@account-kit/signer 4.17.0 → 4.18.0-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/dist/esm/base.d.ts +1 -0
  2. package/dist/esm/base.js +34 -0
  3. package/dist/esm/base.js.map +1 -1
  4. package/dist/esm/client/base.d.ts +3 -2
  5. package/dist/esm/client/base.js +15 -20
  6. package/dist/esm/client/base.js.map +1 -1
  7. package/dist/esm/client/index.d.ts +27 -1
  8. package/dist/esm/client/index.js +35 -0
  9. package/dist/esm/client/index.js.map +1 -1
  10. package/dist/esm/client/types.d.ts +18 -1
  11. package/dist/esm/client/types.js.map +1 -1
  12. package/dist/esm/metrics.d.ts +3 -0
  13. package/dist/esm/metrics.js.map +1 -1
  14. package/dist/esm/oauth.d.ts +5 -4
  15. package/dist/esm/oauth.js +16 -6
  16. package/dist/esm/oauth.js.map +1 -1
  17. package/dist/esm/session/manager.js +4 -0
  18. package/dist/esm/session/manager.js.map +1 -1
  19. package/dist/esm/session/types.d.ts +1 -1
  20. package/dist/esm/session/types.js.map +1 -1
  21. package/dist/esm/signer.d.ts +6 -2
  22. package/dist/esm/signer.js.map +1 -1
  23. package/dist/esm/types.d.ts +2 -1
  24. package/dist/esm/types.js +1 -0
  25. package/dist/esm/types.js.map +1 -1
  26. package/dist/esm/version.d.ts +1 -1
  27. package/dist/esm/version.js +1 -1
  28. package/dist/esm/version.js.map +1 -1
  29. package/dist/types/base.d.ts +1 -0
  30. package/dist/types/base.d.ts.map +1 -1
  31. package/dist/types/client/base.d.ts +3 -2
  32. package/dist/types/client/base.d.ts.map +1 -1
  33. package/dist/types/client/index.d.ts +27 -1
  34. package/dist/types/client/index.d.ts.map +1 -1
  35. package/dist/types/client/types.d.ts +18 -1
  36. package/dist/types/client/types.d.ts.map +1 -1
  37. package/dist/types/metrics.d.ts +3 -0
  38. package/dist/types/metrics.d.ts.map +1 -1
  39. package/dist/types/oauth.d.ts +5 -4
  40. package/dist/types/oauth.d.ts.map +1 -1
  41. package/dist/types/session/manager.d.ts.map +1 -1
  42. package/dist/types/session/types.d.ts +1 -1
  43. package/dist/types/session/types.d.ts.map +1 -1
  44. package/dist/types/signer.d.ts +6 -2
  45. package/dist/types/signer.d.ts.map +1 -1
  46. package/dist/types/types.d.ts +2 -1
  47. package/dist/types/types.d.ts.map +1 -1
  48. package/dist/types/version.d.ts +1 -1
  49. package/dist/types/version.d.ts.map +1 -1
  50. package/package.json +4 -4
  51. package/src/base.ts +34 -0
  52. package/src/client/base.ts +25 -22
  53. package/src/client/index.ts +40 -0
  54. package/src/client/types.ts +20 -1
  55. package/src/metrics.ts +2 -1
  56. package/src/oauth.ts +22 -8
  57. package/src/session/manager.ts +7 -2
  58. package/src/session/types.ts +1 -1
  59. package/src/signer.ts +11 -1
  60. package/src/types.ts +1 -0
  61. package/src/version.ts +1 -1
package/dist/esm/client/index.d.ts CHANGED
@@ -2,7 +2,7 @@ import { BaseError } from "@aa-sdk/core";
2
2
  import { z } from "zod";
3
3
  import type { AuthParams } from "../signer.js";
4
4
  import { BaseSignerClient } from "./base.js";
5
- import type { AlchemySignerClientEvents, AuthenticatingEventMetadata, CreateAccountParams, CredentialCreationOptionOverrides, EmailAuthParams, ExportWalletParams, OauthConfig, OtpParams, User } from "./types.js";
5
+ import type { AlchemySignerClientEvents, AuthenticatingEventMetadata, CreateAccountParams, CredentialCreationOptionOverrides, EmailAuthParams, ExportWalletParams, JwtParams, OauthConfig, OtpParams, JwtResponse, User } from "./types.js";
6
6
  export declare const AlchemySignerClientParamsSchema: z.ZodObject<{
7
7
  connection: z.ZodUnion<[z.ZodObject<{
8
8
  rpcUrl: z.ZodOptional<z.ZodNever>;
@@ -233,6 +233,32 @@ export declare class AlchemySignerWebClient extends BaseSignerClient<ExportWalle
233
233
  submitOtpCode(args: Omit<OtpParams, "targetPublicKey">): Promise<{
234
234
  bundle: string;
235
235
  }>;
236
+ /**
237
+ * Authenticates using a custom issued JWT
238
+ *
239
+ * @example
240
+ * ```ts
241
+ * import { AlchemySignerWebClient } from "@account-kit/signer";
242
+ *
243
+ * const client = new AlchemySignerWebClient({
244
+ * connection: {
245
+ * apiKey: "your-api-key",
246
+ * },
247
+ * iframeConfig: {
248
+ * iframeContainerId: "signer-iframe-container",
249
+ * },
250
+ * });
251
+ *
252
+ * const account = await client.submitJwt({
253
+ * jwt: "custom-issued-jwt",
254
+ * authProvider: "auth-provider-name",
255
+ * });
256
+ * ```
257
+ *
258
+ * @param {Omit<JwtParams, "targetPublicKey">} args The parameters for the JWT request, excluding the target public key.
259
+ * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle.
260
+ */
261
+ submitJwt(args: Omit<JwtParams, "targetPublicKey">): Promise<JwtResponse>;
236
262
  /**
237
263
  * Completes auth for the user by injecting a credential bundle and retrieving
238
264
  * the user information based on the provided organization ID. Emits events
package/dist/esm/client/index.js CHANGED
@@ -645,6 +645,41 @@ export class AlchemySignerWebClient extends BaseSignerClient {
645
645
  });
646
646
  return { bundle: credentialBundle };
647
647
  }
648
+ /**
649
+ * Authenticates using a custom issued JWT
650
+ *
651
+ * @example
652
+ * ```ts
653
+ * import { AlchemySignerWebClient } from "@account-kit/signer";
654
+ *
655
+ * const client = new AlchemySignerWebClient({
656
+ * connection: {
657
+ * apiKey: "your-api-key",
658
+ * },
659
+ * iframeConfig: {
660
+ * iframeContainerId: "signer-iframe-container",
661
+ * },
662
+ * });
663
+ *
664
+ * const account = await client.submitJwt({
665
+ * jwt: "custom-issued-jwt",
666
+ * authProvider: "auth-provider-name",
667
+ * });
668
+ * ```
669
+ *
670
+ * @param {Omit<JwtParams, "targetPublicKey">} args The parameters for the JWT request, excluding the target public key.
671
+ * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle.
672
+ */
673
+ async submitJwt(args) {
674
+ this.eventEmitter.emit("authenticating", { type: "custom-jwt" });
675
+ const targetPublicKey = await this.initIframeStamper();
676
+ return this.request("/v1/auth-jwt", {
677
+ jwt: args.jwt,
678
+ targetPublicKey,
679
+ authProvider: args.authProvider,
680
+ expirationSeconds: args?.expirationSeconds,
681
+ });
682
+ }
648
683
  }
649
684
  /**
650
685
  * This error is thrown when the OAuth flow is cancelled because the auth popup
package/dist/esm/client/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAa7C,MAAM,oBAAoB,GAAG,GAAG,CAAC;AAEjC,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,CAAC,MAAM,CAAC;IACtD,UAAU,EAAE,sBAAsB;IAClC,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,gBAAgB,CAAC;QACrD,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE;KAC9B,CAAC;IACF,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,OAAO,CAAC,sCAAsC,CAAC;IAClD,gBAAgB,EAAE,CAAC;SAChB,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,OAAO,CAAC,qCAAqC,CAAC;IACjD,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CACxD,CAAC,CAAC;AAMH;;;GAGG;AACH,MAAM,OAAO,sBAAuB,SAAQ,gBAAoC;IAM9E;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,YAAY,MAAiC;QAC3C,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAgB,EAAE,GACnE,+BAA+B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEhD,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC;YACtC,eAAe,EAAE,YAAY,CAAC,eAAe;YAC7C,SAAS,EAAE,0BAA0B;YACrC,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,YAAY,CAAC,iBAAiB,CAAC;SACzE,CAAC,CAAC;QAEH,KAAK,CAAC;YACJ,UAAU;YACV,SAAS;YACT,OAAO,EAAE,aAAa;SACvB,CAAC,CAAC;QA1CG;;;;;WAA6B;QAC7B;;;;;WAAiC;QACzC;;;;;WAAyB;QACzB;;;;;WAA0B;QAmD1B;;;;;;;;;;;;;;;;;;;;;WAqBG;QACa;;;;mBAAgB,KAAK,EAAE,MAA2B,EAAE,EAAE;gBACpE,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC5B,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;oBAC1D,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;oBACvD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAEjD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;wBAChD,KAAK;wBACL,SAAS;wBACT,eAAe,EAAE,SAAS;wBAC1B,iBAAiB;wBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;qBAClD,CAAC,CAAC;oBAEH,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;gBAC9D,gCAAgC;gBAChC,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAClE,MAAM,CAAC,YAAY,EACnB,EAAE,QAAQ,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE,CACjE,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;oBAC9C,OAAO,EAAE;wBACP,SAAS,EAAE,eAAe,CAAC,SAAS,CAAC;wBACrC,WAAW;qBACZ;oBACD,KAAK,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACpD,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,GAAG;oBACV,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAQ;oBACxB,MAAM,EAAE,MAAM,CAAC,MAAO;oBACtB,YAAY,EAAE,WAAW,CAAC,YAAY;iBACvC,CAAC;gBACF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEtD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;WAsBG;QACa;;;;mBAAgB,KAAK,EACnC,MAAgD,EAChD,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;gBAC1D,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;gBACvD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAEjD,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE;oBAC9B,KAAK;oBACL,SAAS;oBACT,eAAe,EAAE,SAAS;oBAC1B,iBAAiB;oBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;iBAClD,CAAC,CAAC;YACL,CAAC;WAAC;QAwCF;;;;;;;;;;;;;;;;;;;;;;;;;;;;WA4BG;QACa;;;;mBAAyB,KAAK,EAAE,EAC9C,MAAM,EACN,KAAK,EACL,kBAAkB,EAClB,OAAO,EACP,kBAAkB,GAOnB,EAAiB,EAAE;gBAClB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBACvE,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAE/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC;gBAEvE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;gBACxD,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAE/C,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;gBAEzD,OAAO,IAAI,CAAC;YACd,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;WAqBG;QACa;;;;mBAAwB,KAAK,EAC3C,OAAyB,SAAS,EAClC,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;gBAC9D,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,IAAI,EAAE,CAAC;oBACT,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;oBACjB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,CAAC;oBACjD,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC/C,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;gBACvC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;gBAEnD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;WA0BG;QACa;;;;mBAAe,KAAK,EAAE,EACpC,iBAAiB,EACjB,eAAe,GAAG,uBAAuB,GACtB,EAAE,EAAE;gBACvB,MAAM,yBAAyB,GAAG,IAAI,aAAa,CAAC;oBAClD,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,iBAAiB,CAAC;oBAC3D,eAAe,EAAE,eAAe;oBAChC,SAAS,EAAE,4BAA4B;iBACxC,CAAC,CAAC;gBACH,MAAM,yBAAyB,CAAC,IAAI,EAAE,CAAC;gBAEvC,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;oBACtD,OAAO,IAAI,CAAC,iBAAiB,CAAC;wBAC5B,aAAa,EAAE,yBAAyB;wBACxC,QAAQ,EAAE,aAAa;qBACxB,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,IAAI,CAAC,iBAAiB,CAAC;oBAC5B,aAAa,EAAE,yBAAyB;oBACxC,QAAQ,EAAE,aAAa;iBACxB,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;WAkBG;QACa;;;;mBAAa,KAAK,IAAI,EAAE;gBACtC,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC;gBACtB,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;gBAC3B,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YAClC,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;WA0BG;QACa;;;;mBAAoB,KAAK,EACvC,IAA8D,EAC9C,EAAE;gBAClB,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAExD,MAAM,WAAW,GAAG,IAAI,CAAC;gBACzB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;oBACjD,WAAW;oBACX,gBAAgB;oBAChB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;iBACxC,CAAC,CAAC;gBAEH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;gBACnC,OAAO,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAC/B,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,sCAAsC,CAAC,EAAE,IAAI,CAAC,CACvE,CAAC;YACJ,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;WAyBG;QACa;;;;mBAAiB,KAAK,EACpC,IAA2D,EAC5C,EAAE;gBACjB,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACxD,MAAM,WAAW,GAAG,IAAI,CAAC;gBACzB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;oBACjD,WAAW;oBACX,gBAAgB;oBAChB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;iBACxC,CAAC,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CACvB,WAAW,EACX,QAAQ,EACR,4BAA4B,CAC7B,CAAC;gBACF,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;gBACvC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBACrC,MAAM,aAAa,GAAG,CAAC,KAAmB,EAAE,EAAE;wBAC5C,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;4BAChB,OAAO;wBACT,CAAC;wBACD,MAAM,EACJ,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,KAAK,EACnB,cAAc,EAAE,OAAO,EACvB,eAAe,EAAE,QAAQ,EACzB,YAAY,GACb,GAAG,KAAK,CAAC,IAAI,CAAC;wBACf,IAAI,MAAM,IAAI,KAAK,IAAI,OAAO,EAAE,CAAC;4BAC/B,OAAO,EAAE,CAAC;4BACV,KAAK,EAAE,KAAK,EAAE,CAAC;4BACf,IAAI,CAAC,sBAAsB,CAAC;gCAC1B,MAAM;gCACN,KAAK;gCACL,kBAAkB,EAAE,gBAAgB;gCACpC,OAAO;gCACP,kBAAkB,EAAE,OAAO;6BAC5B,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gCACf,IAAI,QAAQ,EAAE,CAAC;oCACb,YAAY,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gCACrC,CAAC;gCAED,OAAO,CAAC,IAAI,CAAC,CAAC;4BAChB,CAAC,EAAE,MAAM,CAAC,CAAC;wBACb,CAAC;6BAAM,IAAI,YAAY,EAAE,CAAC;4BACxB,OAAO,EAAE,CAAC;4BACV,KAAK,EAAE,KAAK,EAAE,CAAC;4BACf,MAAM,CAAC,IAAI,gBAAgB,CAAC,YAAY,CAAC,CAAC,CAAC;wBAC7C,CAAC;oBACH,CAAC,CAAC;oBAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;oBAElD,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,EAAE;wBAC5C,IAAI,KAAK,EAAE,MAAM,EAAE,CAAC;4BAClB,OAAO,EAAE,CAAC;4BACV,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC,CAAC;wBACpC,CAAC;oBACH,CAAC,EAAE,oBAAoB,CAAC,CAAC;oBAEzB,MAAM,OAAO,GAAG,GAAG,EAAE;wBACnB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;wBACrD,aAAa,CAAC,oBAAoB,CAAC,CAAC;oBACtC,CAAC,CAAC;gBACJ,CAAC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;WAoBG;QACa;;;;mBAAkB,KAAK,IAAqB,EAAE;gBAC5D,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAClC,CAAC;WAAC;QAEM;;;;mBAAoB,KAAK,IAAI,EAAE;gBACrC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC;oBACpC,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;gBAClC,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBAEpC,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAG,CAAC;YACzC,CAAC;WAAC;QAEM;;;;mBAAsB,KAAK,EAAE,OAAyB,IAAI,CAAC,IAAI,EAAE,EAAE;gBACzE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBACtC,IAAI,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;oBAC9B,+GAA+G;oBAC/G,IAAI,CAAC,eAAe,CAAC,gBAAgB,GAAG;wBACtC;4BACE,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC;4BAC5C,IAAI,EAAE,YAAY;4BAClB,UAAU,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;yBACnC;qBACF,CAAC;gBACJ,CAAC;YACH,CAAC;WAAC;QAEiB;;;;mBAAyB,KAAK,EAC/C,OAA2C,EAC3C,cAAoC;gBAClC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,WAAW;aAC1C,EACD,EAAE;gBACF,MAAM,SAAS,GAAG,oBAAoB,EAAE,CAAC;gBACzC,MAAM,mBAAmB,GAAG,oBAAoB,EAAE,CAAC;gBAEnD,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC;oBAC/C,SAAS,EAAE;wBACT,GAAG,OAAO,EAAE,SAAS;wBACrB,sBAAsB,EAAE;4BACtB,WAAW,EAAE,WAAW;4BACxB,kBAAkB,EAAE,KAAK;4BACzB,gBAAgB,EAAE,WAAW;4BAC7B,GAAG,OAAO,EAAE,SAAS,EAAE,sBAAsB;yBAC9C;wBACD,SAAS;wBACT,EAAE,EAAE;4BACF,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC5B,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC9B,GAAG,OAAO,EAAE,SAAS,EAAE,EAAE;yBAC1B;wBACD,gBAAgB,EAAE;4BAChB;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,CAAC;6BACR;4BACD;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,GAAG;6BACV;yBACF;wBACD,IAAI,EAAE;4BACJ,EAAE,EAAE,mBAAmB;4BACvB,IAAI,EAAE,WAAW,CAAC,QAAQ;4BAC1B,WAAW,EAAE,WAAW,CAAC,QAAQ;4BACjC,GAAG,OAAO,EAAE,SAAS,EAAE,IAAI;yBAC5B;qBACF;oBACD,MAAM,EAAE,OAAO,EAAE,MAAM;iBACxB,CAAC,CAAC;gBAEH,4EAA4E;gBAC5E,IAAI,WAAW,CAAC,UAAU,IAAI,IAAI,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC1E,WAAW,CAAC,UAAU,GAAG;wBACvB,kCAAkC;wBAClC,gCAAgC;qBACjC,CAAC;gBACJ,CAAC;gBAED,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,WAAW,EAAE,CAAC;YACzD,CAAC;WAAC;QAEiB;;;;mBAAiB,KAAK,IAA0B,EAAE;gBACnE,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;gBAClD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAEjD,uFAAuF;gBACvF,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;gBAChC,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;gBAC5C,OAAO,IAAI,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,CAAC;WAAC;QAjkBA,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,iBAAiB,GAAG,YAAY,CAAC,iBAAiB,CAAC;QAExD,IAAI,CAAC,eAAe,GAAG,IAAI,eAAe,CAAC;YACzC,IAAI,EAAE,IAAI,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ;SACvC,CAAC,CAAC;QAEH,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IAC3C,CAAC;IA2GD;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACa,KAAK,CAAC,aAAa,CACjC,IAAwC;QAExC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;QAChE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvD,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;YACzD,GAAG,IAAI;YACP,eAAe;SAChB,CAAC,CAAC;QACH,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtC,CAAC;CA2aF;AAED;;;GAGG;AACH,MAAM,OAAO,mBAAoB,SAAQ,SAAS;IAGhD;;;OAGG;IACH;QACE,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAPlB;;;;mBAAO,qBAAqB;WAAC;IAQtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,SAAS;IAA/C;;QACW;;;;mBAAO,kBAAkB;WAAC;IACrC,CAAC;CAAA","sourcesContent":["import { BaseError, ConnectionConfigSchema } from \"@aa-sdk/core\";\nimport { getWebAuthnAttestation } from \"@turnkey/http\";\nimport { IframeStamper } from \"@turnkey/iframe-stamper\";\nimport { WebauthnStamper } from \"@turnkey/webauthn-stamper\";\nimport { z } from \"zod\";\nimport type { AuthParams } from \"../signer.js\";\nimport { base64UrlEncode } from \"../utils/base64UrlEncode.js\";\nimport { generateRandomBuffer } from \"../utils/generateRandomBuffer.js\";\nimport { BaseSignerClient } from \"./base.js\";\nimport type {\n AlchemySignerClientEvents,\n AuthenticatingEventMetadata,\n CreateAccountParams,\n CredentialCreationOptionOverrides,\n EmailAuthParams,\n ExportWalletParams,\n OauthConfig,\n OtpParams,\n User,\n} from \"./types.js\";\n\nconst CHECK_CLOSE_INTERVAL = 500;\n\nexport const AlchemySignerClientParamsSchema = z.object({\n connection: ConnectionConfigSchema,\n iframeConfig: z.object({\n iframeElementId: z.string().default(\"turnkey-iframe\"),\n iframeContainerId: z.string(),\n }),\n rpId: z.string().optional(),\n rootOrgId: z\n .string()\n .optional()\n .default(\"24c1acf5-810f-41e0-a503-d5d13fa8e830\"),\n oauthCallbackUrl: z\n .string()\n .optional()\n .default(\"https://signer.alchemy.com/callback\"),\n enablePopupOauth: z.boolean().optional().default(false),\n});\n\nexport type AlchemySignerClientParams = z.input<\n typeof AlchemySignerClientParamsSchema\n>;\n\n/**\n * A lower level client used by the AlchemySigner used to communicate with\n * Alchemy's signer service.\n */\nexport class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams> {\n private iframeStamper: IframeStamper;\n private webauthnStamper: WebauthnStamper;\n oauthCallbackUrl: string;\n iframeContainerId: string;\n\n /**\n * Initializes a new instance with the given parameters, setting up the connection, iframe configuration, and WebAuthn stamper.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n * ```\n *\n * @param {AlchemySignerClientParams} params the parameters required to initialize the client\n * @param {ConnectionConfig} params.connection The connection details needed to connect to the service\n * @param {{ iframeElementId?: string; iframeContainerId: string }} params.iframeConfig The configuration details for setting up the iframe stamper\n * @param {string} params.rpId The relying party ID, defaulting to the current hostname if not provided\n * @param {string} params.rootOrgId The root organization ID\n */\n constructor(params: AlchemySignerClientParams) {\n const { connection, iframeConfig, rpId, rootOrgId, oauthCallbackUrl } =\n AlchemySignerClientParamsSchema.parse(params);\n\n const iframeStamper = new IframeStamper({\n iframeElementId: iframeConfig.iframeElementId,\n iframeUrl: \"https://auth.turnkey.com\",\n iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n });\n\n super({\n connection,\n rootOrgId,\n stamper: iframeStamper,\n });\n\n this.iframeStamper = iframeStamper;\n this.iframeContainerId = iframeConfig.iframeContainerId;\n\n this.webauthnStamper = new WebauthnStamper({\n rpId: rpId ?? window.location.hostname,\n });\n\n this.oauthCallbackUrl = oauthCallbackUrl;\n }\n\n /**\n * Authenticates the user by either email or passkey account creation flow. Emits events during the process.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.createAccount({ type: \"email\", email: \"you@mail.com\" });\n * ```\n *\n * @param {CreateAccountParams} params The parameters for creating an account, including the type (email or passkey) and additional details.\n * @returns {Promise<SignupResponse>} A promise that resolves with the response object containing the account creation result.\n */\n public override createAccount = async (params: CreateAccountParams) => {\n if (params.type === \"email\") {\n this.eventEmitter.emit(\"authenticating\", { type: \"otp\" });\n const { email, emailMode, expirationSeconds } = params;\n const publicKey = await this.initIframeStamper();\n\n const response = await this.request(\"/v1/signup\", {\n email,\n emailMode,\n targetPublicKey: publicKey,\n expirationSeconds,\n redirectParams: params.redirectParams?.toString(),\n });\n\n return response;\n }\n\n this.eventEmitter.emit(\"authenticating\", { type: \"passkey\" });\n // Passkey account creation flow\n const { attestation, challenge } = await this.getWebAuthnAttestation(\n params.creationOpts,\n { username: \"email\" in params ? params.email : params.username }\n );\n\n const result = await this.request(\"/v1/signup\", {\n passkey: {\n challenge: base64UrlEncode(challenge),\n attestation,\n },\n email: \"email\" in params ? params.email : undefined,\n });\n\n this.user = {\n orgId: result.orgId,\n address: result.address!,\n userId: result.userId!,\n credentialId: attestation.credentialId,\n };\n this.initWebauthnStamper(this.user);\n this.eventEmitter.emit(\"connectedPasskey\", this.user);\n\n return result;\n };\n\n /**\n * Begin authenticating a user with their email and an expiration time for the authentication request. Initializes the iframe stamper to get the target public key.\n * This method sends an email to the user to complete their login\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.initEmailAuth({ email: \"you@mail.com\" });\n * ```\n *\n * @param {Omit<EmailAuthParams, \"targetPublicKey\">} params The parameters for email authentication, excluding the target public key\n * @returns {Promise<any>} The response from the authentication request\n */\n public override initEmailAuth = async (\n params: Omit<EmailAuthParams, \"targetPublicKey\">\n ) => {\n this.eventEmitter.emit(\"authenticating\", { type: \"otp\" });\n const { email, emailMode, expirationSeconds } = params;\n const publicKey = await this.initIframeStamper();\n\n return this.request(\"/v1/auth\", {\n email,\n emailMode,\n targetPublicKey: publicKey,\n expirationSeconds,\n redirectParams: params.redirectParams?.toString(),\n });\n };\n\n /**\n * Authenticates using an OTP code which was previously received via email.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.submitOtpCode({\n * orgId: \"user-org-id\",\n * otpId: \"opt-returned-from-initEmailAuth\",\n * otpCode: \"otp-code-from-email\",\n * });\n * ```\n *\n * @param {Omit<OtpParams, \"targetPublicKey\">} args The parameters for the OTP request, excluding the target public key.\n * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle.\n */\n public override async submitOtpCode(\n args: Omit<OtpParams, \"targetPublicKey\">\n ): Promise<{ bundle: string }> {\n this.eventEmitter.emit(\"authenticating\", { type: \"otpVerify\" });\n const targetPublicKey = await this.initIframeStamper();\n const { credentialBundle } = await this.request(\"/v1/otp\", {\n ...args,\n targetPublicKey,\n });\n return { bundle: credentialBundle };\n }\n\n /**\n * Completes auth for the user by injecting a credential bundle and retrieving\n * the user information based on the provided organization ID. Emits events\n * during the process.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.completeAuthWithBundle({ orgId: \"user-org-id\", bundle: \"bundle-from-email\", connectedEventName: \"connectedEmail\" });\n * ```\n *\n * @param {{ bundle: string; orgId: string, connectedEventName: keyof AlchemySignerClientEvents, idToken?: string }} config\n * The configuration object for the authentication function containing the\n * credential bundle to inject and the organization id associated with the\n * user, as well as the event to be emitted on success and optionally an OIDC\n * ID token with extra user information\n * @returns {Promise<User>} A promise that resolves to the authenticated user\n * information\n */\n public override completeAuthWithBundle = async ({\n bundle,\n orgId,\n connectedEventName,\n idToken,\n authenticatingType,\n }: {\n bundle: string;\n orgId: string;\n connectedEventName: keyof AlchemySignerClientEvents;\n authenticatingType: AuthenticatingEventMetadata[\"type\"];\n idToken?: string;\n }): Promise<User> => {\n this.eventEmitter.emit(\"authenticating\", { type: authenticatingType });\n await this.initIframeStamper();\n\n const result = await this.iframeStamper.injectCredentialBundle(bundle);\n\n if (!result) {\n throw new Error(\"Failed to inject credential bundle\");\n }\n\n const user = await this.whoami(orgId, idToken);\n\n this.eventEmitter.emit(connectedEventName, user, bundle);\n\n return user;\n };\n\n /**\n * Asynchronously handles the authentication process using WebAuthn Stamper. If a user is provided, sets the user and returns it. Otherwise, retrieves the current user and initializes the WebAuthn stamper.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.lookupUserWithPasskey();\n * ```\n *\n * @param {User} [user] An optional user object to authenticate\n * @returns {Promise<User>} A promise that resolves to the authenticated user object\n */\n public override lookupUserWithPasskey = async (\n user: User | undefined = undefined\n ) => {\n this.eventEmitter.emit(\"authenticating\", { type: \"passkey\" });\n await this.initWebauthnStamper(user);\n if (user) {\n this.user = user;\n this.eventEmitter.emit(\"connectedPasskey\", user);\n return user;\n }\n\n const result = await this.whoami(this.rootOrg);\n await this.initWebauthnStamper(result);\n this.eventEmitter.emit(\"connectedPasskey\", result);\n\n return result;\n };\n\n /**\n * Initiates the export of a wallet by creating an iframe stamper and calling the appropriate export function.\n * The export can be based on a seed phrase or a private key.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.exportWallet({\n * iframeContainerId: \"export-iframe-container\",\n * });\n * ```\n *\n * @param {ExportWalletParams} config The parameters for exporting the wallet\n * @param {string} config.iframeContainerId The ID of the container element that will hold the iframe stamper\n * @param {string} [config.iframeElementId] Optional ID for the iframe element\n * @returns {Promise<void>} A promise that resolves when the export process is complete\n */\n public override exportWallet = async ({\n iframeContainerId,\n iframeElementId = \"turnkey-export-iframe\",\n }: ExportWalletParams) => {\n const exportWalletIframeStamper = new IframeStamper({\n iframeContainer: document.getElementById(iframeContainerId),\n iframeElementId: iframeElementId,\n iframeUrl: \"https://export.turnkey.com\",\n });\n await exportWalletIframeStamper.init();\n\n if (this.turnkeyClient.stamper === this.iframeStamper) {\n return this.exportWalletInner({\n exportStamper: exportWalletIframeStamper,\n exportAs: \"SEED_PHRASE\",\n });\n }\n\n return this.exportWalletInner({\n exportStamper: exportWalletIframeStamper,\n exportAs: \"PRIVATE_KEY\",\n });\n };\n\n /**\n * Asynchronous function that clears the user and resets the iframe stamper.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.disconnect();\n * ```\n */\n public override disconnect = async () => {\n this.user = undefined;\n this.iframeStamper.clear();\n await this.iframeStamper.init();\n };\n\n /**\n * Redirects the user to the OAuth provider URL based on the provided arguments. This function will always reject after 1 second if the redirection does not occur.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * await client.oauthWithRedirect({\n * type: \"oauth\",\n * authProviderId: \"google\",\n * mode: \"redirect\",\n * redirectUrl: \"/\",\n * });\n * ```\n *\n * @param {Extract<AuthParams, { type: \"oauth\"; mode: \"redirect\" }>} args The arguments required to obtain the OAuth provider URL\n * @returns {Promise<never>} A promise that will never resolve, only reject if the redirection fails\n */\n public override oauthWithRedirect = async (\n args: Extract<AuthParams, { type: \"oauth\"; mode: \"redirect\" }>\n ): Promise<never> => {\n const turnkeyPublicKey = await this.initIframeStamper();\n\n const oauthParams = args;\n const providerUrl = await this.getOauthProviderUrl({\n oauthParams,\n turnkeyPublicKey,\n oauthCallbackUrl: this.oauthCallbackUrl,\n });\n\n window.location.href = providerUrl;\n return new Promise((_, reject) =>\n setTimeout(() => reject(\"Failed to redirect to OAuth provider\"), 1000)\n );\n };\n\n /**\n * Initiates an OAuth authentication flow in a popup window and returns the authenticated user.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const user = await client.oauthWithPopup({\n * type: \"oauth\",\n * authProviderId: \"google\",\n * mode: \"popup\"\n * });\n * ```\n *\n * @param {Extract<AuthParams, { type: \"oauth\"; mode: \"popup\" }>} args The authentication parameters specifying OAuth type and popup mode\n * @returns {Promise<User>} A promise that resolves to a `User` object containing the authenticated user information\n */\n public override oauthWithPopup = async (\n args: Extract<AuthParams, { type: \"oauth\"; mode: \"popup\" }>\n ): Promise<User> => {\n const turnkeyPublicKey = await this.initIframeStamper();\n const oauthParams = args;\n const providerUrl = await this.getOauthProviderUrl({\n oauthParams,\n turnkeyPublicKey,\n oauthCallbackUrl: this.oauthCallbackUrl,\n });\n const popup = window.open(\n providerUrl,\n \"_blank\",\n \"popup,width=500,height=600\"\n );\n const eventEmitter = this.eventEmitter;\n return new Promise((resolve, reject) => {\n const handleMessage = (event: MessageEvent) => {\n if (!event.data) {\n return;\n }\n const {\n alchemyBundle: bundle,\n alchemyOrgId: orgId,\n alchemyIdToken: idToken,\n alchemyIsSignup: isSignup,\n alchemyError,\n } = event.data;\n if (bundle && orgId && idToken) {\n cleanup();\n popup?.close();\n this.completeAuthWithBundle({\n bundle,\n orgId,\n connectedEventName: \"connectedOauth\",\n idToken,\n authenticatingType: \"oauth\",\n }).then((user) => {\n if (isSignup) {\n eventEmitter.emit(\"newUserSignup\");\n }\n\n resolve(user);\n }, reject);\n } else if (alchemyError) {\n cleanup();\n popup?.close();\n reject(new OauthFailedError(alchemyError));\n }\n };\n\n window.addEventListener(\"message\", handleMessage);\n\n const checkCloseIntervalId = setInterval(() => {\n if (popup?.closed) {\n cleanup();\n reject(new OauthCancelledError());\n }\n }, CHECK_CLOSE_INTERVAL);\n\n const cleanup = () => {\n window.removeEventListener(\"message\", handleMessage);\n clearInterval(checkCloseIntervalId);\n };\n });\n };\n\n /**\n * Initializes the iframe stamper and returns its public key.\n *\n * @example\n * ```ts twoslash\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const publicKey = await client.targetPublicKey();\n * ```\n *\n * @returns {Promise<string>} A promise that resolves with the target public key when the iframe stamper is successfully initialized, or throws an error if the target public key is not supported.