@truly-you/trulyyou-web-sdk 0.1.0

package/dist/sdk/TrulyYouSDK.d.ts

@@ -0,0 +1,77 @@
+import { TrulyYouSDKConfig, FetchOptions, SigningResult, FetchResult } from '../types';
+export declare class TrulyYouSDK {
+    private config;
+    private frontendUrl;
+    private apiUrl;
+    private authAppId;
+    private invisible;
+    private targetElement;
+    private brandingCache;
+    private realtimeUrl;
+    private mockMobileDevice;
+    constructor(config: TrulyYouSDKConfig);
+    /**
+     * Fetch app branding from SDK backend
+     */
+    private fetchBranding;
+    /**
+     * Generate QR code with app icon overlaid in center
+     */
+    private generateQRCodeWithIcon;
+    private getDefaultFrontendUrl;
+    private getDefaultApiUrl;
+    /**
+     * Detect if running on iOS device
+     */
+    private isIOSDevice;
+    /**
+     * Detect if running on Safari browser
+     */
+    private isSafariBrowser;
+    /**
+     * Detect if running on desktop device (not just viewport-based)
+     * Returns false if mockMobileDevice is enabled (treats as mobile)
+     */
+    private isDesktopDevice;
+    /**
+     * Resolve target element from string selector or HTMLElement
+     */
+    private resolveTargetElement;
+    /**
+     * Probe iframe to check if key exists in iframe's localStorage
+     * Also checks backend to verify key exists and is active
+     */
+    private probeIframeForKey;
+    /**
+     * Lightweight API call to check if key exists and is active in backend
+     * Calls SDK frontend which proxies to SDK backend
+     */
+    private checkKeyStatus;
+    /**
+     * Open enrollment popup and wait for completion
+     */
+    private enrollWithPopup;
+    /**
+     * Sign with iframe (mobile device)
+     */
+    private signWithIframe;
+    /**
+     * Sign with WebSocket handoff (desktop device)
+     */
+    private signWithWebSocketHandoff;
+    /**
+     * Sign a payload with WebAuthn without a server-generated challenge
+     * Encodes the payload directly as the challenge
+     * Uses iframe to extract key from iframe's localStorage, not host
+     */
+    signPayload(apiCallStructure: {
+        body: any;
+        uri: string;
+        method: string;
+        headers?: any;
+    }, signatureId?: string): Promise<SigningResult>;
+    /**
+     * Fetch with automatic payload signing
+     */
+    fetchWithSignature(url: string, options?: FetchOptions): Promise<FetchResult>;
+}

package/dist/types.d.ts

@@ -0,0 +1,36 @@
+export interface TrulyYouSDKConfig {
+    frontendUrl?: string;
+    apiUrl?: string;
+    appId?: string;
+    authAppId?: string;
+    invisible?: boolean;
+    targetElement?: string | HTMLElement;
+    spinnerColor?: string;
+    spinnerBgColor?: string;
+    spinnerTextColor?: string;
+    realtimeUrl?: string;
+    mockMobileDevice?: boolean;
+    pusherAppKey?: string;
+    pusherConfig?: {
+        wsHost?: string;
+        wsPort?: number;
+        cluster?: string;
+        forceTLS?: boolean;
+        encrypted?: boolean;
+        disableStats?: boolean;
+        enabledTransports?: string[];
+    };
+}
+export interface FetchOptions extends RequestInit {
+    headers?: Record<string, string>;
+}
+export interface SigningResult {
+    signature: string;
+    keyId: string;
+    signatureId?: string;
+}
+export interface FetchResult {
+    response: Response;
+    signature?: string;
+    signatureId?: string;
+}

package/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "@truly-you/trulyyou-web-sdk",
+  "version": "0.1.0",
+  "description": "TrulyYou Web SDK for secure authentication and payload signing",
+  "type": "module",
+  "main": "dist/index.esm.js",
+  "module": "dist/index.esm.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.esm.js",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "scripts": {
+    "build": "rollup -c",
+    "dev": "rollup -c -w",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "trulyyou",
+    "authentication",
+    "webauthn",
+    "passkey",
+    "signing"
+  ],
+  "author": "Mona",
+  "license": "MIT",
+  "devDependencies": {
+    "@rollup/plugin-commonjs": "^25.0.7",
+    "@rollup/plugin-node-resolve": "^15.2.3",
+    "@rollup/plugin-typescript": "^11.1.6",
+    "@rollup/plugin-terser": "^0.4.4",
+    "@types/node": "^20.10.0",
+    "rollup": "^4.6.0",
+    "typescript": "^5.3.3"
+  },
+  "dependencies": {
+    "pusher-js": "^8.4.0-rc2"
+  }
+}
+

package/rollup.config.js

@@ -0,0 +1,58 @@
+import resolve from '@rollup/plugin-node-resolve';
+import commonjs from '@rollup/plugin-commonjs';
+import typescript from '@rollup/plugin-typescript';
+import terser from '@rollup/plugin-terser';
+
+const isDevelopment = process.env.NODE_ENV === 'development';
+
+const baseConfig = {
+  input: 'src/index.ts',
+  plugins: [
+    resolve({
+      browser: true,
+      preferBuiltins: false
+    }),
+    commonjs(),
+    typescript({
+      tsconfig: './tsconfig.json',
+      declaration: true,
+      declarationDir: 'dist'
+    }),
+    !isDevelopment && terser()
+  ].filter(Boolean)
+};
+
+export default [
+  // CommonJS build
+  {
+    ...baseConfig,
+    output: {
+      file: 'dist/index.js',
+      format: 'cjs',
+      sourcemap: true,
+      exports: 'auto'
+    }
+  },
+  
+  // ES Module build
+  {
+    ...baseConfig,
+    output: {
+      file: 'dist/index.esm.js',
+      format: 'es',
+      sourcemap: true
+    }
+  },
+  
+  // UMD build for script tags
+  {
+    ...baseConfig,
+    output: {
+      file: 'dist/index.umd.js',
+      format: 'umd',
+      name: 'TrulyYouSDK',
+      sourcemap: true
+    }
+  }
+];
+

package/src/index.ts

@@ -0,0 +1,3 @@
+export { TrulyYouSDK } from './sdk/TrulyYouSDK'
+export * from './types'
+