@savant-realms/federated-auth-realm-sdk-ts-js 0.4.1

package/README.md

@@ -0,0 +1,120 @@
+# Federated Auth Realm TS/JS SDK
+
+A comprehensive TypeScript/JavaScript SDK for the Federated Auth Realm, enabling easy integration of multi-app authentication and authorization.
+
+## Features
+
+- **Built-in Session Management**: Handles `accessToken` and `refreshToken` automatically.
+- **Axios Interceptors**: Automatically injects Bearer tokens and handles token refresh logic (401 response).
+- **Universal Storage**: Support for `LocalStorage` (browser) and `MemoryStorage` (server-side).
+- **Full API Coverage**: Methods for registration, login (email/Google/Facebook), profile management, and more.
+- **SRWP Support**: Savant Realms Workspace Protocol discovery for realm-to-realm communication.
+
+## Installation
+
+```bash
+npm install federated-auth-realm-sdk-ts-js
+```
+
+## Basic Usage
+
+### Initialization
+
+```typescript
+import {
+  FederatedAuthClient,
+  LocalStorageProvider,
+} from 'federated-auth-realm-sdk-ts-js';
+
+const client = new FederatedAuthClient({
+  baseURL: 'https://api.federatedauthrealm.com/v1',
+  appKey: 'your-app-key',
+  storage: new LocalStorageProvider(), // Optional, defaults to LocalStorageProvider
+  onSessionExpired: () => {
+    // Redirect to login page
+    window.location.href = '/login';
+  },
+});
+```
+
+### Authentication
+
+```typescript
+// Login
+const auth = await client.login({
+  email: 'user@example.com',
+  password: 'password',
+});
+
+// Check if authenticated
+const isAuthenticated = await client.isAuthenticated();
+
+// Get current user
+const user = await client.getUser();
+
+// Logout
+await client.logout();
+```
+
+### Profile Management
+
+```typescript
+const profile = await client.getProfile();
+
+await client.updateProfile({
+  name: 'Updated Name',
+  metadata: { theme: 'dark' },
+});
+```
+
+### Token Verification (Server-side)
+
+Back-end services can verify tokens without knowing the `JWT_SECRET` by using the realm's verification endpoint:
+
+```typescript
+const result = await client.verifyToken('user-access-token');
+
+if (result.valid) {
+  console.log('Token is valid for user:', result.user);
+} else {
+  console.log('Token is invalid');
+}
+```
+
+### SRWP Discovery
+
+```typescript
+import { SRWPDiscoveryClient } from 'federated-auth-realm-sdk-ts-js';
+
+const discovery = new SRWPDiscoveryClient(
+  'https://api.federatedauthrealm.com/v1'
+);
+
+const knownRealms = await discovery.getKnownRealms();
+```
+
+## Advanced Storage
+
+For server-side usage (Node.js), use `MemoryStorageProvider` or implement your own `StorageProvider`:
+
+```typescript
+import { MemoryStorageProvider } from 'federated-auth-realm-sdk-ts-js';
+
+const client = new FederatedAuthClient({
+  baseURL: '...',
+  appKey: '...',
+  storage: new MemoryStorageProvider(),
+});
+```
+
+## Development
+
+```bash
+npm install
+npm run build
+npm test
+```
+
+## License
+
+MIT

