@passlock/server 2.1.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. package/dist/effect.d.ts +8 -0
  2. package/dist/effect.d.ts.map +1 -1
  3. package/dist/effect.js +8 -0
  4. package/dist/effect.js.map +1 -1
  5. package/dist/errors.d.ts +65 -0
  6. package/dist/errors.d.ts.map +1 -1
  7. package/dist/errors.js +36 -5
  8. package/dist/errors.js.map +1 -1
  9. package/dist/index.d.ts +63 -21
  10. package/dist/index.d.ts.map +1 -1
  11. package/dist/index.js +60 -18
  12. package/dist/index.js.map +1 -1
  13. package/dist/network.d.ts +3 -3
  14. package/dist/passkey/passkey.d.ts +267 -10
  15. package/dist/passkey/passkey.d.ts.map +1 -1
  16. package/dist/passkey/passkey.js +161 -5
  17. package/dist/passkey/passkey.js.map +1 -1
  18. package/dist/principal/principal.d.ts +45 -1
  19. package/dist/principal/principal.d.ts.map +1 -1
  20. package/dist/principal/principal.js +27 -0
  21. package/dist/principal/principal.js.map +1 -1
  22. package/dist/safe-result.d.ts +33 -0
  23. package/dist/safe-result.d.ts.map +1 -0
  24. package/dist/safe-result.js +35 -0
  25. package/dist/safe-result.js.map +1 -0
  26. package/dist/safe.d.ts +87 -30
  27. package/dist/safe.d.ts.map +1 -1
  28. package/dist/safe.js +90 -30
  29. package/dist/safe.js.map +1 -1
  30. package/dist/schemas/passkey.d.ts +160 -0
  31. package/dist/schemas/passkey.d.ts.map +1 -1
  32. package/dist/schemas/passkey.js +90 -12
  33. package/dist/schemas/passkey.js.map +1 -1
  34. package/dist/schemas/principal.d.ts +50 -0
  35. package/dist/schemas/principal.d.ts.map +1 -1
  36. package/dist/schemas/principal.js +30 -0
  37. package/dist/schemas/principal.js.map +1 -1
  38. package/dist/schemas/signup.d.ts +20 -0
  39. package/dist/schemas/signup.d.ts.map +1 -1
  40. package/dist/schemas/signup.js +10 -0
  41. package/dist/schemas/signup.js.map +1 -1
  42. package/dist/shared.d.ts +18 -0
  43. package/dist/shared.d.ts.map +1 -1
  44. package/dist/shared.js.map +1 -1
  45. package/package.json +6 -6
package/dist/passkey/passkey.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/passkey/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,EACL,KAAK,EACL,MAAM,EAEN,KAAK,EACL,MAAM,EACN,IAAI,EACJ,MAAM,EACN,MAAM,GACP,MAAM,QAAQ,CAAA;AAEf,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAKjB,MAAM,eAAe,CAAA;AACtB,OAAO,EACL,eAAe,IAAI,qBAAqB,EACxC,cAAc,EACd,aAAa,GACd,MAAM,qBAAqB,CAAA;AAC5B,OAAO,KAAK,cAAc,MAAM,uBAAuB,CAAA;AA+DvD,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAgB,EAAsB,EAAE,CAChE,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA;AAuB5C,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAA;AAkBnD,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAmBpD,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAuBpD,MAAM,CAAC,MAAM,yBAAyB,GAAG,CACvC,OAAgB,EACoB,EAAE;IACtC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC7C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAClC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAClD,IAAI,OAAO,CAAC,IAAI,KAAK,yBAAyB;QAAE,OAAO,KAAK,CAAA;IAE5D,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAED,iCAAiC;AAEjC,MAAM,oBAAoB,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,CAAC;IAChD,aAAa,EAAE,UAAU,MAAM,EAAE;CAClC,CAAC,CAAA;AAEF,MAAM,kBAAkB,GAAG,CACzB,QAAyB,EACzB,MAA8B,EAC9B,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;AAQtE,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAQH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,cAAc,EAAE,EAAE,CACtC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAC/B,EACD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAgBH,2BAA2B;AAC3B,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IACrC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,EACV;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAUH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAC/C,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AASH,MAAM,kBAAkB,GAAG,CACzB,OAAiC,EACjC,aAAwC,gBAAgB,EACQ,EAAE,CAClE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IACpC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,UAAU,MAAM,YAAY,EAAE,OAAO,CAAC,CAAA;IAEvE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CACb,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,eAAe,CAAC;QACzD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,EAChE,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAUH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAAsC,EACtC,aAAwC,gBAAgB,EACgB,EAAE,CAC1E,IAAI,CACF,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,EACvC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EACtC,MAAM,CAAC,GAAG,CACR,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;IACpB,OAAO;QACL,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;QAC7B,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;QACjC,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ;QACrC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ;KAChE,CAAA;AACH,CAAC,CAAC,CACH,EACD,MAAM,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IAC3B,IAAI,EAAE,yBAAyB;IAC/B,WAAW;CACZ,CAAC,CAAC,CACJ,CAAA;AAEH,mBAAmB;AAEnB,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAA6B,EAC7B,aAAwC,gBAAgB,EACT,EAAE,CACjD,IAAI,CACF,MAAM,CAAC,mBAAmB,CAAC,IAAqB,EAAE,CAAC,MAAM,EAAE,EAAE,CAC3D,IAAI,CACF,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,EACnE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC;IACrB,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC;IAClC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC;CACnC,CAAC,CACH,CACF,CACF,CAAA;AAMH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EAC3B,aAAwC,gBAAgB,EACR,EAAE,CAClD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,YAAY,EAAE,OAAO,CAAC,CAAA;IACvD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GAAqC,KAAK,CAAC,CAAC,WAAW,CAClE,QAAQ,EACR;QACE,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,qBAAqB,CAAC;QAC9D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC;KACzD,CACF,CAAA;IAED,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EAC5D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA","sourcesContent":["import {\n Array,\n Chunk,\n Effect,\n type Layer,\n Match,\n Option,\n pipe,\n Schema,\n Stream,\n} from \"effect\"\nimport type { satisfy } from \"src/schemas/satisfy.js\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponse,\n type NetworkResponseError,\n} from \"../network.js\"\nimport {\n FindAllPasskeys as FindAllPasskeysSchema,\n ForbiddenError,\n NotFoundError,\n} from \"../schemas/index.js\"\nimport * as PasskeySchemas from \"../schemas/passkey.js\"\nimport type { AuthenticatedOptions } from \"../shared.js\"\n\n/* Passkey */\n\n/**\n * WebAuthn specific passkey data\n */\nexport type Credential = {\n id: string\n userId: string\n username: string\n aaguid: string\n backedUp: boolean\n counter: number\n deviceType: PasskeySchemas.CredentialDeviceType\n transports: ReadonlyArray<PasskeySchemas.Transports>\n publicKey: Uint8Array<ArrayBufferLike>\n rpId: string\n}\n\n/**\n * Passkeys are usually synced across devices **but only within\n * a specific platform/ecosystem** e.g. a passkey created on Apple\n * devices would typically be synced across devices sharing the same\n * iCloud ID.\n *\n * However, if the user also wants to sign in from their Windows\n * or Android/Chrome devices they will need an additional passkey.\n * Therefore when listing the passkeys registered to a user's account\n * it's a good idea to tell them which platform the passkeys relate to.\n *\n * We've also included links to icons (SVG) so you can give your users\n * a quick visual indication.\n */\nexport type Platform = {\n name?: string | undefined\n icon?: string | undefined\n}\n\n/**\n * The server-side component of a passkey\n *\n * @category Passkeys\n */\nexport type Passkey = {\n _tag: \"Passkey\"\n /**\n * Not to be confused with the credential.id\n */\n id: string\n /**\n * Not to be confused with the credential.userId\n */\n userId?: string | undefined\n enabled: boolean\n credential: Credential\n platform?: Platform | undefined\n lastUsed?: number | undefined\n createdAt: number\n updatedAt: number\n}\n\nexport const isPasskey = (payload: unknown): payload is Passkey =>\n Schema.is(PasskeySchemas.Passkey)(payload)\n\n/**\n * needed to ensure the Passkey === Passkey.Type\n * @internal\n * */\nexport type _Passkey = satisfy<typeof PasskeySchemas.Passkey.Type, Passkey>\n\n/* PasskeySummary */\n\nexport type PasskeySummary = {\n readonly _tag: \"PasskeySummary\"\n readonly id: string\n readonly userId: string\n readonly enabled: boolean\n readonly credential: {\n readonly id: string\n readonly userId: string\n }\n readonly lastUsed?: number | undefined\n readonly createdAt: number\n}\n\nexport const isPasskeySummary = (payload: unknown): payload is PasskeySummary =>\n Schema.is(PasskeySchemas.PasskeySummary)(payload)\n\n/**\n * needed to ensure the PasskeySummary === PasskeySummary.Type\n * @internal\n */\nexport type _PasskeySummary = satisfy<\n typeof PasskeySchemas.PasskeySummary.Type,\n PasskeySummary\n>\n\n/* UpdatedPasskeys */\n\nexport type UpdatedPasskeys = {\n _tag: \"UpdatedPasskeys\"\n updated: ReadonlyArray<Passkey>\n}\n\nexport const isUpdatedPasskeys = (\n payload: unknown\n): payload is UpdatedPasskeys =>\n Schema.is(PasskeySchemas.UpdatedPasskeys)(payload)\n\n/**\n * needed to ensure the UpdatedPasskeys === UpdatedPasskeys.Type\n * @internal\n * */\nexport type _UpdatedPasskeys = satisfy<\n typeof PasskeySchemas.UpdatedPasskeys.Type,\n UpdatedPasskeys\n>\n\n/* FindAllPasskeys */\n\nexport type FindAllPasskeys = {\n readonly _tag: \"FindAllPasskeys\"\n readonly cursor: string | null\n readonly records: ReadonlyArray<PasskeySummary>\n}\n\nexport const isFindAllPasskeys = (\n payload: unknown\n): payload is FindAllPasskeys =>\n Schema.is(PasskeySchemas.FindAllPasskeys)(payload)\n\n/**\n * needed to ensure the FindAllPasskeys === FindAllPasskeys.Type\n * @internal\n */\nexport type _FindAllPasskeys = satisfy<\n typeof FindAllPasskeysSchema.Type,\n FindAllPasskeys\n>\n\n/* UpdatedPasskeyUsernames (update names by userId) */\n\nexport type UpdatedPasskeyUsernames = {\n _tag: \"UpdatedPasskeyUsernames\"\n credentials: ReadonlyArray<{\n rpId: string\n userId: string\n username: string\n displayName: string\n }>\n}\n\nexport const isUpdatedPasskeyUsernames = (\n payload: unknown\n): payload is UpdatedPasskeyUsernames => {\n if (typeof payload !