about
|
|
@@ -108,12 +125,13 @@ export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<Find
|
|
|
108
125
|
*
|
|
109
126
|
* @category Principal
|
|
110
127
|
*/
|
|
111
|
-
export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<ExtendedPrincipal |
|
|
128
|
+
export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<ExtendedPrincipal | ForbiddenError | InvalidCodeError>;
|
|
112
129
|
/**
|
|
113
130
|
* Decode and verify an id_token (JWT) locally.
|
|
114
|
-
* **Note:** This will make a network call to
|
|
115
|
-
*
|
|
116
|
-
*
|
|
131
|
+
* **Note:** This will make a network call to
|
|
132
|
+
* `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
|
|
133
|
+
* to fetch the relevant public key. The response will be cached, however
|
|
134
|
+
* bear in mind that for something like AWS Lambda it will make the call on every
|
|
117
135
|
* cold start so might actually be slower than {@link exchangeCode}
|
|
118
136
|
*
|
|
119
137
|
* @see {@link Principal}
|
|
@@ -123,11 +141,11 @@ export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<Ext
|
|
|
123
141
|
*
|
|
124
142
|
* @category Principal
|
|
125
143
|
*/
|
|
126
|
-
export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Promise<Principal |
|
|
127
|
-
export type {
|
|
128
|
-
export {
|
|
129
|
-
export type { AssignUserOptions, Credential,
|
|
130
|
-
export {
|
|
144
|
+
export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Promise<Principal | VerificationError>;
|
|
145
|
+
export type { BadRequestError, DuplicateEmailError, ForbiddenError, InvalidCodeError, InvalidEmailError, InvalidTenancyError, NotFoundError, PasskeyNotFoundError, UnauthorizedError, VerificationError, } from "./errors.js";
|
|
146
|
+
export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
|
|
147
|
+
export type { AssignUserOptions, Credential, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, PasskeySummary, Platform, UpdatedPasskeys, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions, } from "./passkey/passkey.js";
|
|
148
|
+
export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
|
|
131
149
|
export type { ExchangeCodeOptions, VerifyIdTokenOptions, } from "./principal/principal.js";
|
|
132
150
|
export type { CredentialDeviceType, Transports, } from "./schemas/passkey.js";
|
|
133
151
|
export type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
|
package/dist/safe.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"safe.d.ts","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"safe.d.ts","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,KAAK,EACV,cAAc,EACd,gBAAgB,EAChB,aAAa,EACb,iBAAiB,EAClB,MAAM,aAAa,CAAA;AACpB,OAAO,KAAK,EACV,iBAAiB,EACjB,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,EAC9B,MAAM,sBAAsB,CAAA;AAS7B,OAAO,KAAK,EACV,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAKjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE1E;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,KACzB,OAAO,CAAC,OAAO,GAAG,aAAa,GAAG,cAAc,CAKhD,CAAA;AAEH;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,GAAG,aAAa,GAAG,cAAc,CAKhD,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,sBAAsB,GACjC,SAAS,6BAA6B,KACrC,OAAO,CAAC,uBAAuB,GAAG,aAAa,GAAG,cAAc,CAKhE,CAAA;AAEH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,GAAG,cAAc,GAAG,aAAa,CAKhD,CAAA;AAEH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,KACzB,OAAO,CAAC,OAAO,GAAG,cAAc,GAAG,aAAa,CAKhD,CAAA;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,KAC1B,OAAO,CAAC,eAAe,GAAG,cAAc,CAKxC,CAAA;AAEH;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,GAAG,cAAc,GAAG,gBAAgB,CAK7D,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,SAAS,GAAG,iBAAiB,CAKrC,CAAA;AAIH,YAAY,EACV,eAAe,EACf,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,iBAAiB,EACjB,UAAU,EACV,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,cAAc,EACd,QAAQ,EACR,eAAe,EACf,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EACV,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,oBAAoB,EACpB,UAAU,GACX,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC1E,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA;AACzE,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}
|
package/dist/safe.js
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Safe functions that
|
|
3
|
-
*
|
|
4
|
-
*
|
|
2
|
+
* Safe functions that return discriminated unions representing
|
|
3
|
+
* the successful outcome or expected failures.
|
|
4
|
+
*
|
|
5
|
+
* Note: unexpected runtime failures may still throw.
