@rare-id/platform-kit-web 0.1.0 → 0.1.1

package/dist/index.d.ts

@@ -72,8 +72,7 @@ interface ChallengeStore {
     consume(nonce: string): Promise<AuthChallenge | null>;
 }
 interface ReplayStore {
-    has(key: string): Promise<boolean>;
-    put(key: string, expiresAt: number): Promise<void>;
+    claim(key: string, expiresAt: number): Promise<boolean>;
 }
 interface SessionStore {
     save(session: PlatformSession): Promise<void>;
@@ -110,8 +109,7 @@ declare class InMemoryChallengeStore implements ChallengeStore {
 }
 declare class InMemoryReplayStore implements ReplayStore {
     private readonly seen;
-    has(key: string): Promise<boolean>;
-    put(key: string, expiresAt: number): Promise<void>;
+    claim(key: string, expiresAt: number): Promise<boolean>;
     private cleanup;
 }
 declare class InMemorySessionStore implements SessionStore {

package/dist/index.js

@@ -121,10 +121,9 @@ function createRarePlatformKit(config) {
         throw new Error("delegation replay fields missing");
       }
       const delegationReplayKey = `delegation:${jti}`;
-      if (await config.replayStore.has(delegationReplayKey)) {
+      if (!await config.replayStore.claim(delegationReplayKey, exp)) {
         throw new Error("delegation token replay detected");
       }
-      await config.replayStore.put(delegationReplayKey, exp);
       const rawLevel = identityPayload.lvl;
       if (rawLevel !== "L0" && rawLevel !== "L1" && rawLevel !== "L2") {
         throw new Error("unsupported identity level");
@@ -189,10 +188,9 @@ function createRarePlatformKit(config) {
         );
       }
       const replayKey = `action:${session.sessionToken}:${input.nonce}`;
-      if (await config.replayStore.has(replayKey)) {
+      if (!await config.replayStore.claim(replayKey, input.expiresAt)) {
         throw new Error("action nonce already consumed");
       }
-      await config.replayStore.put(replayKey, input.expiresAt);
       const signingInput = buildActionPayload({
         aud: config.aud,
         sessionToken: session.sessionToken,
@@ -254,13 +252,14 @@ var InMemoryChallengeStore = class {
 };
 var InMemoryReplayStore = class {
   seen = /* @__PURE__ */ new Map();
-  async has(key) {
+  async claim(key, expiresAt) {
     this.cleanup();
-    return this.seen.has(key);
-  }
-  async put(key, expiresAt) {
+    if (this.seen.has(key)) {
+      return false;
+    }
     this.seen.set(key, expiresAt);
     this.cleanup();
+    return true;
   }
   cleanup() {
     const now = nowTs();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rare-id/platform-kit-web",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -14,19 +14,19 @@
     "dist"
   ],
   "sideEffects": false,
-  "license": "MIT",
+  "license": "Apache-2.0",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/0xsidfan/Rare.git",
-    "directory": "rare-platform-kit-ts/packages/platform-kit-web"
+    "url": "git+https://github.com/Rare-ID/Rare.git",
+    "directory": "packages/platform/ts/rare-platform-kit-ts/packages/platform-kit-web"
   },
   "publishConfig": {
     "access": "public",
     "provenance": false
   },
   "dependencies": {
-    "@rare-id/platform-kit-client": "0.1.0",
-    "@rare-id/platform-kit-core": "0.1.0"
+    "@rare-id/platform-kit-client": "0.1.1",
+    "@rare-id/platform-kit-core": "0.1.1"
   },
   "devDependencies": {
     "jose": "^6.0.8",