@qafka/react-native 2.0.0

package/dist/native/QafkaClipboard.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isClipboardAvailable = isClipboardAvailable;
+exports.setString = setString;
+const react_native_1 = require("react-native");
+const native = react_native_1.NativeModules.QafkaClipboard ?? null;
+function isClipboardAvailable() {
+    return native !== null;
+}
+async function setString(value) {
+    if (!native)
+        return;
+    await native.setString(value);
+}

package/dist/native/QafkaStorage.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Native storage module — persists key/value pairs in OS-level secure storage.
+ * iOS: Keychain Services with kSecAttrSynchronizable=false (no iCloud sync).
+ * Android: AndroidX EncryptedSharedPreferences (AES256_GCM).
+ *
+ * Uninstalling the host app deletes everything written here on both platforms.
+ */
+export interface QafkaStorageNative {
+    getItem(key: string): Promise<string | null>;
+    setItem(key: string, value: string): Promise<void>;
+    removeItem(key: string): Promise<void>;
+    multiRemove(keys: string[]): Promise<void>;
+}
+export declare function isStorageAvailable(): boolean;
+export declare function getNativeStorage(): QafkaStorageNative | null;

package/dist/native/QafkaStorage.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isStorageAvailable = isStorageAvailable;
+exports.getNativeStorage = getNativeStorage;
+const react_native_1 = require("react-native");
+const native = react_native_1.NativeModules.QafkaStorage ?? null;
+function isStorageAvailable() {
+    return native !== null;
+}
+function getNativeStorage() {
+    return native;
+}

package/dist/resolve-project-config.d.ts

@@ -0,0 +1,35 @@
+import type { RuntimeConfig } from './runtime-config-loader';
+/**
+ * Subset of `<Qafka />` props the resolver needs. Keeping this narrow lets
+ * the resolver stay pure and easy to test in isolation.
+ */
+export interface ProjectConfigProps {
+    apiUrl?: string;
+    projectId?: string;
+}
+export interface ResolvedProjectConfig {
+    apiKey: string | null;
+    apiUrl: string | undefined;
+}
+/**
+ * Resolve the development API key + backend URL the SDK should use.
+ *
+ * Only called in `__DEV__` builds; the call site is stripped from production
+ * bundles, so `qafka.config.js` never ships to production. Production builds
+ * authenticate without this config.
+ *
+ * Resolution order for `apiKey`:
+ *  1. `projectId` prop → `runtimeConfig.projects[projectId].developmentKey`.
+ *  2. `runtimeConfig.defaultProjectId` → that project's `developmentKey`.
+ *  3. `null` — caller may still proceed; backend falls back gracefully.
+ *
+ * Resolution order for `apiUrl`:
+ *  1. Explicit `apiUrl` prop.
+ *  2. `runtimeConfig.apiUrl`.
+ *  3. `undefined` — the downstream `BackendService` applies the SDK default.
+ *
+ * Throws a `RangeError` when an explicit `projectId` does not exist in the
+ * runtime config — that is always a developer mistake and silently falling
+ * back to the default would mask the typo.
+ */
+export declare function resolveProjectConfig(props: ProjectConfigProps, runtimeConfig: RuntimeConfig | null): ResolvedProjectConfig;

