@prove-identity/prove-auth 2.3.2

package/build/lib/proveauth/internal/error-code.d.ts

@@ -0,0 +1,9 @@
+export default class ErrorCode {
+    static readonly ERROR_AUTHENTICATION_FAILURE = 10000;
+    static readonly ERROR_AUTHENTICATION_EXTERNAL_FAILURE = 10001;
+    static readonly ERROR_AUTHENTICATION_CLIENT_FAILURE = 10002;
+    static readonly ERROR_AUTHENTICATION_PROHIBITED_ACTION = 10003;
+    static readonly ERROR_MISSING_AUTHENTICATOR_COMPLETION = 10004;
+    static readonly ERROR_MAX_ATTEMPTS = 10005;
+    static readonly ERROR_NO_DEVICE_FOUND = 10006;
+}

package/build/lib/proveauth/internal/error-code.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class ErrorCode {
+}
+ErrorCode.ERROR_AUTHENTICATION_FAILURE = 10000;
+ErrorCode.ERROR_AUTHENTICATION_EXTERNAL_FAILURE = 10001;
+ErrorCode.ERROR_AUTHENTICATION_CLIENT_FAILURE = 10002;
+ErrorCode.ERROR_AUTHENTICATION_PROHIBITED_ACTION = 10003;
+ErrorCode.ERROR_MISSING_AUTHENTICATOR_COMPLETION = 10004;
+ErrorCode.ERROR_MAX_ATTEMPTS = 10005;
+ErrorCode.ERROR_NO_DEVICE_FOUND = 10006;
+exports.default = ErrorCode;

package/build/lib/proveauth/internal/mobile-instant-step.d.ts

@@ -0,0 +1,15 @@
+import AuthSession from './auth-session';
+import AuthStep from './auth-step';
+import { MobileAuthImplementation } from '../authenticator-builder';
+export default class MobileInstantStep implements AuthStep {
+    static readonly NAME = "mobile/instant";
+    readonly name = "mobile/instant";
+    protected log: import("../common/logger").Logger;
+    private readonly implementation;
+    private readonly getDeviceIp;
+    private readonly deviceIpDetection;
+    private errorCodeBak?;
+    private nextBak?;
+    constructor(implementation: MobileAuthImplementation, getDeviceIp?: () => string | null);
+    execute(session: AuthSession): Promise<string>;
+}

package/build/lib/proveauth/internal/mobile-instant-step.js

@@ -0,0 +1,100 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const auth_error_1 = __importDefault(require("./auth-error"));
+const logger_1 = require("../common/logger");
+const authenticator_builder_1 = require("../authenticator-builder");
+const error_code_1 = __importDefault(require("./error-code"));
+class MobileInstantStep {
+    constructor(implementation, getDeviceIp) {
+        this.name = MobileInstantStep.NAME;
+        this.log = logger_1.LoggerFactory.getLogger('mobile-instant-step');
+        this.errorCodeBak = error_code_1.default.ERROR_AUTHENTICATION_CLIENT_FAILURE;
+        this.implementation = implementation;
+        if (getDeviceIp) {
+            this.getDeviceIp = getDeviceIp;
+            this.deviceIpDetection = false;
+        }
+        else {
+            this.getDeviceIp = () => null;
+            this.deviceIpDetection = true;
+        }
+    }
+    execute(session) {
+        return new Promise((resolve, reject) => {
+            let builder = session.platform
+                .getMobileAuthBuilder()
+                .withDeviceIpDetection(this.deviceIpDetection);
+            switch (this.implementation) {
+                case authenticator_builder_1.MobileAuthImplementation.Pixel: {
+                    builder = builder.withPixelImplementation();
+                    break;
+                }
+                case authenticator_builder_1.MobileAuthImplementation.Fetch: {
+                    builder = builder.withFetchImplementation().withFinishStep((input) => {
+                        return new Promise((resolve, reject) => {
+                            session
+                                .fetchFromBackend('/v1/client/mobile/instant/finish', {
+                                vfp: input.vfp,
+                            })
+                                .then(resolve)
+                                .catch(reject);
+                        });
+                    });
+                    break;
+                }
+            }
+            builder = builder.withStartStep((input) => {
+                return new Promise((resolve, reject) => {
+                    const ip = this.deviceIpDetection ? input.deviceDescriptor.ip : this.getDeviceIp();
+                    session
+                        .fetchFromBackend('/v1/client/mobile/instant/start', {
+                        cellularIp: ip,
+                        implementation: this.implementation,
+                    })
+                        .then((response) => {
+                        var _a;
+                        if (response.error) {
+                            this.nextBak = response.next;
+                            this.errorCodeBak = response.error.code;
+                            reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
+                        }
+                        else {
+                            resolve({
+                                authUrl: (_a = response.data) === null || _a === void 0 ? void 0 : _a.redirectUrl,
+                            });
+                        }
+                    })
+                        .catch(reject);
+                });
+            });
+            const authenticator = builder.build();
+            authenticator
+                .authenticate()
+                .then((response) => {
+                if (response) {
+                    const authResponse = response;
+                    if (authResponse.error) {
+                        reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
+                    }
+                    resolve(authResponse.next);
+                }
+                else {
+                    session
+                        .fetchFromBackend('/v1/client/mobile/instant/finish', {})
+                        .then((response) => resolve(response.next))
+                        .catch((error) => {
+                        reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
+                    });
+                }
+            })
+                .catch((error) => {
+                reject(new auth_error_1.default(error, this.errorCodeBak, this.nextBak, false));
+            });
+        });
+    }
+}
+MobileInstantStep.NAME = 'mobile/instant';
+exports.default = MobileInstantStep;

