@passlock/node 2.0.7 → 2.1.0

package/dist/index.d.ts

@@ -1,115 +1,2 @@
-/**
- * Unsafe functions that could potentially throw errors.
- *
- * @categoryDescription Passkeys
- * Functions and related types for managing passkeys
- *
- * @showCategories
- *
- * @module unsafe
- */
-import type { AssignUserOptions, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions } from "./passkey/passkey.js";
-import type { ExchangeCodeOptions, VerifyIdTokenOptions } from "./principal/principal.js";
-import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
-/**
- * Call the Passlock backend API to assign a userId to an authenticator
- *
- * @param request
- * @returns A promise resolving to the updated passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey>;
-/**
- * Call the Passlock backend API to update passkey properties
- *
- * @param request
- * @returns A promise resolving to the updated passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<Passkey>;
-/**
- * Call the Passlock backend API to update all passkeys for a given user
- *
- * @param request
- * @returns A promise resolving to updated usernames for matching passkeys.
- * @throws {@link NotFoundError} if no passkeys are found for the given user
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export declare const updatePasskeyUsernames: (request: UpdatePasskeyUsernamesOptions) => Promise<UpdatedPasskeyUsernames>;
-/**
- * Call the Passlock backend API to delete an authenticator
- *
- * @param options
- * @returns A promise resolving to the deleted passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<Passkey>;
-/**
- * Call the Passlock backend API to fetch an authenticator
- *
- * @param options
- * @returns A promise resolving to the passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey>;
-/**
- * List passkeys for the given tenancy. Note this could return a cursor,
- * in which case the function should be called again with the given cursor.
- *
- * @param options
- * @returns A promise resolving to a page of passkey summaries.
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys>;
-/**
- * Call the Passlock backend API to exchange a code for an ExtendedPrincipal
- *
- * @param options
- * @returns A promise resolving to an extended principal.
- * @throws {@link InvalidCodeError} if the code is invalid or expired
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Principal
- */
-export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<ExtendedPrincipal>;
-/**
- * Decode and verify a Passlock `id_token` (JWT).
- * Note: This will make a network call to
- * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
- * to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS Lambda it will make the call on every
- * cold start so might actually be slower than {@link exchangeCode}
- *
- * @param options
- * @returns A promise resolving to the verified principal.
- * @throws {@link VerificationError} if token verification fails
- *
- * @category Principal
- */
-export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Promise<Principal>;
-export type { BadRequestError, DuplicateEmailError, ForbiddenError, InvalidCodeError, InvalidEmailError, InvalidTenancyError, NotFoundError, PasskeyNotFoundError, UnauthorizedError, VerificationError, } from "./errors.js";
-export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
-export type { AssignUserOptions, Credential, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, PasskeySummary, Platform, UpdatedPasskeys, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions, } from "./passkey/passkey.js";
-export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
-export type { ExchangeCodeOptions, VerifyIdTokenOptions, } from "./principal/principal.js";
-export type { CredentialDeviceType, Transports, } from "./schemas/passkey.js";
-export type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
-export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
-export type { AuthenticatedOptions, PasslockOptions, } from "./shared.js";
+export {};
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,KAAK,EACV,iBAAiB,EACjB,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,EAC9B,MAAM,sBAAsB,CAAA;AAS7B,OAAO,KAAK,EACV,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAKjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE1E;;;;;;;;;GASG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,CACxB,CAAA;AAE/C;;;;;;;;;GASG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,CAAqD,CAAA;AAEvE;;;;;;;;;GASG;AACH,eAAO,MAAM,sBAAsB,GACjC,SAAS,6BAA6B,KACrC,OAAO,CAAC,uBAAuB,CACyB,CAAA;AAE3D;;;;;;;;;GASG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,CAAqD,CAAA;AAEvE;;;;;;;;;GASG;AACH,eAAO,MAAM,UAAU,GAAI,SAAS,iBAAiB,KAAG,OAAO,CAAC,OAAO,CACxB,CAAA;AAE/C;;;;;;;;;GASG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,KAC1B,OAAO,CAAC,eAAe,CAAoD,CAAA;AAE9E;;;;;;;;;GASG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,CAAoD,CAAA;AAEhF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,SAAS,CAAqD,CAAA;AAIzE,YAAY,EACV,eAAe,EACf,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,iBAAiB,EACjB,UAAU,EACV,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,cAAc,EACd,QAAQ,EACR,eAAe,EACf,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EACV,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,oBAAoB,EACpB,UAAU,GACX,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC1E,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA;AACzE,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}

package/dist/index.js

@@ -1,109 +1,9 @@
-/**
- * Unsafe functions that could potentially throw errors.
