shogun-core 1.2.7 → 1.2.8

package/dist/types/plugins/index.d.ts

@@ -12,3 +12,7 @@ export { NostrConnector } from "./nostr/nostrConnector";
 export { NostrConnectorPlugin } from "./nostr/nostrConnectorPlugin";
 export type { NostrConnectorPluginInterface, NostrConnectorCredentials, NostrConnectorKeyPair, NostrConnectorConfig, AlbyProvider, NostrProvider, } from "./nostr/types";
 export { default as nostrChain } from "./nostr/nostrChain";
+export { OAuthConnector } from "./oauth/oauthConnector";
+export { OAuthPlugin } from "./oauth/oauthPlugin";
+export * from "./oauth/types";
+export { default as oauthChain } from "./oauth/oauthChain";

package/dist/types/plugins/nostr/index.d.ts

@@ -1,4 +1,5 @@
 export * from "./nostrConnectorPlugin";
 export * from "./nostrConnector";
+export * from "./nostrSigner";
 export * from "./types";
 export { default as nostrChain } from "./nostrChain";

package/dist/types/plugins/nostr/nostrConnector.d.ts

@@ -10,7 +10,7 @@ declare global {
 /**
  * Class for Bitcoin wallet connections and operations
  */
-export declare class NostrConnector extends EventEmitter {
+declare class NostrConnector extends EventEmitter {
     private readonly MESSAGE_TO_SIGN;
     private readonly DEFAULT_CONFIG;
     private readonly config;
@@ -86,7 +86,7 @@ export declare class NostrConnector extends EventEmitter {
     /**
      * Verify a signature
      */
-    verifySignature(message: string, signature: string, address: string): Promise<boolean>;
+    verifySignature(message: string, signature: string, address: any): Promise<boolean>;
     /**
      * Get the currently connected address
      */
@@ -104,3 +104,4 @@ export declare class NostrConnector extends EventEmitter {
      */
     private requestSignature;
 }
+export { NostrConnector };

package/dist/types/plugins/nostr/nostrConnectorPlugin.d.ts

@@ -1,5 +1,6 @@
 import { BasePlugin } from "../base";
 import { ShogunCore } from "../../index";
+import { NostrSigningCredential } from "./nostrSigner";
 import { NostrConnectorCredentials, ConnectionResult, NostrConnectorPluginInterface } from "./types";
 import { AuthResult } from "../../types/shogun";
 /**
@@ -11,6 +12,7 @@ export declare class NostrConnectorPlugin extends BasePlugin implements NostrCon
     version: string;
     description: string;
     private bitcoinConnector;
+    private signer;
     /**
      * @inheritdoc
      */
@@ -24,6 +26,11 @@ export declare class NostrConnectorPlugin extends BasePlugin implements NostrCon
      * @private
      */
     private assertBitcoinConnector;
+    /**
+     * Assicura che il signer sia inizializzato
+     * @private
+     */
+    private assertSigner;
     /**
      * @inheritdoc
      */
@@ -62,6 +69,81 @@ export declare class NostrConnectorPlugin extends BasePlugin implements NostrCon
      * @inheritdoc
      */
     generatePassword(signature: string): Promise<string>;
+    /**
+     * Creates a new Nostr signing credential
+     * CONSISTENT with normal Nostr approach
+     */
+    createSigningCredential(address: string): Promise<NostrSigningCredential>;
+    /**
+     * Creates an authenticator function for Nostr signing
+     */
+    createAuthenticator(address: string): (data: any) => Promise<string>;
+    /**
+     * Creates a derived key pair from Nostr credential
+     */
+    createDerivedKeyPair(address: string, extra?: string[]): Promise<{
+        pub: string;
+        priv: string;
+        epub: string;
+        epriv: string;
+    }>;
+    /**
+     * Signs data with derived keys after Nostr verification
+     */
+    signWithDerivedKeys(data: any, address: string, extra?: string[]): Promise<string>;
+    /**
+     * Get signing credential by address
+     */
+    getSigningCredential(address: string): NostrSigningCredential | undefined;
+    /**
+     * List all signing credentials
+     */
+    listSigningCredentials(): NostrSigningCredential[];
+    /**
+     * Remove a signing credential
+     */
+    removeSigningCredential(address: string): boolean;
+    /**
+     * Creates a Gun user from Nostr signing credential
+     * This ensures the SAME user is created as with normal approach
+     */
+    createGunUserFromSigningCredential(address: string): Promise<{
+        success: boolean;
+        userPub?: string;
+        error?: string;
+    }>;
+    /**
+     * Get the Gun user public key for a signing credential
+     */
+    getGunUserPubFromSigningCredential(address: string): string | undefined;
+    /**
+     * Get the password (for consistency checking)
+     */
+    getPassword(address: string): string | undefined;
+    /**
+     * Verify consistency between oneshot and normal approaches
+     * This ensures both approaches create the same Gun user
+     */
+    verifyConsistency(address: string, expectedUserPub?: string): Promise<{
+        consistent: boolean;
+        actualUserPub?: string;
+        expectedUserPub?: string;
+    }>;
+    /**
+     * Complete oneshot workflow that creates the SAME Gun user as normal approach
+     * This is the recommended method for oneshot signing with full consistency
+     */
+    setupConsistentOneshotSigning(address: string): Promise<{
+        credential: NostrSigningCredential;
+        authenticator: (data: any) => Promise<string>;
+        gunUser: {
+            success: boolean;
+            userPub?: string;
+            error?: string;
+        };
+        username: string;
+        password: string;
+    }>;
     /**
      * Login with Bitcoin wallet
      * @param address - Bitcoin address

