@transmitsecurity/platform-web-sdk 1.16.2 → 1.17.0

package/build/webauthn.js

@@ -1,44 +0,0 @@
-// WebAuthn module - clean entry point with global state awareness
-import { setInitConfig, getInitConfig } from '@transmit-security/web-sdk-common/dist/module-metadata/module-metadata';
-import { emit } from '@transmit-security/web-sdk-common/dist/events';
-import { MODULE_INITIALIZED } from '@transmit-security/web-sdk-common/dist/events';
-// Function to sync global initialization state when needed
-function ensureInitialized() {
-    if (typeof window !== 'undefined' && window.__TS_WEB_SDK_INITIALIZED__ && window.__TS_WEB_SDK_CONFIG__) {
-        try {
-            const currentConfig = getInitConfig();
-            if (!currentConfig || !currentConfig.clientId) {
-                console.log('🔄 Syncing global initialization state to WebAuthn module');
-                setInitConfig(window.__TS_WEB_SDK_CONFIG__);
-                emit(MODULE_INITIALIZED, undefined);
-                return true;
-            }
-            return true;
-        }
-        catch (error) {
-            // If getInitConfig fails, it means common module is not initialized
-            console.log('🔄 Initializing WebAuthn module with global state');
-            setInitConfig(window.__TS_WEB_SDK_CONFIG__);
-            emit(MODULE_INITIALIZED, undefined);
-            return true;
-        }
-    }
-    return false;
-}
-// Import the original WebAuthn SDK
-import * as originalWebAuthn from '@transmit-security/authentication-sdk';
-// Create wrapper functions for the main WebAuthn methods
-function wrapWebAuthnMethod(methodName, originalMethod) {
-    return function (...args) {
-        ensureInitialized();
-        return originalMethod.apply(originalWebAuthn, args);
-    };
-}
-// Re-export initialize to ensure shared state
-export { initialize } from './initialize-only';
-// Export all WebAuthn functionality (re-export everything)
-export * from '@transmit-security/authentication-sdk';
-// Override the main methods with wrapped versions (if they exist)
-export const authenticate = originalWebAuthn.authenticate ? wrapWebAuthnMethod('authenticate', originalWebAuthn.authenticate) : originalWebAuthn.authenticate;
-export const register = originalWebAuthn.register ? wrapWebAuthnMethod('register', originalWebAuthn.register) : originalWebAuthn.register;
-export const crossDevice = originalWebAuthn.crossDevice ? wrapWebAuthnMethod('crossDevice', originalWebAuthn.crossDevice) : originalWebAuthn.crossDevice;

package/bundler-config.json

@@ -1,14 +0,0 @@
-{
-  "exports": {
-    "drs": "@transmit-security/riskid_sdk",
-    "idv": "@transmit-security/ts-identity-verification",
-    "webauthn": "@transmit-security/authentication-sdk",
-    "ido": "@transmit-security/ido-web-sdk"
-  },
-  "exportsFromDefault": {},
-  "mainExport": "./build/mainExport",
-  "declarations": true,
-  "docs": true,
-  "minify": true,
-  "legacyBrowsers": true
-}

package/dist/docs/.nojekyll

@@ -1 +0,0 @@
-TypeDoc added this file to prevent GitHub Pages from using Jekyll. You can turn off this behavior by setting the `githubPages` option to false.