package/dist/resolve-project-config.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveProjectConfig = resolveProjectConfig;
+/**
+ * Resolve the development API key + backend URL the SDK should use.
+ *
+ * Only called in `__DEV__` builds; the call site is stripped from production
+ * bundles, so `qafka.config.js` never ships to production. Production builds
+ * authenticate without this config.
+ *
+ * Resolution order for `apiKey`:
+ *  1. `projectId` prop → `runtimeConfig.projects[projectId].developmentKey`.
+ *  2. `runtimeConfig.defaultProjectId` → that project's `developmentKey`.
+ *  3. `null` — caller may still proceed; backend falls back gracefully.
+ *
+ * Resolution order for `apiUrl`:
+ *  1. Explicit `apiUrl` prop.
+ *  2. `runtimeConfig.apiUrl`.
+ *  3. `undefined` — the downstream `BackendService` applies the SDK default.
+ *
+ * Throws a `RangeError` when an explicit `projectId` does not exist in the
+ * runtime config — that is always a developer mistake and silently falling
+ * back to the default would mask the typo.
+ */
+function resolveProjectConfig(props, runtimeConfig) {
+    const apiUrl = props.apiUrl ?? runtimeConfig?.apiUrl ?? undefined;
+    if (props.projectId) {
+        const entry = runtimeConfig?.projects[props.projectId];
+        if (!entry) {
+            throw new RangeError(`Qafka: projectId "${props.projectId}" is not registered in qafka.config.js. ` +
+                'Run `qafka project` to add it.');
+        }
+        return { apiKey: entry.developmentKey ?? null, apiUrl };
+    }
+    const defaultId = runtimeConfig?.defaultProjectId;
+    if (defaultId) {
+        const entry = runtimeConfig?.projects[defaultId];
+        return { apiKey: entry?.developmentKey ?? null, apiUrl };
+    }
+    return { apiKey: null, apiUrl };
+}

package/dist/runtime-config-loader.d.ts

@@ -0,0 +1,37 @@
+/**
+ * Per-project entry in `qafka.config.js`. The SDK only consumes
+ * `developmentKey`; the CLI may add more fields later.
+ */
+export interface RuntimeProjectEntry {
+    /** The project's TEST API key, used by the SDK in dev builds. */
+    developmentKey?: string;
+}
+/**
+ * Contract shipped by the CLI in `node_modules/@qafka/react-native/qafka.config.js`.
+ * The package ships a placeholder version of this file so Metro can always
+ * resolve the import; the CLI overwrites it with real values on the
+ * consumer's machine.
+ */
+export interface RuntimeConfig {
+    /** Project the SDK uses when mounted without an explicit `projectId`. */
+    defaultProjectId?: string;
+    /** Backend base URL override (without `/api/v1` suffix). */
+    apiUrl?: string;
+    /** Every registered project, keyed by project id. */
+    projects: Record<string, RuntimeProjectEntry>;
+}
+/**
+ * Narrow a value returned by `require('../qafka.config')` into a
+ * `RuntimeConfig`. Exported separately so it can be unit-tested without
+ * filesystem coupling.
+ */
+export declare function normalizeRuntimeConfig(raw: unknown): RuntimeConfig | null;
+/**
+ * Load the runtime config bundled with the SDK package. The path resolves
+ * at compile time to `node_modules/@qafka/react-native/qafka.config.js`
+ * on the consumer's machine — a placeholder ships with the package so this
+ * `require` always succeeds, and the CLI overwrites it with real values on
+ * `qafka init`. Returns `null` only if the require throws (e.g. the
+ * placeholder was somehow removed).
+ */
+export declare function loadRuntimeConfig(): RuntimeConfig | null;

package/dist/runtime-config-loader.js

@@ -0,0 +1,53 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeRuntimeConfig = normalizeRuntimeConfig;
+exports.loadRuntimeConfig = loadRuntimeConfig;
+/**
+ * Narrow a value returned by `require('../qafka.config')` into a
+ * `RuntimeConfig`. Exported separately so it can be unit-tested without
+ * filesystem coupling.
+ */
+function normalizeRuntimeConfig(raw) {
+    if (!raw || typeof raw !== 'object')
+        return null;
+    const obj = raw;
+    const projectsRaw = obj.projects;
+    const projects = {};
+    if (projectsRaw && typeof projectsRaw === 'object') {
+        for (const [id, value] of Object.entries(projectsRaw)) {
+            if (value && typeof value === 'object') {
+                const entry = value;
+                const developmentKey = typeof entry.developmentKey === 'string' ? entry.developmentKey : undefined;
+                projects[id] = developmentKey !== undefined ? { developmentKey } : {};
+            }
+        }
+    }
+    const out = { projects };
+    if (typeof obj.defaultProjectId === 'string') {
+        out.defaultProjectId = obj.defaultProjectId;
+    }
+    if (typeof obj.apiUrl === 'string') {
+        out.apiUrl = obj.apiUrl;
+    }
+    return out;
+}
+/**
+ * Load the runtime config bundled with the SDK package. The path resolves
+ * at compile time to `node_modules/@qafka/react-native/qafka.config.js`
+ * on the consumer's machine — a placeholder ships with the package so this
+ * `require` always succeeds, and the CLI overwrites it with real values on
+ * `qafka init`. Returns `null` only if the require throws (e.g. the
+ * placeholder was somehow removed).
+ */
+function loadRuntimeConfig() {
+    try {
+        // The compiled output of this file lives at `dist/runtime-config-loader.js`,
+        // so `../qafka.config` resolves to the package-root file.
+        // eslint-disable-next-line @typescript-eslint/no-var-requires
+        const raw = require('../qafka.config');
+        return normalizeRuntimeConfig(raw);
+    }
+    catch {
+        return null;
+    }
+}