== \"object\") return false\n if (payload === null) return false\n if (!(\"_tag\" in payload)) return false\n if (typeof payload._tag !== \"string\") return false\n if (payload._tag !== \"UpdatedPasskeyUsernames\") return false\n\n return true\n}\n\n/* END UpdatedPasskeyUsernames */\n\nconst authorizationHeaders = (apiKey: string) => ({\n authorization: `Bearer ${apiKey}`,\n})\n\nconst decodeResponseJson = <A, I, R>(\n response: NetworkResponse,\n schema: Schema.Schema<A, I, R>\n) => pipe(response.json, Effect.flatMap(Schema.decodeUnknown(schema)))\n\n/* Get Passkey */\n\nexport interface GetPasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const getPasskey = (\n options: GetPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Delete Passkey */\n\nexport interface DeletePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n}\n\nexport const deletePasskey = (\n options: DeletePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"delete\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (deletedPasskey) =>\n Effect.succeed(deletedPasskey)\n ),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Assign User */\n\n/**\n * @category Passkeys\n */\nexport interface AssignUserOptions extends AuthenticatedOptions {\n passkeyId: string\n\n /**\n * Custom User ID to align with your own systems\n */\n userId: string\n}\n\n// TODO reuse updatePasskey\nexport const assignUser = (\n options: AssignUserOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { userId, passkeyId } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkey */\n\nexport interface UpdatePasskeyOptions extends AuthenticatedOptions {\n passkeyId: string\n userId?: string\n username?: string\n}\n\nexport const updatePasskey = (\n options: UpdatePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, passkeyId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkeys by userId (currently not exported) */\n\ninterface UpdateUserPasskeyOptions extends AuthenticatedOptions {\n userId: string\n username?: string\n}\n\nconst updateUserPasskeys = (\n options: UpdateUserPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedPasskeys, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/users/${userId}/passkeys/`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: UpdatedPasskeys | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) =>\n decodeResponseJson(res, PasskeySchemas.UpdatedPasskeys),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"UpdatedPasskeys\", (result) => Effect.succeed(result)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update usernames by userId */\n\nexport interface UpdatePasskeyUsernamesOptions extends AuthenticatedOptions {\n userId: string\n username: string\n displayName?: string\n}\n\nexport const updatePasskeyUsernames = (\n options: UpdatePasskeyUsernamesOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedPasskeyUsernames, NotFoundError | ForbiddenError> =>\n pipe(\n updateUserPasskeys(options, fetchLayer),\n Effect.map((result) => result.updated),\n Effect.map(\n Array.map((passkey) => {\n return {\n rpId: passkey.credential.rpId,\n userId: passkey.credential.userId,\n username: passkey.credential.username,\n displayName: options.displayName ?? passkey.credential.username,\n }\n })\n ),\n Effect.map((credentials) => ({\n _tag: \"UpdatedPasskeyUsernames\",\n credentials,\n }))\n )\n\n/* List Passkeys */\n\nexport const listPasskeysStream = (\n options: AuthenticatedOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Stream.Stream<PasskeySummary, ForbiddenError> =>\n pipe(\n Stream.paginateChunkEffect(null as string | null, (cursor) =>\n pipe(\n listPasskeys(cursor ? { ...options, cursor } : options, fetchLayer),\n Effect.map((result) => [\n Chunk.fromIterable(result.records),\n Option.fromNullable(result.cursor),\n ])\n )\n )\n )\n\nexport interface ListPasskeyOptions extends AuthenticatedOptions {\n cursor?: string\n}\n\nexport const listPasskeys = (\n options: ListPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<FindAllPasskeys, ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/`, baseUrl)\n if (options.cursor) {\n url.searchParams.append(\"cursor\", options.cursor)\n }\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: FindAllPasskeys | ForbiddenError = yield* matchStatus(\n response,\n {\n \"2xx\": (res) => decodeResponseJson(res, FindAllPasskeysSchema),\n orElse: (res) => decodeResponseJson(res, ForbiddenError),\n }\n )\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"FindAllPasskeys\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n"]}
1
+ {"version":3,"file":"passkey.js","sourceRoot":"","sources":["../../src/passkey/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,KAAK,EACL,KAAK,EACL,MAAM,EAEN,KAAK,EACL,MAAM,EACN,IAAI,EACJ,MAAM,EACN,MAAM,GACP,MAAM,QAAQ,CAAA;AAEf,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAKjB,MAAM,eAAe,CAAA;AACtB,OAAO,EACL,eAAe,IAAI,qBAAqB,EACxC,cAAc,EACd,aAAa,GACd,MAAM,qBAAqB,CAAA;AAC5B,OAAO,KAAK,cAAc,MAAM,uBAAuB,CAAA;AAsEvD;;;;GAIG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,OAAgB,EAAsB,EAAE,CAChE,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA;AAqC5C;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAA;AAuBnD;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AA6CpD;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,OAAgB,EAA6B,EAAE,CAC9E,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAA;AAuBnD;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAwBpD;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,OAAgB,EACY,EAAE,CAC9B,MAAM,CAAC,EAAE,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAA;AAkCpD;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAClC,OAAgB,EACe,EAAE;IACjC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC7C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAClC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAClD,IAAI,OAAO,CAAC,IAAI,KAAK,oBAAoB;QAAE,OAAO,KAAK,CAAA;IAEvD,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAED,4BAA4B;AAE5B,MAAM,oBAAoB,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,CAAC;IAChD,aAAa,EAAE,UAAU,MAAM,EAAE;CAClC,CAAC,CAAA;AAEF,MAAM,kBAAkB,GAAG,CACzB,QAAyB,EACzB,MAA8B,EAC9B,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;AAgBtE;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EACpD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAgBH;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACO,EAAE,CACjE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAExC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,aAAa,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAC/B,MAAM,CAAC,OAAO,CAAC;QACb,IAAI,EAAE,gBAAyB;QAC/B,OAAO,EAAE;YACP,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,EAAE;YACnC,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;YACjC,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;SAC9B;KACF,CAAC,CACH,EACD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAqBH,2BAA2B;AAC3B;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,OAA0B,EAC1B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IACrC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,EACV;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAwBH;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EAC7B,aAAwC,gBAAgB,EACA,EAAE,CAC1D,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IAC/C,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,aAAa,SAAS,EAAE,EAAE,OAAO,CAAC,CAAA;IAEnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC;QAC/D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AASH,MAAM,kBAAkB,GAAG,CACzB,OAAiC,EACjC,aAAwC,gBAAgB,EACQ,EAAE,CAClE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;IACpC,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,UAAU,MAAM,YAAY,EAAE,OAAO,CAAC,CAAA;IAEvE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,OAAO,EACP,EAAE,MAAM,EAAE,QAAQ,EAAE,EACpB;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CACb,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,eAAe,CAAC