- *
- * @categoryDescription Passkeys
- * Functions and related types for managing passkeys
- *
- * @showCategories
- *
- * @module unsafe
- */
-import { Effect, pipe } from "effect";
-import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, updatePasskey as updatePasskeyE, updatePasskeyUsernames as updatePasskeyUsernamesE, } from "./passkey/passkey.js";
-import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE, } from "./principal/principal.js";
-/**
- * Call the Passlock backend API to assign a userId to an authenticator
- *
- * @param request
- * @returns A promise resolving to the updated passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export const assignUser = (request) => pipe(assignUserE(request), Effect.runPromise);
-/**
- * Call the Passlock backend API to update passkey properties
- *
- * @param request
- * @returns A promise resolving to the updated passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export const updatePasskey = (request) => pipe(updatePasskeyE(request), Effect.runPromise);
-/**
- * Call the Passlock backend API to update all passkeys for a given user
- *
- * @param request
- * @returns A promise resolving to updated usernames for matching passkeys.
- * @throws {@link NotFoundError} if no passkeys are found for the given user
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export const updatePasskeyUsernames = (request) => pipe(updatePasskeyUsernamesE(request), Effect.runPromise);
-/**
- * Call the Passlock backend API to delete an authenticator
- *
- * @param options
- * @returns A promise resolving to the deleted passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export const deletePasskey = (options) => pipe(deletePasskeyE(options), Effect.runPromise);
-/**
- * Call the Passlock backend API to fetch an authenticator
- *
- * @param options
- * @returns A promise resolving to the passkey.
- * @throws {@link NotFoundError} if passkey does not exist
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export const getPasskey = (options) => pipe(getPasskeyE(options), Effect.runPromise);
-/**
- * List passkeys for the given tenancy. Note this could return a cursor,
- * in which case the function should be called again with the given cursor.
- *
- * @param options
- * @returns A promise resolving to a page of passkey summaries.
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Passkeys
- */
-export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.runPromise);
-/**
- * Call the Passlock backend API to exchange a code for an ExtendedPrincipal
- *
- * @param options
- * @returns A promise resolving to an extended principal.
- * @throws {@link InvalidCodeError} if the code is invalid or expired
- * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid
- *
- * @category Principal
- */
-export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.runPromise);
-/**
- * Decode and verify a Passlock `id_token` (JWT).
- * Note: This will make a network call to
- * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
- * to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS Lambda it will make the call on every
- * cold start so might actually be slower than {@link exchangeCode}
- *
- * @param options
- * @returns A promise resolving to the verified principal.
- * @throws {@link VerificationError} if token verification fails
- *
- * @category Principal
- */
-export const verifyIdToken = (options) => pipe(verifyIdTokenE(options), Effect.runPromise);
-export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
-export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
-export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
+const isProd = process.env.NODE_ENV === "production";
+const warnedKey = Symbol.for("passlock.node.deprecation.warned");
+const g = globalThis;
+if (!isProd && !g[warnedKey]) {
+    g[warnedKey] = true;
+    console.warn("[DEPRECATED] @passlock/node has been renamed to @passlock/server. Please update your imports.");
+}
+export {};
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAYrC,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,EAC/B,sBAAsB,IAAI,uBAAuB,GAClD,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EACL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,0BAA0B,CAAA;AAGjC;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAAoB,EAAE,CACzE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE/C;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACX,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEvE;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EACJ,EAAE,CACpC,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE3D;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACX,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEvE;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAA0B,EAAoB,EAAE,CACzE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE/C;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EACD,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAE9E;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EACA,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAEhF;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACT,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;AAgBzE,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AAgBpB,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAU7B,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA","sourcesContent":["/**\n * Unsafe functions that could potentially throw errors.\n *\n * @categoryDescription Passkeys\n * Functions and related types for managing passkeys\n *\n * @showCategories\n *\n * @module unsafe\n */\n\nimport { Effect, pipe } from \"effect\"\nimport type {\n  AssignUserOptions,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  UpdatedPasskeyUsernames,\n  UpdatePasskeyOptions,\n  UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nimport {\n  assignUser as assignUserE,\n  deletePasskey as deletePasskeyE,\n  getPasskey as getPasskeyE,\n  listPasskeys as listPasskeysE,\n  updatePasskey as updatePasskeyE,\n  updatePasskeyUsernames as updatePasskeyUsernamesE,\n} from \"./passkey/passkey.js\"\nimport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nimport {\n  exchangeCode as exchangeCodeE,\n  verifyIdToken as verifyIdTokenE,\n} from \"./principal/principal.