package/dist/client.d.ts

@@ -0,0 +1,45 @@
+import { AuthResponse, LoginRequest, RegisterRequest, GoogleAuthRequest, FacebookAuthRequest, ForgotPasswordRequest, ResetPasswordRequest, ChangePasswordRequest, RefreshTokenRequest, UpdateProfileRequest, VerifyTokenResponse, User } from './types';
+import { StorageProvider } from './storage';
+export interface FederatedAuthClientConfig {
+    baseURL: string;
+    appKey: string;
+    storage?: StorageProvider;
+    onSessionExpired?: () => void;
+}
+export declare class FederatedAuthClient {
+    private client;
+    private storage;
+    private appKey;
+    private onSessionExpired?;
+    private isRefreshing;
+    private refreshSubscribers;
+    constructor(config: FederatedAuthClientConfig);
+    private setupInterceptors;
+    private onRefreshed;
+    register(data: RegisterRequest): Promise<AuthResponse>;
+    login(data: LoginRequest): Promise<AuthResponse>;
+    loginWithGoogle(data: GoogleAuthRequest): Promise<AuthResponse>;
+    loginWithFacebook(data: FacebookAuthRequest): Promise<AuthResponse>;
+    forgotPassword(data: ForgotPasswordRequest): Promise<{
+        message: string;
+    }>;
+    resetPassword(data: ResetPasswordRequest): Promise<{
+        message: string;
+    }>;
+    changePassword(data: ChangePasswordRequest): Promise<{
+        message: string;
+    }>;
+    refreshToken(data: RefreshTokenRequest): Promise<AuthResponse>;
+    logout(): Promise<{
+        message: string;
+    }>;
+    logoutLocal(): Promise<void>;
+    getProfile(): Promise<User>;
+    updateProfile(data: UpdateProfileRequest): Promise<{
+        message: string;
+    }>;
+    verifyToken(token: string): Promise<VerifyTokenResponse>;
+    private setSession;
+    getUser(): Promise<User | null>;
+    isAuthenticated(): Promise<boolean>;
+}