package/build/lib/proveauth/internal/mobile-instantlink-step.d.ts

@@ -0,0 +1,14 @@
+import AuthSession from './auth-session';
+import AuthStep from './auth-step';
+import { InstantLinkStartStep } from '../instantlink';
+export default class MobileInstantLinkStep implements AuthStep {
+    static readonly NAME = "mobile/instantlink";
+    readonly name = "mobile/instantlink";
+    protected log: import("../common/logger").Logger;
+    private readonly startStep?;
+    private readonly getDeviceIp;
+    constructor(startStep?: InstantLinkStartStep, getDeviceIp?: () => string | null);
+    execute(session: AuthSession): Promise<string>;
+    private runStartStep;
+    private runFinishStep;
+}

package/build/lib/proveauth/internal/mobile-instantlink-step.js

@@ -0,0 +1,108 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const logger_1 = require("../common/logger");
+const phone_number_input_1 = require("./phone-number-input");
+const auth_error_1 = __importDefault(require("./auth-error"));
+const SIMULATED_LINK_CLICK_DELAY = 100;
+class MobileInstantLinkStep {
+    constructor(startStep, getDeviceIp) {
+        this.name = MobileInstantLinkStep.NAME;
+        this.log = logger_1.LoggerFactory.getLogger('mobile-instantlink-step');
+        this.startStep = startStep;
+        this.getDeviceIp = getDeviceIp !== null && getDeviceIp !== void 0 ? getDeviceIp : (() => null);
+    }
+    execute(session) {
+        return new Promise((resolve, reject) => {
+            var _a, _b, _c, _d, _e, _f;
+            var phoneNumberNeeded = true;
+            if ((_c = (_b = (_a = session.claims) === null || _a === void 0 ? void 0 : _a.auth.subs.mob) === null || _b === void 0 ? void 0 : _b.auths.inln) === null || _c === void 0 ? void 0 : _c.mnp) {
+                phoneNumberNeeded = false;
+            }
+            var testMode = false;
+            if ((_f = (_e = (_d = session.claims) === null || _d === void 0 ? void 0 : _d.auth.subs.mob) === null || _e === void 0 ? void 0 : _e.auths.inln) === null || _f === void 0 ? void 0 : _f.tme) {
+                testMode = true;
+            }
+            this.runStartStep(session, phoneNumberNeeded)
+                .then((next) => {
+                this.runFinishStep(session, testMode)
+                    .then(() => resolve(next))
+                    .catch(reject);
+            })
+                .catch(reject);
+        });
+    }
+    runStartStep(session, phoneNumberNeeded, phoneValidationError) {
+        return new Promise((resolve, reject) => {
+            if (this.startStep) {
+                this.startStep
+                    .execute(phoneNumberNeeded, phoneValidationError)
+                    .then((input) => {
+                    session
+                        .fetchFromBackend('/v1/client/mobile/instantlink/start', {
+                        sourceIp: this.getDeviceIp(),
+                        mobileNumber: input === null || input === void 0 ? void 0 : input.phoneNumber,
+                    })
+                        .then((response) => {
+                        var _a, _b, _c;
+                        const authResponse = response;
+                        if (authResponse.error) {
+                            reject(new auth_error_1.default(authResponse.error.message, authResponse.error.code, response.next, false));