|
|
5
6
|
*
|
|
6
7
|
* @categoryDescription Passkeys
|
|
7
8
|
* Functions and related types for managing passkeys
|
|
@@ -10,15 +11,14 @@
|
|
|
10
11
|
*
|
|
11
12
|
* @module safe
|
|
12
13
|
*/
|
|
13
|
-
import { FetchHttpClient } from "@effect/platform";
|
|
14
14
|
import { Effect, identity, pipe } from "effect";
|
|
15
|
-
import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, updatePasskey as updatePasskeyE, } from "./passkey/passkey.js";
|
|
15
|
+
import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, updatePasskey as updatePasskeyE, updatePasskeyUsernames as updatePasskeyUsernamesE, } from "./passkey/passkey.js";
|
|
16
16
|
import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE, } from "./principal/principal.js";
|
|
17
17
|
/**
|
|
18
18
|
* Assign a custom User ID to a passkey. Will be reflected in the next
|
|
19
19
|
* {@link Principal} or {@link ExtendedPrincipal} generated.
|
|
20
20
|
*
|
|
21
|
-
* **Note:** This does not change the underlying WebAuthn credential's
|
|
21
|
+
* **Note:** This does not change the underlying WebAuthn credential's `userId`.
|
|
22
22
|
* Instead we apply a layer of indirection.
|
|
23
23
|
*
|
|
24
24
|
* @see {@link Principal}
|
|
@@ -48,6 +48,22 @@ export const assignUser = (request) => pipe(assignUserE(request), Effect.match({
|
|
|
48
48
|
* @category Passkeys
|
|
49
49
|
*/
|
|
50
50
|
export const updatePasskey = (request) => pipe(updatePasskeyE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
51
|
+
/**
|
|
52
|
+
* Update the username for all passkeys belonging to a given user.
|
|
53
|
+
*
|
|
54
|
+
* **Important:** changing the username has no bearing on authentication, as
|
|
55
|
+
* it's typically only used in the client-side component of the passkey
|
|
56
|
+
* (so the user knows which account the passkey relates to).
|
|
57
|
+
*
|
|
58
|
+
* However you might choose to align the username in your vault with the
|
|
59
|
+
* client-side component to simplify end user support.
|
|
60
|
+
*
|
|
61
|
+
* @param request
|
|
62
|
+
* @returns A promise resolving to either updated passkey usernames or an API error.
|
|
63
|
+
*
|
|
64
|
+
* @category Passkeys
|
|
65
|
+
*/
|
|
66
|
+
export const updatePasskeyUsernames = (request) => pipe(updatePasskeyUsernamesE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
51
67
|
/**
|
|
52
68
|
* Delete a passkey from your vault.
|
|
53
69
|
*
|
|
@@ -68,7 +84,7 @@ export const updatePasskey = (request) => pipe(updatePasskeyE(request), Effect.m
|
|
|
68
84
|
* @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
|
|
69
85
|
*
|
|
70
86
|
* @param options
|
|
71
|
-
* @returns A promise resolving to either deleted
|
|
87
|
+
* @returns A promise resolving to either the deleted passkey or an API error.
|
|
72
88
|
*
|
|
73
89
|
* @category Passkeys
|
|
74
90
|
*/
|
|
@@ -108,12 +124,13 @@ export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.mat
|
|
|
108
124
|
*
|
|
109
125
|
* @category Principal
|
|
110
126
|
*/
|
|
111
|
-
export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.
|
|
127
|
+
export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
112
128
|
/**
|
|
113
129
|
* Decode and verify an id_token (JWT) locally.
