pushwave-client 0.1.0

package/android/build.gradle

@@ -0,0 +1,55 @@
+buildscript {
+    ext.safeExtGet = { prop, fallback ->
+        return rootProject.ext.has(prop) ? rootProject.ext.get(prop) : fallback
+    }
+    ext.kotlin_version = safeExtGet("kotlinVersion", "1.9.22")
+    repositories {
+        google()
+        mavenCentral()
+    }
+    dependencies {
+        classpath("org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version")
+    }
+}
+
+apply plugin: "com.android.library"
+apply plugin: "org.jetbrains.kotlin.android"
+
+def getExtOrDefault(name, defaultValue) {
+    return rootProject.ext.has(name) ? rootProject.ext.get(name) : defaultValue
+}
+
+android {
+    namespace "com.pushwaveclient"
+    compileSdkVersion getExtOrDefault("compileSdkVersion", 34)
+
+    defaultConfig {
+        minSdkVersion getExtOrDefault("minSdkVersion", 23)
+        targetSdkVersion getExtOrDefault("targetSdkVersion", 34)
+        consumerProguardFiles "consumer-rules.pro"
+    }
+
+    compileOptions {
+        sourceCompatibility JavaVersion.VERSION_17
+        targetCompatibility JavaVersion.VERSION_17
+    }
+
+    kotlinOptions {
+        jvmTarget = "17"
+    }
+
+    lintOptions {
+        abortOnError false
+    }
+}
+
+repositories {
+    google()
+    mavenCentral()
+}
+
+dependencies {
+    implementation "com.facebook.react:react-native:+"
+    implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
+    implementation "com.google.android.play:integrity:1.3.0"
+}

package/android/consumer-rules.pro

@@ -0,0 +1 @@
+# Keep file intentionally empty; no consumer rules required for this library.

package/android/src/main/AndroidManifest.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    package="com.pushwaveclient">
+
+    <application />
+
+</manifest>

package/android/src/main/java/com/pushwaveclient/PushwaveAttestationModule.kt

@@ -0,0 +1,38 @@
+package com.pushwaveclient
+
+import com.facebook.react.bridge.Promise
+import com.facebook.react.bridge.ReactApplicationContext
+import com.facebook.react.bridge.ReactContextBaseJavaModule
+import com.facebook.react.bridge.ReactMethod
+import com.google.android.gms.tasks.OnFailureListener
+import com.google.android.gms.tasks.OnSuccessListener
+import com.google.android.play.core.integrity.IntegrityManagerFactory
+import com.google.android.play.core.integrity.StandardIntegrityManager
+import com.google.android.play.core.integrity.StandardIntegrityTokenRequest
+
+class PushwaveAttestationModule(private val context: ReactApplicationContext) :
+    ReactContextBaseJavaModule(context) {
+
+    override fun getName(): String = "PushwaveAttestation"
+
+    @ReactMethod
+    fun getIntegrityToken(nonce: String, promise: Promise) {
+        try {
+            val integrityManager = IntegrityManagerFactory.create(context)
+            val standard: StandardIntegrityManager = integrityManager.standardIntegrityManager()
+            val request = StandardIntegrityTokenRequest.builder()
+                .setNonce(nonce)
+                .build()
+
+            standard.requestIntegrityToken(request)
+                .addOnSuccessListener(OnSuccessListener { response ->
+                    promise.resolve(response.token())
+                })
+                .addOnFailureListener(OnFailureListener { error ->
+                    promise.reject("PLAY_INTEGRITY_ERROR", error.localizedMessage, error)
+                })
+        } catch (e: Exception) {
+            promise.reject("PLAY_INTEGRITY_ERROR", e.localizedMessage, e)
+        }
+    }
+}