;QACzD,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAChB,GAAG,EACH,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAC5C;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,EAChE,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAgBH;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAAkC,EAClC,aAAwC,gBAAgB,EACQ,EAAE,CAClE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAE9D,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAErC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,UAAU,MAAM,YAAY,EAAE,OAAO,CAAC,CAAA;IAEvE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAClC,GAAG,EACH,QAAQ,EACR,EAAE,MAAM,EAAE,EACV;QACE,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CACF,CAAA;IAED,MAAM,OAAO,GAGQ,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAChD,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CACb,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC,uBAAuB,CAAC;QACjE,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CACd,kBAAkB,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;KACvE,CAAC,CAAA;IAEF,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE,CACtC,MAAM,CAAC,OAAO,CAAC;QACb,IAAI,EAAE,iBAA0B;QAChC,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACxC,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,EAAE;YACnC,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;YACjC,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;SAC9B,CAAC,CAAC;KACJ,CAAC,CACH,EACD,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACvD,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AA2BH;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CACpC,OAA+B,EAC/B,aAAwC,gBAAgB,EACW,EAAE,CACrE,IAAI,CACF,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,EACvC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EACtC,MAAM,CAAC,GAAG,CACR,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;IACpB,OAAO;QACL,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;QAC7B,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;QACjC,QAAQ,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ;QACrC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ;KAChE,CAAA;AACH,CAAC,CAAC,CACH,EACD,MAAM,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IAC3B,IAAI,EAAE,oBAAoB;IAC1B,WAAW;CACZ,CAAC,CAAC,CACJ,CAAA;AAEH,mBAAmB;AAEnB;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,OAA6B,EAC7B,aAAwC,gBAAgB,EACT,EAAE,CACjD,IAAI,CACF,MAAM,CAAC,mBAAmB,CAAC,IAAqB,EAAE,CAAC,MAAM,EAAE,EAAE,CAC3D,IAAI,CACF,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,EACnE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC;IACrB,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC;IAClC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC;CACnC,CAAC,CACH,CACF,CACF,CAAA;AAcH;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA2B,EAC3B,aAAwC,gBAAgB,EACR,EAAE,CAClD,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE7B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,YAAY,EAAE,OAAO,CAAC,CAAA;IACvD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;IACnD,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC;KAC9C,CAAC,CAAA;IAEF,MAAM,OAAO,GAAqC,KAAK,CAAC,CAAC,WAAW,CAClE,QAAQ,EACR;QACE,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,qBAAqB,CAAC;QAC9D,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,EAAE,cAAc,CAAC;KACzD,CACF,CAAA;IAED,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EAC5D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA","sourcesContent":["import {\n Array,\n Chunk,\n Effect,\n type Layer,\n Match,\n Option,\n pipe,\n Schema,\n Stream,\n} from \"effect\"\nimport type { satisfy } from \"src/schemas/satisfy.js\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponse,\n type NetworkResponseError,\n} from \"../network.js\"\nimport {\n FindAllPasskeys as FindAllPasskeysSchema,\n ForbiddenError,\n NotFoundError,\n} from \"../schemas/index.js\"\nimport * as PasskeySchemas from \"../schemas/passkey.js\"\nimport type { AuthenticatedOptions } from \"../shared.js\"\n\n/* Passkey */\n\n/**\n * WebAuthn-specific credential data stored for a passkey in the Passlock vault.\n *\n * The `id` and `userId` fields are the underlying WebAuthn values, encoded as\n * Base64URL strings.\n *\n * @category Passkeys\n */\nexport type PasskeyCredential = {\n id: string\n userId: string\n username: string\n aaguid: string\n backedUp: boolean\n counter: number\n deviceType: PasskeySchemas.CredentialDeviceType\n transports: ReadonlyArray<PasskeySchemas.Transports>\n publicKey: Uint8Array<ArrayBufferLike>\n rpId: string\n}\n\n/**\n * Passkeys are usually synced across devices **but only within\n * a specific platform/ecosystem** e.g. a passkey created on Apple\n * devices would typically be synced across devices sharing the same\n * iCloud ID.\n *\n * However, if the user also wants to sign in from their Windows\n * or Android/Chrome devices they will need an additional passkey.\n * Therefore when listing the passkeys registered to a user's account\n * it's a good idea to tell them which platform the passkeys relate to.\n *\n * We've also included links to icons (SVG) so you can give your users\n * a quick visual indication.\n *\n * @category Passkeys\n */\nexport type Platform = {\n name?: string | undefined\n icon?: string | undefined\n}\n\n/**\n * The server-side representation of a passkey stored in the Passlock vault.\n *\n * @category Passkeys\n */\nexport type Passkey = {\n _tag: \"Passkey\"\n /**\n * Not to be confused with the credential.id\n */\n id: string\n /**\n * Not to be confused with the credential.userId\n */\n userId?: string | undefined\n enabled: boolean\n credential: PasskeyCredential\n platform?: Platform | undefined\n lastUsed?: number | undefined\n createdAt: number\n updatedAt: number\n}\n\n/**\n * Type guard for {@link Passkey}.\n *\n * @category Passkeys\n */\nexport const isPasskey = (payload: unknown): payload is Passkey =>\n Schema.is(PasskeySchemas.Passkey)(payload)\n\n/**\n * needed to ensure the Passkey === Passkey.Type\n * @internal\n * */\nexport type _Passkey = satisfy<typeof PasskeySchemas.Passkey.Type, Passkey>\n\n/**\n * needed to ensure the PasskeyCredential === PasskeyCredential.Type\n * @internal\n * */\nexport type _PasskeyCredential = satisfy<\n typeof PasskeySchemas.PasskeyCredential.Type,\n PasskeyCredential\n>\n\n/* PasskeySummary */\n\n/**\n * Compact passkey payload returned by list operations.\n *\n * @category Passkeys\n */\nexport type PasskeySummary = {\n readonly _tag: \"PasskeySummary\"\n readonly id: string\n readonly userId: string\n readonly enabled: boolean\n readonly credential: {\n readonly id: string\n readonly userId: string\n }\n readonly lastUsed?: number | undefined\n readonly createdAt: number\n}\n\n/**\n * Type guard for {@link PasskeySummary}.\n *\n * @category Passkeys\n */\nexport const isPasskeySummary = (payload: unknown): payload is PasskeySummary =>\n Schema.is(PasskeySchemas.PasskeySummary)(payload)\n\n/**\n * needed to ensure the PasskeySummary === PasskeySummary.Type\n * @internal\n */\nexport type _PasskeySummary = satisfy<\n typeof PasskeySchemas.PasskeySummary.Type,\n PasskeySummary\n>\n\n/* UpdatedPasskeys */\n\n/**\n * Result payload returned when passkeys are updated in bulk for a user.\n *\n * @category Passkeys\n */\nexport type UpdatedPasskeys = {\n _tag: \"UpdatedPasskeys\"\n updated: ReadonlyArray<Passkey>\n}\n\n/**\n * Type guard for {@link UpdatedPasskeys}.\n *\n * @category Passkeys\n */\nexport const isUpdatedPasskeys = (\n payload: unknown\n): payload is UpdatedPasskeys =>\n Schema.is(PasskeySchemas.UpdatedPasskeys)(payload)\n\n/**\n * needed to ensure the UpdatedPasskeys === UpdatedPasskeys.Type\n * @internal\n * */\nexport type _UpdatedPasskeys = satisfy<\n typeof PasskeySchemas.UpdatedPasskeys.Type,\n UpdatedPasskeys\n>\n\n/* Credential */\n\n/**\n * Credential identifiers returned by passkey deletion operations.\n *\n * @category Passkeys\n */\nexport type Credential = {\n credentialId: string\n userId: string\n rpId: string\n}\n\n/**\n * needed to ensure the Credential === Credential.Type\n * @internal\n */\nexport type _Credential = satisfy<\n typeof PasskeySchemas.Credential.Type,\n Credential\n>\n\n/* DeletedPasskey */\n\n/**\n * Result payload returned when a single passkey has been deleted.\n *\n * @category Passkeys\n */\nexport type DeletedPasskey = {\n _tag: \"DeletedPasskey\"\n deleted: Credential\n}\n\n/**\n * Type guard for {@link DeletedPasskey}.\n *\n * @category Passkeys\n */\nexport const isDeletedPasskey = (payload: unknown): payload is DeletedPasskey =>\n Schema.is(PasskeySchemas.DeletedPasskey)(payload)\n\n/**\n * needed to ensure the DeletedPasskey === DeletedPasskey.Type\n * @internal\n * */\nexport type _DeletedPasskey = satisfy<\n typeof PasskeySchemas.DeletedPasskey.Type,\n DeletedPasskey\n>\n\n/* DeletedPasskeys */\n\n/**\n * Result payload returned when all passkeys for a user have been deleted.\n *\n * @category Passkeys\n */\nexport type DeletedPasskeys = {\n _tag: \"DeletedPasskeys\"\n deleted: ReadonlyArray<Credential>\n}\n\n/**\n * Type guard for {@link DeletedPasskeys}.