+                        }
+                        else if (authResponse.data) {
+                            var errorMessage = '';
+                            if ((_a = authResponse.data) === null || _a === void 0 ? void 0 : _a.code) {
+                                errorMessage += `Error Code: ${authResponse.data.code}, `;
+                            }
+                            if ((_b = authResponse.data) === null || _b === void 0 ? void 0 : _b.message) {
+                                errorMessage += `${authResponse.data.message}`;
+                            }
+                            else {
+                                errorMessage += `Error validating phone number`;
+                            }
+                            let phoneNumberValidationError = new phone_number_input_1.PhoneValidationError(errorMessage, (_c = authResponse.data) === null || _c === void 0 ? void 0 : _c.code);
+                            this.log.error(`Server reports invalid phone number: ${errorMessage}`);
+                            this.runStartStep(session, phoneNumberNeeded, phoneNumberValidationError)
+                                .then(resolve)
+                                .catch(reject);
+                        }
+                        else {
+                            resolve(authResponse.next);
+                        }
+                    })
+                        .catch(reject);
+                })
+                    .catch(reject);
+            }
+            else {
+                reject(new Error('InstantLink start step must be specified'));
+            }
+        });
+    }
+    runFinishStep(session, testMode) {
+        return new Promise((resolve, reject) => {
+            if (testMode) {
+                this.log.info('Simulating user clicking the instant link');
+                setTimeout(() => {
+                    session.platform
+                        .fetch(session.backendUrl +
+                        '/v1/client/mobile/instantlink/finish?token=' +
+                        session.authToken +
+                        '&vfp=test-vfp', {
+                        mode: 'cors',
+                        method: 'GET',
+                    })
+                        .then((_) => resolve())
+                        .catch(reject);
+                }, SIMULATED_LINK_CLICK_DELAY);
+            }
+            else {
+                resolve();
+            }
+        });
+    }
+}
+MobileInstantLinkStep.NAME = 'mobile/instantlink';
+exports.default = MobileInstantLinkStep;

package/build/lib/proveauth/internal/mobile-otp-step.d.ts

@@ -0,0 +1,14 @@
+import AuthSession from './auth-session';
+import AuthStep from './auth-step';
+import { OtpStartStep, OtpFinishStep } from '../otp';
+export default class MobileOtpStep implements AuthStep {
+    static readonly NAME = "mobile/otp";
+    readonly name = "mobile/otp";
+    protected log: import("../common/logger").Logger;
+    private otpStartStep?;
+    private otpFinishStep?;
+    constructor(otpStartStep?: OtpStartStep, otpFinishStep?: OtpFinishStep);
+    execute(session: AuthSession): Promise<string>;
+    private runOtpStartStep;
+    private runOtpFinishStep;
+}

