@account-kit/signer 4.0.0-beta.3 → 4.0.0-beta.5

package/dist/esm/client/index.d.ts

@@ -1,6 +1,7 @@
 import { z } from "zod";
 import { BaseSignerClient } from "./base.js";
-import type { CreateAccountParams, CredentialCreationOptionOverrides, EmailAuthParams, ExportWalletParams, User } from "./types.js";
+import type { AlchemySignerClientEvents, CreateAccountParams, CredentialCreationOptionOverrides, EmailAuthParams, ExportWalletParams, OauthConfig, User } from "./types.js";
+import type { AuthParams } from "../signer.js";
 export declare const AlchemySignerClientParamsSchema: z.ZodObject<{
     connection: z.ZodUnion<[z.ZodObject<{
         rpcUrl: z.ZodOptional<z.ZodNever>;
@@ -63,6 +64,8 @@ export declare const AlchemySignerClientParamsSchema: z.ZodObject<{
     }>;
     rpId: z.ZodOptional<z.ZodString>;
     rootOrgId: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    oauthCallbackUrl: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    enablePopupOauth: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
 }, "strip", z.ZodTypeAny, {
     connection: {
         apiKey: string;
@@ -81,11 +84,13 @@ export declare const AlchemySignerClientParamsSchema: z.ZodObject<{
         jwt: string;
         apiKey?: undefined;
     };
-    rootOrgId: string;
     iframeConfig: {
         iframeElementId: string;
         iframeContainerId: string;
     };
+    rootOrgId: string;
+    oauthCallbackUrl: string;
+    enablePopupOauth: boolean;
     rpId?: string | undefined;
 }, {
     connection: {
@@ -111,6 +116,8 @@ export declare const AlchemySignerClientParamsSchema: z.ZodObject<{
     };
     rpId?: string | undefined;
     rootOrgId?: string | undefined;
+    oauthCallbackUrl?: string | undefined;
+    enablePopupOauth?: boolean | undefined;
 }>;
 export type AlchemySignerClientParams = z.input<typeof AlchemySignerClientParamsSchema>;
 /**
@@ -120,6 +127,7 @@ export type AlchemySignerClientParams = z.input<typeof AlchemySignerClientParams
 export declare class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams> {
     private iframeStamper;
     private webauthnStamper;
+    oauthCallbackUrl: string;
     iframeContainerId: string;
     /**
      * Initializes a new instance with the given parameters, setting up the connection, iframe configuration, and WebAuthn stamper.
@@ -195,7 +203,7 @@ export declare class AlchemySignerWebClient extends BaseSignerClient<ExportWalle
         orgId: string;
     }>;
     /**
-     * Completes email auth for the user by injecting a credential bundle and retrieving the user information based on the provided organization ID. Emits events during the process.
+     * Completes auth for the user by injecting a credential bundle and retrieving the user information based on the provided organization ID. Emits events during the process.
      *
      * @example
      * ```ts
@@ -210,15 +218,16 @@ export declare class AlchemySignerWebClient extends BaseSignerClient<ExportWalle
      *  },
      * });
      *
-     * const account = await client.completeEmailAuth({ orgId: "user-org-id", bundle: "bundle-from-email" });
+     * const account = await client.completeAuthWithBundle({ orgId: "user-org-id", bundle: "bundle-from-email", connectedEventName: "connectedEmail" });
      * ```
      *
      * @param {{ bundle: string; orgId: string }} config The configuration object for the authentication function containing the credential bundle to inject and the organization id associated with the user
      * @returns {Promise<User>} A promise that resolves to the authenticated user information
      */
-    completeEmailAuth: ({ bundle, orgId, }: {
+    completeAuthWithBundle: ({ bundle, orgId, connectedEventName, }: {
         bundle: string;
         orgId: string;
+        connectedEventName: keyof AlchemySignerClientEvents;
     }) => Promise<User>;
     /**
      * Asynchronously handles the authentication process using WebAuthn Stamper. If a user is provided, sets the user and returns it. Otherwise, retrieves the current user and initializes the WebAuthn stamper.
@@ -291,6 +300,68 @@ export declare class AlchemySignerWebClient extends BaseSignerClient<ExportWalle
      * ```
      */
     disconnect: () => Promise<void>;
+    /**
+     * Redirects the user to the OAuth provider URL based on the provided arguments. This function will always reject after 1 second if the redirection does not occur.
+     *
+     * @example
+     * ```ts
+     * import { AlchemySignerWebClient } from "@account-kit/signer";
+     *
+     * const client = new AlchemySignerWebClient({
+     *  connection: {
+     *    apiKey: "your-api-key",
+     *  },
+     *  iframeConfig: {
+     *   iframeContainerId: "signer-iframe-container",
+     *  },
+     * });
+     *
+     * await client.oauthWithRedirect({
+     *   type: "oauth",
+     *   authProviderId: "google",
+     *   mode: "redirect",
+     *   redirectUrl: "/",
+     * });
+     * ```
+     *
+     * @param {Extract<AuthParams, { type: "oauth"; mode: "redirect" }>} args The arguments required to obtain the OAuth provider URL
+     * @returns {Promise<never>} A promise that will never resolve, only reject if the redirection fails
+     */
+    oauthWithRedirect: (args: Extract<AuthParams, {
+        type: "oauth";
+        mode: "redirect";
+    }>) => Promise<never>;
+    /**
+     * Initiates an OAuth authentication flow in a popup window and returns the authenticated user.
+     *
+     * @example
+     * ```ts
+     * import { AlchemySignerWebClient } from "@account-kit/signer";
+     *
+     * const client = new AlchemySignerWebClient({
+     *  connection: {
+     *    apiKey: "your-api-key",
+     *  },
+     *  iframeConfig: {
+     *   iframeContainerId: "signer-iframe-container",
+     *  },
+     * });
+     *
+     * const user = await client.oauthWithPopup({
+     *  type: "oauth",
+     *  authProviderId: "google",
+     *  mode: "popup"
+     * });
+     * ```
+     *
+     * @param {Extract<AuthParams, { type: "oauth"; mode: "popup" }>} args The authentication parameters specifying OAuth type and popup mode
+     * @returns {Promise<User>} A promise that resolves to a `User` object containing the authenticated user information
+     */
+    oauthWithPopup: (args: Extract<AuthParams, {
+        type: "oauth";
+        mode: "popup";
+    }>) => Promise<User>;
+    private getOauthProviderUrl;
     private initIframeStamper;
     private initWebauthnStamper;
     protected getWebAuthnAttestation: (options?: CredentialCreationOptionOverrides, userDetails?: {
@@ -305,4 +376,6 @@ export declare class AlchemySignerWebClient extends BaseSignerClient<ExportWalle
             transports: ("AUTHENTICATOR_TRANSPORT_BLE" | "AUTHENTICATOR_TRANSPORT_INTERNAL" | "AUTHENTICATOR_TRANSPORT_NFC" | "AUTHENTICATOR_TRANSPORT_USB" | "AUTHENTICATOR_TRANSPORT_HYBRID")[];
         };
     }>;
+    protected getOauthConfig: () => Promise<OauthConfig>;
+    private getOauthConfigForMode;
 }

package/dist/esm/client/index.js

@@ -6,6 +6,8 @@ import { z } from "zod";
 import { base64UrlEncode } from "../utils/base64UrlEncode.js";
 import { generateRandomBuffer } from "../utils/generateRandomBuffer.js";
 import { BaseSignerClient } from "./base.js";
+import { getDefaultScopeAndClaims, getOauthNonce } from "../oauth.js";
+const CHECK_CLOSE_INTERVAL = 500;
 export const AlchemySignerClientParamsSchema = z.object({
     connection: ConnectionConfigSchema,
     iframeConfig: z.object({
@@ -17,6 +19,11 @@ export const AlchemySignerClientParamsSchema = z.object({
         .string()
         .optional()
         .default("24c1acf5-810f-41e0-a503-d5d13fa8e830"),
+    oauthCallbackUrl: z
+        .string()
+        .optional()
+        .default("https://signer.alchemy.com/callback"),
+    enablePopupOauth: z.boolean().optional().default(false),
 });
 /**
  * A lower level client used by the AlchemySigner used to communicate with
@@ -47,7 +54,7 @@ export class AlchemySignerWebClient extends BaseSignerClient {
      * @param {string} params.rootOrgId The root organization ID
      */
     constructor(params) {
-        const { connection, iframeConfig, rpId, rootOrgId } = AlchemySignerClientParamsSchema.parse(params);
+        const { connection, iframeConfig, rpId, rootOrgId, oauthCallbackUrl } = AlchemySignerClientParamsSchema.parse(params);
         const iframeStamper = new IframeStamper({
             iframeElementId: iframeConfig.iframeElementId,
             iframeUrl: "https://auth.turnkey.com",
@@ -70,6 +77,12 @@ export class AlchemySignerWebClient extends BaseSignerClient {
             writable: true,
             value: void 0
         });
+        Object.defineProperty(this, "oauthCallbackUrl", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: void 0
+        });
         Object.defineProperty(this, "iframeContainerId", {
             enumerable: true,
             configurable: true,
@@ -175,7 +188,7 @@ export class AlchemySignerWebClient extends BaseSignerClient {
             }
         });
         /**
-         * Completes email auth for the user by injecting a credential bundle and retrieving the user information based on the provided organization ID. Emits events during the process.
+         * Completes auth for the user by injecting a credential bundle and retrieving the user information based on the provided organization ID. Emits events during the process.
