@prove-identity/prove-auth 2.3.2

package/build/lib/proveauth/internal/web-device-auth.js

@@ -0,0 +1,242 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WebDeviceRegistration = void 0;
+const logger_1 = require("../common/logger");
+const auth_error_1 = __importDefault(require("./auth-error"));
+const platform_1 = require("./platform");
+class WebDeviceRegistration {
+    constructor(options) {
+        this.deviceId = null;
+        this.namespace = options.namespace;
+        this.endpoint = options.endpoint;
+        if (options.createdAt) {
+            this.createdAt = options.createdAt;
+            this.keyId = options.keyId;
+            this.deviceId = options.deviceId;
+            this.algorithm = options.algorithm;
+            this.keys = options.keys;
+        }
+        else {
+            this.keyId = crypto.randomUUID();
+            this.algorithm = 'ES256';
+            this.createdAt = (0, platform_1.getUnixTime)();
+        }
+    }
+    sign(data) {
+        return new Promise((resolve, reject) => {
+            this.initialize()
+                .then(() => {
+                if (this.keys) {
+                    crypto.subtle
+                        .sign({
+                        name: 'ECDSA',
+                        hash: { name: 'SHA-256' },
+                    }, this.keys.privateKey, (0, platform_1.stringToArrayBuffer)(data))
+                        .then((signature) => resolve(btoa((0, platform_1.arrayBufferToString)(this.p1363ToDer(signature)))))
+                        .catch(reject);
+                }
+            })
+                .catch(reject);
+        });
+    }
+    getPublicKey() {
+        return new Promise((resolve, reject) => {
+            this.initialize()
+                .then(() => {
+                if (this.keys) {
+                    crypto.subtle
+                        .exportKey('spki', this.keys.publicKey)
+                        .then((key) => {
+                        const encodedKey = btoa((0, platform_1.arrayBufferToString)(key));
+                        resolve('-----BEGIN PUBLIC KEY-----\n' + encodedKey + '\n-----END PUBLIC KEY-----');
+                    })
+                        .catch(reject);
+                }
+            })
+                .catch(reject);
+        });
+    }
+    getAuthRegistration(challenge) {
+        return new Promise((resolve, reject) => {
+            this.sign(challenge)
+                .then((signature) => {
+                this.getPublicKey()
+                    .then((key) => {
+                    resolve({
+                        publicKey: {
+                            id: this.keyId,
+                            alg: this.algorithm,
+                            key: key,
+                            uvLevel: 0,
+                        },
+                        signature: signature,
+                    });
+                })
+                    .catch(reject);
+            })
+                .catch(reject);
+        });
+    }
+    initialize() {
+        return new Promise((resolve, reject) => {
+            if (this.keys) {
+                resolve();
+            }
+            else {
+                crypto.subtle
+                    .generateKey({ name: 'ECDSA', namedCurve: 'P-256' }, false, ['sign', 'verify'])
+                    .then((keyPair) => {
+                    this.keys = keyPair;
+                    resolve();
+                })
+                    .catch(reject);
+            }
+        });
+    }
+    p1363ToDer(sig) {
+        const signature = (0, platform_1.arrayBufferToHexString)(sig);
+        let r = signature.substring(0, signature.length / 2);
+        let s = signature.substring(signature.length / 2);
+        r = r.replace(/^(00)+/, '');
+        s = s.replace(/^(00)+/, '');
+        if (parseInt(r.charAt(0), 16) >= 8)
+            r = `00${r}`;
+        if (parseInt(s.charAt(0), 16) >= 8)
+            s = `00${s}`;
+        const rString = `02${(r.length / 2).toString(16).padStart(2, '0')}${r}`;
+        const sString = `02${(s.length / 2).toString(16).padStart(2, '0')}${s}`;
+        const derSig = `30${((rString.length + sString.length) / 2)
+            .toString(16)
+            .padStart(2, '0')}${rString}${sString}`;
+        const matchSig = derSig.match(/[\da-f]{2}/gi);
+        return matchSig ? new Uint8Array(matchSig.map((h) => parseInt(h, 16))) : new Uint8Array();
+    }
+    lenVal(val) {
+        if (typeof val === 'string' || val instanceof String) {
+            const vs = val;
+            return `[${vs.length}]: ${vs}`;
+        }
+        else {
+            const ab = val;
+            return `[${ab.byteLength}]: ${Array.from(new Uint8Array(ab), (x) => x.toString(16)).join(',')}`;