package/dist/client.js

@@ -0,0 +1,191 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FederatedAuthClient = void 0;
+const axios_1 = __importDefault(require("axios"));
+const storage_1 = require("./storage");
+const jwt_1 = require("./utils/jwt");
+class FederatedAuthClient {
+    constructor(config) {
+        this.isRefreshing = false;
+        this.refreshSubscribers = [];
+        this.appKey = config.appKey;
+        this.storage = config.storage || new storage_1.LocalStorageProvider();
+        this.onSessionExpired = config.onSessionExpired;
+        this.client = axios_1.default.create({
+            baseURL: config.baseURL,
+            headers: {
+                'Content-Type': 'application/json',
+            },
+        });
+        this.setupInterceptors();
+    }
+    setupInterceptors() {
+        this.client.interceptors.request.use(async (config) => {
+            const token = await this.storage.getItem('accessToken');
+            if (token) {
+                config.headers.Authorization = `Bearer ${token}`;
+            }
+            return config;
+        }, error => Promise.reject(error));
+        this.client.interceptors.response.use(response => response, async (error) => {
+            const originalRequest = error.config;
+            if (error.response?.status === 401 && !originalRequest._retry) {
+                if (originalRequest.url?.includes('/auth/login') ||
+                    originalRequest.url?.includes('/auth/register') ||
+                    originalRequest.url?.includes('/auth/refresh')) {
+                    return Promise.reject(error);
+                }
+                if (this.isRefreshing) {
+                    return new Promise(resolve => {
+                        this.refreshSubscribers.push((token) => {
+                            originalRequest.headers.Authorization = `Bearer ${token}`;
+                            resolve(this.client(originalRequest));
+                        });
+                    });
+                }
+                originalRequest._retry = true;
+                this.isRefreshing = true;
+                try {
+                    const refreshToken = await this.storage.getItem('refreshToken');
+                    if (!refreshToken) {
+                        throw new Error('No refresh token available');
+                    }
+                    const response = await this.refreshToken({ refreshToken });
+                    const { accessToken, refreshToken: newRefreshToken } = response;
+                    await this.storage.setItem('accessToken', accessToken);
+                    await this.storage.setItem('refreshToken', newRefreshToken);
+                    this.onRefreshed(accessToken);
+                    originalRequest.headers.Authorization = `Bearer ${accessToken}`;
+                    return this.client(originalRequest);
+                }
+                catch (refreshError) {
+                    await this.logoutLocal();
+                    if (this.onSessionExpired) {
+                        this.onSessionExpired();
+                    }
+                    return Promise.reject(refreshError);
+                }
+                finally {
+                    this.isRefreshing = false;
+                }
+            }
+            return Promise.reject(error);
+        });
+    }
+    onRefreshed(token) {
+        this.refreshSubscribers.forEach(callback => callback(token));
+        this.refreshSubscribers = [];
+    }
+    // Auth Methods
+    async register(data) {
+        const response = await this.client.post('/auth/register', {
+            ...data,
+            appKey: this.appKey,
+        });
+        await this.setSession(response.data);
+        return response.data;
+    }
+    async login(data) {
+        const response = await this.client.post('/auth/login', {
+            ...data,
+            appKey: this.appKey,
+        });
+        await this.setSession(response.data);
+        return response.data;
+    }
+    async loginWithGoogle(data) {
+        const response = await this.client.post('/auth/google', {
+            ...data,
+            appKey: this.appKey,
+        });
+        await this.setSession(response.data);
+        return response.data;
+    }
+    async loginWithFacebook(data) {
+        const response = await this.client.post('/auth/facebook', {
+            ...data,
+            appKey: this.appKey,
+        });
+        await this.setSession(response.data);
+        return response.data;
+    }
+    async forgotPassword(data) {
+        const response = await this.client.post('/auth/forgot-password', {
+            ...data,
+            appKey: this.appKey,
+        });
+        return response.data;
+    }
+    async resetPassword(data) {
+        const response = await this.client.post('/auth/reset-password', data);
+        return response.data;
+    }
+    async changePassword(data) {
+        const response = await this.client.post('/auth/change-password', data);
+        return response.data;
+    }
+    async refreshToken(data) {
+        const response = await this.client.post('/auth/refresh', data);
+        return response.data;
+    }
+    async logout() {
+        try {
+            const response = await this.client.post('/auth/logout');
+            return response.data;
+        }
+        finally {
+            await this.logoutLocal();
+        }
+    }
+    async logoutLocal() {
+        await this.storage.removeItem('accessToken');
+        await this.storage.removeItem('refreshToken');
+        await this.storage.removeItem('user');
+    }
+    async getProfile() {
+        const response = await this.client.get('/auth/profile');
+        return response.data;
+    }
+    async updateProfile(data) {
+        const response = await this.client.put('/auth/profile', data);
+        return response.data;
+    }
+    async verifyToken(token) {
+        const response = await this.client.post('/auth/verify', { token });
+        return response.data;
+    }
+    // Session management
+    async setSession(auth) {
+        if (auth.accessToken) {
+            await this.storage.setItem('accessToken', auth.accessToken);
+        }
+        if (auth.refreshToken) {
+            await this.storage.setItem('refreshToken', auth.refreshToken);
+        }
+        if (auth.user) {
+            await this.storage.setItem('user', JSON.stringify(auth.user));
+        }
+    }
+    async getUser() {
+        const userStr = await this.storage.getItem('user');
+        if (userStr) {
+            try {
+                return JSON.parse(userStr);
+            }
+            catch {
+                return null;
+            }
+        }
+        return null;
+    }
+    async isAuthenticated() {
+        const token = await this.storage.getItem('accessToken');
+        if (!token)
+            return false;
+        return !jwt_1.JwtUtils.isExpired(token);
+    }
+}
+exports.FederatedAuthClient = FederatedAuthClient;

package/dist/discovery.d.ts

@@ -0,0 +1,23 @@
+export interface RealmInfo {
+    id: string;
+    url: string;
+    status: string;
+    lastSeen: number;
+}
+export interface SRWPWhisperRequest {
+    sourceRealm: string;
+    sourceUrl: string;
+    timestamp: number;
+    knownRealms: RealmInfo[];
+}
+export declare class SRWPDiscoveryClient {
+    private client;
+    constructor(baseURL: string);
+    whisper(data: SRWPWhisperRequest): Promise<{
+        message: string;
+    }>;
+    getKnownRealms(): Promise<RealmInfo[]>;
+    bootstrap(peerUrl: string): Promise<{
+        message: string;
+    }>;
+}