\n */\n public override targetPublicKey = async (): Promise<string> => {\n return this.initIframeStamper();\n };\n\n private initIframeStamper = async () => {\n if (!this.iframeStamper.publicKey()) {\n await this.iframeStamper.init();\n }\n\n this.setStamper(this.iframeStamper);\n\n return this.iframeStamper.publicKey()!;\n };\n\n private initWebauthnStamper = async (user: User | undefined = this.user) => {\n this.setStamper(this.webauthnStamper);\n if (user && user.credentialId) {\n // The goal here is to allow us to cache the allowed credential, but this doesn't work with hybrid transport :(\n this.webauthnStamper.allowCredentials = [\n {\n id: Buffer.from(user.credentialId, \"base64\"),\n type: \"public-key\",\n transports: [\"internal\", \"hybrid\"],\n },\n ];\n }\n };\n\n protected override getWebAuthnAttestation = async (\n options?: CredentialCreationOptionOverrides,\n userDetails: { username: string } = {\n username: this.user?.email ?? \"anonymous\",\n }\n ) => {\n const challenge = generateRandomBuffer();\n const authenticatorUserId = generateRandomBuffer();\n\n const attestation = await getWebAuthnAttestation({\n publicKey: {\n ...options?.publicKey,\n authenticatorSelection: {\n residentKey: \"preferred\",\n requireResidentKey: false,\n userVerification: \"preferred\",\n ...options?.publicKey?.authenticatorSelection,\n },\n challenge,\n rp: {\n id: window.location.hostname,\n name: window.location.hostname,\n ...options?.publicKey?.rp,\n },\n pubKeyCredParams: [\n {\n type: \"public-key\",\n alg: -7,\n },\n {\n type: \"public-key\",\n alg: -257,\n },\n ],\n user: {\n id: authenticatorUserId,\n name: userDetails.username,\n displayName: userDetails.username,\n ...options?.publicKey?.user,\n },\n },\n signal: options?.signal,\n });\n\n // on iOS sometimes this is returned as empty or null, so handling that here\n if (attestation.transports == null || attestation.transports.length === 0) {\n attestation.transports = [\n \"AUTHENTICATOR_TRANSPORT_INTERNAL\",\n \"AUTHENTICATOR_TRANSPORT_HYBRID\",\n ];\n }\n\n return { challenge, authenticatorUserId, attestation };\n };\n\n protected override getOauthConfig = async (): Promise<OauthConfig> => {\n const currentStamper = this.turnkeyClient.stamper;\n const publicKey = await this.initIframeStamper();\n\n // swap the stamper back in case the user logged in with a different stamper (passkeys)\n this.setStamper(currentStamper);\n const nonce = this.getOauthNonce(publicKey);\n return this.request(\"/v1/prepare-oauth\", { nonce });\n };\n}\n\n/**\n * This error is thrown when the OAuth flow is cancelled because the auth popup\n * window was closed.\n */\nexport class OauthCancelledError extends BaseError {\n override name = \"OauthCancelledError\";\n\n /**\n * Constructor for initializing an error indicating that the OAuth flow was\n * cancelled.\n */\n constructor() {\n super(\"OAuth cancelled\");\n }\n}\n\n/**\n * This error is thrown when an error occurs during the OAuth login flow.\n */\nexport class OauthFailedError extends BaseError {\n override name = \"OauthFailedError\";\n}\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/client/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAe7C,MAAM,oBAAoB,GAAG,GAAG,CAAC;AAEjC,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,CAAC,MAAM,CAAC;IACtD,UAAU,EAAE,sBAAsB;IAClC,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC;QACrB,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,gBAAgB,CAAC;QACrD,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE;KAC9B,CAAC;IACF,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,OAAO,CAAC,sCAAsC,CAAC;IAClD,gBAAgB,EAAE,CAAC;SAChB,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,OAAO,CAAC,qCAAqC,CAAC;IACjD,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CACxD,CAAC,CAAC;AAMH;;;GAGG;AACH,MAAM,OAAO,sBAAuB,SAAQ,gBAAoC;IAM9E;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,YAAY,MAAiC;QAC3C,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAgB,EAAE,GACnE,+BAA+B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEhD,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC;YACtC,eAAe,EAAE,YAAY,CAAC,eAAe;YAC7C,SAAS,EAAE,0BAA0B;YACrC,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,YAAY,CAAC,iBAAiB,CAAC;SACzE,CAAC,CAAC;QAEH,KAAK,CAAC;YACJ,UAAU;YACV,SAAS;YACT,OAAO,EAAE,aAAa;SACvB,CAAC,CAAC;QA1CG;;;;;WAA6B;QAC7B;;;;;WAAiC;QACzC;;;;;WAAyB;QACzB;;;;;WAA0B;QAmD1B;;;;;;;;;;;;;;;;;;;;;WAqBG;QACa;;;;mBAAgB,KAAK,EAAE,MAA2B,EAAE,EAAE;gBACpE,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC5B,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;oBAC1D,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;oBACvD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAEjD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;wBAChD,KAAK;wBACL,SAAS;wBACT,eAAe,EAAE,SAAS;wBAC1B,iBAAiB;wBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;qBAClD,CAAC,CAAC;oBAEH,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;gBAC9D,gCAAgC;gBAChC,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAClE,MAAM,CAAC,YAAY,EACnB,EAAE,QAAQ,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE,CACjE,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;oBAC9C,OAAO,EAAE;wBACP,SAAS,EAAE,eAAe,CAAC,SAAS,CAAC;wBACrC,WAAW;qBACZ;oBACD,KAAK,EAAE,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACpD,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,GAAG;oBACV,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAQ;oBACxB,MAAM,EAAE,MAAM,CAAC,MAAO;oBACtB,YAAY,EAAE,WAAW,CAAC,YAAY;iBACvC,CAAC;gBACF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEtD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;WAsBG;QACa;;;;mBAAgB,KAAK,EACnC,MAAgD,EAChD,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;gBAC1D,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC;gBACvD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAEjD,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE;oBAC9B,KAAK;oBACL,SAAS;oBACT,eAAe,EAAE,SAAS;oBAC1B,iBAAiB;oBACjB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE;iBAClD,CAAC,CAAC;YACL,CAAC;WAAC;QA8EF;;;;;;;;;;;;;;;;;;;;;;;;;;;;WA4BG;QACa;;;;mBAAyB,KAAK,EAAE,EAC9C,MAAM,EACN,KAAK,EACL,kBAAkB,EAClB,OAAO,EACP,kBAAkB,GAOnB,EAAiB,EAAE;gBAClB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBACvE,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAE/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC;gBAEvE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;gBACxD,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAE/C,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;gBAEzD,OAAO,IAAI,CAAC;YACd,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;WAqBG;QACa;;;;mBAAwB,KAAK,EAC3C,OAAyB,SAAS,EAClC,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;gBAC9D,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,IAAI,EAAE,CAAC;oBACT,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;oBACjB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,CAAC;oBACjD,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC/C,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;gBACvC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;gBAEnD,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;WA0BG;QACa;;;;mBAAe,KAAK,EAAE,EACpC,iBAAiB,EACjB,eAAe,GAAG,uBAAuB,GACtB,EAAE,EAAE;gBACvB,MAAM,yBAAyB,GAAG,IAAI,aAAa,CAAC;oBAClD,eAAe,EAAE,QAAQ,CAAC,cAAc,CAAC,iBAAiB,CAAC;oBAC3D,eAAe,EAAE,eAAe;oBAChC,SAAS,EAAE,4BAA4B;iBACxC,CAAC,CAAC;gBACH,MAAM,yBAAyB,CAAC,IAAI,EAAE,CAAC;gBAEvC,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;oBACtD,OAAO,IAAI,CAAC,iBAAiB,CAAC;wBAC5B,aAAa,EAAE,yBAAyB;wBACxC,QAAQ,EAAE,aAAa;qBACxB,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,IAAI,CAAC,iBAAiB,CAAC;oBAC5B,aAAa,EAAE,yBAAyB;oBACxC,QAAQ,EAAE,aAAa;iBACxB,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;WAkBG;QACa;;;;mBAAa,KAAK,IAAI,EAAE;gBACtC,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC;gBACtB,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;gBAC3B,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YAClC,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;WA0BG;QACa;;;;mBAAoB,KAAK,EACvC,IAA8D,EAC9C,EAAE;gBAClB,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAExD,MAAM,WAAW,GAAG,IAAI,CAAC;gBACzB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;oBACjD,WAAW;oBACX,gBAAgB;oBAChB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;iBACxC,CAAC,CAAC;gBAEH,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,WAAW,CAAC;gBACnC,OAAO,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAC/B,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,sCAAsC,CAAC,EAAE,IAAI,CAAC,CACvE,CAAC;YACJ,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;WAyBG;QACa;;;;mBAAiB,KAAK,EACpC,IAA2D,EAC5C,EAAE;gBACjB,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACxD,MAAM,WAAW,GAAG,IAAI,CAAC;gBACzB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;oBACjD,WAAW;oBACX,gBAAgB;oBAChB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;iBACxC,CAAC,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CACvB,WAAW,EACX,QAAQ,EACR,4BAA4B,CAC7B,CAAC;gBACF,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;gBACvC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBACrC,MAAM,aAAa,GAAG,CAAC,KAAmB,EAAE,EAAE;wBAC5C,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;4BAChB,OAAO;wBACT,CAAC;wBACD,MAAM,EACJ,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,KAAK,EACnB,cAAc,EAAE,OAAO,EACvB,eAAe,EAAE,QAAQ,EACzB,YAAY,GACb,GAAG,KAAK,CAAC,IAAI,CAAC;wBACf,IAAI,MAAM,IAAI,KAAK,IAAI,OAAO,EAAE,CAAC;4BAC/B,OAAO,EAAE,CAAC;4BACV,KAAK,EAAE,KAAK,EAAE,CAAC;4BACf,IAAI,CAAC,sBAAsB,CAAC;gCAC1B,MAAM;gCACN,KAAK;gCACL,kBAAkB,EAAE,gBAAgB;gCACpC,OAAO;gCACP,kBAAkB,EAAE,OAAO;6BAC5B,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gCACf,IAAI,QAAQ,EAAE,CAAC;oCACb,YAAY,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gCACrC,CAAC;gCAED,OAAO,CAAC,IAAI,CAAC,CAAC;4BAChB,CAAC,EAAE,MAAM,CAAC,CAAC;wBACb,CAAC;6BAAM,IAAI,YAAY,EAAE,CAAC;4BACxB,OAAO,EAAE,CAAC;4BACV,KAAK,EAAE,KAAK,EAAE,CAAC;4BACf,MAAM,CAAC,IAAI,gBAAgB,CAAC,YAAY,CAAC,CAAC,CAAC;wBAC7C,CAAC;oBACH,CAAC,CAAC;oBAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;oBAElD,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,EAAE;wBAC5C,IAAI,KAAK,EAAE,MAAM,EAAE,CAAC;4BAClB,OAAO,EAAE,CAAC;4BACV,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC,CAAC;wBACpC,CAAC;oBACH,CAAC,EAAE,oBAAoB,CAAC,CAAC;oBAEzB,MAAM,OAAO,GAAG,GAAG,EAAE;wBACnB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;wBACrD,aAAa,CAAC,oBAAoB,CAAC,CAAC;oBACtC,CAAC,CAAC;gBACJ,CAAC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;WAoBG;QACa;;;;mBAAkB,KAAK,IAAqB,EAAE;gBAC5D,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAClC,CAAC;WAAC;QAEM;;;;mBAAoB,KAAK,IAAI,EAAE;gBACrC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC;oBACpC,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;gBAClC,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBAEpC,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAG,CAAC;YACzC,CAAC;WAAC;QAEM;;;;mBAAsB,KAAK,EAAE,OAAyB,IAAI,CAAC,IAAI,EAAE,EAAE;gBACzE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBACtC,IAAI,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;oBAC9B,+GAA+G;oBAC/G,IAAI,CAAC,eAAe,CAAC,gBAAgB,GAAG;wBACtC;4BACE,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC;4BAC5C,IAAI,EAAE,YAAY;4BAClB,UAAU,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC;yBACnC;qBACF,CAAC;gBACJ,CAAC;YACH,CAAC;WAAC;QAEiB;;;;mBAAyB,KAAK,EAC/C,OAA2C,EAC3C,cAAoC;gBAClC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,WAAW;aAC1C,EACD,EAAE;gBACF,MAAM,SAAS,GAAG,oBAAoB,EAAE,CAAC;gBACzC,MAAM,mBAAmB,GAAG,oBAAoB,EAAE,CAAC;gBAEnD,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC;oBAC/C,SAAS,EAAE;wBACT,GAAG,OAAO,EAAE,SAAS;wBACrB,sBAAsB,EAAE;4BACtB,WAAW,EAAE,WAAW;4BACxB,kBAAkB,EAAE,KAAK;4BACzB,gBAAgB,EAAE,WAAW;4BAC7B,GAAG,OAAO,EAAE,SAAS,EAAE,sBAAsB;yBAC9C;wBACD,SAAS;wBACT,EAAE,EAAE;4BACF,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC5B,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;4BAC9B,GAAG,OAAO,EAAE,SAAS,EAAE,EAAE;yBAC1B;wBACD,gBAAgB,EAAE;4BAChB;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,CAAC;6BACR;4BACD;gCACE,IAAI,EAAE,YAAY;gCAClB,GAAG,EAAE,CAAC,GAAG;6BACV;yBACF;wBACD,IAAI,EAAE;4BACJ,EAAE,EAAE,mBAAmB;4BACvB,IAAI,EAAE,WAAW,CAAC,QAAQ;4BAC1B,WAAW,EAAE,WAAW,CAAC,QAAQ;4BACjC,GAAG,OAAO,EAAE,SAAS,EAAE,IAAI;yBAC5B;qBACF;oBACD,MAAM,EAAE,OAAO,EAAE,MAAM;iBACxB,CAAC,CAAC;gBAEH,4EAA4E;gBAC5E,IAAI,WAAW,CAAC,UAAU,IAAI,IAAI,IAAI,WAAW,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC1E,WAAW,CAAC,UAAU,GAAG;wBACvB,kCAAkC;wBAClC,gCAAgC;qBACjC,CAAC;gBACJ,CAAC;gBAED,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,WAAW,EAAE,CAAC;YACzD,CAAC;WAAC;QAEiB;;;;mBAAiB,KAAK,IAA0B,EAAE;gBACnE,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;gBAClD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAEjD,uFAAuF;gBACvF,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;gBAChC,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;gBAC5C,OAAO,IAAI,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YACtD,CAAC;WAAC;QAvmBA,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,iBAAiB,GAAG,YAAY,CAAC,iBAAiB,CAAC;QAExD,IAAI,CAAC,eAAe,GAAG,IAAI,eAAe,CAAC;YACzC,IAAI,EAAE,IAAI,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ;SACvC,CAAC,CAAC;QAEH,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IAC3C,CAAC;IA2GD;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACa,KAAK,CAAC,aAAa,CACjC,IAAwC;QAExC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;QAChE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvD,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;YACzD,GAAG,IAAI;YACP,eAAe;SAChB,CAAC,CAAC;QACH,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtC,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACa,KAAK,CAAC,SAAS,CAC7B,IAAwC;QAExC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;QACjE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvD,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE;YAClC,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,eAAe;YACf,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,iBAAiB,EAAE,IAAI,EAAE,iBAAiB;SAC3C,CAAC,CAAC;IACL,CAAC;CA2aF;AAED;;;GAGG;AACH,MAAM,OAAO,mBAAoB,SAAQ,SAAS;IAGhD;;;OAGG;IACH;QACE,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAPlB;;;;mBAAO,qBAAqB;WAAC;IAQtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,gBAAiB,SAAQ,SAAS;IAA/C;;QACW;;;;mBAAO,kBAAkB;WAAC;IACrC,CAAC;CAAA","sourcesContent":["import { BaseError, ConnectionConfigSchema } from \"@aa-sdk/core\";\nimport { getWebAuthnAttestation } from \"@turnkey/http\";\nimport { IframeStamper } from \"@turnkey/iframe-stamper\";\nimport { WebauthnStamper } from \"@turnkey/webauthn-stamper\";\nimport { z } from \"zod\";\nimport type { AuthParams } from \"../signer.js\";\nimport { base64UrlEncode } from \"../utils/base64UrlEncode.js\";\nimport { generateRandomBuffer } from \"../utils/generateRandomBuffer.js\";\nimport { BaseSignerClient } from \"./base.js\";\nimport type {\n AlchemySignerClientEvents,\n AuthenticatingEventMetadata,\n CreateAccountParams,\n CredentialCreationOptionOverrides,\n EmailAuthParams,\n ExportWalletParams,\n JwtParams,\n OauthConfig,\n OtpParams,\n JwtResponse,\n User,\n} from \"./types.js\";\n\nconst CHECK_CLOSE_INTERVAL = 500;\n\nexport const AlchemySignerClientParamsSchema = z.object({\n connection: ConnectionConfigSchema,\n iframeConfig: z.object({\n iframeElementId: z.string().default(\"turnkey-iframe\"),\n iframeContainerId: z.string(),\n }),\n rpId: z.string().optional(),\n rootOrgId: z\n .string()\n .optional()\n .default(\"24c1acf5-810f-41e0-a503-d5d13fa8e830\"),\n oauthCallbackUrl: z\n .string()\n .optional()\n .default(\"https://signer.alchemy.com/callback\"),\n enablePopupOauth: z.boolean().optional().default(false),\n});\n\nexport type AlchemySignerClientParams = z.input<\n typeof AlchemySignerClientParamsSchema\n>;\n\n/**\n * A lower level client used by the AlchemySigner used to communicate with\n * Alchemy's signer service.\n */\nexport class AlchemySignerWebClient extends BaseSignerClient<ExportWalletParams> {\n private iframeStamper: IframeStamper;\n private webauthnStamper: WebauthnStamper;\n oauthCallbackUrl: string;\n iframeContainerId: string;\n\n /**\n * Initializes a new instance with the given parameters, setting up the connection, iframe configuration, and WebAuthn stamper.