package/build/lib/proveauth/internal/mobile-otp-step.js

@@ -0,0 +1,141 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const logger_1 = require("../common/logger");
+const auth_error_1 = __importDefault(require("./auth-error"));
+const otp_1 = require("../otp");
+const phone_number_input_1 = require("./phone-number-input");
+class MobileOtpStep {
+    constructor(otpStartStep, otpFinishStep) {
+        this.name = MobileOtpStep.NAME;
+        this.log = logger_1.LoggerFactory.getLogger('mobile-otp-step');
+        this.otpStartStep = otpStartStep;
+        this.otpFinishStep = otpFinishStep;
+    }
+    execute(session) {
+        return new Promise((resolve, reject) => {
+            var _a, _b, _c;
+            if (!this.otpStartStep) {
+                reject(new Error('OtpStartStep step must be specified'));
+                return;
+            }
+            if (!this.otpFinishStep) {
+                reject(new Error('OtpFinishStep step must be specified'));
+                return;
+            }
+            var phoneNumberNeeded = true;
+            if ((_c = (_b = (_a = session.claims) === null || _a === void 0 ? void 0 : _a.auth.subs.mob) === null || _b === void 0 ? void 0 : _b.auths.otp) === null || _c === void 0 ? void 0 : _c.mnp) {
+                phoneNumberNeeded = false;
+            }
+            this.runOtpStartStep(session, this.otpStartStep, this.otpFinishStep, phoneNumberNeeded)
+                .then(resolve)
+                .catch(reject);
+        });
+    }
+    runOtpStartStep(session, otpStartStep, otpFinishStep, phoneNumberNeeded, phoneValidationError) {
+        return new Promise((resolve, reject) => {
+            otpStartStep
+                .execute(phoneNumberNeeded, phoneValidationError)
+                .then((input) => {
+                session
+                    .fetchFromBackend('/v1/client/mobile/otp/start', {
+                    mobileNumber: input === null || input === void 0 ? void 0 : input.phoneNumber,
+                })
+                    .then((response) => {
+                    const authResponse = response;
+                    if (authResponse.error) {
+                        reject(new auth_error_1.default(authResponse.error.message, authResponse.error.code, response.next, false));
+                    }
+                    else if (authResponse.data) {
+                        let data = authResponse.data;
+                        var errorMessage = '';
+                        if (data === null || data === void 0 ? void 0 : data.code) {
+                            errorMessage += `Error Code: ${data.code}, `;
+                        }
+                        if (data === null || data === void 0 ? void 0 : data.message) {
+                            errorMessage += `${data.message}`;
+                        }
+                        else {
+                            errorMessage += `Error validating phone number`;
+                        }
+                        let phoneNumberValidationError = new phone_number_input_1.PhoneValidationError(errorMessage, data === null || data === void 0 ? void 0 : data.code);
+                        this.log.error(`Server reports invalid phone number: ${errorMessage}`);
+                        this.runOtpStartStep(session, otpStartStep, otpFinishStep, phoneNumberNeeded, phoneNumberValidationError)
+                            .then(resolve)
+                            .catch(reject);
+                    }
+                    else {
+                        this.runOtpFinishStep(session, otpStartStep, otpFinishStep, phoneNumberNeeded)
+                            .then(resolve)
+                            .catch(reject);
+                    }
+                })
+                    .catch(reject);
+            })
+                .catch((error) => {
+                const message = auth_error_1.default.extractMessage(error);
+                reject(new Error(`Failed to start OTP flow: ${message}`));
+            });
+        });
+    }
+    runOtpFinishStep(session, otpStartStep, otpFinishStep, phoneNumberNeeded, otpError) {
+        return new Promise((resolve, reject) => {
+            otpFinishStep
+                .execute(otpError)
+                .then((otpFinishResult) => {
+                var _a;
+                let result = otpFinishResult;
+                switch (result.resultType) {
+                    case otp_1.OtpFinishResultType.OnResendOtp:
+                        this.runOtpStartStep(session, otpStartStep, otpFinishStep, phoneNumberNeeded)
+                            .then(resolve)
+                            .catch(reject);
+                        break;
+                    case otp_1.OtpFinishResultType.OnSuccess:
+                        let input = result.input;
+                        session
+                            .fetchFromBackend('/v1/client/mobile/otp/finish', {
+                            otp: (_a = input === null || input === void 0 ? void 0 : input.otp) !== null && _a !== void 0 ? _a : '',
+                        })
+                            .then((response) => {
+                            const authResponse = response;
+                            if (authResponse.error) {
+                                reject(new auth_error_1.default(authResponse.error.message, authResponse.error.code, response.next, false));
+                            }
+                            else if (authResponse.data) {
+                                let data = authResponse.data;
+                                var errorMessage = '';
+                                if (data === null || data === void 0 ? void 0 : data.code) {
+                                    errorMessage += `Error Code: ${data.code}, `;
+                                }
+                                if (data === null || data === void 0 ? void 0 : data.message) {
+                                    errorMessage += `${data.message}`;
+                                }
+                                else {
+                                    errorMessage += `Error validating OTP`;
+                                }
+                                let otpError = new otp_1.OtpError(errorMessage, data === null || data === void 0 ? void 0 : data.code);
+                                this.log.error(`Server reports invalid OTP: ${errorMessage}`);
+                                this.runOtpFinishStep(session, otpStartStep, otpFinishStep, phoneNumberNeeded, otpError)
+                                    .then(resolve)
+                                    .catch(reject);
+                            }
+                            else {
+                                resolve(response.next);
+                            }
+                        })
+                            .catch(reject);
+                        break;
+                }
+            })
+                .catch((error) => {
+                const message = auth_error_1.default.extractMessage(error);
+                reject(new Error(`Failed to obtain OTP for verification: ${message}}`));
+            });
+        });
+    }
+}
+MobileOtpStep.NAME = 'mobile/otp';
+exports.default = MobileOtpStep;

