humankey 0.2.0 → 0.3.1

package/dist/fastify.cjs

@@ -0,0 +1,30 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+
+
+
+
+var _chunkG2IT2ZP5cjs = require('./chunk-G2IT2ZP5.cjs');
+require('./chunk-FW3YUVJC.cjs');
+require('./chunk-JI6NIMGK.cjs');
+
+// src/fastify.ts
+var humanKeyPlugin = async (fastify, config) => {
+  const resolved = _chunkG2IT2ZP5cjs.resolveConfig.call(void 0, config);
+  fastify.post("/challenge", async (_request, reply) => {
+    const result = await _chunkG2IT2ZP5cjs.handleChallenge.call(void 0, resolved);
+    return reply.status(result.status).send(result.body);
+  });
+  fastify.post("/register", async (request, reply) => {
+    const result = await _chunkG2IT2ZP5cjs.handleRegister.call(void 0, resolved, request.body);
+    return reply.status(result.status).send(result.body);
+  });
+  fastify.post("/verify", async (request, reply) => {
+    const result = await _chunkG2IT2ZP5cjs.handleVerify.call(void 0, resolved, request.body);
+    return reply.status(result.status).send(result.body);
+  });
+};
+
+
+
+exports.MemoryChallengeStore = _chunkG2IT2ZP5cjs.MemoryChallengeStore; exports.humanKeyPlugin = humanKeyPlugin;

package/dist/fastify.d.cts

@@ -0,0 +1,22 @@
+import { FastifyPluginAsync } from 'fastify';
+import { H as HumanKeyAdapterConfig } from './adapter-core-CoBcSqdG.cjs';
+export { C as ChallengeStore, M as MemoryChallengeStore } from './adapter-core-CoBcSqdG.cjs';
+export { A as ActionPayload, c as TapCredential, V as VerifyResult } from './types-By44RNIt.cjs';
+import '@simplewebauthn/server';
+
+/** Configuration for the humankey Fastify plugin. */
+type HumanKeyFastifyConfig = HumanKeyAdapterConfig;
+/**
+ * Fastify plugin that registers humankey routes.
+ *
+ * Usage:
+ * ```ts
+ * import Fastify from 'fastify';
+ * import { humanKeyPlugin } from 'humankey/fastify';
+ * const app = Fastify();
+ * app.register(humanKeyPlugin, { prefix: '/api', ...config });
+ * ```
+ */
+declare const humanKeyPlugin: FastifyPluginAsync<HumanKeyFastifyConfig>;
+
+export { type HumanKeyFastifyConfig, humanKeyPlugin };

package/dist/fastify.d.ts

@@ -0,0 +1,22 @@
+import { FastifyPluginAsync } from 'fastify';
+import { H as HumanKeyAdapterConfig } from './adapter-core-CFN3y3L0.js';
+export { C as ChallengeStore, M as MemoryChallengeStore } from './adapter-core-CFN3y3L0.js';
+export { A as ActionPayload, c as TapCredential, V as VerifyResult } from './types-By44RNIt.js';
+import '@simplewebauthn/server';
+
+/** Configuration for the humankey Fastify plugin. */
+type HumanKeyFastifyConfig = HumanKeyAdapterConfig;
+/**
+ * Fastify plugin that registers humankey routes.
+ *
+ * Usage:
+ * ```ts
+ * import Fastify from 'fastify';
+ * import { humanKeyPlugin } from 'humankey/fastify';
+ * const app = Fastify();
+ * app.register(humanKeyPlugin, { prefix: '/api', ...config });
+ * ```
+ */
+declare const humanKeyPlugin: FastifyPluginAsync<HumanKeyFastifyConfig>;
+
+export { type HumanKeyFastifyConfig, humanKeyPlugin };

package/dist/fastify.mjs

@@ -0,0 +1,30 @@
+import {
+  MemoryChallengeStore,
+  handleChallenge,
+  handleRegister,
+  handleVerify,
+  resolveConfig
+} from "./chunk-Y6KQC7WK.mjs";
+import "./chunk-XXJAJHNP.mjs";
+import "./chunk-CLQSCDXC.mjs";
+
+// src/fastify.ts
+var humanKeyPlugin = async (fastify, config) => {
+  const resolved = resolveConfig(config);
+  fastify.post("/challenge", async (_request, reply) => {
+    const result = await handleChallenge(resolved);
+    return reply.status(result.status).send(result.body);
+  });
+  fastify.post("/register", async (request, reply) => {
+    const result = await handleRegister(resolved, request.body);
+    return reply.status(result.status).send(result.body);
+  });
+  fastify.post("/verify", async (request, reply) => {
+    const result = await handleVerify(resolved, request.body);
+    return reply.status(result.status).send(result.body);
+  });
+};
+export {
+  MemoryChallengeStore,
+  humanKeyPlugin
+};