package/dist/docs/README.md

@@ -1,72 +0,0 @@
-# Transmit Security Platform Web SDK
-
-A comprehensive browser-based identity and security solution for integrating with Mosaic's Fraud Prevention, WebAuthn authentication, Identity Verification, and Orchestration capabilities.
-
-## Installation
-
-```bash
-npm install @transmitsecurity/platform-web-sdk@^1
-```
-
-## Quick Start
-
-### Individual Module Imports (Recommended)
-
-✅ **Recommended**: Import only the modules you need for optimal bundle size and faster loading.
-
-```js
-import { drs, initialize } from '@transmitsecurity/platform-web-sdk/drs';
-import { webauthn } from '@transmitsecurity/platform-web-sdk/webauthn';
-
-await initialize({
-  clientId: 'your-client-id',
-  drs: { serverPath: 'https://api.transmitsecurity.io/risk-collect/' },
-  webauthn: { serverPath: 'https://api.transmitsecurity.io' }
-});
-
-// Use the modules
-await drs.triggerActionEvent('login', { correlationId: 'example' });
-const isSupported = await webauthn.isPlatformAuthenticatorSupported();
-```
-
-**Available individual imports**:
-```js
-// Fraud Prevention (DRS)
-import { drs, initialize } from '@transmitsecurity/platform-web-sdk/drs';
-
-// WebAuthn Authentication
-import { webauthn, initialize } from '@transmitsecurity/platform-web-sdk/webauthn';
-
-// Identity Verification (IDV)
-import { idv, initialize } from '@transmitsecurity/platform-web-sdk/idv';
-
-// Identity Orchestration (IDO)
-import { ido, initialize } from '@transmitsecurity/platform-web-sdk/ido';
-```
-
-### Full SDK Import
-
-Import the entire SDK if you need multiple modules or prefer a single import.
-
-```js
-import { drs, webauthn, idv, ido, initialize } from '@transmitsecurity/platform-web-sdk';
-
-// Single initialize call for all modules
-await initialize({
-  clientId: 'your-client-id',
-  drs: { serverPath: 'https://api.transmitsecurity.io/risk-collect/' },
-  webauthn: { serverPath: 'https://api.transmitsecurity.io' }
-});
-
-// Use the modules
-await drs.triggerActionEvent('login', { correlationId: 'example' });
-const isSupported = await webauthn.isPlatformAuthenticatorSupported();
-```
-
-## Documentation
-
-For complete documentation, visit: https://developer.transmitsecurity.com/sdk-ref/sdk_ref_intro/
-
-I## License
-
-SEE LICENSE IN LICENSE

package/dist/docs/enums/ErrorCode.md

@@ -1,113 +0,0 @@
-# Enumeration: ErrorCode
-
-## Enumeration Members
-
-### NotInitialized
-
-• **NotInitialized** = ``"not_initialized"``
-
-Either the SDK init call failed or another function was called before initializing the SDK
-
-___
-
-### AuthenticationFailed
-
-• **AuthenticationFailed** = ``"authentication_failed"``
-
-When the call to [startAuthentication](../interfaces/WebauthnApis.md#startauthentication) failed
-
-___
-
-### AuthenticationAbortedTimeout
-
-• **AuthenticationAbortedTimeout** = ``"authentication_aborted_timeout"``
-
-When [authenticate.modal](../interfaces/WebauthnAuthenticationFlows.md#modal) or [authenticate.autofill.activate](../interfaces/AutofillHandlers.md#activate) is called and the modal is closed by the user
-
-___
-
-### AuthenticationCanceled
-
-• **AuthenticationCanceled** = ``"webauthn_authentication_canceled"``
-
-When [register](../modules.md#register) is called and the modal is closed when reaching the timeout
-
-___
-
-### RegistrationFailed
-
-• **RegistrationFailed** = ``"registration_failed"``
-
-When the call to [startRegistration](../interfaces/WebauthnApis.md#startregistration) failed
-
-___
-
-### AlreadyRegistered
-
-• **AlreadyRegistered** = ``"username_already_registered"``
-
-/ When The user attempted to register an authenticator that contains one of the credentials already registered with the relying party.
-
-___
-
-### RegistrationAbortedTimeout
-
-• **RegistrationAbortedTimeout** = ``"registration_aborted_timeout"``
-
-When [register](../modules.md#register) is called and the modal is closed by the user
-
-___
-
-### RegistrationCanceled
-
-• **RegistrationCanceled** = ``"webauthn_registration_canceled"``
-
-When [register](../modules.md#register) is called and the modal is closed when reaching the timeout
-
-___
-
-### AutofillAuthenticationAborted
-
-• **AutofillAuthenticationAborted** = ``"autofill_authentication_aborted"``
-
-Passkey autofill authentication was aborted by [abort](../interfaces/AutofillHandlers.md#abort)
-
-___
-
-### AuthenticationProcessAlreadyActive
-
-• **AuthenticationProcessAlreadyActive** = ``"authentication_process_already_active"``
-
-Passkey authentication is already active. To start a new authentication, abort the current one first by calling [abort](../interfaces/AutofillHandlers.md#abort)
-
-___
-
-### InvalidApprovalData
-
-• **InvalidApprovalData** = ``"invalid_approval_data"``
-
-The ApprovalData parameter was sent in the wrong format
-
-___
-
-### FailedToInitCrossDeviceSession
-
-• **FailedToInitCrossDeviceSession** = ``"cross_device_init_failed"``
-
-When the call to [initCrossDeviceAuthentication](../interfaces/WebauthnApis.md#initcrossdeviceauthentication)  failed
-
-___
-
-### FailedToGetCrossDeviceStatus
-
-• **FailedToGetCrossDeviceStatus** = ``"cross_device_status_failed"``
-
-When the call to [getCrossDeviceTicketStatus](../interfaces/WebauthnApis.md#getcrossdeviceticketstatus)  failed
-
-___
-
-### Unknown
-
-• **Unknown** = ``"unknown"``
-
-When the SDK operation fails on an unhandled error