package/build/lib/proveauth/internal/phone-number-input.d.ts

@@ -0,0 +1,11 @@
+import AuthError from './auth-error';
+export default interface PhoneNumberInput {
+    phoneNumber: string;
+}
+export declare class PhoneValidationError extends AuthError {
+    constructor(message?: string, code?: number);
+}
+export interface PhoneNumberStep {
+    execute: (phoneNumberNeeded: boolean, phoneValidationError?: PhoneValidationError) => Promise<PhoneNumberInput | null>;
+}
+export type PhoneNumberStepFn = (phoneNumberNeeded: boolean, phoneValidationError?: PhoneValidationError) => Promise<PhoneNumberInput | null>;

package/build/lib/proveauth/internal/phone-number-input.js

@@ -0,0 +1,13 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PhoneValidationError = void 0;
+const auth_error_1 = __importDefault(require("./auth-error"));
+class PhoneValidationError extends auth_error_1.default {
+    constructor(message, code) {
+        super(message, code);
+    }
+}
+exports.PhoneValidationError = PhoneValidationError;

package/build/lib/proveauth/internal/platform.d.ts

@@ -0,0 +1,45 @@
+/// <reference types="webappsec-credential-management" />
+import { AuthenticatorBuilder } from '@prove-identity/mobile-auth';
+import { AuthRequest } from './auth-request';
+import AuthResponse from './auth-response';
+import DeviceAuth, { DeviceRegistration } from './device-auth';
+export declare const DEVICE_CAPABILITY_WEBAUTHN = "webauthn";
+export interface MessageChannel {
+    addEventListener: (type: string, listener: (event: any) => void) => void;
+    send: (data: string) => void;
+    close: () => void;
+}
+export interface WebAuthN {
+    getCredentials: (options?: CredentialRequestOptions) => Promise<CredentialType | null>;
+    createCredentials: (options: CredentialCreationOptions) => Promise<CredentialType | null>;
+}
+export interface RequestSignature {
+    version: string;
+    challenge: string;
+    keyId: string;
+    signature: string;
+}
+export interface RequestSigner {
+    sign: (method: string, path: string, query: string, contentType: string, body: string) => Promise<RequestSignature | null>;
+}
+export interface AuthSessionIntegration {
+    getDeviceRegistration: () => Promise<DeviceRegistration | null>;
+    fetchFromBackend: (query: string, body: AuthRequest) => Promise<AuthResponse>;
+}
+export default interface Platform {
+    readonly webauthn: WebAuthN;
+    readonly deviceAuth: DeviceAuth;
+    getPlatformName: () => string;
+    getUserAgent: () => string | null;
+    isFidoSupported: () => boolean;
+    fetch: (input: string, init?: RequestInit) => Promise<Response>;
+    createMessageChannel: (endpointUrl: string) => MessageChannel;
+    createRequestSigner: (session: AuthSessionIntegration) => RequestSigner;
+    getDeviceCapabilities: () => string[];
+    getMobileAuthBuilder: () => AuthenticatorBuilder<any>;
+    exit: (code?: number) => void;
+}
+export declare function stringToArrayBuffer(input: string): ArrayBuffer;
+export declare function arrayBufferToString(input: ArrayBuffer): string;
+export declare function arrayBufferToHexString(input: ArrayBuffer): string;
+export declare function getUnixTime(): number;

package/build/lib/proveauth/internal/platform.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getUnixTime = exports.arrayBufferToHexString = exports.arrayBufferToString = exports.stringToArrayBuffer = exports.DEVICE_CAPABILITY_WEBAUTHN = void 0;
+exports.DEVICE_CAPABILITY_WEBAUTHN = 'webauthn';
+function stringToArrayBuffer(input) {
+    return new TextEncoder().encode(input);
+}
+exports.stringToArrayBuffer = stringToArrayBuffer;
+function arrayBufferToString(input) {
+    return String.fromCharCode.apply(null, Array.from(new Uint8Array(input)));
+}
+exports.arrayBufferToString = arrayBufferToString;
+function arrayBufferToHexString(input) {
+    return Array.from(new Uint8Array(input), (x) => ('00' + x.toString(16)).slice(-2)).join('');
+}
+exports.arrayBufferToHexString = arrayBufferToHexString;
+function getUnixTime() {
+    return Math.floor(Date.now() / 1000);
+}
+exports.getUnixTime = getUnixTime;