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n * ```\n *\n * @param {AlchemySignerClientParams} params the parameters required to initialize the client\n * @param {ConnectionConfig} params.connection The connection details needed to connect to the service\n * @param {{ iframeElementId?: string; iframeContainerId: string }} params.iframeConfig The configuration details for setting up the iframe stamper\n * @param {string} params.rpId The relying party ID, defaulting to the current hostname if not provided\n * @param {string} params.rootOrgId The root organization ID\n */\n constructor(params: AlchemySignerClientParams) {\n const { connection, iframeConfig, rpId, rootOrgId, oauthCallbackUrl } =\n AlchemySignerClientParamsSchema.parse(params);\n\n const iframeStamper = new IframeStamper({\n iframeElementId: iframeConfig.iframeElementId,\n iframeUrl: \"https://auth.turnkey.com\",\n iframeContainer: document.getElementById(iframeConfig.iframeContainerId),\n });\n\n super({\n connection,\n rootOrgId,\n stamper: iframeStamper,\n });\n\n this.iframeStamper = iframeStamper;\n this.iframeContainerId = iframeConfig.iframeContainerId;\n\n this.webauthnStamper = new WebauthnStamper({\n rpId: rpId ?? window.location.hostname,\n });\n\n this.oauthCallbackUrl = oauthCallbackUrl;\n }\n\n /**\n * Authenticates the user by either email or passkey account creation flow. Emits events during the process.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.createAccount({ type: \"email\", email: \"you@mail.com\" });\n * ```\n *\n * @param {CreateAccountParams} params The parameters for creating an account, including the type (email or passkey) and additional details.\n * @returns {Promise<SignupResponse>} A promise that resolves with the response object containing the account creation result.\n */\n public override createAccount = async (params: CreateAccountParams) => {\n if (params.type === \"email\") {\n this.eventEmitter.emit(\"authenticating\", { type: \"otp\" });\n const { email, emailMode, expirationSeconds } = params;\n const publicKey = await this.initIframeStamper();\n\n const response = await this.request(\"/v1/signup\", {\n email,\n emailMode,\n targetPublicKey: publicKey,\n expirationSeconds,\n redirectParams: params.redirectParams?.toString(),\n });\n\n return response;\n }\n\n this.eventEmitter.emit(\"authenticating\", { type: \"passkey\" });\n // Passkey account creation flow\n const { attestation, challenge } = await this.getWebAuthnAttestation(\n params.creationOpts,\n { username: \"email\" in params ? params.email : params.username }\n );\n\n const result = await this.request(\"/v1/signup\", {\n passkey: {\n challenge: base64UrlEncode(challenge),\n attestation,\n },\n email: \"email\" in params ? params.email : undefined,\n });\n\n this.user = {\n orgId: result.orgId,\n address: result.address!,\n userId: result.userId!,\n credentialId: attestation.credentialId,\n };\n this.initWebauthnStamper(this.user);\n this.eventEmitter.emit(\"connectedPasskey\", this.user);\n\n return result;\n };\n\n /**\n * Begin authenticating a user with their email and an expiration time for the authentication request. Initializes the iframe stamper to get the target public key.\n * This method sends an email to the user to complete their login\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.initEmailAuth({ email: \"you@mail.com\" });\n * ```\n *\n * @param {Omit<EmailAuthParams, \"targetPublicKey\">} params The parameters for email authentication, excluding the target public key\n * @returns {Promise<any>} The response from the authentication request\n */\n public override initEmailAuth = async (\n params: Omit<EmailAuthParams, \"targetPublicKey\">\n ) => {\n this.eventEmitter.emit(\"authenticating\", { type: \"otp\" });\n const { email, emailMode, expirationSeconds } = params;\n const publicKey = await this.initIframeStamper();\n\n return this.request(\"/v1/auth\", {\n email,\n emailMode,\n targetPublicKey: publicKey,\n expirationSeconds,\n redirectParams: params.redirectParams?.toString(),\n });\n };\n\n /**\n * Authenticates using an OTP code which was previously received via email.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.submitOtpCode({\n * orgId: \"user-org-id\",\n * otpId: \"opt-returned-from-initEmailAuth\",\n * otpCode: \"otp-code-from-email\",\n * });\n * ```\n *\n * @param {Omit<OtpParams, \"targetPublicKey\">} args The parameters for the OTP request, excluding the target public key.\n * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle.\n */\n public override async submitOtpCode(\n args: Omit<OtpParams, \"targetPublicKey\">\n ): Promise<{ bundle: string }> {\n this.eventEmitter.emit(\"authenticating\", { type: \"otpVerify\" });\n const targetPublicKey = await this.initIframeStamper();\n const { credentialBundle } = await this.request(\"/v1/otp\", {\n ...args,\n targetPublicKey,\n });\n return { bundle: credentialBundle };\n }\n\n /**\n * Authenticates using a custom issued JWT\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.submitJwt({\n * jwt: \"custom-issued-jwt\",\n * authProvider: \"auth-provider-name\",\n * });\n * ```\n *\n * @param {Omit<JwtParams, \"targetPublicKey\">} args The parameters for the JWT request, excluding the target public key.\n * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle.\n */\n public override async submitJwt(\n args: Omit<JwtParams, \"targetPublicKey\">\n ): Promise<JwtResponse> {\n this.eventEmitter.emit(\"authenticating\", { type: \"custom-jwt\" });\n const targetPublicKey = await this.initIframeStamper();\n return this.request(\"/v1/auth-jwt\", {\n jwt: args.jwt,\n targetPublicKey,\n authProvider: args.authProvider,\n expirationSeconds: args?.expirationSeconds,\n });\n }\n\n /**\n * Completes auth for the user by injecting a credential bundle and retrieving\n * the user information based on the provided organization ID. Emits events\n * during the process.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.completeAuthWithBundle({ orgId: \"user-org-id\", bundle: \"bundle-from-email\", connectedEventName: \"connectedEmail\" });\n * ```\n *\n * @param {{ bundle: string; orgId: string, connectedEventName: keyof AlchemySignerClientEvents, idToken?: string }} config\n * The configuration object for the authentication function containing the\n * credential bundle to inject and the organization id associated with the\n * user, as well as the event to be emitted on success and optionally an OIDC\n * ID token with extra user information\n * @returns {Promise<User>} A promise that resolves to the authenticated user\n * information\n */\n public override completeAuthWithBundle = async ({\n bundle,\n orgId,\n connectedEventName,\n idToken,\n authenticatingType,\n }: {\n bundle: string;\n orgId: string;\n connectedEventName: keyof AlchemySignerClientEvents;\n authenticatingType: AuthenticatingEventMetadata[\"type\"];\n idToken?: string;\n }): Promise<User> => {\n this.eventEmitter.emit(\"authenticating\", { type: authenticatingType });\n await this.initIframeStamper();\n\n const result = await this.iframeStamper.injectCredentialBundle(bundle);\n\n if (!result) {\n throw new Error(\"Failed to inject credential bundle\");\n }\n\n const user = await this.whoami(orgId, idToken);\n\n this.eventEmitter.emit(connectedEventName, user, bundle);\n\n return user;\n };\n\n /**\n * Asynchronously handles the authentication process using WebAuthn Stamper. If a user is provided, sets the user and returns it. Otherwise, retrieves the current user and initializes the WebAuthn stamper.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.lookupUserWithPasskey();\n * ```\n *\n * @param {User} [user] An optional user object to authenticate\n * @returns {Promise<User>} A promise that resolves to the authenticated user object\n */\n public override lookupUserWithPasskey = async (\n user: User | undefined = undefined\n ) => {\n this.eventEmitter.emit(\"authenticating\", { type: \"passkey\" });\n await this.initWebauthnStamper(user);\n if (user) {\n this.user = user;\n this.eventEmitter.emit(\"connectedPasskey\", user);\n return user;\n }\n\n const result = await this.whoami(this.rootOrg);\n await this.initWebauthnStamper(result);\n this.eventEmitter.emit(\"connectedPasskey\", result);\n\n return result;\n };\n\n /**\n * Initiates the export of a wallet by creating an iframe stamper and calling the appropriate export function.\n * The export can be based on a seed phrase or a private key.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.exportWallet({\n * iframeContainerId: \"export-iframe-container\",\n * });\n * ```\n *\n * @param {ExportWalletParams} config The parameters for exporting the wallet\n * @param {string} config.iframeContainerId The ID of the container element that will hold the iframe stamper\n * @param {string} [config.iframeElementId] Optional ID for the iframe element\n * @returns {Promise<void>} A promise that resolves when the export process is complete\n */\n public override exportWallet = async ({\n iframeContainerId,\n iframeElementId = \"turnkey-export-iframe\",\n }: ExportWalletParams) => {\n const exportWalletIframeStamper = new IframeStamper({\n iframeContainer: document.getElementById(iframeContainerId),\n iframeElementId: iframeElementId,\n iframeUrl: \"https://export.turnkey.com\",\n });\n await exportWalletIframeStamper.init();\n\n if (this.turnkeyClient.stamper === this.iframeStamper) {\n return this.exportWalletInner({\n exportStamper: exportWalletIframeStamper,\n exportAs: \"SEED_PHRASE\",\n });\n }\n\n return this.exportWalletInner({\n exportStamper: exportWalletIframeStamper,\n exportAs: \"PRIVATE_KEY\",\n });\n };\n\n /**\n * Asynchronous function that clears the user and resets the iframe stamper.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const account = await client.disconnect();\n * ```\n */\n public override disconnect = async () => {\n this.user = undefined;\n this.iframeStamper.clear();\n await this.iframeStamper.init();\n };\n\n /**\n * Redirects the user to the OAuth provider URL based on the provided arguments. This function will always reject after 1 second if the redirection does not occur.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * await client.oauthWithRedirect({\n * type: \"oauth\",\n * authProviderId: \"google\",\n * mode: \"redirect\",\n * redirectUrl: \"/\",\n * });\n * ```\n *\n * @param {Extract<AuthParams, { type: \"oauth\"; mode: \"redirect\" }>} args The arguments required to obtain the OAuth provider URL\n * @returns {Promise<never>} A promise that will never resolve, only reject if the redirection fails\n */\n public override oauthWithRedirect = async (\n args: Extract<AuthParams, { type: \"oauth\"; mode: \"redirect\" }>\n ): Promise<never> => {\n const turnkeyPublicKey = await this.initIframeStamper();\n\n const oauthParams = args;\n const providerUrl = await this.getOauthProviderUrl({\n oauthParams,\n turnkeyPublicKey,\n oauthCallbackUrl: this.oauthCallbackUrl,\n });\n\n window.location.href = providerUrl;\n return new Promise((_, reject) =>\n setTimeout(() => reject(\"Failed to redirect to OAuth provider\"), 1000)\n );\n };\n\n /**\n * Initiates an OAuth authentication flow in a popup window and returns the authenticated user.\n *\n * @example\n * ```ts\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const user = await client.oauthWithPopup({\n * type: \"oauth\",\n * authProviderId: \"google\",\n * mode: \"popup\"\n * });\n * ```\n *\n * @param {Extract<AuthParams, { type: \"oauth\"; mode: \"popup\" }>} args The authentication parameters specifying OAuth type and popup mode\n * @returns {Promise<User>} A promise that resolves to a `User` object containing the authenticated user information\n */\n public override oauthWithPopup = async (\n args: Extract<AuthParams, { type: \"oauth\"; mode: \"popup\" }>\n ): Promise<User> => {\n const turnkeyPublicKey = await this.initIframeStamper();\n const oauthParams = args;\n const providerUrl = await this.getOauthProviderUrl({\n oauthParams,\n turnkeyPublicKey,\n oauthCallbackUrl: this.oauthCallbackUrl,\n });\n const popup = window.open(\n providerUrl,\n \"_blank\",\n \"popup,width=500,height=600\"\n );\n const eventEmitter = this.eventEmitter;\n return new Promise((resolve, reject) => {\n const handleMessage = (event: MessageEvent) => {\n if (!event.data) {\n return;\n }\n const {\n alchemyBundle: bundle,\n alchemyOrgId: orgId,\n alchemyIdToken: idToken,\n alchemyIsSignup: isSignup,\n alchemyError,\n } = event.data;\n if (bundle && orgId && idToken) {\n cleanup();\n popup?.close();\n this.completeAuthWithBundle({\n bundle,\n orgId,\n connectedEventName: \"connectedOauth\",\n idToken,\n authenticatingType: \"oauth\",\n }).then((user) => {\n if (isSignup) {\n eventEmitter.emit(\"newUserSignup\");\n }\n\n resolve(user);\n }, reject);\n } else if (alchemyError) {\n cleanup();\n popup?.close();\n reject(new OauthFailedError(alchemyError));\n }\n };\n\n window.addEventListener(\"message\", handleMessage);\n\n const checkCloseIntervalId = setInterval(() => {\n if (popup?.closed) {\n cleanup();\n reject(new OauthCancelledError());\n }\n }, CHECK_CLOSE_INTERVAL);\n\n const cleanup = () => {\n window.removeEventListener(\"message\", handleMessage);\n clearInterval(checkCloseIntervalId);\n };\n });\n };\n\n /**\n * Initializes the iframe stamper and returns its public key.\n *\n * @example\n * ```ts twoslash\n * import { AlchemySignerWebClient } from \"@account-kit/signer\";\n *\n * const client = new AlchemySignerWebClient({\n * connection: {\n * apiKey: \"your-api-key\",\n * },\n * iframeConfig: {\n * iframeContainerId: \"signer-iframe-container\",\n * },\n * });\n *\n * const publicKey = await client.targetPublicKey();\n * ```\n *\n * @returns {Promise<string>} A promise that resolves with the target public key when the iframe stamper is successfully initialized, or throws an error if the target public key is not supported.\n */\n public override targetPublicKey = async (): Promise<string> => {\n return this.initIframeStamper();\n };\n\n private initIframeStamper = async () => {\n if (!this.iframeStamper.publicKey()) {\n await this.iframeStamper.init();\n }\n\n this.setStamper(this.iframeStamper);\n\n return this.iframeStamper.publicKey()!;\n };\n\n private initWebauthnStamper = async (user: User | undefined = this.user) => {\n this.setStamper(this.webauthnStamper);\n if (user && user.credentialId) {\n // The goal here is to allow us to cache the allowed credential, but this doesn't work with hybrid transport :(\n this.webauthnStamper.allowCredentials = [\n {\n id: Buffer.from(user.credentialId, \"base64\"),\n type: \"public-key\",\n transports: [\"internal\", \"hybrid\"],\n },\n ];\n }\n };\n\n protected override getWebAuthnAttestation = async (\n options?: CredentialCreationOptionOverrides,\n userDetails: { username: string } = {\n username: this.user?.email ?? \"anonymous\",\n }\n ) => {\n const challenge = generateRandomBuffer();\n const authenticatorUserId = generateRandomBuffer();\n\n const attestation = await getWebAuthnAttestation({\n publicKey: {\n ...options?.publicKey,\n authenticatorSelection: {\n residentKey: \"preferred\",\n requireResidentKey: false,\n userVerification: \"preferred\",\n ...options?.publicKey?.authenticatorSelection,\n },\n challenge,\n rp: {\n id: window.location.hostname,\n name: window.location.hostname,\n ...options?.publicKey?.rp,\n },\n pubKeyCredParams: [\n {\n type: \"public-key\",\n alg: -7,\n },\n {\n type: \"public-key\",\n alg: -257,\n },\n ],\n user: {\n id: authenticatorUserId,\n name: userDetails.username,\n displayName: userDetails.username,\n ...options?.publicKey?.user,\n },\n },\n signal: options?.signal,\n });\n\n // on iOS sometimes this is returned as empty or null, so handling that here\n if (attestation.transports == null || attestation.transports.length === 0) {\n attestation.transports = [\n \"AUTHENTICATOR_TRANSPORT_INTERNAL\",\n \"AUTHENTICATOR_TRANSPORT_HYBRID\",\n ];\n }\n\n return { challenge, authenticatorUserId, attestation };\n };\n\n protected override getOauthConfig = async (): Promise<OauthConfig> => {\n const currentStamper = this.turnkeyClient.stamper;\n const publicKey = await this.initIframeStamper();\n\n // swap the stamper back in case the user logged in with a different stamper (passkeys)\n this.setStamper(currentStamper);\n const nonce = this.getOauthNonce(publicKey);\n return this.request(\"/v1/prepare-oauth\", { nonce });\n };\n}\n\n/**\n * This error is thrown when the OAuth flow is cancelled because the auth popup\n * window was closed.\n */\nexport class OauthCancelledError extends BaseError {\n override name = \"OauthCancelledError\";\n\n /**\n * Constructor for initializing an error indicating that the OAuth flow was\n * cancelled.\n */\n constructor() {\n super(\"OAuth cancelled\");\n }\n}\n\n/**\n * This error is thrown when an error occurs during the OAuth login flow.\n */\nexport class OauthFailedError extends BaseError {\n override name = \"OauthFailedError\";\n}\n"]}