package/dist/discovery.js

@@ -0,0 +1,32 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SRWPDiscoveryClient = void 0;
+const axios_1 = __importDefault(require("axios"));
+class SRWPDiscoveryClient {
+    constructor(baseURL) {
+        this.client = axios_1.default.create({
+            baseURL,
+            headers: {
+                'Content-Type': 'application/json',
+            },
+        });
+    }
+    async whisper(data) {
+        const response = await this.client.post('/whisper', data);
+        return response.data;
+    }
+    async getKnownRealms() {
+        const response = await this.client.get('/known');
+        return response.data;
+    }
+    async bootstrap(peerUrl) {
+        const response = await this.client.post('/bootstrap', {
+            peerUrl,
+        });
+        return response.data;
+    }
+}
+exports.SRWPDiscoveryClient = SRWPDiscoveryClient;

package/dist/index.d.ts

@@ -0,0 +1,5 @@
+export * from './types';
+export * from './storage';
+export * from './client';
+export * from './discovery';
+export * from './utils/jwt';

package/dist/index.js

@@ -0,0 +1,21 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./types"), exports);
+__exportStar(require("./storage"), exports);
+__exportStar(require("./client"), exports);
+__exportStar(require("./discovery"), exports);
+__exportStar(require("./utils/jwt"), exports);

package/dist/storage/index.d.ts

@@ -0,0 +1,16 @@
+export interface StorageProvider {
+    getItem(key: string): string | null | Promise<string | null>;
+    setItem(key: string, value: string): void | Promise<void>;
+    removeItem(key: string): void | Promise<void>;
+}
+export declare class LocalStorageProvider implements StorageProvider {
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+}
+export declare class MemoryStorageProvider implements StorageProvider {
+    private storage;
+    getItem(key: string): string | null;
+    setItem(key: string, value: string): void;
+    removeItem(key: string): void;
+}

package/dist/storage/index.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MemoryStorageProvider = exports.LocalStorageProvider = void 0;
+class LocalStorageProvider {
+    getItem(key) {
+        if (typeof window !== 'undefined' && window.localStorage) {
+            return localStorage.getItem(key);
+        }
+        return null;
+    }
+    setItem(key, value) {
+        if (typeof window !== 'undefined' && window.localStorage) {
+            localStorage.setItem(key, value);
+        }
+    }
+    removeItem(key) {
+        if (typeof window !== 'undefined' && window.localStorage) {
+            localStorage.removeItem(key);
+        }
+    }
+}
+exports.LocalStorageProvider = LocalStorageProvider;
+class MemoryStorageProvider {
+    constructor() {
+        this.storage = new Map();
+    }
+    getItem(key) {
+        return this.storage.get(key) || null;
+    }
+    setItem(key, value) {
+        this.storage.set(key, value);
+    }
+    removeItem(key) {
+        this.storage.delete(key);
+    }
+}
+exports.MemoryStorageProvider = MemoryStorageProvider;