+        }
+    }
+}
+exports.WebDeviceRegistration = WebDeviceRegistration;
+class WebDeviceAuth {
+    constructor(dbFactory) {
+        this.log = logger_1.LoggerFactory.getLogger('web-device-auth');
+        this.dbFactory = dbFactory;
+    }
+    createRegistration(options) {
+        return new Promise((resolve, reject) => {
+            resolve(new WebDeviceRegistration(options));
+        });
+    }
+    getRegistration(namespace) {
+        return new Promise((resolve, reject) => {
+            const openReq = this.openDatabase();
+            openReq.onerror = (e) => {
+                reject('Failed to open registration database: ' + e);
+            };
+            openReq.onsuccess = (e) => {
+                const db = openReq.result;
+                const tx = db.transaction([WebDeviceAuth.DB_STORE], 'readonly');
+                tx.oncomplete = () => db.close();
+                const store = tx.objectStore(WebDeviceAuth.DB_STORE);
+                const getReq = store.get(namespace);
+                getReq.onsuccess = () => {
+                    if (getReq.result) {
+                        resolve(new WebDeviceRegistration(getReq.result));
+                    }
+                    else {
+                        resolve(null);
+                    }
+                };
+                getReq.onerror = (e) => {
+                    reject(new Error('Failed to access registration'));
+                };
+            };
+        });
+    }
+    storeRegistration(registration) {
+        return new Promise((resolve, reject) => {
+            const openReq = this.openDatabase();
+            openReq.onerror = (e) => {
+                reject('Failed to open registration database: ' + e);
+            };
+            openReq.onsuccess = (e) => {
+                const db = openReq.result;
+                const tx = db.transaction([WebDeviceAuth.DB_STORE], 'readwrite');
+                tx.oncomplete = () => db.close();
+                const store = tx.objectStore(WebDeviceAuth.DB_STORE);
+                this.log.trace('Saving registration');
+                const addReq = store.put(registration);
+                addReq.onsuccess = () => {
+                    this.log.trace('Registration saved');
+                };
+                addReq.onerror = (e) => {
+                    reject(new auth_error_1.default('Failed to store registration'));
+                };
+                resolve();
+            };
+        });
+    }
+    deleteRegistration(namespace) {
+        return new Promise((resolve, reject) => {
+            var openReq = this.openDatabase();
+            openReq.onerror = (e) => {
+                reject('Failed to open registration database: ' + e);
+            };
+            openReq.onsuccess = (e) => {
+                var db = openReq.result;
+                var tx = db.transaction([WebDeviceAuth.DB_STORE], 'readwrite');
+                tx.oncomplete = () => db.close();
+                if (!db.objectStoreNames.contains(WebDeviceAuth.DB_STORE)) {
+                    this.log.debug('Registration not found, store is missing');
+                    resolve();
+                    return;
+                }
+                var store = tx.objectStore(WebDeviceAuth.DB_STORE);
+                var delReq = store.delete(namespace);
+                delReq.onsuccess = () => {
+                    resolve();
+                };
+                delReq.onerror = (e) => {
+                    reject(new Error('Failed to delete registration'));
+                };
+            };
+        });
+    }
+    reset() {
+        return new Promise((resolve, reject) => {
+            var delReq = this.dbFactory.deleteDatabase(WebDeviceAuth.DB_NAME);
+            delReq.onsuccess = (e) => {
+                resolve();
+            };
+            delReq.onerror = (e) => {
+                this.log.warn('Failed to delete registration database: ' + e);
+                resolve();
+            };
+        });
+    }
+    openDatabase() {
+        const openReq = this.dbFactory.open(WebDeviceAuth.DB_NAME, WebDeviceAuth.DB_VERSION);
+        openReq.onupgradeneeded = (e) => {
+            const db = openReq.result;
+            this.log.debug('Registration not found, database is missing, initializing');
+            const store = db.createObjectStore(WebDeviceAuth.DB_STORE, { keyPath: 'namespace' });
+            store.transaction.oncomplete = (e) => {
+                this.log.trace('Store initialization completed');
+            };
+        };
+        return openReq;
+    }
+}
+WebDeviceAuth.DB_VERSION = 1;
+WebDeviceAuth.DB_NAME = 'ProveAuth';
+WebDeviceAuth.DB_STORE = 'Registrations';
+exports.default = WebDeviceAuth;

