npm - @prove-identity/prove-auth - Versions diffs - 2.3.2 - Mend

@prove-identity/prove-auth 2.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (85) hide show

package/build/lib/proveauth/authenticator.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import CancelablePromise from './common/cancelable-promise';
+export default interface Authenticator {
+    authenticate: (authToken: string) => CancelablePromise<void>;
+    isPasskeyRegistered: () => boolean;
+    isFidoSupported: () => boolean;
+    isDeviceRegistered: () => boolean;
+    isMobileWeb: () => boolean;
+    getDeviceId: () => string | null;
+    resetDeviceSettings: () => void;
+    unregisterDevice: () => Promise<void>;
+    unregisterPasskey: () => Promise<void>;
+}

package/build/lib/proveauth/authenticator.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib/proveauth/common/base64.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export default class Base64 {
+    static stringToBase64(value: string): string;
+    static bufferDecode(value: string): ArrayBuffer;
+    static bufferEncode(value: BufferSource): string;
+}

package/build/lib/proveauth/common/base64.js ADDED Viewed

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class Base64 {
+    static stringToBase64(value) {
+        return (value.replace(/\-/g, '+').replace(/_/g, '/') +
+            '='.repeat(value.length % 4 ? 4 - (value.length % 4) : 0));
+    }
+    static bufferDecode(value) {
+        return Uint8Array.from(atob(Base64.stringToBase64(value)), (c) => c.charCodeAt(0));
+    }
+    static bufferEncode(value) {
+        const arrayValue = ArrayBuffer.isView(value) ? value.buffer : value;
+        return btoa(String.fromCharCode.apply(null, Array.from(new Uint8Array(arrayValue))))
+            .replace(/\+/g, '-')
+            .replace(/\//g, '_')
+            .replace(/=/g, '');
+    }
+}
+exports.default = Base64;

package/build/lib/proveauth/common/cancelable-promise.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export default class CancelablePromise<T> extends Promise<T> {
+    private onCancel;
+    constructor(executor: (resolve: (value: T | PromiseLike<T>) => void, reject: (reason?: any) => void, onCancel: (handler: () => void) => void) => void);
+    cancel(): void;
+}

package/build/lib/proveauth/common/cancelable-promise.js ADDED Viewed

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class CancelablePromise extends Promise {
+    constructor(executor) {
+        let onCancel = () => { };
+        super((resolve, reject) => executor(resolve, reject, (handler) => (onCancel = handler)));
+        this.onCancel = () => {
+            onCancel();
+        };
+    }
+    cancel() {
+        this.onCancel();
+    }
+}
+exports.default = CancelablePromise;

package/build/lib/proveauth/common/logger.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+export declare enum LogLevel {
+    disabled = 0,
+    error = 1,
+    warn = 2,
+    info = 3,
+    debug = 4,
+    trace = 5
+}
+export interface LogWriter {
+    write: (level: LogLevel, ...args: any[]) => void;
+}
+export interface Logger {
+    trace: (...args: any[]) => void;
+    debug: (...args: any[]) => void;
+    info: (...args: any[]) => void;
+    warn: (...args: any[]) => void;
+    error: (...args: any[]) => void;
+}
+export declare class LoggerFactory {
+    private static logWriter;
+    private static logLevel;
+    static setLogLevel(logLevel: LogLevel): void;
+    static setLogWriter(logWriter: LogWriter): void;
+    static getLogger(name: string): Logger;
+}