          *
          * @example
          * ```ts
@@ -190,17 +203,17 @@ export class AlchemySignerWebClient extends BaseSignerClient {
          *  },
          * });
          *
-         * const account = await client.completeEmailAuth({ orgId: "user-org-id", bundle: "bundle-from-email" });
+         * const account = await client.completeAuthWithBundle({ orgId: "user-org-id", bundle: "bundle-from-email", connectedEventName: "connectedEmail" });
          * ```
          *
          * @param {{ bundle: string; orgId: string }} config The configuration object for the authentication function containing the credential bundle to inject and the organization id associated with the user
          * @returns {Promise<User>} A promise that resolves to the authenticated user information
          */
-        Object.defineProperty(this, "completeEmailAuth", {
+        Object.defineProperty(this, "completeAuthWithBundle", {
             enumerable: true,
             configurable: true,
             writable: true,
-            value: async ({ bundle, orgId, }) => {
+            value: async ({ bundle, orgId, connectedEventName, }) => {
                 this.eventEmitter.emit("authenticating");
                 await this.initIframeStamper();
                 const result = await this.iframeStamper.injectCredentialBundle(bundle);
@@ -208,7 +221,7 @@ export class AlchemySignerWebClient extends BaseSignerClient {
                     throw new Error("Failed to inject credential bundle");
                 }
                 const user = await this.whoami(orgId);
-                this.eventEmitter.emit("connectedEmail", user, bundle);
+                this.eventEmitter.emit(connectedEventName, user, bundle);
                 return user;
             }
         });
@@ -329,6 +342,165 @@ export class AlchemySignerWebClient extends BaseSignerClient {
                 this.iframeStamper.clear();
             }
         });
+        /**
+         * Redirects the user to the OAuth provider URL based on the provided arguments. This function will always reject after 1 second if the redirection does not occur.
+         *
+         * @example
+         * ```ts
+         * import { AlchemySignerWebClient } from "@account-kit/signer";
+         *
+         * const client = new AlchemySignerWebClient({
+         *  connection: {
+         *    apiKey: "your-api-key",
+         *  },
+         *  iframeConfig: {
+         *   iframeContainerId: "signer-iframe-container",
+         *  },
+         * });
+         *
+         * await client.oauthWithRedirect({
+         *   type: "oauth",
+         *   authProviderId: "google",
+         *   mode: "redirect",
+         *   redirectUrl: "/",
+         * });
+         * ```
+         *
+         * @param {Extract<AuthParams, { type: "oauth"; mode: "redirect" }>} args The arguments required to obtain the OAuth provider URL
+         * @returns {Promise<never>} A promise that will never resolve, only reject if the redirection fails
+         */
+        Object.defineProperty(this, "oauthWithRedirect", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async (args) => {
+                const providerUrl = await this.getOauthProviderUrl(args);
+                window.location.href = providerUrl;
+                return new Promise((_, reject) => setTimeout(() => reject("Failed to redirect to OAuth provider"), 1000));
+            }
+        });
+        /**
+         * Initiates an OAuth authentication flow in a popup window and returns the authenticated user.
+         *
+         * @example
+         * ```ts
+         * import { AlchemySignerWebClient } from "@account-kit/signer";
+         *
+         * const client = new AlchemySignerWebClient({
+         *  connection: {
+         *    apiKey: "your-api-key",
+         *  },
+         *  iframeConfig: {
+         *   iframeContainerId: "signer-iframe-container",
+         *  },
+         * });
+         *
+         * const user = await client.oauthWithPopup({
+         *  type: "oauth",
+         *  authProviderId: "google",
+         *  mode: "popup"
+         * });
+         * ```
+         *
+         * @param {Extract<AuthParams, { type: "oauth"; mode: "popup" }>} args The authentication parameters specifying OAuth type and popup mode
+         * @returns {Promise<User>} A promise that resolves to a `User` object containing the authenticated user information
+         */
+        Object.defineProperty(this, "oauthWithPopup", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async (args) => {
+                const providerUrl = await this.getOauthProviderUrl(args);
+                const popup = window.open(providerUrl, "_blank", "popup,width=500,height=600");
+                return new Promise((resolve, reject) => {
+                    const handleMessage = (event) => {
+                        if (!event.data) {
+                            return;
+                        }
+                        const { alchemyBundle: bundle, alchemyOrgId: orgId } = event.data;
+                        if (bundle && orgId) {
+                            cleanup();
+                            this.completeAuthWithBundle({
+                                bundle,
+                                orgId,
+                                connectedEventName: "connectedOauth",
+                            }).then(resolve, reject);
+                        }
+                    };
+                    window.addEventListener("message", handleMessage);
+                    const checkCloseIntervalId = setInterval(() => {
+                        if (popup?.closed) {
+                            cleanup();
+                            reject(new Error("OAuth cancelled"));
+                        }
+                    }, CHECK_CLOSE_INTERVAL);
+                    const cleanup = () => {
+                        window.removeEventListener("message", handleMessage);
+                        clearInterval(checkCloseIntervalId);
+                    };
+                });
+            }
+        });
+        Object.defineProperty(this, "getOauthProviderUrl", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async (args) => {
+                const { authProviderId, isCustomProvider, scope: providedScope, claims: providedClaims, mode, redirectUrl, expirationSeconds, } = args;
+                const { codeChallenge, requestKey, authProviders } = await this.getOauthConfigForMode(mode);
+                const authProvider = authProviders.find((provider) => provider.id === authProviderId &&
+                    !!provider.isCustomProvider === !!isCustomProvider);
+                if (!authProvider) {
+                    throw new Error(`No auth provider found with id ${authProviderId}`);
+                }
+                let scope;
+                let claims;
+                if (providedScope) {
+                    scope = providedScope;
+                    claims = providedClaims;
+                }
+                else {
+                    if (isCustomProvider) {
+                        throw new Error("scope must be provided for a custom provider");
+                    }
+                    const scopeAndClaims = getDefaultScopeAndClaims(authProviderId);
+                    if (!scopeAndClaims) {
+                        throw new Error(`Default scope not known for provider ${authProviderId}`);
+                    }
+                    ({ scope, claims } = scopeAndClaims);
+                }
+                const { authEndpoint, clientId } = authProvider;
+                const turnkeyPublicKey = await this.initIframeStamper();
+                const nonce = getOauthNonce(turnkeyPublicKey);
+                const stateObject = {
+                    authProviderId,
+                    isCustomProvider,
+                    requestKey,
+                    turnkeyPublicKey,
+                    expirationSeconds,
+                    redirectUrl: mode === "redirect" ? resolveRelativeUrl(redirectUrl) : undefined,
+                    openerOrigin: mode === "popup" ? window.location.origin : undefined,
+                };
+                const state = base64UrlEncode(new TextEncoder().encode(JSON.stringify(stateObject)));
+                const authUrl = new URL(authEndpoint);
+                const params = {
+                    redirect_uri: this.oauthCallbackUrl,
+                    response_type: "code",
+                    scope,
+                    state,
+                    code_challenge: codeChallenge,
+                    code_challenge_method: "S256",
+                    prompt: "select_account",
+                    client_id: clientId,
+                    nonce,
+                };
+                if (claims) {
+                    params.claims = claims;
+                }
+                authUrl.search = new URLSearchParams(params).toString();
+                return authUrl.toString();
+            }
+        });
         Object.defineProperty(this, "initIframeStamper", {
             enumerable: true,
             configurable: true,
@@ -412,11 +584,44 @@ export class AlchemySignerWebClient extends BaseSignerClient {
                 return { challenge, authenticatorUserId, attestation };
             }
         });
+        Object.defineProperty(this, "getOauthConfig", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async () => {
+                const publicKey = await this.initIframeStamper();
+                const nonce = getOauthNonce(publicKey);
+                return this.request("/v1/prepare-oauth", { nonce });
+            }
+        });
+        Object.defineProperty(this, "getOauthConfigForMode", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async (mode) => {
+                if (this.oauthConfig) {
+                    return this.oauthConfig;
+                }
+                else if (mode === "redirect") {
+                    return this.initOauth();
+                }
+                else {
+                    throw new Error("enablePopupOauth must be set in configuration or signer.preparePopupOauth must be called before using popup-based OAuth login");
+                }
+            }
+        });
         this.iframeStamper = iframeStamper;
         this.iframeContainerId = iframeConfig.iframeContainerId;
         this.webauthnStamper = new WebauthnStamper({
             rpId: rpId ?? window.location.hostname,
         });
+        this.oauthCallbackUrl = oauthCallbackUrl;
     }
 }
+function resolveRelativeUrl(url) {
+    // Funny trick.