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\n\n/**\n * Call the Passlock backend API to assign a userId to an authenticator\n *\n * @param request\n * @returns A promise resolving to the updated passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const assignUser = (request: AssignUserOptions): Promise<Passkey> =>\n  pipe(assignUserE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to update passkey properties\n *\n * @param request\n * @returns A promise resolving to the updated passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n  request: UpdatePasskeyOptions\n): Promise<Passkey> => pipe(updatePasskeyE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to update all passkeys for a given user\n *\n * @param request\n * @returns A promise resolving to updated usernames for matching passkeys.\n * @throws {@link NotFoundError} if no passkeys are found for the given user\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const updatePasskeyUsernames = (\n  request: UpdatePasskeyUsernamesOptions\n): Promise<UpdatedPasskeyUsernames> =>\n  pipe(updatePasskeyUsernamesE(request), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to delete an authenticator\n *\n * @param options\n * @returns A promise resolving to the deleted passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n  options: DeletePasskeyOptions\n): Promise<Passkey> => pipe(deletePasskeyE(options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to fetch an authenticator\n *\n * @param options\n * @returns A promise resolving to the passkey.\n * @throws {@link NotFoundError} if passkey does not exist\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const getPasskey = (options: GetPasskeyOptions): Promise<Passkey> =>\n  pipe(getPasskeyE(options), Effect.runPromise)\n\n/**\n * List passkeys for the given tenancy. Note this could return a cursor,\n * in which case the function should be called again with the given cursor.\n *\n * @param options\n * @returns A promise resolving to a page of passkey summaries.\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n  options: ListPasskeyOptions\n): Promise<FindAllPasskeys> => pipe(listPasskeysE(options), Effect.runPromise)\n\n/**\n * Call the Passlock backend API to exchange a code for an ExtendedPrincipal\n *\n * @param options\n * @returns A promise resolving to an extended principal.\n * @throws {@link InvalidCodeError} if the code is invalid or expired\n * @throws {@link ForbiddenError} if the Tenancy ID or API key is invalid\n *\n * @category Principal\n */\nexport const exchangeCode = (\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal> => pipe(exchangeCodeE(options), Effect.runPromise)\n\n/**\n * Decode and verify a Passlock `id_token` (JWT).\n * Note: This will make a network call to\n * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)\n * to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS Lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n *\n * @param options\n * @returns A promise resolving to the verified principal.\n * @throws {@link VerificationError} if token verification fails\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n  options: VerifyIdTokenOptions\n): Promise<Principal> => pipe(verifyIdTokenE(options), Effect.runPromise)\n\n/* Re-exports */\n\nexport type {\n  BadRequestError,\n  DuplicateEmailError,\n  ForbiddenError,\n  InvalidCodeError,\n  InvalidEmailError,\n  InvalidTenancyError,\n  NotFoundError,\n  PasskeyNotFoundError,\n  UnauthorizedError,\n  VerificationError,\n} from \"./errors.js\"\nexport {\n  isBadRequestError,\n  isDuplicateEmailError,\n  isForbiddenError,\n  isInvalidCodeError,\n  isInvalidEmailError,\n  isInvalidTenancyError,\n  isNotFoundError,\n  isPasskeyNotFoundError,\n  isUnauthorizedError,\n  isVerificationError,\n} from \"./errors.js\"\nexport type {\n  AssignUserOptions,\n  Credential,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  PasskeySummary,\n  Platform,\n  UpdatedPasskeys,\n  UpdatedPasskeyUsernames,\n  UpdatePasskeyOptions,\n  UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nexport {\n  isPasskey,\n  isPasskeySummary,\n  isUpdatedPasskeys,\n  isUpdatedPasskeyUsernames,\n} from \"./passkey/passkey.js\"\nexport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nexport type {\n  CredentialDeviceType,\n  Transports,\n} from \"./schemas/passkey.js\"\nexport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nexport { isExtendedPrincipal, isPrincipal } from \"./schemas/principal.js\"\nexport type {\n  AuthenticatedOptions,\n  PasslockOptions,\n} from \"./shared.js\"\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;AAErD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;AAMjE,MAAM,CAAC,GAAG,UAAgC,CAAC;AAE3C,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC;IAC7B,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IAEpB,OAAO,CAAC,IAAI,CACV,+FAA+F,CAChG,CAAC;AACJ,CAAC","sourcesContent":["const isProd = process.env.NODE_ENV === \"production\";\n\nconst warnedKey = Symbol.for(\"passlock.node.deprecation.warned\");\n\ntype GlobalWithWarnFlag = typeof globalThis & {\n  [warnedKey]?: boolean;\n};\n\nconst g = globalThis as GlobalWithWarnFlag;\n\nif (!isProd && !g[warnedKey]) {\n  g[warnedKey] = true;\n\n  console.warn(\n    \"[DEPRECATED] @passlock/node has been renamed to @passlock/server. Please update your imports.\"\n  );\n}"]}

package/dist/safe.d.ts

@@ -1,154 +1,2 @@
-/**
- * Safe functions that return discriminated unions representing
- * the successful outcome or expected failures.
- *
- * Note: unexpected runtime failures may still throw.
- *
- * @categoryDescription Passkeys
- * Functions and related types for managing passkeys
- *
- * @showCategories
- *
- * @module safe
- */
-import type { ForbiddenError, InvalidCodeError, NotFoundError, VerificationError } from "./errors.js";
-import type { AssignUserOptions, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions } from "./passkey/passkey.js";
-import type { ExchangeCodeOptions, VerifyIdTokenOptions } from "./principal/principal.js";
-import type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
-/**
- * Assign a custom User ID to a passkey. Will be reflected in the next
- * {@link Principal} or {@link ExtendedPrincipal} generated.
