im_wower
·
2026-04-02
browser-session.ts
1import {
2 DEFAULT_AUTH_AUDIENCE,
3 type AuthPrincipal
4} from "./model.js";
5
6export const BROWSER_SESSION_ROLES = ["browser_admin", "readonly"] as const;
7
8export type BrowserSessionRole = (typeof BROWSER_SESSION_ROLES)[number];
9
10export interface BrowserSessionDescriptor {
11 expiresAt: string;
12 issuedAt: string;
13 role: BrowserSessionRole;
14 sessionId: string;
15 subject: string;
16}
17
18export function isBrowserSessionRole(value: string): value is BrowserSessionRole {
19 return value === "browser_admin" || value === "readonly";
20}
21
22export function createBrowserSessionPrincipal(descriptor: BrowserSessionDescriptor): AuthPrincipal {
23 return {
24 audience: DEFAULT_AUTH_AUDIENCE,
25 expiresAt: descriptor.expiresAt,
26 issuedAt: descriptor.issuedAt,
27 role: descriptor.role,
28 sessionId: descriptor.sessionId,
29 subject: descriptor.subject,
30 tokenKind: "browser_session"
31 };
32}