@private.me/xbind 3.0.2 → 3.0.3

package/dist-standalone/cjs/invitation.js

@@ -1,421 +1 @@
-"use strict";
-/**
- * @module invitation
- * Growth hack: Turn recipient-not-found failures into invitation opportunities.
- *
- * When agent.send() fails because recipient is not registered, this module
- * provides an invitation mechanism to turn failures into viral growth.
- *
- * Flow:
- * 1. Sender calls agent.send({ to: 'unregistered@example.com', ... })
- * 2. send() fails with RECIPIENT_NOT_FOUND
- * 3. Error includes invitationToken and inviteUrl
- * 4. Sender shares URL with recipient
- * 5. Recipient clicks link, signs up, joins Xail
- * 6. Connection auto-establishes
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.InvitationStore = exports.InvitationClient = exports.InvitationErrorCode = void 0;
-exports.generateInvitationToken = generateInvitationToken;
-const shared_1 = require("../_deps/shared/index.js");
-/**
- * Error codes for invitation operations.
- */
-var InvitationErrorCode;
-(function (InvitationErrorCode) {
-    /** Invitation token is invalid format */
-    InvitationErrorCode["INVALID_TOKEN"] = "INVITATION_INVALID_TOKEN";
-    /** Invitation token has expired */
-    InvitationErrorCode["EXPIRED_TOKEN"] = "INVITATION_EXPIRED_TOKEN";
-    /** Invitation token already redeemed */
-    InvitationErrorCode["ALREADY_REDEEMED"] = "INVITATION_ALREADY_REDEEMED";
-    /** Rate limit exceeded (10 invitations/day per DID) */
-    InvitationErrorCode["RATE_LIMIT_EXCEEDED"] = "INVITATION_RATE_LIMIT_EXCEEDED";
-    /** Server communication failed */
-    InvitationErrorCode["SERVER_ERROR"] = "INVITATION_SERVER_ERROR";
-})(InvitationErrorCode || (exports.InvitationErrorCode = InvitationErrorCode = {}));
-/**
- * Client-side invitation manager.
- * Creates invitations after send() failures and manages their lifecycle.
- */
-class InvitationClient {
-    invitationApiUrl;
-    /**
-     * Create invitation client.
-     *
-     * @param options - Configuration
-     * @param options.invitationApiUrl - Invitation API URL (default: https://api.private.me)
-     *
-     * @example
-     * ```ts
-     * const inviteClient = new InvitationClient();
-     * ```
-     */
-    constructor(options = {}) {
-        this.invitationApiUrl = options.invitationApiUrl || 'https://api.private.me';
-    }
-    /**
-     * Create an invitation for a recipient who is not yet registered.
-     *
-     * Called automatically when agent.send() returns RECIPIENT_NOT_FOUND.
-     * Generates a time-limited invitation token that can be shared via email/SMS.
-     *
-     * @param senderDid - DID of the agent sending the invitation
-     * @param recipientContact - Email address or identifier of recipient
-     * @param expiryDays - Days until invitation expires (default: 7)
-     * @returns Invitation token with shareable URL or error
-     *
-     * @example
-     * ```ts
-     * const inviteResult = await inviteClient.create(
-     *   'did:key:z6Mk...',
-     *   'alice@example.com',
-     *   7 // 7-day expiry
-     * );
-     *
-     * if (inviteResult.ok) {
-     *   // Share inviteResult.value.inviteUrl with recipient
-     *   console.log('Share this link:', inviteResult.value.inviteUrl);
-     * } else {
-     *   // Handle error
-     *   console.error('Failed:', inviteResult.error.message);
-     * }
-     * ```
-     */
-    async create(senderDid, recipientContact, expiryDays = 7) {
-        try {
-            const response = await fetch(`${this.invitationApiUrl}/invitations/create`, {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                },
-                body: JSON.stringify({
-                    senderDid,
-                    recipientContact,
-                    expiryDays,
-                }),
-            });
-            if (response.status === 429) {
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.RATE_LIMIT_EXCEEDED,
-                    message: 'Too many invitations created. Limit: 10 per day',
-                    hint: 'Wait before creating more invitations',
-                });
-            }
-            if (!response.ok) {
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.SERVER_ERROR,
-                    message: `Server error: ${response.status}`,
-                });
-            }
-            const data = await response.json();
-            return (0, shared_1.ok)({
-                token: data.token,
-                expiresAt: new Date(data.expiresAt),
-                senderDid: data.senderDid,
-                recipientContact: data.recipientContact,
-                inviteUrl: data.inviteUrl,
-            });
-        }
-        catch (error) {
-            return (0, shared_1.err)({
-                code: InvitationErrorCode.SERVER_ERROR,
-                message: error instanceof Error ? error.message : 'Network error',
-            });
-        }
-    }
-    /**
-     * Redeem an invitation token and create a new DID for the recipient.
