@rockerone/xprnkit 0.3.11 → 0.4.0

package/build/services/identity-proof/types.d.ts

@@ -1,82 +0,0 @@
-import type { LinkSession } from "@proton/web-sdk";
-/**
- * Signer information for identity proof
- */
-export type IdentityProofSigner = {
-    actor: string;
-    permission: string;
-    /** Public key (optional - not available for browser/WebAuth wallets) */
-    publicKey?: string;
-};
-/**
- * Identity proof generated from wallet signing
- */
-export type IdentityProof = {
-    signer: IdentityProofSigner;
-    transaction: any;
-    signatures: string[];
-    chainId: string;
-};
-/**
- * Result of identity proof verification
- */
-export type IdentityProofResult<T = any> = {
-    proof: IdentityProof;
-    response: T;
-};
-/**
- * Configuration for identity proof (used in XPRProviderConfig.identityProof)
- */
-export type IdentityProofConfig = {
-    /** URL for creating identity proof (sign + verify) */
-    createUrl: string;
-    /** URL for validating existing tokens (optional - if not provided, tokens won't be validated) */
-    validationUrl?: string;
-    /** Time in seconds before expiration to trigger validation (default: 300 = 5 minutes) */
-    validationBuffer?: number;
-    /** Automatically re-authenticate when token expires (default: false) */
-    autoReauthenticate?: boolean;
-    /** Additional headers for identity proof requests */
-    headers?: Record<string, string>;
-    /** Request timeout in milliseconds */
-    timeout?: number;
-};
-/**
- * Legacy config type for backwards compatibility
- * @deprecated Use IdentityProofConfig instead
- */
-export type LegacyIdentityProofConfig = {
-    authenticationUrl: string;
-    headers?: Record<string, string>;
-    timeout?: number;
-};
-/**
- * Status of identity proof process
- */
-export type IdentityProofStatus = "idle" | "signing" | "verifying" | "validating" | "success" | "expired" | "error";
-/**
- * Options for useIdentityProof hook
- */
-export type UseIdentityProofOptions = {
-    session: LinkSession | null;
-    config?: IdentityProofConfig;
-    onSuccess?: (result: IdentityProofResult) => void;
-    onError?: (error: Error) => void;
-};
-/**
- * Return type for useIdentityProof hook
- */
-export type UseIdentityProofReturn = {
-    /** Trigger authentication flow */
-    authenticate: () => Promise<IdentityProofResult | null>;
-    /** Current status of the authentication process */
-    status: IdentityProofStatus;
-    /** Error if authentication failed */
-    error: Error | null;
-    /** Result if authentication succeeded */
-    result: IdentityProofResult | null;
-    /** Reset state to idle */
-    reset: () => void;
-    /** Convenience boolean for loading states */
-    isAuthenticating: boolean;
-};

package/build/services/identity-proof/use-identity-proof.d.ts

@@ -1,38 +0,0 @@
-import type { UseIdentityProofOptions, UseIdentityProofReturn } from "./types";
-/**
- * React hook for identity proof authentication.
- *
- * This is the primary API for authentication in XPRNKit.
- * It combines wallet signing and backend verification into a single flow
- * with state management, duplicate prevention, and cleanup handling.
- *
- * @param options - Configuration options
- * @returns Object with authenticate function and state
- *
- * @example
- * ```tsx
- * function AuthButton() {
- *   const { session } = useXPRN();
- *   const {
- *     authenticate,
- *     status,
- *     error,
- *     isAuthenticating
- *   } = useIdentityProof({
- *     session,
- *     config: { authenticationUrl: '/api/auth' },
- *     onSuccess: (result) => console.log('Authenticated!', result),
- *   });
- *
- *   return (
- *     <button onClick={authenticate} disabled={isAuthenticating}>
- *       {status === 'signing' && 'Sign in wallet...'}
- *       {status === 'verifying' && 'Verifying...'}
- *       {status === 'idle' && 'Authenticate'}
- *       {status === 'error' && 'Retry'}
- *     </button>
- *   );
- * }
- * ```
- */
-export declare function useIdentityProof(options: UseIdentityProofOptions): UseIdentityProofReturn;

