@account-kit/signer 4.17.0 → 4.18.0-alpha.3

package/src/client/index.ts

@@ -14,8 +14,10 @@ import type {
   CredentialCreationOptionOverrides,
   EmailAuthParams,
   ExportWalletParams,
+  JwtParams,
   OauthConfig,
   OtpParams,
+  JwtResponse,
   User,
 } from "./types.js";
 
@@ -245,6 +247,43 @@ export class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams>
     return { bundle: credentialBundle };
   }
 
+  /**
+   * Authenticates using a custom issued JWT
+   *
+   * @example
+   * ```ts
+   * import { AlchemySignerWebClient } from "@account-kit/signer";
+   *
+   * const client = new AlchemySignerWebClient({
+   *  connection: {
+   *    apiKey: "your-api-key",
+   *  },
+   *  iframeConfig: {
+   *   iframeContainerId: "signer-iframe-container",
+   *  },
+   * });
+   *
+   * const account = await client.submitJwt({
+   *   jwt: "custom-issued-jwt",
+   *   authProvider: "auth-provider-name",
+   * });
+   * ```
+   *
+   * @param {Omit<JwtParams, "targetPublicKey">} args The parameters for the JWT request, excluding the target public key.
+   * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle.
+   */
+  public override async submitJwt(
+    args: Omit<JwtParams, "targetPublicKey">
+  ): Promise<JwtResponse> {
+    this.eventEmitter.emit("authenticating", { type: "custom-jwt" });
+    const targetPublicKey = await this.initIframeStamper();
+    return this.request("/v1/auth-jwt", {
+      jwt: args.jwt,
+      targetPublicKey,
+      authProvider: args.authProvider,
+    });
+  }
+
   /**
    * Completes auth for the user by injecting a credential bundle and retrieving
    * the user information based on the provided organization ID. Emits events

package/src/client/types.ts

@@ -68,6 +68,18 @@ export type OtpParams = {
   expirationSeconds?: number;
 };
 
+export type JwtParams = {
+  jwt: string;
+  targetPublicKey: string;
+  authProvider: string;
+};
+
+export type JwtResponse = {
+  isSignUp: boolean;
+  orgId: string;
+  credentialBundle: string;
+};
+
 export type SignupResponse = {
   orgId: string;
   userId?: string;
@@ -168,6 +180,11 @@ export type SignerEndpoints = [
     Body: OtpParams;
     Response: { credentialBundle: string };
   },
+  {
+    Route: "/v1/auth-jwt";
+    Body: JwtParams;
+    Response: JwtResponse;
+  },
   {
     Route: "/v1/signer-config";
     Body: {};
@@ -176,7 +193,7 @@ export type SignerEndpoints = [
 ];
 
 export type AuthenticatingEventMetadata = {
-  type: "email" | "passkey" | "oauth" | "otp" | "otpVerify";
+  type: "email" | "passkey" | "oauth" | "otp" | "otpVerify" | "custom-jwt";
 };
 
 export type AlchemySignerClientEvents = {
@@ -187,6 +204,7 @@ export type AlchemySignerClientEvents = {
   connectedPasskey(user: User): void;
   connectedOauth(user: User, bundle: string): void;
   connectedOtp(user: User, bundle: string): void;
+  connectedJwt(user: User, bundle: string): void;
   disconnected(): void;
 };
 

package/src/metrics.ts

@@ -14,7 +14,8 @@ export type SignerEventsSchema = [
             | "oauthReturn";
           provider?: never;
         }
-      | { authType: "oauth"; provider: string };
+      | { authType: "oauth"; provider: string }
+      | { authType: "custom-jwt"; provider: string };
   },
   {
     EventName: "signer_sign_message";

package/src/oauth.ts

@@ -1,27 +1,41 @@
 import type { KnownAuthProvider } from "./signer";
 
-export type ScopeAndClaims = {
+export type AuthProviderCustomization = {
   scope: string;
   claims?: string;
+  otherParameters?: Record<string, string>;
 };
 
-const DEFAULT_SCOPE_AND_CLAIMS: Record<KnownAuthProvider, ScopeAndClaims> = {
+const DEFAULT_PROVIDER_CUSTOMIZATION: Record<
+  KnownAuthProvider,
+  AuthProviderCustomization
+> = {
   google: { scope: "openid email" },
   apple: { scope: "openid email" },
-  facebook: { scope: "openid email" },
+  facebook: {
+    scope: "openid email",
+    // Fixes Facebook mobile login so that `window.opener` doesn't get nullified.
+    otherParameters: { sdk: "joey" },
+  },
+  twitch: {
+    scope: "openid user:read:email",
+    claims: JSON.stringify({ id_token: { email: null } }),
+    // Forces Twitch to show the login page even if the user is already logged in.
+    otherParameters: { force_verify: "true" },
+  },
   auth0: { scope: "openid email" },
 };
 