package/dist/types/plugins/nostr/nostrSigner.d.ts

@@ -0,0 +1,104 @@
+import { NostrConnector } from "./nostrConnector";
+/**
+ * Nostr Signing Credential for oneshot signing
+ */
+export interface NostrSigningCredential {
+    address: string;
+    signature: string;
+    message: string;
+    username: string;
+    password: string;
+    gunUserPub?: string;
+}
+/**
+ * Nostr Signer - Provides oneshot signing functionality
+ * Similar to webauthn.js but for Nostr/Bitcoin wallets
+ * CONSISTENT with normal Nostr approach
+ */
+export declare class NostrSigner {
+    private nostrConnector;
+    private credentials;
+    private readonly MESSAGE_TO_SIGN;
+    constructor(nostrConnector?: NostrConnector);
+    /**
+     * Creates a new Nostr signing credential
+     * CONSISTENT with normal Nostr approach
+     */
+    createSigningCredential(address: string): Promise<NostrSigningCredential>;
+    /**
+     * Validates address using the same logic as NostrConnector
+     */
+    private validateAddress;
+    /**
+     * Generate deterministic signature using the SAME approach as NostrConnector
+     */
+    private generateDeterministicSignature;
+    /**
+     * Generate password using the SAME approach as NostrConnector
+     */
+    private generatePassword;
+    /**
+     * Creates an authenticator function compatible with SEA.sign
+     * This is the key function that makes it work like webauthn.js but for Nostr
+     */
+    createAuthenticator(address: string): (data: any) => Promise<string>;
+    /**
+     * Sign data using the credential
+     */
+    private signData;
+    /**
+     * Creates a derived key pair from Nostr credential
+     * CONSISTENT with normal approach: uses password as seed
+     */
+    createDerivedKeyPair(address: string, extra?: string[]): Promise<{
+        pub: string;
+        priv: string;
+        epub: string;
+        epriv: string;
+    }>;
+    /**
+     * Creates a Gun user from Nostr credential
+     * This ensures the SAME user is created as with normal approach
+     */
+    createGunUser(address: string, gunInstance: any): Promise<{
+        success: boolean;
+        userPub?: string;
+        error?: string;
+    }>;
+    /**
+     * Signs data using Nostr + derived keys
+     * This provides a hybrid approach: Nostr for user verification + derived keys for actual signing
+     * CONSISTENT with normal approach
+     */
+    signWithDerivedKeys(data: any, address: string, extra?: string[]): Promise<string>;
+    /**
+     * Get the Gun user public key for a credential
+     * This allows checking if the same user would be created
+     */
+    getGunUserPub(address: string): string | undefined;
+    /**
+     * Get the password (for consistency checking)
+     */
+    getPassword(address: string): string | undefined;
+    /**
+     * Check if this credential would create the same Gun user as normal approach
+     */
+    verifyConsistency(address: string, expectedUserPub?: string): Promise<{
+        consistent: boolean;
+        actualUserPub?: string;
+        expectedUserPub?: string;
+    }>;
+    /**
+     * Get credential by address
+     */
+    getCredential(address: string): NostrSigningCredential | undefined;
+    /**
+     * List all stored credentials
+     */
+    listCredentials(): NostrSigningCredential[];
+    /**
+     * Remove a credential
+     */
+    removeCredential(address: string): boolean;
+}
+export default NostrSigner;

