@pooflabs/core 0.0.39 → 0.0.40
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client/config.d.ts +4 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.js +222 -6
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +222 -7
- package/dist/index.mjs.map +1 -1
- package/dist/utils/core-platform.d.ts +16 -0
- package/dist/utils/rn-session-manager.d.ts +73 -0
- package/dist/utils/web-session-manager.d.ts +5 -0
- package/package.json +1 -1
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Safe base64 helpers for tarobase-core.
|
|
3
|
+
*
|
|
4
|
+
* Uses the global atob/btoa when available (browser, RN with polyfill),
|
|
5
|
+
* falls back to the 'buffer' package (Node.js / SSR / RN without polyfill).
|
|
6
|
+
*
|
|
7
|
+
* These are used instead of bare `atob()`/`btoa()` so the core package
|
|
8
|
+
* works in React Native without requiring the consumer to polyfill globals.
|
|
9
|
+
*/
|
|
10
|
+
export declare function safeAtob(input: string): string;
|
|
11
|
+
export declare function safeBtoa(input: string): string;
|
|
12
|
+
/**
|
|
13
|
+
* Decode a base64url-encoded string (used by JWT payloads).
|
|
14
|
+
* Normalises base64url → standard base64 before decoding.
|
|
15
|
+
*/
|
|
16
|
+
export declare function decodeBase64Url(input: string): string;
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Session manager for React Native environments.
|
|
3
|
+
*
|
|
4
|
+
* Drop-in replacement for WebSessionManager that uses a pluggable
|
|
5
|
+
* StorageAdapter instead of browser localStorage, and a pluggable
|
|
6
|
+
* base64-decode instead of the browser's atob().
|
|
7
|
+
*
|
|
8
|
+
* Consumers must call ReactNativeSessionManager.configure() once at
|
|
9
|
+
* startup to supply these adapters (e.g. MMKV, AsyncStorage wrapper,
|
|
10
|
+
* base64 polyfill).
|
|
11
|
+
*/
|
|
12
|
+
/**
|
|
13
|
+
* Synchronous storage adapter for React Native session persistence.
|
|
14
|
+
*
|
|
15
|
+
* **Security: tokens (access, identity, refresh) are stored as plaintext JSON.**
|
|
16
|
+
* Use an encrypted storage backend in production — for example:
|
|
17
|
+
* - MMKV with an encryption key (`new MMKV({ encryptionKey: '...' })`)
|
|
18
|
+
* - expo-secure-store
|
|
19
|
+
* - react-native-keychain
|
|
20
|
+
*
|
|
21
|
+
* Plaintext token storage on a rooted/jailbroken device is a credential theft risk.
|
|
22
|
+
*/
|
|
23
|
+
export interface RNStorageAdapter {
|
|
24
|
+
getItem(key: string): string | null;
|
|
25
|
+
setItem(key: string, value: string): void;
|
|
26
|
+
removeItem(key: string): void;
|
|
27
|
+
}
|
|
28
|
+
interface RNSessionConfig {
|
|
29
|
+
storage: RNStorageAdapter;
|
|
30
|
+
/** base64 → binary string (replaces browser atob). */
|
|
31
|
+
atob: (input: string) => string;
|
|
32
|
+
}
|
|
33
|
+
export declare class ReactNativeSessionManager {
|
|
34
|
+
private static TAROBASE_SESSION_STORAGE_KEY;
|
|
35
|
+
/**
|
|
36
|
+
* Must be called once before any other method.
|
|
37
|
+
*
|
|
38
|
+
* ```ts
|
|
39
|
+
* import { ReactNativeSessionManager } from '@pooflabs/core';
|
|
40
|
+
* import { MMKV } from 'react-native-mmkv';
|
|
41
|
+
* import { decode } from 'base-64';
|
|
42
|
+
*
|
|
43
|
+
* const mmkv = new MMKV();
|
|
44
|
+
* ReactNativeSessionManager.configure({
|
|
45
|
+
* storage: {
|
|
46
|
+
* getItem: (k) => mmkv.getString(k) ?? null,
|
|
47
|
+
* setItem: (k, v) => mmkv.set(k, v),
|
|
48
|
+
* removeItem: (k) => mmkv.delete(k),
|
|
49
|
+
* },
|
|
50
|
+
* atob: decode,
|
|
51
|
+
* });
|
|
52
|
+
* ```
|
|
53
|
+
*/
|
|
54
|
+
static configure(cfg: RNSessionConfig): void;
|
|
55
|
+
private static getStorage;
|
|
56
|
+
private static decodeBase64;
|
|
57
|
+
/**
|
|
58
|
+
* Decode a base64url-encoded string (used by JWT payloads).
|
|
59
|
+
* Normalises base64url → standard base64 before decoding.
|
|
60
|
+
*/
|
|
61
|
+
private static decodeBase64Url;
|
|
62
|
+
static storeSession(address: string, accessToken: string, idToken: string, refreshToken: string): Promise<void>;
|
|
63
|
+
static getSession(): Promise<{
|
|
64
|
+
address: string;
|
|
65
|
+
session: any;
|
|
66
|
+
} | null>;
|
|
67
|
+
static clearSession(): void;
|
|
68
|
+
static isAuthenticated(): boolean;
|
|
69
|
+
static getIdToken(): string | null;
|
|
70
|
+
static getRefreshToken(): string | null;
|
|
71
|
+
static updateIdTokenAndAccessToken(idToken: string, accessToken: string): Promise<void>;
|
|
72
|
+
}
|
|
73
|
+
export {};
|
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
export declare class WebSessionManager {
|
|
2
2
|
private static TAROBASE_SESSION_STORAGE_KEY;
|
|
3
|
+
/**
|
|
4
|
+
* Decode a base64url-encoded string (used by JWT payloads).
|
|
5
|
+
* Normalises base64url → standard base64 before calling browser atob().
|
|
6
|
+
*/
|
|
7
|
+
private static decodeBase64Url;
|
|
3
8
|
static storeSession(address: string, accessToken: string, idToken: string, refreshToken: string): Promise<void>;
|
|
4
9
|
static getSession(): Promise<{
|
|
5
10
|
address: string;
|