package/dist/hono.cjs

@@ -0,0 +1,35 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+
+
+
+
+var _chunkG2IT2ZP5cjs = require('./chunk-G2IT2ZP5.cjs');
+require('./chunk-FW3YUVJC.cjs');
+require('./chunk-JI6NIMGK.cjs');
+
+// src/hono.ts
+var _hono = require('hono');
+function createHumanKeyApp(config) {
+  const resolved = _chunkG2IT2ZP5cjs.resolveConfig.call(void 0, config);
+  const app = new (0, _hono.Hono)();
+  app.post("/challenge", async (c) => {
+    const result = await _chunkG2IT2ZP5cjs.handleChallenge.call(void 0, resolved);
+    return c.json(result.body, result.status);
+  });
+  app.post("/register", async (c) => {
+    const body = await c.req.json();
+    const result = await _chunkG2IT2ZP5cjs.handleRegister.call(void 0, resolved, body);
+    return c.json(result.body, result.status);
+  });
+  app.post("/verify", async (c) => {
+    const body = await c.req.json();
+    const result = await _chunkG2IT2ZP5cjs.handleVerify.call(void 0, resolved, body);
+    return c.json(result.body, result.status);
+  });
+  return app;
+}
+
+
+
+exports.MemoryChallengeStore = _chunkG2IT2ZP5cjs.MemoryChallengeStore; exports.createHumanKeyApp = createHumanKeyApp;

package/dist/hono.d.cts

@@ -0,0 +1,22 @@
+import { Hono } from 'hono';
+import { H as HumanKeyAdapterConfig } from './adapter-core-CoBcSqdG.cjs';
+export { C as ChallengeStore, M as MemoryChallengeStore } from './adapter-core-CoBcSqdG.cjs';
+export { A as ActionPayload, c as TapCredential, V as VerifyResult } from './types-By44RNIt.cjs';
+import '@simplewebauthn/server';
+
+/** Configuration for the humankey Hono adapter. */
+type HumanKeyHonoConfig = HumanKeyAdapterConfig;
+/**
+ * Create a Hono app with humankey routes.
+ *
+ * Usage:
+ * ```ts
+ * import { Hono } from 'hono';
+ * import { createHumanKeyApp } from 'humankey/hono';
+ * const app = new Hono();
+ * app.route('/api', createHumanKeyApp({ ... }));
+ * ```
+ */
+declare function createHumanKeyApp(config: HumanKeyHonoConfig): Hono;
+
+export { type HumanKeyHonoConfig, createHumanKeyApp };

package/dist/hono.d.ts

@@ -0,0 +1,22 @@
+import { Hono } from 'hono';
+import { H as HumanKeyAdapterConfig } from './adapter-core-CFN3y3L0.js';
+export { C as ChallengeStore, M as MemoryChallengeStore } from './adapter-core-CFN3y3L0.js';
+export { A as ActionPayload, c as TapCredential, V as VerifyResult } from './types-By44RNIt.js';
+import '@simplewebauthn/server';
+
+/** Configuration for the humankey Hono adapter. */
+type HumanKeyHonoConfig = HumanKeyAdapterConfig;
+/**
+ * Create a Hono app with humankey routes.
+ *
+ * Usage:
+ * ```ts
+ * import { Hono } from 'hono';
+ * import { createHumanKeyApp } from 'humankey/hono';
+ * const app = new Hono();
+ * app.route('/api', createHumanKeyApp({ ... }));
+ * ```
+ */
+declare function createHumanKeyApp(config: HumanKeyHonoConfig): Hono;
+
+export { type HumanKeyHonoConfig, createHumanKeyApp };