package/android/src/main/java/com/pushwaveclient/PushwaveAttestationPackage.kt

@@ -0,0 +1,16 @@
+package com.pushwaveclient
+
+import com.facebook.react.ReactPackage
+import com.facebook.react.bridge.NativeModule
+import com.facebook.react.bridge.ReactApplicationContext
+import com.facebook.react.uimanager.ViewManager
+
+class PushwaveAttestationPackage : ReactPackage {
+    override fun createNativeModules(reactContext: ReactApplicationContext): List<NativeModule> {
+        return listOf(PushwaveAttestationModule(reactContext))
+    }
+
+    override fun createViewManagers(reactContext: ReactApplicationContext): List<ViewManager<*, *>> {
+        return emptyList()
+    }
+}

package/dist/attestation/getAndroidSignature.js

@@ -0,0 +1 @@
+"use strict";

package/dist/attestation/getApplicationAttestation.d.ts

@@ -0,0 +1,16 @@
+export interface AndroidAttestationPayload {
+    nonce: string;
+    timestamp: number;
+    integrityToken: string;
+}
+export interface IosAttestationPayload {
+    nonce: string;
+    timestamp: number;
+    deviceCheckToken: string;
+}
+export interface DisabledAttestation {
+    attestationDisabled: true;
+    reason: string;
+}
+export type ApplicationAttestation = AndroidAttestationPayload | IosAttestationPayload | DisabledAttestation | true;
+export default function getApplicationAttestation(apiKey: string): Promise<ApplicationAttestation>;

package/dist/attestation/getApplicationAttestation.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = getApplicationAttestation;
+const buffer_1 = require("buffer");
+const react_native_1 = require("react-native");
+const native_1 = require("./native");
+async function getApplicationAttestation(apiKey) {
+    if (!requiresAttestation(apiKey))
+        return true;
+    const { nonce, timestamp } = createNonce();
+    try {
+        if (react_native_1.Platform.OS === "android")
+            return await getAndroidSignature(nonce, timestamp);
+        if (react_native_1.Platform.OS === "ios")
+            return await getIosDeviceCheck(nonce, timestamp);
+    }
+    catch (err) {
+        const reason = err?.message ?? "attestation-error";
+        return { attestationDisabled: true, reason };
+    }
+    return { attestationDisabled: true, reason: "platform-unsupported" };
+}
+function requiresAttestation(apiKey) {
+    return apiKey.startsWith("pw_pub_");
+}
+function createNonce() {
+    const timestamp = Date.now();
+    const random = Math.random().toString(36).slice(2);
+    const raw = `${timestamp}:${random}`;
+    const nonce = base64UrlEncode(raw);
+    return { nonce, timestamp };
+}
+function base64UrlEncode(input) {
+    if (typeof globalThis.btoa === "function") {
+        return globalThis.btoa(input).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+    }
+    return buffer_1.Buffer.from(input, "utf8")
+        .toString("base64")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=+$/, "");
+}
+async function getAndroidSignature(nonce, timestamp) {
+    const integrityToken = await (0, native_1.getAndroidIntegrityToken)(nonce);
+    if (!integrityToken) {
+        return { attestationDisabled: true, reason: "play-integrity-unavailable" };
+    }
+    return { nonce, timestamp, integrityToken };
+}
+async function getIosDeviceCheck(nonce, timestamp) {
+    const deviceCheckToken = await (0, native_1.getDeviceCheckToken)(nonce);
+    if (!deviceCheckToken) {
+        return { attestationDisabled: true, reason: "devicecheck-unavailable" };
+    }
+    return { nonce, timestamp, deviceCheckToken };
+}

package/dist/attestation/getApplicationSignature.d.ts

@@ -0,0 +1 @@
+export default function getApplicationSignature(): void;

package/dist/attestation/getApplicationSignature.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = getApplicationSignature;
+function getApplicationSignature() {
+}
+function getAndroidSignature() {
+}
+function getIosDeviceCheck() {
+}

package/dist/attestation/getIosDeviceCheck.d.ts

@@ -0,0 +1 @@
+export default function (): any;

package/dist/attestation/getIosDeviceCheck.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/attestation/native.d.ts