package/build/lib/proveauth/common/logger.js ADDED Viewed

@@ -0,0 +1,85 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LoggerFactory = exports.LogLevel = void 0;
+var LogLevel;
+(function (LogLevel) {
+    LogLevel[LogLevel["disabled"] = 0] = "disabled";
+    LogLevel[LogLevel["error"] = 1] = "error";
+    LogLevel[LogLevel["warn"] = 2] = "warn";
+    LogLevel[LogLevel["info"] = 3] = "info";
+    LogLevel[LogLevel["debug"] = 4] = "debug";
+    LogLevel[LogLevel["trace"] = 5] = "trace";
+})(LogLevel = exports.LogLevel || (exports.LogLevel = {}));
+class ConsoleLogger {
+    trace(...args) {
+        console.info(...args);
+    }
+    debug(...args) {
+        console.info(...args);
+    }
+    info(...args) {
+        console.info(...args);
+    }
+    warn(...args) {
+        console.warn(...args);
+    }
+    error(...args) {
+        console.error(...args);
+    }
+}
+class ConsoleLogWriter {
+    write(level, ...args) {
+        switch (level) {
+            case LogLevel.trace:
+                console.debug(...args);
+                break;
+            case LogLevel.debug:
+                console.debug(...args);
+                break;
+            case LogLevel.info:
+                console.info(...args);
+                break;
+            case LogLevel.warn:
+                console.warn(...args);
+                break;
+            case LogLevel.error:
+                console.error(...args);
+                break;
+        }
+    }
+}
+class LoggerFactory {
+    static setLogLevel(logLevel) {
+        LoggerFactory.logLevel = logLevel;
+    }
+    static setLogWriter(logWriter) {
+        LoggerFactory.logWriter = logWriter;
+    }
+    static getLogger(name) {
+        return {
+            trace: (...args) => {
+                if (LoggerFactory.logLevel >= LogLevel.trace)
+                    LoggerFactory.logWriter.write(LogLevel.trace, name + ': ', ...args);
+            },
+            debug: (...args) => {
+                if (LoggerFactory.logLevel >= LogLevel.debug)
+                    LoggerFactory.logWriter.write(LogLevel.debug, name + ': ', ...args);
+            },
+            info: (...args) => {
+                if (LoggerFactory.logLevel >= LogLevel.info)
+                    LoggerFactory.logWriter.write(LogLevel.info, name + ': ', ...args);
+            },
+            warn: (...args) => {
+                if (LoggerFactory.logLevel >= LogLevel.warn)
+                    LoggerFactory.logWriter.write(LogLevel.warn, name + ': ', ...args);
+            },
+            error: (...args) => {
+                if (LoggerFactory.logLevel >= LogLevel.error)
+                    LoggerFactory.logWriter.write(LogLevel.error, name + ': ', ...args);
+            },
+        };
+    }
+}
+LoggerFactory.logWriter = new ConsoleLogWriter();
+LoggerFactory.logLevel = LogLevel.info;
+exports.LoggerFactory = LoggerFactory;

package/build/lib/proveauth/instantlink.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import PhoneNumberInput, { PhoneNumberStep, PhoneNumberStepFn } from './internal/phone-number-input';
+export type InstantLinkStartInput = PhoneNumberInput;
+export type InstantLinkStartStep = PhoneNumberStep;
+export type InstantLinkStartStepFn = PhoneNumberStepFn;

package/build/lib/proveauth/instantlink.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib/proveauth/internal/auth-error.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+export default class AuthError extends Error {
+    readonly code?: number;
+    readonly nextStep?: string;
+    readonly reportable: boolean;
+    constructor(message?: string, code?: number, nextStep?: string, reportable?: boolean);
+    static extractMessage(error: any): string;
+}

package/build/lib/proveauth/internal/auth-error.js ADDED Viewed

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class AuthError extends Error {
+    constructor(message, code, nextStep, reportable) {
+        super(message);
+        this.code = code;
+        this.nextStep = nextStep;
+        this.reportable = reportable === undefined || reportable;
+    }
+    static extractMessage(error) {
+        let message = '';
+        if (error) {
+            const messageKey = 'message';
+            if (error[messageKey]) {
+                message = error[messageKey];
+            }
+            else {
+                message = error.toString();
+                if (message === '[object Object]') {
+                    message = JSON.stringify(error);
+                }
+            }
+        }
+        return message;
+    }
+}
+exports.default = AuthError;

package/build/lib/proveauth/internal/auth-message.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+export default interface AuthMessage {
+    title: string;
+    body: string;
+    confirmBtn: string;
+    denyBtn: string;
+    originatingIp?: string;
+    originatingIpLocation?: string;
+    originatingDevice?: string;
+    distanceFromOriginator?: number;
+    timestamp: number;
+    exp: number;
+}

package/build/lib/proveauth/internal/auth-message.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib/proveauth/internal/auth-request.d.ts ADDED Viewed