package/dist/esm/client/types.d.ts CHANGED
@@ -56,6 +56,17 @@ export type OtpParams = {
56
56
  targetPublicKey: string;
57
57
  expirationSeconds?: number;
58
58
  };
59
+ export type JwtParams = {
60
+ jwt: string;
61
+ targetPublicKey: string;
62
+ authProvider: string;
63
+ expirationSeconds?: number;
64
+ };
65
+ export type JwtResponse = {
66
+ isSignUp: boolean;
67
+ orgId: string;
68
+ credentialBundle: string;
69
+ };
59
70
  export type SignupResponse = {
60
71
  orgId: string;
61
72
  userId?: string;
@@ -148,6 +159,11 @@ export type SignerEndpoints = [
148
159
  credentialBundle: string;
149
160
  };
150
161
  },
162
+ {
163
+ Route: "/v1/auth-jwt";
164
+ Body: JwtParams;
165
+ Response: JwtResponse;
166
+ },
151
167
  {
152
168
  Route: "/v1/signer-config";
153
169
  Body: {};
@@ -155,7 +171,7 @@ export type SignerEndpoints = [
155
171
  }
156
172
  ];
157
173
  export type AuthenticatingEventMetadata = {
158
- type: "email" | "passkey" | "oauth" | "otp" | "otpVerify";
174
+ type: "email" | "passkey" | "oauth" | "otp" | "otpVerify" | "custom-jwt";
159
175
  };
160
176
  export type AlchemySignerClientEvents = {
161
177
  connected(user: User): void;
@@ -165,6 +181,7 @@ export type AlchemySignerClientEvents = {
165
181
  connectedPasskey(user: User): void;
166
182
  connectedOauth(user: User, bundle: string): void;
167
183
  connectedOtp(user: User, bundle: string): void;
184
+ connectedJwt(user: User, bundle: string): void;
168
185
  disconnected(): void;
169
186
  };
170
187
  export type AlchemySignerClientEvent = keyof AlchemySignerClientEvents;
package/dist/esm/client/types.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/client/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { Address } from \"@aa-sdk/core\";\nimport type { TSignedRequest, getWebAuthnAttestation } from \"@turnkey/http\";\nimport type { Hex } from \"viem\";\nimport type { AuthParams } from \"../signer\";\n\nexport type CredentialCreationOptionOverrides = {\n publicKey?: Partial<CredentialCreationOptions[\"publicKey\"]>;\n} & Pick<CredentialCreationOptions, \"signal\">;\n\n// [!region User]\nexport type User = {\n email?: string;\n orgId: string;\n userId: string;\n address: Address;\n solanaAddress?: string;\n credentialId?: string;\n idToken?: string;\n claims?: Record<string, unknown>;\n};\n// [!endregion User]\n\nexport type ExportWalletParams = {\n iframeContainerId: string;\n iframeElementId?: string;\n};\n\nexport type CreateAccountParams =\n | {\n type: \"email\";\n email: string;\n /** @deprecated This option will be overriden by dashboard settings. Please use the dashboard settings instead. This option will be removed in a future release. */\n emailMode?: EmailType;\n expirationSeconds?: number;\n redirectParams?: URLSearchParams;\n }\n | {\n type: \"passkey\";\n email: string;\n creationOpts?: CredentialCreationOptionOverrides;\n }\n | {\n type: \"passkey\";\n username: string;\n creationOpts?: CredentialCreationOptionOverrides;\n };\n\nexport type EmailType = \"magicLink\" | \"otp\";\n\nexport type EmailAuthParams = {\n email: string;\n /** @deprecated This option will be overriden by dashboard settings. Please use the dashboard settings instead. This option will be removed in a future release. */\n emailMode?: EmailType;\n expirationSeconds?: number;\n targetPublicKey: string;\n redirectParams?: URLSearchParams;\n};\n\nexport type OauthParams = Extract<AuthParams, { type: \"oauth\" }> & {\n expirationSeconds?: number;\n};\n\nexport type OtpParams = {\n orgId: string;\n otpId: string;\n otpCode: string;\n targetPublicKey: string;\n expirationSeconds?: number;\n};\n\nexport type SignupResponse = {\n orgId: string;\n userId?: string;\n address?: Address;\n otpId?: string;\n};\n\nexport type OauthConfig = {\n codeChallenge: string;\n requestKey: string;\n authProviders: AuthProviderConfig[];\n};\n\nexport type EmailConfig = {\n mode?: \"MAGIC_LINK\" | \"OTP\";\n};\n\nexport type SignerConfig = {\n email: EmailConfig;\n};\n\nexport type AuthProviderConfig = {\n id: string;\n isCustomProvider?: boolean;\n clientId: string;\n authEndpoint: string;\n};\n\nexport type SignerRoutes = SignerEndpoints[number][\"Route\"];\nexport type SignerBody<T extends SignerRoutes> = Extract<\n SignerEndpoints[number],\n { Route: T }\n>[\"Body\"];\nexport type SignerResponse<T extends SignerRoutes> = Extract<\n SignerEndpoints[number],\n { Route: T }\n>[\"Response\"];\n\nexport type SignerEndpoints = [\n {\n Route: \"/v1/signup\";\n Body:\n | (Omit<EmailAuthParams, \"redirectParams\"> & {\n redirectParams?: string;\n })\n | {\n passkey: {\n challenge: string;\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n };\n };\n Response: SignupResponse;\n },\n {\n Route: \"/v1/whoami\";\n Body: {\n stampedRequest: TSignedRequest;\n };\n Response: User;\n },\n {\n Route: \"/v1/auth\";\n Body: Omit<EmailAuthParams, \"redirectParams\"> & {\n redirectParams?: string;\n };\n Response: {\n orgId: string;\n otpId?: string;\n };\n },\n {\n Route: \"/v1/lookup\";\n Body: {\n email: string;\n };\n Response: {\n orgId: string | null;\n };\n },\n {\n Route: \"/v1/sign-payload\";\n Body: {\n stampedRequest: TSignedRequest;\n };\n Response: {\n signature: Hex;\n };\n },\n {\n Route: \"/v1/prepare-oauth\";\n Body: {\n nonce: string;\n };\n Response: OauthConfig;\n },\n {\n Route: \"/v1/otp\";\n Body: OtpParams;\n Response: { credentialBundle: string };\n },\n {\n Route: \"/v1/signer-config\";\n Body: {};\n Response: SignerConfig;\n }\n];\n\nexport type AuthenticatingEventMetadata = {\n type: \"email\" | \"passkey\" | \"oauth\" | \"otp\" | \"otpVerify\";\n};\n\nexport type AlchemySignerClientEvents = {\n connected(user: User): void;\n newUserSignup(): void;\n authenticating(data: AuthenticatingEventMetadata): void;\n connectedEmail(user: User, bundle: string): void;\n connectedPasskey(user: User): void;\n connectedOauth(user: User, bundle: string): void;\n connectedOtp(user: User, bundle: string): void;\n disconnected(): void;\n};\n\nexport type AlchemySignerClientEvent = keyof AlchemySignerClientEvents;\n\nexport type GetWebAuthnAttestationResult = {\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n challenge: ArrayBuffer;\n authenticatorUserId: ArrayBuffer;\n};\n\nexport type OauthState = {\n authProviderId: string;\n isCustomProvider?: boolean;\n requestKey: string;\n turnkeyPublicKey: string;\n expirationSeconds?: number;\n redirectUrl?: string;\n openerOrigin?: string;\n};\n\nexport type GetOauthProviderUrlArgs = {\n oauthParams: OauthParams;\n turnkeyPublicKey: string;\n oauthCallbackUrl: string;\n oauthConfig?: OauthConfig;\n usesRelativeUrl?: boolean;\n};\n"]}
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/client/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { Address } from \"@aa-sdk/core\";\nimport type { TSignedRequest, getWebAuthnAttestation } from \"@turnkey/http\";\nimport type { Hex } from \"viem\";\nimport type { AuthParams } from \"../signer\";\n\nexport type CredentialCreationOptionOverrides = {\n publicKey?: Partial<CredentialCreationOptions[\"publicKey\"]>;\n} & Pick<CredentialCreationOptions, \"signal\">;\n\n// [!region User]\nexport type User = {\n email?: string;\n orgId: string;\n userId: string;\n address: Address;\n solanaAddress?: string;\n credentialId?: string;\n idToken?: string;\n claims?: Record<string, unknown>;\n};\n// [!endregion User]\n\nexport type ExportWalletParams = {\n iframeContainerId: string;\n iframeElementId?: string;\n};\n\nexport type CreateAccountParams =\n | {\n type: \"email\";\n email: string;\n /** @deprecated This option will be overriden by dashboard settings. Please use the dashboard settings instead. This option will be removed in a future release. */\n emailMode?: EmailType;\n expirationSeconds?: number;\n redirectParams?: URLSearchParams;\n }\n | {\n type: \"passkey\";\n email: string;\n creationOpts?: CredentialCreationOptionOverrides;\n }\n | {\n type: \"passkey\";\n username: string;\n creationOpts?: CredentialCreationOptionOverrides;\n };\n\nexport type EmailType = \"magicLink\" | \"otp\";\n\nexport type EmailAuthParams = {\n email: string;\n /** @deprecated This option will be overriden by dashboard settings. Please use the dashboard settings instead. This option will be removed in a future release. */\n emailMode?: EmailType;\n expirationSeconds?: number;\n targetPublicKey: string;\n redirectParams?: URLSearchParams;\n};\n\nexport type OauthParams = Extract<AuthParams, { type: \"oauth\" }> & {\n expirationSeconds?: number;\n};\n\nexport type OtpParams = {\n orgId: string;\n otpId: string;\n otpCode: string;\n targetPublicKey: string;\n expirationSeconds?: number;\n};\n\nexport type JwtParams = {\n jwt: string;\n targetPublicKey: string;\n authProvider: string;\n expirationSeconds?: number;\n};\n\nexport type JwtResponse = {\n isSignUp: boolean;\n orgId: string;\n credentialBundle: string;\n};\n\nexport type SignupResponse = {\n orgId: string;\n userId?: string;\n address?: Address;\n otpId?: string;\n};\n\nexport type OauthConfig = {\n codeChallenge: string;\n requestKey: string;\n authProviders: AuthProviderConfig[];\n};\n\nexport type EmailConfig = {\n mode?: \"MAGIC_LINK\" | \"OTP\";\n};\n\nexport type SignerConfig = {\n email: EmailConfig;\n};\n\nexport type AuthProviderConfig = {\n id: string;\n isCustomProvider?: boolean;\n clientId: string;\n authEndpoint: string;\n};\n\nexport type SignerRoutes = SignerEndpoints[number][\"Route\"];\nexport type SignerBody<T extends SignerRoutes> = Extract<\n SignerEndpoints[number],\n { Route: T }\n>[\"Body\"];\nexport type SignerResponse<T extends SignerRoutes> = Extract<\n SignerEndpoints[number],\n { Route: T }\n>[\"Response\"];\n\nexport type SignerEndpoints = [\n {\n Route: \"/v1/signup\";\n Body:\n | (Omit<EmailAuthParams, \"redirectParams\"> & {\n redirectParams?: string;\n })\n | {\n passkey: {\n challenge: string;\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n };\n };\n Response: SignupResponse;\n },\n {\n Route: \"/v1/whoami\";\n Body: {\n stampedRequest: TSignedRequest;\n };\n Response: User;\n },\n {\n Route: \"/v1/auth\";\n Body: Omit<EmailAuthParams, \"redirectParams\"> & {\n redirectParams?: string;\n };\n Response: {\n orgId: string;\n otpId?: string;\n };\n },\n {\n Route: \"/v1/lookup\";\n Body: {\n email: string;\n };\n Response: {\n orgId: string | null;\n };\n },\n {\n Route: \"/v1/sign-payload\";\n Body: {\n stampedRequest: TSignedRequest;\n };\n Response: {\n signature: Hex;\n };\n },\n {\n Route: \"/v1/prepare-oauth\";\n Body: {\n nonce: string;\n };\n Response: OauthConfig;\n },\n {\n Route: \"/v1/otp\";\n Body: OtpParams;\n Response: { credentialBundle: string };\n },\n {\n Route: \"/v1/auth-jwt\";\n Body: JwtParams;\n Response: JwtResponse;\n },\n {\n Route: \"/v1/signer-config\";\n Body: {};\n Response: SignerConfig;\n }\n];\n\nexport type AuthenticatingEventMetadata = {\n type: \"email\" | \"passkey\" | \"oauth\" | \"otp\" | \"otpVerify\" | \"custom-jwt\";\n};\n\nexport type AlchemySignerClientEvents = {\n connected(user: User): void;\n newUserSignup(): void;\n authenticating(data: AuthenticatingEventMetadata): void;\n connectedEmail(user: User, bundle: string): void;\n connectedPasskey(user: User): void;\n connectedOauth(user: User, bundle: string): void;\n connectedOtp(user: User, bundle: string): void;\n connectedJwt(user: User, bundle: string): void;\n disconnected(): void;\n};\n\nexport type AlchemySignerClientEvent = keyof AlchemySignerClientEvents;\n\nexport type GetWebAuthnAttestationResult = {\n attestation: Awaited<ReturnType<typeof getWebAuthnAttestation>>;\n challenge: ArrayBuffer;\n authenticatorUserId: ArrayBuffer;\n};\n\nexport type OauthState = {\n authProviderId: string;\n isCustomProvider?: boolean;\n requestKey: string;\n turnkeyPublicKey: string;\n expirationSeconds?: number;\n redirectUrl?: string;\n openerOrigin?: string;\n};\n\nexport type GetOauthProviderUrlArgs = {\n oauthParams: OauthParams;\n turnkeyPublicKey: string;\n oauthCallbackUrl: string;\n oauthConfig?: OauthConfig;\n usesRelativeUrl?: boolean;\n};\n"]}
package/dist/esm/metrics.d.ts CHANGED
@@ -7,6 +7,9 @@ export type SignerEventsSchema = [
7
7
  } | {
8
8
  authType: "oauth";
9
9
  provider: string;
10
+ } | {
11
+ authType: "custom-jwt";
12
+ provider: string;
10
13
  };
11
14
  },
12
15
  {
package/dist/esm/metrics.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../src/metrics.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAuBvC,MAAM,CAAC,MAAM,YAAY,GAAG,YAAY,CAAqB;IAC3D,OAAO,EAAE,qBAAqB;IAC9B,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC","sourcesContent":["import { createLogger } from \"@account-kit/logging\";\nimport { VERSION } from \"./version.js\";\n\nexport type SignerEventsSchema = [\n {\n EventName: \"signer_authnticate\";\n EventData:\n | {\n authType:\n | \"email\"\n | \"passkey_anon\"\n | \"passkey_email\"\n | \"otp\"\n | \"oauthReturn\";\n provider?: never;\n }\n | { authType: \"oauth\"; provider: string };\n },\n {\n EventName: \"signer_sign_message\";\n EventData: undefined;\n }\n];\n\nexport const SignerLogger = createLogger<SignerEventsSchema>({\n package: \"@account-kit/signer\",\n version: VERSION,\n});\n"]}
1
+ {"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../src/metrics.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAwBvC,MAAM,CAAC,MAAM,YAAY,GAAG,YAAY,CAAqB;IAC3D,OAAO,EAAE,qBAAqB;IAC9B,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC","sourcesContent":["import { createLogger } from \"@account-kit/logging\";\nimport { VERSION } from \"./version.js\";\n\nexport type SignerEventsSchema = [\n {\n EventName: \"signer_authnticate\";\n EventData:\n | {\n authType:\n | \"email\"\n | \"passkey_anon\"\n | \"passkey_email\"\n | \"otp\"\n | \"oauthReturn\";\n provider?: never;\n }\n | { authType: \"oauth\"; provider: string }\n | { authType: \"custom-jwt\"; provider: string };\n },\n {\n EventName: \"signer_sign_message\";\n EventData: undefined;\n }\n];\n\nexport const SignerLogger = createLogger<SignerEventsSchema>({\n package: \"@account-kit/signer\",\n version: VERSION,\n});\n"]}
package/dist/esm/oauth.d.ts CHANGED
@@ -1,15 +1,16 @@
1
1
  import type { KnownAuthProvider } from "./signer";
2
- export type ScopeAndClaims = {
2
+ export type AuthProviderCustomization = {
3
3
  scope: string;
4
4
  claims?: string;
5
+ otherParameters?: Record<string, string>;
5
6
  };
6
7
  /**
7
- * Returns the default scope and claims when using a known auth provider
8
+ * Returns the default customization parameters when using a known auth provider
8
9
  *
9
10
  * @param {string} knownAuthProviderId id of a known auth provider, e.g. "google"
10
- * @returns {ScopeAndClaims | undefined} default scope and claims
11
+ * @returns {AuthProviderCustomization | undefined} default customization parameters
11
12
  */
12
- export declare function getDefaultScopeAndClaims(knownAuthProviderId: KnownAuthProvider): ScopeAndClaims | undefined;
13
+ export declare function getDefaultProviderCustomization(knownAuthProviderId: KnownAuthProvider): AuthProviderCustomization | undefined;
13
14
  /**
14
15
  * "openid" is a required scope in the OIDC protocol. Insert it if the user
15
16
  * forgot.
package/dist/esm/oauth.js CHANGED
@@ -1,17 +1,27 @@
1
- const DEFAULT_SCOPE_AND_CLAIMS = {
1
+ const DEFAULT_PROVIDER_CUSTOMIZATION = {
2
2
  google: { scope: "openid email" },
3
3
  apple: { scope: "openid email" },
4
- facebook: { scope: "openid email" },
4
+ facebook: {
5
+ scope: "openid email",
6
+ // Fixes Facebook mobile login so that `window.opener` doesn't get nullified.