package/dist/types/plugins/oauth/index.d.ts

@@ -0,0 +1,4 @@
+export { OAuthConnector } from "./oauthConnector";
+export { OAuthPlugin } from "./oauthPlugin";
+export type { OAuthPluginInterface, OAuthConfig, OAuthProvider, OAuthCredentials, OAuthConnectionResult, OAuthUserInfo, } from "./types";
+export { default as oauthChain } from "./oauthChain";

package/dist/types/plugins/oauth/oauthChain.d.ts

@@ -0,0 +1,2 @@
+declare const oauthChain: () => void;
+export default oauthChain;

package/dist/types/plugins/oauth/oauthConnector.d.ts

@@ -0,0 +1,100 @@
+import { EventEmitter } from "../../utils/eventEmitter";
+import { OAuthConfig, OAuthProvider, OAuthUserInfo, OAuthCredentials, OAuthConnectionResult } from "./types";
+/**
+ * OAuth Connector
+ */
+export declare class OAuthConnector extends EventEmitter {
+    private readonly DEFAULT_CONFIG;
+    private config;
+    private readonly userCache;
+    private readonly memoryStorage;
+    constructor(config?: Partial<OAuthConfig>);
+    /**
+     * Update the connector configuration
+     * @param config - New configuration options
+     */
+    updateConfig(config: Partial<OAuthConfig>): void;
+    /**
+     * Get origin URL (browser or Node.js compatible)
+     */
+    private getOrigin;
+    /**
+     * Storage abstraction (browser sessionStorage or Node.js Map)
+     */
+    private setItem;
+    private getItem;
+    private removeItem;
+    /**
+     * Check if OAuth is supported
+     */
+    isSupported(): boolean;
+    /**
+     * Get available OAuth providers
+     */
+    getAvailableProviders(): OAuthProvider[];
+    /**
+     * Generate PKCE challenge for secure OAuth flow
+     */
+    private generatePKCEChallenge;
+    /**
+     * Calculate the PKCE code challenge from a code verifier.
+     * Hashes the verifier using SHA-256 and then base64url encodes it.
+     * @param verifier The code verifier string.
+     * @returns The base64url-encoded SHA-256 hash of the verifier.
+     */
+    private calculatePKCECodeChallenge;
+    /**
+     * Encodes a buffer into a Base64URL-encoded string.
+     * @param buffer The buffer to encode.
+     * @returns The Base64URL-encoded string.
+     */
+    private base64urlEncode;
+    /**
+     * Generate cryptographically secure random string
+     */
+    private generateRandomString;
+    /**
+     * Initiate OAuth flow with a provider
+     */
+    initiateOAuth(provider: OAuthProvider): Promise<OAuthConnectionResult>;
+    /**
+     * Complete OAuth flow
+     */
+    completeOAuth(provider: OAuthProvider, authCode: string, state?: string): Promise<OAuthConnectionResult>;
+    /**
+     * Generate credentials from OAuth user info
+     */
+    generateCredentials(userInfo: OAuthUserInfo, provider: OAuthProvider): Promise<OAuthCredentials>;
+    /**
+     * Generate deterministic password
+     */
+    private generateDeterministicPassword;
+    /**
+     * Exchange authorization code for access token
+     */
+    private exchangeCodeForToken;
+    /**
+     * Get user info from OAuth provider
+     */
+    private fetchUserInfo;
+    /**
+     * Normalize user info across different providers
+     */
+    private normalizeUserInfo;
+    /**
+     * Cache user info
+     */
+    private cacheUserInfo;
+    /**
+     * Get cached user info
+     */
+    getCachedUserInfo(userId: string, provider: OAuthProvider): OAuthUserInfo | null;
+    /**
+     * Clear user info cache
+     */
+    clearUserCache(userId?: string, provider?: OAuthProvider): void;
+    /**
+     * Cleanup resources
+     */
+    cleanup(): void;
+}