package/dist/docs/interfaces/ActionEventOptions.md

@@ -1,44 +0,0 @@
-# Interface: ActionEventOptions
-
-## Properties
-
-### correlationId
-
-• `Optional` **correlationId**: `string`
-
-Any ID that could help relate the action with external context or session
-
-___
-
-### claimedUserId
-
-• `Optional` **claimedUserId**: `string`
-
-User ID of the not yet authenticated user, used to enhance risk and
-trust assessments. Once the user is authenticated,
-TSAccountProtection.setAuthenticatedUser should be called.
-
-___
-
-### claimedUserIdType
-
-• `Optional` **claimedUserIdType**: `string`
-
-The reported claimedUserId type (if provided), should not contain PII unless it is hashed.
-Supported values: email, phone_number, account_id, ssn, national_id, passport_number, drivers_license_number, other.
-
-___
-
-### transactionData
-
-• `Optional` **transactionData**: `TransactionData`
-
-A transaction data-points object for transaction-monitoring
-
-___
-
-### customAttributes
-
-• `Optional` **customAttributes**: `Record`<`string`, `string` \| `number` \| `boolean`\>
-
-Custom attributes matching the schema previously defined in the Admin Portal

package/dist/docs/interfaces/ActionResponse.md

@@ -1,9 +0,0 @@
-# Interface: ActionResponse
-
-## Properties
-
-### actionToken
-
-• `Optional` **actionToken**: `string`
-
-The token return by the SDK when the action was reported

package/dist/docs/interfaces/AuthenticationAutofillActivateHandlers.md

@@ -1,61 +0,0 @@
-# Interface: AuthenticationAutofillActivateHandlers
-
-## Properties
-
-### onSuccess
-
-• **onSuccess**: (`webauthn_encoded_result`: `string`) => `Promise`<`void`\>
-
-#### Type declaration
-
-▸ (`webauthn_encoded_result`): `Promise`<`void`\>
-
-A Callback function that will be triggered once biometrics signing is completed successfully.
-
-##### Parameters
-
-| Name | Type |
-| :------ | :------ |
-| `webauthn_encoded_result` | `string` |
-
-##### Returns
-
-`Promise`<`void`\>
-
-___
-
-### onError
-
-• `Optional` **onError**: (`err`: [`SdkError`](SdkError.md)) => `Promise`<`void`\>
-
-#### Type declaration
-
-▸ (`err`): `Promise`<`void`\>
-
-A Callback function that will be triggered if authentication fails with an SdkError.
-
-##### Parameters
-
-| Name | Type |
-| :------ | :------ |
-| `err` | [`SdkError`](SdkError.md) |
-
-##### Returns
-
-`Promise`<`void`\>
-
-___
-
-### onReady
-
-• `Optional` **onReady**: () => `void`
-
-#### Type declaration
-
-▸ (): `void`
-
-A Callback function that will be triggered when challenge excepted from the service and autofill is ready to use.
-
-##### Returns
-
-`void`