- *
- * **Note:** This does not change the underlying WebAuthn credential's `userId`.
- * Instead we apply a layer of indirection.
- *
- * @see {@link Principal}
- * @see {@link ExtendedPrincipal}
- * @see [credential](https://passlock.dev/rest-api/credential/)
- *
- * @param request
- * @returns A promise resolving to either a passkey or an API error.
- *
- * @category Passkeys
- */
-export declare const assignUser: (request: AssignUserOptions) => Promise<Passkey | NotFoundError | ForbiddenError>;
-/**
- * Can also be used to assign a custom User ID, but also allows you to update
- * the username.
- *
- * **Important:** changing the username has no bearing on authentication, as
- * it's typically only used in the client-side component of the passkey
- * (so the user knows which account the passkey relates to).
- *
- * However you might choose to align the username in your vault with the
- * client-side component to simplify end user support.
- *
- * @param request
- * @returns A promise resolving to either a passkey or an API error.
- *
- * @category Passkeys
- */
-export declare const updatePasskey: (request: UpdatePasskeyOptions) => Promise<Passkey | NotFoundError | ForbiddenError>;
-/**
- * Update the username for all passkeys belonging to a given user.
- *
- * **Important:** changing the username has no bearing on authentication, as
- * it's typically only used in the client-side component of the passkey
- * (so the user knows which account the passkey relates to).
- *
- * However you might choose to align the username in your vault with the
- * client-side component to simplify end user support.
- *
- * @param request
- * @returns A promise resolving to either updated passkey usernames or an API error.
- *
- * @category Passkeys
- */
-export declare const updatePasskeyUsernames: (request: UpdatePasskeyUsernamesOptions) => Promise<UpdatedPasskeyUsernames | NotFoundError | ForbiddenError>;
-/**
- * Delete a passkey from your vault.
- *
- * **Note:** The user will still retain the passkey on their device so
- * you will need to either:
- *
- * a) Use the @passlock/client functions to delete the passkey from the user's device.
- * b) Remind the user to delete the passkey
- *
- * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.
- *
- * In addition, during authentication you should handle a missing passkey scenario.
- * This happens when a user tries to authenticate with a passkey that is missing from
- * your vault. The @passlock/client library can help with this. See
- * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
- *
- * @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)
- * @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
- *
- * @param options
- * @returns A promise resolving to either the deleted passkey or an API error.
- *
- * @category Passkeys
- */
-export declare const deletePasskey: (options: DeletePasskeyOptions) => Promise<Passkey | ForbiddenError | NotFoundError>;
-/**
- * Fetch details about a passkey. **Important**: Not to be confused with
- * the {@link exchangeCode} or {@link verifyIdToken} functions, which
- * return details about specific authentication or registration operations.
- * Use this function for passkey management, not authentication.
- *
- * @param options
- * @returns A promise resolving to either passkey details or an API error.
- *
- * @category Passkeys
- */
-export declare const getPasskey: (options: GetPasskeyOptions) => Promise<Passkey | ForbiddenError | NotFoundError>;
-/**
- * List passkeys for the given tenancy. Note: This could return a cursor.
- * If so, call again, passing the cursor back in.
- *
- * @param options
- * @returns A promise resolving to a page of passkey summaries or an API error.
- *
- * @category Passkeys
- */
-export declare const listPasskeys: (options: ListPasskeyOptions) => Promise<FindAllPasskeys | ForbiddenError>;
-/**
- * The @passlock/client library generates codes, which you should send to
- * your backend. Use this function to exchange the code for details about
- * the registration or authentication operation. **Note:** a code is valid
- * for 5 minutes.
- *
- * @see {@link ExtendedPrincipal}
- *
- * @param options
- * @returns A promise resolving to an extended principal or an API error.
- *
- * @category Principal
- */
-export declare const exchangeCode: (options: ExchangeCodeOptions) => Promise<ExtendedPrincipal | ForbiddenError | InvalidCodeError>;
-/**
- * Decode and verify an id_token (JWT) locally.
- * **Note:** This will make a network call to
- * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
- * to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS Lambda it will make the call on every
- * cold start so might actually be slower than {@link exchangeCode}
- *
- * @see {@link Principal}
- *
- * @param options
- * @returns A promise resolving to a verified principal or verification failure.