\n *\n * @category Passkeys\n */\nexport const isDeletedPasskeys = (\n payload: unknown\n): payload is DeletedPasskeys =>\n Schema.is(PasskeySchemas.DeletedPasskeys)(payload)\n\n/**\n * needed to ensure the DeletedPasskeys === DeletedPasskeys.Type\n * @internal\n * */\nexport type _DeletedPasskeys = satisfy<\n typeof PasskeySchemas.DeletedPasskeys.Type,\n DeletedPasskeys\n>\n\n/* FindAllPasskeys */\n\n/**\n * A single page of passkey summaries returned by {@link listPasskeys}.\n *\n * @category Passkeys\n */\nexport type FindAllPasskeys = {\n readonly _tag: \"FindAllPasskeys\"\n readonly cursor: string | null\n readonly records: ReadonlyArray<PasskeySummary>\n}\n\n/**\n * Type guard for {@link FindAllPasskeys}.\n *\n * @category Passkeys\n */\nexport const isFindAllPasskeys = (\n payload: unknown\n): payload is FindAllPasskeys =>\n Schema.is(PasskeySchemas.FindAllPasskeys)(payload)\n\n/**\n * needed to ensure the FindAllPasskeys === FindAllPasskeys.Type\n * @internal\n */\nexport type _FindAllPasskeys = satisfy<\n typeof FindAllPasskeysSchema.Type,\n FindAllPasskeys\n>\n\n/* UpdatedCredentials (update names by userId) */\n\n/**\n * Client-facing credential update payload returned by\n * {@link updatePasskeyUsernames}.\n *\n * Each entry describes one credential to update on the user's device. The\n * returned `displayName` is derived from\n * {@link UpdateUsernamesOptions#displayName} when provided, otherwise it falls\n * back to the stored username.\n *\n * @category Passkeys\n */\nexport type UpdatedCredentials = {\n _tag: \"UpdatedCredentials\"\n credentials: ReadonlyArray<{\n rpId: string\n userId: string\n username: string\n displayName: string\n }>\n}\n\n/**\n * Narrow an unknown value to an `UpdatedCredentials`-tagged payload.\n *\n * @category Passkeys\n */\nexport const isUpdatedUserDetails = (\n payload: unknown\n): payload is UpdatedCredentials => {\n if (typeof payload !== \"object\") return false\n if (payload === null) return false\n if (!(\"_tag\" in payload)) return false\n if (typeof payload._tag !== \"string\") return false\n if (payload._tag !== \"UpdatedCredentials\") return false\n\n return true\n}\n\n/* END UpdatedUserDetails */\n\nconst authorizationHeaders = (apiKey: string) => ({\n authorization: `Bearer ${apiKey}`,\n})\n\nconst decodeResponseJson = <A, I, R>(\n response: NetworkResponse,\n schema: Schema.Schema<A, I, R>\n) => pipe(response.json, Effect.flatMap(Schema.decodeUnknown(schema)))\n\n/* Get Passkey */\n\n/**\n * Options for fetching a single passkey.\n *\n * @category Passkeys\n */\nexport interface GetPasskeyOptions extends AuthenticatedOptions {\n /**\n * Identifier of the passkey to fetch.\n */\n passkeyId: string\n}\n\n/**\n * Fetch a single passkey from the Passlock vault.\n *\n * @param options Request options including the passkey identifier.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with the requested passkey.\n *\n * @category Passkeys\n */\nexport const getPasskey = (\n options: GetPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Delete Passkey */\n\n/**\n * Options for deleting a single passkey.\n *\n * @category Passkeys\n */\nexport interface DeletePasskeyOptions extends AuthenticatedOptions {\n /**\n * Identifier of the passkey to delete.\n */\n passkeyId: string\n}\n\n/**\n * Delete a single passkey from the Passlock vault.\n *\n * This only removes the server-side record. It does not remove the passkey\n * from the user's device.\n *\n * @param options Request options including the passkey identifier.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with the deleted credential.\n *\n * @category Passkeys\n */\nexport const deletePasskey = (\n options: DeletePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<DeletedPasskey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, passkeyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"delete\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: Passkey | ForbiddenError | NotFoundError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(ForbiddenError, NotFoundError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) =>\n Effect.succeed({\n _tag: \"DeletedPasskey\" as const,\n deleted: {\n credentialId: passkey.credential.id,\n userId: passkey.credential.userId,\n rpId: passkey.credential.rpId,\n },\n })\n ),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Assign User */\n\n/**\n * Options for assigning a custom user ID to a single passkey.\n *\n * @category Passkeys\n */\nexport interface AssignUserOptions extends AuthenticatedOptions {\n /**\n * Identifier of the passkey to update.\n */\n passkeyId: string\n\n /**\n * Custom User ID to align with your own systems\n */\n userId: string\n}\n\n// TODO reuse updatePasskey\n/**\n * Assign a custom user ID to a single passkey.\n *\n * This updates Passlock's mapping for the passkey. It does not change the\n * underlying WebAuthn credential's `userId`.\n *\n * @param options Request options including the passkey identifier and custom user ID.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with the updated passkey.\n *\n * @category Passkeys\n */\nexport const assignUser = (\n options: AssignUserOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { userId, passkeyId } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkey */\n\n/**\n * Options for updating a single passkey's metadata.\n *\n * @category Passkeys\n */\nexport interface UpdatePasskeyOptions extends AuthenticatedOptions {\n /**\n * Identifier of the passkey to update.\n */\n passkeyId: string\n /**\n * Custom user ID to associate with the passkey.\n */\n userId?: string\n /**\n * Username metadata stored alongside the passkey.\n */\n username?: string\n}\n\n/**\n * Update a single passkey's custom user ID and/or username metadata.\n *\n * @param options Request options including the passkey identifier and fields to update.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with the updated passkey.\n *\n * @category Passkeys\n */\nexport const updatePasskey = (\n options: UpdatePasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<Passkey, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, passkeyId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/${passkeyId}`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: Passkey | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) => decodeResponseJson(res, PasskeySchemas.Passkey),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"Passkey\", (passkey) => Effect.succeed(passkey)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update passkeys by userId (currently not exported) */\n\ninterface UpdateUserPasskeyOptions extends AuthenticatedOptions {\n userId: string\n username?: string\n}\n\nconst updateUserPasskeys = (\n options: UpdateUserPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedPasskeys, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { userId, username } = options\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/users/${userId}/passkeys/`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"patch\",\n { userId, username },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded: UpdatedPasskeys | NotFoundError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": (res) =>\n decodeResponseJson(res, PasskeySchemas.UpdatedPasskeys),\n orElse: (res) =>\n decodeResponseJson(\n res,\n Schema.Union(NotFoundError, ForbiddenError)\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"UpdatedPasskeys\", (result) => Effect.succeed(result)),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Delete passkeys by userId */\n\n/**\n * Options for deleting all passkeys belonging to a user.\n *\n * @category Passkeys\n */\nexport interface DeleteUserPasskeysOptions extends AuthenticatedOptions {\n /**\n * Custom user ID whose passkeys should be deleted.\n */\n userId: string\n}\n\n/**\n * Delete all passkeys associated with a custom user ID.\n *\n * The resulting `deleted` credentials can be passed to\n * `@passlock/client` to remove the corresponding passkeys from the user's\n * device.\n *\n * @param options Request options including the custom user ID.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with the deleted credential identifiers.\n *\n * @category Passkeys\n */\nexport const deleteUserPasskeys = (\n options: DeleteUserPasskeysOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<DeletedPasskeys, NotFoundError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n\n const { tenancyId, userId } = options\n\n const url = new URL(`/${tenancyId}/users/${userId}/passkeys/`, baseUrl)\n\n const response = yield* fetchNetwork(\n url,\n \"delete\",\n { userId },\n {\n headers: authorizationHeaders(options.apiKey),\n }\n )\n\n const encoded:\n | typeof PasskeySchemas.DeletedPasskeysResponse.Type\n | NotFoundError\n | ForbiddenError = yield* matchStatus(response, {\n \"2xx\": (res) =>\n decodeResponseJson(res, PasskeySchemas.DeletedPasskeysResponse),\n orElse: (res) =>\n decodeResponseJson(res, Schema.Union(NotFoundError, ForbiddenError)),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"DeletedPasskeys\", (result) =>\n Effect.succeed({\n _tag: \"DeletedPasskeys\" as const,\n deleted: result.deleted.map((passkey) => ({\n credentialId: passkey.credential.id,\n userId: passkey.credential.userId,\n rpId: passkey.credential.rpId,\n })),\n })\n ),\n Match.tag(\"@error/NotFound\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/* Update user details by userId */\n\n/**\n * Options for updating username metadata for all passkeys that share a custom\n * user ID, plus optional display-name data to return for client-side updates.