package/dist/docs/interfaces/AutofillHandlers.md

@@ -1,50 +0,0 @@
-# Interface: AutofillHandlers
-
-## Methods
-
-### activate
-
-▸ **activate**(`handlers`, `username?`): `void`
-
-Invokes a WebAuthn authentication, including prompting the user to select from a list of registered credentials using autofill, and then prompting the user for biometrics. In order to prompt this credentials list, the autocomplete="username webauthn" attribute **must** be defined on the username input box of the authentication page.<br/>
-If authentication is completed successfully, the `onSuccess` callback will be triggered with the credential result, which is an object encoded as a base64 string. This encoded result should then be passed to the [backend authentication endpoint](/openapi/user/backend-webauthn/#operation/authenticateWebauthnCredential) to retrieve user tokens.<br/>
-If it fails, the `onError` callback will be triggered with an SdkError.
-
-**`Throws`**
-
-[NotInitialized](../enums/ErrorCode.md#notinitialized)
-
-**`Throws`**
-
-[AuthenticationFailed](../enums/ErrorCode.md#authenticationfailed)
-
-**`Throws`**
-
-[AuthenticationCanceled](../enums/ErrorCode.md#authenticationcanceled)
-
-**`Throws`**
-
-[AutofillAuthenticationAborted](../enums/ErrorCode.md#autofillauthenticationaborted)
-
-#### Parameters
-
-| Name | Type | Description |
-| :------ | :------ | :------ |
-| `handlers` | [`AuthenticationAutofillActivateHandlers`](AuthenticationAutofillActivateHandlers.md) | Handlers that will be invoked once the authentication is completed (success or failure) |
-| `username?` | `string` | Name of user account, as used in the WebAuthn registration. If not provided, the authentication will start without the context of a user and it will be inferred by the chosen passkey |
-
-#### Returns
-
-`void`
-
-___
-
-### abort
-
-▸ **abort**(): `void`
-
-Aborts a WebAuthn authentication. This method should be called after the passkey autofill is dismissed in order to be able to query existing passkeys once again. This will end the browser's  `navigator.credentials.get()` operation.
-
-#### Returns
-
-`void`

package/dist/docs/interfaces/CrossDeviceController.md

@@ -1,27 +0,0 @@
-# Interface: CrossDeviceController
-
-WebAuthn cross device handlers interfaces
-
-## Properties
-
-### crossDeviceTicketId
-
-• **crossDeviceTicketId**: `string`
-
-Ticket ID for this cross-device flow.
-
-___
-
-### stop
-
-• **stop**: () => `void`
-
-#### Type declaration
-
-▸ (): `void`
-
-Stops listening for events from devices in cross-device flows
-
-##### Returns
-
-`void`

package/dist/docs/interfaces/SdkError.md

@@ -1,28 +0,0 @@
-# Interface: SdkError
-
-Common interface for `Promise` rejections.
-Developers should handle according to the `errorCode`
-
-## Properties
-
-### errorCode
-
-• `Readonly` **errorCode**: [`ErrorCode`](../enums/ErrorCode.md)
-
-Error code from [ErrorCode](../enums/ErrorCode.md)
-
-___
-
-### message
-
-• `Readonly` **message**: `string`
-
-Error message
-
-___
-
-### data
-
-• `Optional` `Readonly` **data**: `any`
-
-Additional data