@@ -0,0 +1,2 @@
+export declare function getAndroidIntegrityToken(nonce: string): Promise<string | undefined>;
+export declare function getDeviceCheckToken(nonce: string): Promise<string | undefined>;

package/dist/attestation/native.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAndroidIntegrityToken = getAndroidIntegrityToken;
+exports.getDeviceCheckToken = getDeviceCheckToken;
+const react_native_1 = require("react-native");
+const MODULE_NAME = "PushwaveAttestation";
+const NativeAttestation = react_native_1.NativeModules?.[MODULE_NAME];
+function assertLinked() {
+    if (!NativeAttestation) {
+        throw new Error("native-module-unavailable");
+    }
+}
+async function getAndroidIntegrityToken(nonce) {
+    if (react_native_1.Platform.OS !== "android")
+        return;
+    assertLinked();
+    return NativeAttestation.getIntegrityToken(nonce);
+}
+async function getDeviceCheckToken(nonce) {
+    if (react_native_1.Platform.OS !== "ios")
+        return;
+    assertLinked();
+    return NativeAttestation.getDeviceCheckToken(nonce);
+}

package/dist/index.d.ts

@@ -0,0 +1,6 @@
+import { RegisterPushWaveClient, RegisterPushWaveResponse } from "./registerPushWave";
+export interface PushWaveClientType {
+    init(options: RegisterPushWaveClient): Promise<RegisterPushWaveResponse>;
+}
+declare const PushWaveClient: PushWaveClientType;
+export default PushWaveClient;

package/dist/index.js

@@ -0,0 +1,12 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const registerPushWave_1 = __importDefault(require("./registerPushWave"));
+const PushWaveClient = {
+    init(options) {
+        return (0, registerPushWave_1.default)(options);
+    },
+};
+exports.default = PushWaveClient;

package/dist/registerPushWave.d.ts

@@ -0,0 +1,14 @@
+export interface RegisterPushWaveClient {
+    apiKey: string;
+}
+export interface RegisterPushWaveResponse {
+    success: boolean;
+    message?: string;
+}
+export interface RegisterPushWaveOptions {
+    apiKey: string;
+    expoToken: string;
+    platform: string;
+    appAttestation?: any;
+}
+export default function registerPushWave({ apiKey }: RegisterPushWaveClient): Promise<RegisterPushWaveResponse>;

package/dist/registerPushWave.js

@@ -0,0 +1,58 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = registerPushWave;
+const fetch_1 = require("./utils/fetch");
+const expoToken_1 = require("./utils/expoToken");
+const getApplicationAttestation_1 = __importDefault(require("./attestation/getApplicationAttestation"));
+const react_native_1 = require("react-native");
+const pwLogger_1 = require("./utils/pwLogger");
+const apiKeyCheck_1 = require("./utils/apiKeyCheck");
+async function registerPushWave({ apiKey }) {
+    if ((0, apiKeyCheck_1.isSecretKey)(apiKey)) {
+        const warn = `\x1b[0m You are using your SECRET API key in a client environment. This key must NEVER be embedded in a mobile app.`;
+        pwLogger_1.PWLogger.warn(warn);
+    }
+    const expoToken = await (0, expoToken_1.getExpoToken)();
+    if (!expoToken) {
+        const message = "could not get ExpoToken";
+        pwLogger_1.PWLogger.error(message);
+        return {
+            success: false,
+            message: "[PushWaveClient] Error: " + message
+        };
+    }
+    const appAttestation = await (0, getApplicationAttestation_1.default)(apiKey);
+    if (!appAttestation) {
+        const message = `could not get ${react_native_1.Platform.OS} attestation.`;
+        pwLogger_1.PWLogger.error(message);
+        return {
+            success: false,
+            message: `[PushWaveClient] Error: ` + message
+        };
+    }
+    const path = "/v1/expo-tokens";
+    const options = {
+        apiKey: apiKey,
+        expoToken: expoToken,
+        platform: react_native_1.Platform.OS,
+        appAttestation: appAttestation
+    };
+    try {
+        const res = await (0, fetch_1.fetchApi)(path, options);
+        return {
+            success: true,
+            message: res.message,
+        };
+    }
+    catch (err) {
+        const e = err;
+        pwLogger_1.PWLogger.error(e.message);
+        return {
+            success: false,
+            message: e.message,
+        };
+    }
+}

