@prefig/upact 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +45 -0
- package/CONFORMANCE.md +162 -0
- package/CONTRIBUTING.md +87 -0
- package/GOVERNANCE.md +34 -0
- package/LICENSE +396 -0
- package/LICENSE-CODE +202 -0
- package/README.md +97 -0
- package/ROADMAP.md +107 -0
- package/SECURITY.md +33 -0
- package/SPEC.md +314 -0
- package/dist/errors.d.ts +25 -0
- package/dist/errors.d.ts.map +1 -0
- package/dist/errors.js +29 -0
- package/dist/errors.js.map +1 -0
- package/dist/index.d.ts +14 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +13 -0
- package/dist/index.js.map +1 -0
- package/dist/internal.d.ts +13 -0
- package/dist/internal.d.ts.map +1 -0
- package/dist/internal.js +14 -0
- package/dist/internal.js.map +1 -0
- package/dist/runtime.d.ts +47 -0
- package/dist/runtime.d.ts.map +1 -0
- package/dist/runtime.js +61 -0
- package/dist/runtime.js.map +1 -0
- package/dist/types.d.ts +104 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +9 -0
- package/dist/types.js.map +1 -0
- package/package.json +65 -0
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Public entry point for `@prefig/upact`.
|
|
3
|
+
*
|
|
4
|
+
* Re-exports all spec types from `./types.js` and the `createSession`
|
|
5
|
+
* factory from `./runtime.js`. Application code imports from this entry.
|
|
6
|
+
* Adapter-internal helpers (currently `_unwrapSession`) are exported from
|
|
7
|
+
* `./internal.js` and reachable only via the `@prefig/upact/internal`
|
|
8
|
+
* subpath — see SPEC.md §7.4 and `docs/adapter-shapes.md`.
|
|
9
|
+
*/
|
|
10
|
+
export type { Capability, IdentityLifecycle, Upactor, UserIdentity, // deprecated alias for v0.1.x compat; removed in v0.2
|
|
11
|
+
Session, AuthError, AuthErrorCode, IdentityPort, } from './types.js';
|
|
12
|
+
export { createSession } from './runtime.js';
|
|
13
|
+
export { SubstrateUnavailableError } from './errors.js';
|
|
14
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA;;;;;;;;GAQG;AAEH,YAAY,EACX,UAAU,EACV,iBAAiB,EACjB,OAAO,EACP,YAAY,EAAE,sDAAsD;AACpE,OAAO,EACP,SAAS,EACT,aAAa,EACb,YAAY,GACZ,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
2
|
+
/**
|
|
3
|
+
* Public entry point for `@prefig/upact`.
|
|
4
|
+
*
|
|
5
|
+
* Re-exports all spec types from `./types.js` and the `createSession`
|
|
6
|
+
* factory from `./runtime.js`. Application code imports from this entry.
|
|
7
|
+
* Adapter-internal helpers (currently `_unwrapSession`) are exported from
|
|
8
|
+
* `./internal.js` and reachable only via the `@prefig/upact/internal`
|
|
9
|
+
* subpath — see SPEC.md §7.4 and `docs/adapter-shapes.md`.
|
|
10
|
+
*/
|
|
11
|
+
export { createSession } from './runtime.js';
|
|
12
|
+
export { SubstrateUnavailableError } from './errors.js';
|
|
13
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC;;;;;;;;GAQG;AAaH,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Adapter-internal entry point.
|
|
3
|
+
*
|
|
4
|
+
* Importing from `@prefig/upact/internal` is a contract signal that the
|
|
5
|
+
* caller is crossing the opacity boundary `Session` is meant to enforce.
|
|
6
|
+
* Conforming adapter packages MAY import from this path to recover
|
|
7
|
+
* substrate values for substrate-side operations (e.g. `signOut`,
|
|
8
|
+
* `unloadProfile`). Application packages MUST NOT.
|
|
9
|
+
*
|
|
10
|
+
* See SPEC.md §7.4.