-     *
-     * Called by recipient after clicking invitation link.
-     * Returns a new DID that can be used immediately for messaging.
-     *
-     * @param token - Invitation token from URL query parameter
-     * @returns New DID for recipient or error
-     *
-     * @example
-     * ```ts
-     * // From URL: https://private.me/invite?token=abc123
-     * const urlParams = new URLSearchParams(window.location.search);
-     * const token = urlParams.get('token');
-     *
-     * const redeemResult = await inviteClient.redeem(token);
-     * if (redeemResult.ok) {
-     *   // Auto-create agent with new DID
-     *   const agent = await Agent.create(redeemResult.value);
-     * } else {
-     *   // Handle: expired, already used, invalid
-     *   console.error(redeemResult.error.message);
-     * }
-     * ```
-     */
-    async redeem(token) {
-        try {
-            if (!token || typeof token !== 'string') {
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.INVALID_TOKEN,
-                    message: 'Invitation token is required',
-                });
-            }
-            const response = await fetch(`${this.invitationApiUrl}/invitations/redeem`, {
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                },
-                body: JSON.stringify({ token }),
-            });
-            if (response.status === 400) {
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.INVALID_TOKEN,
-                    message: 'Invitation token is invalid',
-                    hint: 'Check the token in your URL',
-                });
-            }
-            if (response.status === 410) {
-                const data = await response.json();
-                if (data.reason === 'expired') {
-                    return (0, shared_1.err)({
-                        code: InvitationErrorCode.EXPIRED_TOKEN,
-                        message: 'Invitation has expired',
-                        hint: 'Ask the sender for a new invitation',
-                    });
-                }
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.ALREADY_REDEEMED,
-                    message: 'Invitation has already been used',
-                    hint: 'Each invitation can only be used once',
-                });
-            }
-            if (!response.ok) {
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.SERVER_ERROR,
-                    message: `Server error: ${response.status}`,
-                });
-            }
-            const data = await response.json();
-            return (0, shared_1.ok)(data.did);
-        }
-        catch (error) {
-            return (0, shared_1.err)({
-                code: InvitationErrorCode.SERVER_ERROR,
-                message: error instanceof Error ? error.message : 'Network error',
-            });
-        }
-    }
-    /**
-     * Get invitation details without redeeming.
-     *
-     * Used to preview sender name before accepting invitation.
-     *
-     * @param token - Invitation token
-     * @returns Invitation details or error
-     *
-     * @example
-     * ```ts
-     * const detailsResult = await inviteClient.get(token);
-     * if (detailsResult.ok) {
-     *   console.log(`${detailsResult.value.senderDid} invited you`);
-     * }
-     * ```
-     */
-    async get(token) {
-        try {
-            const response = await fetch(`${this.invitationApiUrl}/invitations/${encodeURIComponent(token)}`, {
-                headers: {
-                    'Accept': 'application/json',
-                },
-            });
-            if (response.status === 404) {
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.INVALID_TOKEN,
-                    message: 'Invitation not found',
-                });
-            }
-            if (!response.ok) {
-                return (0, shared_1.err)({
-                    code: InvitationErrorCode.SERVER_ERROR,
-                    message: `Server error: ${response.status}`,
-                });
-            }
-            const data = await response.json();
-            return (0, shared_1.ok)({
-                senderDid: data.senderDid,
-                recipientContact: data.recipientContact,
-                expiresAt: new Date(data.expiresAt),
-            });
-        }
-        catch (error) {
-            return (0, shared_1.err)({
-                code: InvitationErrorCode.SERVER_ERROR,
-                message: error instanceof Error ? error.message : 'Network error',
-            });
-        }
-    }
-}
-exports.InvitationClient = InvitationClient;
-/**
- * Server-side invitation store (in-memory with JSONL persistence).