package/dist/utils/apiKeyCheck.d.ts

@@ -0,0 +1 @@
+export declare function isSecretKey(apiKey: string): boolean;

package/dist/utils/apiKeyCheck.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isSecretKey = isSecretKey;
+function isSecretKey(apiKey) {
+    return apiKey.startsWith("pw_sec_");
+}

package/dist/utils/expoToken.d.ts

@@ -0,0 +1 @@
+export declare function getExpoToken(): Promise<string | undefined>;

package/dist/utils/expoToken.js

@@ -0,0 +1,59 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getExpoToken = getExpoToken;
+const Notifications = __importStar(require("expo-notifications"));
+const expo_constants_1 = __importDefault(require("expo-constants"));
+async function getExpoToken() {
+    try {
+        const existing = await Notifications.getPermissionsAsync();
+        const finalStatus = existing.status === "granted"
+            ? existing.status
+            : (await Notifications.requestPermissionsAsync()).status;
+        if (finalStatus !== "granted")
+            return;
+        const projectId = expo_constants_1.default.expoConfig?.extra?.eas?.projectId ?? expo_constants_1.default.easConfig?.projectId;
+        const token = (projectId
+            ? await Notifications.getExpoPushTokenAsync({ projectId })
+            : await Notifications.getExpoPushTokenAsync()).data;
+        return token;
+    }
+    catch (e) {
+        throw new Error(`[expo-notifications] Error: ` + e);
+    }
+}

package/dist/utils/fetch.d.ts

@@ -0,0 +1 @@
+export declare function fetchApi<TResponse>(path: string, data: Record<string, any>): Promise<TResponse>;

package/dist/utils/fetch.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fetchApi = fetchApi;
+const BASE_URL = "https://pushwave.luruk-hai.fr";
+async function fetchApi(path, data) {
+    const url = BASE_URL + path;
+    const res = await fetch(url, {
+        method: "POST",
+        headers: {
+            "Content-Type": "application/json",
+        },
+        body: JSON.stringify(data),
+    });
+    const text = await res.text();
+    let json = null;
+    try {
+        json = text ? JSON.parse(text) : null;
+    }
+    catch (err) {
+        // JSON empty/invalid
+    }
+    if (!res.ok) {
+        const apiError = (json?.error ?? json?.message ?? "");
+        const message = `(${res.status}) ${apiError}`.trim();
+        throw new Error(message);
+    }
+    return json;
+}

package/dist/utils/pwLogger.d.ts

@@ -0,0 +1,6 @@
+export declare const PWLogger: {
+    info: (...args: any[]) => void;
+    warn: (...args: any[]) => void;
+    error: (...args: any[]) => void;
+    success: (...args: any[]) => void;
+};

package/dist/utils/pwLogger.js

@@ -0,0 +1,35 @@
+"use strict";
+// utils/pwLogger.ts
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PWLogger = void 0;
+const COLORS = {
+    reset: "\x1b[0m",
+    bold: "\x1b[1m",
+    dim: "\x1b[2m",
+    red: "\x1b[31m",
+    yellow: "\x1b[33m",
+    cyan: "\x1b[36m",
+    green: "\x1b[32m"
+};
+exports.PWLogger = {
+    info: (...args) => {
+        if (__DEV__) {
+            console.log(`${COLORS.cyan}${COLORS.bold}[PushWave INFO]${COLORS.reset}`, ...args);
+        }
+    },
+    warn: (...args) => {
+        if (__DEV__) {
+            console.warn(`${COLORS.yellow}${COLORS.bold}⚠️  [PushWave WARNING]${COLORS.reset}`, ...args);
+        }
+    },
+    error: (...args) => {
+        if (__DEV__) {
+            console.error(`${COLORS.red}${COLORS.bold}❌  [PushWave ERROR]${COLORS.reset}`, ...args);
+        }
+    },
+    success: (...args) => {
+        if (__DEV__) {
+            console.log(`${COLORS.green}${COLORS.bold}✔️  [PushWave]${COLORS.reset}`, ...args);
+        }
+    }
+};