\n *\n * @category Passkeys\n */\nexport interface UpdateUsernamesOptions extends AuthenticatedOptions {\n /**\n * Custom user ID whose passkeys should be updated.\n */\n userId: string\n /**\n * Username to write back to each stored passkey.\n */\n username: string\n /**\n * Optional display name to return for client-side credential updates.\n *\n * When omitted, the returned credentials use `username` as the display name.\n */\n displayName?: string\n}\n\n/**\n * Update the username metadata for all passkeys belonging to a custom user ID.\n *\n * The resulting payload is designed to be passed to\n * `@passlock/client` so matching device credentials can be updated.\n * The optional `displayName` is not stored in Passlock; it is only copied into\n * the returned client payload.\n *\n * @param options Request options including the custom user ID and username metadata.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with one credential update per updated passkey.\n *\n * @category Passkeys\n */\nexport const updatePasskeyUsernames = (\n options: UpdateUsernamesOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<UpdatedCredentials, NotFoundError | ForbiddenError> =>\n pipe(\n updateUserPasskeys(options, fetchLayer),\n Effect.map((result) => result.updated),\n Effect.map(\n Array.map((passkey) => {\n return {\n rpId: passkey.credential.rpId,\n userId: passkey.credential.userId,\n username: passkey.credential.username,\n displayName: options.displayName ?? passkey.credential.username,\n }\n })\n ),\n Effect.map((credentials) => ({\n _tag: \"UpdatedCredentials\",\n credentials,\n }))\n )\n\n/* List Passkeys */\n\n/**\n * Stream every passkey summary for a tenancy across all result pages.\n *\n * @param options Request options used for each paginated request.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns A stream of passkey summaries.\n *\n * @category Passkeys\n */\nexport const listPasskeysStream = (\n options: AuthenticatedOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Stream.Stream<PasskeySummary, ForbiddenError> =>\n pipe(\n Stream.paginateChunkEffect(null as string | null, (cursor) =>\n pipe(\n listPasskeys(cursor ? { ...options, cursor } : options, fetchLayer),\n Effect.map((result) => [\n Chunk.fromIterable(result.records),\n Option.fromNullable(result.cursor),\n ])\n )\n )\n )\n\n/**\n * Options for listing passkeys.\n *\n * @category Passkeys\n */\nexport interface ListPasskeyOptions extends AuthenticatedOptions {\n /**\n * Pagination cursor returned from a previous {@link listPasskeys} call.\n */\n cursor?: string\n}\n\n/**\n * Fetch a single page of passkey summaries for a tenancy.\n *\n * @param options Request options including an optional pagination cursor.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with one page of passkey summaries.\n *\n * @category Passkeys\n */\nexport const listPasskeys = (\n options: ListPasskeyOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<FindAllPasskeys, ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId } = options\n\n const url = new URL(`/${tenancyId}/passkeys/`, baseUrl)\n if (options.cursor) {\n url.searchParams.append(\"cursor\", options.cursor)\n }\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: authorizationHeaders(options.apiKey),\n })\n\n const encoded: FindAllPasskeys | ForbiddenError = yield* matchStatus(\n response,\n {\n \"2xx\": (res) => decodeResponseJson(res, FindAllPasskeysSchema),\n orElse: (res) => decodeResponseJson(res, ForbiddenError),\n }\n )\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"FindAllPasskeys\", (data) => Effect.succeed(data)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n"]}
package/dist/principal/principal.d.ts CHANGED
@@ -3,20 +3,64 @@ import { type NetworkFetch } from "../network.js";
3
3
  import { ForbiddenError, InvalidCodeError } from "../schemas/errors.js";
4
4
  import { type ExtendedPrincipal, type Principal } from "../schemas/principal.js";
5
5
  import type { AuthenticatedOptions, PasslockOptions } from "../shared.js";
6
+ /**
7
+ * Options for exchanging a short-lived Passlock code for an
8
+ * {@link ExtendedPrincipal}.
9
+ *
10
+ * @category Principal
11
+ */
6
12
  export interface ExchangeCodeOptions extends AuthenticatedOptions {
13
+ /**
14
+ * Short-lived code emitted by `@passlock/client`.
15
+ */
7
16
  code: string;
8
17
  }
18
+ /**
19
+ * Exchange a short-lived Passlock code for details about the completed
20
+ * registration or authentication operation.
21
+ *
22
+ * @param options Request options including the code to exchange.
23
+ * @param fetchLayer Optional fetch service override for testing or custom runtimes.
24
+ * @returns An Effect that succeeds with the resolved {@link ExtendedPrincipal}.
25
+ *
26
+ * @category Principal
27
+ */
9
28
  export declare const exchangeCode: (options: ExchangeCodeOptions, fetchLayer?: Layer.Layer<NetworkFetch>) => Effect.Effect<ExtendedPrincipal, InvalidCodeError | ForbiddenError>;
10
- declare const VerificationError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => import("effect/Cause").YieldableError & {
29
+ declare const VerificationError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").VoidIfEmpty<{ readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }>) => import("effect/Cause").YieldableError & {
11
30
  readonly _tag: "@error/Verification";
12
31
  } & Readonly<A>;
32
+ /**
33
+ * Error returned when `verifyIdToken` cannot decode or validate the supplied
34
+ * token.
35
+ *
36
+ * @category Principal
37
+ */
13
38
  export declare class VerificationError extends VerificationError_base<{
14
39
  message: string;
15
40
  }> {
16
41
  }
42
+ /**
43
+ * Options for locally verifying a Passlock `id_token`.
44
+ *
45
+ * @category Principal
46
+ */
17
47
  export interface VerifyIdTokenOptions extends PasslockOptions {
48
+ /**
49
+ * JWT to decode and verify.
50
+ */
18
51
  token: string;
19
52
  }
53
+ /**
54
+ * Decode and verify a Passlock `id_token` using the Passlock JWKS endpoint.
55
+ *
56
+ * The JWKS endpoint is derived from `endpoint` and cached between calls in the
57
+ * current process.
58
+ *
59
+ * @param options Request options including the token to verify.
60
+ * @returns An Effect that succeeds with a decoded {@link Principal}.
61
+ *
62
+ * @category Principal
63
+ */
20
64
  export declare const verifyIdToken: (options: VerifyIdTokenOptions) => Effect.Effect<Principal, VerificationError>;
21
65
  export {};
22
66
  //# sourceMappingURL=principal.d.ts.map
package/dist/principal/principal.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,MAAM,EAAE,KAAK,KAAK,EAAuB,MAAM,QAAQ,CAAA;AAGtE,OAAO,EAGL,KAAK,YAAY,EAKlB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EACL,KAAK,iBAAiB,EAGtB,KAAK,SAAS,EACf,MAAM,yBAAyB,CAAA;AAEhC,OAAO,KAAK,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAEzE,MAAM,WAAW,mBAAoB,SAAQ,oBAAoB;IAC/D,IAAI,EAAE,MAAM,CAAA;CACb;AAED,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,EAC5B,aAAY,KAAK,CAAC,KAAK,CAAC,YAAY,CAAoB,KACvD,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,gBAAgB,GAAG,cAAc,CAiDlE,CAAA;;;;AAEH,qBAAa,iBAAkB,SAAQ,uBAAwC;IAC7E,OAAO,EAAE,MAAM,CAAA;CAChB,CAAC;CAAG;AAEL,MAAM,WAAW,oBAAqB,SAAQ,eAAe;IAC3D,KAAK,EAAE,MAAM,CAAA;CACd;AAED,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,iBAAiB,CAwC1C,CAAA"}
1
+ {"version":3,"file":"principal.d.ts","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,MAAM,EAAE,KAAK,KAAK,EAAuB,MAAM,QAAQ,CAAA;AAGtE,OAAO,EAGL,KAAK,YAAY,EAKlB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EACL,KAAK,iBAAiB,EAGtB,KAAK,SAAS,EACf,MAAM,yBAAyB,CAAA;AAEhC,OAAO,KAAK,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAEzE;;;;;GAKG;AACH,MAAM,WAAW,mBAAoB,SAAQ,oBAAoB;IAC/D;;OAEG;IACH,IAAI,EAAE,MAAM,CAAA;CACb;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,YAAY,GACvB,SAAS,mBAAmB,EAC5B,aAAY,KAAK,CAAC,KAAK,CAAC,YAAY,CAAoB,KACvD,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,gBAAgB,GAAG,cAAc,CAiDlE,CAAA;;;;AAEH;;;;;GAKG;AACH,qBAAa,iBAAkB,SAAQ,uBAAwC;IAC7E,OAAO,EAAE,MAAM,CAAA;CAChB,CAAC;CAAG;AAEL;;;;GAIG;AACH,MAAM,WAAW,oBAAqB,SAAQ,eAAe;IAC3D;;OAEG;IACH,KAAK,EAAE,MAAM,CAAA;CACd;AAED;;;;;;;;;;GAUG;AACH,eAAO,MAAM,aAAa,GACxB,SAAS,oBAAoB,KAC5B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,iBAAiB,CAwC1C,CAAA"}
package/dist/principal/principal.js CHANGED
@@ -3,6 +3,16 @@ import * as jose from "jose";
3
3
  import { fetchNetwork, matchStatus, NetworkFetchLive, } from "../network.js";
4
4
  import { ForbiddenError, InvalidCodeError } from "../schemas/errors.js";
5
5
  import { ExtendedPrincipalSchema, IdTokenSchema, } from "../schemas/principal.js";
6
+ /**
7
+ * Exchange a short-lived Passlock code for details about the completed
8
+ * registration or authentication operation.
