@trymellon/js 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.MD +608 -0
- package/dist/angular.cjs +3 -0
- package/dist/angular.cjs.map +1 -0
- package/dist/angular.d.cts +13 -0
- package/dist/angular.d.ts +13 -0
- package/dist/angular.js +3 -0
- package/dist/angular.js.map +1 -0
- package/dist/index.cjs +3 -0
- package/dist/index.cjs.map +1 -0
- package/dist/index.d.cts +421 -0
- package/dist/index.d.ts +421 -0
- package/dist/index.global.js +3 -0
- package/dist/index.global.js.map +1 -0
- package/dist/index.js +3 -0
- package/dist/index.js.map +1 -0
- package/dist/react.cjs +3 -0
- package/dist/react.cjs.map +1 -0
- package/dist/react.d.cts +25 -0
- package/dist/react.d.ts +25 -0
- package/dist/react.js +3 -0
- package/dist/react.js.map +1 -0
- package/dist/trymellon-Ca4kob_K.d.cts +364 -0
- package/dist/trymellon-Ca4kob_K.d.ts +364 -0
- package/dist/vue.cjs +3 -0
- package/dist/vue.cjs.map +1 -0
- package/dist/vue.d.cts +22 -0
- package/dist/vue.d.ts +22 -0
- package/dist/vue.js +3 -0
- package/dist/vue.js.map +1 -0
- package/package.json +121 -0
|
@@ -0,0 +1,364 @@
|
|
|
1
|
+
type Result<T, E> = {
|
|
2
|
+
ok: true;
|
|
3
|
+
value: T;
|
|
4
|
+
} | {
|
|
5
|
+
ok: false;
|
|
6
|
+
error: E;
|
|
7
|
+
};
|
|
8
|
+
|
|
9
|
+
type TryMellonErrorCode = 'NOT_SUPPORTED' | 'USER_CANCELLED' | 'PASSKEY_NOT_FOUND' | 'SESSION_EXPIRED' | 'NETWORK_FAILURE' | 'INVALID_ARGUMENT' | 'TIMEOUT' | 'ABORTED' | 'UNKNOWN_ERROR';
|
|
10
|
+
declare class TryMellonError extends Error {
|
|
11
|
+
readonly code: TryMellonErrorCode;
|
|
12
|
+
readonly details?: unknown;
|
|
13
|
+
readonly isTryMellonError = true;
|
|
14
|
+
constructor(code: TryMellonErrorCode, message: string, details?: unknown);
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
interface HttpClient {
|
|
18
|
+
get<T>(url: string, headers?: Record<string, string>): Promise<Result<T, TryMellonError>>;
|
|
19
|
+
post<T>(url: string, body: unknown, headers?: Record<string, string>): Promise<Result<T, TryMellonError>>;
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
interface Logger {
|
|
23
|
+
debug(message: string, meta?: Record<string, unknown>): void;
|
|
24
|
+
info(message: string, meta?: Record<string, unknown>): void;
|
|
25
|
+
warn(message: string, meta?: Record<string, unknown>): void;
|
|
26
|
+
error(message: string, meta?: Record<string, unknown>): void;
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
type TelemetryEvent = 'register' | 'authenticate';
|
|
30
|
+
type TelemetryPayload = {
|
|
31
|
+
event: TelemetryEvent;
|
|
32
|
+
latencyMs: number;
|
|
33
|
+
ok: true;
|
|
34
|
+
};
|
|
35
|
+
interface TelemetrySender {
|
|
36
|
+
send(payload: TelemetryPayload): Promise<void>;
|
|
37
|
+
}
|
|
38
|
+
|
|
39
|
+
type TryMellonConfig = {
|
|
40
|
+
/** Application identifier (tenant). Required for API requests. */
|
|
41
|
+
appId: string;
|
|
42
|
+
/** API key for authentication. Required for API requests. */
|
|
43
|
+
publishableKey: string;
|
|
44
|
+
apiBaseUrl?: string;
|
|
45
|
+
timeoutMs?: number;
|
|
46
|
+
maxRetries?: number;
|
|
47
|
+
retryDelayMs?: number;
|
|
48
|
