favalib 0.0.15 → 0.0.17

package/build/Command/commandConstructors.d.mts

@@ -3,11 +3,13 @@ import AddSyncDeviceCommand from './commands/AddSyncDeviceCommand.mjs';
 import DeleteEntryCommand from './commands/DeleteEntryCommand.mjs';
 import UpdateEntryCommand from './commands/UpdateEntryCommand.mjs';
 import ChangeDeviceInfoCommand from './commands/ChangeDeviceInfoCommand.mjs';
+import RemoveSyncDeviceCommand from './commands/RemoveSyncDeviceCommand.mjs';
 declare const commandConstructors: {
     AddEntry: typeof AddEntryCommand;
     DeleteEntry: typeof DeleteEntryCommand;
     UpdateEntry: typeof UpdateEntryCommand;
     AddSyncDevice: typeof AddSyncDeviceCommand;
     ChangeDeviceInfo: typeof ChangeDeviceInfoCommand;
+    RemoveSyncDevice: typeof RemoveSyncDeviceCommand;
 };
 export default commandConstructors;

package/build/Command/commandConstructors.mjs

@@ -3,11 +3,13 @@ import AddSyncDeviceCommand from './commands/AddSyncDeviceCommand.mjs';
 import DeleteEntryCommand from './commands/DeleteEntryCommand.mjs';
 import UpdateEntryCommand from './commands/UpdateEntryCommand.mjs';
 import ChangeDeviceInfoCommand from './commands/ChangeDeviceInfoCommand.mjs';
+import RemoveSyncDeviceCommand from './commands/RemoveSyncDeviceCommand.mjs';
 const commandConstructors = {
     AddEntry: AddEntryCommand,
     DeleteEntry: DeleteEntryCommand,
     UpdateEntry: UpdateEntryCommand,
     AddSyncDevice: AddSyncDeviceCommand,
     ChangeDeviceInfo: ChangeDeviceInfoCommand,
+    RemoveSyncDevice: RemoveSyncDeviceCommand,
 };
 export default commandConstructors;

package/build/Command/commands/RemoveSyncDeviceCommand.d.mts

@@ -0,0 +1,33 @@
+import type FavaLibMediator from '../../FavaLibMediator.mjs';
+import Command from '../BaseCommand.mjs';
+import type { DeviceId } from '../../interfaces/SyncTypes.mjs';
+export interface RemoveSyncDeviceData {
+    deviceId: DeviceId;
+}
+/**
+ * Represents a command that when executed removes a sync device from the vault.
+ */
+declare class RemoveSyncDeviceCommand extends Command<RemoveSyncDeviceData> {
+    /**
+     * Creates a new RemoveSyncDeviceCommand instance.
+     * @inheritdoc
+     * @param data - The id of the device to be removed.
+     */
+    constructor(data: RemoveSyncDeviceData, id?: string, timestamp?: number, version?: string, fromRemote?: boolean);
+    /**
+     * Executes the command to remove a sync device
+     * @inheritdoc
+     * @throws {InvalidCommandError} If the command data is invalid.
+     */
+    execute(mediator: FavaLibMediator): Promise<void>;
+    /**
+     * @inheritdoc
+     */
+    createUndoCommand(): Command;
+    /**
+     * Validates the command data.
+     * @returns True if the command data is valid, false otherwise.
+     */
+    validate(): boolean;
+}
+export default RemoveSyncDeviceCommand;