package/build/services/identity-proof/use-identity-proof.js

@@ -1,145 +0,0 @@
-"use client";
-import { useCallback, useEffect, useRef, useState } from "react";
-import { createIdentityProof } from "./create-identity-proof";
-import { verifyIdentityProof } from "./verify-identity-proof";
-/**
- * React hook for identity proof authentication.
- *
- * This is the primary API for authentication in XPRNKit.
- * It combines wallet signing and backend verification into a single flow
- * with state management, duplicate prevention, and cleanup handling.
- *
- * @param options - Configuration options
- * @returns Object with authenticate function and state
- *
- * @example
- * ```tsx
- * function AuthButton() {
- *   const { session } = useXPRN();
- *   const {
- *     authenticate,
- *     status,
- *     error,
- *     isAuthenticating
- *   } = useIdentityProof({
- *     session,
- *     config: { authenticationUrl: '/api/auth' },
- *     onSuccess: (result) => console.log('Authenticated!', result),
- *   });
- *
- *   return (
- *     <button onClick={authenticate} disabled={isAuthenticating}>
- *       {status === 'signing' && 'Sign in wallet...'}
- *       {status === 'verifying' && 'Verifying...'}
- *       {status === 'idle' && 'Authenticate'}
- *       {status === 'error' && 'Retry'}
- *     </button>
- *   );
- * }
- * ```
- */
-export function useIdentityProof(options) {
-    const { session, config, onSuccess, onError } = options;
-    // State
-    const [status, setStatus] = useState("idle");
-    const [error, setError] = useState(null);
-    const [result, setResult] = useState(null);
-    // Refs for cleanup and duplicate prevention
-    const abortControllerRef = useRef(null);
-    const isAuthenticatingRef = useRef(false);
-    // Cleanup on unmount
-    useEffect(() => {
-        return () => {
-            abortControllerRef.current?.abort();
-        };
-    }, []);
-    // Reset function
-    const reset = useCallback(() => {
-        abortControllerRef.current?.abort();
-        abortControllerRef.current = null;
-        isAuthenticatingRef.current = false;
-        setStatus("idle");
-        setError(null);
-        setResult(null);
-    }, []);
-    // Main authenticate function
-    const authenticate = useCallback(async () => {
-        // Validate inputs
-        if (!session) {
-            const err = new Error("No session available for authentication");
-            setError(err);
-            setStatus("error");
-            onError?.(err);
-            return null;
-        }
-        // Support both new (createUrl) and legacy (authenticationUrl) config
-        const createUrl = config?.createUrl ?? config?.authenticationUrl;
-        if (!createUrl) {
-            const err = new Error("Identity proof URL not configured");
-            setError(err);
-            setStatus("error");
-            onError?.(err);
-            return null;
-        }
-        // Prevent duplicate requests
-        if (isAuthenticatingRef.current) {
-            const err = new Error("Authentication already in progress");
-            onError?.(err);
-            return null;
-        }
-        // Cancel any previous request
-        abortControllerRef.current?.abort();
-        const abortController = new AbortController();
-        abortControllerRef.current = abortController;
-        isAuthenticatingRef.current = true;
-        try {
-            // Step 1: Sign with wallet
-            setStatus("signing");
-            setError(null);
-            const proof = await createIdentityProof(session, {
-                signal: abortController.signal,
-            });
-            // Step 2: Verify with backend
-            setStatus("verifying");
-            const response = await verifyIdentityProof(proof, { createUrl, headers: config?.headers }, {
-                signal: abortController.signal,
-            });
-            // Success
-            const identityResult = {
-                proof,
-                response,
-            };
-            setResult(identityResult);
-            setStatus("success");
-            onSuccess?.(identityResult);
-            return identityResult;
-        }
-        catch (err) {
-            // Handle abort silently
-            if (err instanceof Error && err.name === "AbortError") {
-                setStatus("idle");
-                return null;
-            }
-            // Handle other errors
-            const error = err instanceof Error ? err : new Error(String(err));
-            setError(error);
-            setStatus("error");
-            onError?.(error);
-            return null;
-        }
-        finally {
-            isAuthenticatingRef.current = false;
-            if (abortControllerRef.current === abortController) {
-                abortControllerRef.current = null;
-            }
-        }
-    }, [session, config, onSuccess, onError]);
-    return {
-        authenticate,
-        status,
-        error,
-        result,
-        reset,
-        isAuthenticating: status === "signing" || status === "verifying",
-    };
-}