+
/** Optional logger for request/error correlation (e.g. requestId). */
|
|
49
|
+
logger?: Logger;
|
|
50
|
+
/** If true, send anonymous telemetry (event + latency) after successful register/authenticate. */
|
|
51
|
+
enableTelemetry?: boolean;
|
|
52
|
+
/** Custom telemetry sender; used when enableTelemetry is true. Defaults to TryMellon endpoint. */
|
|
53
|
+
telemetrySender?: TelemetrySender;
|
|
54
|
+
/** Endpoint for default telemetry sender when enableTelemetry is true and telemetrySender not set. */
|
|
55
|
+
telemetryEndpoint?: string;
|
|
56
|
+
};
|
|
57
|
+
type RegisterOptions = {
|
|
58
|
+
/** User identifier (recommended: camelCase). */
|
|
59
|
+
externalUserId?: string;
|
|
60
|
+
/** User identifier (snake_case alias). */
|
|
61
|
+
external_user_id?: string;
|
|
62
|
+
authenticatorType?: 'platform' | 'cross-platform';
|
|
63
|
+
signal?: AbortSignal;
|
|
64
|
+
};
|
|
65
|
+
type RegisterResult = {
|
|
66
|
+
success: true;
|
|
67
|
+
credential_id: string;
|
|
68
|
+
status: string;
|
|
69
|
+
session_token: string;
|
|
70
|
+
user: {
|
|
71
|
+
user_id: string;
|
|
72
|
+
external_user_id: string;
|
|
73
|
+
email?: string;
|
|
74
|
+
metadata?: Record<string, unknown>;
|
|
75
|
+
};
|
|
76
|
+
};
|
|
77
|
+
type AuthenticateOptions = {
|
|
78
|
+
/** User identifier (recommended: camelCase). */
|
|
79
|
+
externalUserId?: string;
|
|
80
|
+
/** User identifier (snake_case alias). */
|
|
81
|
+
external_user_id?: string;
|
|
82
|
+
hint?: string;
|
|
83
|
+
signal?: AbortSignal;
|
|
84
|
+
/** Conditional UI mediation for passkey autofill / conditional UI. */
|
|
85
|
+
mediation?: 'optional' | 'conditional' | 'required';
|
|
86
|
+
};
|
|
87
|
+
type AuthenticateResult = {
|
|
88
|
+
authenticated: boolean;
|
|
89
|
+
session_token: string;
|
|
90
|
+
user: {
|
|
91
|
+
user_id: string;
|
|
92
|
+
external_user_id: string;
|
|
93
|
+
email?: string;
|
|
94
|
+
metadata?: Record<string, unknown>;
|
|
95
|
+
};
|
|
96
|
+
signals: {
|
|
97
|
+
userVerification?: boolean;
|
|
98
|
+
backupEligible?: boolean;
|
|
99
|
+
backupStatus?: boolean;
|
|
100
|
+
};
|
|
101
|
+
};
|
|
102
|
+
type ClientStatus = {
|
|
103
|
+
isPasskeySupported: boolean;
|
|
104
|
+
platformAuthenticatorAvailable: boolean;
|
|
105
|
+
recommendedFlow: 'passkey' | 'fallback';
|
|
106
|
+
};
|
|
107
|
+
type TryMellonEvent = 'start' | 'success' | 'error' | 'cancelled';
|
|
108
|
+
type EventPayload = {
|
|
109
|
+
type: 'start';
|
|
110
|
+
operation: 'register' | 'authenticate';
|
|
111
|
+
} | {
|
|
112
|
+
type: 'success';
|
|
113
|
+
operation: 'register' | 'authenticate';
|
|
114
|
+
} | {
|
|
115
|
+
type: 'error';
|
|
116
|
+
error: TryMellonError;
|
|
117
|
+
} | {
|
|
118
|
+
type: 'cancelled';
|
|
119
|
+
operation: 'register' | 'authenticate';
|
|
120
|
+
};
|
|
121
|
+
type EventHandler = (payload: EventPayload) => void;
|
|
122
|
+
type EmailFallbackStartOptions = {
|
|
123
|
+
userId: string;
|
|
124
|
+
};
|
|
125
|
+
type EmailFallbackVerifyOptions = {
|
|
126
|
+
userId: string;
|
|
127
|
+
code: string;
|
|
128
|
+
};
|
|
129
|
+
type EmailFallbackVerifyResult = {