package/dist/types/plugins/oauth/oauthPlugin.d.ts

@@ -0,0 +1,89 @@
+import { BasePlugin } from "../base";
+import { ShogunCore } from "../../index";
+import { OAuthPluginInterface, OAuthConfig, OAuthProvider, OAuthConnectionResult, OAuthCredentials, OAuthUserInfo } from "./types";
+import { AuthResult } from "../../types/shogun";
+/**
+ * OAuth Plugin for ShogunCore
+ * Provides authentication with external OAuth providers
+ */
+export declare class OAuthPlugin extends BasePlugin implements OAuthPluginInterface {
+    name: string;
+    version: string;
+    description: string;
+    private oauthConnector;
+    private config;
+    /**
+     * @inheritdoc
+     */
+    initialize(core: ShogunCore): void;
+    /**
+     * Configure the OAuth plugin with provider settings
+     * @param config - Configuration options for OAuth
+     */
+    configure(config: Partial<OAuthConfig>): void;
+    /**
+     * @inheritdoc
+     */
+    destroy(): void;
+    /**
+     * Ensure that the OAuth connector is initialized
+     * @private
+     */
+    private assertOAuthConnector;
+    /**
+     * @inheritdoc
+     */
+    isSupported(): boolean;
+    /**
+     * @inheritdoc
+     */
+    getAvailableProviders(): OAuthProvider[];
+    /**
+     * @inheritdoc
+     */
+    initiateOAuth(provider: OAuthProvider): Promise<OAuthConnectionResult>;
+    /**
+     * @inheritdoc
+     */
+    completeOAuth(provider: OAuthProvider, authCode: string, state?: string): Promise<OAuthConnectionResult>;
+    /**
+     * @inheritdoc
+     */
+    generateCredentials(userInfo: OAuthUserInfo, provider: OAuthProvider): Promise<OAuthCredentials>;
+    /**
+     * Login with OAuth
+     * @param provider - OAuth provider to use
+     * @returns {Promise<AuthResult>} Authentication result
+     * @description Authenticates user using OAuth with external providers
+     */
+    login(provider: OAuthProvider): Promise<AuthResult>;
+    /**
+     * Sign up with OAuth
+     * @param provider - OAuth provider to use
+     * @returns {Promise<AuthResult>} Registration result
+     * @description Creates a new user account using OAuth with external providers
+     */
+    signUp(provider: OAuthProvider): Promise<AuthResult>;
+    /**
+     * Handle OAuth callback (for frontend integration)
+     * This method would be called when the OAuth provider redirects back
+     */
+    handleOAuthCallback(provider: OAuthProvider, authCode: string, state?: string): Promise<AuthResult>;
+    /**
+     * Private helper to login or sign up a user
+     */
+    private _loginOrSignUp;
+    /**
+     * Alias for handleOAuthCallback for backward compatibility
+     * @deprecated Use handleOAuthCallback instead
+     */
+    handleSimpleOAuth(provider: OAuthProvider, authCode: string, state?: string): Promise<AuthResult>;
+    /**
+     * Get cached user info for a user
+     */
+    getCachedUserInfo(userId: string, provider: OAuthProvider): OAuthUserInfo | null;
+    /**
+     * Clear user info cache
+     */
+    clearUserCache(userId?: string, provider?: OAuthProvider): void;
+}

