npm - @swype-org/react-sdk - Versions diffs - 0.1.27 → 0.1.28 - Mend

@swype-org/react-sdk 0.1.27 → 0.1.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.cts CHANGED Viewed

@@ -297,8 +297,16 @@ interface SwypePaymentProps {
      * wallet extensions are unavailable.
      */
     useWalletConnector?: boolean;
+    /**
+     * Caller-supplied UUID v4 used as the transfer ID for idempotency.
+     *
+     * When provided, the transfer is created with this ID instead of a
+     * randomly generated one. This allows callers to safely retry the payment
+     * flow without creating duplicate transfers.
+     */
+    idempotencyKey?: string;
 }
-declare function SwypePayment({ destination, onComplete, onError, useWalletConnector, }: SwypePaymentProps): react_jsx_runtime.JSX.Element | null;
+declare function SwypePayment({ destination, onComplete, onError, useWalletConnector, idempotencyKey, }: SwypePaymentProps): react_jsx_runtime.JSX.Element | null;
 type AccessTokenGetter = () => Promise<string | null | undefined>;
 /**
@@ -320,17 +328,20 @@ declare function createPasskeyCredential(params: {
     publicKey: string;
 }>;
 /**
- * Checks whether the current device's platform authenticator holds a passkey
- * matching the given credential ID.
- *
- * Uses `navigator.credentials.get()` with a throwaway challenge and a short
- * timeout. If the authenticator responds, the device has the key. If it
- * throws (NotAllowedError, timeout, etc.), the device does not.
- *
- * @param credentialId - Base64-encoded WebAuthn credential ID from the server.
- * @returns `true` if the device can authenticate with this credential.
+ * @deprecated Use {@link findDevicePasskey} instead, which checks all
+ * credentials in a single WebAuthn call.
  */
 declare function deviceHasPasskey(credentialId: string): Promise<boolean>;
+/**
+ * Determines which (if any) of the given server-registered passkeys exists on
+ * the current device. All credential IDs are passed in a single
+ * `navigator.credentials.get()` call so the browser shows at most one prompt
+ * and the platform authenticator automatically selects the matching key.
+ *
+ * @param credentialIds - Base64-encoded WebAuthn credential IDs from the server.
+ * @returns The matching credential ID, or `null` if none are on this device.
+ */
+declare function findDevicePasskey(credentialIds: string[]): Promise<string | null>;
 interface UseTransferPollingResult {
     transfer: Transfer | null;
     error: string | null;
@@ -413,6 +424,8 @@ declare function fetchProviders(apiBaseUrl: string, token: string): Promise<Prov
 declare function fetchChains(apiBaseUrl: string, token: string): Promise<Chain[]>;
 declare function fetchAccounts(apiBaseUrl: string, token: string, credentialId: string): Promise<Account[]>;
 interface CreateTransferParams {
+    /** Caller-supplied UUID v4 for idempotency. If omitted, a random UUID is generated. */
+    id?: string;
     credentialId: string;
     sourceType: SourceType;
     sourceId: string;
@@ -473,4 +486,4 @@ declare namespace api {
   export { type api_CreateTransferParams as CreateTransferParams, api_createTransfer as createTransfer, api_fetchAccounts as fetchAccounts, api_fetchAuthorizationSession as fetchAuthorizationSession, api_fetchChains as fetchChains, api_fetchProviders as fetchProviders, api_fetchTransfer as fetchTransfer, api_fetchUserConfig as fetchUserConfig, api_registerPasskey as registerPasskey, api_reportActionCompletion as reportActionCompletion, api_signTransfer as signTransfer, api_updateUserConfig as updateUserConfig, api_updateUserConfigBySession as updateUserConfigBySession };
 }
-export { type Account, type ActionExecutionResult, type AdvancedSettings, type Amount, type AuthorizationAction, type AuthorizationSession, type AuthorizationSessionDetail, type Chain, type Destination, type ErrorResponse, type ListResponse, type PaymentStep, type Provider, type SourceOption, type SourceSelection, type SourceType, SwypePayment, type SwypePaymentProps, SwypeProvider, type SwypeProviderProps, type ThemeMode, type ThemeTokens, type TokenBalance, type Transfer, type TransferDestination, type UserConfig, type Wallet, type WalletSource, type WalletToken, createPasskeyCredential, darkTheme, deviceHasPasskey, getTheme, lightTheme, api as swypeApi, useAuthorizationExecutor, useSwypeConfig, useSwypeDepositAmount, useTransferPolling, useTransferSigning };
+export { type Account, type ActionExecutionResult, type AdvancedSettings, type Amount, type AuthorizationAction, type AuthorizationSession, type AuthorizationSessionDetail, type Chain, type Destination, type ErrorResponse, type ListResponse, type PaymentStep, type Provider, type SourceOption, type SourceSelection, type SourceType, SwypePayment, type SwypePaymentProps, SwypeProvider, type SwypeProviderProps, type ThemeMode, type ThemeTokens, type TokenBalance, type Transfer, type TransferDestination, type UserConfig, type Wallet, type WalletSource, type WalletToken, createPasskeyCredential, darkTheme, deviceHasPasskey, findDevicePasskey, getTheme, lightTheme, api as swypeApi, useAuthorizationExecutor, useSwypeConfig, useSwypeDepositAmount, useTransferPolling, useTransferSigning };