package/dist/services/AttestationManager.d.ts

@@ -0,0 +1,38 @@
+interface AttestationConfig {
+    apiUrl: string;
+    apiKey: string | null;
+    debug?: boolean;
+}
+export declare class AttestationManager {
+    private config;
+    private sessionToken;
+    private keyId;
+    constructor(config: AttestationConfig);
+    private log;
+    initialize(): Promise<void>;
+    private initializeIos;
+    private performIosAttestation;
+    private performIosAssertion;
+    private initializeAndroid;
+    private performAndroidAttestation;
+    getSessionToken(): Promise<string | null>;
+    /**
+     * Force a session token refresh. iOS tries the lightweight assertion path
+     * first (single signature, no cert chain) and falls back to a full
+     * re-attestation if the assertion is rejected — in some environments a
+     * stored attestation public key occasionally fails server-side signature
+     * verification. Full re-attestation always recovers because the cert chain
+     * is re-validated from scratch.
+     *
+     * Called by BackendService when the backend signals budget exhaustion or
+     * imminent token expiry via response headers.
+     */
+    refresh(): Promise<string | null>;
+    private refreshSession;
+    isDevBypass(): boolean;
+    private getHeaders;
+    private requestChallenge;
+    private submitAttestation;
+    reset(): Promise<void>;
+}
+export {};

