feat(reception): add passport device authentication flows and alert delivery management

ts_interfaces/data/passportchallenge.ts

@@ -0,0 +1,63 @@
+import type { IPassportCapabilities } from './passportdevice.js';
+
+export type TPassportChallengeType =
+  | 'device_enrollment'
+  | 'authentication'
+  | 'step_up'
+  | 'physical_access';
+
+export type TPassportChallengeStatus = 'pending' | 'approved' | 'expired' | 'rejected';
+
+export type TPassportChallengeDeliveryStatus = 'pending' | 'sent' | 'failed' | 'seen';
+
+export type TPassportSignatureFormat = 'raw' | 'der';
+
+export interface IPassportLocationEvidence {
+  latitude: number;
+  longitude: number;
+  accuracyMeters: number;
+  capturedAt: number;
+}
+
+export interface IPassportNfcEvidence {
+  tagId?: string;
+  readerId?: string;
+}
+
+export interface IPassportChallenge {
+  id: string;
+  data: {
+    userId: string;
+    deviceId?: string | null;
+    type: TPassportChallengeType;
+    status: TPassportChallengeStatus;
+    tokenHash?: string | null;
+    challenge: string;
+    metadata: {
+      originHost?: string;
+      audience?: string;
+      notificationTitle?: string;
+      deviceLabel?: string;
+      requireLocation: boolean;
+      requireNfc: boolean;
+      requestedCapabilities?: Partial<IPassportCapabilities>;
+    };
+    evidence?: {
+      signatureFormat?: TPassportSignatureFormat;
+      location?: IPassportLocationEvidence;
+      nfc?: IPassportNfcEvidence;
+    };
+    notification?: {
+      hintId: string;
+      status: TPassportChallengeDeliveryStatus;
+      attemptCount: number;
+      createdAt: number;
+      deliveredAt?: number | null;
+      seenAt?: number | null;
+      lastError?: string | null;
+    };
+    createdAt: number;
+    expiresAt: number;
+    completedAt?: number | null;
+  };
+}