package/dist/docs/interfaces/WebauthnApis.md

@@ -1,73 +0,0 @@
-# Interface: WebauthnApis
-
-Alternate paths used by the SDK to route API calls to your proxy server.
-
-## Properties
-
-### startAuthentication
-
-• **startAuthentication**: `string`
-
-**`Default Value`**
-
-`/v1/auth/webauthn/authenticate/start`
-
-___
-
-### startRegistration
-
-• **startRegistration**: `string`
-
-**`Default Value`**
-
-`/v1/auth/webauthn/register/start`
-
-___
-
-### startCrossDeviceRegistration
-
-• **startCrossDeviceRegistration**: `string`
-
-**`Default Value`**
-
-`/v1/auth/webauthn/cross-device/register/start`
-
-___
-
-### initCrossDeviceAuthentication
-
-• **initCrossDeviceAuthentication**: `string`
-
-**`Default Value`**
-
-`/v1/auth/webauthn/cross-device/authenticate/init`
-
-___
-
-### startCrossDeviceAuthentication
-
-• **startCrossDeviceAuthentication**: `string`
-
-**`Default Value`**
-
-`/v1/auth/webauthn/cross-device/authenticate/start`
-
-___
-
-### getCrossDeviceTicketStatus
-
-• **getCrossDeviceTicketStatus**: `string`
-
-**`Default Value`**
-
-`/v1/auth/webauthn/cross-device/status`
-
-___
-
-### attachDeviceToCrossDeviceSession
-
-• **attachDeviceToCrossDeviceSession**: `string`
-
-**`Default Value`**
-
-`/v1/auth/webauthn/cross-device/attach-device`

package/dist/docs/interfaces/WebauthnAuthenticationFlows.md

@@ -1,52 +0,0 @@
-# Interface: WebauthnAuthenticationFlows
-
-## Methods
-
-### modal
-
-▸ **modal**(`username?`, `options?`): `Promise`<`string`\>
-
-Invokes a WebAuthn authentication, including prompting the user to select from a list of registered credentials, and then prompting the user for biometrics. The credentials list is displayed using the native browser modal.<br/>
-If username isn't provided, it will promote a modal with a list of all discoverable credentials on the device. If username is provided, this call must be invoked for a registered username. If the target username is not registered or in case of any other failure, an SdkError will be thrown.<br/>
-If authentication is completed successfully, this call will return a promise that resolves to the credential result, which is an object encoded as a base64 string. This encoded result should then be passed to the [backend authentication endpoint](/openapi/user/backend-webauthn/#operation/authenticateWebauthnCredential) to retrieve user tokens.<br/>
-
-**`Throws`**
-
-[NotInitialized](../enums/ErrorCode.md#notinitialized)
-
-**`Throws`**
-
-[AuthenticationFailed](../enums/ErrorCode.md#authenticationfailed)
-
-**`Throws`**
-
-[AuthenticationCanceled](../enums/ErrorCode.md#authenticationcanceled)
-
-**`Throws`**
-
-[InvalidApprovalData](../enums/ErrorCode.md#invalidapprovaldata)
-
-**`Throws`**
-
-[AuthenticationProcessAlreadyActive](../enums/ErrorCode.md#authenticationprocessalreadyactive)
-
-#### Parameters
-
-| Name | Type | Description |
-| :------ | :------ | :------ |
-| `username?` | `string` | Name of user account, as used in the WebAuthn registration. If not provided, the authentication will start without the context of a user and it will be inferred by the chosen passkey |
-| `options?` | `WebauthnAuthenticationOptions` | WebauthnAuthenticationOptions Options for the authentication process |
-
-#### Returns
-
-`Promise`<`string`\>
-
-Base64-encoded object, which contains the credential result. This encoded result will be used to fetch user tokens via the [backend authentication endpoint](/openapi/user/backend-webauthn/#operation/authenticateWebauthnCredential).
-
-## Properties
-
-### autofill
-
-• **autofill**: [`AutofillHandlers`](AutofillHandlers.md)
-
-Property used to implement credential selection via autofill UI.