package/dist/utils/validation.js

@@ -0,0 +1 @@
+"use strict";

package/ios/PushwaveAttestation.m

@@ -0,0 +1,11 @@
+#import <React/RCTBridgeModule.h>
+
+@interface RCT_EXTERN_MODULE(PushwaveAttestation, NSObject)
+
+RCT_EXTERN_METHOD(
+  getDeviceCheckToken:(NSString *)nonce
+  resolver:(RCTPromiseResolveBlock)resolve
+  rejecter:(RCTPromiseRejectBlock)reject
+)
+
+@end

package/ios/PushwaveAttestation.swift

@@ -0,0 +1,37 @@
+import DeviceCheck
+import Foundation
+import React
+
+@objc(PushwaveAttestation)
+class PushwaveAttestation: NSObject {
+  @objc
+  static func requiresMainQueueSetup() -> Bool {
+    return false
+  }
+
+  @objc
+  func getDeviceCheckToken(
+    _ nonce: NSString,
+    resolver resolve: @escaping RCTPromiseResolveBlock,
+    rejecter reject: @escaping RCTPromiseRejectBlock
+  ) {
+    guard DCDevice.current.isSupported else {
+      resolve(NSNull())
+      return
+    }
+
+    DCDevice.current.generateToken { data, error in
+      if let error = error {
+        reject("DEVICE_CHECK_ERROR", error.localizedDescription, error)
+        return
+      }
+
+      guard let tokenData = data else {
+        resolve(NSNull())
+        return
+      }
+
+      resolve(tokenData.base64EncodedString())
+    }
+  }
+}

package/package.json

@@ -0,0 +1,39 @@
+{
+  "name": "pushwave-client",
+  "version": "0.1.0",
+  "description": "PushWave Client, Expo Push Notifications SaaS SDK",
+  "homepage": "https://github.com/luruk-hai/pushwave-client#readme",
+  "bugs": {
+    "url": "https://github.com/luruk-hai/pushwave-client/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/luruk-hai/pushwave-client.git"
+  },
+  "license": "MIT",
+  "author": "",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "expo": {
+    "plugin": "./plugin/index.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "clean": "rm -rf dist"
+  },
+  "peerDependencies": {
+    "expo-constants": "*",
+    "expo-notifications": "*",
+    "react-native": "*",
+    "expo": "*"
+  },
+  "dependencies": {
+    "cross-fetch": "^4.1.0",
+    "@expo/config-plugins": "^8.0.6"
+  },
+  "devDependencies": {
+    "typescript": "^5.9.3",
+    "ts-node": "^10.9.2",
+    "@types/node": "^24.10.1"
+  }
+}

package/plugin/index.js

@@ -0,0 +1,46 @@
+const {
+  createRunOncePlugin,
+  withAppBuildGradle,
+} = require("@expo/config-plugins");
+
+const pkg = require("../package.json");
+
+const PLAY_INTEGRITY_DEP = 'implementation("com.google.android.play:integrity:1.3.0")';
+
+function withPushwaveAndroid(config) {
+  return withAppBuildGradle(config, (config) => {
+    if (config.modResults.language !== "groovy") {
+      return config;
+    }
+
+    const content = config.modResults.contents;
+
+    if (content.includes(PLAY_INTEGRITY_DEP)) {
+      return config;
+    }
+
+    config.modResults.contents = content.replace(
+      /dependencies\s?{[^}]*}/,
+      (match) => {
+        if (match.includes(PLAY_INTEGRITY_DEP)) return match;
+        return match.replace(
+          /dependencies\s?{/,
+          `dependencies {\n        ${PLAY_INTEGRITY_DEP}\n`
+        );
+      }
+    );
+
+    return config;
+  });
+}
+
+const withPushwaveClient = (config) => {
+  config = withPushwaveAndroid(config);
+  return config;
+};
+
+module.exports = createRunOncePlugin(
+  withPushwaveClient,
+  pkg.name,
+  pkg.version
+);