package/build/services/identity-proof/validate-identity-proof.d.ts

@@ -1,51 +0,0 @@
-/**
- * Validate an existing identity proof token with the backend.
- *
- * This is used to extend/refresh a token that is approaching expiration
- * without requiring a new wallet signature.
- */
-export type ValidateIdentityProofOptions = {
-    /** The validation endpoint URL */
-    validationUrl: string;
-    /** The token to validate */
-    token: string;
-    /** Additional headers for the request */
-    headers?: Record<string, string>;
-    /** AbortSignal for cancellation */
-    signal?: AbortSignal;
-    /** Request timeout in milliseconds */
-    timeout?: number;
-};
-export type ValidateIdentityProofResult = {
-    /** Whether the token is valid */
-    valid: boolean;
-    /** New token if refreshed, otherwise the original token */
-    token?: string;
-    /** Error message if validation failed */
-    error?: string;
-};
-/**
- * Validates an identity proof token with the backend.
- *
- * The backend should check if the token is still valid and optionally
- * return a refreshed token with extended expiration.
- *
- * @param options - Validation options
- * @returns Promise resolving to validation result
- *
- * @example
- * ```typescript
- * const result = await validateIdentityProof({
- *   validationUrl: '/api/auth/validate',
- *   token: 'eyJhbGci...',
- * });
- *
- * if (result.valid) {
- *   // Token is still valid (or was refreshed)
- *   const activeToken = result.token || originalToken;
- * } else {
- *   // Need full re-authentication
- * }
- * ```
- */
-export declare function validateIdentityProof(options: ValidateIdentityProofOptions): Promise<ValidateIdentityProofResult>;

package/build/services/identity-proof/validate-identity-proof.js

@@ -1,93 +0,0 @@
-/**
- * Validate an existing identity proof token with the backend.
- *
- * This is used to extend/refresh a token that is approaching expiration
- * without requiring a new wallet signature.
- */
-/**
- * Validates an identity proof token with the backend.
- *
- * The backend should check if the token is still valid and optionally
- * return a refreshed token with extended expiration.
- *
- * @param options - Validation options
- * @returns Promise resolving to validation result
- *
- * @example
- * ```typescript
- * const result = await validateIdentityProof({
- *   validationUrl: '/api/auth/validate',
- *   token: 'eyJhbGci...',
- * });
- *
- * if (result.valid) {
- *   // Token is still valid (or was refreshed)
- *   const activeToken = result.token || originalToken;
- * } else {
- *   // Need full re-authentication
- * }
- * ```
- */
-export async function validateIdentityProof(options) {
-    const { validationUrl, token, headers, signal, timeout } = options;
-    // Check for abort before starting
-    if (signal?.aborted) {
-        throw new DOMException("Aborted", "AbortError");
-    }
-    // Create abort controller for timeout
-    const controller = new AbortController();
-    const timeoutId = timeout
-        ? setTimeout(() => controller.abort(), timeout)
-        : null;
-    // Link external signal to controller
-    if (signal) {
-        signal.addEventListener("abort", () => controller.abort());
-    }
-    try {
-        const response = await fetch(validationUrl, {
-            method: "POST",
-            headers: {
-                "Content-Type": "application/json",
-                Authorization: `Bearer ${token}`,
-                ...headers,
-            },
-            body: JSON.stringify({ token }),
-            signal: controller.signal,
-        });
-        if (timeoutId) {
-            clearTimeout(timeoutId);
-        }
-        // Check for abort after fetch
-        if (signal?.aborted) {
-            throw new DOMException("Aborted", "AbortError");
-        }
-        // Handle response
-        if (response.ok) {
-            const data = await response.json();
-            return {
-                valid: true,
-                token: data.token || token, // Use new token if provided, else keep original
-            };
-        }
-        // Non-OK response means invalid
-        const errorText = await response.text().catch(() => "Validation failed");
-        return {
-            valid: false,
-            error: errorText,
-        };
-    }
-    catch (err) {
-        if (timeoutId) {
-            clearTimeout(timeoutId);
-        }
-        // Re-throw abort errors
-        if (err instanceof Error && err.name === "AbortError") {
-            throw err;
-        }
-        // Return invalid for other errors
-        return {
-            valid: false,
-            error: err instanceof Error ? err.message : "Validation request failed",
-        };
-    }
-}