- *
- * @category Principal
- */
-export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Promise<Principal | VerificationError>;
-export type { BadRequestError, DuplicateEmailError, ForbiddenError, InvalidCodeError, InvalidEmailError, InvalidTenancyError, NotFoundError, PasskeyNotFoundError, UnauthorizedError, VerificationError, } from "./errors.js";
-export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
-export type { AssignUserOptions, Credential, DeletePasskeyOptions, FindAllPasskeys, GetPasskeyOptions, ListPasskeyOptions, Passkey, PasskeySummary, Platform, UpdatedPasskeys, UpdatedPasskeyUsernames, UpdatePasskeyOptions, UpdatePasskeyUsernamesOptions, } from "./passkey/passkey.js";
-export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
-export type { ExchangeCodeOptions, VerifyIdTokenOptions, } from "./principal/principal.js";
-export type { CredentialDeviceType, Transports, } from "./schemas/passkey.js";
-export type { ExtendedPrincipal, Principal } from "./schemas/principal.js";
-export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
-export type { AuthenticatedOptions, PasslockOptions, } from "./shared.js";
+export {};
 //# sourceMappingURL=safe.d.ts.map

package/dist/safe.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"safe.d.ts","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,KAAK,EACV,cAAc,EACd,gBAAgB,EAChB,aAAa,EACb,iBAAiB,EAClB,MAAM,aAAa,CAAA;AACpB,OAAO,KAAK,EACV,iBAAiB,EACjB,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,EAC9B,MAAM,sBAAsB,CAAA;AAS7B,OAAO,KAAK,EACV,mBAAmB,EACnB,oBAAoB,EACrB,MAAM,0BAA0B,CAAA;AAKjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE1E;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,KACzB,OAAO,CAAC,OAAO,GAAG,aAAa,GAAG,cAAc,CAKhD,CAAA;AAEH;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,GAAG,aAAa,GAAG,cAAc,CAKhD,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,sBAAsB,GACjC,SAAS,6BAA6B,KACrC,OAAO,CAAC,uBAAuB,GAAG,aAAa,GAAG,cAAc,CAKhE,CAAA;AAEH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,OAAO,GAAG,cAAc,GAAG,aAAa,CAKhD,CAAA;AAEH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,UAAU,GACrB,SAAS,iBAAiB,KACzB,OAAO,CAAC,OAAO,GAAG,cAAc,GAAG,aAAa,CAKhD,CAAA;AAEH;;;;;;;;GAQG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,kBAAkB,KAC1B,OAAO,CAAC,eAAe,GAAG,cAAc,CAKxC,CAAA;AAEH;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,KAC3B,OAAO,CAAC,iBAAiB,GAAG,cAAc,GAAG,gBAAgB,CAK7D,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,OAAO,CAAC,SAAS,GAAG,iBAAiB,CAKrC,CAAA;AAIH,YAAY,EACV,eAAe,EACf,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,aAAa,EACb,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,iBAAiB,EACjB,UAAU,EACV,oBAAoB,EACpB,eAAe,EACf,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,cAAc,EACd,QAAQ,EACR,eAAe,EACf,uBAAuB,EACvB,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EACV,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,oBAAoB,EACpB,UAAU,GACX,MAAM,sBAAsB,CAAA;AAC7B,YAAY,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC1E,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA;AACzE,YAAY,EACV,oBAAoB,EACpB,eAAe,GAChB,MAAM,aAAa,CAAA"}
+{"version":3,"file":"safe.d.ts","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":""}

package/dist/safe.js

@@ -1,147 +1,9 @@
-/**
- * Safe functions that return discriminated unions representing
- * the successful outcome or expected failures.
- *
- * Note: unexpected runtime failures may still throw.
- *
- * @categoryDescription Passkeys
- * Functions and related types for managing passkeys
- *
- * @showCategories
- *
- * @module safe
- */
-import { Effect, identity, pipe } from "effect";
-import { assignUser as assignUserE, deletePasskey as deletePasskeyE, getPasskey as getPasskeyE, listPasskeys as listPasskeysE, updatePasskey as updatePasskeyE, updatePasskeyUsernames as updatePasskeyUsernamesE, } from "./passkey/passkey.js";
-import { exchangeCode as exchangeCodeE, verifyIdToken as verifyIdTokenE, } from "./principal/principal.js";
-/**
- * Assign a custom User ID to a passkey. Will be reflected in the next
- * {@link Principal} or {@link ExtendedPrincipal} generated.
- *
- * **Note:** This does not change the underlying WebAuthn credential's `userId`.
- * Instead we apply a layer of indirection.
- *
- * @see {@link Principal}
- * @see {@link ExtendedPrincipal}
- * @see [credential](https://passlock.dev/rest-api/credential/)
- *
- * @param request
- * @returns A promise resolving to either a passkey or an API error.
- *
- * @category Passkeys
- */
-export const assignUser = (request) => pipe(assignUserE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-/**
- * Can also be used to assign a custom User ID, but also allows you to update
- * the username.
- *
- * **Important:** changing the username has no bearing on authentication, as
- * it's typically only used in the client-side component of the passkey
- * (so the user knows which account the passkey relates to).
- *
- * However you might choose to align the username in your vault with the
- * client-side component to simplify end user support.
- *
- * @param request
- * @returns A promise resolving to either a passkey or an API error.
- *
- * @category Passkeys
- */
-export const updatePasskey = (request) => pipe(updatePasskeyE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-/**
- * Update the username for all passkeys belonging to a given user.