+    const a = document.createElement("a");
+    a.href = url;
+    return a.href;
+}
 //# sourceMappingURL=index.js.map

package/dist/esm/client/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAS7C,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,CAAC,MAAM,CAAC;IACtD,UAAU,EAAE,sBAAsB;IAClC,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,gBAAgB,CAAC;QACrD,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE;KAC9B,CAAC;IACF,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,OAAO,CAAC,sCAAsC,CAAC;CACnD,CAAC,CAAC;AAMH;;;GAGG;AACH,MAAM,OAAO,sBAAuB,SAAQ,gBAAoC;IAK9E;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,YAAY,MAAiC;QAC3C,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,IAAI,EAAE,SAAS,EAAE,GACjD,+BAA+B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEhD,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC;YACtC,eAAe,EAAE,YAAY,CAAC,eAAe;YAC7C,SAAS,EAAE,0BAA0B;YACrC,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,YAAY,CAAC,iBAAiB,CAAC;SACzE,CAAC,CAAC;QAEH,KAAK,CAAC;YACJ,UAAU;YACV,SAAS;YACT,OAAO,EAAE,aAAa;SACvB,CAAC,CAAC;QAzCG;;;;;WAA6B;QAC7B;;;;;WAAiC;QACzC;;;;;WAA0B;QAiD1B;;;;;;;;;;;;;;;;;;;;;WAqBG;QACH;;;;mBAAgB,KAAK,EAAE,MAA2B,EAAE,EAAE;gBACpD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC5B,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;oBAC5C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAEjD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;wBAChD,KAAK;wBACL,eAAe,EAAE,SAAS;wBAC1B,iBAAiB;wBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;qBAClD,CAAC,CAAC;oBAEH,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,gCAAgC;gBAChC,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAClE,MAAM,CAAC,YAAY,EACnB,EAAE,QAAQ,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE,CACjE,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;oBAC9C,OAAO,EAAE;wBACP,SAAS,EAAE,eAAe,CAAC,SAAS,CAAC;wBACrC,WAAW;qBACZ;oBACD,KAAK,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACpD,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,GAAG;oBACV,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAQ;oBACxB,MAAM,EAAE,MAAM,CAAC,MAAO;oBACtB,YAAY,EAAE,WAAW,CAAC,YAAY;iBACvC,CAAC;gBACF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEtD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;WAsBG;QACI;;;;mBAAgB,KAAK,EAC1B,MAAgD,EAChD,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;gBAC5C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAEjD,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE;oBAC9B,KAAK;oBACL,eAAe,EAAE,SAAS;oBAC1B,iBAAiB;oBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;iBAClD,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;WAqBG;QACI;;;;mBAAoB,KAAK,EAAE,EAChC,MAAM,EACN,KAAK,GAIN,EAAE,EAAE;gBACH,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAE/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC;gBAEvE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;gBACxD,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACtC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;gBAEvD,OAAO,IAAI,CAAC;YACd,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;WAqBG;QACI;;;;mBAAwB,KAAK,EAAE,OAAyB,SAAS,EAAE,EAAE;gBAC1E,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,IAAI,EAAE,CAAC;oBACT,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;oBACjB,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC/C,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;gBACvC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;gBAEnD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;WA0BG;QACI;;;;mBAAe,KAAK,EAAE,EAC3B,iBAAiB,EACjB,eAAe,GAAG,uBAAuB,GACtB,EAAE,EAAE;gBACvB,MAAM,yBAAyB,GAAG,IAAI,aAAa,CAAC;oBAClD,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,iBAAiB,CAAC;oBAC3D,eAAe,EAAE,eAAe;oBAChC,SAAS,EAAE,4BAA4B;iBACxC,CAAC,CAAC;gBACH,MAAM,yBAAyB,CAAC,IAAI,EAAE,CAAC;gBAEvC,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;oBACtD,OAAO,IAAI,CAAC,iBAAiB,CAAC;wBAC5B,aAAa,EAAE,yBAAyB;wBACxC,QAAQ,EAAE,aAAa;qBACxB,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,IAAI,CAAC,iBAAiB,CAAC;oBAC5B,aAAa,EAAE,yBAAyB;oBACxC,QAAQ,EAAE,aAAa;iBACxB,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;WAkBG;QACI;;;;mBAAa,KAAK,IAAI,EAAE;gBAC7B,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC;gBACtB,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;YAC7B,CAAC;WAAC;QAEM;;;;mBAAoB,KAAK,IAAI,EAAE;gBACrC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC;oBACpC,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;gBAClC,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBAEpC,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAG,CAAC;YACzC,CAAC;WAAC;QAEM;;;;mBAAsB,KAAK,EAAE,OAAyB,IAAI,CAAC,IAAI,EAAE,EAAE;gBACzE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBACtC,IAAI,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;oBAC9B,+GAA+G;oBAC/G,IAAI,CAAC,eAAe,CAAC,gBAAgB,GAAG;wBACtC;4BACE,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC;4BAC5C,IAAI,EAAE,YAAY;4BAClB,UAAU,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;yBACnC;qBACF,CAAC;gBACJ,CAAC;YACH,CAAC;WAAC;QAEQ;;;;mBAAyB,KAAK,EACtC,OAA2C,EAC3C,cAAoC;gBAClC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,WAAW;aAC1C,EACD,EAAE;gBACF,MAAM,SAAS,GAAG,oBAAoB,EAAE,CAAC;gBACzC,MAAM,mBAAmB,GAAG,oBAAoB,EAAE,CAAC;gBAEnD,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC;oBAC/C,SAAS,EAAE;wBACT,GAAG,OAAO,EAAE,SAAS;wBACrB,sBAAsB,EAAE;4BACtB,WAAW,EAAE,WAAW;4BACxB,kBAAkB,EAAE,KAAK;4BACzB,gBAAgB,EAAE,WAAW;4BAC7B,GAAG,OAAO,EAAE,SAAS,EAAE,sBAAsB;yBAC9C;wBACD,SAAS;wBACT,EAAE,EAAE;4BACF,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC5B,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC9B,GAAG,OAAO,EAAE,SAAS,EAAE,EAAE;yBAC1B;wBACD,gBAAgB,EAAE;4BAChB;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,CAAC;6BACR;4BACD;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,GAAG;6BACV;yBACF;wBACD,IAAI,EAAE;4BACJ,EAAE,EAAE,mBAAmB;4BACvB,IAAI,EAAE,WAAW,CAAC,QAAQ;4BAC1B,WAAW,EAAE,WAAW,CAAC,QAAQ;4BACjC,GAAG,OAAO,EAAE,SAAS,EAAE,IAAI;yBAC5B;qBACF;oBACD,MAAM,EAAE,OAAO,EAAE,MAAM;iBACxB,CAAC,CAAC;gBAEH,4EAA4E;gBAC5E,IAAI,WAAW,CAAC,UAAU,IAAI,IAAI,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC1E,WAAW,CAAC,UAAU,GAAG;wBACvB,kCAAkC;wBAClC,gCAAgC;qBACjC,CAAC;gBACJ,CAAC;gBAED,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,WAAW,EAAE,CAAC;YACzD,CAAC;WAAC;QAvVA,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,iBAAiB,GAAG,YAAY,CAAC,iBAAiB,CAAC;QAExD,IAAI,CAAC,eAAe,GAAG,IAAI,eAAe,CAAC;YACzC,IAAI,EAAE,IAAI,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ;SACvC,CAAC,CAAC;IACL,CAAC;CAkVF","sourcesContent":["import { ConnectionConfigSchema } from \"@aa-sdk/core\";\nimport { getWebAuthnAttestation } from \"@turnkey/http\";\nimport { IframeStamper } from \"@turnkey/iframe-stamper\";\nimport { WebauthnStamper } from \"@turnkey/webauthn-stamper\";\nimport { z } from \"zod\";\nimport { base64UrlEncode } from \"../utils/base64UrlEncode.js\";\nimport { generateRandomBuffer } from \"../utils/generateRandomBuffer.js\";\nimport { BaseSignerClient } from \"./base.js\";\nimport type {\n  CreateAccountParams,\n  CredentialCreationOptionOverrides,\n  EmailAuthParams,\n  ExportWalletParams,\n  User,\n} from \"./types.js\";\n\nexport const AlchemySignerClientParamsSchema = z.object({\n  connection: ConnectionConfigSchema,\n  iframeConfig: z.object({\n    iframeElementId: z.string().default(\"turnkey-iframe\"),\n    iframeContainerId: z.string(),\n  }),\n  rpId: z.string().optional(),\n  rootOrgId: z\n    .string()\n    .optional()\n    .default(\"24c1acf5-810f-41e0-a503-d5d13fa8e830\"),\n});\n\nexport type AlchemySignerClientParams = z.input<\n  typeof AlchemySignerClientParamsSchema\n>;\n\n/**\n * A lower level client used by the AlchemySigner used to communicate with\n * Alchemy's signer service.\n */\nexport class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams> {\n  private iframeStamper: IframeStamper;\n  private webauthnStamper: WebauthnStamper;\n  iframeContainerId: string;\n\n  /**\n   * Initializes a new instance with the given parameters, setting up the connection, iframe configuration, and WebAuthn stamper.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   * ```\n   *\n   * @param {AlchemySignerClientParams} params the parameters required to initialize the client\n   * @param {ConnectionConfig} params.connection The connection details needed to connect to the service\n   * @param {{ iframeElementId?: string; iframeContainerId: string }} params.iframeConfig The configuration details for setting up the iframe stamper\n   * @param {string} params.rpId The relying party ID, defaulting to the current hostname if not provided\n   * @param {string} params.rootOrgId The root organization ID\n   */\n  constructor(params: AlchemySignerClientParams) {\n    const { connection, iframeConfig, rpId, rootOrgId } =\n      AlchemySignerClientParamsSchema.parse(params);\n\n    const iframeStamper = new IframeStamper({\n      iframeElementId: iframeConfig.iframeElementId,\n      iframeUrl: \"https://auth.turnkey.com\",\n      iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n    });\n\n    super({\n      connection,\n      rootOrgId,\n      stamper: iframeStamper,\n    });\n\n    this.iframeStamper = iframeStamper;\n    this.iframeContainerId = iframeConfig.iframeContainerId;\n\n    this.webauthnStamper = new WebauthnStamper({\n      rpId: rpId ?? window.location.hostname,\n    });\n  }\n\n  /**\n   * Authenticates the user by either email or passkey account creation flow. Emits events during the process.