|
|
114
|
-
* **Note:** This will make a network call to
|
|
115
|
-
*
|
|
116
|
-
*
|
|
130
|
+
* **Note:** This will make a network call to
|
|
131
|
+
* `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
|
|
132
|
+
* to fetch the relevant public key. The response will be cached, however
|
|
133
|
+
* bear in mind that for something like AWS Lambda it will make the call on every
|
|
117
134
|
* cold start so might actually be slower than {@link exchangeCode}
|
|
118
135
|
*
|
|
119
136
|
* @see {@link Principal}
|
|
@@ -124,7 +141,7 @@ export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.mat
|
|
|
124
141
|
* @category Principal
|
|
125
142
|
*/
|
|
126
143
|
export const verifyIdToken = (options) => pipe(verifyIdTokenE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
|
|
127
|
-
export {
|
|
128
|
-
export {
|
|
144
|
+
export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
|
|
145
|
+
export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
|
|
129
146
|
export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
|
|
130
147
|
//# sourceMappingURL=safe.js.map
|
package/dist/safe.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"safe.js","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAA;AAClD,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAiB/C,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EACL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,0BAA0B,CAAA;AAGjC;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACe,EAAE,CAC3C,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACY,EAAE,CAC3C,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACmB,EAAE,CAClD,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACe,EAAE,CAC3C,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EACW,EAAE,CACxC,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EAC0B,EAAE,CACxD,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,EACrC,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACa,EAAE,CAC5C,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAgBH,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,qBAAqB,GACtB,MAAM,aAAa,CAAA;AAcpB,OAAO,EACL,gBAAgB,EAChB,SAAS,EACT,gBAAgB,GACjB,MAAM,sBAAsB,CAAA;AAU7B,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA","sourcesContent":["/**\n * Safe functions that don't throw but instead\n * return a discriminated union of types representing\n * the successful outcome or failures.\n *\n * @categoryDescription Passkeys\n * Functions and related types for managing passkeys\n *\n * @showCategories\n *\n * @module safe\n */\n\nimport { FetchHttpClient } from \"@effect/platform\"\nimport { Effect, identity, pipe } from \"effect\"\nimport type {\n Forbidden,\n InvalidCode,\n NotFound,\n VerificationFailure,\n} from \"./errors.js\"\nimport type {\n AssignUserOptions,\n DeletedPasskey,\n DeletePasskeyOptions,\n FindAllPasskeys,\n GetPasskeyOptions,\n ListPasskeyOptions,\n Passkey,\n UpdatePasskeyOptions,\n} from \"./passkey/passkey.js\"\nimport {\n assignUser as assignUserE,\n deletePasskey as deletePasskeyE,\n getPasskey as getPasskeyE,\n listPasskeys as listPasskeysE,\n updatePasskey as updatePasskeyE,\n} from \"./passkey/passkey.js\"\nimport type {\n ExchangeCodeOptions,\n VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nimport {\n exchangeCode as exchangeCodeE,\n verifyIdToken as verifyIdTokenE,\n} from \"./principal/principal.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\n\n/**\n * Assign a custom User ID to a passkey. Will be reflected in the next\n * {@link Principal} or {@link ExtendedPrincipal} generated.\n *\n * **Note:** This does not change the underlying WebAuthn credential's userID.\n * Instead we apply a layer of indirection.\n *\n * @see {@link Principal}\n * @see {@link ExtendedPrincipal}\n * @see [credential](https://passlock.dev/rest-api/credential/)\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const assignUser = (\n request: AssignUserOptions\n): Promise<Passkey | NotFound | Forbidden> =>\n pipe(\n assignUserE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Can also be used to assign a custom User ID, but also allows you to update\n * the username.\n *\n * **Important:** changing the username has no bearing on authentication, as\n * it's typically only used in the client-side component of the passkey\n * (so the user knows which account the passkey relates to).\n *\n * However you might choose to align the username in your vault with the\n * client-side component to simplify end user support.\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n request: UpdatePasskeyOptions\n): Promise<Passkey | NotFound | Forbidden> =>\n pipe(\n updatePasskeyE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Delete a passkey from your vault.\n *\n * **Note:** The user will still retain the passkey on their device so\n * you will need to either:\n *\n * a) Use the @passlock/client functions to delete the passkey from the user's device.