package/dist/index.d.ts CHANGED Viewed

@@ -297,8 +297,16 @@ interface SwypePaymentProps {
      * wallet extensions are unavailable.
      */
     useWalletConnector?: boolean;
+    /**
+     * Caller-supplied UUID v4 used as the transfer ID for idempotency.
+     *
+     * When provided, the transfer is created with this ID instead of a
+     * randomly generated one. This allows callers to safely retry the payment
+     * flow without creating duplicate transfers.
+     */
+    idempotencyKey?: string;
 }
-declare function SwypePayment({ destination, onComplete, onError, useWalletConnector, }: SwypePaymentProps): react_jsx_runtime.JSX.Element | null;
+declare function SwypePayment({ destination, onComplete, onError, useWalletConnector, idempotencyKey, }: SwypePaymentProps): react_jsx_runtime.JSX.Element | null;
 type AccessTokenGetter = () => Promise<string | null | undefined>;
 /**
@@ -320,17 +328,20 @@ declare function createPasskeyCredential(params: {
     publicKey: string;
 }>;
 /**
- * Checks whether the current device's platform authenticator holds a passkey
- * matching the given credential ID.
- *
- * Uses `navigator.credentials.get()` with a throwaway challenge and a short
- * timeout. If the authenticator responds, the device has the key. If it
- * throws (NotAllowedError, timeout, etc.), the device does not.
- *
- * @param credentialId - Base64-encoded WebAuthn credential ID from the server.
- * @returns `true` if the device can authenticate with this credential.
+ * @deprecated Use {@link findDevicePasskey} instead, which checks all
+ * credentials in a single WebAuthn call.
  */
 declare function deviceHasPasskey(credentialId: string): Promise<boolean>;
+/**
+ * Determines which (if any) of the given server-registered passkeys exists on
+ * the current device. All credential IDs are passed in a single
+ * `navigator.credentials.get()` call so the browser shows at most one prompt
+ * and the platform authenticator automatically selects the matching key.
+ *
+ * @param credentialIds - Base64-encoded WebAuthn credential IDs from the server.
+ * @returns The matching credential ID, or `null` if none are on this device.
+ */
+declare function findDevicePasskey(credentialIds: string[]): Promise<string | null>;
 interface UseTransferPollingResult {
     transfer: Transfer | null;
     error: string | null;
@@ -413,6 +424,8 @@ declare function fetchProviders(apiBaseUrl: string, token: string): Promise<Prov
 declare function fetchChains(apiBaseUrl: string, token: string): Promise<Chain[]>;
 declare function fetchAccounts(apiBaseUrl: string, token: string, credentialId: string): Promise<Account[]>;
 interface CreateTransferParams {
+    /** Caller-supplied UUID v4 for idempotency. If omitted, a random UUID is generated. */
+    id?: string;
     credentialId: string;
     sourceType: SourceType;
     sourceId: string;
@@ -473,4 +486,4 @@ declare namespace api {
   export { type api_CreateTransferParams as CreateTransferParams, api_createTransfer as createTransfer, api_fetchAccounts as fetchAccounts, api_fetchAuthorizationSession as fetchAuthorizationSession, api_fetchChains as fetchChains, api_fetchProviders as fetchProviders, api_fetchTransfer as fetchTransfer, api_fetchUserConfig as fetchUserConfig, api_registerPasskey as registerPasskey, api_reportActionCompletion as reportActionCompletion, api_signTransfer as signTransfer, api_updateUserConfig as updateUserConfig, api_updateUserConfigBySession as updateUserConfigBySession };
 }
-export { type Account, type ActionExecutionResult, type AdvancedSettings, type Amount, type AuthorizationAction, type AuthorizationSession, type AuthorizationSessionDetail, type Chain, type Destination, type ErrorResponse, type ListResponse, type PaymentStep, type Provider, type SourceOption, type SourceSelection, type SourceType, SwypePayment, type SwypePaymentProps, SwypeProvider, type SwypeProviderProps, type ThemeMode, type ThemeTokens, type TokenBalance, type Transfer, type TransferDestination, type UserConfig, type Wallet, type WalletSource, type WalletToken, createPasskeyCredential, darkTheme, deviceHasPasskey, getTheme, lightTheme, api as swypeApi, useAuthorizationExecutor, useSwypeConfig, useSwypeDepositAmount, useTransferPolling, useTransferSigning };
+export { type Account, type ActionExecutionResult, type AdvancedSettings, type Amount, type AuthorizationAction, type AuthorizationSession, type AuthorizationSessionDetail, type Chain, type Destination, type ErrorResponse, type ListResponse, type PaymentStep, type Provider, type SourceOption, type SourceSelection, type SourceType, SwypePayment, type SwypePaymentProps, SwypeProvider, type SwypeProviderProps, type ThemeMode, type ThemeTokens, type TokenBalance, type Transfer, type TransferDestination, type UserConfig, type Wallet, type WalletSource, type WalletToken, createPasskeyCredential, darkTheme, deviceHasPasskey, findDevicePasskey, getTheme, lightTheme, api as swypeApi, useAuthorizationExecutor, useSwypeConfig, useSwypeDepositAmount, useTransferPolling, useTransferSigning };