- *
- * **Important:** changing the username has no bearing on authentication, as
- * it's typically only used in the client-side component of the passkey
- * (so the user knows which account the passkey relates to).
- *
- * However you might choose to align the username in your vault with the
- * client-side component to simplify end user support.
- *
- * @param request
- * @returns A promise resolving to either updated passkey usernames or an API error.
- *
- * @category Passkeys
- */
-export const updatePasskeyUsernames = (request) => pipe(updatePasskeyUsernamesE(request), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-/**
- * Delete a passkey from your vault.
- *
- * **Note:** The user will still retain the passkey on their device so
- * you will need to either:
- *
- * a) Use the @passlock/client functions to delete the passkey from the user's device.
- * b) Remind the user to delete the passkey
- *
- * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.
- *
- * In addition, during authentication you should handle a missing passkey scenario.
- * This happens when a user tries to authenticate with a passkey that is missing from
- * your vault. The @passlock/client library can help with this. See
- * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
- *
- * @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)
- * @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)
- *
- * @param options
- * @returns A promise resolving to either the deleted passkey or an API error.
- *
- * @category Passkeys
- */
-export const deletePasskey = (options) => pipe(deletePasskeyE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-/**
- * Fetch details about a passkey. **Important**: Not to be confused with
- * the {@link exchangeCode} or {@link verifyIdToken} functions, which
- * return details about specific authentication or registration operations.
- * Use this function for passkey management, not authentication.
- *
- * @param options
- * @returns A promise resolving to either passkey details or an API error.
- *
- * @category Passkeys
- */
-export const getPasskey = (options) => pipe(getPasskeyE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-/**
- * List passkeys for the given tenancy. Note: This could return a cursor.
- * If so, call again, passing the cursor back in.
- *
- * @param options
- * @returns A promise resolving to a page of passkey summaries or an API error.
- *
- * @category Passkeys
- */
-export const listPasskeys = (options) => pipe(listPasskeysE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-/**
- * The @passlock/client library generates codes, which you should send to
- * your backend. Use this function to exchange the code for details about
- * the registration or authentication operation. **Note:** a code is valid
- * for 5 minutes.
- *
- * @see {@link ExtendedPrincipal}
- *
- * @param options
- * @returns A promise resolving to an extended principal or an API error.
- *
- * @category Principal
- */
-export const exchangeCode = (options) => pipe(exchangeCodeE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-/**
- * Decode and verify an id_token (JWT) locally.
- * **Note:** This will make a network call to
- * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)
- * to fetch the relevant public key. The response will be cached, however
- * bear in mind that for something like AWS Lambda it will make the call on every
- * cold start so might actually be slower than {@link exchangeCode}
- *
- * @see {@link Principal}
- *
- * @param options
- * @returns A promise resolving to a verified principal or verification failure.
- *
- * @category Principal
- */
-export const verifyIdToken = (options) => pipe(verifyIdTokenE(options), Effect.match({ onFailure: identity, onSuccess: identity }), Effect.runPromise);
-export { isBadRequestError, isDuplicateEmailError, isForbiddenError, isInvalidCodeError, isInvalidEmailError, isInvalidTenancyError, isNotFoundError, isPasskeyNotFoundError, isUnauthorizedError, isVerificationError, } from "./errors.js";
-export { isPasskey, isPasskeySummary, isUpdatedPasskeys, isUpdatedPasskeyUsernames, } from "./passkey/passkey.js";
-export { isExtendedPrincipal, isPrincipal } from "./schemas/principal.js";
+const isProd = process.env.NODE_ENV === "production";
+const warnedKey = Symbol.for("passlock.node.deprecation.warned");
+const g = globalThis;
+if (!isProd && !g[warnedKey]) {
+    g[warnedKey] = true;
+    console.warn("[DEPRECATED] @passlock/node has been renamed to @passlock/server. Please update your imports.");
+}
+export {};
 //# sourceMappingURL=safe.js.map

package/dist/safe.js.map

@@ -1 +1 @@