package/dist/types/index.d.ts

@@ -0,0 +1,272 @@
+export declare enum UserType {
+    SUPERADMIN = "SUPERADMIN",
+    MANAGER = "MANAGER",
+    EMPLOYEE = "EMPLOYEE",
+    CLIENT_USER = "CLIENT_USER",
+    GUEST_USER = "GUEST_USER"
+}
+export declare enum Gender {
+    MALE = "MALE",
+    FEMALE = "FEMALE",
+    OTHER = "OTHER"
+}
+export interface PhoneNumber {
+    internationalPrefix: string;
+    number: string;
+    fullNumber: string;
+    type?: 'MOBILE' | 'WORK_PHONE' | 'HOME_PHONE';
+    isPrimary: boolean;
+    isActive: boolean;
+}
+export interface Address {
+    inline: string;
+    structured: {
+        street: string | null;
+        secondaryStreet?: string | null;
+        civicNumber: string | null;
+        townCity: string;
+        provinceState: string;
+        provinceStateShortForm?: string;
+        postalCode: string;
+        country: string;
+        countryISO: string;
+        notes?: string;
+    };
+    type?: 'HOME' | 'WORK' | 'OTHER';
+    isPrimary: boolean | null;
+    isActive: boolean | null;
+}
+export interface Link {
+    url: string;
+    isPrimary: boolean;
+    isActive: boolean;
+}
+export interface ProfilePhoto {
+    url: string;
+    uploadDate: string;
+    exifData?: Record<string, unknown>;
+    isAvatar: boolean;
+}
+export interface EmergencyContact {
+    name: string;
+    surname: string;
+    email: string;
+    phone: PhoneNumber;
+    address?: Address;
+    relation: 'Legally Married Spouse' | 'Partner' | 'Child' | 'Parent' | 'Sibling' | 'Relative' | 'Friend' | 'Coworker' | 'Other';
+    isPrimary: boolean;
+}
+export interface PartialDateWithYear {
+    year: string;
+    month?: string;
+    day?: string;
+}
+export interface Salary {
+    value: number;
+    currency: string;
+    dateFrom: PartialDateWithYear;
+    dateTo?: PartialDateWithYear;
+}
+export interface WorkFlexibleBenefit {
+    benefit: {
+        name: string;
+        notes?: string;
+        isActive: boolean;
+    };
+    benefitingFrom?: PartialDateWithYear;
+    benefitingTo?: PartialDateWithYear;
+    value?: string;
+}
+export interface Company {
+    id: string;
+    name: string;
+    headquarters?: Address;
+    yearOfFoundation: number;
+    typeOfCompany: 'Corporation' | 'LLC' | 'Partnership' | 'Sole Proprietorship' | 'Non-Profit' | 'Government' | 'Other';
+    industry: string;
+    rangeOfNumberOfEmployees: string;
+    website: Link;
+    email: string;
+    phoneNumber: PhoneNumber;
+}
+export interface Occupation {
+    title: string;
+    company?: Company;
+    startDate?: PartialDateWithYear;
+    endDate?: PartialDateWithYear;
+    role?: string;
+    workLocationType: 'Onsite' | 'Hybrid' | 'Remote';
+    workLocation?: Address;
+    contract?: 'Internal Hire' | 'Contractor/Freelancer';
+    timeEffort?: 'Full Time' | 'Part Time';
+    experienceLevel?: 'Junior' | 'Middle' | 'Senior';
+    managementLevel?: 'Simple Employee' | 'Middle Manager' | 'Senior Manager' | 'Officer' | 'Chief Officer' | 'CEO';
+    salaries?: Salary[];
+    benefits?: WorkFlexibleBenefit[];
+}
+export interface User {
+    id: string;
+    email?: string;
+    name?: string;
+    surname?: string;
+    userType: UserType;
+    gender?: Gender;
+    dateOfBirth?: string;
+    isEmailVerified: boolean;
+    isActive: boolean;
+    enabledApps: Application[];
+    permissions?: string[];
+    accessRequests?: unknown[];
+    phoneNumbers?: PhoneNumber[];
+    addresses?: Address[];
+    bio?: string;
+    profileLinks?: Link[];
+    occupations?: Occupation[];
+    profilePhotos?: ProfilePhoto[];
+    emergencyContacts?: EmergencyContact[];
+    metadata?: Record<string, unknown>;
+    createdAt?: string;
+    updatedAt?: string;
+    lastLoginAt?: string;
+}
+export declare enum ApplicationStatus {
+    ACTIVE = "ACTIVE",
+    TEMPORARILY_INACTIVE = "TEMPORARILY_INACTIVE",
+    SHADOW_DELETED = "SHADOW_DELETED"
+}
+export declare enum PlatformType {
+    API = "API",
+    UI = "UI",
+    DB = "DB",
+    SERVICE = "SERVICE",
+    OTHER = "OTHER"
+}
+export declare enum UIPlatformSubtype {
+    UI_WEB = "UI_WEB",
+    UI_MOBILE_ANDROID = "UI_MOBILE_ANDROID",
+    UI_MOBILE_IOS = "UI_MOBILE_IOS",
+    UI_OTHER = "UI_OTHER"
+}
+export interface PlatformUrl {
+    id: string;
+    value: string;
+    name: string;
+    description?: string;
+    isPrimary: boolean;
+    isRedirect: boolean;
+    isActive: boolean;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface Platform {
+    id: string;
+    type: PlatformType;
+    name: string;
+    environment: 'development' | 'staging' | 'production';
+    subtype?: UIPlatformSubtype;
+    urls: PlatformUrl[];
+    isActive: boolean;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface Application {
+    id: string;
+    appKey: string;
+    slug?: string;
+    name: string;
+    logo?: string;
+    description?: string;
+    status?: ApplicationStatus;
+    managerId?: string;
+    isPublic?: boolean;
+    platforms?: Platform[];
+    config?: Record<string, unknown>;
+    createdAt?: string;
+    updatedAt?: string;
+}
+export interface AuthResponse {
+    accessToken: string;
+    refreshToken: string;
+    expiresIn: number;
+    user?: User;
+    action?: 'account_created' | 'guest_user_transformed' | 'access_granted' | 'access_requested' | 'already_has_access' | 'account_exists';
+    message?: string;
+}
+export interface LoginRequest {
+    email?: string;
+    id?: string;
+    password?: string;
+    appKey: string;
+    rememberMe?: boolean;
+}
+export interface RegisterRequest {
+    email?: string;
+    password?: string;
+    name?: string;
+    surname?: string;
+    appKey: string;
+    gender?: Gender;
+    dateOfBirth?: string;
+    phoneNumbers?: PhoneNumber[];
+    addresses?: Address[];
+    bio?: string;
+    profileLinks?: Link[];
+    occupations?: Occupation[];
+    profilePhotos?: ProfilePhoto[];
+    emergencyContacts?: EmergencyContact[];
+    metadata?: Record<string, unknown>;
+}
+export interface GoogleAuthRequest {
+    googleToken: string;
+    appKey: string;
+}
+export interface FacebookAuthRequest {
+    facebookToken: string;
+    appKey: string;
+}
+export interface ForgotPasswordRequest {
+    email: string;
+    appKey?: string;
+}
+export interface ResetPasswordRequest {
+    token: string;
+    password?: string;
+    confirmPassword?: string;
+}
+export interface ChangePasswordRequest {
+    currentPassword?: string;
+    newPassword?: string;
+    confirmPassword?: string;
+}
+export interface RefreshTokenRequest {
+    refreshToken: string;
+}
+export interface UpdateProfileRequest {
+    name?: string;
+    surname?: string;
+    gender?: Gender;
+    dateOfBirth?: string;
+    phoneNumbers?: PhoneNumber[];
+    addresses?: Address[];
+    bio?: string;
+    profileLinks?: Link[];
+    occupations?: Occupation[];
+    profilePhotos?: ProfilePhoto[];
+    emergencyContacts?: EmergencyContact[];
+    metadata?: Record<string, unknown>;
+}
+export interface VerifyTokenRequest {
+    token: string;
+}
+export interface VerifyTokenResponse {
+    valid: boolean;
+    user: User | null;
+}
+export interface TokenPayload {
+    sub: string;
+    email: string;
+    userType: UserType;
+    appKey?: string;
+    iat: number;
+    exp: number;
+}

