@account-kit/signer 4.31.2 → 4.32.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/esm/base.d.ts +6 -2
- package/dist/esm/base.js +131 -33
- package/dist/esm/base.js.map +1 -1
- package/dist/esm/client/base.d.ts +132 -9
- package/dist/esm/client/base.js +34 -4
- package/dist/esm/client/base.js.map +1 -1
- package/dist/esm/client/index.d.ts +36 -14
- package/dist/esm/client/index.js +36 -18
- package/dist/esm/client/index.js.map +1 -1
- package/dist/esm/client/types.d.ts +19 -0
- package/dist/esm/client/types.js.map +1 -1
- package/dist/esm/signer.d.ts +88 -33
- package/dist/esm/signer.js +28 -3
- package/dist/esm/signer.js.map +1 -1
- package/dist/esm/solanaSigner.d.ts +3 -3
- package/dist/esm/solanaSigner.js +1 -1
- package/dist/esm/solanaSigner.js.map +1 -1
- package/dist/esm/types.d.ts +1 -0
- package/dist/esm/types.js.map +1 -1
- package/dist/esm/version.d.ts +1 -1
- package/dist/esm/version.js +1 -1
- package/dist/esm/version.js.map +1 -1
- package/dist/types/base.d.ts +6 -2
- package/dist/types/base.d.ts.map +1 -1
- package/dist/types/client/base.d.ts +132 -9
- package/dist/types/client/base.d.ts.map +1 -1
- package/dist/types/client/index.d.ts +36 -14
- package/dist/types/client/index.d.ts.map +1 -1
- package/dist/types/client/types.d.ts +19 -0
- package/dist/types/client/types.d.ts.map +1 -1
- package/dist/types/signer.d.ts +88 -33
- package/dist/types/signer.d.ts.map +1 -1
- package/dist/types/solanaSigner.d.ts +3 -3
- package/dist/types/solanaSigner.d.ts.map +1 -1
- package/dist/types/types.d.ts +1 -0
- package/dist/types/types.d.ts.map +1 -1
- package/dist/types/version.d.ts +1 -1
- package/package.json +5 -6
- package/src/base.ts +172 -56
- package/src/client/base.ts +36 -7
- package/src/client/index.ts +41 -18
- package/src/client/types.ts +21 -0
- package/src/signer.ts +36 -3
- package/src/solanaSigner.ts +4 -4
- package/src/types.ts +1 -0
- package/src/version.ts +1 -1
|
@@ -2,7 +2,7 @@ import { type ConnectionConfig } from "@aa-sdk/core";
|
|
|
2
2
|
import { TurnkeyClient, type TSignedRequest } from "@turnkey/http";
|
|
3
3
|
import EventEmitter from "eventemitter3";
|
|
4
4
|
import { type Hex } from "viem";
|
|
5
|
-
import type { AlchemySignerClientEvents, AuthenticatingEventMetadata, CreateAccountParams, RemoveMfaParams, EmailAuthParams, AddMfaParams, AddMfaResult, experimental_CreateApiKeyParams, GetOauthProviderUrlArgs, GetWebAuthnAttestationResult, MfaFactor, OauthConfig, OauthParams, OtpParams, SignerBody, SignerResponse, SignupResponse, User, VerifyMfaParams, SubmitOtpCodeResponse, ValidateMultiFactorsParams } from "./types.js";
|
|
5
|
+
import type { AlchemySignerClientEvents, AuthenticatingEventMetadata, CreateAccountParams, RemoveMfaParams, EmailAuthParams, AddMfaParams, AddMfaResult, experimental_CreateApiKeyParams, GetOauthProviderUrlArgs, GetWebAuthnAttestationResult, MfaFactor, OauthConfig, OauthParams, OtpParams, SignerBody, SignerResponse, SignupResponse, User, VerifyMfaParams, SubmitOtpCodeResponse, ValidateMultiFactorsParams, AuthLinkingPrompt, AddOauthProviderParams } from "./types.js";
|
|
6
6
|
export interface BaseSignerClientParams {
|
|
7
7
|
stamper: TurnkeyClient["stamper"];
|
|
8
8
|
connection: ConnectionConfig;
|
|
@@ -71,10 +71,10 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
71
71
|
}): Promise<User>;
|
|
72
72
|
abstract oauthWithRedirect(args: Extract<OauthParams, {
|
|
73
73
|
mode: "redirect";
|
|
74
|
-
}>): Promise<User
|
|
74
|
+
}>): Promise<User>;
|
|
75
75
|
abstract oauthWithPopup(args: Extract<OauthParams, {
|
|
76
76
|
mode: "popup";
|
|
77
|
-
}>): Promise<User>;
|
|
77
|
+
}>): Promise<User | AuthLinkingPrompt>;
|
|
78
78
|
abstract submitOtpCode(args: Omit<OtpParams, "targetPublicKey">): Promise<SubmitOtpCodeResponse>;
|
|
79
79
|
abstract disconnect(): Promise<void>;
|
|
80
80
|
abstract exportWallet(params: TExportWalletParams): Promise<boolean>;
|
|
@@ -109,6 +109,14 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
109
109
|
getPasskeyStatus: () => Promise<{
|
|
110
110
|
isPasskeyAdded: boolean;
|
|
111
111
|
}>;
|
|
112
|
+
/**
|
|
113
|
+
* Adds an OAuth provider for the authenticated user using the provided parameters. Throws an error if the user is not authenticated.
|
|
114
|
+
*
|
|
115
|
+
* @param {AddOauthProviderParams} params The parameters for adding an OAuth provider, including `providerName` and `oidcToken`.
|
|
116
|
+
* @throws {NotAuthenticatedError} Throws if the user is not authenticated.
|
|
117
|
+
* @returns {Promise<void>} A Promise that resolves when the OAuth provider is added.
|
|
118
|
+
*/
|
|
119
|
+
addOauthProvider: (params: AddOauthProviderParams) => Promise<void>;
|
|
112
120
|
/**
|
|
113
121
|
* Retrieves the current user or fetches the user information if not already available.
|
|
114
122
|
*
|
|
@@ -179,7 +187,7 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
179
187
|
* @param {SignerBody<R>} body The request body containing the data to be sent
|
|
180
188
|
* @returns {Promise<SignerResponse<R>>} A promise that resolves to the response from the signer
|
|
181
189
|
*/
|
|
182
|
-
request: <R extends "/v1/signup" | "/v1/whoami" | "/v1/auth" | "/v1/lookup" | "/v1/sign-payload" | "/v1/prepare-oauth" | "/v1/otp" | "/v1/auth-list-multi-factors" | "/v1/auth-delete-multi-factors" | "/v1/auth-request-multi-factor" | "/v1/auth-verify-multi-factor" | "/v1/signer-config" | "/v1/auth-validate-multi-factors">(route: R, body: SignerBody<R>) => Promise<SignerResponse<R>>;
|
|
190
|
+
request: <R extends "/v1/signup" | "/v1/whoami" | "/v1/auth" | "/v1/lookup" | "/v1/sign-payload" | "/v1/add-oauth-provider" | "/v1/prepare-oauth" | "/v1/otp" | "/v1/auth-list-multi-factors" | "/v1/auth-delete-multi-factors" | "/v1/auth-request-multi-factor" | "/v1/auth-verify-multi-factor" | "/v1/signer-config" | "/v1/auth-validate-multi-factors">(route: R, body: SignerBody<R>) => Promise<SignerResponse<R>>;
|
|
183
191
|
/**
|
|
184
192
|
* Retrieves the list of MFA factors configured for the current user.
|
|
185
193
|
*
|
|
@@ -265,7 +273,7 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
265
273
|
*/
|
|
266
274
|
protected getOauthProviderUrl: (args: GetOauthProviderUrlArgs) => Promise<string>;
|
|
267
275
|
private getOauthConfigForMode;
|
|
268
|
-
protected pollActivityCompletion: <T extends "createOrganizationResult" | "createAuthenticatorsResult" | "createUsersResult" | "createPrivateKeysResult" | "createInvitationsResult" | "acceptInvitationResult" | "signRawPayloadResult" | "createPolicyResult" | "disablePrivateKeyResult" | "deleteUsersResult" | "deleteAuthenticatorsResult" | "deleteInvitationResult" | "deleteOrganizationResult" | "deletePolicyResult" | "createUserTagResult" | "deleteUserTagsResult" | "signTransactionResult" | "deleteApiKeysResult" | "createApiKeysResult" | "createPrivateKeyTagResult" | "deletePrivateKeyTagsResult" | "setPaymentMethodResult" | "activateBillingTierResult" | "deletePaymentMethodResult" | "createApiOnlyUsersResult" | "updateRootQuorumResult" | "updateUserTagResult" | "updatePrivateKeyTagResult" | "createSubOrganizationResult" | "updateAllowedOriginsResult" | "createPrivateKeysResultV2" | "updateUserResult" | "updatePolicyResult" | "createSubOrganizationResultV3" | "createWalletResult" | "createWalletAccountsResult" | "initUserEmailRecoveryResult" | "recoverUserResult" | "setOrganizationFeatureResult" | "removeOrganizationFeatureResult" | "exportPrivateKeyResult" | "exportWalletResult" | "createSubOrganizationResultV4" | "emailAuthResult" | "exportWalletAccountResult">(activity: Awaited<ReturnType<(typeof this.turnkeyClient)["getActivity"]>>["activity"], organizationId: string, resultKey: T) => Promise<NonNullable<{
|
|
276
|
+
protected pollActivityCompletion: <T extends "createOrganizationResult" | "createAuthenticatorsResult" | "createUsersResult" | "createPrivateKeysResult" | "createInvitationsResult" | "acceptInvitationResult" | "signRawPayloadResult" | "createPolicyResult" | "disablePrivateKeyResult" | "deleteUsersResult" | "deleteAuthenticatorsResult" | "deleteInvitationResult" | "deleteOrganizationResult" | "deletePolicyResult" | "createUserTagResult" | "deleteUserTagsResult" | "signTransactionResult" | "deleteApiKeysResult" | "createApiKeysResult" | "createPrivateKeyTagResult" | "deletePrivateKeyTagsResult" | "setPaymentMethodResult" | "activateBillingTierResult" | "deletePaymentMethodResult" | "createApiOnlyUsersResult" | "updateRootQuorumResult" | "updateUserTagResult" | "updatePrivateKeyTagResult" | "createSubOrganizationResult" | "updateAllowedOriginsResult" | "createPrivateKeysResultV2" | "updateUserResult" | "updatePolicyResult" | "createSubOrganizationResultV3" | "createWalletResult" | "createWalletAccountsResult" | "initUserEmailRecoveryResult" | "recoverUserResult" | "setOrganizationFeatureResult" | "removeOrganizationFeatureResult" | "exportPrivateKeyResult" | "exportWalletResult" | "createSubOrganizationResultV4" | "emailAuthResult" | "exportWalletAccountResult" | "initImportWalletResult" | "importWalletResult" | "initImportPrivateKeyResult" | "importPrivateKeyResult" | "createPoliciesResult" | "signRawPayloadsResult" | "createReadOnlySessionResult" | "createOauthProvidersResult" | "deleteOauthProvidersResult" | "createSubOrganizationResultV5" | "oauthResult" | "createReadWriteSessionResult" | "createSubOrganizationResultV6" | "deletePrivateKeysResult" | "deleteWalletsResult" | "createReadWriteSessionResultV2" | "deleteSubOrganizationResult" | "initOtpAuthResult" | "otpAuthResult" | "createSubOrganizationResultV7" | "updateWalletResult" | "updatePolicyResultV2" | "initOtpAuthResultV2">(activity: Awaited<ReturnType<(typeof this.turnkeyClient)["getActivity"]>>["activity"], organizationId: string, resultKey: T) => Promise<NonNullable<{
|
|
269
277
|
createOrganizationResult?: {
|
|
270
278
|
organizationId: string;
|
|
271
279
|
} | undefined;
|
|
@@ -361,6 +369,7 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
361
369
|
} | undefined;
|
|
362
370
|
createSubOrganizationResult?: {
|
|
363
371
|
subOrganizationId: string;
|
|
372
|
+
rootUserIds?: string[] | undefined;
|
|
364
373
|
} | undefined;
|
|
365
374
|
updateAllowedOriginsResult?: {
|
|
366
375
|
[key: string]: unknown;
|
|
@@ -369,7 +378,7 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
369
378
|
privateKeys: {
|
|
370
379
|
privateKeyId?: string | undefined;
