@0xsequence/wallet-wdk 3.0.3 → 3.0.5

package/test/authcode.test.ts

@@ -113,7 +113,7 @@ describe('AuthCodeHandler', () => {
       kind: 'google-pkce',
       metadata: {},
       target: '/test-target',
-      isSignUp: false,
+      type: 'reauth',
       signer: testWallet,
     }
 
@@ -247,20 +247,17 @@ describe('AuthCodeHandler', () => {
 
     it('Should create auth commitment and return OAuth URL', async () => {
       const target = '/test-target'
-      const isSignUp = true
-      const signer = testWallet
 
-      const result = await authCodeHandler.commitAuth(target, isSignUp, undefined, signer)
+      const result = await authCodeHandler.commitAuth(target, { type: 'auth' })
 
       // Verify commitment was saved
       expect(mockAuthCommitmentsSet).toHaveBeenCalledOnce()
       const commitmentCall = mockAuthCommitmentsSet.mock.calls[0]![0]!
 
       expect(commitmentCall.kind).toBe('google-pkce')
-      expect(commitmentCall.signer).toBe(signer)
       expect(commitmentCall.target).toBe(target)
       expect(commitmentCall.metadata).toEqual({})
-      expect(commitmentCall.isSignUp).toBe(isSignUp)
+      expect(commitmentCall.type).toBe('auth')
       expect(commitmentCall.id).toBeDefined()
       expect(typeof commitmentCall.id).toBe('string')
 
@@ -276,7 +273,11 @@ describe('AuthCodeHandler', () => {
     it('Should use provided state parameter', async () => {
       const customState = 'custom-state-123'
 
-      const result = await authCodeHandler.commitAuth('/target', false, customState)
+      const result = await authCodeHandler.commitAuth('/target', {
+        type: 'reauth',
+        state: customState,
+        signer: testWallet,
+      })
 
       // Verify commitment uses custom state
       const commitmentCall = mockAuthCommitmentsSet.mock.calls[0]![0]!
@@ -285,7 +286,7 @@ describe('AuthCodeHandler', () => {
     })
 
     it('Should generate random state when not provided', async () => {
-      await authCodeHandler.commitAuth('/target', false)
+      await authCodeHandler.commitAuth('/target', { type: 'auth' })
       const commitmentCall = mockAuthCommitmentsSet.mock.calls[0]![0]!
       expect(commitmentCall.id).toBeDefined()
       expect(typeof commitmentCall.id).toBe('string')
@@ -306,7 +307,7 @@ describe('AuthCodeHandler', () => {
       )
       appleHandler.setRedirectUri('https://example.com/callback')
 
-      const result = await appleHandler.commitAuth('/target', false)
+      const result = await appleHandler.commitAuth('/target', { type: 'auth' })
 
       expect(result).toContain('https://appleid.apple.com/auth/authorize?')
       expect(result).toContain('client_id=apple-client-id')
@@ -315,10 +316,10 @@ describe('AuthCodeHandler', () => {
     })
 
     it('Should create commitment without signer', async () => {
-      await authCodeHandler.commitAuth('/target', true)
+      await authCodeHandler.commitAuth('/target', { type: 'auth' })
       const commitmentCall = mockAuthCommitmentsSet.mock.calls[0]![0]!
       expect(commitmentCall.signer).toBeUndefined()
-      expect(commitmentCall.isSignUp).toBe(true)
+      expect(commitmentCall.type).toBe('auth')
     })
   })
 
@@ -492,7 +493,7 @@ describe('AuthCodeHandler', () => {
 
       const commitmentCall = mockAuthCommitmentsSet.mock.calls[0]![0]!
       expect(commitmentCall.target).toBe(window.location.pathname)
-      expect(commitmentCall.isSignUp).toBe(false)
+      expect(commitmentCall.type).toBe('reauth')
       expect(commitmentCall.signer).toBe(testWallet)
     })
   })
@@ -654,7 +655,7 @@ describe('AuthCodeHandler', () => {
     it('Should handle auth commitments database errors', async () => {
       mockAuthCommitmentsSet.mockRejectedValueOnce(new Error('Database error'))
 
-      await expect(authCodeHandler.commitAuth('/target', false)).rejects.toThrow('Database error')
+      await expect(authCodeHandler.commitAuth('/target', { type: 'auth' })).rejects.toThrow('Database error')
     })
 
     it('Should handle auth keys database errors', async () => {
@@ -671,7 +672,11 @@ describe('AuthCodeHandler', () => {
       authCodeHandler.setRedirectUri('https://example.com/callback')
 
