@truly-you/trulyyou-web-sdk 0.1.17 → 0.1.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/index.esm.js +1 -1
  2. package/dist/index.esm.js.map +1 -1
  3. package/dist/index.js +1 -1
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.umd.js +1 -1
  6. package/dist/index.umd.js.map +1 -1
  7. package/dist/sdk/TrulyYouSDK.d.ts +12 -0
  8. package/package.json +1 -1
  9. package/src/sdk/TrulyYouSDK.ts +74 -10
package/dist/sdk/TrulyYouSDK.d.ts CHANGED
@@ -17,8 +17,14 @@ export declare class TrulyYouSDK {
17
17
  private getKeyIdByAuthFlowId;
18
18
  /**
19
19
  * Fetch app branding from SDK backend
20
+ * Returns true if authFlowId was successfully loaded
20
21
  */
21
22
  private fetchBranding;
23
+ /**
24
+ * Ensure authFlowId is loaded before proceeding with signing operations
25
+ * Throws error if authFlowId cannot be loaded
26
+ */
27
+ private ensureAuthFlowIdLoaded;
22
28
  /**
23
29
  * Generate QR code with app icon overlaid in center
24
30
  */
@@ -45,6 +51,7 @@ export declare class TrulyYouSDK {
45
51
  /**
46
52
  * Probe iframe to check if key exists in iframe's localStorage
47
53
  * Also checks backend to verify key exists and is active
54
+ * REQUIRES authFlowId to be loaded first
48
55
  */
49
56
  private probeIframeForKey;
50
57
  /**
@@ -74,4 +81,9 @@ export declare class TrulyYouSDK {
74
81
  * Fetch with automatic payload signing
75
82
  */
76
83
  fetchWithSignature(url: string, options?: FetchOptions): Promise<FetchResult>;
84
+ /**
85
+ * Public method to probe for keyId - checks localStorage first, then probes TrulyYou frontend via iframe
86
+ * Returns the keyId if found, null otherwise
87
+ */
88
+ probeForKeyId(): Promise<string | null>;
77
89
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@truly-you/trulyyou-web-sdk",
3
- "version": "0.1.17",
3
+ "version": "0.1.19",
4
4
  "description": "TrulyYou Web SDK for secure authentication and payload signing",
5
5
  "type": "module",
6
6
  "main": "dist/index.esm.js",
package/src/sdk/TrulyYouSDK.ts CHANGED
@@ -63,9 +63,13 @@ export class TrulyYouSDK {
63
63
 
64
64
  /**
65
65
  * Fetch app branding from SDK backend
66
+ * Returns true if authFlowId was successfully loaded
66
67
  */
67
- private async fetchBranding(): Promise<void> {
68
- if (!this.authAppId) return
68
+ private async fetchBranding(): Promise<boolean> {
69
+ if (!this.authAppId) {
70
+ console.warn('[SDK]: Cannot fetch branding - authAppId not configured')
71
+ return false
72
+ }
69
73
 
70
74
  try {
71
75
  // Call SDK backend API directly
@@ -88,13 +92,37 @@ export class TrulyYouSDK {
88
92
  authFlowId: app.authFlowId
89
93
  }
90
94
  console.log('[SDK]: Branding and authFlowId fetched and cached:', this.brandingCache)
95
+ return !!app.authFlowId
91
96
  }
92
97
  }
98
+ console.warn('[SDK]: Failed to fetch branding - response not ok or missing app data')
99
+ return false
93
100
  } catch (error) {
94
101
  console.warn('[SDK]: Error fetching branding:', error)
102
+ return false
95
103
  }
96
104
  }
97
105
 