\n * b) Remind the user to delete the passkey\n *\n * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.\n *\n * In addition, during authentication you should handle a missing passkey scenario.\n * This happens when a user tries to authenticate with a passkey that is missing from\n * your vault. The @passlock/client library can help with this. See\n * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)\n * @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @param options\n * @returns A promise resolving to either deleted-passkey details or an API error.\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n options: DeletePasskeyOptions\n): Promise<DeletedPasskey | Forbidden | NotFound> =>\n pipe(\n deletePasskeyE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Fetch details about a passkey. **Important**: Not to be confused with\n * the {@link exchangeCode} or {@link verifyIdToken} functions, which\n * return details about specific authentication or registration operations.\n * Use this function for passkey management, not authentication.\n *\n * @param options\n * @returns A promise resolving to either passkey details or an API error.\n *\n * @category Passkeys\n */\nexport const getPasskey = (\n options: GetPasskeyOptions\n): Promise<Passkey | Forbidden | NotFound> =>\n pipe(\n getPasskeyE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * List passkeys for the given tenancy. Note: This could return a cursor.\n * If so, call again, passing the cursor back in.\n *\n * @param options\n * @returns A promise resolving to a page of passkey summaries or an API error.\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n options: ListPasskeyOptions\n): Promise<FindAllPasskeys | Forbidden> =>\n pipe(\n listPasskeysE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * The @passlock/client library generates codes, which you should send to\n * your backend. Use this function to exchange the code for details about\n * the registration or authentication operation. **Note:** a code is valid\n * for 5 minutes.\n *\n * @see {@link ExtendedPrincipal}\n *\n * @param options\n * @returns A promise resolving to an extended principal or an API error.\n *\n * @category Principal\n */\nexport const exchangeCode = (\n options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal | Forbidden | InvalidCode> =>\n pipe(\n exchangeCodeE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.provide(FetchHttpClient.layer),\n Effect.runPromise\n )\n\n/**\n * Decode and verify an id_token (JWT) locally.\n * **Note:** This will make a network call to the passlock.dev/.well-known/jwks.json\n * endpoint to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n *\n * @see {@link Principal}\n *\n * @param options\n * @returns A promise resolving to a verified principal or verification failure.\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n options: VerifyIdTokenOptions\n): Promise<Principal | VerificationFailure> =>\n pipe(\n verifyIdTokenE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/* Re-exports */\n\nexport type {\n BadRequest,\n DuplicateEmail,\n Forbidden,\n InvalidCode,\n InvalidEmail,\n InvalidTenancy,\n NotFound,\n PasskeyNotFound,\n Unauthorized,\n VerificationFailure,\n} from \"./errors.js\"\nexport {\n isBadRequest,\n isDuplicateEmail,\n isForbidden,\n isInvalidCode,\n isInvalidEmail,\n isInvalidTenancy,\n isNotFound,\n isPasskeyNotFound,\n isUnauthorized,\n isVerificationFailure,\n} from \"./errors.js\"\nexport type {\n AssignUserOptions,\n Credential,\n DeletedPasskey,\n DeletePasskeyOptions,\n FindAllPasskeys,\n GetPasskeyOptions,\n ListPasskeyOptions,\n Passkey,\n PasskeySummary,\n Platform,\n UpdatePasskeyOptions,\n} from \"./passkey/passkey.js\"\nexport {\n isDeletedPasskey,\n isPasskey,\n isPasskeySummary,\n} from \"./passkey/passkey.js\"\nexport type {\n ExchangeCodeOptions,\n VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nexport type {\n CredentialDeviceType,\n Transports,\n} from \"./schemas/passkey.js\"\nexport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nexport { isExtendedPrincipal, isPrincipal } from \"./schemas/principal.js\"\nexport type {\n AuthenticatedOptions,\n PasslockOptions,\n} from \"./shared.js\"\n"]}
|
|
1
|
+