package/dist/types/index.js

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UIPlatformSubtype = exports.PlatformType = exports.ApplicationStatus = exports.Gender = exports.UserType = void 0;
+var UserType;
+(function (UserType) {
+    UserType["SUPERADMIN"] = "SUPERADMIN";
+    UserType["MANAGER"] = "MANAGER";
+    UserType["EMPLOYEE"] = "EMPLOYEE";
+    UserType["CLIENT_USER"] = "CLIENT_USER";
+    UserType["GUEST_USER"] = "GUEST_USER";
+})(UserType || (exports.UserType = UserType = {}));
+var Gender;
+(function (Gender) {
+    Gender["MALE"] = "MALE";
+    Gender["FEMALE"] = "FEMALE";
+    Gender["OTHER"] = "OTHER";
+})(Gender || (exports.Gender = Gender = {}));
+var ApplicationStatus;
+(function (ApplicationStatus) {
+    ApplicationStatus["ACTIVE"] = "ACTIVE";
+    ApplicationStatus["TEMPORARILY_INACTIVE"] = "TEMPORARILY_INACTIVE";
+    ApplicationStatus["SHADOW_DELETED"] = "SHADOW_DELETED";
+})(ApplicationStatus || (exports.ApplicationStatus = ApplicationStatus = {}));
+var PlatformType;
+(function (PlatformType) {
+    PlatformType["API"] = "API";
+    PlatformType["UI"] = "UI";
+    PlatformType["DB"] = "DB";
+    PlatformType["SERVICE"] = "SERVICE";
+    PlatformType["OTHER"] = "OTHER";
+})(PlatformType || (exports.PlatformType = PlatformType = {}));
+var UIPlatformSubtype;
+(function (UIPlatformSubtype) {
+    UIPlatformSubtype["UI_WEB"] = "UI_WEB";
+    UIPlatformSubtype["UI_MOBILE_ANDROID"] = "UI_MOBILE_ANDROID";
+    UIPlatformSubtype["UI_MOBILE_IOS"] = "UI_MOBILE_IOS";
+    UIPlatformSubtype["UI_OTHER"] = "UI_OTHER";
+})(UIPlatformSubtype || (exports.UIPlatformSubtype = UIPlatformSubtype = {}));