@@ -0,0 +1,90 @@
+import { MobileAuthImplementation } from '../authenticator-builder';
+import { AuthResponseStatus } from './auth-response-status';
+export type AuthRequest = V1ClientDeviceFido2RegisterStart | V1ClientDeviceFido2RegisterFinish | V1ClientDeviceFido2VerifyStart | V1ClientDeviceFido2VerifyFinish | V1ClientDevicePassiveRegister | V1ClientDevicePassiveVerify | V1ClientUserResponse | V1ClientAnyError | V1ClientChallenge | V1ClientMobileInstantLinkStart | V1ClientMobileInstantStart | V1ClientMobileInstantFinish | V1ClientOtpStart | V1ClientOtpFinish;
+export type AuthRegistration = PassiveRegistration | Fido2Registration;
+export interface PublicKey {
+    id: string;
+    alg: string;
+    key: string;
+    uvLevel: 0;
+}
+export interface PassiveRegistration {
+    publicKey: PublicKey;
+    signature: string;
+}
+export interface WebAuthnCredentialResponse {
+    attestationObject: string;
+    clientDataJSON: string;
+}
+export interface WebAuthnCredential {
+    type: string;
+    id: string;
+    rawId: string;
+    response: WebAuthnCredentialResponse;
+}
+export interface Fido2Registration {
+    webAuthnCredential: WebAuthnCredential;
+}
+export interface V1ClientDeviceFido2RegisterStart {
+    displayName?: string;
+}
+export interface V1ClientDeviceFido2RegisterFinish {
+    deviceName: string;
+    deviceCapabilities: string[];
+    registrations: AuthRegistration[];
+}
+export interface V1ClientDeviceFido2VerifyStart {
+    deviceId: string;
+}
+export interface WebAuthnAssertionResponse {
+    authenticatorData: string;
+    clientDataJSON: string;
+    signature: string;
+    userHandle?: string;
+}
+export interface WebAuthnAssertion {
+    type: string;
+    id: string;
+    rawId: string;
+    response: WebAuthnAssertionResponse;
+}
+export interface V1ClientDeviceFido2VerifyFinish {
+    webAuthnAssertion: WebAuthnAssertion;
+}
+export interface V1ClientDevicePassiveRegister {
+    deviceName: string;
+    deviceCapabilities: string[];
+    registrations: PassiveRegistration[];
+}
+export interface V1ClientDevicePassiveVerify {
+    deviceId: string;
+    keyId: string;
+    signature: string;
+}
+export interface V1ClientUserResponse {
+    response: AuthResponseStatus;
+}
+export interface V1ClientAnyError {
+    code?: number;
+    message: string;
+}
+export interface V1ClientChallenge {
+    deviceId: string;
+}
+export interface V1ClientMobileInstantLinkStart {
+    sourceIp?: string | null;
+    mobileNumber?: string | null;
+}
+export interface V1ClientMobileInstantStart {
+    cellularIp?: string | null;
+    implementation?: MobileAuthImplementation;
+}
+export interface V1ClientMobileInstantFinish {
+    vfp: string;
+}
+export interface V1ClientOtpStart {
+    mobileNumber?: string | null;
+}
+export interface V1ClientOtpFinish {
+    otp: string;
+}