package/build/Command/commands/RemoveSyncDeviceCommand.mjs

@@ -0,0 +1,41 @@
+import { InvalidCommandError, FavaLibError } from '../../FavaLibError.mjs';
+import Command from '../BaseCommand.mjs';
+/**
+ * Represents a command that when executed removes a sync device from the vault.
+ */
+class RemoveSyncDeviceCommand extends Command {
+    /**
+     * Creates a new RemoveSyncDeviceCommand instance.
+     * @inheritdoc
+     * @param data - The id of the device to be removed.
+     */
+    constructor(data, id, timestamp, version, fromRemote = false) {
+        super('RemoveSyncDevice', data, id, timestamp, version, fromRemote);
+    }
+    /**
+     * Executes the command to remove a sync device
+     * @inheritdoc
+     * @throws {InvalidCommandError} If the command data is invalid.
+     */
+    async execute(mediator) {
+        if (!this.validate()) {
+            throw new InvalidCommandError('Invalid RemoveSyncDevice command');
+        }
+        const syncManager = mediator.getComponent('syncManager');
+        await syncManager.removeSyncDevice(this.data.deviceId);
+    }
+    /**
+     * @inheritdoc
+     */
+    createUndoCommand() {
+        throw new FavaLibError('Not implemented yet');
+    }
+    /**
+     * Validates the command data.
+     * @returns True if the command data is valid, false otherwise.
+     */
+    validate() {
+        return this.data.deviceId !== undefined;
+    }
+}
+export default RemoveSyncDeviceCommand;

package/build/FavaLib.d.mts

@@ -1,7 +1,7 @@
 import { TypedEventTarget } from 'typescript-event-target';
 import type { PlatformProviders } from './interfaces/PlatformProviders.mjs';
 import type { EncryptedPrivateKey, EncryptedSymmetricKey, PrivateKey, PublicKey, Salt, SymmetricKey } from './interfaces/CryptoLib.mjs';
-import type { DeviceFriendlyName, DeviceType } from './interfaces/SyncTypes.mjs';
+import type { DeviceFriendlyName, DeviceId, DeviceType } from './interfaces/SyncTypes.mjs';
 import type { FavaLibEventMapEvents } from './interfaces/Events.mjs';
 import type { PasswordExtraDict } from './interfaces/PasswordExtraDict.js';
 import type { Vault, VaultSyncState } from './interfaces/Vault.mjs';
@@ -27,7 +27,7 @@ declare class FavaLib extends TypedEventTarget<FavaLibEventMapEvents> {
      * @returns The meta info for this device.
      */
     get meta(): {
-        deviceId: import("./interfaces/SyncTypes.mjs").DeviceId;
+        deviceId: DeviceId;
         deviceFriendlyName: string | DeviceFriendlyName;
         deviceType: DeviceType;
     };
@@ -86,6 +86,12 @@ declare class FavaLib extends TypedEventTarget<FavaLibEventMapEvents> {
      * @param deviceFriendlyName Human readable name for the device
      */
     setDeviceFriendlyName(deviceFriendlyName: DeviceFriendlyName): Promise<void>;
+    /**
+     * Remove a sync device from the vault. Synced to all other devices.
+     * @param deviceId The id of the device to remove
+     * @throws {FavaLibError} If trying to remove the current device.
+     */
+    removeSyncDevice(deviceId: DeviceId): Promise<void>;
     /**
      * Dispatches a library event.
      * @param eventType - The type of the event to dispatch, uses the FavaLibEvent enum.

package/build/FavaLib.mjs

@@ -11,6 +11,7 @@ import VaultOperationsManager from './subclasses/VaultOperationsManager.mjs';
 import CommandManager from './subclasses/CommandManager.mjs';
 import StorageOperationsManager from './subclasses/StorageOperationsManager.mjs';
 import ChangeDeviceInfoCommand from './Command/commands/ChangeDeviceInfoCommand.mjs';
+import RemoveSyncDeviceCommand from './Command/commands/RemoveSyncDeviceCommand.mjs';
 /**
  * The Two-Factor Library, this is the main entry point.
  */
@@ -212,6 +213,18 @@ class FavaLib extends TypedEventTarget {
         }
         await this.mediator.getComponent('commandManager').execute(command);
     }
+    /**
+     * Remove a sync device from the vault. Synced to all other devices.
+     * @param deviceId The id of the device to remove
+     * @throws {FavaLibError} If trying to remove the current device.
+     */
+    async removeSyncDevice(deviceId) {
+        if (deviceId === this.favaMeta.deviceId) {
+            throw new FavaLibError('Cannot remove the current device');
+        }
+        const command = RemoveSyncDeviceCommand.create({ deviceId });
+        await this.mediator.getComponent('commandManager').execute(command);
+    }
     /**
      * Dispatches a library event.
      * @param eventType - The type of the event to dispatch, uses the FavaLibEvent enum.