9
+ *
10
+ * @param options Request options including the code to exchange.
11
+ * @param fetchLayer Optional fetch service override for testing or custom runtimes.
12
+ * @returns An Effect that succeeds with the resolved {@link ExtendedPrincipal}.
13
+ *
14
+ * @category Principal
15
+ */
6
16
  export const exchangeCode = (options, fetchLayer = NetworkFetchLive) => pipe(Effect.gen(function* () {
7
17
  const baseUrl = options.endpoint ?? "https://api.passlock.dev";
8
18
  const { tenancyId, code } = options;
@@ -23,8 +33,25 @@ export const exchangeCode = (options, fetchLayer = NetworkFetchLive) => pipe(Eff
23
33
  "@error/NetworkResponse": (err) => Effect.die(err),
24
34
  ParseError: (err) => Effect.die(err),
25
35
  }), Effect.provide(fetchLayer));
36
+ /**
37
+ * Error returned when `verifyIdToken` cannot decode or validate the supplied
38
+ * token.
39
+ *
40
+ * @category Principal
41
+ */
26
42
  export class VerificationError extends Data.TaggedError("@error/Verification") {
27
43
  }
44
+ /**
45
+ * Decode and verify a Passlock `id_token` using the Passlock JWKS endpoint.
46
+ *
47
+ * The JWKS endpoint is derived from `endpoint` and cached between calls in the
48
+ * current process.
49
+ *
50
+ * @param options Request options including the token to verify.
51
+ * @returns An Effect that succeeds with a decoded {@link Principal}.
52
+ *
53
+ * @category Principal
54
+ */
28
55
  export const verifyIdToken = (options) => pipe(Effect.gen(function* () {
29
56
  const JWKS = yield* createCachedRemoteJwks(options.endpoint);
30
57
  const { payload } = yield* Effect.tryPromise({
package/dist/principal/principal.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"principal.js","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAc,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAEtE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAIjB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EAEL,uBAAuB,EACvB,aAAa,GAEd,MAAM,yBAAyB,CAAA;AAQhC,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EAC5B,aAAwC,gBAAgB,EACa,EAAE,CACvE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IAEnC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,cAAc,IAAI,EAAE,EAAE,OAAO,CAAC,CAAA;IAE/D,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE;SAC1C;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAClB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC,CAC9D;QACH,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACnB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CACZ,MAAM,CAAC,aAAa,CAClB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAC/C,CACF,CACF;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,SAAS,EAAE,EAAE,CAC3C,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,EACD,KAAK,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAEH,MAAM,OAAO,iBAAkB,SAAQ,IAAI,CAAC,WAAW,CAAC,qBAAqB,CAE3E;CAAG;AAML,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACgB,EAAE,CAC/C,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAE5D,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAC3C,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE;YACb,OAAO,GAAG,YAAY,KAAK;gBACzB,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC;gBACjD,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACrD,CAAC;QACD,GAAG,EAAE,GAAG,EAAE,CACR,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,MAAM,EAAE,cAAc;SACvB,CAAC;KACL,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QACzD,GAAG,OAAO;QACV,IAAI,EAAE,SAAS;KAChB,CAAC,CAAA;IAEF,MAAM,SAAS,GAAc;QAC3B,IAAI,EAAE,WAAW;QACjB,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC;QAClB,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC;QAChC,iBAAiB,EAAE,SAAS;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,OAAO,EAAE;YACP,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC;YAC9B,QAAQ,EAAE,IAAI;SACf;QACD,MAAM,EAAE,OAAO,CAAC,GAAG;KACpB,CAAA;IAED,OAAO,SAAS,CAAA;AAClB,CAAC,CAAC,EACF,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CACxD,CAAA;AAEH,MAAM,UAAU,GAAG,CAAC,QAAiB,EAAE,EAAE,CACvC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE;IACf,MAAM,OAAO,GAAG,QAAQ,IAAI,0BAA0B,CAAA;IAEtD,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC,CAAA;AAC5E,CAAC,CAAC,CAAA;AAEJ,MAAM,sBAAsB,GAAG,IAAI,CACjC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,EACjC,MAAM,CAAC,OAAO,CACf,CAAA","sourcesContent":["import { Data, Effect, type Layer, Match, pipe, Schema } from \"effect\"\n\nimport * as jose from \"jose\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponseError,\n} from \"../network.js\"\nimport { ForbiddenError, InvalidCodeError } from \"../schemas/errors.js\"\nimport {\n type ExtendedPrincipal,\n ExtendedPrincipalSchema,\n IdTokenSchema,\n type Principal,\n} from \"../schemas/principal.js\"\n\nimport type { AuthenticatedOptions, PasslockOptions } from \"../shared.js\"\n\nexport interface ExchangeCodeOptions extends AuthenticatedOptions {\n code: string\n}\n\nexport const exchangeCode = (\n options: ExchangeCodeOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<ExtendedPrincipal, InvalidCodeError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, code } = options\n\n const url = new URL(`/${tenancyId}/principal/${code}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: {\n authorization: `Bearer ${options.apiKey}`,\n },\n })\n\n const encoded: ExtendedPrincipal | InvalidCodeError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": ({ json }) =>\n pipe(\n json,\n Effect.flatMap(Schema.decodeUnknown(ExtendedPrincipalSchema))\n ),\n orElse: ({ json }) =>\n pipe(\n json,\n Effect.flatMap(\n Schema.decodeUnknown(\n Schema.Union(InvalidCodeError, ForbiddenError)\n )\n )\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"ExtendedPrincipal\", (principal) =>\n Effect.succeed(principal)\n ),\n Match.tag(\"@error/InvalidCode\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\nexport class VerificationError extends Data.TaggedError(\"@error/Verification\")<{\n message: string\n}> {}\n\nexport interface VerifyIdTokenOptions extends PasslockOptions {\n token: string\n}\n\nexport const verifyIdToken = (\n options: VerifyIdTokenOptions\n): Effect.Effect<Principal, VerificationError> =>\n pipe(\n Effect.gen(function* () {\n const JWKS = yield* createCachedRemoteJwks(options.endpoint)\n\n const { payload } = yield* Effect.tryPromise({\n catch: (err) => {\n return err instanceof Error\n ? new VerificationError({ message: err.message })\n : new VerificationError({ message: String(err) })\n },\n try: () =>\n jose.jwtVerify(options.token, JWKS, {\n audience: options.tenancyId,\n issuer: \"passlock.dev\",\n }),\n })\n\n const idToken = yield* Schema.decodeUnknown(IdTokenSchema)({\n ...payload,\n _tag: \"IdToken\",\n })\n\n const principal: Principal = {\n _tag: \"Principal\",\n id: idToken[\"jti\"],\n authenticatorId: idToken[\"a:id\"],\n authenticatorType: \"passkey\",\n createdAt: idToken.iat * 1000,\n expiresAt: idToken.exp * 1000,\n passkey: {\n userVerified: idToken[\"pk:uv\"],\n verified: true,\n },\n userId: idToken.sub,\n }\n\n return principal\n }),\n Effect.catchTag(\"ParseError\", (err) => Effect.die(err))\n )\n\nconst createJwks = (endpoint?: string) =>\n Effect.sync(() => {\n const baseUrl = endpoint ?? \"https://api.passlock.dev\"\n\n return jose.createRemoteJWKSet(new URL(\"/.well-known/jwks.json\", baseUrl))\n })\n\nconst createCachedRemoteJwks = pipe(\n Effect.cachedFunction(createJwks),\n Effect.runSync\n)\n"]}
1