package/pushwave-client.podspec

@@ -0,0 +1,21 @@
+require "json"
+
+package = JSON.parse(File.read(File.join(__dir__, "package.json")))
+
+Pod::Spec.new do |s|
+  s.name         = "pushwave-client"
+  s.version      = package["version"]
+  s.summary      = package["description"] || "PushWave Client SDK"
+  s.homepage     = package["homepage"] || "https://github.com/luruk-hai/pushwave-client"
+  s.license      = package["license"] || "MIT"
+  s.author       = package["author"] || { "PushWave" => "support@pushwave.dev" }
+  s.platforms    = { :ios => "13.0" }
+  s.source       = { :git => package["repository"] ? package["repository"]["url"] : "https://github.com/luruk-hai/pushwave-client.git",
+                     :tag => "v#{s.version}" }
+
+  s.source_files  = "ios/**/*.{h,m,mm,swift}"
+  s.requires_arc  = true
+  s.swift_version = "5.0"
+  s.frameworks    = "DeviceCheck"
+  s.dependency    "React-Core"
+end

package/react-native.config.js

@@ -0,0 +1,14 @@
+module.exports = {
+  dependency: {
+    platforms: {
+      ios: {
+        podspecPath: "pushwave-client.podspec",
+      },
+      android: {
+        sourceDir: "android",
+        packageImportPath: "import com.pushwaveclient.PushwaveAttestationPackage",
+        packageInstance: "new PushwaveAttestationPackage()",
+      },
+    },
+  },
+};

package/src/attestation/getApplicationAttestation.ts

@@ -0,0 +1,92 @@
+import { Buffer } from "buffer";
+import { Platform } from "react-native";
+import { getAndroidIntegrityToken, getDeviceCheckToken } from "./native";
+
+export interface AndroidAttestationPayload {
+    nonce: string;
+    timestamp: number;
+    integrityToken: string;
+}
+
+export interface IosAttestationPayload {
+    nonce: string;
+    timestamp: number;
+    deviceCheckToken: string;
+}
+
+export interface DisabledAttestation {
+    attestationDisabled: true;
+    reason: string;
+}
+
+export type ApplicationAttestation =
+    | AndroidAttestationPayload
+    | IosAttestationPayload
+    | DisabledAttestation
+    | true;
+
+export default async function getApplicationAttestation(apiKey: string): Promise<ApplicationAttestation> {
+    if (!requiresAttestation(apiKey)) return true;
+
+    const { nonce, timestamp } = createNonce();
+
+    try {
+        if (Platform.OS === "android") return await getAndroidSignature(nonce, timestamp);
+        if (Platform.OS === "ios") return await getIosDeviceCheck(nonce, timestamp);
+    } catch (err) {
+        const reason = (err as Error)?.message ?? "attestation-error";
+        return { attestationDisabled: true, reason };
+    }
+
+    return { attestationDisabled: true, reason: "platform-unsupported" };
+}
+
+function requiresAttestation(apiKey: string) {
+    return apiKey.startsWith("pw_pub_");
+}
+
+function createNonce() {
+    const timestamp = Date.now();
+    const random = Math.random().toString(36).slice(2);
+    const raw = `${timestamp}:${random}`;
+    const nonce = base64UrlEncode(raw);
+    return { nonce, timestamp };
+}
+
+function base64UrlEncode(input: string): string {
+    if (typeof globalThis.btoa === "function") {
+        return globalThis.btoa(input).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+    }
+
+    return Buffer.from(input, "utf8")
+        .toString("base64")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=+$/, "");
+}
+
+async function getAndroidSignature(
+    nonce: string,
+    timestamp: number
+): Promise<AndroidAttestationPayload | DisabledAttestation> {
+    const integrityToken = await getAndroidIntegrityToken(nonce);
+
+    if (!integrityToken) {
+        return { attestationDisabled: true, reason: "play-integrity-unavailable" };
+    }
+
+    return { nonce, timestamp, integrityToken };
+}
+
+async function getIosDeviceCheck(
+    nonce: string,
+    timestamp: number
+): Promise<IosAttestationPayload | DisabledAttestation> {
+    const deviceCheckToken = await getDeviceCheckToken(nonce);
+
+    if (!deviceCheckToken) {
+        return { attestationDisabled: true, reason: "devicecheck-unavailable" };
+    }
+
+    return { nonce, timestamp, deviceCheckToken };
+}