package/dist/hono.mjs

@@ -0,0 +1,35 @@
+import {
+  MemoryChallengeStore,
+  handleChallenge,
+  handleRegister,
+  handleVerify,
+  resolveConfig
+} from "./chunk-Y6KQC7WK.mjs";
+import "./chunk-XXJAJHNP.mjs";
+import "./chunk-CLQSCDXC.mjs";
+
+// src/hono.ts
+import { Hono } from "hono";
+function createHumanKeyApp(config) {
+  const resolved = resolveConfig(config);
+  const app = new Hono();
+  app.post("/challenge", async (c) => {
+    const result = await handleChallenge(resolved);
+    return c.json(result.body, result.status);
+  });
+  app.post("/register", async (c) => {
+    const body = await c.req.json();
+    const result = await handleRegister(resolved, body);
+    return c.json(result.body, result.status);
+  });
+  app.post("/verify", async (c) => {
+    const body = await c.req.json();
+    const result = await handleVerify(resolved, body);
+    return c.json(result.body, result.status);
+  });
+  return app;
+}
+export {
+  MemoryChallengeStore,
+  createHumanKeyApp
+};

package/dist/index.cjs

@@ -1,156 +1,17 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true});
 
+var _chunkSZPXOH7Zcjs = require('./chunk-SZPXOH7Z.cjs');
 
 
+var _chunkRQSBOE7Bcjs = require('./chunk-RQSBOE7B.cjs');
 
 
 
-var _chunkJI6NIMGKcjs = require('./chunk-JI6NIMGK.cjs');
+var _chunk2KMBF2THcjs = require('./chunk-2KMBF2TH.cjs');
 
-// src/confirm.ts
-async function createConfirmation(action) {
-  const hashBuffer = await _chunkJI6NIMGKcjs.hashAction.call(void 0, action);
-  const code = _chunkJI6NIMGKcjs.deriveConfirmationCode.call(void 0, hashBuffer);
-  const actionHash = _chunkJI6NIMGKcjs.bufferToBase64url.call(void 0, hashBuffer);
-  return { code, actionHash };
-}
-function validateConfirmation(confirmation, userInput) {
-  if (userInput.toUpperCase().trim() !== confirmation.code.toUpperCase()) {
-    throw new (0, _chunkJI6NIMGKcjs.HumanKeyError)(
-      "Confirmation code mismatch",
-      "CONFIRMATION_MISMATCH"
-    );
-  }
-}
 
-// src/tap.ts
-var _browser = require('@simplewebauthn/browser');
-async function requestTap(request) {
-  const {
-    challenge,
-    action,
-    confirmation,
-    userInput,
-    allowCredentials,
-    rpID,
-    userVerification = "required",
-    timeout = 6e4
-  } = request;
-  validateConfirmation(confirmation, userInput);
-  const actionHashBuffer = await _chunkJI6NIMGKcjs.hashAction.call(void 0, action);
-  const confirmationInput = `${confirmation.code}:${userInput.toUpperCase().trim()}`;
-  const confirmationHashBuffer = await crypto.subtle.digest(
-    "SHA-256",
-    new TextEncoder().encode(confirmationInput)
-  );
-  const challengeBuffer = _chunkJI6NIMGKcjs.base64urlToBuffer.call(void 0, challenge);
-  const finalChallenge = await _chunkJI6NIMGKcjs.combineAndHash.call(void 0, 
-    challengeBuffer,
-    actionHashBuffer,
-    confirmationHashBuffer
-  );
-  const actionHash = _chunkJI6NIMGKcjs.bufferToBase64url.call(void 0, actionHashBuffer);
-  const confirmationHash = _chunkJI6NIMGKcjs.bufferToBase64url.call(void 0, confirmationHashBuffer);
-  try {
-    const response = await _browser.startAuthentication.call(void 0, {
-      optionsJSON: {
-        challenge: _chunkJI6NIMGKcjs.bufferToBase64url.call(void 0, finalChallenge),
-        rpId: rpID,
-        allowCredentials: allowCredentials.map((cred) => ({
-          id: cred.id,
-          type: "public-key",
-          transports: cred.transports
-        })),
-        userVerification,
-        timeout
-      }
-    });
-    return {
-      response,
-      action,
-      actionHash,
-      confirmationHash,
-      userInput: userInput.toUpperCase().trim()
-    };
-  } catch (error) {
-    if (error instanceof Error && error.name === "NotAllowedError") {
-      throw new (0, _chunkJI6NIMGKcjs.HumanKeyError)(
-        "User cancelled the hardware key tap",
-        "USER_CANCELLED",
-        error
-      );
-    }
-    throw error;
-  }
-}
 