|
|
130
|
+
sessionToken: string;
|
|
131
|
+
};
|
|
132
|
+
type OnboardingStartOptions = {
|
|
133
|
+
user_role: 'maintainer' | 'app_user';
|
|
134
|
+
};
|
|
135
|
+
type OnboardingCompleteResult = {
|
|
136
|
+
session_id: string;
|
|
137
|
+
status: 'completed';
|
|
138
|
+
user_id: string;
|
|
139
|
+
tenant_id: string;
|
|
140
|
+
session_token: string;
|
|
141
|
+
};
|
|
142
|
+
type RegisterStartRequest = {
|
|
143
|
+
external_user_id: string;
|
|
144
|
+
};
|
|
145
|
+
type AuthStartRequest = {
|
|
146
|
+
external_user_id: string;
|
|
147
|
+
};
|
|
148
|
+
type RegisterFinishRequest = {
|
|
149
|
+
session_id: string;
|
|
150
|
+
credential: {
|
|
151
|
+
id: string;
|
|
152
|
+
rawId: string;
|
|
153
|
+
response: {
|
|
154
|
+
clientDataJSON: string;
|
|
155
|
+
attestationObject: string;
|
|
156
|
+
};
|
|
157
|
+
type: 'public-key';
|
|
158
|
+
};
|
|
159
|
+
};
|
|
160
|
+
type AuthFinishRequest = {
|
|
161
|
+
session_id: string;
|
|
162
|
+
credential: {
|
|
163
|
+
id: string;
|
|
164
|
+
rawId: string;
|
|
165
|
+
response: {
|
|
166
|
+
authenticatorData: string;
|
|
167
|
+
clientDataJSON: string;
|
|
168
|
+
signature: string;
|
|
169
|
+
userHandle?: string;
|
|
170
|
+
};
|
|
171
|
+
type: 'public-key';
|
|
172
|
+
};
|
|
173
|
+
};
|
|
174
|
+
type RegisterStartResponse = {
|
|
175
|
+
challenge: {
|
|
176
|
+
rp: {
|
|
177
|
+
name: string;
|
|
178
|
+
id: string;
|
|
179
|
+
};
|
|
180
|
+
user: {
|
|
181
|
+
id: string;
|
|
182
|
+
name: string;
|
|
183
|
+
displayName: string;
|
|
184
|
+
};
|
|
185
|
+
challenge: string;
|
|
186
|
+
pubKeyCredParams: Array<{
|
|
187
|
+
type: 'public-key';
|
|
188
|
+
alg: number;
|
|
189
|
+
}>;
|
|
190
|
+
timeout?: number;
|
|
191
|
+
excludeCredentials?: Array<{
|
|
192
|
+
id: string;
|
|
193
|
+
type: 'public-key';
|
|
194
|
+
transports?: string[];
|
|
195
|
+
}>;
|
|
196
|
+
authenticatorSelection?: {
|
|
197
|
+
userVerification?: 'required' | 'preferred' | 'discouraged';
|
|
198
|
+
residentKey?: 'required' | 'preferred' | 'discouraged';
|
|
199
|
+
authenticatorAttachment?: 'platform' | 'cross-platform';
|
|
200
|
+
};
|
|
201
|
+
};
|
|
202
|
+
session_id: string;
|
|
203
|
+
};
|
|
204
|
+
type AuthStartResponse = {
|
|
205
|
+
challenge: {
|
|
206
|
+
challenge: string;
|
|
207
|
+
rpId: string;
|
|
208
|
+
allowCredentials: Array<{
|
|
209
|
+
id: string;
|
|
210
|
+
type: 'public-key';
|
|
211
|
+
transports?: string[];
|
|
212
|
+
}>;
|
|
213
|
+
timeout?: number;
|
|
214
|
+
userVerification?: 'required' | 'preferred' | 'discouraged';
|
|
215
|
+
};
|
|
216
|
+
session_id: string;
|
|
217
|
+
};
|
|
218
|
+
type RegisterFinishResponse = {
|
|
219
|
+
credential_id: string;
|
|
220
|
+
status: string;
|
|
221
|
+
session_token: string;
|
|
222
|
+
user: {
|
|
223
|
+
user_id: string;
|
|
224
|
+
external_user_id: string;
|
|
225
|
+
email?: string;
|
|
226
|
+
metadata?: Record<string, unknown>;
|
|
227
|
+
};
|
|
228
|
+
};
|
|
229
|
+
type AuthFinishResponse = {
|
|
230
|
+
authenticated: boolean;
|
|
231
|
+
user: {
|
|
232
|
+
user_id: string;
|
|
233
|
+
external_user_id: string;