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.createAccount({ type: \"email\", email: \"you@mail.com\" });\n   * ```\n   *\n   * @param {CreateAccountParams} params The parameters for creating an account, including the type (email or passkey) and additional details.\n   * @returns {Promise<SignupResponse>} A promise that resolves with the response object containing the account creation result.\n   */\n  createAccount = async (params: CreateAccountParams) => {\n    this.eventEmitter.emit(\"authenticating\");\n    if (params.type === \"email\") {\n      const { email, expirationSeconds } = params;\n      const publicKey = await this.initIframeStamper();\n\n      const response = await this.request(\"/v1/signup\", {\n        email,\n        targetPublicKey: publicKey,\n        expirationSeconds,\n        redirectParams: params.redirectParams?.toString(),\n      });\n\n      return response;\n    }\n\n    // Passkey account creation flow\n    const { attestation, challenge } = await this.getWebAuthnAttestation(\n      params.creationOpts,\n      { username: \"email\" in params ? params.email : params.username }\n    );\n\n    const result = await this.request(\"/v1/signup\", {\n      passkey: {\n        challenge: base64UrlEncode(challenge),\n        attestation,\n      },\n      email: \"email\" in params ? params.email : undefined,\n    });\n\n    this.user = {\n      orgId: result.orgId,\n      address: result.address!,\n      userId: result.userId!,\n      credentialId: attestation.credentialId,\n    };\n    this.initWebauthnStamper(this.user);\n    this.eventEmitter.emit(\"connectedPasskey\", this.user);\n\n    return result;\n  };\n\n  /**\n   * Begin authenticating a user with their email and an expiration time for the authentication request. Initializes the iframe stamper to get the target public key.\n   * This method sends an email to the user to complete their login\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.initEmailAuth({ email: \"you@mail.com\" });\n   * ```\n   *\n   * @param {Omit<EmailAuthParams, \"targetPublicKey\">} params The parameters for email authentication, excluding the target public key\n   * @returns {Promise<any>} The response from the authentication request\n   */\n  public initEmailAuth = async (\n    params: Omit<EmailAuthParams, \"targetPublicKey\">\n  ) => {\n    this.eventEmitter.emit(\"authenticating\");\n    const { email, expirationSeconds } = params;\n    const publicKey = await this.initIframeStamper();\n\n    return this.request(\"/v1/auth\", {\n      email,\n      targetPublicKey: publicKey,\n      expirationSeconds,\n      redirectParams: params.redirectParams?.toString(),\n    });\n  };\n\n  /**\n   * Completes email auth for the user by injecting a credential bundle and retrieving the user information based on the provided organization ID. Emits events during the process.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.completeEmailAuth({ orgId: \"user-org-id\", bundle: \"bundle-from-email\" });\n   * ```\n   *\n   * @param {{ bundle: string; orgId: string }} config The configuration object for the authentication function containing the credential bundle to inject and the organization id associated with the user\n   * @returns {Promise<User>} A promise that resolves to the authenticated user information\n   */\n  public completeEmailAuth = async ({\n    bundle,\n    orgId,\n  }: {\n    bundle: string;\n    orgId: string;\n  }) => {\n    this.eventEmitter.emit(\"authenticating\");\n    await this.initIframeStamper();\n\n    const result = await this.iframeStamper.injectCredentialBundle(bundle);\n\n    if (!result) {\n      throw new Error(\"Failed to inject credential bundle\");\n    }\n\n    const user = await this.whoami(orgId);\n    this.eventEmitter.emit(\"connectedEmail\", user, bundle);\n\n    return user;\n  };\n\n  /**\n   * Asynchronously handles the authentication process using WebAuthn Stamper. If a user is provided, sets the user and returns it. Otherwise, retrieves the current user and initializes the WebAuthn stamper.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.lookupUserWithPasskey();\n   * ```\n   *\n   * @param {User} [user] An optional user object to authenticate\n   * @returns {Promise<User>} A promise that resolves to the authenticated user object\n   */\n  public lookupUserWithPasskey = async (user: User | undefined = undefined) => {\n    this.eventEmitter.emit(\"authenticating\");\n    await this.initWebauthnStamper(user);\n    if (user) {\n      this.user = user;\n      return user;\n    }\n\n    const result = await this.whoami(this.rootOrg);\n    await this.initWebauthnStamper(result);\n    this.eventEmitter.emit(\"connectedPasskey\", result);\n\n    return result;\n  };\n\n  /**\n   * Initiates the export of a wallet by creating an iframe stamper and calling the appropriate export function.\n   * The export can be based on a seed phrase or a private key.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.exportWallet({\n   *  iframeContainerId: \"export-iframe-container\",\n   * });\n   * ```\n   *\n   * @param {ExportWalletParams} config The parameters for exporting the wallet\n   * @param {string} config.iframeContainerId The ID of the container element that will hold the iframe stamper\n   * @param {string} [config.iframeElementId] Optional ID for the iframe element\n   * @returns {Promise<void>} A promise that resolves when the export process is complete\n   */\n  public exportWallet = async ({\n    iframeContainerId,\n    iframeElementId = \"turnkey-export-iframe\",\n  }: ExportWalletParams) => {\n    const exportWalletIframeStamper = new IframeStamper({\n      iframeContainer: document.getElementById(iframeContainerId),\n      iframeElementId: iframeElementId,\n      iframeUrl: \"https://export.turnkey.com\",\n    });\n    await exportWalletIframeStamper.init();\n\n    if (this.turnkeyClient.stamper === this.iframeStamper) {\n      return this.exportWalletInner({\n        exportStamper: exportWalletIframeStamper,\n        exportAs: \"SEED_PHRASE\",\n      });\n    }\n\n    return this.exportWalletInner({\n      exportStamper: exportWalletIframeStamper,\n      exportAs: \"PRIVATE_KEY\",\n    });\n  };\n\n  /**\n   * Asynchronous function that clears the user and resets the iframe stamper.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.disconnect();\n   * ```\n   */\n  public disconnect = async () => {\n    this.user = undefined;\n    this.iframeStamper.clear();\n  };\n\n  private initIframeStamper = async () => {\n    if (!this.iframeStamper.publicKey()) {\n      await this.iframeStamper.init();\n    }\n\n    this.setStamper(this.iframeStamper);\n\n    return this.iframeStamper.publicKey()!;\n  };\n\n  private initWebauthnStamper = async (user: User | undefined = this.user) => {\n    this.setStamper(this.webauthnStamper);\n    if (user && user.credentialId) {\n      // The goal here is to allow us to cache the allowed credential, but this doesn't work with hybrid transport :(\n      this.webauthnStamper.allowCredentials = [\n        {\n          id: Buffer.from(user.credentialId, \"base64\"),\n          type: \"public-key\",\n          transports: [\"internal\", \"hybrid\"],\n        },\n      ];\n    }\n  };\n\n  protected getWebAuthnAttestation = async (\n    options?: CredentialCreationOptionOverrides,\n    userDetails: { username: string } = {\n      username: this.user?.email ?? \"anonymous\",\n    }\n  ) => {\n    const challenge = generateRandomBuffer();\n    const authenticatorUserId = generateRandomBuffer();\n\n    const attestation = await getWebAuthnAttestation({\n      publicKey: {\n        ...options?.publicKey,\n        authenticatorSelection: {\n          residentKey: \"preferred\",\n          requireResidentKey: false,\n          userVerification: \"preferred\",\n          ...options?.publicKey?.authenticatorSelection,\n        },\n        challenge,\n        rp: {\n          id: window.location.hostname,\n          name: window.location.hostname,\n          ...options?.publicKey?.rp,\n        },\n        pubKeyCredParams: [\n          {\n            type: \"public-key\",\n            alg: -7,\n          },\n          {\n            type: \"public-key\",\n            alg: -257,\n          },\n        ],\n        user: {\n          id: authenticatorUserId,\n          name: userDetails.username,\n          displayName: userDetails.username,\n          ...options?.publicKey?.user,\n        },\n      },\n      signal: options?.signal,\n    });\n\n    // on iOS sometimes this is returned as empty or null, so handling that here\n    if (attestation.transports == null || attestation.transports.length === 0) {\n      attestation.transports = [\n        \"AUTHENTICATOR_TRANSPORT_INTERNAL\",\n        \"AUTHENTICATOR_TRANSPORT_HYBRID\",\n      ];\n    }\n\n    return { challenge, authenticatorUserId, attestation };\n  };\n}\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAW7C,OAAO,EAAE,wBAAwB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAGtE,MAAM,oBAAoB,GAAG,GAAG,CAAC;AAEjC,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,CAAC,MAAM,CAAC;IACtD,UAAU,EAAE,sBAAsB;IAClC,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,gBAAgB,CAAC;QACrD,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE;KAC9B,CAAC;IACF,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,OAAO,CAAC,sCAAsC,CAAC;IAClD,gBAAgB,EAAE,CAAC;SAChB,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,OAAO,CAAC,qCAAqC,CAAC;IACjD,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CACxD,CAAC,CAAC;AAgBH;;;GAGG;AACH,MAAM,OAAO,sBAAuB,SAAQ,gBAAoC;IAM9E;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,YAAY,MAAiC;QAC3C,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAgB,EAAE,GACnE,+BAA+B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEhD,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC;YACtC,eAAe,EAAE,YAAY,CAAC,eAAe;YAC7C,SAAS,EAAE,0BAA0B;YACrC,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,YAAY,CAAC,iBAAiB,CAAC;SACzE,CAAC,CAAC;QAEH,KAAK,CAAC;YACJ,UAAU;YACV,SAAS;YACT,OAAO,EAAE,aAAa;SACvB,CAAC,CAAC;QA1CG;;;;;WAA6B;QAC7B;;;;;WAAiC;QACzC;;;;;WAAyB;QACzB;;;;;WAA0B;QAmD1B;;;;;;;;;;;;;;;;;;;;;WAqBG;QACa;;;;mBAAgB,KAAK,EAAE,MAA2B,EAAE,EAAE;gBACpE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC5B,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;oBAC5C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAEjD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;wBAChD,KAAK;wBACL,eAAe,EAAE,SAAS;wBAC1B,iBAAiB;wBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;qBAClD,CAAC,CAAC;oBAEH,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,gCAAgC;gBAChC,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAClE,MAAM,CAAC,YAAY,EACnB,EAAE,QAAQ,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE,CACjE,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;oBAC9C,OAAO,EAAE;wBACP,SAAS,EAAE,eAAe,CAAC,SAAS,CAAC;wBACrC,WAAW;qBACZ;oBACD,KAAK,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACpD,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,GAAG;oBACV,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAQ;oBACxB,MAAM,EAAE,MAAM,CAAC,MAAO;oBACtB,YAAY,EAAE,WAAW,CAAC,YAAY;iBACvC,CAAC;gBACF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEtD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;WAsBG;QACa;;;;mBAAgB,KAAK,EACnC,MAAgD,EAChD,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;gBAC5C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAEjD,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE;oBAC9B,KAAK;oBACL,eAAe,EAAE,SAAS;oBAC1B,iBAAiB;oBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;iBAClD,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;WAqBG;QACa;;;;mBAAyB,KAAK,EAAE,EAC9C,MAAM,EACN,KAAK,EACL,kBAAkB,GAKnB,EAAiB,EAAE;gBAClB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAE/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC;gBAEvE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;gBACxD,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACtC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;gBAEzD,OAAO,IAAI,CAAC;YACd,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;WAqBG;QACa;;;;mBAAwB,KAAK,EAC3C,OAAyB,SAAS,EAClC,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACzC,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,IAAI,EAAE,CAAC;oBACT,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;oBACjB,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC/C,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;gBACvC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;gBAEnD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;WA0BG;QACa;;;;mBAAe,KAAK,EAAE,EACpC,iBAAiB,EACjB,eAAe,GAAG,uBAAuB,GACtB,EAAE,EAAE;gBACvB,MAAM,yBAAyB,GAAG,IAAI,aAAa,CAAC;oBAClD,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,iBAAiB,CAAC;oBAC3D,eAAe,EAAE,eAAe;oBAChC,SAAS,EAAE,4BAA4B;iBACxC,CAAC,CAAC;gBACH,MAAM,yBAAyB,CAAC,IAAI,EAAE,CAAC;gBAEvC,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;oBACtD,OAAO,IAAI,CAAC,iBAAiB,CAAC;wBAC5B,aAAa,EAAE,yBAAyB;wBACxC,QAAQ,EAAE,aAAa;qBACxB,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,IAAI,CAAC,iBAAiB,CAAC;oBAC5B,aAAa,EAAE,yBAAyB;oBACxC,QAAQ,EAAE,aAAa;iBACxB,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;WAkBG;QACa;;;;mBAAa,KAAK,IAAI,EAAE;gBACtC,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC;gBACtB,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;YAC7B,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;WA0BG;QACa;;;;mBAAoB,KAAK,EACvC,IAA8D,EAC9C,EAAE;gBAClB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACzD,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;gBACnC,OAAO,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAC/B,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,sCAAsC,CAAC,EAAE,IAAI,CAAC,CACvE,CAAC;YACJ,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;WAyBG;QACa;;;;mBAAiB,KAAK,EACpC,IAA2D,EAC5C,EAAE;gBACjB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACzD,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CACvB,WAAW,EACX,QAAQ,EACR,4BAA4B,CAC7B,CAAC;gBACF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBACrC,MAAM,aAAa,GAAG,CAAC,KAAmB,EAAE,EAAE;wBAC5C,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;4BAChB,OAAO;wBACT,CAAC;wBACD,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC;wBAClE,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;4BACpB,OAAO,EAAE,CAAC;4BACV,IAAI,CAAC,sBAAsB,CAAC;gCAC1B,MAAM;gCACN,KAAK;gCACL,kBAAkB,EAAE,gBAAgB;6BACrC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;wBAC3B,CAAC;oBACH,CAAC,CAAC;oBAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;oBAElD,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,EAAE;wBAC5C,IAAI,KAAK,EAAE,MAAM,EAAE,CAAC;4BAClB,OAAO,EAAE,CAAC;4BACV,MAAM,CAAC,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC;wBACvC,CAAC;oBACH,CAAC,EAAE,oBAAoB,CAAC,CAAC;oBAEzB,MAAM,OAAO,GAAG,GAAG,EAAE;wBACnB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;wBACrD,aAAa,CAAC,oBAAoB,CAAC,CAAC;oBACtC,CAAC,CAAC;gBACJ,CAAC,CAAC,CAAC;YACL,CAAC;WAAC;QAEM;;;;mBAAsB,KAAK,EAAE,IAAiB,EAAmB,EAAE;gBACzE,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,KAAK,EAAE,aAAa,EACpB,MAAM,EAAE,cAAc,EACtB,IAAI,EACJ,WAAW,EACX,iBAAiB,GAClB,GAAG,IAAI,CAAC;gBACT,MAAM,EAAE,aAAa,EAAE,UAAU,EAAE,aAAa,EAAE,GAChD,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;gBACzC,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CACrC,CAAC,QAAQ,EAAE,EAAE,CACX,QAAQ,CAAC,EAAE,KAAK,cAAc;oBAC9B,CAAC,CAAC,QAAQ,CAAC,gBAAgB,KAAK,CAAC,CAAC,gBAAgB,CACrD,CAAC;gBACF,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,kCAAkC,cAAc,EAAE,CAAC,CAAC;gBACtE,CAAC;gBACD,IAAI,KAAa,CAAC;gBAClB,IAAI,MAA0B,CAAC;gBAC/B,IAAI,aAAa,EAAE,CAAC;oBAClB,KAAK,GAAG,aAAa,CAAC;oBACtB,MAAM,GAAG,cAAc,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,IAAI,gBAAgB,EAAE,CAAC;wBACrB,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;oBAClE,CAAC;oBACD,MAAM,cAAc,GAAG,wBAAwB,CAAC,cAAc,CAAC,CAAC;oBAChE,IAAI,CAAC,cAAc,EAAE,CAAC;wBACpB,MAAM,IAAI,KAAK,CACb,wCAAwC,cAAc,EAAE,CACzD,CAAC;oBACJ,CAAC;oBACD,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,cAAc,CAAC,CAAC;gBACvC,CAAC;gBACD,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,YAAY,CAAC;gBAChD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACxD,MAAM,KAAK,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;gBAC9C,MAAM,WAAW,GAAe;oBAC9B,cAAc;oBACd,gBAAgB;oBAChB,UAAU;oBACV,gBAAgB;oBAChB,iBAAiB;oBACjB,WAAW,EACT,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;oBACnE,YAAY,EAAE,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;iBACpE,CAAC;gBACF,MAAM,KAAK,GAAG,eAAe,CAC3B,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CACtD,CAAC;gBACF,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;gBACtC,MAAM,MAAM,GAA2B;oBACrC,YAAY,EAAE,IAAI,CAAC,gBAAgB;oBACnC,aAAa,EAAE,MAAM;oBACrB,KAAK;oBACL,KAAK;oBACL,cAAc,EAAE,aAAa;oBAC7B,qBAAqB,EAAE,MAAM;oBAC7B,MAAM,EAAE,gBAAgB;oBACxB,SAAS,EAAE,QAAQ;oBACnB,KAAK;iBACN,CAAC;gBACF,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;gBACzB,CAAC;gBACD,OAAO,CAAC,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;gBACxD,OAAO,OAAO,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC;WAAC;QAEM;;;;mBAAoB,KAAK,IAAI,EAAE;gBACrC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC;oBACpC,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;gBAClC,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBAEpC,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAG,CAAC;YACzC,CAAC;WAAC;QAEM;;;;mBAAsB,KAAK,EAAE,OAAyB,IAAI,CAAC,IAAI,EAAE,EAAE;gBACzE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBACtC,IAAI,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;oBAC9B,+GAA+G;oBAC/G,IAAI,CAAC,eAAe,CAAC,gBAAgB,GAAG;wBACtC;4BACE,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC;4BAC5C,IAAI,EAAE,YAAY;4BAClB,UAAU,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;yBACnC;qBACF,CAAC;gBACJ,CAAC;YACH,CAAC;WAAC;QAEiB;;;;mBAAyB,KAAK,EAC/C,OAA2C,EAC3C,cAAoC;gBAClC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,WAAW;aAC1C,EACD,EAAE;gBACF,MAAM,SAAS,GAAG,oBAAoB,EAAE,CAAC;gBACzC,MAAM,mBAAmB,GAAG,oBAAoB,EAAE,CAAC;gBAEnD,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC;oBAC/C,SAAS,EAAE;wBACT,GAAG,OAAO,EAAE,SAAS;wBACrB,sBAAsB,EAAE;4BACtB,WAAW,EAAE,WAAW;4BACxB,kBAAkB,EAAE,KAAK;4BACzB,gBAAgB,EAAE,WAAW;4BAC7B,GAAG,OAAO,EAAE,SAAS,EAAE,sBAAsB;yBAC9C;wBACD,SAAS;wBACT,EAAE,EAAE;4BACF,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC5B,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC9B,GAAG,OAAO,EAAE,SAAS,EAAE,EAAE;yBAC1B;wBACD,gBAAgB,EAAE;4BAChB;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,CAAC;6BACR;4BACD;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,GAAG;6BACV;yBACF;wBACD,IAAI,EAAE;4BACJ,EAAE,EAAE,mBAAmB;4BACvB,IAAI,EAAE,WAAW,CAAC,QAAQ;4BAC1B,WAAW,EAAE,WAAW,CAAC,QAAQ;4BACjC,GAAG,OAAO,EAAE,SAAS,EAAE,IAAI;yBAC5B;qBACF;oBACD,MAAM,EAAE,OAAO,EAAE,MAAM;iBACxB,CAAC,CAAC;gBAEH,4EAA4E;gBAC5E,IAAI,WAAW,CAAC,UAAU,IAAI,IAAI,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC1E,WAAW,CAAC,UAAU,GAAG;wBACvB,kCAAkC;wBAClC,gCAAgC;qBACjC,CAAC;gBACJ,CAAC;gBAED,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,WAAW,EAAE,CAAC;YACzD,CAAC;WAAC;QAEiB;;;;mBAAiB,KAAK,IAA0B,EAAE;gBACnE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC;gBACvC,OAAO,IAAI,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,CAAC;WAAC;QAEM;;;;mBAAwB,KAAK,EACnC,IAAe,EACO,EAAE;gBACxB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,OAAO,IAAI,CAAC,WAAW,CAAC;gBAC1B,CAAC;qBAAM,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC/B,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CACb,+HAA+H,CAChI,CAAC;gBACJ,CAAC;YACH,CAAC;WAAC;QAjiBA,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,iBAAiB,GAAG,YAAY,CAAC,iBAAiB,CAAC;QAExD,IAAI,CAAC,eAAe,GAAG,IAAI,eAAe,CAAC;YACzC,IAAI,EAAE,IAAI,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ;SACvC,CAAC,CAAC;QAEH,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IAC3C,CAAC;CA0hBF;AAED,SAAS,kBAAkB,CAAC,GAAW;IACrC,eAAe;IACf,MAAM,CAAC,GAAG,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC,CAAC,IAAI,GAAG,GAAG,CAAC;IACb,OAAO,CAAC,CAAC,IAAI,CAAC;AAChB,CAAC","sourcesContent":["import { ConnectionConfigSchema } from \"@aa-sdk/core\";\nimport { getWebAuthnAttestation } from \"@turnkey/http\";\nimport { IframeStamper } from \"@turnkey/iframe-stamper\";\nimport { WebauthnStamper } from \"@turnkey/webauthn-stamper\";\nimport { z } from \"zod\";\nimport { base64UrlEncode } from \"../utils/base64UrlEncode.js\";\nimport { generateRandomBuffer } from \"../utils/generateRandomBuffer.js\";\nimport { BaseSignerClient } from \"./base.js\";\nimport type {\n  AlchemySignerClientEvents,\n  CreateAccountParams,\n  CredentialCreationOptionOverrides,\n  EmailAuthParams,\n  ExportWalletParams,\n  OauthConfig,\n  OauthParams,\n  User,\n} from \"./types.js\";\nimport { getDefaultScopeAndClaims, getOauthNonce } from \"../oauth.js\";\nimport type { AuthParams, OauthMode } from \"../signer.js\";\n\nconst CHECK_CLOSE_INTERVAL = 500;\n\nexport const AlchemySignerClientParamsSchema = z.object({\n  connection: ConnectionConfigSchema,\n  iframeConfig: z.object({\n    iframeElementId: z.string().default(\"turnkey-iframe\"),\n    iframeContainerId: z.string(),\n  }),\n  rpId: z.string().optional(),\n  rootOrgId: z\n    .string()\n    .optional()\n    .default(\"24c1acf5-810f-41e0-a503-d5d13fa8e830\"),\n  oauthCallbackUrl: z\n    .string()\n    .optional()\n    .default(\"https://signer.alchemy.com/callback\"),\n  enablePopupOauth: z.boolean().optional().default(false),\n});\n\nexport type AlchemySignerClientParams = z.input<\n  typeof AlchemySignerClientParamsSchema\n>;\n\ntype OauthState = {\n  authProviderId: string;\n  isCustomProvider?: boolean;\n  requestKey: string;\n  turnkeyPublicKey: string;\n  expirationSeconds?: number;\n  redirectUrl?: string;\n  openerOrigin?: string;\n};\n\n/**\n * A lower level client used by the AlchemySigner used to communicate with\n * Alchemy's signer service.\n */\nexport class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams> {\n  private iframeStamper: IframeStamper;\n  private webauthnStamper: WebauthnStamper;\n  oauthCallbackUrl: string;\n  iframeContainerId: string;\n\n  /**\n   * Initializes a new instance with the given parameters, setting up the connection, iframe configuration, and WebAuthn stamper.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   * ```\n   *\n   * @param {AlchemySignerClientParams} params the parameters required to initialize the client\n   * @param {ConnectionConfig} params.connection The connection details needed to connect to the service\n   * @param {{ iframeElementId?: string; iframeContainerId: string }} params.iframeConfig The configuration details for setting up the iframe stamper\n   * @param {string} params.rpId The relying party ID, defaulting to the current hostname if not provided\n   * @param {string} params.rootOrgId The root organization ID\n   */\n  constructor(params: AlchemySignerClientParams) {\n    const { connection, iframeConfig, rpId, rootOrgId, oauthCallbackUrl } =\n      AlchemySignerClientParamsSchema.parse(params);\n\n    const iframeStamper = new IframeStamper({\n      iframeElementId: iframeConfig.iframeElementId,\n      iframeUrl: \"https://auth.turnkey.com\",\n      iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n    });\n\n    super({\n      connection,\n      rootOrgId,\n      stamper: iframeStamper,\n    });\n\n    this.iframeStamper = iframeStamper;\n    this.iframeContainerId = iframeConfig.iframeContainerId;\n\n    this.webauthnStamper = new WebauthnStamper({\n      rpId: rpId ?? window.location.hostname,\n    });\n\n    this.oauthCallbackUrl = oauthCallbackUrl;\n  }\n\n  /**\n   * Authenticates the user by either email or passkey account creation flow. Emits events during the process.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.createAccount({ type: \"email\", email: \"you@mail.com\" });\n   * ```\n   *\n   * @param {CreateAccountParams} params The parameters for creating an account, including the type (email or passkey) and additional details.\n   * @returns {Promise<SignupResponse>} A promise that resolves with the response object containing the account creation result.\n   */\n  public override createAccount = async (params: CreateAccountParams) => {\n    this.eventEmitter.emit(\"authenticating\");\n    if (params.type === \"email\") {\n      const { email, expirationSeconds } = params;\n      const publicKey = await this.initIframeStamper();\n\n      const response = await this.request(\"/v1/signup\", {\n        email,\n        targetPublicKey: publicKey,\n        expirationSeconds,\n        redirectParams: params.redirectParams?.toString(),\n      });\n\n      return response;\n    }\n\n    // Passkey account creation flow\n    const { attestation, challenge } = await this.getWebAuthnAttestation(\n      params.creationOpts,\n      { username: \"email\" in params ? params.email : params.username }\n    );\n\n    const result = await this.request(\"/v1/signup\", {\n      passkey: {\n        challenge: base64UrlEncode(challenge),\n        attestation,\n      },\n      email: \"email\" in params ? params.email : undefined,\n    });\n\n    this.user = {\n      orgId: result.orgId,\n      address: result.address!,\n      userId: result.userId!,\n      credentialId: attestation.credentialId,\n    };\n    this.initWebauthnStamper(this.user);\n    this.eventEmitter.emit(\"connectedPasskey\", this.user);\n\n    return result;\n  };\n\n  /**\n   * Begin authenticating a user with their email and an expiration time for the authentication request. Initializes the iframe stamper to get the target public key.\n   * This method sends an email to the user to complete their login\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.initEmailAuth({ email: \"you@mail.com\" });\n   * ```\n   *\n   * @param {Omit<EmailAuthParams, \"targetPublicKey\">} params The parameters for email authentication, excluding the target public key\n   * @returns {Promise<any>} The response from the authentication request\n   */\n  public override initEmailAuth = async (\n    params: Omit<EmailAuthParams, \"targetPublicKey\">\n  ) => {\n    this.eventEmitter.emit(\"authenticating\");\n    const { email, expirationSeconds } = params;\n    const publicKey = await this.initIframeStamper();\n\n    return this.request(\"/v1/auth\", {\n      email,\n      targetPublicKey: publicKey,\n      expirationSeconds,\n      redirectParams: params.redirectParams?.toString(),\n    });\n  };\n\n  /**\n   * Completes auth for the user by injecting a credential bundle and retrieving the user information based on the provided organization ID. Emits events during the process.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.completeAuthWithBundle({ orgId: \"user-org-id\", bundle: \"bundle-from-email\", connectedEventName: \"connectedEmail\" });\n   * ```\n   *\n   * @param {{ bundle: string; orgId: string }} config The configuration object for the authentication function containing the credential bundle to inject and the organization id associated with the user\n   * @returns {Promise<User>} A promise that resolves to the authenticated user information\n   */\n  public override completeAuthWithBundle = async ({\n    bundle,\n    orgId,\n    connectedEventName,\n  }: {\n    bundle: string;\n    orgId: string;\n    connectedEventName: keyof AlchemySignerClientEvents;\n  }): Promise<User> => {\n    this.eventEmitter.emit(\"authenticating\");\n    await this.initIframeStamper();\n\n    const result = await this.iframeStamper.injectCredentialBundle(bundle);\n\n    if (!result) {\n      throw new Error(\"Failed to inject credential bundle\");\n    }\n\n    const user = await this.whoami(orgId);\n    this.eventEmitter.emit(connectedEventName, user, bundle);\n\n    return user;\n  };\n\n  /**\n   * Asynchronously handles the authentication process using WebAuthn Stamper. If a user is provided, sets the user and returns it. Otherwise, retrieves the current user and initializes the WebAuthn stamper.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.lookupUserWithPasskey();\n   * ```\n   *\n   * @param {User} [user] An optional user object to authenticate\n   * @returns {Promise<User>} A promise that resolves to the authenticated user object\n   */\n  public override lookupUserWithPasskey = async (\n    user: User | undefined = undefined\n  ) => {\n    this.eventEmitter.emit(\"authenticating\");\n    await this.initWebauthnStamper(user);\n    if (user) {\n      this.user = user;\n      return user;\n    }\n\n    const result = await this.whoami(this.rootOrg);\n    await this.initWebauthnStamper(result);\n    this.eventEmitter.emit(\"connectedPasskey\", result);\n\n    return result;\n  };\n\n  /**\n   * Initiates the export of a wallet by creating an iframe stamper and calling the appropriate export function.