package/build/interfaces/CommandTypes.d.mts

@@ -3,6 +3,7 @@ import type { DeleteEntryData } from '../Command/commands/DeleteEntryCommand.mjs
 import type { UpdateEntryData } from '../Command/commands/UpdateEntryCommand.mjs';
 import type { AddSyncDeviceData } from '../Command/commands/AddSyncDeviceCommand.mjs';
 import type { ChangeDeviceInfoData } from '../Command/commands/ChangeDeviceInfoCommand.mjs';
+import type { RemoveSyncDeviceData } from '../Command/commands/RemoveSyncDeviceCommand.mjs';
 export type SyncCommand = ({
     type: 'AddEntry';
     data: AddEntryData;
@@ -18,7 +19,10 @@ export type SyncCommand = ({
 } | {
     type: 'ChangeDeviceInfo';
     data: ChangeDeviceInfoData;
+} | {
+    type: 'RemoveSyncDevice';
+    data: RemoveSyncDeviceData;
 }) & {
     id: string;
 };
-export type CommandData = AddEntryData | DeleteEntryData | UpdateEntryData | AddSyncDeviceData | ChangeDeviceInfoData;
+export type CommandData = AddEntryData | DeleteEntryData | UpdateEntryData | AddSyncDeviceData | ChangeDeviceInfoData | RemoveSyncDeviceData;

package/build/interfaces/CryptoLib.d.mts

@@ -1,5 +1,6 @@
 import type { Tagged } from 'type-fest';
-export type Encrypted<T extends string> = Tagged<T, 'Encrypted'>;
+import type { Encrypted, EncryptedSymmetricKey, PublicKey, SymmetricKey } from 'favatypes';
+export type { Encrypted, EncryptedPublicKey, EncryptedSymmetricKey, PublicKey, SymmetricKey, } from 'favatypes';
 /** Represents a password  */
 export type Password = Tagged<string, 'Password'>;
 /** Represents a passwordHash  */
@@ -8,18 +9,10 @@ export type PasswordHash = Tagged<string, 'PasswordHash'>;
 export type Salt = Tagged<string, 'Salt'>;
 /** Represents a private key */
 export type PrivateKey = Tagged<string, 'PrivateKey'>;
-/** Represents a public key */
-export type PublicKey = Tagged<string, 'PublicKey'>;
-/** Represents an symmetric key */
-export type SymmetricKey = Tagged<string, 'SymmetricKey'>;
 /** Represents a sync (symmetric) key (base64 encoded) */
 export type SyncKey = Tagged<SymmetricKey, 'SyncKey'>;
 /** Represents an encrypted private key (base64 encoded) */
 export type EncryptedPrivateKey = Encrypted<PrivateKey>;
-/** Represents an encrypted symmetric key (base64 encoded) */
-export type EncryptedSymmetricKey = Encrypted<SymmetricKey>;
-/** Represents an encrypted public key (base64 encoded) */
-export type EncryptedPublicKey = Encrypted<PublicKey>;
 /**
  * Interface for cryptographic operations.
  * The implementation in CryptoProviders/node is the reference implementation

package/build/interfaces/Entry.d.mts

@@ -2,11 +2,14 @@ import type { LiteralUnion } from 'type-fest';
 import type { Tagged } from 'type-fest';
 export type EntryId = Tagged<string, 'TotpId'>;
 export type EntryType = LiteralUnion<'TOTP', string>;
+export type MatchType = 'BaseDomain';
 export interface EntryMeta {
     id: EntryId;
     name: string;
     issuer: string;
     type: EntryType;
+    match: string | null;
+    matchType: MatchType | null;
     addedAt: number;
     updatedAt: number | null;
 }

package/build/interfaces/SyncTypes.d.mts

@@ -2,7 +2,8 @@ import type { Tagged } from 'type-fest';
 import type { JPakeThreePass, Round1Result } from 'jpake-ts';
 import type { PublicKey, SyncKey } from './CryptoLib.mjs';
 import type { Vault, VaultSyncState } from './Vault.mjs';
-export type DeviceId = Tagged<string, 'DeviceId'>;
+import type { DeviceId } from 'favatypes';
+export type { DeviceId } from 'favatypes';
 export type DeviceType = Tagged<string, 'DeviceType'>;
 export type DeviceFriendlyName = Tagged<string, 'DeviceFriendlyName'>;
 export interface DeviceInfo {