+ {"version":3,"file":"principal.js","sourceRoot":"","sources":["../../src/principal/principal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAc,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAEtE,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,EACL,YAAY,EACZ,WAAW,EAEX,gBAAgB,GAIjB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvE,OAAO,EAEL,uBAAuB,EACvB,aAAa,GAEd,MAAM,yBAAyB,CAAA;AAiBhC;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAC1B,OAA4B,EAC5B,aAAwC,gBAAgB,EACa,EAAE,CACvE,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,0BAA0B,CAAA;IAC9D,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IAEnC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,SAAS,cAAc,IAAI,EAAE,EAAE,OAAO,CAAC,CAAA;IAE/D,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1D,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE;SAC1C;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GACX,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;QAC3B,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAClB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC,CAC9D;QACH,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CACnB,IAAI,CACF,IAAI,EACJ,MAAM,CAAC,OAAO,CACZ,MAAM,CAAC,aAAa,CAClB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAC/C,CACF,CACF;KACJ,CAAC,CAAA;IAEJ,OAAO,KAAK,CAAC,CAAC,IAAI,CAChB,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,EACpB,KAAK,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,SAAS,EAAE,EAAE,CAC3C,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,EACD,KAAK,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAC1D,KAAK,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EACxD,KAAK,CAAC,UAAU,CACjB,CAAA;AACH,CAAC,CAAC,EACF,MAAM,CAAC,SAAS,CAAC;IACf,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,uBAAuB,EAAE,CAAC,GAAwB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACtE,wBAAwB,EAAE,CAAC,GAAyB,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;IACxE,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;CACrC,CAAC,EACF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAC3B,CAAA;AAEH;;;;;GAKG;AACH,MAAM,OAAO,iBAAkB,SAAQ,IAAI,CAAC,WAAW,CAAC,qBAAqB,CAE3E;CAAG;AAcL;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,OAA6B,EACgB,EAAE,CAC/C,IAAI,CACF,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;IAClB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAE5D,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAC3C,KAAK,EAAE,CAAC,GAAG,EAAE,EAAE;YACb,OAAO,GAAG,YAAY,KAAK;gBACzB,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC;gBACjD,CAAC,CAAC,IAAI,iBAAiB,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACrD,CAAC;QACD,GAAG,EAAE,GAAG,EAAE,CACR,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,OAAO,CAAC,SAAS;YAC3B,MAAM,EAAE,cAAc;SACvB,CAAC;KACL,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QACzD,GAAG,OAAO;QACV,IAAI,EAAE,SAAS;KAChB,CAAC,CAAA;IAEF,MAAM,SAAS,GAAc;QAC3B,IAAI,EAAE,WAAW;QACjB,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC;QAClB,eAAe,EAAE,OAAO,CAAC,MAAM,CAAC;QAChC,iBAAiB,EAAE,SAAS;QAC5B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,SAAS,EAAE,OAAO,CAAC,GAAG,GAAG,IAAI;QAC7B,OAAO,EAAE;YACP,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC;YAC9B,QAAQ,EAAE,IAAI;SACf;QACD,MAAM,EAAE,OAAO,CAAC,GAAG;KACpB,CAAA;IAED,OAAO,SAAS,CAAA;AAClB,CAAC,CAAC,EACF,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CACxD,CAAA;AAEH,MAAM,UAAU,GAAG,CAAC,QAAiB,EAAE,EAAE,CACvC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE;IACf,MAAM,OAAO,GAAG,QAAQ,IAAI,0BAA0B,CAAA;IAEtD,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC,CAAA;AAC5E,CAAC,CAAC,CAAA;AAEJ,MAAM,sBAAsB,GAAG,IAAI,CACjC,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,EACjC,MAAM,CAAC,OAAO,CACf,CAAA","sourcesContent":["import { Data, Effect, type Layer, Match, pipe, Schema } from \"effect\"\n\nimport * as jose from \"jose\"\nimport {\n fetchNetwork,\n matchStatus,\n type NetworkFetch,\n NetworkFetchLive,\n type NetworkPayloadError,\n type NetworkRequestError,\n type NetworkResponseError,\n} from \"../network.js\"\nimport { ForbiddenError, InvalidCodeError } from \"../schemas/errors.js\"\nimport {\n type ExtendedPrincipal,\n ExtendedPrincipalSchema,\n IdTokenSchema,\n type Principal,\n} from \"../schemas/principal.js\"\n\nimport type { AuthenticatedOptions, PasslockOptions } from \"../shared.js\"\n\n/**\n * Options for exchanging a short-lived Passlock code for an\n * {@link ExtendedPrincipal}.\n *\n * @category Principal\n */\nexport interface ExchangeCodeOptions extends AuthenticatedOptions {\n /**\n * Short-lived code emitted by `@passlock/client`.\n */\n code: string\n}\n\n/**\n * Exchange a short-lived Passlock code for details about the completed\n * registration or authentication operation.\n *\n * @param options Request options including the code to exchange.\n * @param fetchLayer Optional fetch service override for testing or custom runtimes.\n * @returns An Effect that succeeds with the resolved {@link ExtendedPrincipal}.\n *\n * @category Principal\n */\nexport const exchangeCode = (\n options: ExchangeCodeOptions,\n fetchLayer: Layer.Layer<NetworkFetch> = NetworkFetchLive\n): Effect.Effect<ExtendedPrincipal, InvalidCodeError | ForbiddenError> =>\n pipe(\n Effect.gen(function* () {\n const baseUrl = options.endpoint ?? \"https://api.passlock.dev\"\n const { tenancyId, code } = options\n\n const url = new URL(`/${tenancyId}/principal/${code}`, baseUrl)\n\n const response = yield* fetchNetwork(url, \"get\", undefined, {\n headers: {\n authorization: `Bearer ${options.apiKey}`,\n },\n })\n\n const encoded: ExtendedPrincipal | InvalidCodeError | ForbiddenError =\n yield* matchStatus(response, {\n \"2xx\": ({ json }) =>\n pipe(\n json,\n Effect.flatMap(Schema.decodeUnknown(ExtendedPrincipalSchema))\n ),\n orElse: ({ json }) =>\n pipe(\n json,\n Effect.flatMap(\n Schema.decodeUnknown(\n Schema.Union(InvalidCodeError, ForbiddenError)\n )\n )\n ),\n })\n\n return yield* pipe(\n Match.value(encoded),\n Match.tag(\"ExtendedPrincipal\", (principal) =>\n Effect.succeed(principal)\n ),\n Match.tag(\"@error/InvalidCode\", (err) => Effect.fail(err)),\n Match.tag(\"@error/Forbidden\", (err) => Effect.fail(err)),\n Match.exhaustive\n )\n }),\n Effect.catchTags({\n \"@error/NetworkPayload\": (err: NetworkPayloadError) => Effect.die(err),\n \"@error/NetworkRequest\": (err: NetworkRequestError) => Effect.die(err),\n \"@error/NetworkResponse\": (err: NetworkResponseError) => Effect.die(err),\n ParseError: (err) => Effect.die(err),\n }),\n Effect.provide(fetchLayer)\n )\n\n/**\n * Error returned when `verifyIdToken` cannot decode or validate the supplied\n * token.\n *\n * @category Principal\n */\nexport class VerificationError extends Data.TaggedError(\"@error/Verification\")<{\n message: string\n}> {}\n\n/**\n * Options for locally verifying a Passlock `id_token`.\n *\n * @category Principal\n */\nexport interface VerifyIdTokenOptions extends PasslockOptions {\n /**\n * JWT to decode and verify.\n */\n token: string\n}\n\n/**\n * Decode and verify a Passlock `id_token` using the Passlock JWKS endpoint.\n *\n * The JWKS endpoint is derived from `endpoint` and cached between calls in the\n * current process.\n *\n * @param options Request options including the token to verify.\n * @returns An Effect that succeeds with a decoded {@link Principal}.\n *\n * @category Principal\n */\nexport const verifyIdToken = (\n options: VerifyIdTokenOptions\n): Effect.Effect<Principal, VerificationError> =>\n pipe(\n Effect.gen(function* () {\n const JWKS = yield* createCachedRemoteJwks(options.endpoint)\n\n const { payload } = yield* Effect.tryPromise({\n catch: (err) => {\n return err instanceof Error\n ? new VerificationError({ message: err.message })\n : new VerificationError({ message: String(err) })\n },\n try: () =>\n jose.jwtVerify(options.token, JWKS, {\n audience: options.tenancyId,\n issuer: \"passlock.dev\",\n }),\n })\n\n const idToken = yield* Schema.decodeUnknown(IdTokenSchema)({\n ...payload,\n _tag: \"IdToken\",\n })\n\n const principal: Principal = {\n _tag: \"Principal\",\n id: idToken[\"jti\"],\n authenticatorId: idToken[\"a:id\"],\n authenticatorType: \"passkey\",\n createdAt: idToken.iat * 1000,\n expiresAt: idToken.exp * 1000,\n passkey: {\n userVerified: idToken[\"pk:uv\"],\n verified: true,\n },\n userId: idToken.sub,\n }\n\n return principal\n }),\n Effect.catchTag(\"ParseError\", (err) => Effect.die(err))\n )\n\nconst createJwks = (endpoint?: string) =>\n Effect.sync(() => {\n const baseUrl = endpoint ?? \"https://api.passlock.dev\"\n\n return jose.createRemoteJWKSet(new URL(\"/.well-known/jwks.json\", baseUrl))\n })\n\nconst createCachedRemoteJwks = pipe(\n Effect.cachedFunction(createJwks),\n Effect.runSync\n)\n"]}
package/dist/safe-result.d.ts ADDED
@@ -0,0 +1,33 @@
1
+ /**
2
+ * Result envelope applied to successful values returned from
3
+ * `@passlock/server/safe`.