\n   * The export can be based on a seed phrase or a private key.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.exportWallet({\n   *  iframeContainerId: \"export-iframe-container\",\n   * });\n   * ```\n   *\n   * @param {ExportWalletParams} config The parameters for exporting the wallet\n   * @param {string} config.iframeContainerId The ID of the container element that will hold the iframe stamper\n   * @param {string} [config.iframeElementId] Optional ID for the iframe element\n   * @returns {Promise<void>} A promise that resolves when the export process is complete\n   */\n  public override exportWallet = async ({\n    iframeContainerId,\n    iframeElementId = \"turnkey-export-iframe\",\n  }: ExportWalletParams) => {\n    const exportWalletIframeStamper = new IframeStamper({\n      iframeContainer: document.getElementById(iframeContainerId),\n      iframeElementId: iframeElementId,\n      iframeUrl: \"https://export.turnkey.com\",\n    });\n    await exportWalletIframeStamper.init();\n\n    if (this.turnkeyClient.stamper === this.iframeStamper) {\n      return this.exportWalletInner({\n        exportStamper: exportWalletIframeStamper,\n        exportAs: \"SEED_PHRASE\",\n      });\n    }\n\n    return this.exportWalletInner({\n      exportStamper: exportWalletIframeStamper,\n      exportAs: \"PRIVATE_KEY\",\n    });\n  };\n\n  /**\n   * Asynchronous function that clears the user and resets the iframe stamper.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const account = await client.disconnect();\n   * ```\n   */\n  public override disconnect = async () => {\n    this.user = undefined;\n    this.iframeStamper.clear();\n  };\n\n  /**\n   * Redirects the user to the OAuth provider URL based on the provided arguments. This function will always reject after 1 second if the redirection does not occur.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * await client.oauthWithRedirect({\n   *   type: \"oauth\",\n   *   authProviderId: \"google\",\n   *   mode: \"redirect\",\n   *   redirectUrl: \"/\",\n   * });\n   * ```\n   *\n   * @param {Extract<AuthParams, { type: \"oauth\"; mode: \"redirect\" }>} args The arguments required to obtain the OAuth provider URL\n   * @returns {Promise<never>} A promise that will never resolve, only reject if the redirection fails\n   */\n  public override oauthWithRedirect = async (\n    args: Extract<AuthParams, { type: \"oauth\"; mode: \"redirect\" }>\n  ): Promise<never> => {\n    const providerUrl = await this.getOauthProviderUrl(args);\n    window.location.href = providerUrl;\n    return new Promise((_, reject) =>\n      setTimeout(() => reject(\"Failed to redirect to OAuth provider\"), 1000)\n    );\n  };\n\n  /**\n   * Initiates an OAuth authentication flow in a popup window and returns the authenticated user.\n   *\n   * @example\n   * ```ts\n   * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n   *\n   * const client = new AlchemySignerWebClient({\n   *  connection: {\n   *    apiKey: \"your-api-key\",\n   *  },\n   *  iframeConfig: {\n   *   iframeContainerId: \"signer-iframe-container\",\n   *  },\n   * });\n   *\n   * const user = await client.oauthWithPopup({\n   *  type: \"oauth\",\n   *  authProviderId: \"google\",\n   *  mode: \"popup\"\n   * });\n   * ```\n   *\n   * @param {Extract<AuthParams, { type: \"oauth\"; mode: \"popup\" }>} args The authentication parameters specifying OAuth type and popup mode\n   * @returns {Promise<User>} A promise that resolves to a `User` object containing the authenticated user information\n   */\n  public override oauthWithPopup = async (\n    args: Extract<AuthParams, { type: \"oauth\"; mode: \"popup\" }>\n  ): Promise<User> => {\n    const providerUrl = await this.getOauthProviderUrl(args);\n    const popup = window.open(\n      providerUrl,\n      \"_blank\",\n      \"popup,width=500,height=600\"\n    );\n    return new Promise((resolve, reject) => {\n      const handleMessage = (event: MessageEvent) => {\n        if (!event.data) {\n          return;\n        }\n        const { alchemyBundle: bundle, alchemyOrgId: orgId } = event.data;\n        if (bundle && orgId) {\n          cleanup();\n          this.completeAuthWithBundle({\n            bundle,\n            orgId,\n            connectedEventName: \"connectedOauth\",\n          }).then(resolve, reject);\n        }\n      };\n\n      window.addEventListener(\"message\", handleMessage);\n\n      const checkCloseIntervalId = setInterval(() => {\n        if (popup?.closed) {\n          cleanup();\n          reject(new Error(\"OAuth cancelled\"));\n        }\n      }, CHECK_CLOSE_INTERVAL);\n\n      const cleanup = () => {\n        window.removeEventListener(\"message\", handleMessage);\n        clearInterval(checkCloseIntervalId);\n      };\n    });\n  };\n\n  private getOauthProviderUrl = async (args: OauthParams): Promise<string> => {\n    const {\n      authProviderId,\n      isCustomProvider,\n      scope: providedScope,\n      claims: providedClaims,\n      mode,\n      redirectUrl,\n      expirationSeconds,\n    } = args;\n    const { codeChallenge, requestKey, authProviders } =\n      await this.getOauthConfigForMode(mode);\n    const authProvider = authProviders.find(\n      (provider) =>\n        provider.id === authProviderId &&\n        !!provider.isCustomProvider === !!isCustomProvider\n    );\n    if (!authProvider) {\n      throw new Error(`No auth provider found with id ${authProviderId}`);\n    }\n    let scope: string;\n    let claims: string | undefined;\n    if (providedScope) {\n      scope = providedScope;\n      claims = providedClaims;\n    } else {\n      if (isCustomProvider) {\n        throw new Error(\"scope must be provided for a custom provider\");\n      }\n      const scopeAndClaims = getDefaultScopeAndClaims(authProviderId);\n      if (!scopeAndClaims) {\n        throw new Error(\n          `Default scope not known for provider ${authProviderId}`\n        );\n      }\n      ({ scope, claims } = scopeAndClaims);\n    }\n    const { authEndpoint, clientId } = authProvider;\n    const turnkeyPublicKey = await this.initIframeStamper();\n    const nonce = getOauthNonce(turnkeyPublicKey);\n    const stateObject: OauthState = {\n      authProviderId,\n      isCustomProvider,\n      requestKey,\n      turnkeyPublicKey,\n      expirationSeconds,\n      redirectUrl:\n        mode === \"redirect\" ? resolveRelativeUrl(redirectUrl) : undefined,\n      openerOrigin: mode === \"popup\" ? window.location.origin : undefined,\n    };\n    const state = base64UrlEncode(\n      new TextEncoder().encode(JSON.stringify(stateObject))\n    );\n    const authUrl = new URL(authEndpoint);\n    const params: Record<string, string> = {\n      redirect_uri: this.oauthCallbackUrl,\n      response_type: \"code\",\n      scope,\n      state,\n      code_challenge: codeChallenge,\n      code_challenge_method: \"S256\",\n      prompt: \"select_account\",\n      client_id: clientId,\n      nonce,\n    };\n    if (claims) {\n      params.claims = claims;\n    }\n    authUrl.search = new URLSearchParams(params).toString();\n    return authUrl.toString();\n  };\n\n  private initIframeStamper = async () => {\n    if (!this.iframeStamper.publicKey()) {\n      await this.iframeStamper.init();\n    }\n\n    this.setStamper(this.iframeStamper);\n\n    return this.iframeStamper.publicKey()!;\n  };\n\n  private initWebauthnStamper = async (user: User | undefined = this.user) => {\n    this.setStamper(this.webauthnStamper);\n    if (user && user.credentialId) {\n      // The goal here is to allow us to cache the allowed credential, but this doesn't work with hybrid transport :(\n      this.webauthnStamper.allowCredentials = [\n        {\n          id: Buffer.from(user.credentialId, \"base64\"),\n          type: \"public-key\",\n          transports: [\"internal\", \"hybrid\"],\n        },\n      ];\n    }\n  };\n\n  protected override getWebAuthnAttestation = async (\n    options?: CredentialCreationOptionOverrides,\n    userDetails: { username: string } = {\n      username: this.user?.email ?? \"anonymous\",\n    }\n  ) => {\n    const challenge = generateRandomBuffer();\n    const authenticatorUserId = generateRandomBuffer();\n\n    const attestation = await getWebAuthnAttestation({\n      publicKey: {\n        ...options?.publicKey,\n        authenticatorSelection: {\n          residentKey: \"preferred\",\n          requireResidentKey: false,\n          userVerification: \"preferred\",\n          ...options?.publicKey?.authenticatorSelection,\n        },\n        challenge,\n        rp: {\n          id: window.location.hostname,\n          name: window.location.hostname,\n          ...options?.publicKey?.rp,\n        },\n        pubKeyCredParams: [\n          {\n            type: \"public-key\",\n            alg: -7,\n          },\n          {\n            type: \"public-key\",\n            alg: -257,\n          },\n        ],\n        user: {\n          id: authenticatorUserId,\n          name: userDetails.username,\n          displayName: userDetails.username,\n          ...options?.publicKey?.user,\n        },\n      },\n      signal: options?.signal,\n    });\n\n    // on iOS sometimes this is returned as empty or null, so handling that here\n    if (attestation.transports == null || attestation.transports.length === 0) {\n      attestation.transports = [\n        \"AUTHENTICATOR_TRANSPORT_INTERNAL\",\n        \"AUTHENTICATOR_TRANSPORT_HYBRID\",\n      ];\n    }\n\n    return { challenge, authenticatorUserId, attestation };\n  };\n\n  protected override getOauthConfig = async (): Promise<OauthConfig> => {\n    const publicKey = await this.initIframeStamper();\n    const nonce = getOauthNonce(publicKey);\n    return this.request(\"/v1/prepare-oauth\", { nonce });\n  };\n\n  private getOauthConfigForMode = async (\n    mode: OauthMode\n  ): Promise<OauthConfig> => {\n    if (this.oauthConfig) {\n      return this.oauthConfig;\n    } else if (mode === \"redirect\") {\n      return this.initOauth();\n    } else {\n      throw new Error(\n        \"enablePopupOauth must be set in configuration or signer.preparePopupOauth must be called before using popup-based OAuth login\"\n      );\n    }\n  };\n}\n\nfunction resolveRelativeUrl(url: string): string {\n  // Funny trick.\n  const a = document.createElement(\"a\");\n  a.href = url;\n  return a.href;\n}\n"]}