       // Step 1: Commit auth
-      const commitUrl = await authCodeHandler.commitAuth('/test-target', false, 'test-state', testWallet)
+      const commitUrl = await authCodeHandler.commitAuth('/test-target', {
+        type: 'reauth',
+        state: 'test-state',
+        signer: testWallet,
+      })
 
       expect(commitUrl).toContain('state=test-state')
       expect(mockAuthCommitmentsSet).toHaveBeenCalledWith(
@@ -679,7 +684,7 @@ describe('AuthCodeHandler', () => {
           id: 'test-state',
           kind: 'google-pkce',
           target: '/test-target',
-          isSignUp: false,
+          type: 'reauth',
           signer: testWallet,
         }),
       )
@@ -709,17 +714,17 @@ describe('AuthCodeHandler', () => {
       authCodeHandler.setRedirectUri('https://example.com/callback')
 
       // Test signup flow
-      await authCodeHandler.commitAuth('/signup-target', true, 'signup-state')
+      await authCodeHandler.commitAuth('/signup-target', { type: 'auth', state: 'signup-state' })
 
       const signupCall = mockAuthCommitmentsSet.mock.calls[0]![0]!
-      expect(signupCall.isSignUp).toBe(true)
+      expect(signupCall.type).toBe('auth')
       expect(signupCall.target).toBe('/signup-target')
 
       // Test login flow
-      await authCodeHandler.commitAuth('/login-target', false, 'login-state')
+      await authCodeHandler.commitAuth('/login-target', { type: 'reauth', state: 'login-state', signer: testWallet })
 
       const loginCall = mockAuthCommitmentsSet.mock.calls[1]![0]!
-      expect(loginCall.isSignUp).toBe(false)
+      expect(loginCall.type).toBe('reauth')
       expect(loginCall.target).toBe('/login-target')
     })
   })

package/test/identity-auth-dbs.test.ts

@@ -34,7 +34,7 @@ describe('Identity Authentication Databases', () => {
         verifier: 'test-verifier-code',
         challenge: 'test-challenge-hash',
         target: 'test-target-url',
-        isSignUp: true,
+        type: 'reauth',
         signer: '0x1234567890123456789012345678901234567890',
       }
 
@@ -66,7 +66,7 @@ describe('Identity Authentication Databases', () => {
           response_mode: 'form_post',
         },
         target: 'apple-redirect-url',
-        isSignUp: false,
+        type: 'auth',
       }
 
       await authCommitmentsDb.set(appleCommitment)
@@ -74,7 +74,7 @@ describe('Identity Authentication Databases', () => {
 
       expect(retrieved).toBeDefined()
       expect(retrieved!.kind).toBe('apple')
-      expect(retrieved!.isSignUp).toBe(false)
+      expect(retrieved!.type).toBe('auth')
       expect(retrieved!.metadata.response_type).toBe('code id_token')
     })
 
@@ -85,21 +85,22 @@ describe('Identity Authentication Databases', () => {
           kind: 'google-pkce',
           metadata: {},
           target: 'target-1',
-          isSignUp: true,
+          type: 'auth',
         },
         {
           id: 'commit-2',
           kind: 'apple',
           metadata: {},
           target: 'target-2',
-          isSignUp: false,
+          type: 'reauth',
+          signer: '0x1234567890123456789012345678901234567890',
         },
         {
           id: 'commit-3',
           kind: 'google-pkce',
           metadata: {},
           target: 'target-3',
-          isSignUp: true,
+          type: 'auth',
         },
       ]
 
@@ -129,7 +130,7 @@ describe('Identity Authentication Databases', () => {
         kind: 'google-pkce',
         metadata: {},
         target: 'init-target',
-        isSignUp: true,
+        type: 'auth',
       }
 
       await freshDb.set(testCommitment)
@@ -395,6 +396,42 @@ describe('Identity Authentication Databases', () => {
       expect(handlers.has('login-google-pkce')).toBe(false)
     })
 
+    it('Should register the Apple ID token handler when configured explicitly', async () => {
+      manager = new Manager({
+        stateProvider: new State.Local.Provider(new State.Local.IndexedDbStore(`manager-apple-idtoken-${Date.now()}`)),
+        networks: [
+          {
+            name: 'Test Network',
+            type: Network.NetworkType.MAINNET,
+            rpcUrl: LOCAL_RPC_URL,
+            chainId: Network.ChainId.ARBITRUM,
+            blockExplorer: { url: 'https://arbiscan.io' },
+            nativeCurrency: {
+              name: 'Ether',
+              symbol: 'ETH',
+              decimals: 18,
+            },
+          },
+        ],
+        relayers: [],
+        authCommitmentsDb,
+        authKeysDb,
+        identity: {
+          url: 'https://dev-identity.sequence-dev.app',
+          fetch: window.fetch,
+          apple: {
+            enabled: true,
+            clientId: 'test-apple-client-id',
+            authMethod: 'id-token',
+          },
+        },
+      })
+
+      const handlers = (manager as any).shared.handlers
+      expect(handlers.has('login-apple-id-token')).toBe(false)
+      expect(handlers.has('login-apple')).toBe(true)
+    })
+
     it('Should use auth databases when email authentication is enabled', async () => {
       manager = new Manager({
         stateProvider: new State.Local.Provider(new State.Local.IndexedDbStore(`manager-email-${Date.now()}`)),

package/test/idtoken.test.ts

@@ -101,6 +101,22 @@ describe('IdTokenHandler', () => {
       expect(handler.kind).toBe(Kinds.LoginGoogle)
     })
 