package/build/lib/proveauth/internal/auth-request.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib/proveauth/internal/auth-response-status.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export declare enum AuthResponseStatus {
+    Accept = "accept",
+    Reject = "reject",
+    Cancel = "cancel",
+    Unexpected = "unexpected",
+    Timeout = "timeout",
+    Unknown = "unknown"
+}

package/build/lib/proveauth/internal/auth-response-status.js ADDED Viewed

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthResponseStatus = void 0;
+var AuthResponseStatus;
+(function (AuthResponseStatus) {
+    AuthResponseStatus["Accept"] = "accept";
+    AuthResponseStatus["Reject"] = "reject";
+    AuthResponseStatus["Cancel"] = "cancel";
+    AuthResponseStatus["Unexpected"] = "unexpected";
+    AuthResponseStatus["Timeout"] = "timeout";
+    AuthResponseStatus["Unknown"] = "unknown";
+})(AuthResponseStatus = exports.AuthResponseStatus || (exports.AuthResponseStatus = {}));

package/build/lib/proveauth/internal/auth-response.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+import AuthMessage from './auth-message';
+export default interface AuthResponse {
+    next: string;
+    error?: AuthFailure;
+    refreshDeviceTrust?: boolean;
+}
+export interface AuthFailure {
+    message: string;
+    code: number;
+}
+export interface RegisterStartAuthResponseData {
+    credCreateOptions: PublicKeyCredentialCreationOptions;
+}
+export interface RegisterStartAuthResponse extends AuthResponse {
+    data: RegisterStartAuthResponseData;
+}
+export interface RegisterFinishAuthResponseData {
+    deviceId: string;
+}
+export interface RegisterFinishAuthResponse extends AuthResponse {
+    data: RegisterFinishAuthResponseData;
+}
+export type DeviceRegisterAuthResponse = RegisterFinishAuthResponse;
+export interface VerifyStartAuthResponseData {
+    credRequestOptions: PublicKeyCredentialRequestOptions;
+}
+export interface VerifyStartAuthResponse extends AuthResponse {
+    data: VerifyStartAuthResponseData;
+}
+export interface VerifyFinishAuthResponseData {
+    scanMessage?: AuthMessage;
+}
+export interface VerifyFinishAuthResponse extends AuthResponse {
+    data?: VerifyFinishAuthResponseData;
+}
+export interface ChallengeResponse extends AuthResponse {
+    deviceId?: string;
+    challenge?: string;
+    ttl?: number;
+    receivedAt?: number;
+}
+export interface MobileStartAuthResponseData {
+    redirectUrl?: string;
+}
+export interface MobileStartAuthResponse extends AuthResponse {
+    data?: MobileStartAuthResponseData;
+}
+export interface OtpStartResponse extends AuthResponse {
+    data?: OtpResponseData;
+}
+export interface OtpFinishResponse extends AuthResponse {
+    data?: OtpResponseData;
+}
+export interface OtpResponseData {
+    code?: number;
+    message?: string;
+}
+export interface InstantLinkStartResponse extends AuthResponse {
+    data?: InstantLinkResponseData;
+}
+export type InstantLinkResponseData = OtpResponseData;

package/build/lib/proveauth/internal/auth-response.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib/proveauth/internal/auth-session.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+/// <reference types="webappsec-credential-management" />
+import AuthMessage from './auth-message';
+import { AuthRequest } from './auth-request';
+import AuthResponse from './auth-response';
+import AuthTokenClaims, { UserVerificationLevel } from './auth-token-claims';
+import { DeviceRegistration } from './device-auth';
+import Platform, { AuthSessionIntegration, MessageChannel, RequestSigner } from './platform';
+import Settings from './settings';
+export default class AuthSession implements AuthSessionIntegration {
+    readonly platform: Platform;
+    readonly authToken?: string;
+    readonly claims?: AuthTokenClaims;
+    readonly settings: Settings;
+    readonly requestSigner: RequestSigner;
+    lastStep: string | null;
+    credential: CredentialType | null;
+    authMessage: AuthMessage | null;
+    uvLevel: UserVerificationLevel | null;
+    backendUrlOverride: string | null;
+    get namespace(): string;
+    get backendUrl(): string;
+    get authId(): string;
+    get challenge(): string;
+    get next(): string;
+    constructor(settings: Settings, platform: Platform, authToken?: string);
+    fetchFromBackend(query: string, body: AuthRequest): Promise<AuthResponse>;
+    createMessageChannel(endpointPath: string, onClose: () => void, onError: (message: string) => void, onMessage: (data: string) => void): MessageChannel;
+    getDeviceRegistration(): Promise<DeviceRegistration | null>;
+    private parseJwt;
+}