|
|
371
380
|
addresses?: {
|
|
372
|
-
format?: "ADDRESS_FORMAT_UNCOMPRESSED" | "ADDRESS_FORMAT_COMPRESSED" | "ADDRESS_FORMAT_ETHEREUM" | "ADDRESS_FORMAT_SOLANA" | "ADDRESS_FORMAT_COSMOS" | undefined;
|
|
381
|
+
format?: "ADDRESS_FORMAT_UNCOMPRESSED" | "ADDRESS_FORMAT_COMPRESSED" | "ADDRESS_FORMAT_ETHEREUM" | "ADDRESS_FORMAT_SOLANA" | "ADDRESS_FORMAT_COSMOS" | "ADDRESS_FORMAT_TRON" | "ADDRESS_FORMAT_SUI" | "ADDRESS_FORMAT_APTOS" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2PKH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2SH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2WSH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2TR" | "ADDRESS_FORMAT_SEI" | "ADDRESS_FORMAT_XLM" | "ADDRESS_FORMAT_DOGE_MAINNET" | "ADDRESS_FORMAT_DOGE_TESTNET" | "ADDRESS_FORMAT_TON_V3R2" | "ADDRESS_FORMAT_TON_V4R2" | "ADDRESS_FORMAT_XRP" | undefined;
|
|
373
382
|
address?: string | undefined;
|
|
374
383
|
}[] | undefined;
|
|
375
384
|
}[];
|
|
@@ -385,10 +394,11 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
385
394
|
privateKeys: {
|
|
386
395
|
privateKeyId?: string | undefined;
|
|
387
396
|
addresses?: {
|
|
388
|
-
format?: "ADDRESS_FORMAT_UNCOMPRESSED" | "ADDRESS_FORMAT_COMPRESSED" | "ADDRESS_FORMAT_ETHEREUM" | "ADDRESS_FORMAT_SOLANA" | "ADDRESS_FORMAT_COSMOS" | undefined;
|
|
397
|
+
format?: "ADDRESS_FORMAT_UNCOMPRESSED" | "ADDRESS_FORMAT_COMPRESSED" | "ADDRESS_FORMAT_ETHEREUM" | "ADDRESS_FORMAT_SOLANA" | "ADDRESS_FORMAT_COSMOS" | "ADDRESS_FORMAT_TRON" | "ADDRESS_FORMAT_SUI" | "ADDRESS_FORMAT_APTOS" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2PKH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2SH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2WSH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2TR" | "ADDRESS_FORMAT_SEI" | "ADDRESS_FORMAT_XLM" | "ADDRESS_FORMAT_DOGE_MAINNET" | "ADDRESS_FORMAT_DOGE_TESTNET" | "ADDRESS_FORMAT_TON_V3R2" | "ADDRESS_FORMAT_TON_V4R2" | "ADDRESS_FORMAT_XRP" | undefined;
|
|
389
398
|
address?: string | undefined;
|
|
390
399
|
}[] | undefined;
|
|
391
400
|
}[];
|
|
401
|
+
rootUserIds?: string[] | undefined;
|
|
392
402
|
} | undefined;
|
|
393
403
|
createWalletResult?: {
|
|
394
404
|
walletId: string;
|
|
@@ -405,13 +415,13 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
405
415
|
} | undefined;
|
|
406
416
|
setOrganizationFeatureResult?: {
|
|
407
417
|
features: {
|
|
408
|
-
name?: "FEATURE_NAME_ROOT_USER_EMAIL_RECOVERY" | "FEATURE_NAME_WEBAUTHN_ORIGINS" | "FEATURE_NAME_EMAIL_AUTH" | "FEATURE_NAME_EMAIL_RECOVERY" | undefined;
|
|
418
|
+
name?: "FEATURE_NAME_ROOT_USER_EMAIL_RECOVERY" | "FEATURE_NAME_WEBAUTHN_ORIGINS" | "FEATURE_NAME_EMAIL_AUTH" | "FEATURE_NAME_EMAIL_RECOVERY" | "FEATURE_NAME_WEBHOOK" | "FEATURE_NAME_SMS_AUTH" | "FEATURE_NAME_OTP_EMAIL_AUTH" | undefined;
|
|
409
419
|
value?: string | undefined;
|
|
410
420
|
}[];
|
|
411
421
|
} | undefined;
|
|
412
422
|
removeOrganizationFeatureResult?: {
|
|
413
423
|
features: {
|
|
414
|
-
name?: "FEATURE_NAME_ROOT_USER_EMAIL_RECOVERY" | "FEATURE_NAME_WEBAUTHN_ORIGINS" | "FEATURE_NAME_EMAIL_AUTH" | "FEATURE_NAME_EMAIL_RECOVERY" | undefined;
|
|
424
|
+
name?: "FEATURE_NAME_ROOT_USER_EMAIL_RECOVERY" | "FEATURE_NAME_WEBAUTHN_ORIGINS" | "FEATURE_NAME_EMAIL_AUTH" | "FEATURE_NAME_EMAIL_RECOVERY" | "FEATURE_NAME_WEBHOOK" | "FEATURE_NAME_SMS_AUTH" | "FEATURE_NAME_OTP_EMAIL_AUTH" | undefined;
|
|
415
425
|
value?: string | undefined;
|
|
416
426
|
}[];
|
|
417
427
|
} | undefined;
|
|
@@ -429,6 +439,7 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
429
439
|
walletId: string;
|
|
430
440
|
addresses: string[];
|
|
431
441
|
} | undefined;
|
|
442
|
+
rootUserIds?: string[] | undefined;
|
|
432
443
|
} | undefined;
|
|
433
444
|
emailAuthResult?: {
|
|
434
445
|
userId: string;
|
|
@@ -438,6 +449,118 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
|
|
|
438
449
|
address: string;
|
|
439
450
|
exportBundle: string;
|
|
440
451
|
} | undefined;
|
|
452
|
+
initImportWalletResult?: {
|
|
453
|
+
importBundle: string;
|
|
454
|
+
} | undefined;
|
|
455
|
+
importWalletResult?: {
|
|
456
|
+
walletId: string;
|
|
457
|
+
addresses: string[];
|
|
458
|
+
} | undefined;
|
|
459
|
+
initImportPrivateKeyResult?: {
|
|
460
|
+
importBundle: string;
|
|
461
|
+
} | undefined;
|
|
462
|
+
importPrivateKeyResult?: {
|
|
463
|
+
privateKeyId: string;
|
|
464
|
+
addresses: {
|
|
465
|
+
format?: "ADDRESS_FORMAT_UNCOMPRESSED" | "ADDRESS_FORMAT_COMPRESSED" | "ADDRESS_FORMAT_ETHEREUM" | "ADDRESS_FORMAT_SOLANA" | "ADDRESS_FORMAT_COSMOS" | "ADDRESS_FORMAT_TRON" | "ADDRESS_FORMAT_SUI" | "ADDRESS_FORMAT_APTOS" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_MAINNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_TESTNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2PKH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2SH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2WSH" | "ADDRESS_FORMAT_BITCOIN_SIGNET_P2TR" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2PKH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2SH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2WPKH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2WSH" | "ADDRESS_FORMAT_BITCOIN_REGTEST_P2TR" | "ADDRESS_FORMAT_SEI" | "ADDRESS_FORMAT_XLM" | "ADDRESS_FORMAT_DOGE_MAINNET" | "ADDRESS_FORMAT_DOGE_TESTNET" | "ADDRESS_FORMAT_TON_V3R2" | "ADDRESS_FORMAT_TON_V4R2" | "ADDRESS_FORMAT_XRP" | undefined;
|
|
466
|
+
address?: string | undefined;
|
|
467
|
+
}[];
|
|
468
|
+
} | undefined;
|
|
469
|
+
createPoliciesResult?: {
|
|
470
|
+
policyIds: string[];
|
|
471
|
+
} | undefined;
|
|
472
|
+
signRawPayloadsResult?: {
|
|
473
|
+
signatures?: {
|
|
474
|
+
r: string;
|
|
475
|
+
s: string;
|
|
476
|
+
v: string;
|
|
477
|
+
}[] | undefined;
|
|
478
|
+
} | undefined;
|
|
479
|
+
createReadOnlySessionResult?: {
|
|
480
|
+
organizationId: string;
|
|
481
|
+
organizationName: string;
|
|
482
|
+
userId: string;
|
|
483
|
+
username: string;
|
|
484
|
+
session: string;
|
|
485
|
+
sessionExpiry: string;
|
|
486
|
+
} | undefined;
|
|
487
|
+
createOauthProvidersResult?: {
|
|
488
|
+
providerIds: string[];
|
|
489
|
+
} | undefined;
|
|
490
|
+
deleteOauthProvidersResult?: {
|
|
491
|
+
providerIds: string[];
|
|
492
|
+
} | undefined;
|
|
493
|
+
createSubOrganizationResultV5?: {
|
|
494
|
+
subOrganizationId: string;
|
|
495
|
+
wallet?: {
|
|
496
|
+
walletId: string;
|
|
497
|
+
addresses: string[];
|
|
498
|
+
} | undefined;
|
|
499
|
+
rootUserIds?: string[] | undefined;
|
|
500
|
+
} | undefined;
|
|
501
|
+
oauthResult?: {
|
|
502
|
+
userId: string;
|
|
503
|
+
apiKeyId: string;
|
|
504
|
+
credentialBundle: string;
|
|
505
|
+
} | undefined;
|
|
506
|
+
createReadWriteSessionResult?: {
|
|
507
|
+
organizationId: string;
|
|
508
|
+
organizationName: string;
|
|
509
|
+
userId: string;
|
|
510
|
+
username: string;
|
|
511
|
+
apiKeyId: string;
|
|
512
|
+
credentialBundle: string;
|
|
513
|
+
} | undefined;
|
|
514
|
+
createSubOrganizationResultV6?: {
|
|
515
|
+
subOrganizationId: string;
|
|
516
|
+
wallet?: {
|
|
517
|
+
walletId: string;
|
|
518
|
+
addresses: string[];
|
|
519
|
+
} | undefined;
|
|
520
|
+
rootUserIds?: string[] | undefined;
|
|
521
|
+
} | undefined;
|
|
522
|
+
deletePrivateKeysResult?: {
|
|
523
|
+
privateKeyIds: string[];
|
|
524
|
+
} | undefined;
|
|
525
|
+
deleteWalletsResult?: {
|
|
526
|
+
walletIds: string[];
|
|
527
|
+
} | undefined;
|
|
528
|
+
createReadWriteSessionResultV2?: {
|
|
529
|
+
organizationId: string;
|
|
530
|
+
organizationName: string;
|
|
531
|
+
userId: string;
|
|
532
|
+
username: string;
|
|
533
|
+
apiKeyId: string;
|
|
534
|
+
credentialBundle: string;
|
|
535
|
+
} | undefined;
|
|
536
|
+
deleteSubOrganizationResult?: {
|
|
537
|
+
subOrganizationUuid: string;
|
|
538
|
+
} | undefined;
|
|
539
|
+
initOtpAuthResult?: {
|
|
540
|
+
otpId: string;
|
|
541
|
+
} | undefined;
|
|
542
|
+
otpAuthResult?: {
|
|
543
|
+
userId: string;
|
|
544
|
+
apiKeyId?: string | undefined;
|
|
545
|
+
credentialBundle?: string | undefined;
|
|
546
|
+
} | undefined;
|
|
547
|
+
createSubOrganizationResultV7?: {
|
|
548
|
+
subOrganizationId: string;
|
|
549
|
+
wallet?: {
|
|
550
|
+
walletId: string;
|
|
551
|
+
addresses: string[];
|
|
552
|
+
} | undefined;
|
|
553
|
+
rootUserIds?: string[] | undefined;
|
|
554
|
+
} | undefined;
|
|
555
|
+
updateWalletResult?: {
|
|
556
|
+
walletId: string;
|
|
557
|
+
} | undefined;
|
|
558
|
+
updatePolicyResultV2?: {
|
|
559
|
+
policyId: string;
|
|
560
|
+
} | undefined;
|
|
561
|
+
initOtpAuthResultV2?: {
|
|
562
|
+
otpId: string;
|
|
563
|
+
} | undefined;
|
|
441
564
|
}[T]>>;
|
|
442
565
|
/**
|
|
443
566
|
* Turnkey requires the nonce in the id token to be in this format.
|
package/dist/esm/client/base.js
CHANGED
|
@@ -152,6 +152,34 @@ export class BaseSignerClient {
|
|
|
152
152
|
};
|
|
153
153
|
}
|
|
154
154
|
});
|
|
155
|
+
/**
|
|
156
|
+
* Adds an OAuth provider for the authenticated user using the provided parameters. Throws an error if the user is not authenticated.
|
|
157
|
+
*
|
|
158
|
+
* @param {AddOauthProviderParams} params The parameters for adding an OAuth provider, including `providerName` and `oidcToken`.
|
|
159
|
+
* @throws {NotAuthenticatedError} Throws if the user is not authenticated.
|
|
160
|
+
* @returns {Promise<void>} A Promise that resolves when the OAuth provider is added.
|
|
161
|
+
*/
|
|
162
|
+
Object.defineProperty(this, "addOauthProvider", {
|
|
163
|
+
enumerable: true,
|
|
164
|
+
configurable: true,
|
|
165
|
+
writable: true,
|
|
166
|
+
value: async (params) => {
|
|
167
|
+
if (!this.user) {
|
|
168
|
+
throw new NotAuthenticatedError();
|
|
169
|
+
}
|
|
170
|
+
const { providerName, oidcToken } = params;
|
|
171
|
+
const stampedRequest = await this.turnkeyClient.stampCreateOauthProviders({
|
|
172
|
+
type: "ACTIVITY_TYPE_CREATE_OAUTH_PROVIDERS",
|
|
173
|
+
timestampMs: Date.now().toString(),
|
|
174
|
+
organizationId: this.user.orgId,
|
|
175
|
+
parameters: {
|
|
176
|
+
userId: this.user.userId,
|
|
177
|
+
oauthProviders: [{ providerName, oidcToken }],
|
|
178
|
+
},
|
|
179
|
+
});
|
|
180
|
+
await this.request("/v1/add-oauth-provider", { stampedRequest });
|
|
181
|
+
}
|
|
182
|
+
});
|
|
155
183
|
/**
|
|
156
184
|
* Retrieves the current user or fetches the user information if not already available.