-// src/register.ts
-
-async function registerKey(request) {
-  const {
-    challenge,
-    rpID,
-    rpName,
-    userName,
-    userDisplayName = userName,
-    excludeCredentials = [],
-    attestation = "direct",
-    userVerification = "required",
-    timeout = 6e4
-  } = request;
-  const userIdBytes = new TextEncoder().encode(userName);
-  const userIdHash = await crypto.subtle.digest("SHA-256", userIdBytes);
-  const userId = _chunkJI6NIMGKcjs.bufferToBase64url.call(void 0, userIdHash);
-  try {
-    const response = await _browser.startRegistration.call(void 0, {
-      optionsJSON: {
-        rp: { name: rpName, id: rpID },
-        user: {
-          id: userId,
-          name: userName,
-          displayName: userDisplayName
-        },
-        challenge,
-        pubKeyCredParams: [
-          { alg: -7, type: "public-key" },
-          // ES256
-          { alg: -257, type: "public-key" }
-          // RS256
-        ],
-        timeout,
-        attestation,
-        excludeCredentials: excludeCredentials.map((cred) => ({
-          id: cred.id,
-          type: "public-key",
-          transports: cred.transports
-        })),
-        authenticatorSelection: {
-          authenticatorAttachment: "cross-platform",
-          residentKey: "preferred",
-          userVerification
-        }
-      }
-    });
-    return {
-      credentialId: response.id,
-      response,
-      transports: response.response.transports
-    };
-  } catch (error) {
-    if (error instanceof Error && error.name === "NotAllowedError") {
-      throw new (0, _chunkJI6NIMGKcjs.HumanKeyError)(
-        "User cancelled hardware key registration",
-        "USER_CANCELLED",
-        error
-      );
-    }
-    throw new (0, _chunkJI6NIMGKcjs.HumanKeyError)(
-      `Registration failed: ${error instanceof Error ? error.message : "Unknown error"}`,
-      "REGISTRATION_FAILED",
-      error
-    );
-  }
-}
+var _chunkJI6NIMGKcjs = require('./chunk-JI6NIMGK.cjs');
 
 // src/support.ts
 function isHumanKeySupported() {
@@ -164,4 +25,4 @@ function isHumanKeySupported() {
 
 
 
-exports.HumanKeyError = _chunkJI6NIMGKcjs.HumanKeyError; exports.createConfirmation = createConfirmation; exports.hashAction = _chunkJI6NIMGKcjs.hashAction; exports.isHumanKeySupported = isHumanKeySupported; exports.registerKey = registerKey; exports.requestTap = requestTap; exports.validateConfirmation = validateConfirmation;
+exports.HumanKeyError = _chunkJI6NIMGKcjs.HumanKeyError; exports.createConfirmation = _chunk2KMBF2THcjs.createConfirmation; exports.hashAction = _chunkJI6NIMGKcjs.hashAction; exports.isHumanKeySupported = isHumanKeySupported; exports.registerKey = _chunkRQSBOE7Bcjs.registerKey; exports.requestTap = _chunkSZPXOH7Zcjs.requestTap; exports.validateConfirmation = _chunk2KMBF2THcjs.validateConfirmation;

package/dist/index.mjs

@@ -1,157 +1,18 @@
+import {
+  requestTap
+} from "./chunk-RANGHXC7.mjs";
+import {
+  registerKey
+} from "./chunk-U2AGXRNW.mjs";
+import {
+  createConfirmation,
+  validateConfirmation
+} from "./chunk-G2X46ZRM.mjs";
 import {
   HumanKeyError,
-  base64urlToBuffer,
-  bufferToBase64url,
-  combineAndHash,
-  deriveConfirmationCode,
   hashAction
 } from "./chunk-CLQSCDXC.mjs";
 
