UNPKG

@safepassage/sdk

Version:

SafePassage SDK - Lightweight redirect-based age verification

docs.safepassageapp.com/sdk

safepassageapp/sdk

136 lines (135 loc) 3.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
/** * Verification SDK - Redirect-based age verification * * Lightweight SDK for integrating age verification using redirect flow. * Provides a secure, easy-to-implement solution with comprehensive * security features and flexible integration options. */ import type { SDKConfig, VerificationOptions } from '../types/base'; export interface UrlConfig { apiUrl: string; verifyUiUrl: string; engineUrl: string; wsUrl: string; trustedOrigins: string[]; } export interface BrandUrls { production: UrlConfig; staging: UrlConfig; } export interface BrandConstants { name: string; hmacSecretProd: string; hmacSecretStaging: string; messageType: string; legacyMessageType?: string; popupName: string; docsUrl: string; } /** * SDK Main Class * * Primary SDK class that manages verification sessions with comprehensive * security and error handling. Supports both redirect and new-tab modes with * automatic session management and PostMessage communication. */ export declare class VerificationSDK { private config; private readonly brandUrls; private readonly brandConstants; private popupWindow; private messageListener; private popupMonitorInterval; private unloadListener; private isVerificationInProgress; private currentSessionId; private hasReceivedResult; private lastVerifyUrl; private lastSessionToken; private lastExternalUserId; private lastSandboxMode; private temporaryHandoffToken; private static readonly LOCAL_HOSTNAMES; /** * Initialize SDK * * Validates configuration, sets up security measures, and prepares the SDK * for verification operations. Performs comprehensive environment validation * and security initialization. */ constructor(config: SDKConfig, brandUrls: BrandUrls, brandConstants: BrandConstants); /** * Initiate verification with race condition protection */ verify(options?: VerificationOptions): Promise<void>; /** * Build verification URL with HMAC-signed state */ private buildVerificationUrl; /** * Redirect in same tab */ private redirect; /** * Open in new tab with PostMessage communication and proper cleanup */ private openNewTab; /** * Set up automatic cleanup on page unload to prevent memory leaks */ private setupAutoCleanup; /** * Auto-detect environment based on current URL */ private detectEnvironment; /** * Get the current environment */ getEnvironment(): 'production' | 'staging'; /** * Unlock verification process to allow new verifications */ private unlockVerification; /** * Internal cleanup method to prevent memory leaks */ private cleanup; private handleCancellation; private redirectToCancelUrl; /** * Remove auto-cleanup listeners */ private removeAutoCleanupListeners; /** * Public cleanup method for manual resource management */ destroy(): void; /** * Get Portal API URL based on environment and brand */ private getPortalApiUrl; /** * Get Engine URL based on environment and brand */ private getEngineUrl; /** * Get WebSocket URL based on environment and brand */ private getWebSocketUrl; /** * Detect if this is a public key (pk_ prefix) vs private key (sk_ prefix) */ private isPublicKey; /** * Create session internally for public keys */ private createInternalSession; private isBillingBlockError; private openBillingBlockPage; private getUrlConfig; private getTrustedOrigins; private getAllowedCustomOrigins; private getLocalOrigin; private applyLocalVerifyOverride; private getHmacSecret; }