package/build/interfaces/Vault.d.mts

@@ -1,10 +1,11 @@
 import type { Tagged } from 'type-fest';
-import type { Encrypted, EncryptedPrivateKey, EncryptedSymmetricKey, Salt } from './CryptoLib.mjs';
+import type { EncryptedPrivateKey, EncryptedSymmetricKey, Salt } from './CryptoLib.mjs';
 import type Entry from './Entry.mjs';
 import type { DeviceFriendlyName, DeviceId, SyncDevice } from './SyncTypes.mjs';
 import type { SyncCommandFromClient } from 'favaserver/ClientMessage';
+import type { EncryptedVaultStateString } from 'favatypes';
+export type { EncryptedVaultStateString, VaultStateString } from 'favatypes';
 export type Vault = Entry[];
-export type EncryptedVaultStateString = Encrypted<VaultStateString>;
 export interface LockedRepresentation {
     encryptedPrivateKey: EncryptedPrivateKey;
     encryptedSymmetricKey: EncryptedSymmetricKey;
@@ -28,4 +29,3 @@ export interface VaultState {
     vault: Vault;
     sync: VaultSyncState;
 }
-export type VaultStateString = Tagged<string, 'VaultState'>;

package/build/platformProviders/browser/cryptoLib.d.mts

@@ -38,8 +38,8 @@ declare class BrowserCryptoLib implements CryptoLib {
      */
     decryptKeys(encryptedPrivateKey: EncryptedPrivateKey, encryptedSymmetricKey: EncryptedSymmetricKey, salt: Salt, password: Password): Promise<{
         privateKey: PrivateKey;
-        publicKey: PublicKey;
         symmetricKey: SymmetricKey;
+        publicKey: PublicKey;
     }>;
     /**
      * @inheritdoc

package/build/platformProviders/browser/cryptoLib.mjs

@@ -79,7 +79,7 @@ class BrowserCryptoLib {
         // recreate passwordHash
         const passwordHash = await generatePasswordHash(salt, password);
         const { privateKey, publicKey } = await this.decryptPrivateKey(encryptedPrivateKey, passwordHash);
-        const symmetricKey = (await this.decrypt(privateKey, encryptedSymmetricKey));
+        const symmetricKey = await this.decrypt(privateKey, encryptedSymmetricKey);
         return { privateKey, publicKey, symmetricKey };
     }
     /**

package/build/platformProviders/browser/openPgpLib.mjs

@@ -13,6 +13,7 @@ export class BrowserOpenPgpLib {
         if (!this.openPgpModule) {
             this.openPgpModule = await import('openpgp');
             // enable Authenticated Encryption with Associated Data
+            // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
             this.openPgpModule.config.aeadProtect = true;
         }
         return this.openPgpModule;

package/build/platformProviders/node/cryptoLib.d.mts

@@ -31,8 +31,8 @@ declare class NodeCryptoLib implements CryptoLib {
      */
     decryptKeys(encryptedPrivateKey: EncryptedPrivateKey, encryptedSymmetricKey: EncryptedSymmetricKey, salt: Salt, password: Password): Promise<{
         privateKey: PrivateKey;
-        publicKey: PublicKey;
         symmetricKey: SymmetricKey;
+        publicKey: PublicKey;
     }>;
     /**
      * @inheritdoc

package/build/platformProviders/node/cryptoLib.mjs

@@ -119,7 +119,7 @@ class NodeCryptoLib {
             format: 'pem',
         });
         // Decrypt the symmetric key
-        const symmetricKey = (await this.decrypt(privateKey, encryptedSymmetricKey));
+        const symmetricKey = await this.decrypt(privateKey, encryptedSymmetricKey);
         return { privateKey, publicKey, symmetricKey };
     }
     /**