package/build/lib/proveauth/internal/web-platform.d.ts

@@ -0,0 +1,30 @@
+/// <reference types="webappsec-credential-management" />
+import { AuthenticatorBuilder } from '@prove-identity/mobile-auth';
+import Platform, { AuthSessionIntegration, MessageChannel, RequestSigner } from './platform';
+import WebDeviceAuth from './web-device-auth';
+export declare class WebSocketMessageChannel implements MessageChannel {
+    private readonly webSocket;
+    constructor(endpointUrl: string);
+    addEventListener(type: string, listener: (event: Event) => void): void;
+    send(data: string): void;
+    close(): void;
+}
+export declare class WebPlatform implements Platform {
+    readonly webauthn: {
+        getCredentials: (options?: CredentialRequestOptions) => Promise<CredentialType | null>;
+        createCredentials: (options: CredentialCreationOptions) => Promise<CredentialType | null>;
+    };
+    readonly deviceAuth: WebDeviceAuth;
+    getPlatformName(): string;
+    getUserAgent(): string | null;
+    isFidoSupported(): boolean;
+    fetch(input: string, init?: RequestInit): Promise<Response>;
+    createMessageChannel(endpointUrl: string): MessageChannel;
+    createRequestSigner(session: AuthSessionIntegration): RequestSigner;
+    private getBrowserName;
+    private getBrowserVersion;
+    getOSName(): string;
+    getDeviceCapabilities(): string[];
+    getMobileAuthBuilder(): AuthenticatorBuilder<any>;
+    exit(code?: number): void;
+}