package/build/lib/proveauth/internal/primary-authenticator.d.ts

@@ -0,0 +1,14 @@
+import AuthFinishStep from '../auth-finish-step';
+import AuthStep from './auth-step';
+import AuthSession from './auth-session';
+import Platform from './platform';
+import CancelablePromise from '../common/cancelable-promise';
+import BaseAuthenticator from './base-authenticator';
+export default class PrimaryAuthenticator extends BaseAuthenticator {
+    static readonly MAX_ATTEMPTS = 50;
+    private readonly steps;
+    constructor(platform?: Platform, storage?: Storage, finishStep?: AuthFinishStep, steps?: Array<AuthStep>);
+    process(session: AuthSession): CancelablePromise<void>;
+    private nextStep;
+    private getNextStep;
+}

package/build/lib/proveauth/internal/primary-authenticator.js

@@ -0,0 +1,64 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const report_error_step_1 = __importDefault(require("./report-error-step"));
+const logger_1 = require("../common/logger");
+const cancelable_promise_1 = __importDefault(require("../common/cancelable-promise"));
+const base_authenticator_1 = __importDefault(require("./base-authenticator"));
+const auth_error_1 = __importDefault(require("./auth-error"));
+const error_code_1 = __importDefault(require("./error-code"));
+class PrimaryAuthenticator extends base_authenticator_1.default {
+    constructor(platform, storage, finishStep, steps) {
+        super(platform, storage, finishStep);
+        this.steps = new Map();
+        this.log = logger_1.LoggerFactory.getLogger('primary-authenticator');
+        if (steps) {
+            for (let step of steps) {
+                this.steps.set(step.name, step);
+            }
+        }
+    }
+    process(session) {
+        return new cancelable_promise_1.default((resolve, reject, onCancel) => {
+            onCancel(() => {
+                this.log.info('Canceled');
+                resolve();
+            });
+            this.nextStep(session, session.next, 1).then(resolve).catch(reject);
+        });
+    }
+    nextStep(session, step, attempt) {
+        this.log.debug(`Authentication attempt ${attempt}, next step: ${step}`);
+        session.lastStep = step;
+        return new Promise((resolve, reject) => {
+            if ([base_authenticator_1.default.AUTH_DONE, base_authenticator_1.default.AUTH_EMPTY].includes(step)) {
+                resolve();
+            }
+            else if (attempt > PrimaryAuthenticator.MAX_ATTEMPTS) {
+                reject(new auth_error_1.default('Too many authentication steps', error_code_1.default.ERROR_MAX_ATTEMPTS));
+            }
+            else {
+                this.getNextStep(step)
+                    .execute(session)
+                    .then((next) => this.nextStep(session, next, attempt + 1))
+                    .then(resolve)
+                    .catch((e) => new report_error_step_1.default(e)
+                    .execute(session)
+                    .then((next) => this.nextStep(session, next, attempt + 1))
+                    .then(resolve)
+                    .catch(reject));
+            }
+        });
+    }
+    getNextStep(step) {
+        var nextStep = this.steps.get(step);
+        if (nextStep) {
+            return nextStep;
+        }
+        return new report_error_step_1.default('Unknown authentication step: ' + step);
+    }
+}
+PrimaryAuthenticator.MAX_ATTEMPTS = 50;
+exports.default = PrimaryAuthenticator;

package/build/lib/proveauth/internal/report-error-step.d.ts

@@ -0,0 +1,16 @@
+import AuthSession from './auth-session';
+import AuthStep from './auth-step';
+export default class ReportErrorStep implements AuthStep {
+    private static readonly errorKinds;
+    private readonly logger;
+    private _message;
+    private _code?;
+    private nextStep?;
+    private reportable?;
+    constructor(error: any);
+    readonly name = "error";
+    get code(): number | undefined;
+    get message(): string;
+    execute(session: AuthSession): Promise<string>;
+    private getKind;
+}