package/build/platformProviders/node/openPgpLib.mjs

@@ -13,6 +13,7 @@ export class NodeOpenPgpLib {
         if (!this.openPgpModule) {
             this.openPgpModule = await import('openpgp');
             // enable Authenticated Encryption with Associated Data
+            // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
             this.openPgpModule.config.aeadProtect = true;
         }
         return this.openPgpModule;

package/build/subclasses/SyncManager.d.mts

@@ -1,4 +1,4 @@
-import { SyncDevice, PublicSyncDevice, DeviceType } from '../interfaces/SyncTypes.mjs';
+import { SyncDevice, PublicSyncDevice, DeviceType, DeviceId } from '../interfaces/SyncTypes.mjs';
 import type { PrivateKey, PublicKey } from '../interfaces/CryptoLib.mjs';
 import type Command from '../Command/BaseCommand.mjs';
 import type FavaLibMediator from '../FavaLibMediator.mjs';
@@ -176,6 +176,13 @@ declare class SyncManager {
      * @param saveAfter - Whether to save the new vault after adding it (set to false when adding multiple devices)
      */
     addSyncDevice(device: SyncDevice, saveAfter?: boolean): Promise<void>;
+    /**
+     * Remove a sync device
+     * @param deviceId - The id of the device to remove
+     * @param saveAfter - Whether to save the vault after removing the device
+     * @returns The removed device, or undefined if it was not present
+     */
+    removeSyncDevice(deviceId: DeviceId, saveAfter?: boolean): Promise<SyncDevice | undefined>;
     /**
      * Requests a resilver of the vault
      */

package/build/subclasses/SyncManager.mjs

@@ -644,6 +644,25 @@ class SyncManager {
             await this.persistentStorageManager.save();
         }
     }
+    /**
+     * Remove a sync device
+     * @param deviceId - The id of the device to remove
+     * @param saveAfter - Whether to save the vault after removing the device
+     * @returns The removed device, or undefined if it was not present
+     */
+    async removeSyncDevice(deviceId, saveAfter = true) {
+        const index = this.syncDevices.findIndex((d) => d.deviceId === deviceId);
+        if (index === -1) {
+            // we don't have this device, nothing to remove
+            return undefined;
+        }
+        this.log('info', `Removing syncdevice ${deviceId} from ${this.deviceId}`);
+        const [removed] = this.syncDevices.splice(index, 1);
+        if (saveAfter) {
+            await this.persistentStorageManager.save();
+        }
+        return removed;
+    }
     /**
      * Requests a resilver of the vault
      */

package/build/subclasses/VaultDataManager.d.mts

@@ -36,11 +36,11 @@ declare class VaultDataManager {
      * Generate a time-based one-time password (TOTP) for a specific entry.
      * @param id - The unique identifier of the entry.
      * @param timestamp - Optional timestamp to use for token generation (default is current time).
-     * @returns An object containing the token and the validity period.
+     * @returns A promise resolving to an object containing the token and the validity period.
      * @throws {EntryNotFoundError} If no entry exists with the given ID.
      * @throws {TokenGenerationError} If token generation fails due to invalid entry data or technical issues.
      */
-    generateTokenForEntry(id: EntryId, timestamp?: number): Token;
+    generateTokenForEntry(id: EntryId, timestamp?: number): Promise<Token>;
     /**
      * Add a new entry to the vault.
      * @param entry - The entry data to add

package/build/subclasses/VaultDataManager.mjs

@@ -50,13 +50,13 @@ class VaultDataManager {
      * Generate a time-based one-time password (TOTP) for a specific entry.
      * @param id - The unique identifier of the entry.
      * @param timestamp - Optional timestamp to use for token generation (default is current time).
-     * @returns An object containing the token and the validity period.
+     * @returns A promise resolving to an object containing the token and the validity period.
      * @throws {EntryNotFoundError} If no entry exists with the given ID.
      * @throws {TokenGenerationError} If token generation fails due to invalid entry data or technical issues.
      */
-    generateTokenForEntry(id, timestamp) {
+    async generateTokenForEntry(id, timestamp) {
         const entry = this.vault.find((e) => e.id === id);
-        if (!entry || entry.type !== 'TOTP') {
+        if (entry?.type !== 'TOTP') {
             throw new EntryNotFoundError('TOTP entry not found');
         }
         const { secret, period, algorithm, digits } = entry.payload;
@@ -69,7 +69,7 @@ class VaultDataManager {
             algorithm: algorithm,
             timestamp: timestamp ?? Date.now(),
         };
-        const { otp, expires } = TOTP.generate(secret, totpOptions);
+        const { otp, expires } = await TOTP.generate(secret, totpOptions);
         return { otp, validFrom: expires - period * 1000, validTill: expires };
     }
     /**