4
+ *
5
+ * The top-level object still exposes its original `_tag`, so
6
+ * existing `_tag` checks and type guards continue to work, while
7
+ * `success` and `failure` provide boolean branch narrowing.
8
+ */
9
+ export type Ok<T extends object> = T & {
10
+ readonly success: true;
11
+ readonly failure: false;
12
+ readonly value: T;
13
+ };
14
+ /**
15
+ * Result envelope applied to expected error values returned from
16
+ * `@passlock/server/safe`.
17
+ *
18
+ * The top-level object still exposes its original `_tag`, so
19
+ * existing `_tag` checks and type guards continue to work, while
20
+ * `success` and `failure` provide boolean branch narrowing.
21
+ */
22
+ export type Err<E extends object> = E & {
23
+ readonly success: false;
24
+ readonly failure: true;
25
+ readonly error: E;
26
+ };
27
+ /**
28
+ * Result envelope used by the `@passlock/server/safe` entrypoint.
29
+ */
30
+ export type Result<T extends object, E extends object> = Ok<T> | (E extends unknown ? Err<E> : never);
31
+ export declare const toOkResult: <T extends object>(payload: T) => Ok<T>;
32
+ export declare const toErrResult: <E extends object>(payload: E) => Err<E>;
33
+ //# sourceMappingURL=safe-result.d.ts.map
package/dist/safe-result.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"safe-result.d.ts","sourceRoot":"","sources":["../src/safe-result.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,MAAM,MAAM,EAAE,CAAC,CAAC,SAAS,MAAM,IAAI,CAAC,GAAG;IACrC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAA;IACtB,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAA;IACvB,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAA;CAClB,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,MAAM,GAAG,CAAC,CAAC,SAAS,MAAM,IAAI,CAAC,GAAG;IACtC,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAA;IACvB,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAA;IACtB,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAA;CAClB,CAAA;AAED;;GAEG;AACH,MAAM,MAAM,MAAM,CAAC,CAAC,SAAS,MAAM,EAAE,CAAC,SAAS,MAAM,IACjD,EAAE,CAAC,CAAC,CAAC,GACL,CAAC,CAAC,SAAS,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAA;AAmDxC,eAAO,MAAM,UAAU,GAAI,CAAC,SAAS,MAAM,EAAE,SAAS,CAAC,KAAG,EAAE,CAAC,CAAC,CACnB,CAAA;AAE3C,eAAO,MAAM,WAAW,GAAI,CAAC,SAAS,MAAM,EAAE,SAAS,CAAC,KAAG,GAAG,CAAC,CAAC,CACnB,CAAA"}
package/dist/safe-result.js ADDED
@@ -0,0 +1,35 @@
1
+ const hasOwnProperty = (payload, property) => Object.hasOwn(payload, property);
2
+ const toSelfAccessor = (payload) => ({
3
+ configurable: false,
4
+ enumerable: false,
5
+ get: () => payload,
6
+ });
7
+ const decorate = (payload, success, key) => {
8
+ const descriptors = {};
9
+ if (!hasOwnProperty(payload, "success")) {
10
+ descriptors.success = {
11
+ configurable: false,
12
+ enumerable: false,
13
+ value: success,
14
+ writable: false,
15
+ };
16
+ }
17
+ if (!hasOwnProperty(payload, "failure")) {
18
+ descriptors.failure = {
19
+ configurable: false,
20
+ enumerable: false,
21
+ value: !success,
22
+ writable: false,
23
+ };
24
+ }
25
+ if (!hasOwnProperty(payload, key)) {
26
+ descriptors[key] = toSelfAccessor(payload);
27
+ }
28
+ if (Object.keys(descriptors).length > 0) {
29
+ Object.defineProperties(payload, descriptors);
30
+ }
31
+ return payload;
32
+ };
33
+ export const toOkResult = (payload) => decorate(payload, true, "value");
34
+ export const toErrResult = (payload) => decorate(payload, false, "error");
35
+ //# sourceMappingURL=safe-result.js.map
package/dist/safe-result.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"safe-result.js","sourceRoot":"","sources":["../src/safe-result.ts"],"names":[],"mappings":"AAmCA,MAAM,cAAc,GAAG,CAAC,OAAe,EAAE,QAAqB,EAAW,EAAE,CACzE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;AAElC,MAAM,cAAc,GAAG,CAAmB,OAAU,EAAE,EAAE,CAAC,CAAC;IACxD,YAAY,EAAE,KAAK;IACnB,UAAU,EAAE,KAAK;IACjB,GAAG,EAAE,GAAM,EAAE,CAAC,OAAO;CACtB,CAAC,CAAA;AAEF,MAAM,QAAQ,GAAG,CAKf,OAAU,EACV,OAAgB,EAChB,GAAQ,EACL,EAAE;IACL,MAAM,WAAW,GAA0B,EAAE,CAAA;IAE7C,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAAC;QACxC,WAAW,CAAC,OAAO,GAAG;YACpB,YAAY,EAAE,KAAK;YACnB,UAAU,EAAE,KAAK;YACjB,KAAK,EAAE,OAAO;YACd,QAAQ,EAAE,KAAK;SAChB,CAAA;IACH,CAAC;IAED,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAAC;QACxC,WAAW,CAAC,OAAO,GAAG;YACpB,YAAY,EAAE,KAAK;YACnB,UAAU,EAAE,KAAK;YACjB,KAAK,EAAE,CAAC,OAAO;YACf,QAAQ,EAAE,KAAK;SAChB,CAAA;IACH,CAAC;IAED,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;QAClC,WAAW,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,CAAA;IAC5C,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;IAC/C,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,CAAmB,OAAU,EAAS,EAAE,CAChE,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAU,CAAA;AAE3C,MAAM,CAAC,MAAM,WAAW,GAAG,CAAmB,OAAU,EAAU,EAAE,CAClE,QAAQ,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,CAAW,CAAA","sourcesContent":["/**\n * Result envelope applied to successful values returned from\n * `@passlock/server/safe`.\n *\n * The top-level object still exposes its original `_tag`, so\n * existing `_tag` checks and type guards continue to work, while\n * `success` and `failure` provide boolean branch narrowing.\n */\nexport type Ok<T extends object> = T & {\n readonly success: true\n readonly failure: false\n readonly value: T\n}\n\n/**\n * Result envelope applied to expected error values returned from\n * `@passlock/server/safe`.\n *\n * The top-level object still exposes its original `_tag`, so\n * existing `_tag` checks and type guards continue to work, while\n * `success` and `failure` provide boolean branch narrowing.\n */\nexport type Err<E extends object> = E & {\n readonly success: false\n readonly failure: true\n readonly error: E\n}\n\n/**\n * Result envelope used by the `@passlock/server/safe` entrypoint.\n */\nexport type Result<T extends object, E extends object> =\n | Ok<T>\n | (E extends unknown ? Err<E> : never)\n\nconst hasOwnProperty = (payload: object, property: PropertyKey): boolean =>\n Object.hasOwn(payload, property)\n\nconst toSelfAccessor = <T extends object>(payload: T) => ({\n configurable: false,\n enumerable: false,\n get: (): T => payload,\n})\n\nconst decorate = <\n T extends object,\n Success extends boolean,\n Key extends \"value\" | \"error\",\n>(\n payload: T,\n success: Success,\n key: Key\n): T => {\n const descriptors: PropertyDescriptorMap = {}\n\n if (!hasOwnProperty(payload, \"success\")) {\n descriptors.success = {\n configurable: false,\n enumerable: false,\n value: success,\n writable: false,\n }\n }\n\n if (!hasOwnProperty(payload, \"failure\")) {\n descriptors.failure = {\n configurable: false,\n enumerable: false,\n value: !success,\n writable: false,\n }\n }\n\n if (!hasOwnProperty(payload, key)) {\n descriptors[key] = toSelfAccessor(payload)\n }\n\n if (Object.keys(descriptors).length > 0) {\n Object.defineProperties(payload, descriptors)\n }\n\n return payload\n}\n\nexport const toOkResult = <T extends object>(payload: T): Ok<T> =>\n decorate(payload, true, \"value\") as Ok<T>\n\nexport const toErrResult = <E extends object>(payload: E): Err<E> =>\n decorate(payload, false, \"error\") as Err<E>\n"]}