-{"version":3,"file":"safe.js","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAkB/C,OAAO,EACL,UAAU,IAAI,WAAW,EACzB,aAAa,IAAI,cAAc,EAC/B,UAAU,IAAI,WAAW,EACzB,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,EAC/B,sBAAsB,IAAI,uBAAuB,GAClD,MAAM,sBAAsB,CAAA;AAK7B,OAAO,EACL,YAAY,IAAI,aAAa,EAC7B,aAAa,IAAI,cAAc,GAChC,MAAM,0BAA0B,CAAA;AAGjC;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACyB,EAAE,CACrD,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACsB,EAAE,CACrD,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EAC6B,EAAE,CACrE,IAAI,CACF,uBAAuB,CAAC,OAAO,CAAC,EAChC,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACsB,EAAE,CACrD,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EACyB,EAAE,CACrD,IAAI,CACF,WAAW,CAAC,OAAO,CAAC,EACpB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EACgB,EAAE,CAC7C,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EACoC,EAAE,CAClE,IAAI,CACF,aAAa,CAAC,OAAO,CAAC,EACtB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAEH;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACW,EAAE,CAC1C,IAAI,CACF,cAAc,CAAC,OAAO,CAAC,EACvB,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,EAC1D,MAAM,CAAC,UAAU,CAClB,CAAA;AAgBH,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EACrB,gBAAgB,EAChB,kBAAkB,EAClB,mBAAmB,EACnB,qBAAqB,EACrB,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,aAAa,CAAA;AAgBpB,OAAO,EACL,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,yBAAyB,GAC1B,MAAM,sBAAsB,CAAA;AAU7B,OAAO,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA","sourcesContent":["/**\n * Safe functions that return discriminated unions representing\n * the successful outcome or expected failures.\n *\n * Note: unexpected runtime failures may still throw.\n *\n * @categoryDescription Passkeys\n * Functions and related types for managing passkeys\n *\n * @showCategories\n *\n * @module safe\n */\n\nimport { Effect, identity, pipe } from \"effect\"\nimport type {\n  ForbiddenError,\n  InvalidCodeError,\n  NotFoundError,\n  VerificationError,\n} from \"./errors.js\"\nimport type {\n  AssignUserOptions,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  UpdatedPasskeyUsernames,\n  UpdatePasskeyOptions,\n  UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nimport {\n  assignUser as assignUserE,\n  deletePasskey as deletePasskeyE,\n  getPasskey as getPasskeyE,\n  listPasskeys as listPasskeysE,\n  updatePasskey as updatePasskeyE,\n  updatePasskeyUsernames as updatePasskeyUsernamesE,\n} from \"./passkey/passkey.js\"\nimport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nimport {\n  exchangeCode as exchangeCodeE,\n  verifyIdToken as verifyIdTokenE,\n} from \"./principal/principal.js\"\nimport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\n\n/**\n * Assign a custom User ID to a passkey. Will be reflected in the next\n * {@link Principal} or {@link ExtendedPrincipal} generated.\n *\n * **Note:** This does not change the underlying WebAuthn credential's `userId`.\n * Instead we apply a layer of indirection.\n *\n * @see {@link Principal}\n * @see {@link ExtendedPrincipal}\n * @see [credential](https://passlock.dev/rest-api/credential/)\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const assignUser = (\n  request: AssignUserOptions\n): Promise<Passkey | NotFoundError | ForbiddenError> =>\n  pipe(\n    assignUserE(request),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Can also be used to assign a custom User ID, but also allows you to update\n * the username.\n *\n * **Important:** changing the username has no bearing on authentication, as\n * it's typically only used in the client-side component of the passkey\n * (so the user knows which account the passkey relates to).\n *\n * However you might choose to align the username in your vault with the\n * client-side component to simplify end user support.\n *\n * @param request\n * @returns A promise resolving to either a passkey or an API error.\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n  request: UpdatePasskeyOptions\n): Promise<Passkey | NotFoundError | ForbiddenError> =>\n  pipe(\n    updatePasskeyE(request),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Update the username for all passkeys belonging to a given user.\n *\n * **Important:** changing the username has no bearing on authentication, as\n * it's typically only used in the client-side component of the passkey\n * (so the user knows which account the passkey relates to).\n *\n * However you might choose to align the username in your vault with the\n * client-side component to simplify end user support.\n *\n * @param request\n * @returns A promise resolving to either updated passkey usernames or an API error.\n *\n * @category Passkeys\n */\nexport const updatePasskeyUsernames = (\n  request: UpdatePasskeyUsernamesOptions\n): Promise<UpdatedPasskeyUsernames | NotFoundError | ForbiddenError> =>\n  pipe(\n    updatePasskeyUsernamesE(request),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Delete a passkey from your vault.\n *\n * **Note:** The user will still retain the passkey on their device so\n * you will need to either:\n *\n * a) Use the @passlock/client functions to delete the passkey from the user's device.\n * b) Remind the user to delete the passkey\n *\n * See [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/) in the documentation.\n *\n * In addition, during authentication you should handle a missing passkey scenario.\n * This happens when a user tries to authenticate with a passkey that is missing from\n * your vault. The @passlock/client library can help with this. See\n * [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @see [deleting passkeys](https://passlock.dev/passkeys/passkey-removal/)\n * @see [handling missing passkeys](https://passlock.dev/handling-missing-passkeys/)\n *\n * @param options\n * @returns A promise resolving to either the deleted passkey or an API error.