|
|
157
185
|
*
|
|
@@ -261,7 +289,7 @@ export class BaseSignerClient {
|
|
|
261
289
|
throw new Error("User must be authenticated to create api key");
|
|
262
290
|
}
|
|
263
291
|
const resp = await this.turnkeyClient.createApiKeys({
|
|
264
|
-
type: "
|
|
292
|
+
type: "ACTIVITY_TYPE_CREATE_API_KEYS_V2",
|
|
265
293
|
timestampMs: new Date().getTime().toString(),
|
|
266
294
|
organizationId: this.user.orgId,
|
|
267
295
|
parameters: {
|
|
@@ -269,6 +297,7 @@ export class BaseSignerClient {
|
|
|
269
297
|
{
|
|
270
298
|
apiKeyName: params.name,
|
|
271
299
|
publicKey: params.publicKey,
|
|
300
|
+
curveType: "API_KEY_CURVE_P256",
|
|
272
301
|
expirationSeconds: params.expirationSec.toString(),
|
|
273
302
|
},
|
|
274
303
|
],
|
|
@@ -775,13 +804,14 @@ export class BaseSignerClient {
|
|
|
775
804
|
return this._user;
|
|
776
805
|
}
|
|
777
806
|
set user(user) {
|
|
778
|
-
|
|
807
|
+
const previousUser = this._user;
|
|
808
|
+
this._user = user;
|
|
809
|
+
if (user && !previousUser) {
|
|
779
810
|
this.eventEmitter.emit("connected", user);
|
|
780
811
|
}
|
|
781
|
-
else if (!user &&
|
|
812
|
+
else if (!user && previousUser) {
|
|
782
813
|
this.eventEmitter.emit("disconnected");
|
|
783
814
|
}
|
|
784
|
-
this._user = user;
|
|
785
815
|
}
|
|
786
816
|
/**
|
|
787
817
|
* Sets the stamper of the TurnkeyClient.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base.js","sourceRoot":"","sources":["../../../src/client/base.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAyB,MAAM,cAAc,CAAC;AAC7E,OAAO,EAAE,aAAa,EAAuB,MAAM,eAAe,CAAC;AACnE,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,MAAM,EAAY,MAAM,MAAM,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,+BAA+B,EAAE,MAAM,aAAa,CAAC;AAE9D,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AA2BzD,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAexC,MAAM,WAAW,GAAG;IAClB,GAAG,EAAE,SAAS;IACd,GAAG,EAAE,SAAS;IACd,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,YAAY;IACpB,IAAI,EAAE,WAAW;CACT,CAAC;AAEX;;GAEG;AACH,MAAM,OAAgB,gBAAgB;IAOpC;;;;OAIG;IACH,YAAY,MAA8B;QAXlC;;;;;WAAwB;QACxB;;;;;WAAmC;QACjC;;;;;WAA6B;QAC7B;;;;;WAAgB;QAChB;;;;;WAAsD;QACtD;;;;;WAAqC;QAiB/C;;;;WAIG;QACI;;;;mBAAY,KAAK,IAA0B,EAAE;gBAClD,IAAI,CAAC,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC/C,OAAO,IAAI,CAAC,WAAW,CAAC;YAC1B,CAAC;WAAC;QA6FF,aAAa;QAEb,yBAAyB;QAEzB;;;;;;WAMG;QACI;;;;mBAAK,CACV,KAAQ,EACR,QAAsC,EACtC,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;gBAE7C,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;YACxE,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAa,KAAK,EAAE,OAAkC,EAAE,EAAE;gBAC/D,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAClE,OAAO,CACR,CAAC;gBAEF,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC;oBACjE,IAAI,EAAE,wCAAwC;oBAC9C,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,UAAU,EAAE;wBACV,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;wBACxB,cAAc,EAAE;4BACd;gCACE,WAAW;gCACX,iBAAiB,EAAE,WAAW,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE;gCACrD,SAAS,EAAE,eAAe,CAAC,SAAS,CAAC;6BACtC;yBACF;qBACF;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAC5D,QAAQ,EACR,IAAI,CAAC,IAAI,CAAC,KAAK,EACf,4BAA4B,CAC7B,CAAC;gBAEF,OAAO,gBAAgB,CAAC;YAC1B,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAmB,KAAK,IAAI,EAAE;gBACnC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,iBAAiB,CAAC;oBACtD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;iBACzB,CAAC,CAAC;gBACH,OAAO;oBACL,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAC9C,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC,UAAU,CAAC,CAC5C;iBACF,CAAC;YACJ,CAAC;WAAC;QAEF;;;;;;;WAOG;QACI;;;;mBAAS,KAAK,EACnB,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,KAAK,EACxB,OAAgB,EACD,EAAE;gBACjB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;oBACd,OAAO,IAAI,CAAC,IAAI,CAAC;gBACnB,CAAC;gBAED,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACvC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC;oBAC7D,cAAc,EAAE,KAAK;iBACtB,CAAC,CAAC;gBAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;oBAC5C,cAAc;iBACf,CAAC,CAAC;gBAEH,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,MAAM,GAA4B,SAAS,CAAC,OAAO,CAAC,CAAC;oBAC3D,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;oBACvB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;oBACrB,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;wBACrC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;oBAC5B,CAAC;gBACH,CAAC;gBAED,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE;oBACzB,IAAI,CAAC;wBACH,OAAO,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,gBAAgB,CAAC;6BACtD,YAAsB,CAAC;oBAC5B,CAAC;oBAAC,OAAO,CAAC,EAAE,CAAC;wBACX,OAAO,SAAS,CAAC;oBACnB,CAAC;gBACH,CAAC,CAAC,EAAE,CAAC;gBAEL,IAAI,CAAC,IAAI,GAAG;oBACV,GAAG,IAAI;oBACP,YAAY;iBACb,CAAC;gBAEF,OAAO,IAAI,CAAC,IAAI,CAAC;YACnB,CAAC;WAAC;QAEF;;;;;;;;WAQG;QACI;;;;mBAAc,KAAK,IAA6B,EAAE;gBACvD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;gBAC1E,CAAC;gBAED,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC;oBAC7C,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;iBAChC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAuB,KAAK,IAA6B,EAAE;gBAChE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CACb,gEAAgE,CACjE,CAAC;gBACJ,CAAC;gBAED,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC;oBACnD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;iBAChC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;WASG;QACI;;;;mBAA4B,KAAK,EACtC,MAAuC,EACxB,EAAE;gBACjB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;gBAClE,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC;oBAClD,IAAI,EAAE,+BAA+B;oBACrC,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;oBAC5C,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,UAAU,EAAE;wBACV,OAAO,EAAE;4BACP;gCACE,UAAU,EAAE,MAAM,CAAC,IAAI;gCACvB,SAAS,EAAE,MAAM,CAAC,SAAS;gCAC3B,iBAAiB,EAAE,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE;6BACnD;yBACF;wBACD,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;qBACzB;iBACF,CAAC,CAAC;gBACH,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,2BAA2B,EAAE,CAAC;oBACzD,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAoB,KAAK,EAAE,KAAa,EAAE,EAAE;gBACjD,OAAO,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/C,CAAC;WAAC;QAEF;;;;;;;;WAQG;QACI;;;;mBAAiB,KAAK,EAC3B,GAAQ,EACR,OAA8B,UAAU,EAC1B,EAAE;gBAChB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAClD,sGAAsG;oBACtG,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;gBAC9D,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EACV,IAAI,KAAK,UAAU;4BACjB,CAAC,CAAC,qBAAqB;4BACvB,CAAC,CAAC,8BAA8B;wBACpC,OAAO,EAAE,GAAG;wBACZ,QAAQ,EACN,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,aAAc;qBACrE;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE;oBAC3D,cAAc;iBACf,CAAC,CAAC;gBAEH,OAAO,SAAS,CAAC;YACnB,CAAC;WAAC;QAEF;;;;WAIG;QACI;;;;mBAAU,GAAgB,EAAE;gBACjC,OAAO,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC;YAC3B,CAAC;WAAC;QAEF;;;;;;;WAOG;QACI;;;;mBAAU,KAAK,EACpB,KAAQ,EACR,IAAmB,EACS,EAAE;gBAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,IAAI,2BAA2B,CAAC;gBAExE,MAAM,QAAQ,GAAG,SAAS,CAAC;gBAE3B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;gBAC9B,OAAO,CAAC,MAAM,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC;gBAClD,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;gBACnD,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC;oBACjC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC5E,CAAC;qBAAM,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,CAAC;oBACrC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,CAAC,CAAC;gBACzE,CAAC;gBAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,GAAG,GAAG,QAAQ,GAAG,KAAK,EAAE,EAAE;oBACxD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;oBAC1B,OAAO;iBACR,CAAC,CAAC;gBAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,MAAM,IAAI,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;gBACzC,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAEnC,OAAO,IAAyB,CAAC;YACnC,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAgB,KAAK,IAEzB,EAAE;gBACH,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,IAAI;wBACzB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC,OAAO,CAAC,6BAA6B,EAAE;oBACjD,cAAc;iBACf,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;WAOG;QACI;;;;mBAAS,KAAK,EAAE,MAAoB,EAAyB,EAAE;gBACpE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,GAAG;wBACxB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,QAAQ,MAAM,CAAC,eAAe,EAAE,CAAC;oBAC/B,KAAK,MAAM;wBACT,OAAO,IAAI,CAAC,OAAO,CAAC,+BAA+B,EAAE;4BACnD,cAAc;4BACd,eAAe,EAAE,MAAM,CAAC,eAAe;yBACxC,CAAC,CAAC;oBACL;wBACE,MAAM,IAAI,KAAK,CACb,gCAAgC,MAAM,CAAC,eAAe,EAAE,CACzD,CAAC;gBACN,CAAC;YACH,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAY,KAAK,EACtB,MAAuB,EACiB,EAAE;gBAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,MAAM;wBAC3B,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC,OAAO,CAAC,8BAA8B,EAAE;oBAClD,cAAc;oBACd,aAAa,EAAE,MAAM,CAAC,aAAa;oBACnC,eAAe,EAAE,MAAM,CAAC,eAAe;iBACxC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAY,KAAK,EACtB,MAAuB,EACiB,EAAE;gBAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,MAAM;wBAC3B,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC,OAAO,CAAC,+BAA+B,EAAE;oBACnD,cAAc;oBACd,cAAc,EAAE,MAAM,CAAC,cAAc;iBACtC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAuB,KAAK,EACjC,MAAkC,EACL,EAAE;gBAC/B,kDAAkD;gBAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,iCAAiC,EAAE;oBACrE,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;oBACzC,YAAY,EAAE,MAAM,CAAC,YAAY;iBAClC,CAAC,CAAC;gBAEH,kGAAkG;gBAClG,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC;oBAC5D,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;gBACJ,CAAC;gBAED,OAAO;oBACL,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,gBAAgB;iBAC1C,CAAC;YACJ,CAAC;WAAC;QAEF,aAAa;QAEb,0BAA0B;QAClB;;;;mBAAqB,KAAK,EAAE,OAA4B,EAAE,EAAE;gBAClE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC;oBACtD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;iBAChC,CAAC,CAAC;gBAEH,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,GAAG,CACtC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC3B,IAAI,CAAC,aAAa,CAAC,iBAAiB,CAAC;oBACnC,cAAc,EAAE,IAAI,CAAC,IAAK,CAAC,KAAK;oBAChC,QAAQ;iBACT,CAAC,CACH,CACF,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAE5C,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,IAAI,CAAC,IAAK,CAAC,OAAO,CACxC,CAAC;gBAEF,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CACb,yCAAyC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAC7D,CAAC;gBACJ,CAAC;gBAED,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC;oBACzD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,6BAA6B;oBACnC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,aAAc,CAAC,QAAQ;wBACjC,eAAe,EAAE,OAAO,CAAC,SAAS,EAAG;qBACtC;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CACxD,QAAQ,EACR,IAAI,CAAC,IAAI,CAAC,KAAK,EACf,oBAAoB,CACrB,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAC;gBAEpE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;gBAC3D,CAAC;gBAED,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEM;;;;mBAAqB,KAAK,EAAE,OAA4B,EAAE,EAAE;gBAClE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAChE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,qCAAqC;oBAC3C,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;wBAC1B,eAAe,EAAE,OAAO,CAAC,SAAS,EAAG;qBACtC;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CACxD,QAAQ,EACR,IAAI,CAAC,IAAI,CAAC,KAAK,EACf,2BAA2B,CAC5B,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;gBAEjE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;gBAC3D,CAAC;gBAED,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAgCG;QACO;;;;mBAAsB,KAAK,EACnC,IAA6B,EACZ,EAAE;gBACnB,MAAM,EACJ,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,WAAW,EACX,eAAe,GAAG,IAAI,GACvB,GAAG,IAAI,CAAC;gBAET,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,KAAK,EAAE,aAAa,EACpB,MAAM,EAAE,cAAc,EACtB,eAAe,EAAE,uBAAuB,EACxC,IAAI,EACJ,WAAW,EACX,iBAAiB,GAClB,GAAG,WAAW,CAAC;gBAEhB,MAAM,EAAE,aAAa,EAAE,UAAU,EAAE,aAAa,EAAE,GAChD,WAAW,IAAI,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAE1D,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,mBAAmB,EAAE,CAAC;gBAClC,CAAC;gBAED,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CACrC,CAAC,QAAQ,EAAE,EAAE,CACX,QAAQ,CAAC,EAAE,KAAK,cAAc;oBAC9B,CAAC,CAAC,QAAQ,CAAC,gBAAgB,KAAK,CAAC,CAAC,gBAAgB,CACrD,CAAC;gBAEF,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,kCAAkC,cAAc,EAAE,CAAC,CAAC;gBACtE,CAAC;gBAED,IAAI,KAAK,GAAuB,aAAa,CAAC;gBAC9C,IAAI,MAAM,GAAuB,cAAc,CAAC;gBAChD,IAAI,eAAe,GACjB,uBAAuB,CAAC;gBAE1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;oBACtB,MAAM,oBAAoB,GACxB,+BAA+B,CAAC,cAAc,CAAC,CAAC;oBAClD,KAAK,KAAL,KAAK,GAAK,oBAAoB,EAAE,KAAK,EAAC;oBACtC,MAAM,KAAN,MAAM,GAAK,oBAAoB,EAAE,MAAM,EAAC;oBACxC,eAAe,KAAf,eAAe,GAAK,oBAAoB,EAAE,eAAe,EAAC;gBAC5D,CAAC;gBACD,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,wCAAwC,cAAc,EAAE,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,YAAY,CAAC;gBAEhD,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC;gBACnD,MAAM,WAAW,GAAe;oBAC9B,cAAc;oBACd,gBAAgB;oBAChB,UAAU;oBACV,gBAAgB;oBAChB,iBAAiB;oBACjB,WAAW,EACT,IAAI,KAAK,UAAU;wBACjB,CAAC,CAAC,eAAe;4BACf,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC;4BACjC,CAAC,CAAC,WAAW;wBACf,CAAC,CAAC,SAAS;oBACf,YAAY,EAAE,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;iBACpE,CAAC;gBACF,MAAM,KAAK,GAAG,eAAe,CAC3B,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CACtD,CAAC;gBACF,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;gBACtC,MAAM,MAAM,GAA2B;oBACrC,YAAY,EAAE,gBAAgB;oBAC9B,aAAa,EAAE,MAAM;oBACrB,KAAK;oBACL,KAAK;oBACL,cAAc,EAAE,aAAa;oBAC7B,qBAAqB,EAAE,MAAM;oBAC7B,MAAM,EAAE,gBAAgB;oBACxB,SAAS,EAAE,QAAQ;oBACnB,KAAK;oBACL,GAAG,eAAe;iBACnB,CAAC;gBACF,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;gBACzB,CAAC;gBACD,IAAI,eAAe,EAAE,CAAC;oBACpB,MAAM,CAAC,UAAU,GAAG,eAAe,CAAC;gBACtC,CAAC;gBAED,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpC,MAAM,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBACrE,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAExD,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,YAAY,EAAE,CAAC;YAC1D,CAAC;WAAC;QAEM;;;;mBAAwB,KAAK,EACnC,IAAe,EACO,EAAE;gBACxB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,OAAO,IAAI,CAAC,WAAW,CAAC;gBAC1B,CAAC;qBAAM,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC/B,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CACb,+HAA+H,CAChI,CAAC;gBACJ,CAAC;YACH,CAAC;WAAC;QAEF,8EAA8E;QACpE;;;;mBAAyB,KAAK,EAKtC,QAEa,EACb,cAAsB,EACtB,SAAY,EAOZ,EAAE;gBACF,IAAI,QAAQ,CAAC,MAAM,KAAK,2BAA2B,EAAE,CAAC;oBACpD,OAAO,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAE,CAAC;gBACrC,CAAC;gBAED,MAAM,EACJ,QAAQ,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GACjC,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC;oBACvC,UAAU,EAAE,QAAQ,CAAC,EAAE;oBACvB,cAAc;iBACf,CAAC,CAAC;gBAEH,IAAI,MAAM,KAAK,2BAA2B,EAAE,CAAC;oBAC3C,OAAO,MAAM,CAAC,SAAS,CAAE,CAAC;gBAC5B,CAAC;gBAED,IACE,MAAM,KAAK,wBAAwB;oBACnC,MAAM,KAAK,0BAA0B;oBACrC,MAAM,KAAK,kCAAkC,EAC7C,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,uCAAuC,EAAE,aAAa,MAAM,GAAG,CAChE,CAAC;gBACJ,CAAC;gBAED,gEAAgE;gBAChE,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;gBAEzD,OAAO,IAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC;YAC1E,CAAC;WAAC;QACF,aAAa;QAEb;;;;;WAKG;QACO;;;;mBAAgB,CAAC,gBAAwB,EAAU,EAAE;gBAC7D,OAAO,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrE,CAAC;WAAC;QA/2BA,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;QAClD,IAAI,CAAC,OAAO,GAAG,SAAS,IAAI,sCAAsC,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,EAA6B,CAAC;QAClE,IAAI,CAAC,gBAAgB,GAAG,sBAAsB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACjE,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CACpC,EAAE,OAAO,EAAE,yBAAyB,EAAE,EACtC,OAAO,CACR,CAAC;IACJ,CAAC;IAYD,IAAc,IAAI;QAChB,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAc,IAAI,CAAC,IAAsB;QACvC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACxB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC/B,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;IAED;;;;OAIG;IACO,UAAU,CAAC,OAAiC;QACpD,IAAI,CAAC,aAAa,CAAC,OAAO,GAAG,OAAO,CAAC;IACvC,CAAC;IAED;;;;;;;OAOG;IACO,iBAAiB,CAAC,MAG3B;QACC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;QAC5B,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,aAAa;gBAChB,OAAO,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACvD,KAAK,aAAa;gBAChB,OAAO,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACvD;gBACE,WAAW,CAAC,QAAQ,EAAE,wBAAwB,QAAQ,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;CAgzBF","sourcesContent":["import { ConnectionConfigSchema, type ConnectionConfig } from \"@aa-sdk/core\";\nimport { TurnkeyClient, type TSignedRequest } from \"@turnkey/http\";\nimport EventEmitter from \"eventemitter3\";\nimport { jwtDecode } from \"jwt-decode\";\nimport { sha256, type Hex } from \"viem\";\nimport { NotAuthenticatedError, OAuthProvidersError } from \"../errors.js\";\nimport { getDefaultProviderCustomization } from \"../oauth.js\";\nimport type { OauthMode } from \"../signer.js\";\nimport { base64UrlEncode } from \"../utils/base64UrlEncode.js\";\nimport { resolveRelativeUrl } from \"../utils/resolveRelativeUrl.js\";\nimport { assertNever } from \"../utils/typeAssertions.js\";\nimport type {\n AlchemySignerClientEvent,\n AlchemySignerClientEvents,\n AuthenticatingEventMetadata,\n CreateAccountParams,\n RemoveMfaParams,\n EmailAuthParams,\n AddMfaParams,\n AddMfaResult,\n experimental_CreateApiKeyParams,\n GetOauthProviderUrlArgs,\n GetWebAuthnAttestationResult,\n MfaFactor,\n OauthConfig,\n OauthParams,\n OauthState,\n OtpParams,\n SignerBody,\n SignerResponse,\n SignerRoutes,\n SignupResponse,\n User,\n VerifyMfaParams,\n SubmitOtpCodeResponse,\n ValidateMultiFactorsParams,\n} from \"./types.js\";\nimport { VERSION } from \"../version.js\";\n\nexport interface BaseSignerClientParams {\n stamper: TurnkeyClient[\"stamper\"];\n connection: ConnectionConfig;\n rootOrgId?: string;\n rpId?: string;\n}\n\nexport type ExportWalletStamper = TurnkeyClient[\"stamper\"] & {\n injectWalletExportBundle(bundle: string): Promise<boolean>;\n injectKeyExportBundle(bundle: string): Promise<boolean>;\n publicKey(): string | null;\n};\n\nconst MFA_PAYLOAD = {\n GET: \"get_mfa\",\n ADD: \"add_mfa\",\n DELETE: \"delete_mfas\",\n VERIFY: \"verify_mfa\",\n LIST: \"list_mfas\",\n} as const;\n\n/**\n * Base class for all Alchemy Signer clients\n */\nexport abstract class BaseSignerClient<TExportWalletParams = unknown> {\n private _user: User | undefined;\n private connectionConfig: ConnectionConfig;\n protected turnkeyClient: TurnkeyClient;\n protected rootOrg: string;\n protected eventEmitter: EventEmitter<AlchemySignerClientEvents>;\n protected oauthConfig: OauthConfig | undefined;\n /**\n * Create a new instance of the Alchemy Signer client\n *\n * @param {BaseSignerClientParams} params the parameters required to create the client\n */\n constructor(params: BaseSignerClientParams) {\n const { stamper, connection, rootOrgId } = params;\n this.rootOrg = rootOrgId ?? \"24c1acf5-810f-41e0-a503-d5d13fa8e830\";\n this.eventEmitter = new EventEmitter<AlchemySignerClientEvents>();\n this.connectionConfig = ConnectionConfigSchema.parse(connection);\n this.turnkeyClient = new TurnkeyClient(\n { baseUrl: \"https://api.turnkey.com\" },\n stamper\n );\n }\n\n /**\n * Asynchronously fetches and sets the OAuth configuration.\n *\n * @returns {Promise<OauthConfig>} A promise that resolves to the OAuth configuration\n */\n public initOauth = async (): Promise<OauthConfig> => {\n this.oauthConfig = await this.getOauthConfig();\n return this.oauthConfig;\n };\n\n protected get user() {\n return this._user;\n }\n\n protected set user(user: User | undefined) {\n if (user && !this._user) {\n this.eventEmitter.emit(\"connected\", user);\n } else if (!user && this._user) {\n this.eventEmitter.emit(\"disconnected\");\n }\n\n this._user = user;\n }\n\n /**\n * Sets the stamper of the TurnkeyClient.\n *\n * @param {TurnkeyClient[\"stamper\"]} stamper the stamper function to set for the TurnkeyClient\n */\n protected setStamper(stamper: TurnkeyClient[\"stamper\"]) {\n this.turnkeyClient.stamper = stamper;\n }\n\n /**\n * Exports wallet credentials based on the specified type, either as a SEED_PHRASE or PRIVATE_KEY.\n *\n * @param {object} params The parameters for exporting the wallet\n * @param {ExportWalletStamper} params.exportStamper The stamper used for exporting the wallet\n * @param {\"SEED_PHRASE\" | \"PRIVATE_KEY\"} params.exportAs Specifies the format for exporting the wallet, either as a SEED_PHRASE or PRIVATE_KEY\n * @returns {Promise<boolean>} A promise that resolves to true if the export is successful\n */\n protected exportWalletInner(params: {\n exportStamper: ExportWalletStamper;\n exportAs: \"SEED_PHRASE\" | \"PRIVATE_KEY\";\n }): Promise<boolean> {\n const { exportAs } = params;\n switch (exportAs) {\n case \"PRIVATE_KEY\":\n return this.exportAsPrivateKey(params.exportStamper);\n case \"SEED_PHRASE\":\n return this.exportAsSeedPhrase(params.exportStamper);\n default:\n assertNever(exportAs, `Unknown export mode: ${exportAs}`);\n }\n }\n\n // #region ABSTRACT METHODS\n\n public abstract createAccount(\n params: CreateAccountParams\n ): Promise<SignupResponse>;\n\n public abstract initEmailAuth(\n params: Omit<EmailAuthParams, \"targetPublicKey\">\n ): Promise<{ orgId: string; otpId?: string; multiFactors?: MfaFactor[] }>;\n\n public abstract completeAuthWithBundle(params: {\n bundle: string;\n orgId: string;\n connectedEventName: keyof AlchemySignerClientEvents;\n authenticatingType: AuthenticatingEventMetadata[\"type\"];\n idToken?: string;\n }): Promise<User>;\n\n public abstract oauthWithRedirect(\n args: Extract<OauthParams, { mode: \"redirect\" }>\n ): Promise<User | never>;\n\n public abstract oauthWithPopup(\n args: Extract<OauthParams, { mode: \"popup\" }>\n ): Promise<User>;\n\n public abstract submitOtpCode(\n args: Omit<OtpParams, \"targetPublicKey\">\n ): Promise<SubmitOtpCodeResponse>;\n\n public abstract disconnect(): Promise<void>;\n\n public abstract exportWallet(params: TExportWalletParams): Promise<boolean>;\n\n public abstract lookupUserWithPasskey(user?: User): Promise<User>;\n\n public abstract targetPublicKey(): Promise<string>;\n\n protected abstract getOauthConfig(): Promise<OauthConfig>;\n\n protected abstract getWebAuthnAttestation(\n options: CredentialCreationOptions,\n userDetails?: { username: string }\n ): Promise<GetWebAuthnAttestationResult>;\n\n // #endregion\n\n // #region PUBLIC METHODS\n\n /**\n * Listen to events emitted by the client\n *\n * @param {AlchemySignerClientEvent} event the event you want to listen to\n * @param {AlchemySignerClientEvents[AlchemySignerClientEvent]} listener the callback function to execute when an event is fired\n * @returns {() => void} a function that will remove the listener when called\n */\n public on = <E extends AlchemySignerClientEvent>(\n event: E,\n listener: AlchemySignerClientEvents[E]\n ) => {\n this.eventEmitter.on(event, listener as any);\n\n return () => this.eventEmitter.removeListener(event, listener as any);\n };\n\n /**\n * Handles the creation of authenticators using WebAuthn attestation and the provided options. Requires the user to be authenticated.\n *\n * @param {CredentialCreationOptions} options The options used to create the WebAuthn attestation\n * @returns {Promise<string[]>} A promise that resolves to an array of authenticator IDs\n * @throws {NotAuthenticatedError} If the user is not authenticated\n */\n public addPasskey = async (options: CredentialCreationOptions) => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n const { attestation, challenge } = await this.getWebAuthnAttestation(\n options\n );\n\n const { activity } = await this.turnkeyClient.createAuthenticators({\n type: \"ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2\",\n timestampMs: Date.now().toString(),\n organizationId: this.user.orgId,\n parameters: {\n userId: this.user.userId,\n authenticators: [\n {\n attestation,\n authenticatorName: `passkey-${Date.now().toString()}`,\n challenge: base64UrlEncode(challenge),\n },\n ],\n },\n });\n\n const { authenticatorIds } = await this.pollActivityCompletion(\n activity,\n this.user.orgId,\n \"createAuthenticatorsResult\"\n );\n\n return authenticatorIds;\n };\n\n /**\n * Retrieves the status of the passkey for the current user. Requires the user to be authenticated.\n *\n * @returns {Promise<{ isPasskeyAdded: boolean }>} A promise that resolves to an object containing the passkey status\n * @throws {NotAuthenticatedError} If the user is not authenticated\n */\n public getPasskeyStatus = async () => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n const resp = await this.turnkeyClient.getAuthenticators({\n organizationId: this.user.orgId,\n userId: this.user.userId,\n });\n return {\n isPasskeyAdded: resp.authenticators.some((it) =>\n it.authenticatorName.startsWith(\"passkey-\")\n ),\n };\n };\n\n /**\n * Retrieves the current user or fetches the user information if not already available.