package/build/lib/proveauth/internal/web-platform.js

@@ -0,0 +1,160 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WebPlatform = exports.WebSocketMessageChannel = void 0;
+const mobile_auth_1 = require("@prove-identity/mobile-auth");
+const platform_1 = require("./platform");
+const request_signer_v3_1 = __importDefault(require("./request-signer-v3"));
+const web_device_auth_1 = __importDefault(require("./web-device-auth"));
+class WebSocketMessageChannel {
+    constructor(endpointUrl) {
+        this.webSocket = new WebSocket(endpointUrl);
+    }
+    addEventListener(type, listener) {
+        this.webSocket.addEventListener(type, listener);
+    }
+    send(data) {
+        this.webSocket.send(data);
+    }
+    close() {
+        this.webSocket.close();
+    }
+}
+exports.WebSocketMessageChannel = WebSocketMessageChannel;
+class WebPlatform {
+    constructor() {
+        this.webauthn = {
+            getCredentials: (options) => {
+                return navigator.credentials.get(options);
+            },
+            createCredentials: (options) => {
+                return navigator.credentials.create(options);
+            },
+        };
+        this.deviceAuth = new web_device_auth_1.default(window.indexedDB);
+    }
+    getPlatformName() {
+        return `${this.getBrowserName()} ${this.getBrowserVersion()} on ${this.getOSName()}`;
+    }
+    getUserAgent() {
+        return navigator.userAgent;
+    }
+    isFidoSupported() {
+        return window.PublicKeyCredential != undefined;
+    }
+    fetch(input, init) {
+        return fetch(input, init);
+    }
+    createMessageChannel(endpointUrl) {
+        return new WebSocketMessageChannel(endpointUrl);
+    }
+    createRequestSigner(session) {
+        return new request_signer_v3_1.default(session);
+    }
+    getBrowserName() {
+        const agent = navigator.userAgent;
+        let browserName;
+        if (agent.indexOf('Firefox') > -1) {
+            browserName = 'Firefox';
+        }
+        else if (agent.indexOf('Opera') > -1 || agent.indexOf('OPR') > -1) {
+            browserName = 'Opera';
+        }
+        else if (agent.indexOf('DuckDuckGo') > -1) {
+            browserName = 'DuckDuckGo';
+        }
+        else if (agent.indexOf('SamsungBrowser') > -1) {
+            browserName = 'Samsung Browser';
+        }
+        else if (agent.indexOf('Trident') > -1) {
+            browserName = 'Internet Explorer';
+        }
+        else if (agent.indexOf('Edge') > -1) {
+            browserName = 'Edge';
+        }
+        else if (agent.indexOf('Chrome') > -1) {
+            browserName = 'Chrome';
+        }
+        else if (agent.indexOf('Safari') > -1) {
+            browserName = 'Safari';
+        }
+        else {
+            browserName = 'Unknown';
+        }
+        return browserName;
+    }
+    getBrowserVersion() {
+        const agent = navigator.userAgent;
+        const verRegex = /(?:Firefox|Opera|OPR|SamsungBrowser|DuckDuckGo|Internet Explorer|Edge|Chrome|Safari)[\/|\s](\d+(\.\d+)?)/i;
+        const matches = agent.match(verRegex);
+        return matches ? matches[1] : 'Unknown';
+    }
+    getOSName() {
+        const platform = navigator.platform;
+        const agent = navigator.userAgent;
+        let osName;
+        if (/Win/i.test(platform)) {
+            osName = 'Windows';
+            const matches = agent.match(/Win(?:dows )?NT (\d+\.\d+)/i);
+            if (matches) {
+                const windowsVersion = parseFloat(matches[1]);
+                if (windowsVersion === 11) {
+                    osName += ' 11';
+                }
+                else if (windowsVersion === 10) {
+                    osName += ' 10';
+                }
+                else if (windowsVersion === 6.3) {
+                    osName += ' 8.1';
+                }
+                else if (windowsVersion === 6.2) {
+                    osName += ' 8';
+                }
+                else if (windowsVersion === 6.1) {
+                    osName += ' 7';
+                }
+                else if (windowsVersion === 6.0) {
+                    osName += ' Vista';
+                }
+                else if (windowsVersion === 5.1 || windowsVersion === 5.2) {
+                    osName += ' XP';
+                }
+                else {
+                    osName += ' (Unknown Version)';
+                }
+            }
+        }
+        else if (platform.match(/Mac/i)) {
+            osName = 'Mac OS';
+            const matches = agent.match(/Mac OS X (\d+[_.]\d+([_.]\d+)?)/i);
+            if (matches) {
+                const macVersion = matches[1].replace(/_/g, '.');
+                osName += ' ' + macVersion;
+            }
+        }
+        else if (agent.match(/Android/i)) {
+            osName = 'Android';
+        }
+        else if (agent.match(/iOS|iPhone|iPad|iPod/i)) {
+            osName = 'iOS';
+        }
+        else if (platform.match(/Linux/i)) {
+            osName = 'Linux';
+        }
+        else {
+            osName = 'Unknown';
+        }
+        return osName;
+    }
+    getDeviceCapabilities() {
+        return this.isFidoSupported() ? [platform_1.DEVICE_CAPABILITY_WEBAUTHN] : [];
+    }
+    getMobileAuthBuilder() {
+        return new mobile_auth_1.AuthenticatorBuilder();
+    }
+    exit(code) {
+    }
+}
+exports.WebPlatform = WebPlatform;

package/build/lib/proveauth/otp.d.ts

@@ -0,0 +1,23 @@
+import AuthError from './internal/auth-error';
+import PhoneNumberInput, { PhoneNumberStep, PhoneNumberStepFn } from './internal/phone-number-input';
+export declare class OtpError extends AuthError {
+    constructor(message?: string, code?: number);
+}
+export type OtpStartInput = PhoneNumberInput;
+export type OtpStartStep = PhoneNumberStep;
+export type OtpStartStepFn = PhoneNumberStepFn;
+export declare enum OtpFinishResultType {
+    OnSuccess = 0,
+    OnResendOtp = 1
+}
+export interface OtpFinishResult {
+    resultType: OtpFinishResultType;
+    input?: OtpFinishInput;
+}
+export interface OtpFinishInput {
+    otp: string;
+}
+export interface OtpFinishStep {
+    execute: (otpError?: OtpError) => Promise<OtpFinishResult>;
+}
+export type OtpFinishStepFn = (otpError?: OtpError) => Promise<OtpFinishResult>;

package/build/lib/proveauth/otp.js

@@ -0,0 +1,18 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OtpFinishResultType = exports.OtpError = void 0;
+const auth_error_1 = __importDefault(require("./internal/auth-error"));
+class OtpError extends auth_error_1.default {
+    constructor(message, code) {
+        super(message, code);
+    }
+}
+exports.OtpError = OtpError;
+var OtpFinishResultType;
+(function (OtpFinishResultType) {
+    OtpFinishResultType[OtpFinishResultType["OnSuccess"] = 0] = "OnSuccess";
+    OtpFinishResultType[OtpFinishResultType["OnResendOtp"] = 1] = "OnResendOtp";
+})(OtpFinishResultType = exports.OtpFinishResultType || (exports.OtpFinishResultType = {}));