package/build/subclasses/VaultOperationsManager.d.mts

@@ -37,7 +37,7 @@ declare class VaultOperationsManager {
      * @param includeTokens - When true, includes current tokens with the metas.
      * @returns An array of matching entry metas, optionally with tokens.
      */
-    searchEntriesMetas(query: string, includeTokens: true): EntryMetaWithToken[];
+    searchEntriesMetas(query: string, includeTokens: true): Promise<EntryMetaWithToken[]>;
     /**
      * @inheritdoc
      */
@@ -52,7 +52,7 @@ declare class VaultOperationsManager {
      * @param includeTokens - When true, includes current tokens with the metas.
      * @returns An array of all entry metas, optionally with tokens.
      */
-    listEntriesMetas(includeTokens: true): EntryMetaWithToken[];
+    listEntriesMetas(includeTokens: true): Promise<EntryMetaWithToken[]>;
     /**
      * @inheritdoc
      */
@@ -61,11 +61,11 @@ declare class VaultOperationsManager {
      * Generate a time-based one-time password (TOTP) for a specific entry.
      * @param id - The unique identifier of the entry.
      * @param timestamp - Optional timestamp to use for token generation (default is current time).
-     * @returns An object containing the token and between which timestamps it is valid
+     * @returns A promise resolving to an object containing the token and between which timestamps it is valid
      * @throws {EntryNotFoundError} If no entry exists with the given ID.
      * @throws {TokenGenerationError} If token generation fails due to invalid entry data or technical issues.
      */
-    generateTokenForEntry(id: EntryId, timestamp?: number): Token;
+    generateTokenForEntry(id: EntryId, timestamp?: number): Promise<Token>;
     /**
      * Add a new entry to the library.
      * @param entry - The entry data to add (without an ID, as it will be generated).

package/build/subclasses/VaultOperationsManager.mjs

@@ -7,6 +7,8 @@ const getMetaForEntry = (entry) => ({
     name: entry.name,
     issuer: entry.issuer,
     type: entry.type,
+    match: entry.match,
+    matchType: entry.matchType,
     addedAt: entry.addedAt,
     updatedAt: entry.updatedAt,
 });
@@ -63,20 +65,17 @@ class VaultOperationsManager {
      */
     searchEntriesMetas(query, includeTokens) {
         const lowercaseQuery = query.toLowerCase();
-        const entries = this.vaultDataManager.getAllEntries();
-        return entries
+        const entries = this.vaultDataManager
+            .getAllEntries()
             .filter((entry) => entry.name.toLowerCase().includes(lowercaseQuery) ||
-            entry.issuer.toLowerCase().includes(lowercaseQuery))
-            .map((entry) => {
-            const meta = getMetaForEntry(entry);
-            if (includeTokens) {
-                return {
-                    ...meta,
-                    token: this.generateTokenForEntry(entry.id),
-                };
-            }
-            return meta;
-        });
+            entry.issuer.toLowerCase().includes(lowercaseQuery));
+        if (includeTokens) {
+            return Promise.all(entries.map(async (entry) => ({
+                ...getMetaForEntry(entry),
+                token: await this.generateTokenForEntry(entry.id),
+            })));
+        }
+        return entries.map((entry) => getMetaForEntry(entry));
     }
     /**
      * Retrieve a list of all entry IDs in the library.
@@ -90,22 +89,19 @@ class VaultOperationsManager {
      */
     listEntriesMetas(includeTokens) {
         const entries = this.vaultDataManager.getAllEntries();
-        return entries.map((entry) => {
-            const meta = getMetaForEntry(entry);
-            if (includeTokens) {
-                return {
-                    ...meta,
-                    token: this.generateTokenForEntry(entry.id),
-                };
-            }
-            return meta;
-        });
+        if (includeTokens) {
+            return Promise.all(entries.map(async (entry) => ({
+                ...getMetaForEntry(entry),
+                token: await this.generateTokenForEntry(entry.id),
+            })));
+        }
+        return entries.map((entry) => getMetaForEntry(entry));
     }
     /**
      * Generate a time-based one-time password (TOTP) for a specific entry.
      * @param id - The unique identifier of the entry.
      * @param timestamp - Optional timestamp to use for token generation (default is current time).
-     * @returns An object containing the token and between which timestamps it is valid
+     * @returns A promise resolving to an object containing the token and between which timestamps it is valid
      * @throws {EntryNotFoundError} If no entry exists with the given ID.
      * @throws {TokenGenerationError} If token generation fails due to invalid entry data or technical issues.
      */

