import type { PasskeyOptions, BackupShareResult } from '../../types' export type FetchFunction = typeof fetch export type GetJwtFunction = () => Promise export interface PasskeyServiceConfig { /** * Default hostname (or origin) that hosts Portal passkey endpoints. */ defaultDomain: string /** * Callback to fetch a scoped JWT for passkey operations. * This is more secure than using the API key directly as the JWT * has only "passkey" permission, reducing blast radius if compromised. */ getJwt: GetJwtFunction /** * Allow injecting a custom fetch implementation (primarily for testing). */ fetchImpl?: FetchFunction } export interface RegistrationParams extends PasskeyOptions { cipherText: string encryptionKey: string relyingPartyId: string } export interface AuthenticationParams extends PasskeyOptions { relyingPartyId: string } export interface LoginParams extends PasskeyOptions { relyingPartyId: string relyingPartyOrigins: string[] encryptionKey: string } export interface BeginRegistrationResponse { options: { publicKey: PublicKeyCredentialCreationOptionsJSON } sessionId: string } export interface BeginAuthenticationResponse { options: { publicKey: PublicKeyCredentialRequestOptionsJSON } sessionId: string } export interface FinishAuthenticationResponse { encryptionKey: string } export interface PasskeyStatusResponse { status: string } export type PublicKeyCredentialCreationOptionsJSON = Omit< PublicKeyCredentialCreationOptions, 'challenge' | 'user' | 'excludeCredentials' > & { challenge: string user: Omit & { id: string } excludeCredentials?: Array< Omit & { id: string } > } export type PublicKeyCredentialRequestOptionsJSON = Omit< PublicKeyCredentialRequestOptions, 'challenge' | 'allowCredentials' > & { challenge: string allowCredentials?: Array< Omit & { id: string } > } export type { PasskeyOptions, BackupShareResult }