package/dist/esm/client/types.d.ts

@@ -1,6 +1,7 @@
 import type { Address } from "@aa-sdk/core";
 import type { TSignedRequest, getWebAuthnAttestation } from "@turnkey/http";
 import type { Hex } from "viem";
+import type { AuthParams } from "../signer";
 export type CredentialCreationOptionOverrides = {
     publicKey?: Partial<CredentialCreationOptions["publicKey"]>;
 } & Pick<CredentialCreationOptions, "signal">;
@@ -35,11 +36,27 @@ export type EmailAuthParams = {
     targetPublicKey: string;
     redirectParams?: URLSearchParams;
 };
+export type OauthParams = Extract<AuthParams, {
+    type: "oauth";
+}> & {
+    expirationSeconds?: number;
+};
 export type SignupResponse = {
     orgId: string;
     userId?: string;
     address?: Address;
 };
+export type OauthConfig = {
+    codeChallenge: string;
+    requestKey: string;
+    authProviders: AuthProviderConfig[];
+};
+export type AuthProviderConfig = {
+    id: string;
+    isCustomProvider?: boolean;
+    clientId: string;
+    authEndpoint: string;
+};
 export type SignerRoutes = SignerEndpoints[number]["Route"];
 export type SignerBody<T extends SignerRoutes> = Extract<SignerEndpoints[number], {
     Route: T;
@@ -93,6 +110,13 @@ export type SignerEndpoints = [
         Response: {
             signature: Hex;
         };
+    },
+    {
+        Route: "/v1/prepare-oauth";
+        Body: {
+            nonce: string;
+        };
+        Response: OauthConfig;
     }
 ];
 export type AlchemySignerClientEvents = {
@@ -100,6 +124,7 @@ export type AlchemySignerClientEvents = {
     authenticating(): void;
     connectedEmail(user: User, bundle: string): void;
     connectedPasskey(user: User): void;
+    connectedOauth(user: User, bundle: string): void;
     disconnected(): void;
 };
 export type AlchemySignerClientEvent = keyof AlchemySignerClientEvents;

package/dist/esm/client/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/client/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { Address } from \"@aa-sdk/core\";\nimport type { TSignedRequest, getWebAuthnAttestation } from \"@turnkey/http\";\nimport type { Hex } from \"viem\";\n\nexport type CredentialCreationOptionOverrides = {\n  publicKey?: Partial<CredentialCreationOptions[\"publicKey\"]>;\n} & Pick<CredentialCreationOptions, \"signal\">;\n\n// [!region User]\nexport type User = {\n  email?: string;\n  orgId: string;\n  userId: string;\n  address: Address;\n  credentialId?: string;\n};\n// [!endregion User]\n\nexport type ExportWalletParams = {\n  iframeContainerId: string;\n  iframeElementId?: string;\n};\n\nexport type CreateAccountParams =\n  | {\n      type: \"email\";\n      email: string;\n      expirationSeconds?: number;\n      redirectParams?: URLSearchParams;\n    }\n  | {\n      type: \"passkey\";\n      email: string;\n      creationOpts?: CredentialCreationOptionOverrides;\n    }\n  | {\n      type: \"passkey\";\n      username: string;\n      creationOpts?: CredentialCreationOptionOverrides;\n    };\n\nexport type EmailAuthParams = {\n  email: string;\n  expirationSeconds?: number;\n  targetPublicKey: string;\n  redirectParams?: URLSearchParams;\n};\n\nexport type SignupResponse = {\n  orgId: string;\n  userId?: string;\n  address?: Address;\n};\n\nexport type SignerRoutes = SignerEndpoints[number][\"Route\"];\nexport type SignerBody<T extends SignerRoutes> = Extract<\n  SignerEndpoints[number],\n  { Route: T }\n>[\"Body\"];\nexport type SignerResponse<T extends SignerRoutes> = Extract<\n  SignerEndpoints[number],\n  { Route: T }\n>[\"Response\"];\n\nexport type SignerEndpoints = [\n  {\n    Route: \"/v1/signup\";\n    Body:\n      | (Omit<EmailAuthParams, \"redirectParams\"> & { redirectParams?: string })\n      | {\n          passkey: {\n            challenge: string;\n            attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n          };\n        };\n    Response: SignupResponse;\n  },\n  {\n    Route: \"/v1/whoami\";\n    Body: {\n      stampedRequest: TSignedRequest;\n    };\n    Response: User;\n  },\n  {\n    Route: \"/v1/auth\";\n    Body: Omit<EmailAuthParams, \"redirectParams\"> & { redirectParams?: string };\n    Response: {\n      orgId: string;\n    };\n  },\n  {\n    Route: \"/v1/lookup\";\n    Body: {\n      email: string;\n    };\n    Response: {\n      orgId: string | null;\n    };\n  },\n  {\n    Route: \"/v1/sign-payload\";\n    Body: {\n      stampedRequest: TSignedRequest;\n    };\n    Response: {\n      signature: Hex;\n    };\n  }\n];\n\nexport type AlchemySignerClientEvents = {\n  connected(user: User): void;\n  authenticating(): void;\n  connectedEmail(user: User, bundle: string): void;\n  connectedPasskey(user: User): void;\n  disconnected(): void;\n};\n\nexport type AlchemySignerClientEvent = keyof AlchemySignerClientEvents;\n\nexport type GetWebAuthnAttestationResult = {\n  attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n  challenge: ArrayBuffer;\n  authenticatorUserId: ArrayBuffer;\n};\n"]}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/client/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { Address } from \"@aa-sdk/core\";\nimport type { TSignedRequest, getWebAuthnAttestation } from \"@turnkey/http\";\nimport type { Hex } from \"viem\";\nimport type { AuthParams } from \"../signer\";\n\nexport type CredentialCreationOptionOverrides = {\n  publicKey?: Partial<CredentialCreationOptions[\"publicKey\"]>;\n} & Pick<CredentialCreationOptions, \"signal\">;\n\n// [!region User]\nexport type User = {\n  email?: string;\n  orgId: string;\n  userId: string;\n  address: Address;\n  credentialId?: string;\n};\n// [!endregion User]\n\nexport type ExportWalletParams = {\n  iframeContainerId: string;\n  iframeElementId?: string;\n};\n\nexport type CreateAccountParams =\n  | {\n      type: \"email\";\n      email: string;\n      expirationSeconds?: number;\n      redirectParams?: URLSearchParams;\n    }\n  | {\n      type: \"passkey\";\n      email: string;\n      creationOpts?: CredentialCreationOptionOverrides;\n    }\n  | {\n      type: \"passkey\";\n      username: string;\n      creationOpts?: CredentialCreationOptionOverrides;\n    };\n\nexport type EmailAuthParams = {\n  email: string;\n  expirationSeconds?: number;\n  targetPublicKey: string;\n  redirectParams?: URLSearchParams;\n};\n\nexport type OauthParams = Extract<AuthParams, { type: \"oauth\" }> & {\n  expirationSeconds?: number;\n};\n\nexport type SignupResponse = {\n  orgId: string;\n  userId?: string;\n  address?: Address;\n};\n\nexport type OauthConfig = {\n  codeChallenge: string;\n  requestKey: string;\n  authProviders: AuthProviderConfig[];\n};\n\nexport type AuthProviderConfig = {\n  id: string;\n  isCustomProvider?: boolean;\n  clientId: string;\n  authEndpoint: string;\n};\n\nexport type SignerRoutes = SignerEndpoints[number][\"Route\"];\nexport type SignerBody<T extends SignerRoutes> = Extract<\n  SignerEndpoints[number],\n  { Route: T }\n>[\"Body\"];\nexport type SignerResponse<T extends SignerRoutes> = Extract<\n  SignerEndpoints[number],\n  { Route: T }\n>[\"Response\"];\n\nexport type SignerEndpoints = [\n  {\n    Route: \"/v1/signup\";\n    Body:\n      | (Omit<EmailAuthParams, \"redirectParams\"> & { redirectParams?: string })\n      | {\n          passkey: {\n            challenge: string;\n            attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n          };\n        };\n    Response: SignupResponse;\n  },\n  {\n    Route: \"/v1/whoami\";\n    Body: {\n      stampedRequest: TSignedRequest;\n    };\n    Response: User;\n  },\n  {\n    Route: \"/v1/auth\";\n    Body: Omit<EmailAuthParams, \"redirectParams\"> & { redirectParams?: string };\n    Response: {\n      orgId: string;\n    };\n  },\n  {\n    Route: \"/v1/lookup\";\n    Body: {\n      email: string;\n    };\n    Response: {\n      orgId: string | null;\n    };\n  },\n  {\n    Route: \"/v1/sign-payload\";\n    Body: {\n      stampedRequest: TSignedRequest;\n    };\n    Response: {\n      signature: Hex;\n    };\n  },\n  {\n    Route: \"/v1/prepare-oauth\";\n    Body: {\n      nonce: string;\n    };\n    Response: OauthConfig;\n  }\n];\n\nexport type AlchemySignerClientEvents = {\n  connected(user: User): void;\n  authenticating(): void;\n  connectedEmail(user: User, bundle: string): void;\n  connectedPasskey(user: User): void;\n  connectedOauth(user: User, bundle: string): void;\n  disconnected(): void;\n};\n\nexport type AlchemySignerClientEvent = keyof AlchemySignerClientEvents;\n\nexport type GetWebAuthnAttestationResult = {\n  attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n  challenge: ArrayBuffer;\n  authenticatorUserId: ArrayBuffer;\n};\n"]}