|
|
234
|
+
email?: string;
|
|
235
|
+
metadata?: Record<string, unknown>;
|
|
236
|
+
};
|
|
237
|
+
signals: {
|
|
238
|
+
userVerification?: boolean;
|
|
239
|
+
backupEligible?: boolean;
|
|
240
|
+
backupStatus?: boolean;
|
|
241
|
+
};
|
|
242
|
+
session_token: string;
|
|
243
|
+
};
|
|
244
|
+
type SessionValidateResponse = {
|
|
245
|
+
valid: boolean;
|
|
246
|
+
user_id: string;
|
|
247
|
+
external_user_id: string;
|
|
248
|
+
tenant_id: string;
|
|
249
|
+
app_id: string;
|
|
250
|
+
};
|
|
251
|
+
type OnboardingStartRequest = {
|
|
252
|
+
user_role: 'maintainer' | 'app_user';
|
|
253
|
+
};
|
|
254
|
+
type OnboardingStartResponse = {
|
|
255
|
+
session_id: string;
|
|
256
|
+
onboarding_url: string;
|
|
257
|
+
expires_in: number;
|
|
258
|
+
};
|
|
259
|
+
type OnboardingStatusResponse = {
|
|
260
|
+
status: 'pending_passkey' | 'pending_data' | 'completed';
|
|
261
|
+
onboarding_url: string;
|
|
262
|
+
expires_in: number;
|
|
263
|
+
};
|
|
264
|
+
type OnboardingRegisterResponse = {
|
|
265
|
+
session_id: string;
|
|
266
|
+
status: 'pending_passkey';
|
|
267
|
+
onboarding_url: string;
|
|
268
|
+
};
|
|
269
|
+
type OnboardingRegisterPasskeyRequest = {
|
|
270
|
+
credential: {
|
|
271
|
+
id: string;
|
|
272
|
+
rawId: string;
|
|
273
|
+
response: {
|
|
274
|
+
clientDataJSON: string;
|
|
275
|
+
attestationObject: string;
|
|
276
|
+
};
|
|
277
|
+
type: 'public-key';
|
|
278
|
+
};
|
|
279
|
+
tenant_id?: string;
|
|
280
|
+
challenge: string;
|
|
281
|
+
};
|
|
282
|
+
type OnboardingRegisterPasskeyResponse = {
|
|
283
|
+
session_id: string;
|
|
284
|
+
status: 'pending_data' | 'completed';
|
|
285
|
+
user_id: string;
|
|
286
|
+
tenant_id: string;
|
|
287
|
+
};
|
|
288
|
+
type OnboardingCompleteRequest = {
|
|
289
|
+
company_name?: string;
|
|
290
|
+
};
|
|
291
|
+
type OnboardingCompleteResponse = {
|
|
292
|
+
session_id: string;
|
|
293
|
+
status: 'completed';
|
|
294
|
+
user_id: string;
|
|
295
|
+
tenant_id: string;
|
|
296
|
+
session_token: string;
|
|
297
|
+
};
|
|
298
|
+
|
|
299
|
+
/** Response may include optional challenge for same-device passkey registration */
|
|
300
|
+
type OnboardingRegisterResponseWithChallenge = OnboardingRegisterResponse & {
|
|
301
|
+
challenge?: RegisterStartResponse['challenge'];
|
|
302
|
+
};
|
|
303
|
+
|
|
304
|
+
declare class ApiClient {
|
|
305
|
+
private readonly httpClient;
|
|
306
|
+
private readonly baseUrl;
|
|
307
|
+
private readonly defaultHeaders;
|
|
308
|
+
constructor(httpClient: HttpClient, baseUrl: string, defaultHeaders?: Record<string, string>);
|
|
309
|
+
private mergeHeaders;
|
|
310
|
+
private post;
|
|
311
|
+
private get;
|
|
312
|
+
startRegister(request: RegisterStartRequest): Promise<Result<RegisterStartResponse, TryMellonError>>;
|
|
313
|
+
startAuth(request: AuthStartRequest): Promise<Result<AuthStartResponse, TryMellonError>>;
|
|
314
|
+
finishRegister(request: RegisterFinishRequest): Promise<Result<RegisterFinishResponse, TryMellonError>>;
|
|
315
|
+
finishAuth(request: AuthFinishRequest): Promise<Result<AuthFinishResponse, TryMellonError>>;