7
+ otherParameters: { sdk: "joey" },
8
+ },
9
+ twitch: {
10
+ scope: "openid user:read:email",
11
+ claims: JSON.stringify({ id_token: { email: null } }),
12
+ // Forces Twitch to show the login page even if the user is already logged in.
13
+ otherParameters: { force_verify: "true" },
14
+ },
5
15
  auth0: { scope: "openid email" },
6
16
  };
7
17
  /**
8
- * Returns the default scope and claims when using a known auth provider
18
+ * Returns the default customization parameters when using a known auth provider
9
19
  *
10
20
  * @param {string} knownAuthProviderId id of a known auth provider, e.g. "google"
11
- * @returns {ScopeAndClaims | undefined} default scope and claims
21
+ * @returns {AuthProviderCustomization | undefined} default customization parameters
12
22
  */
13
- export function getDefaultScopeAndClaims(knownAuthProviderId) {
14
- return DEFAULT_SCOPE_AND_CLAIMS[knownAuthProviderId];
23
+ export function getDefaultProviderCustomization(knownAuthProviderId) {
24
+ return DEFAULT_PROVIDER_CUSTOMIZATION[knownAuthProviderId];
15
25
  }
16
26
  /**
17
27
  * "openid" is a required scope in the OIDC protocol. Insert it if the user
package/dist/esm/oauth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/oauth.ts"],"names":[],"mappings":"AAOA,MAAM,wBAAwB,GAA8C;IAC1E,MAAM,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE;IACjC,KAAK,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE;IAChC,QAAQ,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE;IACnC,KAAK,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE;CACjC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,UAAU,wBAAwB,CACtC,mBAAsC;IAEtC,OAAO,wBAAwB,CAAC,mBAAmB,CAAC,CAAC;AACvD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,OAAO,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,KAAK,EAAE,CAAC;AAC/D,CAAC","sourcesContent":["import type { KnownAuthProvider } from \"./signer\";\n\nexport type ScopeAndClaims = {\n scope: string;\n claims?: string;\n};\n\nconst DEFAULT_SCOPE_AND_CLAIMS: Record<KnownAuthProvider, ScopeAndClaims> = {\n google: { scope: \"openid email\" },\n apple: { scope: \"openid email\" },\n facebook: { scope: \"openid email\" },\n auth0: { scope: \"openid email\" },\n};\n\n/**\n * Returns the default scope and claims when using a known auth provider\n *\n * @param {string} knownAuthProviderId id of a known auth provider, e.g. \"google\"\n * @returns {ScopeAndClaims | undefined} default scope and claims\n */\nexport function getDefaultScopeAndClaims(\n knownAuthProviderId: KnownAuthProvider\n): ScopeAndClaims | undefined {\n return DEFAULT_SCOPE_AND_CLAIMS[knownAuthProviderId];\n}\n\n/**\n * \"openid\" is a required scope in the OIDC protocol. Insert it if the user\n * forgot.\n *\n * @param {string} scope scope param which may be missing \"openid\"\n * @returns {string} scope which most definitely contains \"openid\"\n */\nexport function addOpenIdIfAbsent(scope: string): string {\n return scope.match(/\\bopenid\\b/) ? scope : `openid ${scope}`;\n}\n"]}
1
+ {"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/oauth.ts"],"names":[],"mappings":"AAQA,MAAM,8BAA8B,GAGhC;IACF,MAAM,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE;IACjC,KAAK,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE;IAChC,QAAQ,EAAE;QACR,KAAK,EAAE,cAAc;QACrB,6EAA6E;QAC7E,eAAe,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE;KACjC;IACD,MAAM,EAAE;QACN,KAAK,EAAE,wBAAwB;QAC/B,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC;QACrD,8EAA8E;QAC9E,eAAe,EAAE,EAAE,YAAY,EAAE,MAAM,EAAE;KAC1C;IACD,KAAK,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE;CACjC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,UAAU,+BAA+B,CAC7C,mBAAsC;IAEtC,OAAO,8BAA8B,CAAC,mBAAmB,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,OAAO,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,KAAK,EAAE,CAAC;AAC/D,CAAC","sourcesContent":["import type { KnownAuthProvider } from \"./signer\";\n\nexport type AuthProviderCustomization = {\n scope: string;\n claims?: string;\n otherParameters?: Record<string, string>;\n};\n\nconst DEFAULT_PROVIDER_CUSTOMIZATION: Record<\n KnownAuthProvider,\n AuthProviderCustomization\n> = {\n google: { scope: \"openid email\" },\n apple: { scope: \"openid email\" },\n facebook: {\n scope: \"openid email\",\n // Fixes Facebook mobile login so that `window.opener` doesn't get nullified.\n otherParameters: { sdk: \"joey\" },\n },\n twitch: {\n scope: \"openid user:read:email\",\n claims: JSON.stringify({ id_token: { email: null } }),\n // Forces Twitch to show the login page even if the user is already logged in.\n otherParameters: { force_verify: \"true\" },\n },\n auth0: { scope: \"openid email\" },\n};\n\n/**\n * Returns the default customization parameters when using a known auth provider\n *\n * @param {string} knownAuthProviderId id of a known auth provider, e.g. \"google\"\n * @returns {AuthProviderCustomization | undefined} default customization parameters\n */\nexport function getDefaultProviderCustomization(\n knownAuthProviderId: KnownAuthProvider\n): AuthProviderCustomization | undefined {\n return DEFAULT_PROVIDER_CUSTOMIZATION[knownAuthProviderId];\n}\n\n/**\n * \"openid\" is a required scope in the OIDC protocol. Insert it if the user\n * forgot.\n *\n * @param {string} scope scope param which may be missing \"openid\"\n * @returns {string} scope which most definitely contains \"openid\"\n */\nexport function addOpenIdIfAbsent(scope: string): string {\n return scope.match(/\\bopenid\\b/) ? scope : `openid ${scope}`;\n}\n"]}
package/dist/esm/session/manager.js CHANGED
@@ -66,6 +66,7 @@ export class SessionManager {
66
66
  switch (existingSession.type) {
67
67
  case "email":
68
68
  case "oauth":
69
+ case "custom-jwt":
69
70
  case "otp": {
70
71
  const connectedEventName = (() => {
71
72
  switch (existingSession.type) {
@@ -75,6 +76,8 @@ export class SessionManager {
75
76
  return "connectedOauth";
76
77
  case "otp":
77
78
  return "connectedOtp";
79
+ case "custom-jwt":
80
+ return "connectedJwt";
78
81
  }
79
82
  })();
80
83
  const result = await this.client
@@ -216,6 +219,7 @@ export class SessionManager {
216
219
  this.setSession({ type: "passkey", user });
217
220
  },
218
221
  connectedOauth: (user, bundle) => this.setSessionWithUserAndBundle({ type: "oauth", user, bundle }),
222
+ connectedJwt: (user, bundle) => this.setSessionWithUserAndBundle({ type: "custom-jwt", user, bundle }),
219
223
  connectedOtp: (user, bundle) => {
220
224
  this.setSessionWithUserAndBundle({ type: "otp", user, bundle });
221
225
  },
package/dist/esm/session/manager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"manager.js","sourceRoot":"","sources":["../../../src/session/manager.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,iBAAiB,EACjB,OAAO,EACP,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,WAAW,EAA8B,MAAM,iBAAiB,CAAC;AAO1E,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAGzD,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AAE/D,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAAC;IACjD,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,wBAAwB,CAAC;IACxD,OAAO,EAAE,CAAC;SACP,IAAI,CAAC,CAAC,cAAc,EAAE,gBAAgB,CAAC,CAAC;SACxC,OAAO,CAAC,cAAc,CAAC;SACvB,EAAE,CAAC,CAAC,CAAC,MAAM,EAAW,CAAC;IAC1B,gBAAgB,EAAE,CAAC;SAChB,MAAM,EAAE;SACR,OAAO,CAAC,kBAAkB,CAAC;SAC3B,QAAQ,CACP,2FAA2F,CAC5F;IACH,MAAM,EAAE,CAAC,CAAC,MAAM,EAAoB;CACrC,CAAC,CAAC;AAeH,MAAM,OAAO,cAAc;IAQzB,YAAY,MAA4B;QAPhC;;;;;WAAmB;QACnB;;;;;WAAyB;QACzB;;;;;WAAiD;QAChD;;;;;WAAyB;QAC1B;;;;;WAAa;QACb;;;;mBAA4C,IAAI;WAAC;QAgClD;;;;mBAAiB,KAAK,IAA0B,EAAE;gBACvD,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;gBAC1C,IAAI,eAAe,IAAI,IAAI,EAAE,CAAC;oBAC5B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,QAAQ,eAAe,CAAC,IAAI,EAAE,CAAC;oBAC7B,KAAK,OAAO,CAAC;oBACb,KAAK,OAAO,CAAC;oBACb,KAAK,KAAK,CAAC,CAAC,CAAC;wBACX,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE;4BAC/B,QAAQ,eAAe,CAAC,IAAI,EAAE,CAAC;gCAC7B,KAAK,OAAO;oCACV,OAAO,gBAAgB,CAAC;gCAC1B,KAAK,OAAO;oCACV,OAAO,gBAAgB,CAAC;gCAC1B,KAAK,KAAK;oCACR,OAAO,cAAc,CAAC;4BAC1B,CAAC;wBACH,CAAC,CAAC,EAAE,CAAC;wBACL,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM;6BAC7B,sBAAsB,CAAC;4BACtB,MAAM,EAAE,eAAe,CAAC,MAAM;4BAC9B,KAAK,EAAE,eAAe,CAAC,IAAI,CAAC,KAAK;4BACjC,kBAAkB,EAAE,eAAe,CAAC,IAAI;4BACxC,kBAAkB;4BAClB,OAAO,EAAE,eAAe,CAAC,IAAI,CAAC,OAAO;yBACtC,CAAC;6BACD,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACX,OAAO,CAAC,IAAI,CAAC,kCAAkC,EAAE,CAAC,CAAC,CAAC;4BACpD,OAAO,IAAI,CAAC;wBACd,CAAC,CAAC,CAAC;wBAEL,IAAI,CAAC,MAAM,EAAE,CAAC;4BACZ,IAAI,CAAC,YAAY,EAAE,CAAC;4BACpB,OAAO,IAAI,CAAC;wBACd,CAAC;wBAED,OAAO,MAAM,CAAC;oBAChB,CAAC;oBACD,KAAK,SAAS,CAAC,CAAC,CAAC;wBACf,0DAA0D;wBAC1D,wDAAwD;wBACxD,gEAAgE;wBAChE,kBAAkB;wBAClB,OAAO,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBACjE,CAAC;oBACD;wBACE,WAAW,CACT,eAAe,EACf,yBAA0B,eAAuB,CAAC,IAAI,EAAE,CACzD,CAAC;gBACN,CAAC;YACH,CAAC;WAAC;QAEK;;;;mBAAe,GAAG,EAAE;gBACzB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;gBACvC,YAAY,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,UAAU,YAAY,CAAC,CAAC;gBAExD,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBAC5B,YAAY,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC;WAAC;QAEK;;;;mBAAsB,CAAC,OAAyB,EAAE,EAAE;gBACzD,0FAA0F;gBAC1F,YAAY,CAAC,OAAO,CAClB,GAAG,IAAI,CAAC,UAAU,YAAY,EAC9B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CACxB,CAAC;YACJ,CAAC;WAAC;QAEK;;;;mBAAsB,GAA4B,EAAE;gBACzD,0FAA0F;gBAC1F,MAAM,UAAU,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,YAAY,CAAC,CAAC;gBAExE,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,OAAO,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YAChC,CAAC;WAAC;QAEF;;;;mBAAK,CACH,KAAQ,EACR,QAAiC,EACjC,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;gBAE7C,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;YACxE,CAAC;WAAC;QAEM;;;;mBAAa,GAAmB,EAAE;gBACxC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC;gBAE9C,IAAI,CAAC,OAAO,EAAE,CAAC;oBACb,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED;;;;;;mBAMG;gBACH,IAAI,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;oBAC1C,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;oBACzB,IAAI,CAAC,YAAY,EAAE,CAAC;oBACpB,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;gBAE/C,OAAO,OAAO,CAAC;YACjB,CAAC;WAAC;QAEM;;;;mBAAa,CACnB,QAKmE,EACnE,EAAE;gBACF,MAAM,OAAO,GAAG;oBACd,GAAG,QAAQ;oBACX,gBAAgB,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,gBAAgB;iBACrD,CAAC;gBAEF,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;gBAE/C,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YACnC,CAAC;WAAC;QAoBM;;;;mBAAyB,GAAG,EAAE;gBACpC,IAAI,CAAC,KAAK,CAAC,SAAS,CAClB,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,OAAO,EACxB,CAAC,OAAO,EAAE,WAAW,EAAE,EAAE;oBACvB,IAAI,OAAO,IAAI,IAAI,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;wBAC3C,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;oBAC/C,CAAC;yBAAM,IAAI,OAAO,IAAI,IAAI,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;wBAClD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBACzC,CAAC;gBACH,CAAC,CACF,CAAC;gBAUF,MAAM,SAAS,GAAc;oBAC3B,SAAS,EAAE,SAAS;oBACpB,aAAa,EAAE,SAAS;oBACxB,cAAc,EAAE,SAAS;oBACzB,cAAc,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAC/B,IAAI,CAAC,2BAA2B,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;oBACnE,gBAAgB,EAAE,CAAC,IAAI,EAAE,EAAE;wBACzB,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;wBAC1C,IACE,eAAe,IAAI,IAAI;4BACvB,eAAe,CAAC,IAAI,KAAK,SAAS;4BAClC,eAAe,CAAC,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,EAC3C,CAAC;4BACD,OAAO;wBACT,CAAC;wBAED,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;oBAC7C,CAAC;oBACD,cAAc,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAC/B,IAAI,CAAC,2BAA2B,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;oBACnE,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE;wBAC7B,IAAI,CAAC,2BAA2B,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;oBAClE,CAAC;oBACD,YAAY,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,EAAE;iBACxC,CAAC;gBAEF,KAAK,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC1D,IAAI,QAAQ,EAAE,CAAC;wBACb,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,KAAiC,EAAE,QAAQ,CAAC,CAAC;oBAC9D,CAAC;gBACH,CAAC;gBAED,mEAAmE;gBACnE,8BAA8B;gBAC9B,2EAA2E;gBAC3E,IAAI,CAAC;oBACH,IACE,OAAO,MAAM,KAAK,WAAW;wBAC7B,OAAO,MAAM,CAAC,gBAAgB,KAAK,WAAW,EAC9C,CAAC;wBACD,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;4BACpC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC;4BACjD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;4BAC/B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC;4BACjD,IACE,CAAC,UAAU,EAAE,gBAAgB,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE;gCAChD,UAAU,EAAE,IAAI,CAAC,KAAK,KAAK,UAAU,EAAE,IAAI,CAAC,KAAK;gCACjD,UAAU,EAAE,IAAI,CAAC,MAAM,KAAK,UAAU,EAAE,IAAI,CAAC,MAAM,EACnD,CAAC;gCACD,sCAAsC;gCACtC,IAAI,CAAC,UAAU,EAAE,CAAC;4BACpB,CAAC;wBACH,CAAC,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,CAAC,CAAC,CAAC;gBACxD,CAAC;YACH,CAAC;WAAC;QAEM;;;;mBAAmC,CAAC,OAAgB,EAAE,EAAE;gBAC9D,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBAC5B,YAAY,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;gBACxC,CAAC;gBAED,IAAI,CAAC,kBAAkB,GAAG,UAAU,CAAC,GAAG,EAAE;oBACxC,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;oBACzB,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC3E,CAAC;WAAC;QAEM;;;;mBAA8B,CAAC,EACrC,IAAI,EACJ,IAAI,EACJ,MAAM,GAKP,EAAE,EAAE;gBACH,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;gBAC1C,IACE,eAAe,IAAI,IAAI;oBACvB,eAAe,CAAC,IAAI,KAAK,IAAI;oBAC7B,eAAe,CAAC,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM;oBAC3C,+DAA+D;oBAC/D,kCAAkC;oBAClC,eAAe,CAAC,MAAM,KAAK,MAAM,EACjC,CAAC;oBACD,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;YAC1C,CAAC;WAAC;QAtSA,MAAM,EACJ,UAAU,EACV,OAAO,EAAE,WAAW,EACpB,gBAAgB,EAChB,MAAM,GACP,GAAG,0BAA0B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,MAAM,OAAO,GACX,OAAO,WAAW,KAAK,QAAQ;YAC7B,CAAC,CAAC,WAAW,KAAK,cAAc;gBAC9B,CAAC,CAAC,YAAY;gBACd,CAAC,CAAC,cAAc;YAClB,CAAC,CAAC,WAAW,CAAC;QAClB,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;QACzC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,EAAwB,CAAC;QAE7D,IAAI,CAAC,KAAK,GAAG,WAAW,CACtB,qBAAqB,CACnB,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,IAAI,EAAE,IAAI,CAAC,UAAU;YACrB,OAAO,EAAE,iBAAiB,CAAe,GAAG,EAAE,CAAC,OAAO,CAAC;SACxD,CAAC,CACH,CACF,CAAC;QAEF,IAAI,CAAC,sBAAsB,EAAE,CAAC;IAChC,CAAC;IAyIM,UAAU;QACf,IAAI,CAAC,cAAc,EAAE;aAClB,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;YACb,4FAA4F;YAC5F,IAAI,IAAI;gBAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,UAAU,EAAG,CAAC,CAAC;;gBAC7D,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC9C,CAAC,CAAC;aACD,OAAO,CAAC,GAAG,EAAE;YACZ,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,eAAe;QACrB,OAAO;YACL,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;CAmHF","sourcesContent":["import