|
|
11
|
+
*/
|
|
12
|
+
export { _unwrapSession } from './runtime.js';
|
|
13
|
+
//# sourceMappingURL=internal.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"internal.d.ts","sourceRoot":"","sources":["../src/internal.ts"],"names":[],"mappings":"AACA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}
|
package/dist/internal.js
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
2
|
+
/**
|
|
3
|
+
* Adapter-internal entry point.
|
|
4
|
+
*
|
|
5
|
+
* Importing from `@prefig/upact/internal` is a contract signal that the
|
|
6
|
+
* caller is crossing the opacity boundary `Session` is meant to enforce.
|
|
7
|
+
* Conforming adapter packages MAY import from this path to recover
|
|
8
|
+
* substrate values for substrate-side operations (e.g. `signOut`,
|
|
9
|
+
* `unloadProfile`). Application packages MUST NOT.
|
|
10
|
+
*
|
|
11
|
+
* See SPEC.md §7.4.
|
|
12
|
+
*/
|
|
13
|
+
export { _unwrapSession } from './runtime.js';
|
|
14
|
+
//# sourceMappingURL=internal.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"internal.js","sourceRoot":"","sources":["../src/internal.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Runtime kernel for upact.
|
|
3
|
+
*
|
|
4
|
+
* The spec (SPEC.md §7.4) requires `Session` values to be opaque to the
|
|
5
|
+
* application — applications MUST NOT decompose, decode, or extract claims
|
|
6
|
+
* from a Session. The TypeScript `Session` type alone enforces compile-time
|
|
7
|
+
* opacity (it is a branded interface that cannot be constructed in
|
|
8
|
+
* application code), but runtime opacity requires care: a naive wrapper
|
|
9
|
+
* class with a `held` field exposes the substrate value through
|
|
10
|
+
* `JSON.stringify`, `Object.keys`, `Reflect.ownKeys`, `structuredClone`,
|
|
11
|
+
* and other property-access vectors.
|
|
12
|
+
*
|
|
13
|
+
* `createSession` is the canonical factory: every conforming adapter
|
|
14
|
+
* SHOULD use it to wrap substrate session values. The returned object is
|
|
15
|
+
* frozen, has no enumerable substrate-shaped properties, returns
|
|
16
|
+
* `'[upact:session]'` from `toJSON`, and stores the substrate value in a
|
|
17
|
+
* module-private WeakMap keyed by the marker object.
|
|
18
|
+
*
|
|
19
|
+
* `_unwrapSession` is the controlled escape hatch — adapters that need to
|
|
20
|
+
* recover the substrate value (for example, to pass it back to the
|
|
21
|
+
* substrate's logout API in `invalidate`) import it from
|
|
22
|
+
* `@prefig/upact/internal`. The `/internal` import path is the contract
|
|
23
|
+
* signal that this code is crossing the opacity boundary the spec is
|
|
24
|
+
* trying to maintain. Application code MUST NOT import from
|
|
25
|
+
* `@prefig/upact/internal`.
|
|
26
|
+
*
|
|
27
|
+
* See SPEC.md §7.4 for the normative rule and `docs/adapter-shapes.md`
|
|
28
|
+
* for the cross-substrate context.
|
|
29
|
+
*/
|
|
30
|
+
import type { Session } from './types.js';
|
|
31
|
+
/**
|
|
32
|
+
* Wrap a substrate session value into an upact-typed opaque Session.
|
|
33
|
+
*
|
|
34
|
+
* Adapter authors call this once per successful `authenticate` call;
|
|
35
|
+
* the returned `Session` satisfies §7.4 by construction.
|
|
36
|
+
*/
|
|
37
|
+
export declare function createSession<T>(substrateValue: T): Session;
|
|
38
|
+
/**
|
|
39
|
+
* Recover the substrate value from a Session created by `createSession`
|
|
40
|
+
* in this same process. Returns `undefined` for values not produced by
|
|
41
|
+
* this factory (including sessions produced before a process restart,
|
|
42
|
+
* since the WeakMap is process-local).
|
|
43
|
+
*
|
|
44
|
+
* Adapter-internal — applications MUST NOT import this.