-// src/confirm.ts
-async function createConfirmation(action) {
-  const hashBuffer = await hashAction(action);
-  const code = deriveConfirmationCode(hashBuffer);
-  const actionHash = bufferToBase64url(hashBuffer);
-  return { code, actionHash };
-}
-function validateConfirmation(confirmation, userInput) {
-  if (userInput.toUpperCase().trim() !== confirmation.code.toUpperCase()) {
-    throw new HumanKeyError(
-      "Confirmation code mismatch",
-      "CONFIRMATION_MISMATCH"
-    );
-  }
-}
-
-// src/tap.ts
-import { startAuthentication } from "@simplewebauthn/browser";
-async function requestTap(request) {
-  const {
-    challenge,
-    action,
-    confirmation,
-    userInput,
-    allowCredentials,
-    rpID,
-    userVerification = "required",
-    timeout = 6e4
-  } = request;
-  validateConfirmation(confirmation, userInput);
-  const actionHashBuffer = await hashAction(action);
-  const confirmationInput = `${confirmation.code}:${userInput.toUpperCase().trim()}`;
-  const confirmationHashBuffer = await crypto.subtle.digest(
-    "SHA-256",
-    new TextEncoder().encode(confirmationInput)
-  );
-  const challengeBuffer = base64urlToBuffer(challenge);
-  const finalChallenge = await combineAndHash(
-    challengeBuffer,
-    actionHashBuffer,
-    confirmationHashBuffer
-  );
-  const actionHash = bufferToBase64url(actionHashBuffer);
-  const confirmationHash = bufferToBase64url(confirmationHashBuffer);
-  try {
-    const response = await startAuthentication({
-      optionsJSON: {
-        challenge: bufferToBase64url(finalChallenge),
-        rpId: rpID,
-        allowCredentials: allowCredentials.map((cred) => ({
-          id: cred.id,
-          type: "public-key",
-          transports: cred.transports
-        })),
-        userVerification,
-        timeout
-      }
-    });
-    return {
-      response,
-      action,
-      actionHash,
-      confirmationHash,
-      userInput: userInput.toUpperCase().trim()
-    };
-  } catch (error) {
-    if (error instanceof Error && error.name === "NotAllowedError") {
-      throw new HumanKeyError(
-        "User cancelled the hardware key tap",
-        "USER_CANCELLED",
-        error
-      );
-    }
-    throw error;
-  }
-}
-
-// src/register.ts
-import { startRegistration } from "@simplewebauthn/browser";
-async function registerKey(request) {
-  const {
-    challenge,
-    rpID,
-    rpName,
-    userName,
-    userDisplayName = userName,
-    excludeCredentials = [],
-    attestation = "direct",
-    userVerification = "required",
-    timeout = 6e4
-  } = request;
-  const userIdBytes = new TextEncoder().encode(userName);
-  const userIdHash = await crypto.subtle.digest("SHA-256", userIdBytes);
-  const userId = bufferToBase64url(userIdHash);
-  try {
-    const response = await startRegistration({
-      optionsJSON: {
-        rp: { name: rpName, id: rpID },
-        user: {
-          id: userId,
-          name: userName,
-          displayName: userDisplayName
-        },
-        challenge,
-        pubKeyCredParams: [
-          { alg: -7, type: "public-key" },
-          // ES256
-          { alg: -257, type: "public-key" }
-          // RS256
-        ],
-        timeout,
-        attestation,
-        excludeCredentials: excludeCredentials.map((cred) => ({
-          id: cred.id,
-          type: "public-key",
-          transports: cred.transports
-        })),
-        authenticatorSelection: {
-          authenticatorAttachment: "cross-platform",
-          residentKey: "preferred",
-          userVerification
-        }
-      }
-    });
-    return {
-      credentialId: response.id,
-      response,
-      transports: response.response.transports
-    };
-  } catch (error) {
-    if (error instanceof Error && error.name === "NotAllowedError") {
-      throw new HumanKeyError(
-        "User cancelled hardware key registration",
-        "USER_CANCELLED",
-        error
-      );
-    }
-    throw new HumanKeyError(
-      `Registration failed: ${error instanceof Error ? error.message : "Unknown error"}`,
-      "REGISTRATION_FAILED",
-      error
-    );
-  }
-}
-
 // src/support.ts
 function isHumanKeySupported() {
   return typeof window !== "undefined" && typeof window.PublicKeyCredential !== "undefined" && typeof navigator.credentials !== "undefined";