package/src/attestation/native.ts

@@ -0,0 +1,22 @@
+import { NativeModules, Platform } from "react-native";
+
+const MODULE_NAME = "PushwaveAttestation";
+const NativeAttestation = NativeModules?.[MODULE_NAME];
+
+function assertLinked() {
+  if (!NativeAttestation) {
+    throw new Error("native-module-unavailable");
+  }
+}
+
+export async function getAndroidIntegrityToken(nonce: string): Promise<string | undefined> {
+  if (Platform.OS !== "android") return;
+  assertLinked();
+  return NativeAttestation.getIntegrityToken(nonce);
+}
+
+export async function getDeviceCheckToken(nonce: string): Promise<string | undefined> {
+  if (Platform.OS !== "ios") return;
+  assertLinked();
+  return NativeAttestation.getDeviceCheckToken(nonce);
+}

package/src/index.ts

@@ -0,0 +1,16 @@
+import registerPushWave, {
+    RegisterPushWaveClient,
+  RegisterPushWaveResponse,
+} from "./registerPushWave";
+
+export interface PushWaveClientType {
+  init(options: RegisterPushWaveClient): Promise<RegisterPushWaveResponse>;
+}
+
+const PushWaveClient: PushWaveClientType = {
+  init(options) {
+    return registerPushWave(options);
+  },
+};
+
+export default PushWaveClient;

package/src/registerPushWave.ts

@@ -0,0 +1,87 @@
+import { fetchApi } from "./utils/fetch";
+import { getExpoToken } from "./utils/expoToken";
+import getApplicationAttestation from "./attestation/getApplicationAttestation";
+import { Platform } from "react-native";
+import { PWLogger } from "./utils/pwLogger";
+import { isSecretKey } from "./utils/apiKeyCheck";
+
+export interface RegisterPushWaveClient {
+    apiKey: string;
+}
+
+export interface RegisterPushWaveResponse {
+    success: boolean;
+    message?: string;
+}
+
+export interface RegisterPushWaveOptions {
+    apiKey: string;
+    expoToken: string;
+    platform: string;
+    appAttestation?: any;
+}
+
+export default async function registerPushWave(
+    { apiKey }: RegisterPushWaveClient
+): Promise<RegisterPushWaveResponse> {
+
+    if (isSecretKey(apiKey)) {
+        const warn = `\x1b[0m You are using your SECRET API key in a client environment. This key must NEVER be embedded in a mobile app.`;
+        PWLogger.warn(warn);
+    }
+
+    const expoToken = await getExpoToken();
+
+    if (!expoToken) {
+
+        const message = "could not get ExpoToken";
+
+        PWLogger.error(message)
+
+        return {
+            success: false,
+            message: "[PushWaveClient] Error: " + message
+        }
+    }
+
+    const appAttestation = await getApplicationAttestation(apiKey);
+
+    if (!appAttestation) {
+
+        const message = `could not get ${Platform.OS} attestation.`;
+
+        PWLogger.error(message);
+
+        return {
+            success: false,
+            message: `[PushWaveClient] Error: ` + message
+        }
+    }
+
+    const path = "/v1/expo-tokens"
+
+    const options: RegisterPushWaveOptions = {
+        apiKey: apiKey,
+        expoToken: expoToken,
+        platform: Platform.OS,
+        appAttestation: appAttestation
+    }
+
+    try {
+        const res: RegisterPushWaveResponse = await fetchApi(path, options)
+
+        return {
+            success: true,
+            message: res.message,
+        };
+    } catch (err) {
+        const e = err as Error;
+
+        PWLogger.error(e.message);
+
+        return {
+            success: false,
+            message: e.message,
+        };
+    }
+}