|
|
45
|
+
*/
|
|
46
|
+
export declare function _unwrapSession<T>(session: Session): T | undefined;
|
|
47
|
+
//# sourceMappingURL=runtime.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"runtime.d.ts","sourceRoot":"","sources":["../src/runtime.ts"],"names":[],"mappings":"AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAI1C;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,cAAc,EAAE,CAAC,GAAG,OAAO,CAW3D;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,GAAG,CAAC,GAAG,SAAS,CAEjE"}
|
package/dist/runtime.js
ADDED
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
2
|
+
/**
|
|
3
|
+
* Runtime kernel for upact.
|
|
4
|
+
*
|
|
5
|
+
* The spec (SPEC.md §7.4) requires `Session` values to be opaque to the
|
|
6
|
+
* application — applications MUST NOT decompose, decode, or extract claims
|
|
7
|
+
* from a Session. The TypeScript `Session` type alone enforces compile-time
|
|
8
|
+
* opacity (it is a branded interface that cannot be constructed in
|
|
9
|
+
* application code), but runtime opacity requires care: a naive wrapper
|
|
10
|
+
* class with a `held` field exposes the substrate value through
|
|
11
|
+
* `JSON.stringify`, `Object.keys`, `Reflect.ownKeys`, `structuredClone`,
|
|
12
|
+
* and other property-access vectors.
|
|
13
|
+
*
|
|
14
|
+
* `createSession` is the canonical factory: every conforming adapter
|
|
15
|
+
* SHOULD use it to wrap substrate session values. The returned object is
|
|
16
|
+
* frozen, has no enumerable substrate-shaped properties, returns
|
|
17
|
+
* `'[upact:session]'` from `toJSON`, and stores the substrate value in a
|
|
18
|
+
* module-private WeakMap keyed by the marker object.
|
|
19
|
+
*
|
|
20
|
+
* `_unwrapSession` is the controlled escape hatch — adapters that need to
|
|
21
|
+
* recover the substrate value (for example, to pass it back to the
|
|
22
|
+
* substrate's logout API in `invalidate`) import it from
|
|
23
|
+
* `@prefig/upact/internal`. The `/internal` import path is the contract
|
|
24
|
+
* signal that this code is crossing the opacity boundary the spec is
|
|
25
|
+
* trying to maintain. Application code MUST NOT import from
|
|
26
|
+
* `@prefig/upact/internal`.
|
|
27
|
+
*
|
|
28
|
+
* See SPEC.md §7.4 for the normative rule and `docs/adapter-shapes.md`
|
|
29
|
+
* for the cross-substrate context.
|
|
30
|
+
*/
|
|
31
|
+
const SESSIONS = new WeakMap();
|
|
32
|
+
/**
|
|
33
|
+
* Wrap a substrate session value into an upact-typed opaque Session.
|
|
34
|
+
*
|
|
35
|
+
* Adapter authors call this once per successful `authenticate` call;
|
|
36
|
+
* the returned `Session` satisfies §7.4 by construction.
|
|
37
|
+
*/
|
|
38
|
+
export function createSession(substrateValue) {
|
|
39
|
+
const marker = Object.create(null);
|
|
40
|
+
Object.defineProperty(marker, 'toJSON', {
|
|
41
|
+
value: () => '[upact:session]',
|
|
42
|
+
enumerable: false,
|
|
43
|
+
writable: false,
|
|
44
|
+
configurable: false,
|
|
45
|
+
});
|
|
46
|
+
SESSIONS.set(marker, substrateValue);
|
|
47
|
+
Object.freeze(marker);
|
|
48
|
+
return marker;
|
|
49
|
+
}
|
|
50
|
+
/**
|
|
51
|
+
* Recover the substrate value from a Session created by `createSession`
|
|
52
|
+
* in this same process. Returns `undefined` for values not produced by
|
|
53
|
+
* this factory (including sessions produced before a process restart,
|
|
54
|
+
* since the WeakMap is process-local).
|
|
55
|
+
*
|
|
56
|
+
* Adapter-internal — applications MUST NOT import this.