- * Used by /invitations/* API endpoints.
- */
-class InvitationStore {
-    invitations = new Map();
-    redeemedTokens = new Set();
-    /** Track invitation creation per DID for rate limiting (10/day) */
-    creationCounts = new Map();
-    /**
-     * Create an invitation and return token + expiry.
-     * Enforces rate limit: 10 invitations per DID per 24 hours.
-     *
-     * @param senderDid - DID creating the invitation
-     * @param recipientContact - Email or identifier
-     * @param expiryDays - Days until expiry
-     * @returns Token + metadata or error
-     */
-    create(senderDid, recipientContact, expiryDays = 7) {
-        // Check rate limit
-        const now = Date.now();
-        const limit = this.creationCounts.get(senderDid);
-        if (limit && limit.count >= 10 && now < limit.resetTime) {
-            return (0, shared_1.err)({
-                code: InvitationErrorCode.RATE_LIMIT_EXCEEDED,
-                message: 'Rate limit exceeded. Maximum 10 invitations per day.',
-            });
-        }
-        // Reset counter if window expired
-        if (limit && now >= limit.resetTime) {
-            this.creationCounts.delete(senderDid);
-        }
-        // Generate token
-        const token = generateInvitationToken();
-        const expiresAt = now + (expiryDays * 24 * 60 * 60 * 1000);
-        const invitation = {
-            token,
-            senderDid,
-            recipientContact,
-            createdAt: now,
-            expiresAt,
-            redeemed: false,
-        };
-        this.invitations.set(token, invitation);
-        // Update rate limit counter
-        if (!limit) {
-            this.creationCounts.set(senderDid, {
-                count: 1,
-                resetTime: now + (24 * 60 * 60 * 1000), // 24-hour window
-            });
-        }
-        else {
-            limit.count += 1;
-        }
-        return (0, shared_1.ok)(invitation);
-    }
-    /**
-     * Get invitation by token without marking as redeemed.
-     *
-     * @param token - Token to lookup
-     * @returns Invitation or error
-     */
-    get(token) {
-        const invitation = this.invitations.get(token);
-        if (!invitation) {
-            return (0, shared_1.err)({
-                code: InvitationErrorCode.INVALID_TOKEN,
-                message: 'Invitation not found',
-            });
-        }
-        const now = Date.now();
-        if (now > invitation.expiresAt) {
-            // Clean up expired invitation
-            this.invitations.delete(token);
-            return (0, shared_1.err)({
-                code: InvitationErrorCode.EXPIRED_TOKEN,
-                message: 'Invitation has expired',
-            });
-        }
-        if (invitation.redeemed) {
-            return (0, shared_1.err)({
-                code: InvitationErrorCode.ALREADY_REDEEMED,
-                message: 'Invitation has already been redeemed',
-            });
-        }
-        return (0, shared_1.ok)(invitation);
-    }
-    /**
-     * Redeem an invitation (one-time use).
-     * Mark as redeemed and generate new DID.
-     *
-     * @param token - Token to redeem
-     * @returns New DID or error
-     */
-    redeem(token) {
-        const getResult = this.get(token);
-        if (!getResult.ok) {
-            return getResult;
-        }
-        const invitation = getResult.value;
-        invitation.redeemed = true;
-        this.redeemedTokens.add(token);
-        // Generate DID for recipient
-        const did = generateRecipientDid(invitation.senderDid, invitation.recipientContact);
-        return (0, shared_1.ok)(did);
-    }
-    /**
-     * Clean up expired invitations (run daily).