package/build/lib/proveauth/internal/auth-session.js ADDED Viewed

@@ -0,0 +1,156 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const logger_1 = require("../common/logger");
+const version_1 = require("../version");
+const auth_token_claims_1 = require("./auth-token-claims");
+const error_code_1 = __importDefault(require("./error-code"));
+class AuthSession {
+    get namespace() {
+        var _a;
+        return ((_a = this.claims) === null || _a === void 0 ? void 0 : _a.auth.ans) || this.settings.namespace;
+    }
+    get backendUrl() {
+        var _a;
+        return ((_a = this.claims) === null || _a === void 0 ? void 0 : _a.auth.endp) || this.backendUrlOverride;
+    }
+    get authId() {
+        var _a;
+        return (_a = this.claims) === null || _a === void 0 ? void 0 : _a.auth.id;
+    }
+    get challenge() {
+        var _a;
+        return (_a = this.claims) === null || _a === void 0 ? void 0 : _a.auth.chlg;
+    }
+    get next() {
+        var _a;
+        return (_a = this.claims) === null || _a === void 0 ? void 0 : _a.auth.next;
+    }
+    constructor(settings, platform, authToken) {
+        var _a, _b;
+        this.lastStep = null;
+        this.credential = null;
+        this.authMessage = null;
+        this.uvLevel = null;
+        this.backendUrlOverride = null;
+        this.platform = platform;
+        this.authToken = authToken;
+        this.settings = settings;
+        if (authToken) {
+            this.claims = this.parseJwt(authToken);
+            this.settings.namespace = this.claims.auth.ans;
+            this.uvLevel =
+                ((_b = (_a = this.claims.auth.subs.dev) === null || _a === void 0 ? void 0 : _a.auths.pasv) === null || _b === void 0 ? void 0 : _b.uvlvl) || auth_token_claims_1.UserVerificationLevel.Discouraged;
+        }
+        this.requestSigner = platform.createRequestSigner(this);
+    }
+    fetchFromBackend(query, body) {
+        const method = 'POST';
+        const contentType = 'application/json';
+        const bodyStr = JSON.stringify(body);
+        const querySplit = query.split('?');
+        const path = querySplit[0];
+        const params = querySplit.length > 1 ? querySplit[1] : '';
+        const headers = new Headers({
+            Accept: contentType,
+            'Content-Type': contentType,
+            'PA-Version': version_1.USER_AGENT_VERSIONS,
+        });
+        if (this.authToken) {
+            headers.set('Authorization', 'Bearer ' + this.authToken);
+        }
+        return new Promise((resolve, reject) => {
+            this.requestSigner
+                .sign(method, path, params, contentType, bodyStr)
+                .then((signature) => {
+                if (signature) {
+                    headers.set('PA-Sig-Version', signature.version);
+                    headers.set('PA-Challenge', signature.challenge);
+                    headers.set('PA-KID', signature.keyId);
+                    headers.set('PA-Signature', signature.signature);
+                }
+                this.platform
+                    .fetch(this.backendUrl + query, {
+                    mode: 'cors',
+                    method: method,
+                    headers: headers,
+                    body: bodyStr,
+                })
+                    .then((response) => response.json())
+                    .then((response) => {
+                    if (response.error) {
+                        if (response.error.code === error_code_1.default.ERROR_NO_DEVICE_FOUND) {
+                            this.settings.reset();
+                            this.platform.deviceAuth.reset();
+                        }
+                    }
+                    resolve(response);
+                })
+                    .catch(reject);
+            })
+                .catch(reject);
+        });
+    }
+    createMessageChannel(endpointPath, onClose, onError, onMessage) {
+        if (!this.authToken) {
+            throw new Error('Authentication token is not initialized, cannot create MessageChannel');
+        }
+        const KEEP_ALIVE_INTERVAL = 30000;
+        const endpoint = this.backendUrl.replace(/^http/, 'ws');
+        const encodedAuthToken = encodeURIComponent(this.authToken);
+        const channel = this.platform.createMessageChannel(endpoint + endpointPath + '?token=' + encodedAuthToken);
+        const log = logger_1.LoggerFactory.getLogger('web-message-channel');
+        const keepAlive = setInterval(() => {
+            log.debug('Sending keep-alive message');
+            channel.send('');
+        }, KEEP_ALIVE_INTERVAL);
+        channel.addEventListener('close', (_) => {
+            if (keepAlive) {
+                clearInterval(keepAlive);
+            }
+            onClose();
+        });
+        channel.addEventListener('error', (event) => {
+            if ('message' in event) {
+                onError(event['message']);
+            }
+            else {
+                onError(event.toString());
+            }
+        });
+        channel.addEventListener('message', (event) => {
+            if ('origin' in event && event['origin'] !== endpoint) {
+                onError('Unexpected origin');
+            }
+            else {
+                var data = event.data;
+                if (data && typeof data === 'string') {
+                    onMessage(data);
+                }
+                else {
+                    onMessage(event.toString());
+                }
+            }
+        });
+        return channel;
+    }
+    getDeviceRegistration() {
+        return new Promise((resolve, reject) => {
+            this.platform.deviceAuth
+                .getRegistration(this.namespace)
+                .then((registration) => {
+                if (registration) {
+                    this.backendUrlOverride = registration === null || registration === void 0 ? void 0 : registration.endpoint;
+                }
+                resolve(registration);
+            })
+                .catch(reject);
+        });
+    }
+    parseJwt(token) {
+        return JSON.parse(atob(token.split('.')[1]));
+    }
+}
+exports.default = AuthSession;