package/build/utils/creationUtils.d.mts

@@ -36,9 +36,9 @@ export declare const getFavaLibVaultCreationUtils: (platformProviders: PlatformP
     getPasswordStrength: (password: Password) => Promise<ZxcvbnResult>;
     createNewFavaLibVault: (password: Password) => Promise<{
         favaLib: FavaLib;
-        publicKey: import("../interfaces/CryptoLib.mjs").PublicKey;
+        publicKey: import("favatypes").PublicKey;
         encryptedPrivateKey: import("../interfaces/CryptoLib.mjs").EncryptedPrivateKey;
-        encryptedSymmetricKey: import("../interfaces/CryptoLib.mjs").EncryptedSymmetricKey;
+        encryptedSymmetricKey: import("favatypes").EncryptedSymmetricKey;
         salt: import("../interfaces/CryptoLib.mjs").Salt;
     }>;
     loadFavaLibFromLockedRepesentation: (lockedRepresentationString: LockedRepresentationString, password: Password) => Promise<FavaLib>;

package/build/utils/creationUtils.mjs

@@ -95,8 +95,7 @@ const loadFavaLibFromLockedRepesentation = async (libraryLoader, deviceType, pas
     const cryptoLib = libraryLoader.getCryptoLib();
     const platformProviders = libraryLoader.getPlatformProviders();
     const lockedRepresentation = JSON.parse(lockedRepresentationString);
-    if (!lockedRepresentation ||
-        !lockedRepresentation.encryptedPrivateKey ||
+    if (!lockedRepresentation?.encryptedPrivateKey ||
         !lockedRepresentation.encryptedSymmetricKey ||
         !lockedRepresentation.salt ||
         !lockedRepresentation.encryptedVaultState) {
@@ -104,8 +103,7 @@ const loadFavaLibFromLockedRepesentation = async (libraryLoader, deviceType, pas
     }
     const { privateKey, symmetricKey, publicKey } = await cryptoLib.decryptKeys(lockedRepresentation.encryptedPrivateKey, lockedRepresentation.encryptedSymmetricKey, lockedRepresentation.salt, password);
     const vaultState = JSON.parse(await cryptoLib.decryptSymmetric(symmetricKey, lockedRepresentation.encryptedVaultState));
-    if (!vaultState ||
-        !vaultState.deviceId ||
+    if (!vaultState?.deviceId ||
         !vaultState.sync?.commandSendQueue ||
         !vaultState.sync?.devices) {
         throw new InitializationError('encryptedVaultState is incomplete or corrupted');