EventEmitter from \"eventemitter3\";\nimport { z } from \"zod\";\nimport {\n createJSONStorage,\n persist,\n subscribeWithSelector,\n} from \"zustand/middleware\";\nimport { createStore, type Mutate, type StoreApi } from \"zustand/vanilla\";\nimport type { BaseSignerClient } from \"../client/base\";\nimport type {\n AlchemySignerClientEvent,\n AlchemySignerClientEvents,\n User,\n} from \"../client/types\";\nimport { assertNever } from \"../utils/typeAssertions.js\";\nimport type { Session, SessionManagerEvents } from \"./types\";\n\nexport const DEFAULT_SESSION_MS = 15 * 60 * 1000; // 15 minutes\n\nexport const SessionManagerParamsSchema = z.object({\n sessionKey: z.string().default(\"alchemy-signer-session\"),\n storage: z\n .enum([\"localStorage\", \"sessionStorage\"])\n .default(\"localStorage\")\n .or(z.custom<Storage>()),\n expirationTimeMs: z\n .number()\n .default(DEFAULT_SESSION_MS)\n .describe(\n \"The time in milliseconds that a session should last before expiring [default: 15 minutes]\"\n ),\n client: z.custom<BaseSignerClient>(),\n});\n\nexport type SessionManagerParams = z.input<typeof SessionManagerParamsSchema>;\n\ntype SessionState = {\n session: Session | null;\n};\n\ntype Store = Mutate<\n StoreApi<SessionState>,\n [[\"zustand/subscribeWithSelector\", never], [\"zustand/persist\", SessionState]]\n>;\n\ntype TemporarySession = { orgId: string; isNewUser?: boolean };\n\nexport class SessionManager {\n private sessionKey: string;\n private client: BaseSignerClient;\n private eventEmitter: EventEmitter<SessionManagerEvents>;\n readonly expirationTimeMs: number;\n private store: Store;\n private clearSessionHandle: NodeJS.Timeout | null = null;\n\n constructor(params: SessionManagerParams) {\n const {\n sessionKey,\n storage: storageType,\n expirationTimeMs,\n client,\n } = SessionManagerParamsSchema.parse(params);\n this.sessionKey = sessionKey;\n const storage =\n typeof storageType === \"string\"\n ? storageType === \"localStorage\"\n ? localStorage\n : sessionStorage\n : storageType;\n this.expirationTimeMs = expirationTimeMs;\n this.client = client;\n this.eventEmitter = new EventEmitter<SessionManagerEvents>();\n\n this.store = createStore(\n subscribeWithSelector(\n persist(this.getInitialState, {\n name: this.sessionKey,\n storage: createJSONStorage<SessionState>(() => storage),\n })\n )\n );\n\n this.registerEventListeners();\n }\n\n public getSessionUser = async (): Promise<User | null> => {\n const existingSession = this.getSession();\n if (existingSession == null) {\n return null;\n }\n\n switch (existingSession.type) {\n case \"email\":\n case \"oauth\":\n case \"otp\": {\n const connectedEventName = (() => {\n switch (existingSession.type) {\n case \"email\":\n return \"connectedEmail\";\n case \"oauth\":\n return \"connectedOauth\";\n case \"otp\":\n return \"connectedOtp\";\n }\n })();\n const result = await this.client\n .completeAuthWithBundle({\n bundle: existingSession.bundle,\n orgId: existingSession.user.orgId,\n authenticatingType: existingSession.type,\n connectedEventName,\n idToken: existingSession.user.idToken,\n })\n .catch((e) => {\n console.warn(\"Failed to load user from session\", e);\n return null;\n });\n\n if (!result) {\n this.clearSession();\n return null;\n }\n\n return result;\n }\n case \"passkey\": {\n // we don't need to do much here if we already have a user\n // this will setup the client with the user context, but\n // requests still have to be signed by the user on first request\n // so this is fine\n return this.client.lookupUserWithPasskey(existingSession.user);\n }\n default:\n assertNever(\n existingSession,\n `Unknown session type: ${(existingSession as any).type}`\n );\n }\n };\n\n public clearSession = () => {\n this.store.setState({ session: null });\n localStorage.removeItem(`${this.sessionKey}:temporary`);\n\n if (this.clearSessionHandle) {\n clearTimeout(this.clearSessionHandle);\n }\n };\n\n public setTemporarySession = (session: TemporarySession) => {\n // temporary session must be placed in localStorage so that it can be accessed across tabs\n localStorage.setItem(\n `${this.sessionKey}:temporary`,\n JSON.stringify(session)\n );\n };\n\n public getTemporarySession = (): TemporarySession | null => {\n // temporary session must be placed in localStorage so that it can be accessed across tabs\n const sessionStr = localStorage.getItem(`${this.sessionKey}:temporary`);\n\n if (!sessionStr) {\n return null;\n }\n\n return JSON.parse(sessionStr);\n };\n\n on = <E extends keyof SessionManagerEvents>(\n event: E,\n listener: SessionManagerEvents[E]\n ) => {\n this.eventEmitter.on(event, listener as any);\n\n return () => this.eventEmitter.removeListener(event, listener as any);\n };\n\n private getSession = (): Session | null => {\n const session = this.store.getState().session;\n\n if (!session) {\n return null;\n }\n\n /**\n * TODO: this isn't really good enough\n * A user's session could be about to expire and we would still return it\n *\n * Instead we should check if a session is about to expire and refresh it\n * We should revisit this later\n */\n if (session.expirationDateMs < Date.now()) {\n this.client.disconnect();\n this.clearSession();\n return null;\n }\n\n this.registerSessionExpirationHandler(session);\n\n return session;\n };\n\n private setSession = (\n session_:\n | Omit<\n Extract<Session, { type: \"email\" | \"oauth\" | \"otp\" }>,\n \"expirationDateMs\"\n >\n | Omit<Extract<Session, { type: \"passkey\" }>, \"expirationDateMs\">\n ) => {\n const session = {\n ...session_,\n expirationDateMs: Date.now() + this.expirationTimeMs,\n };\n\n this.registerSessionExpirationHandler(session);\n\n this.store.setState({ session });\n };\n\n public initialize() {\n this.getSessionUser()\n .then((user) => {\n // once we complete auth we can update the state of the session to connected or disconnected\n if (user) this.eventEmitter.emit(\"connected\", this.getSession()!);\n else this.eventEmitter.emit(\"disconnected\");\n })\n .finally(() => {\n this.eventEmitter.emit(\"initialized\");\n });\n }\n\n private getInitialState(): SessionState {\n return {\n session: null,\n };\n }\n\n private registerEventListeners = () => {\n this.store.subscribe(\n ({ session }) => session,\n (session, prevSession) => {\n if (session != null && prevSession == null) {\n this.eventEmitter.emit(\"connected\", session);\n } else if (session == null && prevSession != null) {\n this.eventEmitter.emit(\"disconnected\");\n }\n }\n );\n\n // Helper type to ensure that a listener is either defined or explicitly\n // omitted for every event type.\n type Listeners = {\n [K in keyof AlchemySignerClientEvents]:\n | AlchemySignerClientEvents[K]\n | undefined;\n };\n\n const listeners: Listeners = {\n connected: undefined,\n newUserSignup: undefined,\n authenticating: undefined,\n connectedEmail: (user, bundle) =>\n this.setSessionWithUserAndBundle({ type: \"email\", user, bundle }),\n connectedPasskey: (user) => {\n const existingSession = this.getSession();\n if (\n existingSession != null &&\n existingSession.type === \"passkey\" &&\n existingSession.user.userId === user.userId\n ) {\n return;\n }\n\n this.setSession({ type: \"passkey\", user });\n },\n connectedOauth: (user, bundle) =>\n this.setSessionWithUserAndBundle({ type: \"oauth\", user, bundle }),\n connectedOtp: (user, bundle) => {\n this.setSessionWithUserAndBundle({ type: \"otp\", user, bundle });\n },\n disconnected: () => this.clearSession(),\n };\n\n for (const [event, listener] of Object.entries(listeners)) {\n if (listener) {\n this.client.on(event as AlchemySignerClientEvent, listener);\n }\n }\n\n // sync local state if persisted state has changed from another tab\n // only do this in the browser\n // Add a try catch to prevent potential crashes in non-browser environments\n try {\n if (\n typeof window !== \"undefined\" &&\n typeof window.addEventListener !== \"undefined\"\n ) {\n window.addEventListener(\"focus\", () => {\n const oldSession = this.store.getState().session;\n this.store.persist.rehydrate();\n const newSession = this.store.getState().session;\n if (\n (oldSession?.expirationDateMs ?? 0) < Date.now() ||\n oldSession?.user.orgId !== newSession?.user.orgId ||\n oldSession?.user.userId !== newSession?.user.userId\n ) {\n // Initialize if the user has changed.\n this.initialize();\n }\n });\n }\n } catch (e) {\n console.error(\"Error registering event listeners\", e);\n }\n };\n\n private registerSessionExpirationHandler = (session: Session) => {\n if (this.clearSessionHandle) {\n clearTimeout(this.clearSessionHandle);\n }\n\n this.clearSessionHandle = setTimeout(() => {\n this.client.disconnect();\n this.clearSession();\n }, Math.min(session.expirationDateMs - Date.now(), Math.pow(2, 31) - 1));\n };\n\n private setSessionWithUserAndBundle = ({\n type,\n user,\n bundle,\n }: {\n type: \"email\" | \"oauth\" | \"otp\";\n user: User;\n bundle: string;\n }) => {\n const existingSession = this.getSession();\n if (\n existingSession != null &&\n existingSession.type === type &&\n existingSession.user.userId === user.userId &&\n // if the bundle is different, then we've refreshed the session\n // so we need to reset the session\n existingSession.bundle === bundle\n ) {\n return;\n }\n\n this.setSession({ type, user, bundle });\n };\n}\n"]}
1
+ {"version":3,"file":"manager.js","sourceRoot":"","sources":["../../../src/session/manager.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,iBAAiB,EACjB,OAAO,EACP,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,WAAW,EAA8B,MAAM,iBAAiB,CAAC;AAO1E,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAGzD,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AAE/D,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAAC;IACjD,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,wBAAwB,CAAC;IACxD,OAAO,EAAE,CAAC;SACP,IAAI,CAAC,CAAC,cAAc,EAAE,gBAAgB,CAAC,CAAC;SACxC,OAAO,CAAC,cAAc,CAAC;SACvB,EAAE,CAAC,CAAC,CAAC,MAAM,EAAW,CAAC;IAC1B,gBAAgB,EAAE,CAAC;SAChB,MAAM,EAAE;SACR,OAAO,CAAC,kBAAkB,CAAC;SAC3B,QAAQ,CACP,2FAA2F,CAC5F;IACH,MAAM,EAAE,CAAC,CAAC,MAAM,EAAoB;CACrC,CAAC,CAAC;AAeH,MAAM,OAAO,cAAc;IAQzB,YAAY,MAA4B;QAPhC;;;;;WAAmB;QACnB;;;;;WAAyB;QACzB;;;;;WAAiD;QAChD;;;;;WAAyB;QAC1B;;;;;WAAa;QACb;;;;mBAA4C,IAAI;WAAC;QAgClD;;;;mBAAiB,KAAK,IAA0B,EAAE;gBACvD,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;gBAC1C,IAAI,eAAe,IAAI,IAAI,EAAE,CAAC;oBAC5B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,QAAQ,eAAe,CAAC,IAAI,EAAE,CAAC;oBAC7B,KAAK,OAAO,CAAC;oBACb,KAAK,OAAO,CAAC;oBACb,KAAK,YAAY,CAAC;oBAClB,KAAK,KAAK,CAAC,CAAC,CAAC;wBACX,MAAM,kBAAkB,GAAG,CAAC,GAAG,EAAE;4BAC/B,QAAQ,eAAe,CAAC,IAAI,EAAE,CAAC;gCAC7B,KAAK,OAAO;oCACV,OAAO,gBAAgB,CAAC;gCAC1B,KAAK,OAAO;oCACV,OAAO,gBAAgB,CAAC;gCAC1B,KAAK,KAAK;oCACR,OAAO,cAAc,CAAC;gCACxB,KAAK,YAAY;oCACf,OAAO,cAAc,CAAC;4BAC1B,CAAC;wBACH,CAAC,CAAC,EAAE,CAAC;wBACL,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM;6BAC7B,sBAAsB,CAAC;4BACtB,MAAM,EAAE,eAAe,CAAC,MAAM;4BAC9B,KAAK,EAAE,eAAe,CAAC,IAAI,CAAC,KAAK;4BACjC,kBAAkB,EAAE,eAAe,CAAC,IAAI;4BACxC,kBAAkB;4BAClB,OAAO,EAAE,eAAe,CAAC,IAAI,CAAC,OAAO;yBACtC,CAAC;6BACD,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACX,OAAO,CAAC,IAAI,CAAC,kCAAkC,EAAE,CAAC,CAAC,CAAC;4BACpD,OAAO,IAAI,CAAC;wBACd,CAAC,CAAC,CAAC;wBAEL,IAAI,CAAC,MAAM,EAAE,CAAC;4BACZ,IAAI,CAAC,YAAY,EAAE,CAAC;4BACpB,OAAO,IAAI,CAAC;wBACd,CAAC;wBAED,OAAO,MAAM,CAAC;oBAChB,CAAC;oBACD,KAAK,SAAS,CAAC,CAAC,CAAC;wBACf,0DAA0D;wBAC1D,wDAAwD;wBACxD,gEAAgE;wBAChE,kBAAkB;wBAClB,OAAO,IAAI,CAAC,MAAM,CAAC,qBAAqB,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBACjE,CAAC;oBACD;wBACE,WAAW,CACT,eAAe,EACf,yBAA0B,eAAuB,CAAC,IAAI,EAAE,CACzD,CAAC;gBACN,CAAC;YACH,CAAC;WAAC;QAEK;;;;mBAAe,GAAG,EAAE;gBACzB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;gBACvC,YAAY,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,UAAU,YAAY,CAAC,CAAC;gBAExD,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBAC5B,YAAY,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC;WAAC;QAEK;;;;mBAAsB,CAAC,OAAyB,EAAE,EAAE;gBACzD,0FAA0F;gBAC1F,YAAY,CAAC,OAAO,CAClB,GAAG,IAAI,CAAC,UAAU,YAAY,EAC9B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CACxB,CAAC;YACJ,CAAC;WAAC;QAEK;;;;mBAAsB,GAA4B,EAAE;gBACzD,0FAA0F;gBAC1F,MAAM,UAAU,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,YAAY,CAAC,CAAC;gBAExE,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,OAAO,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YAChC,CAAC;WAAC;QAEF;;;;mBAAK,CACH,KAAQ,EACR,QAAiC,EACjC,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;gBAE7C,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;YACxE,CAAC;WAAC;QAEM;;;;mBAAa,GAAmB,EAAE;gBACxC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC;gBAE9C,IAAI,CAAC,OAAO,EAAE,CAAC;oBACb,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED;;;;;;mBAMG;gBACH,IAAI,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;oBAC1C,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;oBACzB,IAAI,CAAC,YAAY,EAAE,CAAC;oBACpB,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;gBAE/C,OAAO,OAAO,CAAC;YACjB,CAAC;WAAC;QAEM;;;;mBAAa,CACnB,QAKmE,EACnE,EAAE;gBACF,MAAM,OAAO,GAAG;oBACd,GAAG,QAAQ;oBACX,gBAAgB,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,gBAAgB;iBACrD,CAAC;gBAEF,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;gBAE/C,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;YACnC,CAAC;WAAC;QAoBM;;;;mBAAyB,GAAG,EAAE;gBACpC,IAAI,CAAC,KAAK,CAAC,SAAS,CAClB,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,OAAO,EACxB,CAAC,OAAO,EAAE,WAAW,EAAE,EAAE;oBACvB,IAAI,OAAO,IAAI,IAAI,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;wBAC3C,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;oBAC/C,CAAC;yBAAM,IAAI,OAAO,IAAI,IAAI,IAAI,WAAW,IAAI,IAAI,EAAE,CAAC;wBAClD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBACzC,CAAC;gBACH,CAAC,CACF,CAAC;gBAUF,MAAM,SAAS,GAAc;oBAC3B,SAAS,EAAE,SAAS;oBACpB,aAAa,EAAE,SAAS;oBACxB,cAAc,EAAE,SAAS;oBACzB,cAAc,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAC/B,IAAI,CAAC,2BAA2B,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;oBACnE,gBAAgB,EAAE,CAAC,IAAI,EAAE,EAAE;wBACzB,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;wBAC1C,IACE,eAAe,IAAI,IAAI;4BACvB,eAAe,CAAC,IAAI,KAAK,SAAS;4BAClC,eAAe,CAAC,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,EAC3C,CAAC;4BACD,OAAO;wBACT,CAAC;wBAED,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;oBAC7C,CAAC;oBACD,cAAc,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAC/B,IAAI,CAAC,2BAA2B,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;oBACnE,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAC7B,IAAI,CAAC,2BAA2B,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;oBACxE,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE;wBAC7B,IAAI,CAAC,2BAA2B,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;oBAClE,CAAC;oBACD,YAAY,