package/build/lib/proveauth/version.d.ts

@@ -0,0 +1,3 @@
+export declare const VERSION = "2.3.2";
+export declare const API_CONTRACT_VERSION = "2.7.0";
+export declare const USER_AGENT_VERSIONS: string;

package/build/lib/proveauth/version.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.USER_AGENT_VERSIONS = exports.API_CONTRACT_VERSION = exports.VERSION = void 0;
+exports.VERSION = '2.3.2';
+exports.API_CONTRACT_VERSION = '2.7.0';
+exports.USER_AGENT_VERSIONS = `ProveAuth/${exports.VERSION} Contract/${exports.API_CONTRACT_VERSION} WEB/1`;

package/package.json

@@ -0,0 +1,75 @@
+{
+  "name": "@prove-identity/prove-auth",
+  "version": "2.3.2",
+  "description": "Prove Auth SDK for Web",
+  "main": "build/lib/index.js",
+  "files": [
+    "LICENSE",
+    "README.md",
+    "build/lib/index.js",
+    "build/lib/index.js.map",
+    "build/lib/index.d.ts",
+    "build/lib/proveauth/**/*.js",
+    "build/lib/proveauth/**/*.js.map",
+    "build/lib/proveauth/**/*.d.ts"
+  ],
+  "types": "build/lib/index.d.ts",
+  "scripts": {
+    "clean": "rm -rf build && rm -f prove-auth-*.tgz",
+    "build": "tsc --build",
+    "doc": "typedoc --out build/doc src && tar -C build/doc -zcvf build/doc.tgz .",
+    "bundle": "webpack --config webpack.prod.config.js",
+    "bundle-dev": "webpack --config webpack.dev.config.js",
+    "watch-compile": "tsc --watch",
+    "watch-bundle": "webpack --watch",
+    "serve": "webpack serve --config webpack.dev.config.js",
+    "test": "webpack serve --config webpack.dev.config.js --open tests.html",
+    "test-with-node": "mocha --require init-test.js build/lib/tests",
+    "test-runner": "node build/lib/testrunner/main.js",
+    "dist": "npm run clean && npm run build && npm pack && npm run bundle && npm run bundle-dev && npm run doc",
+    "prepare": "husky install"
+  },
+  "lint-staged": {
+    "**/*": "prettier --check --ignore-unknown"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/prove-identity/prove-auth-client-web-sdk.git"
+  },
+  "author": "Prove Identity, Inc.",
+  "license": "CC BY-NC-ND 4.0",
+  "homepage": "https://www.prove.com/solutions/auth",
+  "devDependencies": {
+    "@babel/plugin-transform-modules-commonjs": "^7.21.5",
+    "@types/chai": "4.3.5",
+    "@types/jest": "^29.5.1",
+    "@types/mocha": "10.0.1",
+    "@types/react": "^18.2.6",
+    "@types/webappsec-credential-management": "^0.6.4",
+    "@types/ws": "^8.5.6",
+    "@typescript-eslint/eslint-plugin": "^6.1.0",
+    "@typescript-eslint/parser": "^6.1.0",
+    "cbor-x": "^1.5.4",
+    "chai": "4.3.7",
+    "eslint": "^8.41.0",
+    "eslint-config-prettier": "^8.8.0",
+    "eslint-plugin-prettier": "^4.2.1",
+    "eslint-plugin-react": "^7.32.2",
+    "husky": "^8.0.3",
+    "isomorphic-fetch": "3.0.0",
+    "lint-staged": "^13.2.2",
+    "mocha": "10.2.0",
+    "prettier": "^2.8.8",
+    "ts-loader": "9.4.3",
+    "typedoc": "^0.24.7",
+    "typescript": "^5.0.4",
+    "webpack": "5.83.1",
+    "webpack-cli": "5.1.1",
+    "webpack-dev-server": "4.15.0",
+    "webpack-node-externals": "3.0.0",
+    "ws": "^8.14.2"
+  },
+  "dependencies": {
+    "@prove-identity/mobile-auth": "^3.0.0"
+  }
+}