package/build/utils/exportImportUtils.mjs

@@ -50,6 +50,8 @@ export const parseOtpUri = (UrlParser, otpUri) => {
     const algorithm = parseOtpAlgorithm(searchParams.get('algorithm'));
     const digits = parseInt(searchParams.get('digits') ?? '6', 10);
     const period = parseInt(searchParams.get('period') ?? '30', 10);
+    const match = searchParams.get('match');
+    const matchType = searchParams.get('matchType');
     // if searchParams has an issuer, use that
     if (searchParams.get('issuer')) {
         if (!name) {
@@ -68,6 +70,8 @@ export const parseOtpUri = (UrlParser, otpUri) => {
         name: name && name.length > 0 ? name : 'Imported Entry',
         issuer: issuer && issuer.length > 0 ? issuer : 'Unknown Issuer',
         type: 'TOTP',
+        match: match ?? null,
+        matchType: matchType ?? null,
         payload: {
             secret,
             algorithm,
@@ -77,9 +81,20 @@ export const parseOtpUri = (UrlParser, otpUri) => {
     };
 };
 const generateOtpUrl = (entry) => {
-    const { name, issuer, payload } = entry;
+    const { name, issuer, payload, match, matchType } = entry;
     const { secret, algorithm, digits, period } = payload;
-    return `otpauth://totp/${encodeURIComponent(issuer)}:${encodeURIComponent(name)}?secret=${secret}&issuer=${encodeURIComponent(issuer)}&algorithm=${algorithm}&digits=${digits}&period=${period}`;
+    // Note: Using manual encodeURIComponent instead of URLSearchParams because
+    // URLSearchParams encodes spaces as '+' while encodeURIComponent uses '%20'.
+    // OTP clients expect standard percent encoding (%20) for better compatibility.
+    let url = `otpauth://totp/${encodeURIComponent(issuer)}:${encodeURIComponent(name)}?secret=${secret}&issuer=${encodeURIComponent(issuer)}&algorithm=${algorithm}&digits=${digits}&period=${period}`;
+    // Add match properties if they exist
+    if (match !== null && match !== undefined) {
+        url += `&match=${encodeURIComponent(match)}`;
+    }
+    if (matchType !== null && matchType !== undefined) {
+        url += `&matchType=${encodeURIComponent(matchType)}`;
+    }
+    return url;
 };
 /**
  * Generates an HTML page with QR codes for the provided OTP entries.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "favalib",
-  "version": "0.0.15",
+  "version": "0.0.17",
   "description": "",
   "type": "module",
   "exports": {
@@ -24,37 +24,38 @@
   "author": "",
   "license": "ISC",
   "devDependencies": {
-    "@types/node-forge": "^1.3.11",
-    "@types/qrcode": "^1.5.5",
-    "@types/uuid": "^10.0.0",
+    "@types/node-forge": "^1.3.14",
+    "@types/qrcode": "^1.5.6",
     "@types/whatwg-url": "^13.0.0",
-    "@vitest/coverage-v8": "^3.1.4",
-    "eslint": "^9.27.0",
-    "type-fest": "^4.41.0",
-    "typedoc": "^0.27.8",
-    "vitest": "^3.1.4",
+    "@vitest/coverage-v8": "^4.1.7",
+    "eslint": "^9.10.0",
+    "type-fest": "^5.6.0",
+    "typedoc": "^0.28.19",
+    "vitest": "^4.1.7",
     "vitest-websocket-mock": "^0.5.0"
   },
   "dependencies": {
     "@zxcvbn-ts/core": "^3.0.4",
     "@zxcvbn-ts/language-common": "^3.0.4",
     "@zxcvbn-ts/language-en": "^3.0.2",
-    "canvas": "^3.1.0",
-    "esbuild": "^0.25.8",
+    "canvas": "^3.2.3",
+    "esbuild": "^0.28.0",
     "hash-wasm": "^4.12.0",
     "jpake-ts": "^1.0.1",
     "jsqr": "^1.4.0",
-    "node-forge": "^1.3.1",
-    "openpgp": "^6.1.1",
+    "node-forge": "^1.4.0",
+    "openpgp": "^6.3.0",
     "qrcode": "^1.5.4",
-    "totp-generator": "^1.0.0",
-    "typescript-event-target": "^1.1.1",
-    "uint8array-extras": "^1.4.0",
-    "uuid": "^11.1.0",
-    "whatwg-url": "^14.2.0",
-    "ws": "^8.18.2"
+    "totp-generator": "2.0.1",
+    "typescript-event-target": "^1.1.2",
+    "uint8array-extras": "^1.5.0",
+    "uuid": "^14.0.0",
+    "whatwg-url": "^16.0.1",
+    "ws": "^8.20.1",
+    "favaserver": "0.0.1",
+    "favatypes": "0.0.1"
   },
   "engines": {
     "node": ">=20"
   }
-}
+}