 /**
- * Returns the default scope and claims when using a known auth provider
+ * Returns the default customization parameters when using a known auth provider
  *
  * @param {string} knownAuthProviderId id of a known auth provider, e.g. "google"
- * @returns {ScopeAndClaims | undefined} default scope and claims
+ * @returns {AuthProviderCustomization | undefined} default customization parameters
  */
-export function getDefaultScopeAndClaims(
+export function getDefaultProviderCustomization(
   knownAuthProviderId: KnownAuthProvider
-): ScopeAndClaims | undefined {
-  return DEFAULT_SCOPE_AND_CLAIMS[knownAuthProviderId];
+): AuthProviderCustomization | undefined {
+  return DEFAULT_PROVIDER_CUSTOMIZATION[knownAuthProviderId];
 }
 
 /**

package/src/session/manager.ts

@@ -92,6 +92,7 @@ export class SessionManager {
     switch (existingSession.type) {
       case "email":
       case "oauth":
+      case "custom-jwt":
       case "otp": {
         const connectedEventName = (() => {
           switch (existingSession.type) {
@@ -101,6 +102,8 @@ export class SessionManager {
               return "connectedOauth";
             case "otp":
               return "connectedOtp";
+            case "custom-jwt":
+              return "connectedJwt";
           }
         })();
         const result = await this.client
@@ -203,7 +206,7 @@ export class SessionManager {
   private setSession = (
     session_:
       | Omit<
-          Extract<Session, { type: "email" | "oauth" | "otp" }>,
+          Extract<Session, { type: "email" | "oauth" | "otp" | "custom-jwt" }>,
           "expirationDateMs"
         >
       | Omit<Extract<Session, { type: "passkey" }>, "expirationDateMs">
@@ -276,6 +279,8 @@ export class SessionManager {
       },
       connectedOauth: (user, bundle) =>
         this.setSessionWithUserAndBundle({ type: "oauth", user, bundle }),
+      connectedJwt: (user, bundle) =>
+        this.setSessionWithUserAndBundle({ type: "custom-jwt", user, bundle }),
       connectedOtp: (user, bundle) => {
         this.setSessionWithUserAndBundle({ type: "otp", user, bundle });
       },
@@ -331,7 +336,7 @@ export class SessionManager {
     user,
     bundle,
   }: {
-    type: "email" | "oauth" | "otp";
+    type: "email" | "oauth" | "otp" | "custom-jwt";
     user: User;
     bundle: string;
   }) => {

package/src/session/types.ts

@@ -2,7 +2,7 @@ import type { User } from "../client/types";
 
 export type Session =
   | {
-      type: "email" | "oauth" | "otp";
+      type: "email" | "oauth" | "otp" | "custom-jwt";
       bundle: string;
       expirationDateMs: number;
       user: User;

package/src/signer.ts

@@ -35,8 +35,13 @@ export type AuthParams =
       type: "oauth";
       scope?: string;
       claims?: string;
+      otherParameters?: Record<string, string>;
     } & OauthProviderConfig &
       OauthRedirectConfig)
+  | ({
+      type: "custom-jwt";
+      jwt: string;
+    } & OauthProviderConfig)
   | {
       type: "oauthReturn";
       bundle: string;
@@ -70,7 +75,12 @@ export type OauthRedirectConfig =
   | { mode: "redirect"; redirectUrl: string }
   | { mode: "popup"; redirectUrl?: never };
 
-export type KnownAuthProvider = "google" | "apple" | "facebook" | "auth0";
+export type KnownAuthProvider =
+  | "google"
+  | "apple"
+  | "facebook"
+  | "twitch"
+  | "auth0";
 
 export type OauthMode = "redirect" | "popup";
 

package/src/types.ts

@@ -19,6 +19,7 @@ export enum AlchemySignerStatus {
   AUTHENTICATING_OAUTH = "AUTHENTICATING_OAUTH",
   AWAITING_EMAIL_AUTH = "AWAITING_EMAIL_AUTH",
   AWAITING_OTP_AUTH = "AWAITING_OTP_AUTH",
+  AUTHENTICATING_JWT = "AUTHENTICATING_JWT",
 }
 
 export interface ErrorInfo {

package/src/version.ts

@@ -1,3 +1,3 @@
 // This file is autogenerated by inject-version.ts. Any changes will be
 // overwritten on commit!
-export const VERSION = "4.17.0";
+export const VERSION = "4.18.0-alpha.3";