UNPKG

@usemona/attest-backend-sdk

Version:

Mona Attest Backend SDK - Secure server-side verification for cryptographic attestations and digital signatures. Provides robust signature validation, user verification, and enterprise-grade security for Node.js applications.

github.com/mona/attest-backend-sdk

mona/attest-backend-sdk

3 lines (2 loc) 2.55 kB
1
2
3
class t{constructor(t={}){this.apiUrl=t.apiUrl||"https://api.attest.ng",console.log("🔧 AttestBackendSDK Constructor:",{apiUrl:this.apiUrl})}async verifyAttestation(t,e){try{const{sessionId:a,signatureBase64:r}=this.parseAttestationToken(t);return await this.verifyWithAttest(a,r,e)}catch(t){return{verified:!1,error:t instanceof Error?t.message:"Verification failed"}}}async verifyWithAttest(t,e,a){try{const r=JSON.parse(atob(e)),i={id:r.credentialId,rawId:r.credentialId,type:r.type||"public-key",response:{authenticatorData:r.authenticatorData,clientDataJSON:r.clientDataJSON,signature:r.signature,userHandle:r.userHandle}},n=`${this.apiUrl}/api/passkey/complete-attest`,s=await fetch(n,{method:"POST",headers:{"Content-Type":"application/json","X-Attestation-Session":t},body:JSON.stringify({assertionResponse:i,originalAPICall:{method:a.method,uri:a.uri,body:a.body,headers:a.headers}})});if(!s.ok){const t=await s.text();throw new Error(`Verification API failed: ${s.status} ${s.statusText} - ${t}`)}const o=await s.json();return o.success&&o.verified?{verified:!0,originalPayload:a.body,signatureData:o.signedPayload,keyId:o.keyId,attestationId:o.attestationId,timestamp:o.timestamp}:{verified:!1,error:o.message||"Signature verification failed"}}catch(t){return{verified:!1,error:t instanceof Error?t.message:"Verification failed"}}}parseAttestationToken(t){try{if(!t||"string"!=typeof t)throw new Error("Invalid attestation token format");const e=t.split(".");if(2!==e.length)throw new Error("Invalid attestation token format - expected sessionId.signature");const[a,r]=e;if(!a||!r)throw new Error("Invalid attestation token - missing sessionId or signature");return{sessionId:a,signatureBase64:r}}catch(t){throw t}}getApiUrl(){return this.apiUrl}}function e(t){try{const e=atob(t),a=JSON.parse(e),r=t=>{const e=atob(t),a=new Uint8Array(e.length);for(let t=0;t<e.length;t++)a[t]=e.charCodeAt(t);return a};return{sessionId:a.sessionId,credentialId:a.credentialId,authenticatorData:r(a.authenticatorData),clientDataJSON:r(a.clientDataJSON),signature:r(a.signature),userHandle:a.userHandle?r(a.userHandle):null,type:a.type}}catch(t){throw new Error(`Failed to decode attestation signature: ${t.message}`)}}function a(t){return{id:t.credentialId,rawId:t.credentialId,response:{authenticatorData:t.authenticatorData,clientDataJSON:t.clientDataJSON,signature:t.signature,userHandle:t.userHandle},type:t.type}}export{t as AttestBackendSDK,e as decodeAttestationSignature,a as toWebAuthnAssertionResponse}; //# sourceMappingURL=index.esm.js.map