package/dist/index.js CHANGED Viewed

@@ -216,7 +216,7 @@ async function fetchAccounts(apiBaseUrl, token, credentialId) {
 }
 async function createTransfer(apiBaseUrl, token, params) {
   const body = {
-    id: crypto.randomUUID(),
+    id: params.id ?? crypto.randomUUID(),
     credentialId: params.credentialId,
     sources: [{ [params.sourceType]: params.sourceId }],
     destinations: [
@@ -813,6 +813,11 @@ async function createPasskeyCredential(params) {
   };
 }
 async function deviceHasPasskey(credentialId) {
+  const found = await findDevicePasskey([credentialId]);
+  return found != null;
+}
+async function findDevicePasskey(credentialIds) {
+  if (credentialIds.length === 0) return null;
   try {
     const challenge = new Uint8Array(32);
     crypto.getRandomValues(challenge);
@@ -821,17 +826,18 @@ async function deviceHasPasskey(credentialId) {
       publicKey: {
         challenge,
         rpId: resolvePasskeyRpId(),
-        allowCredentials: [{
+        allowCredentials: credentialIds.map((id) => ({
           type: "public-key",
-          id: base64ToBytes(credentialId)
-        }],
+          id: base64ToBytes(id)
+        })),
         userVerification: "discouraged",
         timeout: 3e4
       }
     });
-    return assertion != null;
+    if (!assertion) return null;
+    return toBase64(assertion.rawId);
   } catch {
-    return false;
+    return null;
   }
 }
 function useTransferPolling(intervalMs = 3e3) {
@@ -2196,7 +2202,8 @@ function SwypePayment({
   destination,
   onComplete,
   onError,
-  useWalletConnector
+  useWalletConnector,
+  idempotencyKey
 }) {
   const { apiBaseUrl, tokens, depositAmount } = useSwypeConfig();
   const { ready, authenticated, user, login, logout, getAccessToken } = usePrivy();
@@ -2263,20 +2270,20 @@ function SwypePayment({
           }
           return;
         }
-        for (const pk of allPasskeys) {
-          if (cancelled) return;
-          if (await deviceHasPasskey(pk.credentialId)) {
-            setActiveCredentialId(pk.credentialId);
-            window.localStorage.setItem(ACTIVE_CREDENTIAL_STORAGE_KEY, pk.credentialId);
-            if (depositAmount != null && depositAmount > 0) {
-              setStep("ready");
-            } else {
-              setStep("enter-amount");
-            }
-            return;
+        if (cancelled) return;
+        const credentialIds = allPasskeys.map((p) => p.credentialId);
+        const matched = await findDevicePasskey(credentialIds);
+        if (cancelled) return;
+        if (matched) {
+          setActiveCredentialId(matched);
+          window.localStorage.setItem(ACTIVE_CREDENTIAL_STORAGE_KEY, matched);
+          if (depositAmount != null && depositAmount > 0) {
+            setStep("ready");
+          } else {
+            setStep("enter-amount");
           }
+          return;
         }
-        if (cancelled) return;
         setStep("register-passkey");
       } catch {
         if (!cancelled) {
@@ -2510,6 +2517,7 @@ function SwypePayment({
         }
       }
       const t = await createTransfer(apiBaseUrl, token, {
+        id: idempotencyKey,
         credentialId: activeCredentialId,
         sourceType: effectiveSourceType,
         sourceId: effectiveSourceId,
@@ -3543,6 +3551,6 @@ function SwypePayment({
   return null;
 }
-export { SwypePayment, SwypeProvider, createPasskeyCredential, darkTheme, deviceHasPasskey, getTheme, lightTheme, api_exports as swypeApi, useAuthorizationExecutor, useSwypeConfig, useSwypeDepositAmount, useTransferPolling, useTransferSigning };
+export { SwypePayment, SwypeProvider, createPasskeyCredential, darkTheme, deviceHasPasskey, findDevicePasskey, getTheme, lightTheme, api_exports as swypeApi, useAuthorizationExecutor, useSwypeConfig, useSwypeDepositAmount, useTransferPolling, useTransferSigning };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map