\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n  options: DeletePasskeyOptions\n): Promise<Passkey | ForbiddenError | NotFoundError> =>\n  pipe(\n    deletePasskeyE(options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Fetch details about a passkey. **Important**: Not to be confused with\n * the {@link exchangeCode} or {@link verifyIdToken} functions, which\n * return details about specific authentication or registration operations.\n * Use this function for passkey management, not authentication.\n *\n * @param options\n * @returns A promise resolving to either passkey details or an API error.\n *\n * @category Passkeys\n */\nexport const getPasskey = (\n  options: GetPasskeyOptions\n): Promise<Passkey | ForbiddenError | NotFoundError> =>\n  pipe(\n    getPasskeyE(options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * List passkeys for the given tenancy. Note: This could return a cursor.\n * If so, call again, passing the cursor back in.\n *\n * @param options\n * @returns A promise resolving to a page of passkey summaries or an API error.\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n  options: ListPasskeyOptions\n): Promise<FindAllPasskeys | ForbiddenError> =>\n  pipe(\n    listPasskeysE(options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * The @passlock/client library generates codes, which you should send to\n * your backend. Use this function to exchange the code for details about\n * the registration or authentication operation. **Note:** a code is valid\n * for 5 minutes.\n *\n * @see {@link ExtendedPrincipal}\n *\n * @param options\n * @returns A promise resolving to an extended principal or an API error.\n *\n * @category Principal\n */\nexport const exchangeCode = (\n  options: ExchangeCodeOptions\n): Promise<ExtendedPrincipal | ForbiddenError | InvalidCodeError> =>\n  pipe(\n    exchangeCodeE(options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/**\n * Decode and verify an id_token (JWT) locally.\n * **Note:** This will make a network call to\n * `https://api.passlock.dev/.well-known/jwks.json` (or your configured `endpoint`)\n * to fetch the relevant public key. The response will be cached, however\n * bear in mind that for something like AWS Lambda it will make the call on every\n * cold start so might actually be slower than {@link exchangeCode}\n *\n * @see {@link Principal}\n *\n * @param options\n * @returns A promise resolving to a verified principal or verification failure.\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n  options: VerifyIdTokenOptions\n): Promise<Principal | VerificationError> =>\n  pipe(\n    verifyIdTokenE(options),\n    Effect.match({ onFailure: identity, onSuccess: identity }),\n    Effect.runPromise\n  )\n\n/* Re-exports */\n\nexport type {\n  BadRequestError,\n  DuplicateEmailError,\n  ForbiddenError,\n  InvalidCodeError,\n  InvalidEmailError,\n  InvalidTenancyError,\n  NotFoundError,\n  PasskeyNotFoundError,\n  UnauthorizedError,\n  VerificationError,\n} from \"./errors.js\"\nexport {\n  isBadRequestError,\n  isDuplicateEmailError,\n  isForbiddenError,\n  isInvalidCodeError,\n  isInvalidEmailError,\n  isInvalidTenancyError,\n  isNotFoundError,\n  isPasskeyNotFoundError,\n  isUnauthorizedError,\n  isVerificationError,\n} from \"./errors.js\"\nexport type {\n  AssignUserOptions,\n  Credential,\n  DeletePasskeyOptions,\n  FindAllPasskeys,\n  GetPasskeyOptions,\n  ListPasskeyOptions,\n  Passkey,\n  PasskeySummary,\n  Platform,\n  UpdatedPasskeys,\n  UpdatedPasskeyUsernames,\n  UpdatePasskeyOptions,\n  UpdatePasskeyUsernamesOptions,\n} from \"./passkey/passkey.js\"\nexport {\n  isPasskey,\n  isPasskeySummary,\n  isUpdatedPasskeys,\n  isUpdatedPasskeyUsernames,\n} from \"./passkey/passkey.js\"\nexport type {\n  ExchangeCodeOptions,\n  VerifyIdTokenOptions,\n} from \"./principal/principal.js\"\nexport type {\n  CredentialDeviceType,\n  Transports,\n} from \"./schemas/passkey.js\"\nexport type { ExtendedPrincipal, Principal } from \"./schemas/principal.js\"\nexport { isExtendedPrincipal, isPrincipal } from \"./schemas/principal.js\"\nexport type {\n  AuthenticatedOptions,\n  PasslockOptions,\n} from \"./shared.js\"\n"]}
+{"version":3,"file":"safe.js","sourceRoot":"","sources":["../src/safe.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;AAErD,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;AAMjE,MAAM,CAAC,GAAG,UAAgC,CAAC;AAE3C,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC;IAC7B,CAAC,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IAEpB,OAAO,CAAC,IAAI,CACV,+FAA+F,CAChG,CAAC;AACJ,CAAC","sourcesContent":["const isProd = process.env.NODE_ENV === \"production\";\n\nconst warnedKey = Symbol.for(\"passlock.node.deprecation.warned\");\n\ntype GlobalWithWarnFlag = typeof globalThis & {\n  [warnedKey]?: boolean;\n};\n\nconst g = globalThis as GlobalWithWarnFlag;\n\nif (!isProd && !g[warnedKey]) {\n  g[warnedKey] = true;\n\n  console.warn(\n    \"[DEPRECATED] @passlock/node has been renamed to @passlock/server. Please update your imports.\"\n  );\n}"]}