-     * @returns Number of invitations deleted
-     */
-    cleanup() {
-        const now = Date.now();
-        let count = 0;
-        for (const [token, invitation] of this.invitations.entries()) {
-            if (now > invitation.expiresAt || invitation.redeemed) {
-                this.invitations.delete(token);
-                count += 1;
-            }
-        }
-        return count;
-    }
-    /** Get active invitation count */
-    get count() {
-        return this.invitations.size;
-    }
-}
-exports.InvitationStore = InvitationStore;
-/**
- * Generate a cryptographically secure invitation token.
- * Format: 48-character hex string (192 bits).
- * @returns Random token
- */
-function generateInvitationToken() {
-    const bytes = new Uint8Array(24);
-    crypto.getRandomValues(bytes);
-    return Array.from(bytes)
-        .map(b => b.toString(16).padStart(2, '0'))
-        .join('');
-}
-/**
- * Generate a deterministic DID for invited recipient.
- * Ensures consistent identity across sessions.
- *
- * @param senderDid - DID of sender
- * @param recipientContact - Email or identifier
- * @returns Generated DID for recipient
- */
-function generateRecipientDid(senderDid, recipientContact) {
-    // Create a simple derived identifier
-    // In production: derive from email + hash(senderDid) for uniqueness
-    const hash = hashString(`${senderDid}:${recipientContact}`);
-    return `did:key:z6Mk${hash}`;
-}
-/**
- * Simple hash function for DID generation.
- * @param input - String to hash
- * @returns Hex string
- */
-function hashString(input) {
-    let hash = 0;
-    for (let i = 0; i < input.length; i += 1) {
-        hash = ((hash << 5) - hash) + input.charCodeAt(i);
-        hash = hash & hash; // Convert to 32bit integer
-    }
-    return Math.abs(hash).toString(16).padStart(8, '0');
-}
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.InvitationStore=exports.InvitationClient=exports.InvitationErrorCode=void 0,exports.generateInvitationToken=generateInvitationToken;const shared_1=require("../_deps/shared/index.js");var InvitationErrorCode;!function(e){e.INVALID_TOKEN="INVITATION_INVALID_TOKEN",e.EXPIRED_TOKEN="INVITATION_EXPIRED_TOKEN",e.ALREADY_REDEEMED="INVITATION_ALREADY_REDEEMED",e.RATE_LIMIT_EXCEEDED="INVITATION_RATE_LIMIT_EXCEEDED",e.SERVER_ERROR="INVITATION_SERVER_ERROR"}(InvitationErrorCode||(exports.InvitationErrorCode=InvitationErrorCode={}));class InvitationClient{invitationApiUrl;constructor(e={}){this.invitationApiUrl=e.invitationApiUrl||"https://api.private.me"}async create(e,t,r=7){try{const n=await fetch(`${this.invitationApiUrl}/invitations/create`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({senderDid:e,recipientContact:t,expiryDays:r})});if(429===n.status)return(0,shared_1.err)({code:InvitationErrorCode.RATE_LIMIT_EXCEEDED,message:"Too many invitations created. Limit: 10 per day",hint:"Wait before creating more invitations"});if(!n.ok)return(0,shared_1.err)({code:InvitationErrorCode.SERVER_ERROR,message:`Server error: ${n.status}`});const i=await n.json();return(0,shared_1.ok)({token:i.token,expiresAt:new Date(i.expiresAt),senderDid:i.senderDid,recipientContact:i.recipientContact,inviteUrl:i.inviteUrl})}catch(e){return(0,shared_1.err)({code:InvitationErrorCode.SERVER_ERROR,message:e instanceof Error?e.message:"Network error"})}}async redeem(e){try{if(!e||"string"!