{"version":3,"file":"safe.js","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAkB/C,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,EAC/B,sBAAsB,IAAI,uBAAuB,GAClD,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EACL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,0BAA0B,CAAA;AAGjC;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACyB,EAAE,CACrD,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACsB,EAAE,CACrD,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EAC6B,EAAE,CACrE,IAAI,CACF,uBAAuB,CAAC,OAAO,CAAC,EAChC,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACsB,EAAE,CACrD,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACyB,EAAE,CACrD,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EACgB,EAAE,CAC7C,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EACoC,EAAE,CAClE,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACW,EAAE,CAC1C,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAgBH,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AAgBpB,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAU7B,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA","sourcesContent":["/**\n * Safe functions that return discriminated unions representing\n * the successful outcome or expected failures.\n *\n * Note: unexpected runtime failures may still throw.\n *\n * @categoryDescription Passkeys\n * Functions and related types for managing passkeys\n *\n * @showCategories\n *\n * @module safe\n */\n\nimport { Effect, identity, pipe } from \"effect\"\nimport type {\n ForbiddenError,\n InvalidCodeError,\n NotFoundError,\n VerificationError,\n} from \"./errors.js\"\nimport type {\n AssignUserOptions,\n DeletePasskeyOptions,\n FindAllPasskeys,\n GetPasskeyOptions,\n ListPasskeyOptions,\n Passkey,\n UpdatedPasskeyUsernames,\n UpdatePasskeyOptions,\n UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nimport {\n assignUser as assignUserE,\n deletePasskey as deletePasskeyE,\n getPasskey as getPasskeyE,\n listPasskeys as listPasskeysE,\n updatePasskey as updatePasskeyE,\n updatePasskeyUsernames as updatePasskeyUsernamesE,\n} from \"./passkey/passkey.js\"\nimport type {\n ExchangeCodeOptions,\n VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nimport {\n exchangeCode as exchangeCodeE,\n verifyIdToken as verifyIdTokenE,\n} from \"./principal/principal.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\n\n/**\n * Assign a custom User ID to a passkey. Will be reflected in the next\n * {@link Principal} or {@link ExtendedPrincipal} generated.\n *\n * **Note:** This does not change the underlying WebAuthn credential's `userId`.\n * Instead we apply a layer of indirection.\n *\n * @see {@link Principal}\n * @see {@link ExtendedPrincipal}\n * @see [credential](https://passlock.dev/rest-api/credential/)\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const assignUser = (\n request: AssignUserOptions\n): Promise<Passkey | NotFoundError | ForbiddenError> =>\n pipe(\n assignUserE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Can also be used to assign a custom User ID, but also allows you to update\n * the username.\n *\n * **Important:** changing the username has no bearing on authentication, as\n * it's typically only used in the client-side component of the passkey\n * (so the user knows which account the passkey relates to).\n *\n * However you might choose to align the username in your vault with the\n * client-side component to simplify end user support.\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n request: UpdatePasskeyOptions\n): Promise<Passkey | NotFoundError | ForbiddenError> =>\n pipe(\n updatePasskeyE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Update the username for all passkeys belonging to a given user.\n *\n * **Important:** changing the username has no bearing on authentication, as\n * it's typically only used in the client-side component of the passkey\n * (so the user knows which account the passkey relates to).\n *\n * However you might choose to align the username in your vault with the\n * client-side component to simplify end user support.\n *\n * @param request\n * @returns A promise resolving to either updated passkey usernames or an API error.\n *\n * @category Passkeys\n */\nexport const updatePasskeyUsernames = (\n request: UpdatePasskeyUsernamesOptions\n): Promise<UpdatedPasskeyUsernames | NotFoundError | ForbiddenError> =>\n pipe(\n updatePasskeyUsernamesE(request),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Delete a passkey from your vault.\n *\n * **Note:** The user will still retain the passkey on their device so\n * you will need to either:\n *\n * a) Use the @passlock/client functions to delete the passkey from the user's device.\n * b) Remind the user to delete the passkey\n *\n * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.\n *\n * In addition, during authentication you should handle a missing passkey scenario.\n * This happens when a user tries to authenticate with a passkey that is missing from\n * your vault. The @passlock/client library can help with this. See\n * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)\n * @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @param options\n * @returns A promise resolving to either the deleted passkey or an API error.\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n options: DeletePasskeyOptions\n): Promise<Passkey | ForbiddenError | NotFoundError> =>\n pipe(\n deletePasskeyE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Fetch details about a passkey. **Important**: Not to be confused with\n * the {@link exchangeCode} or {@link verifyIdToken} functions, which\n * return details about specific authentication or registration operations.