package/dist/utils/jwt.d.ts

@@ -0,0 +1,5 @@
+import { TokenPayload } from '../types';
+export declare class JwtUtils {
+    static decode(token: string): TokenPayload | null;
+    static isExpired(token: string): boolean;
+}

package/dist/utils/jwt.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JwtUtils = void 0;
+class JwtUtils {
+    static decode(token) {
+        try {
+            const base64Url = token.split('.')[1];
+            const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+            const jsonPayload = decodeURIComponent(atob(base64)
+                .split('')
+                .map(function (c) {
+                return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
+            })
+                .join(''));
+            return JSON.parse(jsonPayload);
+        }
+        catch {
+            return null;
+        }
+    }
+    static isExpired(token) {
+        const payload = this.decode(token);
+        if (!payload || !payload.exp)
+            return true;
+        const currentTime = Math.floor(Date.now() / 1000);
+        return payload.exp < currentTime;
+    }
+}
+exports.JwtUtils = JwtUtils;

package/package.json

@@ -0,0 +1,72 @@
+{
+  "name": "@savant-realms/federated-auth-realm-sdk-ts-js",
+  "version": "0.4.1",
+  "description": "Federated Auth Realm - SDK Ts/Js",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "publishConfig": {
+    "access": "public"
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "prepublishOnly": "npm run build",
+    "deploy": "./scripts/deploy.sh",
+    "lint": "eslint src/**/*.ts",
+    "lint:fix": "eslint src/**/*.ts --fix",
+    "format": "prettier --write src/**/*.ts",
+    "format:check": "prettier --check src/**/*.ts",
+    "type-check": "tsc --noEmit",
+    "check-all": "npm run type-check && npm run lint && npm run format:check && npm run test",
+    "lint-staged": "lint-staged",
+    "prepare": "husky install"
+  },
+  "lint-staged": {
+    "*.ts": [
+      "eslint --fix",
+      "prettier --write"
+    ],
+    "*.{json,md}": [
+      "prettier --write"
+    ]
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/savant-realms/federated-auth-realm-sdk-ts-js.git"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "bugs": {
+    "url": "https://github.com/savant-realms/federated-auth-realm-sdk-ts-js/issues"
+  },
+  "homepage": "https://github.com/savant-realms/federated-auth-realm-sdk-ts-js#readme",
+  "dependencies": {
+    "axios": "^1.13.2",
+    "jsonwebtoken": "^9.0.3",
+    "zod": "^4.3.5"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.39.2",
+    "@types/jest": "^30.0.0",
+    "@types/jsonwebtoken": "^9.0.10",
+    "@types/node": "^25.0.3",
+    "@typescript-eslint/eslint-plugin": "^8.52.0",
+    "@typescript-eslint/parser": "^8.52.0",
+    "eslint": "^9.39.2",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-prettier": "^5.5.4",
+    "globals": "^17.0.0",
+    "husky": "^9.1.7",
+    "jest": "^30.2.0",
+    "lint-staged": "^16.2.7",
+    "prettier": "^3.7.4",
+    "ts-jest": "^29.4.6",
+    "tsx": "^4.21.0",
+    "typescript": "^5.9.3"
+  }
+}