package/dist/types/plugins/oauth/types.d.ts

@@ -0,0 +1,106 @@
+import { BaseConfig, BaseResult, BaseCacheEntry } from "../../types/common";
+import { AuthResult } from "../../types/shogun";
+/**
+ * Supported OAuth providers
+ */
+export type OAuthProvider = "google" | "github" | "discord" | "twitter" | "custom";
+/**
+ * OAuth provider configuration
+ */
+export interface OAuthProviderConfig {
+    clientId: string;
+    clientSecret?: string;
+    redirectUri: string;
+    scope: string[];
+    authUrl: string;
+    tokenUrl: string;
+    userInfoUrl: string;
+}
+/**
+ * OAuth configuration
+ */
+export interface OAuthConfig extends BaseConfig {
+    providers: Partial<Record<OAuthProvider, OAuthProviderConfig>>;
+    usePKCE?: boolean;
+    cacheDuration?: number;
+}
+/**
+ * OAuth token response
+ */
+export interface OAuthTokenResponse {
+    access_token: string;
+    token_type: string;
+    expires_in: number;
+    refresh_token?: string;
+    scope?: string;
+    id_token?: string;
+}
+/**
+ * User info from OAuth provider
+ */
+export interface OAuthUserInfo {
+    id: string;
+    email?: string;
+    name?: string;
+    picture?: string;
+    verified_email?: boolean;
+    provider: OAuthProvider;
+}
+/**
+ * Credentials generated from OAuth flow
+ */
+export interface OAuthCredentials {
+    username: string;
+    password: string;
+    salt?: string;
+    key?: any;
+    provider: OAuthProvider;
+}
+/**
+ * Connection result for OAuth
+ */
+export interface OAuthConnectionResult extends BaseResult {
+    provider?: OAuthProvider;
+    userInfo?: OAuthUserInfo;
+    authUrl?: string;
+}
+/**
+ * OAuth plugin interface
+ */
+export interface OAuthPluginInterface {
+    /**
+     * Check if OAuth is supported
+     */
+    isSupported(): boolean;
+    /**
+     * Get available OAuth providers
+     */
+    getAvailableProviders(): OAuthProvider[];
+    /**
+     * Initiate OAuth flow with a provider
+     */
+    initiateOAuth(provider: OAuthProvider): Promise<OAuthConnectionResult>;
+    /**
+     * Complete OAuth flow
+     */
+    completeOAuth(provider: OAuthProvider, authCode: string, state?: string): Promise<OAuthConnectionResult>;
+    /**
+     * Generate credentials from OAuth user info
+     */
+    generateCredentials(userInfo: OAuthUserInfo, provider: OAuthProvider): Promise<OAuthCredentials>;
+    /**
+     * Login with OAuth
+     */
+    login(provider: OAuthProvider): Promise<AuthResult>;
+    /**
+     * Sign up with OAuth
+     */
+    signUp(provider: OAuthProvider): Promise<AuthResult>;
+}
+/**
+ * Cache entry for OAuth data
+ */
+export interface OAuthCache extends BaseCacheEntry<OAuthUserInfo> {
+    provider: OAuthProvider;
+    userId: string;
+}

package/dist/types/plugins/web3/index.d.ts

@@ -1,4 +1,5 @@
 export * from "./web3ConnectorPlugin";
 export * from "./types";
 export * from "./web3Connector";
+export * from "./web3Signer";
 export { default as web3Chain } from "./web3Chain";

package/dist/types/plugins/web3/types.d.ts

@@ -7,6 +7,7 @@ export interface ConnectionResult extends BaseResult {
     address?: string;
     username?: string;
     randomPassword?: string;
+    message?: string;
 }
 /**
  * Structure for credentials generated via MetaMask

package/dist/types/plugins/web3/web3Connector.d.ts

@@ -8,6 +8,7 @@ declare global {
     interface Window {
         ethereum?: EthereumProvider;
         Web3Connector?: typeof Web3Connector;
+        _ethereumProviders?: EthereumProvider[];
     }
 }
 declare global {
@@ -30,9 +31,14 @@ declare class Web3Connector extends EventEmitter {
     private customWallet;
     constructor(config?: Partial<Web3Config>);
     /**
-     * Initialize the provider synchronously
+     * Initialize the provider synchronously with fallback mechanisms
+     * to handle conflicts between multiple wallet providers
      */
     private initProvider;
+    /**
+     * Get available Ethereum provider from multiple possible sources
+     */
+    private getAvailableEthereumProvider;
     /**
      * Initialize the BrowserProvider (async method for explicit calls)
      */
@@ -84,7 +90,7 @@ declare class Web3Connector extends EventEmitter {
      */
     private requestSignatureWithTimeout;
     /**
-     * Checks if MetaMask is available
+     * Checks if any Ethereum provider is available
      */
     isAvailable(): boolean;
     /**