package/src/utils/apiKeyCheck.ts

@@ -0,0 +1,3 @@
+export function isSecretKey(apiKey: string) {
+    return apiKey.startsWith("pw_sec_");
+}

package/src/utils/expoToken.ts

@@ -0,0 +1,26 @@
+import * as Notifications from "expo-notifications";
+import Constants from "expo-constants";
+
+export async function getExpoToken() {
+    try {
+        const existing = await Notifications.getPermissionsAsync();
+        const finalStatus =
+            existing.status === "granted"
+                ? existing.status
+                : (await Notifications.requestPermissionsAsync()).status;
+        if (finalStatus !== "granted") return;
+
+        const projectId =
+            Constants.expoConfig?.extra?.eas?.projectId ?? Constants.easConfig?.projectId;
+
+        const token = (
+            projectId
+                ? await Notifications.getExpoPushTokenAsync({ projectId })
+                : await Notifications.getExpoPushTokenAsync()
+        ).data;
+
+        return token;
+    } catch (e) {
+        throw new Error(`[expo-notifications] Error: ` + e);
+    }
+}

package/src/utils/fetch.ts

@@ -0,0 +1,36 @@
+const BASE_URL = "https://pushwave.luruk-hai.fr";
+
+export async function fetchApi<TResponse>(
+  path: string,
+  data: Record<string, any>
+): Promise<TResponse> {
+
+  const url = BASE_URL + path;
+
+  const res = await fetch(url, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify(data),
+  });
+
+  const text = await res.text();
+  let json: any = null;
+
+  try {
+    json = text ? JSON.parse(text) : null;
+  } catch (err) {
+    // JSON empty/invalid
+  }
+
+  if (!res.ok) {
+    const apiError = (json?.error ?? json?.message ?? "") as string;
+
+    const message = `(${res.status}) ${apiError}`.trim();
+
+    throw new Error(message);
+  }
+
+  return json as TResponse;
+}

package/src/utils/pwLogger.ts

@@ -0,0 +1,49 @@
+// utils/pwLogger.ts
+
+const COLORS = {
+  reset: "\x1b[0m",
+  bold: "\x1b[1m",
+  dim: "\x1b[2m",
+  red: "\x1b[31m",
+  yellow: "\x1b[33m",
+  cyan: "\x1b[36m",
+  green: "\x1b[32m"
+};
+
+export const PWLogger = {
+  info: (...args: any[]) => {
+    if (__DEV__) {
+      console.log(
+        `${COLORS.cyan}${COLORS.bold}[PushWave INFO]${COLORS.reset}`,
+        ...args
+      );
+    }
+  },
+
+  warn: (...args: any[]) => {
+    if (__DEV__) {
+      console.warn(
+        `${COLORS.yellow}${COLORS.bold}⚠️  [PushWave WARNING]${COLORS.reset}`,
+        ...args
+      );
+    }
+  },
+
+  error: (...args: any[]) => {
+    if (__DEV__) {
+      console.error(
+        `${COLORS.red}${COLORS.bold}❌  [PushWave ERROR]${COLORS.reset}`,
+        ...args
+      );
+    }
+  },
+
+  success: (...args: any[]) => {
+    if (__DEV__) {
+      console.log(
+        `${COLORS.green}${COLORS.bold}✔️  [PushWave]${COLORS.reset}`,
+        ...args
+      );
+    }
+  }
+};

package/tsconfig.json

@@ -0,0 +1,16 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "CommonJS",
+    "outDir": "dist",
+    "rootDir": "src",
+    "declaration": true,
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "moduleResolution": "node",
+    "jsx": "react-native"
+  },
+  "include": ["src"],
+  "exclude": ["node_modules", "dist"]
+}