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,EAAE;iBACxC,CAAC;gBAEF,KAAK,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC1D,IAAI,QAAQ,EAAE,CAAC;wBACb,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,KAAiC,EAAE,QAAQ,CAAC,CAAC;oBAC9D,CAAC;gBACH,CAAC;gBAED,mEAAmE;gBACnE,8BAA8B;gBAC9B,2EAA2E;gBAC3E,IAAI,CAAC;oBACH,IACE,OAAO,MAAM,KAAK,WAAW;wBAC7B,OAAO,MAAM,CAAC,gBAAgB,KAAK,WAAW,EAC9C,CAAC;wBACD,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;4BACpC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC;4BACjD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;4BAC/B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC;4BACjD,IACE,CAAC,UAAU,EAAE,gBAAgB,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE;gCAChD,UAAU,EAAE,IAAI,CAAC,KAAK,KAAK,UAAU,EAAE,IAAI,CAAC,KAAK;gCACjD,UAAU,EAAE,IAAI,CAAC,MAAM,KAAK,UAAU,EAAE,IAAI,CAAC,MAAM,EACnD,CAAC;gCACD,sCAAsC;gCACtC,IAAI,CAAC,UAAU,EAAE,CAAC;4BACpB,CAAC;wBACH,CAAC,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,CAAC,CAAC,CAAC;gBACxD,CAAC;YACH,CAAC;WAAC;QAEM;;;;mBAAmC,CAAC,OAAgB,EAAE,EAAE;gBAC9D,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBAC5B,YAAY,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;gBACxC,CAAC;gBAED,IAAI,CAAC,kBAAkB,GAAG,UAAU,CAAC,GAAG,EAAE;oBACxC,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;oBACzB,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC3E,CAAC;WAAC;QAEM;;;;mBAA8B,CAAC,EACrC,IAAI,EACJ,IAAI,EACJ,MAAM,GAKP,EAAE,EAAE;gBACH,MAAM,eAAe,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;gBAC1C,IACE,eAAe,IAAI,IAAI;oBACvB,eAAe,CAAC,IAAI,KAAK,IAAI;oBAC7B,eAAe,CAAC,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM;oBAC3C,+DAA+D;oBAC/D,kCAAkC;oBAClC,eAAe,CAAC,MAAM,KAAK,MAAM,EACjC,CAAC;oBACD,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;YAC1C,CAAC;WAAC;QA3SA,MAAM,EACJ,UAAU,EACV,OAAO,EAAE,WAAW,EACpB,gBAAgB,EAChB,MAAM,GACP,GAAG,0BAA0B,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,MAAM,OAAO,GACX,OAAO,WAAW,KAAK,QAAQ;YAC7B,CAAC,CAAC,WAAW,KAAK,cAAc;gBAC9B,CAAC,CAAC,YAAY;gBACd,CAAC,CAAC,cAAc;YAClB,CAAC,CAAC,WAAW,CAAC;QAClB,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;QACzC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,EAAwB,CAAC;QAE7D,IAAI,CAAC,KAAK,GAAG,WAAW,CACtB,qBAAqB,CACnB,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE;YAC5B,IAAI,EAAE,IAAI,CAAC,UAAU;YACrB,OAAO,EAAE,iBAAiB,CAAe,GAAG,EAAE,CAAC,OAAO,CAAC;SACxD,CAAC,CACH,CACF,CAAC;QAEF,IAAI,CAAC,sBAAsB,EAAE,CAAC;IAChC,CAAC;IA4IM,UAAU;QACf,IAAI,CAAC,cAAc,EAAE;aAClB,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;YACb,4FAA4F;YAC5F,IAAI,IAAI;gBAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,UAAU,EAAG,CAAC,CAAC;;gBAC7D,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC9C,CAAC,CAAC;aACD,OAAO,CAAC,GAAG,EAAE;YACZ,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,eAAe;QACrB,OAAO;YACL,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;CAqHF","sourcesContent":["import EventEmitter from \"eventemitter3\";\nimport { z } from \"zod\";\nimport {\n createJSONStorage,\n persist,\n subscribeWithSelector,\n} from \"zustand/middleware\";\nimport { createStore, type Mutate, type StoreApi } from \"zustand/vanilla\";\nimport type { BaseSignerClient } from \"../client/base\";\nimport type {\n AlchemySignerClientEvent,\n AlchemySignerClientEvents,\n User,\n} from \"../client/types\";\nimport { assertNever } from \"../utils/typeAssertions.js\";\nimport type { Session, SessionManagerEvents } from \"./types\";\n\nexport const DEFAULT_SESSION_MS = 15 * 60 * 1000; // 15 minutes\n\nexport const SessionManagerParamsSchema = z.object({\n sessionKey: z.string().default(\"alchemy-signer-session\"),\n storage: z\n .enum([\"localStorage\", \"sessionStorage\"])\n .default(\"localStorage\")\n .or(z.custom<Storage>()),\n expirationTimeMs: z\n .number()\n .default(DEFAULT_SESSION_MS)\n .describe(\n \"The time in milliseconds that a session should last before expiring [default: 15 minutes]\"\n ),\n client: z.custom<BaseSignerClient>(),\n});\n\nexport type SessionManagerParams = z.input<typeof SessionManagerParamsSchema>;\n\ntype SessionState = {\n session: Session | null;\n};\n\ntype Store = Mutate<\n StoreApi<SessionState>,\n [[\"zustand/subscribeWithSelector\", never], [\"zustand/persist\", SessionState]]\n>;\n\ntype TemporarySession = { orgId: string; isNewUser?: boolean };\n\nexport class SessionManager {\n private sessionKey: string;\n private client: BaseSignerClient;\n private eventEmitter: EventEmitter<SessionManagerEvents>;\n readonly expirationTimeMs: number;\n private store: Store;\n private clearSessionHandle: NodeJS.Timeout | null = null;\n\n constructor(params: SessionManagerParams) {\n const {\n sessionKey,\n storage: storageType,\n expirationTimeMs,\n client,\n } = SessionManagerParamsSchema.parse(params);\n this.sessionKey = sessionKey;\n const storage =\n typeof storageType === \"string\"\n ? storageType === \"localStorage\"\n ? localStorage\n : sessionStorage\n : storageType;\n this.expirationTimeMs = expirationTimeMs;\n this.client = client;\n this.eventEmitter = new EventEmitter<SessionManagerEvents>();\n\n this.store = createStore(\n subscribeWithSelector(\n persist(this.getInitialState, {\n name: this.sessionKey,\n storage: createJSONStorage<SessionState>(() => storage),\n })\n )\n );\n\n this.registerEventListeners();\n }\n\n public getSessionUser = async (): Promise<User | null> => {\n const existingSession = this.getSession();\n if (existingSession == null) {\n return null;\n }\n\n switch (existingSession.type) {\n case \"email\":\n case \"oauth\":\n case \"custom-jwt\":\n case \"otp\": {\n const connectedEventName = (() => {\n switch (existingSession.type) {\n case \"email\":\n return \"connectedEmail\";\n case \"oauth\":\n return \"connectedOauth\";\n case \"otp\":\n return \"connectedOtp\";\n case \"custom-jwt\":\n return \"connectedJwt\";\n }\n })();\n const result = await this.client\n .completeAuthWithBundle({\n bundle: existingSession.bundle,\n orgId: existingSession.user.orgId,\n authenticatingType: existingSession.type,\n connectedEventName,\n idToken: existingSession.user.idToken,\n })\n .catch((e) => {\n console.warn(\"Failed to load user from session\", e);\n return null;\n });\n\n if (!result) {\n this.clearSession();\n return null;\n }\n\n return result;\n }\n case \"passkey\": {\n // we don't need to do much here if we already have a user\n // this will setup the client with the user context, but\n // requests still have to be signed by the user on first request\n // so this is fine\n return this.client.lookupUserWithPasskey(existingSession.user);\n }\n default:\n assertNever(\n existingSession,\n `Unknown session type: ${(existingSession as any).type}`\n );\n }\n };\n\n public clearSession = () => {\n this.store.setState({ session: null });\n localStorage.removeItem(`${this.sessionKey}:temporary`);\n\n if (this.clearSessionHandle) {\n clearTimeout(this.clearSessionHandle);\n }\n };\n\n public setTemporarySession = (session: TemporarySession) => {\n // temporary session must be placed in localStorage so that it can be accessed across tabs\n localStorage.setItem(\n `${this.sessionKey}:temporary`,\n JSON.stringify(session)\n );\n };\n\n public getTemporarySession = (): TemporarySession | null => {\n // temporary session must be placed in localStorage so that it can be accessed across tabs\n const sessionStr = localStorage.getItem(`${this.sessionKey}:temporary`);\n\n if (!sessionStr) {\n return null;\n }\n\n return JSON.parse(sessionStr);\n };\n\n on = <E extends keyof SessionManagerEvents>(\n event: E,\n listener: SessionManagerEvents[E]\n ) => {\n this.eventEmitter.on(event, listener as any);\n\n return () => this.eventEmitter.removeListener(event, listener as any);\n };\n\n private getSession = (): Session | null => {\n const session = this.store.getState().session;\n\n if (!session) {\n return null;\n }\n\n /**\n * TODO: this isn't really good enough\n * A user's session could be about to expire and we would still return it\n *\n * Instead we should check if a session is about to expire and refresh it\n * We should revisit this later\n */\n if (session.expirationDateMs < Date.now()) {\n this.client.disconnect();\n this.clearSession();\n return null;\n }\n\n this.registerSessionExpirationHandler(session);\n\n return session;\n };\n\n private setSession = (\n session_:\n | Omit<\n Extract<Session, { type: \"email\" | \"oauth\" | \"otp\" | \"custom-jwt\" }>,\n \"expirationDateMs\"\n >\n | Omit<Extract<Session, { type: \"passkey\" }>, \"expirationDateMs\">\n ) => {\n const session = {\n ...session_,\n expirationDateMs: Date.now() + this.expirationTimeMs,\n };\n\n this.registerSessionExpirationHandler(session);\n\n this.store.setState({ session });\n };\n\n public initialize() {\n this.getSessionUser()\n .then((user) => {\n // once we complete auth we can update the state of the session to connected or disconnected\n if (user) this.eventEmitter.emit(\"connected\", this.getSession()!);\n else this.eventEmitter.emit(\"disconnected\");\n })\n .finally(() => {\n this.eventEmitter.emit(\"initialized\");\n });\n }\n\n private getInitialState(): SessionState {\n return {\n session: null,\n };\n }\n\n private registerEventListeners = () => {\n this.store.subscribe(\n ({ session }) => session,\n (session, prevSession) => {\n if (session != null && prevSession == null) {\n this.eventEmitter.emit(\"connected\", session);\n } else if (session == null && prevSession != null) {\n this.eventEmitter.emit(\"disconnected\");\n }\n }\n );\n\n // Helper type to ensure that a listener is either defined or explicitly\n // omitted for every event type.\n type Listeners = {\n [K in keyof AlchemySignerClientEvents]:\n | AlchemySignerClientEvents[K]\n | undefined;\n };\n\n const listeners: Listeners = {\n connected: undefined,\n newUserSignup: undefined,\n authenticating: undefined,\n connectedEmail: (user, bundle) =>\n this.setSessionWithUserAndBundle({ type: \"email\", user, bundle }),\n connectedPasskey: (user) => {\n const existingSession = this.getSession();\n if (\n existingSession != null &&\n existingSession.type === \"passkey\" &&\n existingSession.user.userId === user.userId\n ) {\n return;\n }\n\n this.setSession({ type: \"passkey\", user });\n },\n connectedOauth: (user, bundle) =>\n this.setSessionWithUserAndBundle({ type: \"oauth\", user, bundle }),\n connectedJwt: (user, bundle) =>\n this.setSessionWithUserAndBundle({ type: \"custom-jwt\", user, bundle }),\n connectedOtp: (user, bundle) => {\n this.setSessionWithUserAndBundle({ type: \"otp\", user, bundle });\n },\n disconnected: () => this.clearSession(),\n };\n\n for (const [event, listener] of Object.entries(listeners)) {\n if (listener) {\n this.client.on(event as AlchemySignerClientEvent, listener);\n }\n }\n\n // sync local state if persisted state has changed from another tab\n // only do this in the browser\n // Add a try catch to prevent potential crashes in non-browser environments\n try {\n if (\n typeof window !== \"undefined\" &&\n typeof window.addEventListener !== \"undefined\"\n ) {\n window.addEventListener(\"focus\", () => {\n const oldSession = this.store.getState().session;\n this.store.persist.rehydrate();\n const newSession = this.store.getState().session;\n if (\n (oldSession?.expirationDateMs ?? 0) < Date.now() ||\n oldSession?.user.orgId !== newSession?.user.orgId ||\n oldSession?.user.userId !== newSession?.user.userId\n ) {\n // Initialize if the user has changed.\n this.initialize();\n }\n });\n }\n } catch (e) {\n console.error(\"Error registering event listeners\", e);\n }\n };\n\n private registerSessionExpirationHandler = (session: Session) => {\n if (this.clearSessionHandle) {\n clearTimeout(this.clearSessionHandle);\n }\n\n this.clearSessionHandle = setTimeout(() => {\n this.client.disconnect();\n this.clearSession();\n }, Math.min(session.expirationDateMs - Date.now(), Math.pow(2, 31) - 1));\n };\n\n private setSessionWithUserAndBundle = ({\n type,\n user,\n bundle,\n }: {\n type: \"email\" | \"oauth\" | \"otp\" | \"custom-jwt\";\n user: User;\n bundle: string;\n }) => {\n const existingSession = this.getSession();\n if (\n existingSession != null &&\n existingSession.type === type &&\n existingSession.user.userId === user.userId &&\n // if the bundle is different, then we've refreshed the session\n // so we need to reset the session\n existingSession.bundle === bundle\n ) {\n return;\n }\n\n this.setSession({ type, user, bundle });\n };\n}\n"]}
package/dist/esm/session/types.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import type { User } from "../client/types";
2
2
  export type Session = {
3
- type: "email" | "oauth" | "otp";
3
+ type: "email" | "oauth" | "otp" | "custom-jwt";
4
4
  bundle: string;
5
5
  expirationDateMs: number;
6
6
  user: User;
package/dist/esm/session/types.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/session/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { User } from \"../client/types\";\n\nexport type Session =\n | {\n type: \"email\" | \"oauth\" | \"otp\";\n bundle: string;\n expirationDateMs: number;\n user: User;\n }\n | { type: \"passkey\"; user: User; expirationDateMs: number };\n\nexport type SessionManagerEvents = {\n connected(session: Session): void;\n disconnected(): void;\n initialized(): void;\n};\n"]}
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/session/types.ts"],"names":[],"mappings":"","sourcesContent":["import type { User } from \"../client/types\";\n\nexport type Session =\n | {\n type: \"email\" | \"oauth\" | \"otp\" | \"custom-jwt\";\n bundle: string;\n expirationDateMs: number;\n user: User;\n }\n | { type: \"passkey\"; user: User; expirationDateMs: number };\n\nexport type SessionManagerEvents = {\n connected(session: Session): void;\n disconnected(): void;\n initialized(): void;\n};\n"]}
package/dist/esm/signer.d.ts CHANGED
@@ -29,7 +29,11 @@ export type AuthParams = {
29
29
  type: "oauth";
30
30
  scope?: string;
31
31
  claims?: string;
32
- } & OauthProviderConfig & OauthRedirectConfig) | {
32
+ otherParameters?: Record<string, string>;
33
+ } & OauthProviderConfig & OauthRedirectConfig) | ({
34
+ type: "custom-jwt";
35
+ jwt: string;
36
+ } & OauthProviderConfig) | {
33
37
  type: "oauthReturn";
34
38
  bundle: string;
35
39
  orgId: string;
@@ -59,7 +63,7 @@ export type OauthRedirectConfig = {
59
63
  mode: "popup";
60
64
  redirectUrl?: never;
61
65
  };
62
- export type KnownAuthProvider = "google" | "apple" | "facebook" | "auth0";
66
+ export type KnownAuthProvider = "google" | "apple" | "facebook" | "twitch" | "auth0";
63
67
  export type OauthMode = "redirect" | "popup";
64
68
  export declare const AlchemySignerParamsSchema: z.ZodObject<{
65
69
  client: z.ZodUnion<[z.ZodType<AlchemySignerWebClient, z.ZodTypeDef, AlchemySignerWebClient>, z.ZodObject<{