106
+ /**
107
+ * Ensure authFlowId is loaded before proceeding with signing operations
108
+ * Throws error if authFlowId cannot be loaded
109
+ */
110
+ private async ensureAuthFlowIdLoaded(): Promise<void> {
111
+ if (this.brandingCache?.authFlowId) {
112
+ console.log('[SDK]: authFlowId already loaded:', this.brandingCache.authFlowId)
113
+ return
114
+ }
115
+
116
+ console.log('[SDK]: authFlowId not yet loaded, fetching branding...')
117
+ const success = await this.fetchBranding()
118
+
119
+ if (!success || !this.brandingCache?.authFlowId) {
120
+ throw new Error('authFlowId is required for signing but not available. Please check that your app configuration includes an authFlowId.')
121
+ }
122
+
123
+ console.log('[SDK]: authFlowId loaded successfully:', this.brandingCache.authFlowId)
124
+ }
125
+
98
126
  /**
99
127
  * Generate QR code with app icon overlaid in center
100
128
  */
@@ -279,8 +307,17 @@ export class TrulyYouSDK {
279
307
  /**
280
308
  * Probe iframe to check if key exists in iframe's localStorage
281
309
  * Also checks backend to verify key exists and is active
310
+ * REQUIRES authFlowId to be loaded first
282
311
  */
283
312
  private async probeIframeForKey(): Promise<string | null> {
313
+ // Ensure authFlowId is loaded before probing
314
+ await this.ensureAuthFlowIdLoaded()
315
+
316
+ if (!this.brandingCache?.authFlowId) {
317
+ console.error('[SDK-PROBE]: authFlowId is required but not available after fetch')
318
+ return null
319
+ }
320
+
284
321
  return new Promise((resolve) => {
285
322
  try {
286
323
  const origin = window.location.origin
@@ -292,13 +329,10 @@ export class TrulyYouSDK {
292
329
  probeUrl.searchParams.set('probe', 'true')
293
330
  probeUrl.searchParams.set('origin', origin)
294
331
 
295
- // Add authFlowId if available from branding cache
296
- if (this.brandingCache?.authFlowId) {
297
- probeUrl.searchParams.set('authFlowId', this.brandingCache.authFlowId)
298
- console.log('[SDK-PROBE]: Adding authFlowId to probe:', this.brandingCache.authFlowId)
299
- } else {
300
- console.log('[SDK-PROBE]: No authFlowId available in cache, will check for any key')
301
- }
332
+ // Add authFlowId (guaranteed to exist now after ensureAuthFlowIdLoaded)
333
+ const authFlowId = this.brandingCache!.authFlowId!
334
+ probeUrl.searchParams.set('authFlowId', authFlowId)
335
+ console.log('[SDK-PROBE]: Adding authFlowId to probe:', authFlowId)
302
336
 
303
337
  iframe.src = probeUrl.toString()
304
338
 
@@ -1663,7 +1697,7 @@ export class TrulyYouSDK {
1663
1697
  }
1664
1698
 
1665
1699
  // Step 2: Mobile device - use existing keyId if provided, otherwise probe
1666
- let keyId = existingKeyId
1700
+ let keyId: string | null | undefined = existingKeyId
1667
1701
 
1668
1702
  if (!keyId) {
1669
1703
  console.log('[SDK]: Mobile device detected, probing iframe for existing key...')
@@ -1701,6 +1735,9 @@ export class TrulyYouSDK {
1701
1735
  url: string,
1702
1736
  options: FetchOptions = {}
1703
1737
  ): Promise<FetchResult> {
1738
+ // Ensure authFlowId is loaded before any signing operations
1739
+ await this.ensureAuthFlowIdLoaded()
1740
+
1704
1741
  // Declare signatureId at function scope so it's accessible in catch block
1705
1742
  let signatureId: string | undefined = undefined
1706
1743
  try {
@@ -1847,5 +1884,32 @@ export class TrulyYouSDK {
1847
1884
  throw error
1848
1885
  }
1849
1886
  }
1887
+
1888
+ /**
1889
+ * Public method to probe for keyId - checks localStorage first, then probes TrulyYou frontend via iframe
1890
+ * Returns the keyId if found, null otherwise
1891
+ */
1892
+ async probeForKeyId(): Promise<string | null> {
1893
+ // Ensure authFlowId is loaded first
1894
+ await this.ensureAuthFlowIdLoaded()
1895
+
1896
+ if (!this.brandingCache?.authFlowId) {
1897
+ console.warn('[SDK-PROBE]: authFlowId is required but not available')
1898
+ return null
1899
+ }
1900
+
1901
+ const authFlowId = this.brandingCache.authFlowId
1902
+
1903
+ // First, check localStorage (same origin - this app's localStorage)
1904
+ const keyIdFromStorage = this.getKeyIdByAuthFlowId(authFlowId)
1905
+ if (keyIdFromStorage) {
1906
+ console.log('[SDK-PROBE]: Found keyId in same-origin localStorage')
1907
+ return keyIdFromStorage
1908
+ }
1909
+
1910
+ // If not found in same-origin localStorage, probe TrulyYou frontend's localStorage via iframe
1911
+ console.log('[SDK-PROBE]: KeyId not found in same-origin localStorage, probing TrulyYou frontend...')
1912
+ return await this.probeIframeForKey()
1913
+ }
1850
1914
  }
1851
1915