package/build/utils/auth-storage.d.ts

@@ -1,126 +0,0 @@
-/**
- * Identity proof storage utilities for XPRNKit
- *
- * Stores all session entries in a single array per dApp for easy listing.
- * For production apps, consider using more secure methods like httpOnly cookies or server-side sessions.
- */
-import { LinkChannelSessionData, SerializedLinkSession } from "@proton/link";
-import { XPRNProfile } from "providers/XPRNProvider";
-/**
- * Single session entry stored in the array
- */
-export interface SessionStorageEntry {
-    auth: {
-        actor: string;
-        permission: string;
-    };
-    chainId: string;
-    profile: XPRNProfile;
-    /** Identity proof token (JWT) from authentication */
-    identityProofToken: string | null;
-}
-/**
- * @deprecated Use SessionStorageEntry instead
- */
-export type AuthStorageEntry = SessionStorageEntry;
-/**
- * Session reference from proton-web-sdk storage
- */
-export interface StoredSessionRef {
-    auth: {
-        actor: string;
-        permission: string;
-    };
-    chainId: string;
-}
-/**
- * Session storage helper for client-side persistence
- * All session entries are stored in a single array for easy listing
- */
-export declare const sessionStorage: {
-    /**
-     * List all stored session entries for a dApp
-     * Use this to build UI components that display stored sessions
-     */
-    list: (dAppName: string) => SessionStorageEntry[];
-    /**
-     * Get a specific session entry
-     */
-    get: (dAppName: string, auth: {
-        actor: string;
-        permission: string;
-    }, chainId: string) => SessionStorageEntry | null;
-    /**
-     * Save or update a session entry
-     */
-    save: (dAppName: string, entry: SessionStorageEntry) => void;
-    /**
-     * Remove a specific session entry
-     */
-    remove: (dAppName: string, auth: {
-        actor: string;
-        permission: string;
-    }, chainId: string) => void;
-    /**
-     * Update only the identity proof token for an existing entry
-     */
-    updateIdentityProofToken: (dAppName: string, auth: {
-        actor: string;
-        permission: string;
-    }, chainId: string, token: string | null) => void;
-    /**
-     * Clear all session entries for a dApp
-     */
-    clear: (dAppName: string) => void;
-    /**
-     * Get list of sessions stored by proton-web-sdk
-     */
-    getLinkList: (dAppName: string) => StoredSessionRef[];
-    /**
-     * Get link session data from proton-web-sdk storage
-     */
-    getLink: (dAppName: string, auth: string, chainId: string) => LinkChannelSessionData | null;
-    /**
-     * Get serialized session data for restoration
-     */
-    getSerializedSession: (dAppName: string, auth: string, chainId: string) => SerializedLinkSession | null;
-};
-/**
- * @deprecated Use sessionStorage instead
- * Legacy authentication storage helper for backwards compatibility
- */
-export declare const authStorage: {
-    /** @deprecated Use sessionStorage.list instead */
-    listAuth: (dAppName: string) => SessionStorageEntry[];
-    /** @deprecated Use sessionStorage.get instead */
-    getAuth: (dAppName: string, auth: {
-        actor: string;
-        permission: string;
-    }, chainId: string) => SessionStorageEntry | null;
-    /** @deprecated Use sessionStorage.save instead */
-    saveAuth: (dAppName: string, entry: SessionStorageEntry) => void;
-    /** @deprecated Use sessionStorage.remove instead */
-    removeAuth: (dAppName: string, auth: {
-        actor: string;
-        permission: string;
-    }, chainId: string) => void;
-    /** @deprecated Use sessionStorage.updateIdentityProofToken instead */
-    updateIdentityProofToken: (dAppName: string, auth: {
-        actor: string;
-        permission: string;
-    }, chainId: string, token: string | null) => void;
-    /** @deprecated Use sessionStorage.updateIdentityProofToken instead */
-    updateAuthToken: (dAppName: string, auth: {
-        actor: string;
-        permission: string;
-    }, chainId: string, authToken: string | null) => void;
-    /** @deprecated Use sessionStorage.clear instead */
-    clearAuth: (dAppName: string) => void;
-    /** @deprecated Use sessionStorage.getLinkList instead */
-    getLinkList: (dAppName: string) => StoredSessionRef[];
-    /** @deprecated Use sessionStorage.getLink instead */
-    getLink: (dAppName: string, auth: string, chainId: string) => LinkChannelSessionData | null;
-    /** @deprecated Use sessionStorage.getSerializedSession instead */
-    getSerializedSession: (dAppName: string, auth: string, chainId: string) => SerializedLinkSession | null;
-};
-export type AuthStorageData = AuthStorageEntry;