|
|
316
|
+
validateSession(sessionToken: string): Promise<Result<SessionValidateResponse, TryMellonError>>;
|
|
317
|
+
startEmailFallback(userId: string): Promise<Result<void, TryMellonError>>;
|
|
318
|
+
verifyEmailCode(userId: string, code: string): Promise<Result<{
|
|
319
|
+
sessionToken: string;
|
|
320
|
+
}, TryMellonError>>;
|
|
321
|
+
startOnboarding(request: OnboardingStartRequest): Promise<Result<OnboardingStartResponse, TryMellonError>>;
|
|
322
|
+
getOnboardingStatus(sessionId: string): Promise<Result<OnboardingStatusResponse, TryMellonError>>;
|
|
323
|
+
getOnboardingRegister(sessionId: string): Promise<Result<OnboardingRegisterResponseWithChallenge, TryMellonError>>;
|
|
324
|
+
registerOnboardingPasskey(sessionId: string, request: OnboardingRegisterPasskeyRequest): Promise<Result<OnboardingRegisterPasskeyResponse, TryMellonError>>;
|
|
325
|
+
completeOnboarding(sessionId: string, request: OnboardingCompleteRequest): Promise<Result<OnboardingCompleteResponse, TryMellonError>>;
|
|
326
|
+
}
|
|
327
|
+
|
|
328
|
+
declare class OnboardingManager {
|
|
329
|
+
private readonly apiClient;
|
|
330
|
+
constructor(apiClient: ApiClient);
|
|
331
|
+
/**
|
|
332
|
+
* Executes the full onboarding flow in a single call.
|
|
333
|
+
* 1. Starts onboarding
|
|
334
|
+
* 2. Polls for 'pending_passkey' or 'completed' status
|
|
335
|
+
* 3. If pending_passkey: when API returns challenge, registers passkey (WebAuthn) then completes onboarding
|
|
336
|
+
* 4. If pending_passkey but API does not return challenge: returns NOT_SUPPORTED with onboarding_url for user to complete elsewhere
|
|
337
|
+
*/
|
|
338
|
+
startFlow(options: OnboardingStartOptions & {
|
|
339
|
+
company_name?: string;
|
|
340
|
+
}): Promise<Result<OnboardingCompleteResult, TryMellonError>>;
|
|
341
|
+
}
|
|
342
|
+
|
|
343
|
+
declare class TryMellon {
|
|
344
|
+
private apiClient;
|
|
345
|
+
private eventEmitter;
|
|
346
|
+
private telemetrySender;
|
|
347
|
+
onboarding: OnboardingManager;
|
|
348
|
+
constructor(config: TryMellonConfig);
|
|
349
|
+
static isSupported(): boolean;
|
|
350
|
+
register(options: RegisterOptions): Promise<Result<RegisterResult, TryMellonError>>;
|
|
351
|
+
authenticate(options: AuthenticateOptions): Promise<Result<AuthenticateResult, TryMellonError>>;
|
|
352
|
+
validateSession(sessionToken: string): Promise<Result<SessionValidateResponse, TryMellonError>>;
|
|
353
|
+
getStatus(): Promise<ClientStatus>;
|
|
354
|
+
on(event: TryMellonEvent, handler: EventHandler): () => void;
|
|
355
|
+
version(): string;
|
|
356
|
+
fallback: {
|
|
357
|
+
email: {
|
|
358
|
+
start: (options: EmailFallbackStartOptions) => Promise<Result<void, TryMellonError>>;
|
|
359
|
+
verify: (options: EmailFallbackVerifyOptions) => Promise<Result<EmailFallbackVerifyResult, TryMellonError>>;
|
|
360
|
+
};
|
|
361
|
+
};
|
|
362
|
+
}
|
|
363
|
+
|
|
364
|
+
export { type AuthenticateResult as A, type Result as R, TryMellon as T, type RegisterResult as a, TryMellonError as b, type RegisterOptions as c, type AuthenticateOptions as d, type TryMellonConfig as e };
|