=typeof e)return(0,shared_1.err)({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation token is required"});const t=await fetch(`${this.invitationApiUrl}/invitations/redeem`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({token:e})});if(400===t.status)return(0,shared_1.err)({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation token is invalid",hint:"Check the token in your URL"});if(410===t.status){return"expired"===(await t.json()).reason?(0,shared_1.err)({code:InvitationErrorCode.EXPIRED_TOKEN,message:"Invitation has expired",hint:"Ask the sender for a new invitation"}):(0,shared_1.err)({code:InvitationErrorCode.ALREADY_REDEEMED,message:"Invitation has already been used",hint:"Each invitation can only be used once"})}if(!t.ok)return(0,shared_1.err)({code:InvitationErrorCode.SERVER_ERROR,message:`Server error: ${t.status}`});const r=await t.json();return(0,shared_1.ok)(r.did)}catch(e){return(0,shared_1.err)({code:InvitationErrorCode.SERVER_ERROR,message:e instanceof Error?e.message:"Network error"})}}async get(e){try{const t=await fetch(`${this.invitationApiUrl}/invitations/${encodeURIComponent(e)}`,{headers:{Accept:"application/json"}});if(404===t.status)return(0,shared_1.err)({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation not found"});if(!t.ok)return(0,shared_1.err)({code:InvitationErrorCode.SERVER_ERROR,message:`Server error: ${t.status}`});const r=await t.json();return(0,shared_1.ok)({senderDid:r.senderDid,recipientContact:r.recipientContact,expiresAt:new Date(r.expiresAt)})}catch(e){return(0,shared_1.err)({code:InvitationErrorCode.SERVER_ERROR,message:e instanceof Error?e.message:"Network error"})}}}exports.InvitationClient=InvitationClient;class InvitationStore{invitations=new Map;redeemedTokens=new Set;creationCounts=new Map;create(e,t,r=7){const n=Date.now(),i=this.creationCounts.get(e);if(i&&i.count>=10&&n<i.resetTime)return(0,shared_1.err)({code:InvitationErrorCode.RATE_LIMIT_EXCEEDED,message:"Rate limit exceeded. Maximum 10 invitations per day."});i&&n>=i.resetTime&&this.creationCounts.delete(e);const o=generateInvitationToken(),a={token:o,senderDid:e,recipientContact:t,createdAt:n,expiresAt:n+24*r*60*60*1e3,redeemed:!1};return this.invitations.set(o,a),i?i.count+=1:this.creationCounts.set(e,{count:1,resetTime:n+864e5}),(0,shared_1.ok)(a)}get(e){const t=this.invitations.get(e);if(!t)return(0,shared_1.err)({code:InvitationErrorCode.INVALID_TOKEN,message:"Invitation not found"});return Date.now()>t.expiresAt?(this.invitations.delete(e),(0,shared_1.err)({code:InvitationErrorCode.EXPIRED_TOKEN,message:"Invitation has expired"})):t.redeemed?(0,shared_1.err)({code:InvitationErrorCode.ALREADY_REDEEMED,message:"Invitation has already been redeemed"}):(0,shared_1.ok)(t)}redeem(e){const t=this.get(e);if(!t.ok)return t;const r=t.value;r.redeemed=!0,this.redeemedTokens.add(e);const n=generateRecipientDid(r.senderDid,r.recipientContact);return(0,shared_1.ok)(n)}cleanup(){const e=Date.now();let t=0;for(const[r,n]of this.invitations.entries())(e>n.expiresAt||n.redeemed)&&(this.invitations.delete(r),t+=1);return t}get count(){return this.invitations.size}}function generateInvitationToken(){const e=new Uint8Array(24);return crypto.getRandomValues(e),Array.from(e).map(e=>e.toString(16).padStart(2,"0")).join("")}function generateRecipientDid(e,t){return`did:key:z6Mk${hashString(`${e}:${t}`)}`}function hashString(e){let t=0;for(let r=0;r<e.length;r+=1)t=(t<<5)-t+e.charCodeAt(r),t&=t;return Math.abs(t).toString(16).padStart(8,"0")}exports.InvitationStore=InvitationStore;