+    it('Should normalize apple-id-token handlers to login-apple', () => {
+      const handler = new IdTokenHandler(
+        'apple-id-token',
+        'https://appleid.apple.com',
+        'test-apple-client-id',
+        mockNitroInstrument,
+        mockSignatures,
+        mockAuthKeys,
+      )
+
+      expect(handler.signupKind).toBe('apple-id-token')
+      expect(handler.issuer).toBe('https://appleid.apple.com')
+      expect(handler.audience).toBe('test-apple-client-id')
+      expect(handler.kind).toBe(Kinds.LoginApple)
+    })
+
     it('Should initialize without a registered UI callback', () => {
       expect(idTokenHandler['onPromptIdToken']).toBeUndefined()
     })

package/test/sessions-idtoken.test.ts

@@ -60,6 +60,7 @@ describe('Sessions ID token attestation', () => {
         apple: {
           enabled: true,
           clientId: 'test-apple-client-id',
+          authMethod: 'id-token',
         },
       },
     })

package/test/wallets.test.ts

@@ -71,6 +71,48 @@ describe('Wallets', () => {
     expect(configuration.login[0]!.kind).toBe(Kinds.LoginGoogle)
   })
 
+  it('Should create a new wallet using apple-id-token when Apple ID token auth is enabled', async () => {
+    manager = newManager({
+      identity: {
+        apple: {
+          enabled: true,
+          clientId: 'test-apple-client-id',
+          authMethod: 'id-token',
+        },
+      },
+    })
+
+    const handler = (manager as any).shared.handlers.get(Kinds.LoginApple) as IdTokenHandler
+    const loginMnemonic = Mnemonic.random(Mnemonic.english)
+    const loginSigner = MnemonicHandler.toSigner(loginMnemonic)
+    if (!loginSigner) {
+      throw new Error('Failed to create login signer for test')
+    }
+
+    const completeAuthSpy = vi
+      .spyOn(handler, 'completeAuth')
+      .mockResolvedValue([loginSigner as unknown as IdentitySigner, { email: 'apple-user@example.com' }])
+
+    const wallet = await manager.wallets.signUp({
+      kind: 'apple-id-token',
+      idToken: 'eyJhbGciOiJub25lIn0.eyJleHAiOjQxMDI0NDQ4MDB9.',
+      noGuard: true,
+    })
+
+    expect(wallet).toBeDefined()
+    expect(completeAuthSpy).toHaveBeenCalledWith('eyJhbGciOiJub25lIn0.eyJleHAiOjQxMDI0NDQ4MDB9.')
+    await expect(manager.wallets.has(wallet!)).resolves.toBeTruthy()
+
+    const walletEntry = await manager.wallets.get(wallet!)
+    expect(walletEntry).toBeDefined()
+    expect(walletEntry!.loginType).toBe(Kinds.LoginApple)
+    expect(walletEntry!.loginEmail).toBe('apple-user@example.com')
+
+    const configuration = await manager.wallets.getConfiguration(wallet!)
+    expect(configuration.login).toHaveLength(1)
+    expect(configuration.login[0]!.kind).toBe(Kinds.LoginApple)
+  })
+
   it('Should register and unregister Google ID token UI callbacks through the manager', async () => {
     manager = newManager({
       identity: {
@@ -118,7 +160,7 @@ describe('Wallets', () => {
     })
 
     expect(url).toBe('https://accounts.google.com/o/oauth2/v2/auth?state=test-state')
-    expect(commitAuthSpy).toHaveBeenCalledWith('/auth/return', true)
+    expect(commitAuthSpy).toHaveBeenCalledWith('/auth/return', { type: 'auth' })
   })
 
   it('Should reject google-id-token signup when Google is configured for redirect auth', async () => {
@@ -140,6 +182,25 @@ describe('Wallets', () => {
     ).rejects.toThrow('handler-does-not-support-id-token')
   })
 
+  it('Should reject apple-id-token signup when Apple is configured for redirect auth', async () => {
+    manager = newManager({
+      identity: {
+        apple: {
+          enabled: true,
+          clientId: 'test-apple-client-id',
+        },
+      },
+    })
+
+    await expect(
+      manager.wallets.signUp({
+        kind: 'apple-id-token',
+        idToken: 'eyJhbGciOiJub25lIn0.eyJleHAiOjQxMDI0NDQ4MDB9.',
+        noGuard: true,
+      }),
+    ).rejects.toThrow('handler-does-not-support-id-token')
+  })
+
   it('Should reject custom ID token signup when the provider uses redirect auth', async () => {
     manager = newManager({
       identity: {