package/build/lib/proveauth/internal/auth-step.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import AuthSession from './auth-session';
+export default interface AuthStep {
+    readonly name: string;
+    execute(session: AuthSession): Promise<string>;
+}

package/build/lib/proveauth/internal/auth-step.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib/proveauth/internal/auth-token-claims.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+export declare enum UserVerificationLevel {
+    Discouraged = "none",
+    Preferred = "pref",
+    Required = "req"
+}
+export interface PassiveAuthenticator {
+    cdt: boolean;
+    uvlvl?: UserVerificationLevel;
+}
+export interface InstantAuthenticator {
+}
+export interface InstantLinkAuthenticator {
+    mnp: boolean;
+    tme?: boolean;
+}
+export interface OtpAuthenticator {
+    mnp: boolean;
+}
+export interface Authenticators {
+    pasv?: PassiveAuthenticator;
+    inst?: InstantAuthenticator;
+    inln?: InstantLinkAuthenticator;
+    otp?: OtpAuthenticator;
+}
+export interface DeviceAuthSubjectClaim {
+    auths: Authenticators;
+}
+export interface MobileAuthSubjectClaim {
+    auths: Authenticators;
+}
+export interface AuthSubjectsClaim {
+    dev?: DeviceAuthSubjectClaim;
+    mob?: MobileAuthSubjectClaim;
+}
+export interface AuthClaim {
+    id: string;
+    ans: string;
+    endp: string;
+    chlg: string;
+    subs: AuthSubjectsClaim;
+    next: string;
+}
+export default interface AuthTokenClaims {
+    rid: string;
+    auth: AuthClaim;
+}