\n *\n * @param {string} [orgId] optional organization ID, defaults to the user's organization ID\n * @param {string} idToken an OIDC ID token containing additional user information\n * @returns {Promise<User>} A promise that resolves to the user object\n * @throws {Error} if no organization ID is provided when there is no current user\n */\n public whoami = async (\n orgId = this.user?.orgId,\n idToken?: string\n ): Promise<User> => {\n if (this.user) {\n return this.user;\n }\n\n if (!orgId) {\n throw new Error(\"No orgId provided\");\n }\n\n const stampedRequest = await this.turnkeyClient.stampGetWhoami({\n organizationId: orgId,\n });\n\n const user = await this.request(\"/v1/whoami\", {\n stampedRequest,\n });\n\n if (idToken) {\n const claims: Record<string, unknown> = jwtDecode(idToken);\n user.idToken = idToken;\n user.claims = claims;\n if (typeof claims.email === \"string\") {\n user.email = claims.email;\n }\n }\n\n const credentialId = (() => {\n try {\n return JSON.parse(stampedRequest?.stamp.stampHeaderValue)\n .credentialId as string;\n } catch (e) {\n return undefined;\n }\n })();\n\n this.user = {\n ...user,\n credentialId,\n };\n\n return this.user;\n };\n\n /**\n * Generates a stamped whoami request for the current user. This request can then be used to call /signer/v1/whoami to get the user information.\n * This is useful if you want to get the user information in a different context like a server. You can pass the stamped request to the server\n * and then call our API to get the user information. Using this stamp is the most trusted way to get the user information since a stamp can only\n * belong to the user who created it.\n *\n * @returns {Promise<TSignedRequest>} a promise that resolves to the \"whoami\" information for the logged in user\n * @throws {Error} if no organization ID is provided\n */\n public stampWhoami = async (): Promise<TSignedRequest> => {\n if (!this.user) {\n throw new Error(\"User must be authenticated to stamp a whoami request\");\n }\n\n return await this.turnkeyClient.stampGetWhoami({\n organizationId: this.user.orgId,\n });\n };\n\n /**\n * Generates a stamped getOrganization request for the current user.\n *\n * @returns {Promise<TSignedRequest>} a promise that resolves to the \"getOrganization\" information for the logged in user\n * @throws {Error} if no user is authenticated\n */\n public stampGetOrganization = async (): Promise<TSignedRequest> => {\n if (!this.user) {\n throw new Error(\n \"User must be authenticated to stamp a get organization request\"\n );\n }\n\n return await this.turnkeyClient.stampGetOrganization({\n organizationId: this.user.orgId,\n });\n };\n\n /**\n * Creates an API key that can take any action on behalf of the current user.\n * (Note that this method is currently experimental and is subject to change.)\n *\n * @param {CreateApiKeyParams} params Parameters for creating the API key.\n * @param {string} params.name Name of the API key.\n * @param {string} params.publicKey Public key to be used for the API key.\n * @param {number} params.expirationSec Number of seconds until the API key expires.\n * @throws {Error} If there is no authenticated user or the API key creation fails.\n */\n public experimental_createApiKey = async (\n params: experimental_CreateApiKeyParams\n ): Promise<void> => {\n if (!this.user) {\n throw new Error(\"User must be authenticated to create api key\");\n }\n const resp = await this.turnkeyClient.createApiKeys({\n type: \"ACTIVITY_TYPE_CREATE_API_KEYS\",\n timestampMs: new Date().getTime().toString(),\n organizationId: this.user.orgId,\n parameters: {\n apiKeys: [\n {\n apiKeyName: params.name,\n publicKey: params.publicKey,\n expirationSeconds: params.expirationSec.toString(),\n },\n ],\n userId: this.user.userId,\n },\n });\n if (resp.activity.status !== \"ACTIVITY_STATUS_COMPLETED\") {\n throw new Error(\"Failed to create api key\");\n }\n };\n\n /**\n * Looks up information based on an email address.\n *\n * @param {string} email the email address to look up\n * @returns {Promise<any>} the result of the lookup request\n */\n public lookupUserByEmail = async (email: string) => {\n return this.request(\"/v1/lookup\", { email });\n };\n\n /**\n * This will sign a message with the user's private key, without doing any transformations on the message.\n * For SignMessage or SignTypedData, the caller should hash the message before calling this method and pass\n * that result here.\n *\n * @param {Hex} msg the hex representation of the bytes to sign\n * @param {string} mode specify if signing should happen for solana or ethereum\n * @returns {Promise<Hex>} the signature over the raw hex\n */\n public signRawMessage = async (\n msg: Hex,\n mode: \"SOLANA\" | \"ETHEREUM\" = \"ETHEREUM\"\n ): Promise<Hex> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n if (!this.user.solanaAddress && mode === \"SOLANA\") {\n // TODO: we need to add backwards compatibility for users who signed up before we added Solana support\n throw new Error(\"No Solana address available for the user\");\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction:\n mode === \"ETHEREUM\"\n ? \"HASH_FUNCTION_NO_OP\"\n : \"HASH_FUNCTION_NOT_APPLICABLE\",\n payload: msg,\n signWith:\n mode === \"ETHEREUM\" ? this.user.address : this.user.solanaAddress!,\n },\n });\n\n const { signature } = await this.request(\"/v1/sign-payload\", {\n stampedRequest,\n });\n\n return signature;\n };\n\n /**\n * Returns the current user or null if no user is set.\n *\n * @returns {User | null} the current user object or null if no user is available\n */\n public getUser = (): User | null => {\n return this.user ?? null;\n };\n\n /**\n * Sends a POST request to the given signer route with the specified body and returns the response.\n * Not intended to be used directly, use the specific methods instead on the client instead.\n *\n * @param {SignerRoutes} route The route to which the request should be sent\n * @param {SignerBody<R>} body The request body containing the data to be sent\n * @returns {Promise<SignerResponse<R>>} A promise that resolves to the response from the signer\n */\n public request = async <R extends SignerRoutes>(\n route: R,\n body: SignerBody<R>\n ): Promise<SignerResponse<R>> => {\n const url = this.connectionConfig.rpcUrl ?? \"https://api.g.alchemy.com\";\n\n const basePath = \"/signer\";\n\n const headers = new Headers();\n headers.append(\"Alchemy-AA-Sdk-Version\", VERSION);\n headers.append(\"Content-Type\", \"application/json\");\n if (this.connectionConfig.apiKey) {\n headers.append(\"Authorization\", `Bearer ${this.connectionConfig.apiKey}`);\n } else if (this.connectionConfig.jwt) {\n headers.append(\"Authorization\", `Bearer ${this.connectionConfig.jwt}`);\n }\n\n const response = await fetch(`${url}${basePath}${route}`, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers,\n });\n\n if (!response.ok) {\n throw new Error(await response.text());\n }\n\n const json = await response.json();\n\n return json as SignerResponse<R>;\n };\n\n /**\n * Retrieves the list of MFA factors configured for the current user.\n *\n * @returns {Promise<{ multiFactors: MfaFactor[] }>} A promise that resolves to an array of configured MFA factors\n * @throws {NotAuthenticatedError} If no user is authenticated\n */\n public getMfaFactors = async (): Promise<{\n multiFactors: MfaFactor[];\n }> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.LIST,\n signWith: this.user.address,\n },\n });\n\n return this.request(\"/v1/auth-list-multi-factors\", {\n stampedRequest,\n });\n };\n\n /**\n * Initiates the setup of a new MFA factor for the current user. Mfa will need to be verified before it is active.\n *\n * @param {AddMfaParams} params The parameters required to enable a new MFA factor\n * @returns {Promise<AddMfaResult>} A promise that resolves to the factor setup information\n * @throws {NotAuthenticatedError} If no user is authenticated\n * @throws {Error} If an unsupported factor type is provided\n */\n public addMfa = async (params: AddMfaParams): Promise<AddMfaResult> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.ADD,\n signWith: this.user.address,\n },\n });\n\n switch (params.multiFactorType) {\n case \"totp\":\n return this.request(\"/v1/auth-request-multi-factor\", {\n stampedRequest,\n multiFactorType: params.multiFactorType,\n });\n default:\n throw new Error(\n `Unsupported MFA factor type: ${params.multiFactorType}`\n );\n }\n };\n\n /**\n * Verifies a newly created MFA factor to complete the setup process.\n *\n * @param {VerifyMfaParams} params The parameters required to verify the MFA factor\n * @returns {Promise<{ multiFactors: MfaFactor[] }>} A promise that resolves to the updated list of MFA factors\n * @throws {NotAuthenticatedError} If no user is authenticated\n */\n public verifyMfa = async (\n params: VerifyMfaParams\n ): Promise<{ multiFactors: MfaFactor[] }> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.VERIFY,\n signWith: this.user.address,\n },\n });\n\n return this.request(\"/v1/auth-verify-multi-factor\", {\n stampedRequest,\n multiFactorId: params.multiFactorId,\n multiFactorCode: params.multiFactorCode,\n });\n };\n\n /**\n * Removes existing MFA factors by ID.\n *\n * @param {RemoveMfaParams} params The parameters specifying which factors to disable\n * @returns {Promise<{ multiFactors: MfaFactor[] }>} A promise that resolves to the updated list of MFA factors\n * @throws {NotAuthenticatedError} If no user is authenticated\n */\n public removeMfa = async (\n params: RemoveMfaParams\n ): Promise<{ multiFactors: MfaFactor[] }> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.DELETE,\n signWith: this.user.address,\n },\n });\n\n return this.request(\"/v1/auth-delete-multi-factors\", {\n stampedRequest,\n multiFactorIds: params.multiFactorIds,\n });\n };\n\n /**\n * Validates multiple MFA factors using the provided encrypted payload and MFA codes.\n *\n * @param {ValidateMultiFactorsParams} params The validation parameters\n * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle\n * @throws {Error} If no credential bundle is returned from the server\n */\n public validateMultiFactors = async (\n params: ValidateMultiFactorsParams\n ): Promise<{ bundle: string }> => {\n // Send the encryptedPayload plus TOTP codes, etc:\n const response = await this.request(\"/v1/auth-validate-multi-factors\", {\n encryptedPayload: params.encryptedPayload,\n multiFactors: params.multiFactors,\n });\n\n // The server is expected to return the *decrypted* payload in `response.payload.credentialBundle`\n if (!response.payload || !response.payload.credentialBundle) {\n throw new Error(\n \"Request to validateMultiFactors did not return a credential bundle\"\n );\n }\n\n return {\n bundle: response.payload.credentialBundle,\n };\n };\n\n // #endregion\n\n // #region PRIVATE METHODS\n private exportAsSeedPhrase = async (stamper: ExportWalletStamper) => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const { wallets } = await this.turnkeyClient.getWallets({\n organizationId: this.user.orgId,\n });\n\n const walletAccounts = await Promise.all(\n wallets.map(({ walletId }) =>\n this.turnkeyClient.getWalletAccounts({\n organizationId: this.user!.orgId,\n walletId,\n })\n )\n ).then((x) => x.flatMap((x) => x.accounts));\n\n const walletAccount = walletAccounts.find(\n (x) => x.address === this.user!.address\n );\n\n if (!walletAccount) {\n throw new Error(\n `Could not find wallet associated with ${this.user.address}`\n );\n }\n\n const { activity } = await this.turnkeyClient.exportWallet({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_EXPORT_WALLET\",\n timestampMs: Date.now().toString(),\n parameters: {\n walletId: walletAccount!.walletId,\n targetPublicKey: stamper.publicKey()!,\n },\n });\n\n const { exportBundle } = await this.pollActivityCompletion(\n activity,\n this.user.orgId,\n \"exportWalletResult\"\n );\n\n const result = await stamper.injectWalletExportBundle(exportBundle);\n\n if (!result) {\n throw new Error(\"Failed to inject wallet export bundle\");\n }\n\n return result;\n };\n\n private exportAsPrivateKey = async (stamper: ExportWalletStamper) => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const { activity } = await this.turnkeyClient.exportWalletAccount({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_EXPORT_WALLET_ACCOUNT\",\n timestampMs: Date.now().toString(),\n parameters: {\n address: this.user.address,\n targetPublicKey: stamper.publicKey()!,\n },\n });\n\n const { exportBundle } = await this.pollActivityCompletion(\n activity,\n this.user.orgId,\n \"exportWalletAccountResult\"\n );\n\n const result = await stamper.injectKeyExportBundle(exportBundle);\n\n if (!result) {\n throw new Error(\"Failed to inject wallet export bundle\");\n }\n\n return result;\n };\n\n /**\n * Returns the authentication url for the selected OAuth Proivder\n *\n * @example\n * ```ts\n *\n * cosnt oauthParams = {\n * authProviderId: \"google\",\n * isCustomProvider: false,\n * auth0Connection: undefined,\n * scope: undefined,\n * claims: undefined,\n * mode: \"redirect\",\n * redirectUrl: \"https://your-url-path/oauth-return\",\n * expirationSeconds: 3000\n * };\n *\n * const turnkeyPublicKey = await this.initIframeStamper();\n * const oauthCallbackUrl = this.oauthCallbackUrl;\n * const oauthConfig = this.getOauthConfig() // Optional value for OauthConfig()\n * const usesRelativeUrl = true // Optional value to determine if we use a relative (or absolute) url for the `redirect_url`\n *\n * const oauthProviderUrl = getOauthProviderUrl({\n * oauthParams,\n * turnkeyPublicKey,\n * oauthCallbackUrl\n * })\n *\n * ```\n * @param {GetOauthProviderUrlArgs} args Required. The Oauth provider's auth parameters\n *\n * @returns {Promise<string>} returns the Oauth provider's url\n */\n protected getOauthProviderUrl = async (\n args: GetOauthProviderUrlArgs\n ): Promise<string> => {\n const {\n oauthParams,\n turnkeyPublicKey,\n oauthCallbackUrl,\n oauthConfig,\n usesRelativeUrl = true,\n } = args;\n\n const {\n authProviderId,\n isCustomProvider,\n auth0Connection,\n scope: providedScope,\n claims: providedClaims,\n otherParameters: providedOtherParameters,\n mode,\n redirectUrl,\n expirationSeconds,\n } = oauthParams;\n\n const { codeChallenge, requestKey, authProviders } =\n oauthConfig ?? (await this.getOauthConfigForMode(mode));\n\n if (!authProviders) {\n throw new OAuthProvidersError();\n }\n\n const authProvider = authProviders.find(\n (provider) =>\n provider.id === authProviderId &&\n !!provider.isCustomProvider === !!isCustomProvider\n );\n\n if (!authProvider) {\n throw new Error(`No auth provider found with id ${authProviderId}`);\n }\n\n let scope: string | undefined = providedScope;\n let claims: string | undefined = providedClaims;\n let otherParameters: Record<string, string> | undefined =\n providedOtherParameters;\n\n if (!isCustomProvider) {\n const defaultCustomization =\n getDefaultProviderCustomization(authProviderId);\n scope ??