\n * Use this function for passkey management, not authentication.\n *\n * @param options\n * @returns A promise resolving to either passkey details or an API error.\n *\n * @category Passkeys\n */\nexport const getPasskey = (\n options: GetPasskeyOptions\n): Promise<Passkey | ForbiddenError | NotFoundError> =>\n pipe(\n getPasskeyE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * List passkeys for the given tenancy. Note: This could return a cursor.\n * If so, call again, passing the cursor back in.\n *\n * @param options\n * @returns A promise resolving to a page of passkey summaries or an API error.\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n options: ListPasskeyOptions\n): Promise<FindAllPasskeys | ForbiddenError> =>\n pipe(\n listPasskeysE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * The @passlock/client library generates codes, which you should send to\n * your backend. Use this function to exchange the code for details about\n * the registration or authentication operation. **Note:** a code is valid\n * for 5 minutes.\n *\n * @see {@link ExtendedPrincipal}\n *\n * @param options\n * @returns A promise resolving to an extended principal or an API error.\n *\n * @category Principal\n */\nexport const exchangeCode = (\n options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal | ForbiddenError | InvalidCodeError> =>\n pipe(\n exchangeCodeE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/**\n * Decode and verify an id_token (JWT) locally.\n * **Note:** This will make a network call to\n * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)\n * to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS Lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n *\n * @see {@link Principal}\n *\n * @param options\n * @returns A promise resolving to a verified principal or verification failure.\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n options: VerifyIdTokenOptions\n): Promise<Principal | VerificationError> =>\n pipe(\n verifyIdTokenE(options),\n Effect.match({ onFailure: identity, onSuccess: identity }),\n Effect.runPromise\n )\n\n/* Re-exports */\n\nexport type {\n BadRequestError,\n DuplicateEmailError,\n ForbiddenError,\n InvalidCodeError,\n InvalidEmailError,\n InvalidTenancyError,\n NotFoundError,\n PasskeyNotFoundError,\n UnauthorizedError,\n VerificationError,\n} from \"./errors.js\"\nexport {\n isBadRequestError,\n isDuplicateEmailError,\n isForbiddenError,\n isInvalidCodeError,\n isInvalidEmailError,\n isInvalidTenancyError,\n isNotFoundError,\n isPasskeyNotFoundError,\n isUnauthorizedError,\n isVerificationError,\n} from \"./errors.js\"\nexport type {\n AssignUserOptions,\n Credential,\n DeletePasskeyOptions,\n FindAllPasskeys,\n GetPasskeyOptions,\n ListPasskeyOptions,\n Passkey,\n PasskeySummary,\n Platform,\n UpdatedPasskeys,\n UpdatedPasskeyUsernames,\n UpdatePasskeyOptions,\n UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nexport {\n isPasskey,\n isPasskeySummary,\n isUpdatedPasskeys,\n isUpdatedPasskeyUsernames,\n} from \"./passkey/passkey.js\"\nexport type {\n ExchangeCodeOptions,\n VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nexport type {\n CredentialDeviceType,\n Transports,\n} from \"./schemas/passkey.js\"\nexport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nexport { isExtendedPrincipal, isPrincipal } from \"./schemas/principal.js\"\nexport type {\n AuthenticatedOptions,\n PasslockOptions,\n} from \"./shared.js\"\n"]}
|
package/dist/schemas/errors.d.ts
CHANGED
|
@@ -1,25 +1,2 @@
|
|
|
1
|
-
|
|
2
|
-
* @category Authentication
|
|
3
|
-
*/
|
|
4
|
-
export declare const isUnauthorized: (payload: unknown) => payload is Unauthorized;
|
|
5
|
-
/**
|
|
6
|
-
* @category Authentication
|
|
7
|
-
*/
|
|
8
|
-
export declare const isForbidden: (payload: unknown) => payload is Forbidden;
|
|
9
|
-
/**
|
|
10
|
-
* @category Principal
|
|
11
|
-
*/
|
|
12
|
-
export declare const isInvalidCode: (payload: unknown) => payload is InvalidCode;
|
|
13
|
-
export declare const isInvalidTenancy: (payload: unknown) => payload is InvalidTenancy;
|
|
14
|
-
/**
|
|
15
|
-
* @param payload
|
|
16
|
-
* @returns `true` if the payload is a {@link PasskeyNotFound} error.
|
|
17
|
-
*
|
|
18
|
-
* @category Passkeys
|
|
19
|
-
*/
|
|
20
|
-
export declare const isPasskeyNotFound: (payload: unknown) => payload is PasskeyNotFound;
|
|
21
|
-
export declare const isNotFound: (payload: unknown) => payload is NotFound;
|
|
22
|
-
export declare const isInvalidEmail: (payload: unknown) => payload is InvalidEmail;
|
|
23
|
-
export declare const isDuplicateEmail: (payload: unknown) => payload is DuplicateEmail;
|
|
24
|
-
export declare const isBadRequest: (payload: unknown) => payload is BadRequest;
|
|
1
|
+
export {};
|
|
25
2
|
//# sourceMappingURL=errors.d.ts.map
|