package/dist/nextjs.cjs

@@ -0,0 +1,40 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+
+
+
+
+var _chunkG2IT2ZP5cjs = require('./chunk-G2IT2ZP5.cjs');
+require('./chunk-FW3YUVJC.cjs');
+require('./chunk-JI6NIMGK.cjs');
+
+// src/nextjs.ts
+function createHumanKeyHandlers(config) {
+  const resolved = _chunkG2IT2ZP5cjs.resolveConfig.call(void 0, config);
+  return {
+    /** POST handler for /challenge — generates and stores a challenge. */
+    challenge: async () => {
+      const result = await _chunkG2IT2ZP5cjs.handleChallenge.call(void 0, resolved);
+      return toResponse(result);
+    },
+    /** POST handler for /register — verifies registration and stores credential. */
+    register: async (req) => {
+      const body = await req.json();
+      const result = await _chunkG2IT2ZP5cjs.handleRegister.call(void 0, resolved, body);
+      return toResponse(result);
+    },
+    /** POST handler for /verify — verifies a tap proof. */
+    verify: async (req) => {
+      const body = await req.json();
+      const result = await _chunkG2IT2ZP5cjs.handleVerify.call(void 0, resolved, body);
+      return toResponse(result);
+    }
+  };
+}
+function toResponse(result) {
+  return Response.json(result.body, { status: result.status });
+}
+
+
+
+exports.MemoryChallengeStore = _chunkG2IT2ZP5cjs.MemoryChallengeStore; exports.createHumanKeyHandlers = createHumanKeyHandlers;

package/dist/nextjs.d.cts

@@ -0,0 +1,28 @@
+import { H as HumanKeyAdapterConfig } from './adapter-core-CoBcSqdG.cjs';
+export { C as ChallengeStore, M as MemoryChallengeStore } from './adapter-core-CoBcSqdG.cjs';
+export { A as ActionPayload, c as TapCredential, V as VerifyResult } from './types-By44RNIt.cjs';
+import '@simplewebauthn/server';
+
+/** Configuration for the humankey Next.js adapter. */
+type HumanKeyNextConfig = HumanKeyAdapterConfig;
+/**
+ * Create Next.js App Router route handlers for humankey.
+ *
+ * Usage (one file per route):
+ * ```ts
+ * // app/api/humankey/challenge/route.ts
+ * import { createHumanKeyHandlers } from 'humankey/nextjs';
+ * const hk = createHumanKeyHandlers({ ... });
+ * export const POST = hk.challenge;
+ * ```
+ */
+declare function createHumanKeyHandlers(config: HumanKeyNextConfig): {
+    /** POST handler for /challenge — generates and stores a challenge. */
+    challenge: () => Promise<Response>;
+    /** POST handler for /register — verifies registration and stores credential. */
+    register: (req: Request) => Promise<Response>;
+    /** POST handler for /verify — verifies a tap proof. */
+    verify: (req: Request) => Promise<Response>;
+};
+
+export { type HumanKeyNextConfig, createHumanKeyHandlers };

package/dist/nextjs.d.ts

@@ -0,0 +1,28 @@
+import { H as HumanKeyAdapterConfig } from './adapter-core-CFN3y3L0.js';
+export { C as ChallengeStore, M as MemoryChallengeStore } from './adapter-core-CFN3y3L0.js';
+export { A as ActionPayload, c as TapCredential, V as VerifyResult } from './types-By44RNIt.js';
+import '@simplewebauthn/server';
+
+/** Configuration for the humankey Next.js adapter. */
+type HumanKeyNextConfig = HumanKeyAdapterConfig;
+/**
+ * Create Next.js App Router route handlers for humankey.
+ *
+ * Usage (one file per route):
+ * ```ts
+ * // app/api/humankey/challenge/route.ts
+ * import { createHumanKeyHandlers } from 'humankey/nextjs';
+ * const hk = createHumanKeyHandlers({ ... });
+ * export const POST = hk.challenge;
+ * ```
+ */
+declare function createHumanKeyHandlers(config: HumanKeyNextConfig): {
+    /** POST handler for /challenge — generates and stores a challenge. */
+    challenge: () => Promise<Response>;
+    /** POST handler for /register — verifies registration and stores credential. */
+    register: (req: Request) => Promise<Response>;
+    /** POST handler for /verify — verifies a tap proof. */
+    verify: (req: Request) => Promise<Response>;
+};
+
+export { type HumanKeyNextConfig, createHumanKeyHandlers };