package/dist/services/AttestationManager.js

@@ -0,0 +1,296 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AttestationManager = void 0;
+const react_native_1 = require("react-native");
+const storage_1 = require("./storage");
+const NativeAttestation = __importStar(require("../native/QafkaAttestation"));
+const QafkaAttestation_1 = require("../native/QafkaAttestation");
+const STORAGE_KEY_ID = '@qafka/attestation_key_id';
+class AttestationManager {
+    config;
+    sessionToken = null;
+    keyId = null;
+    constructor(config) {
+        this.config = config;
+    }
+    // Production: log basic state only. Verbose details (URLs, endpoint paths)
+    // are gated behind `__DEV__` or `config.debug` to keep release-build logs
+    // minimal.
+    log(message, verboseMessage) {
+        const verbose = this.config.debug || __DEV__;
+        console.warn(verbose && verboseMessage ? verboseMessage : message);
+    }
+    async initialize() {
+        const moduleLinked = (0, QafkaAttestation_1.isAttestationAvailable)();
+        // Diagnostic logs are intentionally NOT __DEV__-gated. Init is a once-per-
+        // session event; surfacing the path taken in Xcode device console / logcat
+        // is essential for diagnosing release-build failures where the JS-side
+        // error overlay only shows a generic "App configuration error".
+        this.log(`[Qafka:init] platform=${react_native_1.Platform.OS} moduleLinked=${moduleLinked}`, `[Qafka:init] platform=${react_native_1.Platform.OS} url=${this.config.apiUrl} moduleLinked=${moduleLinked}`);
+        const supported = await NativeAttestation.isSupported();
+        this.log(`[Qafka:init] isSupported=${supported}`);
+        if (!supported) {
+            const reason = !moduleLinked
+                ? `the QafkaAttestation native module is not registered (rebuild your app after installing the SDK)`
+                : `this device does not support attestation (Android 8.0+ / iOS 14+ required)`;
+            if (__DEV__) {
+                console.warn(`[Qafka] Attestation unavailable in this dev environment (${reason}). ` +
+                    `Continuing without it; see the Qafka docs for local development setup.`);
+                this.sessionToken = { token: 'dev-bypass', expiresAt: Date.now() + 30 * 60 * 1000 };
+                return;
+            }
+            throw new Error(`Device attestation is not supported: ${reason}.`);
+        }
+        try {
+            if (react_native_1.Platform.OS === 'ios') {
+                await this.initializeIos();
+            }
+            else if (react_native_1.Platform.OS === 'android') {
+                await this.initializeAndroid();
+            }
+            this.log('[Qafka:init] attestation OK, session token acquired');
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            this.log(`[Qafka:init] attestation FAILED: ${msg}`);
+            throw err;
+        }
+    }
+    async initializeIos() {
+        this.keyId = await storage_1.storage.getItem(STORAGE_KEY_ID);
+        if (!this.keyId) {
+            this.keyId = await NativeAttestation.generateKey();
+            await storage_1.storage.setItem(STORAGE_KEY_ID, this.keyId);
+        }
+        // Always perform a fresh attestation at session start. Lighter
+        // assertions (`performIosAssertion`) are used later to refresh expired
+        // tokens within the same session.
+        try {
+            await this.performIosAttestation();
+        }
+        catch (err) {
+            // Self-heal ONLY when the failure looks like a stale local key (the
+            // stored keyId references a native key the OS no longer recognises —
+            // reinstall, OS reset, pruned key, etc.).
+            //
+            // Recover from native key/attestation errors only, NEVER from
+            // server-side rejections: a server error means the local key is fine,
+            // so regenerating it would not help. DeviceCheck surfaces stale-key
+            // conditions via `com.apple.devicecheck.error` and Android Keystore via
+            // an opaque KeystoreException, so we match those framework prefixes in
+            // addition to the English heuristic.
+            const msg = err instanceof Error ? err.message : String(err);
+            const looksLikeStaleNativeKey = !/HTTP|\b401\b|\b403\b|\b404\b|\b5\d\d\b|app not registered|app_not_registered|fetch|network/i.test(msg) &&
+                (/invalid|not found|unknown|key|attestation/i.test(msg) ||
+                    /com\.apple\.devicecheck\.error/i.test(msg) ||
+                    /android\.security\.keystore/i.test(msg));
+            if (!looksLikeStaleNativeKey) {
+                this.log(`[Qafka:init] attestation failed (no key regeneration — not a stale-key signature): ${msg}`);
+                throw err;
+            }
+            this.log(`[Qafka:init] initial attestation failed (${msg}), regenerating key and retrying once`);
+            await storage_1.storage.removeItem(STORAGE_KEY_ID);
+            this.keyId = await NativeAttestation.generateKey();
+            await storage_1.storage.setItem(STORAGE_KEY_ID, this.keyId);
+            await this.performIosAttestation();
+        }
+    }
+    async performIosAttestation() {
+        const challenge = await this.requestChallenge('ios');
+        const attestationData = await NativeAttestation.attestKey(this.keyId, challenge);
+        const response = await this.submitAttestation({
+            platform: 'ios',
+            attestationData,
+            keyId: this.keyId,
+            challenge,
+        });
+        this.sessionToken = {
+            token: response.sessionToken,
+            expiresAt: Date.now() + response.expiresIn * 1000,
+        };
+    }
+    async performIosAssertion() {