= defaultCustomization?.scope;\n claims ??= defaultCustomization?.claims;\n otherParameters ??= defaultCustomization?.otherParameters;\n }\n if (!scope) {\n throw new Error(`Default scope not known for provider ${authProviderId}`);\n }\n const { authEndpoint, clientId } = authProvider;\n\n const nonce = this.getOauthNonce(turnkeyPublicKey);\n const stateObject: OauthState = {\n authProviderId,\n isCustomProvider,\n requestKey,\n turnkeyPublicKey,\n expirationSeconds,\n redirectUrl:\n mode === \"redirect\"\n ? usesRelativeUrl\n ? resolveRelativeUrl(redirectUrl)\n : redirectUrl\n : undefined,\n openerOrigin: mode === \"popup\" ? window.location.origin : undefined,\n };\n const state = base64UrlEncode(\n new TextEncoder().encode(JSON.stringify(stateObject))\n );\n const authUrl = new URL(authEndpoint);\n const params: Record<string, string> = {\n redirect_uri: oauthCallbackUrl,\n response_type: \"code\",\n scope,\n state,\n code_challenge: codeChallenge,\n code_challenge_method: \"S256\",\n prompt: \"select_account\",\n client_id: clientId,\n nonce,\n ...otherParameters,\n };\n if (claims) {\n params.claims = claims;\n }\n if (auth0Connection) {\n params.connection = auth0Connection;\n }\n\n Object.keys(params).forEach((param) => {\n params[param] && authUrl.searchParams.append(param, params[param]);\n });\n\n const [urlPath, searchParams] = authUrl.href.split(\"?\");\n\n return `${urlPath?.replace(/\\/$/, \"\")}?${searchParams}`;\n };\n\n private getOauthConfigForMode = async (\n mode: OauthMode\n ): Promise<OauthConfig> => {\n if (this.oauthConfig) {\n return this.oauthConfig;\n } else if (mode === \"redirect\") {\n return this.initOauth();\n } else {\n throw new Error(\n \"enablePopupOauth must be set in configuration or signer.preparePopupOauth must be called before using popup-based OAuth login\"\n );\n }\n };\n\n // eslint-disable-next-line eslint-rules/require-jsdoc-on-reexported-functions\n protected pollActivityCompletion = async <\n T extends keyof Awaited<\n ReturnType<(typeof this.turnkeyClient)[\"getActivity\"]>\n >[\"activity\"][\"result\"]\n >(\n activity: Awaited<\n ReturnType<(typeof this.turnkeyClient)[\"getActivity\"]>\n >[\"activity\"],\n organizationId: string,\n resultKey: T\n ): Promise<\n NonNullable<\n Awaited<\n ReturnType<(typeof this.turnkeyClient)[\"getActivity\"]>\n >[\"activity\"][\"result\"][T]\n >\n > => {\n if (activity.status === \"ACTIVITY_STATUS_COMPLETED\") {\n return activity.result[resultKey]!;\n }\n\n const {\n activity: { status, id, result },\n } = await this.turnkeyClient.getActivity({\n activityId: activity.id,\n organizationId,\n });\n\n if (status === \"ACTIVITY_STATUS_COMPLETED\") {\n return result[resultKey]!;\n }\n\n if (\n status === \"ACTIVITY_STATUS_FAILED\" ||\n status === \"ACTIVITY_STATUS_REJECTED\" ||\n status === \"ACTIVITY_STATUS_CONSENSUS_NEEDED\"\n ) {\n throw new Error(\n `Failed to get activity with with id ${id} (status: ${status})`\n );\n }\n\n // TODO: add ability to configure this + add exponential backoff\n await new Promise((resolve) => setTimeout(resolve, 500));\n\n return this.pollActivityCompletion(activity, organizationId, resultKey);\n };\n // #endregion\n\n /**\n * Turnkey requires the nonce in the id token to be in this format.\n *\n * @param {string} turnkeyPublicKey key from a Turnkey iframe\n * @returns {string} nonce to be used in OIDC\n */\n protected getOauthNonce = (turnkeyPublicKey: string): string => {\n return sha256(new TextEncoder().encode(turnkeyPublicKey)).slice(2);\n };\n}\n"]}
|
|
1
|
+
{"version":3,"file":"base.js","sourceRoot":"","sources":["../../../src/client/base.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAyB,MAAM,cAAc,CAAC;AAC7E,OAAO,EAAE,aAAa,EAAuB,MAAM,eAAe,CAAC;AACnE,OAAO,YAAY,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,MAAM,EAAY,MAAM,MAAM,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,+BAA+B,EAAE,MAAM,aAAa,CAAC;AAE9D,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AA6BzD,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAexC,MAAM,WAAW,GAAG;IAClB,GAAG,EAAE,SAAS;IACd,GAAG,EAAE,SAAS;IACd,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,YAAY;IACpB,IAAI,EAAE,WAAW;CACT,CAAC;AAEX;;GAEG;AACH,MAAM,OAAgB,gBAAgB;IAOpC;;;;OAIG;IACH,YAAY,MAA8B;QAXlC;;;;;WAAwB;QACxB;;;;;WAAmC;QACjC;;;;;WAA6B;QAC7B;;;;;WAAgB;QAChB;;;;;WAAsD;QACtD;;;;;WAAqC;QAiB/C;;;;WAIG;QACI;;;;mBAAY,KAAK,IAA0B,EAAE;gBAClD,IAAI,CAAC,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC/C,OAAO,IAAI,CAAC,WAAW,CAAC;YAC1B,CAAC;WAAC;QA6FF,aAAa;QAEb,yBAAyB;QAEzB;;;;;;WAMG;QACI;;;;mBAAK,CACV,KAAQ,EACR,QAAsC,EACtC,EAAE;gBACF,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;gBAE7C,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,KAAK,EAAE,QAAe,CAAC,CAAC;YACxE,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAa,KAAK,EAAE,OAAkC,EAAE,EAAE;gBAC/D,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAClE,OAAO,CACR,CAAC;gBAEF,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC;oBACjE,IAAI,EAAE,wCAAwC;oBAC9C,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,UAAU,EAAE;wBACV,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;wBACxB,cAAc,EAAE;4BACd;gCACE,WAAW;gCACX,iBAAiB,EAAE,WAAW,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,EAAE;gCACrD,SAAS,EAAE,eAAe,CAAC,SAAS,CAAC;6BACtC;yBACF;qBACF;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAC5D,QAAQ,EACR,IAAI,CAAC,IAAI,CAAC,KAAK,EACf,4BAA4B,CAC7B,CAAC;gBAEF,OAAO,gBAAgB,CAAC;YAC1B,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAmB,KAAK,IAAI,EAAE;gBACnC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,iBAAiB,CAAC;oBACtD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;iBACzB,CAAC,CAAC;gBACH,OAAO;oBACL,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAC9C,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC,UAAU,CAAC,CAC5C;iBACF,CAAC;YACJ,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAmB,KAAK,EAC7B,MAA8B,EACf,EAAE;gBACjB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBACD,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;gBAC3C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,yBAAyB,CAAC;oBACxE,IAAI,EAAE,sCAAsC;oBAC5C,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,UAAU,EAAE;wBACV,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;wBACxB,cAAc,EAAE,CAAC,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;qBAC9C;iBACF,CAAC,CAAC;gBACH,MAAM,IAAI,CAAC,OAAO,CAAC,wBAAwB,EAAE,EAAE,cAAc,EAAE,CAAC,CAAC;YACnE,CAAC;WAAC;QAEF;;;;;;;WAOG;QACI;;;;mBAAS,KAAK,EACnB,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,KAAK,EACxB,OAAgB,EACD,EAAE;gBACjB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;oBACd,OAAO,IAAI,CAAC,IAAI,CAAC;gBACnB,CAAC;gBAED,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;gBACvC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC;oBAC7D,cAAc,EAAE,KAAK;iBACtB,CAAC,CAAC;gBAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE;oBAC5C,cAAc;iBACf,CAAC,CAAC;gBAEH,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,MAAM,GAA4B,SAAS,CAAC,OAAO,CAAC,CAAC;oBAC3D,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;oBACvB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;oBACrB,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;wBACrC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;oBAC5B,CAAC;gBACH,CAAC;gBAED,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE;oBACzB,IAAI,CAAC;wBACH,OAAO,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,gBAAgB,CAAC;6BACtD,YAAsB,CAAC;oBAC5B,CAAC;oBAAC,OAAO,CAAC,EAAE,CAAC;wBACX,OAAO,SAAS,CAAC;oBACnB,CAAC;gBACH,CAAC,CAAC,EAAE,CAAC;gBAEL,IAAI,CAAC,IAAI,GAAG;oBACV,GAAG,IAAI;oBACP,YAAY;iBACb,CAAC;gBAEF,OAAO,IAAI,CAAC,IAAI,CAAC;YACnB,CAAC;WAAC;QAEF;;;;;;;;WAQG;QACI;;;;mBAAc,KAAK,IAA6B,EAAE;gBACvD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;gBAC1E,CAAC;gBAED,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC;oBAC7C,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;iBAChC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAuB,KAAK,IAA6B,EAAE;gBAChE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CACb,gEAAgE,CACjE,CAAC;gBACJ,CAAC;gBAED,OAAO,MAAM,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC;oBACnD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;iBAChC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;;;WASG;QACI;;;;mBAA4B,KAAK,EACtC,MAAuC,EACxB,EAAE;gBACjB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;gBAClE,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC;oBAClD,IAAI,EAAE,kCAAkC;oBACxC,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;oBAC5C,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,UAAU,EAAE;wBACV,OAAO,EAAE;4BACP;gCACE,UAAU,EAAE,MAAM,CAAC,IAAI;gCACvB,SAAS,EAAE,MAAM,CAAC,SAAS;gCAC3B,SAAS,EAAE,oBAAoB;gCAC/B,iBAAiB,EAAE,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE;6BACnD;yBACF;wBACD,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;qBACzB;iBACF,CAAC,CAAC;gBACH,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,2BAA2B,EAAE,CAAC;oBACzD,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAoB,KAAK,EAAE,KAAa,EAAE,EAAE;gBACjD,OAAO,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/C,CAAC;WAAC;QAEF;;;;;;;;WAQG;QACI;;;;mBAAiB,KAAK,EAC3B,GAAQ,EACR,OAA8B,UAAU,EAC1B,EAAE;gBAChB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAClD,sGAAsG;oBACtG,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;gBAC9D,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EACV,IAAI,KAAK,UAAU;4BACjB,CAAC,CAAC,qBAAqB;4BACvB,CAAC,CAAC,8BAA8B;wBACpC,OAAO,EAAE,GAAG;wBACZ,QAAQ,EACN,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,aAAc;qBACrE;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE;oBAC3D,cAAc;iBACf,CAAC,CAAC;gBAEH,OAAO,SAAS,CAAC;YACnB,CAAC;WAAC;QAEF;;;;WAIG;QACI;;;;mBAAU,GAAgB,EAAE;gBACjC,OAAO,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC;YAC3B,CAAC;WAAC;QAEF;;;;;;;WAOG;QACI;;;;mBAAU,KAAK,EACpB,KAAQ,EACR,IAAmB,EACS,EAAE;gBAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,IAAI,2BAA2B,CAAC;gBAExE,MAAM,QAAQ,GAAG,SAAS,CAAC;gBAE3B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;gBAC9B,OAAO,CAAC,MAAM,CAAC,wBAAwB,EAAE,OAAO,CAAC,CAAC;gBAClD,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;gBACnD,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC;oBACjC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC5E,CAAC;qBAAM,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,CAAC;oBACrC,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,CAAC,CAAC;gBACzE,CAAC;gBAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,GAAG,GAAG,QAAQ,GAAG,KAAK,EAAE,EAAE;oBACxD,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;oBAC1B,OAAO;iBACR,CAAC,CAAC;gBAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,MAAM,IAAI,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;gBACzC,CAAC;gBAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAEnC,OAAO,IAAyB,CAAC;YACnC,CAAC;WAAC;QAEF;;;;;WAKG;QACI;;;;mBAAgB,KAAK,IAEzB,