|
|
57
|
+
*/
|
|
58
|
+
export function _unwrapSession(session) {
|
|
59
|
+
return SESSIONS.get(session);
|
|
60
|
+
}
|
|
61
|
+
//# sourceMappingURL=runtime.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../src/runtime.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAIH,MAAM,QAAQ,GAAG,IAAI,OAAO,EAAmB,CAAC;AAEhD;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAI,cAAiB;IACjD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAW,CAAC;IAC7C,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,QAAQ,EAAE;QACvC,KAAK,EAAE,GAAG,EAAE,CAAC,iBAAiB;QAC9B,UAAU,EAAE,KAAK;QACjB,QAAQ,EAAE,KAAK;QACf,YAAY,EAAE,KAAK;KACnB,CAAC,CAAC;IACH,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IACrC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtB,OAAO,MAA4B,CAAC;AACrC,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc,CAAI,OAAgB;IACjD,OAAO,QAAQ,CAAC,GAAG,CAAC,OAA4B,CAAkB,CAAC;AACpE,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* upact — identity port v0.1
|
|
3
|
+
*
|
|
4
|
+
* Reference TypeScript types for the identity port specification.
|
|
5
|
+
* See SPEC.md in this repo for the normative document.
|
|
6
|
+
*/
|
|
7
|
+
/**
|
|
8
|
+
* A self-described provider feature. The application branches on capability
|
|
9
|
+
* presence; it never branches on substrate identity or provider type.
|
|
10
|
+
*
|
|
11
|
+
* The vocabulary is intentionally minimal (SPEC.md §5.1, F1). Providers do
|
|
12
|
+
* not expand it pre-emptively; new capabilities land via §5.2 extension when
|
|
13
|
+
* concrete consumers surface. Applications SHOULD treat unknown capabilities
|
|
14
|
+
* as absent.
|
|
15
|
+
*
|
|
16
|
+
* v0.1 vocabulary: only `email` and `recovery` — what shipped consumers gate
|
|
17
|
+
* on. Additional capabilities (messaging, p2p_matching, etc.) land when an
|
|
18
|
+
* adopter needs them.
|
|
19
|
+
*/
|
|
20
|
+
export type Capability = 'email' | 'recovery';
|
|
21
|
+
/**
|
|
22
|
+
* Session lifecycle metadata. Surfaced when the substrate provides an
|
|
23
|
+
* explicit TTL (OIDC JWT `exp` claim, session-cookie `Max-Age`). Providers
|
|
24
|
+
* that have no intrinsic expiry omit this field. See SPEC.md §8.
|
|
25
|
+
*/
|
|
26
|
+
export interface IdentityLifecycle {
|
|
27
|
+
/** Absolute expiry time. Omitted for substrates with no intrinsic TTL. */
|
|
28
|
+
expires_at?: Date;
|
|
29
|
+
/**
|
|
30
|
+
* How the identity can be renewed once `expires_at` is reached.
|
|
31
|
+
* - `'reauth'` — full credential exchange required (OIDC, password re-entry).
|
|
32
|
+
* - `'represence'` — presence renewal suffices (P2P presence-based substrates).
|
|
33
|
+
* - `'never'` — identity does not expire.
|
|
34
|
+
*/
|
|
35
|
+
renewable: 'reauth' | 'represence' | 'never';
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* The application's view of "who is this." Opaque, capability-negotiated,
|
|
39
|
+
* privacy-bounded by construction.
|
|
40
|
+
*
|
|
41
|
+
* No email, phone, legal name, IP, or device identifier appears here.
|
|
42
|
+
* Providers MUST strip such fields from their substrate before returning an
|
|
43
|
+
* Upactor. See SPEC.md §7 for the privacy minima.
|
|
44
|
+
*/
|
|
45
|
+
export interface Upactor {
|
|
46
|
+
/** Opaque, stable for the lifetime of this identity. Compare by equality only. */
|
|
47
|
+
id: string;
|
|
48
|
+
/** Best-effort display string. Not unique, not a contact identifier. */
|
|
49
|
+
display_hint?: string;
|
|
50
|
+
capabilities: ReadonlySet<Capability>;
|
|
51
|
+
/**
|
|
52
|
+
* Session lifecycle metadata. Present when the substrate has an explicit TTL
|
|
53
|
+
* (e.g. OIDC JWT `exp`). Omitted for substrates with no intrinsic expiry.