+        const challenge = await this.requestChallenge('ios');
+        const assertionData = await NativeAttestation.generateAssertion(this.keyId, challenge);
+        const response = await this.submitAttestation({
+            platform: 'ios',
+            attestationData: assertionData,
+            keyId: this.keyId,
+            challenge,
+            isAssertion: true,
+        });
+        this.sessionToken = {
+            token: response.sessionToken,
+            expiresAt: Date.now() + response.expiresIn * 1000,
+        };
+    }
+    async initializeAndroid() {
+        await this.performAndroidAttestation();
+    }
+    async performAndroidAttestation() {
+        const challenge = await this.requestChallenge('android');
+        await NativeAttestation.generateKeyPair('qafka_attest', challenge);
+        const certChain = await NativeAttestation.getAttestationCertChain('qafka_attest');
+        const response = await this.submitAttestation({
+            platform: 'android',
+            certChain,
+            challenge,
+        });
+        this.sessionToken = {
+            token: response.sessionToken,
+            expiresAt: Date.now() + response.expiresIn * 1000,
+        };
+    }
+    async getSessionToken() {
+        if (this.sessionToken?.token === 'dev-bypass')
+            return null;
+        if (this.sessionToken && Date.now() < this.sessionToken.expiresAt - 60_000) {
+            return this.sessionToken.token;
+        }
+        try {
+            await this.refreshSession();
+            return this.sessionToken?.token || null;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Force a session token refresh. iOS tries the lightweight assertion path
+     * first (single signature, no cert chain) and falls back to a full
+     * re-attestation if the assertion is rejected — in some environments a
+     * stored attestation public key occasionally fails server-side signature
+     * verification. Full re-attestation always recovers because the cert chain
+     * is re-validated from scratch.
+     *
+     * Called by BackendService when the backend signals budget exhaustion or
+     * imminent token expiry via response headers.
+     */
+    async refresh() {
+        if (this.isDevBypass())
+            return null;
+        try {
+            await this.refreshSession();
+            return this.sessionToken?.token ?? null;
+        }
+        catch (err) {
+            this.log(`[Qafka:init] session refresh failed: ${err instanceof Error ? err.message : String(err)}`);
+            return null;
+        }
+    }
+    async refreshSession() {
+        if (react_native_1.Platform.OS === 'android') {
+            await this.performAndroidAttestation();
+            return;
+        }
+        try {
+            await this.performIosAssertion();
+        }
+        catch (assertionErr) {
+            // Lightweight assertion failed — fall back to a full attestation so a
+            // single bad assertion does not break the chat surface. The heavy path
+            // re-validates the cert chain and stores a fresh attestation row, which
+            // also clears any drift between client and server interpretation of
+            // the existing key.
+            this.log(`[Qafka:init] iOS assertion failed (${assertionErr instanceof Error ? assertionErr.message : String(assertionErr)}), falling back to full attestation`);
+            await this.initializeIos();
+        }
+    }
+    isDevBypass() {
+        return this.sessionToken?.token === 'dev-bypass';
+    }
+    getHeaders() {
+        const headers = {
+            'Content-Type': 'application/json',
+        };
+        if (this.config.apiKey) {
+            headers['x-api-key'] = this.config.apiKey;
+        }
+        return headers;
+    }
+    async requestChallenge(platform) {
+        const url = `${this.config.apiUrl}/attest/challenge`;
+        this.log('[Qafka:init] challenge request', `[Qafka:init] POST ${url}`);
+        let response;
+        try {
+            response = await fetch(url, {
+                method: 'POST',
+                headers: this.getHeaders(),
+                body: JSON.stringify({ platform }),
+            });
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            this.log(`[Qafka:init] challenge fetch threw: ${msg}`);
+            throw err;
+        }
+        this.log(`[Qafka:init] challenge status=${response.status}`);
+        if (!response.ok) {
+            throw new Error(`Challenge request failed: ${response.status}`);
+        }
+        const data = await response.json();
+        return data.challenge;
+    }
+    async submitAttestation(body) {
+        const url = `${this.config.apiUrl}/attest`;
+        this.log('[Qafka:init] attest submit', `[Qafka:init] POST ${url} isAssertion=${body.isAssertion ?? false}`);
+        let response;
+        try {
+            response = await fetch(url, {
+                method: 'POST',
+                headers: this.getHeaders(),
+                body: JSON.stringify(body),
+            });
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            this.log(`[Qafka:init] attest fetch threw: ${msg}`);
+            throw err;
+        }
+        this.log(`[Qafka:init] attest status=${response.status}`);
+        if (!response.ok) {
+            const errorData = await response.json().catch(() => ({}));
+            throw new Error(`Attestation failed: ${response.status} — ${errorData.message || errorData.error || 'Unknown error'}`);
+        }
+        return response.json();
+    }
+    async reset() {
+        this.sessionToken = null;
+        this.keyId = null;
+        await storage_1.storage.removeItem(STORAGE_KEY_ID);
+    }
+}
+exports.AttestationManager = AttestationManager;