EAAE;gBACH,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,IAAI;wBACzB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC,OAAO,CAAC,6BAA6B,EAAE;oBACjD,cAAc;iBACf,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;;WAOG;QACI;;;;mBAAS,KAAK,EAAE,MAAoB,EAAyB,EAAE;gBACpE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,GAAG;wBACxB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,QAAQ,MAAM,CAAC,eAAe,EAAE,CAAC;oBAC/B,KAAK,MAAM;wBACT,OAAO,IAAI,CAAC,OAAO,CAAC,+BAA+B,EAAE;4BACnD,cAAc;4BACd,eAAe,EAAE,MAAM,CAAC,eAAe;yBACxC,CAAC,CAAC;oBACL;wBACE,MAAM,IAAI,KAAK,CACb,gCAAgC,MAAM,CAAC,eAAe,EAAE,CACzD,CAAC;gBACN,CAAC;YACH,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAY,KAAK,EACtB,MAAuB,EACiB,EAAE;gBAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,MAAM;wBAC3B,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC,OAAO,CAAC,8BAA8B,EAAE;oBAClD,cAAc;oBACd,aAAa,EAAE,MAAM,CAAC,aAAa;oBACnC,eAAe,EAAE,MAAM,CAAC,eAAe;iBACxC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAY,KAAK,EACtB,MAAuB,EACiB,EAAE;gBAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAClE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,mCAAmC;oBACzC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,8BAA8B;wBACxC,YAAY,EAAE,qBAAqB;wBACnC,OAAO,EAAE,WAAW,CAAC,MAAM;wBAC3B,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;qBAC5B;iBACF,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC,OAAO,CAAC,+BAA+B,EAAE;oBACnD,cAAc;oBACd,cAAc,EAAE,MAAM,CAAC,cAAc;iBACtC,CAAC,CAAC;YACL,CAAC;WAAC;QAEF;;;;;;WAMG;QACI;;;;mBAAuB,KAAK,EACjC,MAAkC,EACL,EAAE;gBAC/B,kDAAkD;gBAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,iCAAiC,EAAE;oBACrE,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;oBACzC,YAAY,EAAE,MAAM,CAAC,YAAY;iBAClC,CAAC,CAAC;gBAEH,kGAAkG;gBAClG,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC;oBAC5D,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;gBACJ,CAAC;gBAED,OAAO;oBACL,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,gBAAgB;iBAC1C,CAAC;YACJ,CAAC;WAAC;QAEF,aAAa;QAEb,0BAA0B;QAClB;;;;mBAAqB,KAAK,EAAE,OAA4B,EAAE,EAAE;gBAClE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC;oBACtD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;iBAChC,CAAC,CAAC;gBAEH,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,GAAG,CACtC,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC3B,IAAI,CAAC,aAAa,CAAC,iBAAiB,CAAC;oBACnC,cAAc,EAAE,IAAI,CAAC,IAAK,CAAC,KAAK;oBAChC,QAAQ;iBACT,CAAC,CACH,CACF,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAE5C,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,IAAI,CAAC,IAAK,CAAC,OAAO,CACxC,CAAC;gBAEF,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CACb,yCAAyC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAC7D,CAAC;gBACJ,CAAC;gBAED,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC;oBACzD,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,6BAA6B;oBACnC,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,QAAQ,EAAE,aAAc,CAAC,QAAQ;wBACjC,eAAe,EAAE,OAAO,CAAC,SAAS,EAAG;qBACtC;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CACxD,QAAQ,EACR,IAAI,CAAC,IAAI,CAAC,KAAK,EACf,oBAAoB,CACrB,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAC;gBAEpE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;gBAC3D,CAAC;gBAED,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEM;;;;mBAAqB,KAAK,EAAE,OAA4B,EAAE,EAAE;gBAClE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,MAAM,IAAI,qBAAqB,EAAE,CAAC;gBACpC,CAAC;gBAED,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAAC;oBAChE,cAAc,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK;oBAC/B,IAAI,EAAE,qCAAqC;oBAC3C,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;oBAClC,UAAU,EAAE;wBACV,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO;wBAC1B,eAAe,EAAE,OAAO,CAAC,SAAS,EAAG;qBACtC;iBACF,CAAC,CAAC;gBAEH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CACxD,QAAQ,EACR,IAAI,CAAC,IAAI,CAAC,KAAK,EACf,2BAA2B,CAC5B,CAAC;gBAEF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;gBAEjE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;gBAC3D,CAAC;gBAED,OAAO,MAAM,CAAC;YAChB,CAAC;WAAC;QAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAgCG;QACO;;;;mBAAsB,KAAK,EACnC,IAA6B,EACZ,EAAE;gBACnB,MAAM,EACJ,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,WAAW,EACX,eAAe,GAAG,IAAI,GACvB,GAAG,IAAI,CAAC;gBAET,MAAM,EACJ,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,KAAK,EAAE,aAAa,EACpB,MAAM,EAAE,cAAc,EACtB,eAAe,EAAE,uBAAuB,EACxC,IAAI,EACJ,WAAW,EACX,iBAAiB,GAClB,GAAG,WAAW,CAAC;gBAEhB,MAAM,EAAE,aAAa,EAAE,UAAU,EAAE,aAAa,EAAE,GAChD,WAAW,IAAI,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;gBAE1D,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,mBAAmB,EAAE,CAAC;gBAClC,CAAC;gBAED,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CACrC,CAAC,QAAQ,EAAE,EAAE,CACX,QAAQ,CAAC,EAAE,KAAK,cAAc;oBAC9B,CAAC,CAAC,QAAQ,CAAC,gBAAgB,KAAK,CAAC,CAAC,gBAAgB,CACrD,CAAC;gBAEF,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CAAC,kCAAkC,cAAc,EAAE,CAAC,CAAC;gBACtE,CAAC;gBAED,IAAI,KAAK,GAAuB,aAAa,CAAC;gBAC9C,IAAI,MAAM,GAAuB,cAAc,CAAC;gBAChD,IAAI,eAAe,GACjB,uBAAuB,CAAC;gBAE1B,IAAI,CAAC,gBAAgB,EAAE,CAAC;oBACtB,MAAM,oBAAoB,GACxB,+BAA+B,CAAC,cAAc,CAAC,CAAC;oBAClD,KAAK,KAAL,KAAK,GAAK,oBAAoB,EAAE,KAAK,EAAC;oBACtC,MAAM,KAAN,MAAM,GAAK,oBAAoB,EAAE,MAAM,EAAC;oBACxC,eAAe,KAAf,eAAe,GAAK,oBAAoB,EAAE,eAAe,EAAC;gBAC5D,CAAC;gBACD,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,MAAM,IAAI,KAAK,CAAC,wCAAwC,cAAc,EAAE,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,YAAY,CAAC;gBAEhD,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC;gBACnD,MAAM,WAAW,GAAe;oBAC9B,cAAc;oBACd,gBAAgB;oBAChB,UAAU;oBACV,gBAAgB;oBAChB,iBAAiB;oBACjB,WAAW,EACT,IAAI,KAAK,UAAU;wBACjB,CAAC,CAAC,eAAe;4BACf,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC;4BACjC,CAAC,CAAC,WAAW;wBACf,CAAC,CAAC,SAAS;oBACf,YAAY,EAAE,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;iBACpE,CAAC;gBACF,MAAM,KAAK,GAAG,eAAe,CAC3B,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CACtD,CAAC;gBACF,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC;gBACtC,MAAM,MAAM,GAA2B;oBACrC,YAAY,EAAE,gBAAgB;oBAC9B,aAAa,EAAE,MAAM;oBACrB,KAAK;oBACL,KAAK;oBACL,cAAc,EAAE,aAAa;oBAC7B,qBAAqB,EAAE,MAAM;oBAC7B,MAAM,EAAE,gBAAgB;oBACxB,SAAS,EAAE,QAAQ;oBACnB,KAAK;oBACL,GAAG,eAAe;iBACnB,CAAC;gBACF,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;gBACzB,CAAC;gBACD,IAAI,eAAe,EAAE,CAAC;oBACpB,MAAM,CAAC,UAAU,GAAG,eAAe,CAAC;gBACtC,CAAC;gBAED,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;oBACpC,MAAM,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBACrE,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAExD,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,YAAY,EAAE,CAAC;YAC1D,CAAC;WAAC;QAEM;;;;mBAAwB,KAAK,EACnC,IAAe,EACO,EAAE;gBACxB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,OAAO,IAAI,CAAC,WAAW,CAAC;gBAC1B,CAAC;qBAAM,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC/B,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CACb,+HAA+H,CAChI,CAAC;gBACJ,CAAC;YACH,CAAC;WAAC;QAEF,8EAA8E;QACpE;;;;mBAAyB,KAAK,EAKtC,QAEa,EACb,cAAsB,EACtB,SAAY,EAOZ,EAAE;gBACF,IAAI,QAAQ,CAAC,MAAM,KAAK,2BAA2B,EAAE,CAAC;oBACpD,OAAO,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAE,CAAC;gBACrC,CAAC;gBAED,MAAM,EACJ,QAAQ,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GACjC,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC;oBACvC,UAAU,EAAE,QAAQ,CAAC,EAAE;oBACvB,cAAc;iBACf,CAAC,CAAC;gBAEH,IAAI,MAAM,KAAK,2BAA2B,EAAE,CAAC;oBAC3C,OAAO,MAAM,CAAC,SAAS,CAAE,CAAC;gBAC5B,CAAC;gBAED,IACE,MAAM,KAAK,wBAAwB;oBACnC,MAAM,KAAK,0BAA0B;oBACrC,MAAM,KAAK,kCAAkC,EAC7C,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,uCAAuC,EAAE,aAAa,MAAM,GAAG,CAChE,CAAC;gBACJ,CAAC;gBAED,gEAAgE;gBAChE,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;gBAEzD,OAAO,IAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC;YAC1E,CAAC;WAAC;QACF,aAAa;QAEb;;;;;WAKG;QACO;;;;mBAAgB,CAAC,gBAAwB,EAAU,EAAE;gBAC7D,OAAO,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrE,CAAC;WAAC;QA14BA,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;QAClD,IAAI,CAAC,OAAO,GAAG,SAAS,IAAI,sCAAsC,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,EAA6B,CAAC;QAClE,IAAI,CAAC,gBAAgB,GAAG,sBAAsB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACjE,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CACpC,EAAE,OAAO,EAAE,yBAAyB,EAAE,EACtC,OAAO,CACR,CAAC;IACJ,CAAC;IAYD,IAAc,IAAI;QAChB,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAc,IAAI,CAAC,IAAsB;QACvC,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC1B,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,CAAC,IAAI,IAAI,YAAY,EAAE,CAAC;YACjC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;IAED;;;;OAIG;IACO,UAAU,CAAC,OAAiC;QACpD,IAAI,CAAC,aAAa,CAAC,OAAO,GAAG,OAAO,CAAC;IACvC,CAAC;IAED;;;;;;;OAOG;IACO,iBAAiB,CAAC,MAG3B;QACC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;QAC5B,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,aAAa;gBAChB,OAAO,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACvD,KAAK,aAAa;gBAChB,OAAO,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACvD;gBACE,WAAW,CAAC,QAAQ,EAAE,wBAAwB,QAAQ,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;CA20BF","sourcesContent":["import { ConnectionConfigSchema, type ConnectionConfig } from \"@aa-sdk/core\";\nimport { TurnkeyClient, type TSignedRequest } from \"@turnkey/http\";\nimport EventEmitter from \"eventemitter3\";\nimport { jwtDecode } from \"jwt-decode\";\nimport { sha256, type Hex } from \"viem\";\nimport { NotAuthenticatedError, OAuthProvidersError } from \"../errors.js\";\nimport { getDefaultProviderCustomization } from \"../oauth.js\";\nimport type { OauthMode } from \"../signer.js\";\nimport { base64UrlEncode } from \"../utils/base64UrlEncode.js\";\nimport { resolveRelativeUrl } from \"../utils/resolveRelativeUrl.js\";\nimport { assertNever } from \"../utils/typeAssertions.js\";\nimport type {\n AlchemySignerClientEvent,\n AlchemySignerClientEvents,\n AuthenticatingEventMetadata,\n CreateAccountParams,\n RemoveMfaParams,\n EmailAuthParams,\n AddMfaParams,\n AddMfaResult,\n experimental_CreateApiKeyParams,\n GetOauthProviderUrlArgs,\n GetWebAuthnAttestationResult,\n MfaFactor,\n OauthConfig,\n OauthParams,\n OauthState,\n OtpParams,\n SignerBody,\n SignerResponse,\n SignerRoutes,\n SignupResponse,\n User,\n VerifyMfaParams,\n SubmitOtpCodeResponse,\n ValidateMultiFactorsParams,\n AuthLinkingPrompt,\n AddOauthProviderParams,\n} from \"./types.js\";\nimport { VERSION } from \"../version.js\";\n\nexport interface BaseSignerClientParams {\n stamper: TurnkeyClient[\"stamper\"];\n connection: ConnectionConfig;\n rootOrgId?: string;\n rpId?: string;\n}\n\nexport type ExportWalletStamper = TurnkeyClient[\"stamper\"] & {\n injectWalletExportBundle(bundle: string): Promise<boolean>;\n injectKeyExportBundle(bundle: string): Promise<boolean>;\n publicKey(): string | null;\n};\n\nconst MFA_PAYLOAD = {\n GET: \"get_mfa\",\n ADD: \"add_mfa\",\n DELETE: \"delete_mfas\",\n VERIFY: \"verify_mfa\",\n LIST: \"list_mfas\",\n} as const;\n\n/**\n * Base class for all Alchemy Signer clients\n */\nexport abstract class BaseSignerClient<TExportWalletParams = unknown> {\n private _user: User | undefined;\n private connectionConfig: ConnectionConfig;\n protected turnkeyClient: TurnkeyClient;\n protected rootOrg: string;\n protected eventEmitter: EventEmitter<AlchemySignerClientEvents>;\n protected oauthConfig: OauthConfig | undefined;\n /**\n * Create a new instance of the Alchemy Signer client\n *\n * @param {BaseSignerClientParams} params the parameters required to create the client\n */\n constructor(params: BaseSignerClientParams) {\n const { stamper, connection, rootOrgId } = params;\n this.rootOrg = rootOrgId ?? \"24c1acf5-810f-41e0-a503-d5d13fa8e830\";\n this.eventEmitter = new EventEmitter<AlchemySignerClientEvents>();\n this.connectionConfig = ConnectionConfigSchema.parse(connection);\n this.turnkeyClient = new TurnkeyClient(\n { baseUrl: \"https://api.turnkey.com\" },\n stamper\n );\n }\n\n /**\n * Asynchronously fetches and sets the OAuth configuration.\n *\n * @returns {Promise<OauthConfig>} A promise that resolves to the OAuth configuration\n */\n public initOauth = async (): Promise<OauthConfig> => {\n this.oauthConfig = await this.getOauthConfig();\n return this.oauthConfig;\n };\n\n protected get user() {\n return this._user;\n }\n\n protected set user(user: User | undefined) {\n const previousUser = this._user;\n this._user = user;\n if (user && !previousUser) {\n this.eventEmitter.emit(\"connected\", user);\n } else if (!user && previousUser) {\n this.eventEmitter.emit(\"disconnected\");\n }\n }\n\n /**\n * Sets the stamper of the TurnkeyClient.