|
|
54
|
+
* See SPEC.md §8 and IdentityLifecycle.
|
|
55
|
+
*/
|
|
56
|
+
lifecycle?: IdentityLifecycle;
|
|
57
|
+
/**
|
|
58
|
+
* Cross-substrate provenance. Distinguishes identity sources in multi-IDP
|
|
59
|
+
* deployments. `substrate` is a short identifier ('oidc', 'supabase',
|
|
60
|
+
* 'simplex'); `instance` is the issuer URL or equivalent.
|
|
61
|
+
* Decision 6 — SPEC.md §4.4.
|
|
62
|
+
*/
|
|
63
|
+
provenance?: {
|
|
64
|
+
substrate: string;
|
|
65
|
+
instance?: string;
|
|
66
|
+
};
|
|
67
|
+
}
|
|
68
|
+
/**
|
|
69
|
+
* Deprecated alias for compatibility with v0.1.0-draft consumers. Will be
|
|
70
|
+
* removed in v0.2. New code should use `Upactor`.
|
|
71
|
+
*
|
|
72
|
+
* @deprecated Use `Upactor` instead.
|
|
73
|
+
*/
|
|
74
|
+
export type UserIdentity = Upactor;
|
|
75
|
+
/**
|
|
76
|
+
* A provider-shaped credential exchange result. Opaque to the application.
|
|
77
|
+
* The only valid use is to pass it back to the port (e.g. for invalidate).
|
|
78
|
+
* See SPEC.md §7.4.
|
|
79
|
+
*/
|
|
80
|
+
export interface Session {
|
|
81
|
+
readonly _opaque: unique symbol;
|
|
82
|
+
}
|
|
83
|
+
/**
|
|
84
|
+
* Port-level error vocabulary, normative per SPEC.md §6.5 (Decision 4).
|
|
85
|
+
* Adapters return one of these codes; substrate-specific detail goes in
|
|
86
|
+
* `message`. Applications branch on `code` for substrate-portable error
|
|
87
|
+
* handling.
|
|
88
|
+
*/
|
|
89
|
+
export type AuthErrorCode = 'credential_invalid' | 'credential_rejected' | 'substrate_unavailable' | 'identity_unavailable' | 'rate_limited' | 'auth_failed';
|
|
90
|
+
export interface AuthError {
|
|
91
|
+
code: AuthErrorCode;
|
|
92
|
+
message: string;
|
|
93
|
+
}
|
|
94
|
+
/**
|
|
95
|
+
* The four operations every conforming provider implements.
|
|
96
|
+
* See SPEC.md §6.
|
|
97
|
+
*/
|
|
98
|
+
export interface IdentityPort {
|
|
99
|
+
authenticate(credential: unknown): Promise<Session | AuthError>;
|
|
100
|
+
currentUpactor(request: Request): Promise<Upactor | null>;
|
|
101
|
+
invalidate(session: Session): Promise<void>;
|
|
102
|
+
issueRenewal(identity: Upactor, evidence: unknown): Promise<Upactor | null>;
|
|
103
|
+
}
|
|
104
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AACA;;;;;GAKG;AAEH;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG,UAAU,CAAC;AAE9C;;;;GAIG;AACH,MAAM,WAAW,iBAAiB;IACjC,0EAA0E;IAC1E,UAAU,CAAC,EAAE,IAAI,CAAC;IAClB;;;;;OAKG;IACH,SAAS,EAAE,QAAQ,GAAG,YAAY,GAAG,OAAO,CAAC;CAC7C;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,OAAO;IACvB,kFAAkF;IAClF,EAAE,EAAE,MAAM,CAAC;IACX,wEAAwE;IACxE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC;IACtC;;;;OAIG;IACH,SAAS,CAAC,EAAE,iBAAiB,CAAC;IAC9B;;;;;OAKG;IACH,UAAU,CAAC,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACtD;AAED;;;;;GAKG;AACH,MAAM,MAAM,YAAY,GAAG,OAAO,CAAC;AAEnC;;;;GAIG;AACH,MAAM,WAAW,OAAO;IACvB,QAAQ,CAAC,OAAO,EAAE,OAAO,MAAM,CAAC;CAChC;AAED;;;;;GAKG;AACH,MAAM,MAAM,aAAa,GACtB,oBAAoB,GACpB,qBAAqB,GACrB,uBAAuB,GACvB,sBAAsB,GACtB,cAAc,GACd,aAAa,CAAC;AAEjB,MAAM,WAAW,SAAS;IACzB,IAAI,EAAE,aAAa,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC5B,YAAY,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,GAAG,SAAS,CAAC,CAAC;IAChE,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAC1D,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5C,YAAY,CACX,QAAQ,EAAE,OAAO,EACjB,QAAQ,EAAE,OAAO,GACf,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;CAC3B"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC;;;;;GAKG"}
|
package/package.json
ADDED
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@prefig/upact",
|
|
3
|
+
"version": "0.1.1",
|
|
4
|
+
"description": "upact — identity port: a typed architectural contract between a social application and any identity provider, with privacy minima as the translation rule.",
|
|
5
|
+
"license": "(CC-BY-4.0 AND Apache-2.0)",
|
|
6
|
+
"type": "module",
|
|
7
|
+
"main": "./dist/index.js",
|
|
8
|
+
"exports": {
|
|
9
|
+
".": {
|
|
10
|
+
"types": "./dist/index.d.ts",
|
|
11
|
+
"import": "./dist/index.js"
|
|
12
|
+
},
|
|
13
|
+
"./internal": {
|
|
14
|
+
"types": "./dist/internal.d.ts",
|
|
15
|
+
"import": "./dist/internal.js"
|
|
16
|
+
}
|
|
17
|
+
},
|
|
18
|
+
"files": [
|
|
19
|
+
"dist",
|
|
20
|
+
"README.md",
|
|
21
|
+
"LICENSE",
|
|
22
|
+
"LICENSE-CODE",
|
|
23
|
+
"SPEC.md",
|
|
24
|
+
"ROADMAP.md",
|
|
25
|
+
"CHANGELOG.md",
|
|
26
|
+
"CONTRIBUTING.md",
|
|
27
|
+
"GOVERNANCE.md",
|
|
28
|
+
"CONFORMANCE.md",
|
|
29
|
+
"SECURITY.md"
|
|
30
|
+
],
|
|
31
|
+
"engines": {
|
|
32
|
+
"node": ">=18"
|
|
33
|
+
},
|
|
34
|
+
"publishConfig": {
|
|
35
|
+
"access": "public"
|
|
36
|
+
},
|
|
37
|
+
"sideEffects": false,
|
|
38
|
+
"keywords": [
|
|
39
|
+
"identity",
|
|
40
|
+
"identity-port",
|
|
41
|
+
"anti-corruption-layer",
|
|
42
|
+
"ports-and-adapters",
|
|
43
|
+
"privacy-by-design",
|
|
44
|
+
"minimum-disclosure",
|
|
45
|
+
"ulysses-pact",
|
|
46
|
+
"open-social-awards"
|
|
47
|
+
],
|
|
48
|
+
"author": "Theodore Evans",
|
|
49
|
+
"repository": {
|
|
50
|
+
"type": "git",
|
|
51
|
+
"url": "git+https://github.com/prefig/upact.git"
|
|
52
|
+
},
|
|
53
|
+
"scripts": {
|
|
54
|
+
"build": "tsc",
|
|
55
|
+
"test": "vitest run",
|
|
56
|
+
"test:watch": "vitest",
|
|
57
|
+
"typecheck": "tsc --noEmit",
|
|
58
|
+
"prepublishOnly": "npm run build && npm test"
|
|
59
|
+
},
|
|
60
|
+
"devDependencies": {
|
|
61
|
+
"@types/node": "^22.0.0",
|
|
62
|
+
"typescript": "^5.0.0",
|
|
63
|
+
"vitest": "^3.0.0"
|
|
64
|
+
}
|
|
65
|
+
}
|