@terminal3/t3n-sdk 0.5.1 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/index.d.ts +26 -3
  2. package/dist/index.esm.js +1 -1
  3. package/dist/index.js +1 -1
  4. package/dist/src/client/actions.d.ts +5 -0
  5. package/dist/src/client/t3n-client.d.ts +19 -1
  6. package/dist/src/types/auth.d.ts +7 -2
  7. package/dist/wasm/generated/interfaces/component-session-server-auth.d.ts +2 -1
  8. package/dist/wasm/generated/session.core.wasm +0 -0
  9. package/dist/wasm/generated/session.js +4119 -794
  10. package/package.json +8 -1
package/dist/src/client/actions.d.ts CHANGED
@@ -15,3 +15,8 @@ export declare function createHandshakeAction(): Uint8Array;
15
15
  * @param authInput - The authentication input (Ethereum or OIDC)
16
16
  */
17
17
  export declare function createAuthAction(authInput: AuthInput): Uint8Array;
18
+ /**
19
+ * Create the OIDC SubmitToken action for the second step of nonce-bound auth.
20
+ * @param idToken - The id_token JWT obtained from the OIDC provider with the nonce
21
+ */
22
+ export declare function createOidcSubmitTokenAction(idToken: string): Uint8Array;
package/dist/src/client/t3n-client.d.ts CHANGED
@@ -25,9 +25,27 @@ export declare class T3nClient {
25
25
  */
26
26
  handshake(): Promise<HandshakeResult>;
27
27
  /**
28
- * Authenticate with the T3n node
28
+ * Authenticate with the T3n node.
29
+ *
30
+ * For OIDC, this runs a two-step nonce-bound flow:
31
+ * 1. Sends `InitOidcAuth` to server → receives session-binding nonce.
32
+ * 2. Calls `getIdToken(nonce)` callback so the app can include the
33
+ * nonce in the Google authorization URL.
34
+ * 3. Sends `SubmitIdToken` with the nonce-bearing token → receives DID.
29
35
  */
30
36
  authenticate(authInput: AuthInput): Promise<Did>;
37
+ /**
38
+ * OIDC two-step authentication with session-binding nonce.
39
+ *
40
+ * Bypasses the WASM client state machine and makes two encrypted
41
+ * RPC calls directly:
42
+ * 1. `InitOidcAuth { provider }` → server generates nonce → returns
43
+ * `ProvideNonce { nonce }`.
44
+ * 2. App calls `getIdToken(nonce)` to obtain a nonce-bound `id_token`.
45
+ * 3. `SubmitIdToken { id_token }` → server verifies token + nonce →
46
+ * returns `Finish { did }`.
47
+ */
48
+ private authenticateOidc;
31
49
  /**
32
50
  * Execute an action on the T3n node
33
51
  */
package/dist/src/types/auth.d.ts CHANGED
@@ -16,11 +16,16 @@ export interface EthereumSigner {
16
16
  signMessage(message: Uint8Array): Promise<Uint8Array>;
17
17
  }
18
18
  /**
19
- * OIDC credentials interface
19
+ * OIDC credentials interface.
20
+ *
21
+ * The TEE generates a session-binding nonce that must be included in
22
+ * the Google authorization URL (`&nonce=…`). The `getIdToken` callback
23
+ * receives this nonce and must return the `id_token` JWT obtained
24
+ * from the OIDC provider with the nonce baked into its claims.
20
25
  */
21
26
  export interface OidcCredentials {
22
27
  provider: string;
23
- idToken: string;
28
+ getIdToken: (nonce: string) => Promise<string>;
24
29
  }
25
30
  /**
26
31
  * Base authentication input with method discriminator
package/dist/wasm/generated/interfaces/component-session-server-auth.d.ts CHANGED
@@ -1,9 +1,10 @@
1
1
  /** @module Interface component:session/server-auth@0.1.0 **/
2
- export function next(state: State | undefined, action: HostToGuest): NewState;
2
+ export function next(state: State | undefined, action: HostToGuest, policy: SiwePolicy): NewState;
3
3
  export function finish(state: State): Did;
4
4
  export type GuestToHost = Uint8Array;
5
5
  export type State = Uint8Array;
6
6
  export type HostToGuest = Uint8Array;
7
+ export type SiwePolicy = Uint8Array;
7
8
  export type Did = Uint8Array;
8
9
  export type Error = Uint8Array;
9
10
  export interface NewState {