\n *\n * @param {TurnkeyClient[\"stamper\"]} stamper the stamper function to set for the TurnkeyClient\n */\n protected setStamper(stamper: TurnkeyClient[\"stamper\"]) {\n this.turnkeyClient.stamper = stamper;\n }\n\n /**\n * Exports wallet credentials based on the specified type, either as a SEED_PHRASE or PRIVATE_KEY.\n *\n * @param {object} params The parameters for exporting the wallet\n * @param {ExportWalletStamper} params.exportStamper The stamper used for exporting the wallet\n * @param {\"SEED_PHRASE\" | \"PRIVATE_KEY\"} params.exportAs Specifies the format for exporting the wallet, either as a SEED_PHRASE or PRIVATE_KEY\n * @returns {Promise<boolean>} A promise that resolves to true if the export is successful\n */\n protected exportWalletInner(params: {\n exportStamper: ExportWalletStamper;\n exportAs: \"SEED_PHRASE\" | \"PRIVATE_KEY\";\n }): Promise<boolean> {\n const { exportAs } = params;\n switch (exportAs) {\n case \"PRIVATE_KEY\":\n return this.exportAsPrivateKey(params.exportStamper);\n case \"SEED_PHRASE\":\n return this.exportAsSeedPhrase(params.exportStamper);\n default:\n assertNever(exportAs, `Unknown export mode: ${exportAs}`);\n }\n }\n\n // #region ABSTRACT METHODS\n\n public abstract createAccount(\n params: CreateAccountParams\n ): Promise<SignupResponse>;\n\n public abstract initEmailAuth(\n params: Omit<EmailAuthParams, \"targetPublicKey\">\n ): Promise<{ orgId: string; otpId?: string; multiFactors?: MfaFactor[] }>;\n\n public abstract completeAuthWithBundle(params: {\n bundle: string;\n orgId: string;\n connectedEventName: keyof AlchemySignerClientEvents;\n authenticatingType: AuthenticatingEventMetadata[\"type\"];\n idToken?: string;\n }): Promise<User>;\n\n public abstract oauthWithRedirect(\n args: Extract<OauthParams, { mode: \"redirect\" }>\n ): Promise<User>;\n\n public abstract oauthWithPopup(\n args: Extract<OauthParams, { mode: \"popup\" }>\n ): Promise<User | AuthLinkingPrompt>;\n\n public abstract submitOtpCode(\n args: Omit<OtpParams, \"targetPublicKey\">\n ): Promise<SubmitOtpCodeResponse>;\n\n public abstract disconnect(): Promise<void>;\n\n public abstract exportWallet(params: TExportWalletParams): Promise<boolean>;\n\n public abstract lookupUserWithPasskey(user?: User): Promise<User>;\n\n public abstract targetPublicKey(): Promise<string>;\n\n protected abstract getOauthConfig(): Promise<OauthConfig>;\n\n protected abstract getWebAuthnAttestation(\n options: CredentialCreationOptions,\n userDetails?: { username: string }\n ): Promise<GetWebAuthnAttestationResult>;\n\n // #endregion\n\n // #region PUBLIC METHODS\n\n /**\n * Listen to events emitted by the client\n *\n * @param {AlchemySignerClientEvent} event the event you want to listen to\n * @param {AlchemySignerClientEvents[AlchemySignerClientEvent]} listener the callback function to execute when an event is fired\n * @returns {() => void} a function that will remove the listener when called\n */\n public on = <E extends AlchemySignerClientEvent>(\n event: E,\n listener: AlchemySignerClientEvents[E]\n ) => {\n this.eventEmitter.on(event, listener as any);\n\n return () => this.eventEmitter.removeListener(event, listener as any);\n };\n\n /**\n * Handles the creation of authenticators using WebAuthn attestation and the provided options. Requires the user to be authenticated.\n *\n * @param {CredentialCreationOptions} options The options used to create the WebAuthn attestation\n * @returns {Promise<string[]>} A promise that resolves to an array of authenticator IDs\n * @throws {NotAuthenticatedError} If the user is not authenticated\n */\n public addPasskey = async (options: CredentialCreationOptions) => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n const { attestation, challenge } = await this.getWebAuthnAttestation(\n options\n );\n\n const { activity } = await this.turnkeyClient.createAuthenticators({\n type: \"ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2\",\n timestampMs: Date.now().toString(),\n organizationId: this.user.orgId,\n parameters: {\n userId: this.user.userId,\n authenticators: [\n {\n attestation,\n authenticatorName: `passkey-${Date.now().toString()}`,\n challenge: base64UrlEncode(challenge),\n },\n ],\n },\n });\n\n const { authenticatorIds } = await this.pollActivityCompletion(\n activity,\n this.user.orgId,\n \"createAuthenticatorsResult\"\n );\n\n return authenticatorIds;\n };\n\n /**\n * Retrieves the status of the passkey for the current user. Requires the user to be authenticated.\n *\n * @returns {Promise<{ isPasskeyAdded: boolean }>} A promise that resolves to an object containing the passkey status\n * @throws {NotAuthenticatedError} If the user is not authenticated\n */\n public getPasskeyStatus = async () => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n const resp = await this.turnkeyClient.getAuthenticators({\n organizationId: this.user.orgId,\n userId: this.user.userId,\n });\n return {\n isPasskeyAdded: resp.authenticators.some((it) =>\n it.authenticatorName.startsWith(\"passkey-\")\n ),\n };\n };\n\n /**\n * Adds an OAuth provider for the authenticated user using the provided parameters. Throws an error if the user is not authenticated.\n *\n * @param {AddOauthProviderParams} params The parameters for adding an OAuth provider, including `providerName` and `oidcToken`.\n * @throws {NotAuthenticatedError} Throws if the user is not authenticated.\n * @returns {Promise<void>} A Promise that resolves when the OAuth provider is added.\n */\n public addOauthProvider = async (\n params: AddOauthProviderParams\n ): Promise<void> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n const { providerName, oidcToken } = params;\n const stampedRequest = await this.turnkeyClient.stampCreateOauthProviders({\n type: \"ACTIVITY_TYPE_CREATE_OAUTH_PROVIDERS\",\n timestampMs: Date.now().toString(),\n organizationId: this.user.orgId,\n parameters: {\n userId: this.user.userId,\n oauthProviders: [{ providerName, oidcToken }],\n },\n });\n await this.request(\"/v1/add-oauth-provider\", { stampedRequest });\n };\n\n /**\n * Retrieves the current user or fetches the user information if not already available.\n *\n * @param {string} [orgId] optional organization ID, defaults to the user's organization ID\n * @param {string} idToken an OIDC ID token containing additional user information\n * @returns {Promise<User>} A promise that resolves to the user object\n * @throws {Error} if no organization ID is provided when there is no current user\n */\n public whoami = async (\n orgId = this.user?.orgId,\n idToken?: string\n ): Promise<User> => {\n if (this.user) {\n return this.user;\n }\n\n if (!orgId) {\n throw new Error(\"No orgId provided\");\n }\n\n const stampedRequest = await this.turnkeyClient.stampGetWhoami({\n organizationId: orgId,\n });\n\n const user = await this.request(\"/v1/whoami\", {\n stampedRequest,\n });\n\n if (idToken) {\n const claims: Record<string, unknown> = jwtDecode(idToken);\n user.idToken = idToken;\n user.claims = claims;\n if (typeof claims.email === \"string\") {\n user.email = claims.email;\n }\n }\n\n const credentialId = (() => {\n try {\n return JSON.parse(stampedRequest?.stamp.stampHeaderValue)\n .credentialId as string;\n } catch (e) {\n return undefined;\n }\n })();\n\n this.user = {\n ...user,\n credentialId,\n };\n\n return this.user;\n };\n\n /**\n * Generates a stamped whoami request for the current user. This request can then be used to call /signer/v1/whoami to get the user information.\n * This is useful if you want to get the user information in a different context like a server. You can pass the stamped request to the server\n * and then call our API to get the user information. Using this stamp is the most trusted way to get the user information since a stamp can only\n * belong to the user who created it.\n *\n * @returns {Promise<TSignedRequest>} a promise that resolves to the \"whoami\" information for the logged in user\n * @throws {Error} if no organization ID is provided\n */\n public stampWhoami = async (): Promise<TSignedRequest> => {\n if (!this.user) {\n throw new Error(\"User must be authenticated to stamp a whoami request\");\n }\n\n return await this.turnkeyClient.stampGetWhoami({\n organizationId: this.user.orgId,\n });\n };\n\n /**\n * Generates a stamped getOrganization request for the current user.\n *\n * @returns {Promise<TSignedRequest>} a promise that resolves to the \"getOrganization\" information for the logged in user\n * @throws {Error} if no user is authenticated\n */\n public stampGetOrganization = async (): Promise<TSignedRequest> => {\n if (!this.user) {\n throw new Error(\n \"User must be authenticated to stamp a get organization request\"\n );\n }\n\n return await this.turnkeyClient.stampGetOrganization({\n organizationId: this.user.orgId,\n });\n };\n\n /**\n * Creates an API key that can take any action on behalf of the current user.\n * (Note that this method is currently experimental and is subject to change.)\n *\n * @param {CreateApiKeyParams} params Parameters for creating the API key.\n * @param {string} params.name Name of the API key.\n * @param {string} params.publicKey Public key to be used for the API key.\n * @param {number} params.expirationSec Number of seconds until the API key expires.\n * @throws {Error} If there is no authenticated user or the API key creation fails.\n */\n public experimental_createApiKey = async (\n params: experimental_CreateApiKeyParams\n ): Promise<void> => {\n if (!this.user) {\n throw new Error(\"User must be authenticated to create api key\");\n }\n const resp = await this.turnkeyClient.createApiKeys({\n type: \"ACTIVITY_TYPE_CREATE_API_KEYS_V2\",\n timestampMs: new Date().getTime().toString(),\n organizationId: this.user.orgId,\n parameters: {\n apiKeys: [\n {\n apiKeyName: params.name,\n publicKey: params.publicKey,\n curveType: \"API_KEY_CURVE_P256\",\n expirationSeconds: params.expirationSec.toString(),\n },\n ],\n userId: this.user.userId,\n },\n });\n if (resp.activity.status !== \"ACTIVITY_STATUS_COMPLETED\") {\n throw new Error(\"Failed to create api key\");\n }\n };\n\n /**\n * Looks up information based on an email address.\n *\n * @param {string} email the email address to look up\n * @returns {Promise<any>} the result of the lookup request\n */\n public lookupUserByEmail = async (email: string) => {\n return this.request(\"/v1/lookup\", { email });\n };\n\n /**\n * This will sign a message with the user's private key, without doing any transformations on the message.\n * For SignMessage or SignTypedData, the caller should hash the message before calling this method and pass\n * that result here.\n *\n * @param {Hex} msg the hex representation of the bytes to sign\n * @param {string} mode specify if signing should happen for solana or ethereum\n * @returns {Promise<Hex>} the signature over the raw hex\n */\n public signRawMessage = async (\n msg: Hex,\n mode: \"SOLANA\" | \"ETHEREUM\" = \"ETHEREUM\"\n ): Promise<Hex> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n if (!this.user.solanaAddress && mode === \"SOLANA\") {\n // TODO: we need to add backwards compatibility for users who signed up before we added Solana support\n throw new Error(\"No Solana address available for the user\");\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction:\n mode === \"ETHEREUM\"\n ? \"HASH_FUNCTION_NO_OP\"\n : \"HASH_FUNCTION_NOT_APPLICABLE\",\n payload: msg,\n signWith:\n mode === \"ETHEREUM\" ? this.user.address : this.user.solanaAddress!,\n },\n });\n\n const { signature } = await this.request(\"/v1/sign-payload\", {\n stampedRequest,\n });\n\n return signature;\n };\n\n /**\n * Returns the current user or null if no user is set.\n *\n * @returns {User | null} the current user object or null if no user is available\n */\n public getUser = (): User | null => {\n return this.user ?? null;\n };\n\n /**\n * Sends a POST request to the given signer route with the specified body and returns the response.\n * Not intended to be used directly, use the specific methods instead on the client instead.\n *\n * @param {SignerRoutes} route The route to which the request should be sent\n * @param {SignerBody<R>} body The request body containing the data to be sent\n * @returns {Promise<SignerResponse<R>>} A promise that resolves to the response from the signer\n */\n public request = async <R extends SignerRoutes>(\n route: R,\n body: SignerBody<R>\n ): Promise<SignerResponse<R>> => {\n const url = this.connectionConfig.rpcUrl ?? \"https://api.g.alchemy.com\";\n\n const basePath = \"/signer\";\n\n const headers = new Headers();\n headers.append(\"Alchemy-AA-Sdk-Version\", VERSION);\n headers.append(\"Content-Type\", \"application/json\");\n if (this.connectionConfig.apiKey) {\n headers.append(\"Authorization\", `Bearer ${this.connectionConfig.apiKey}`);\n } else if (this.connectionConfig.jwt) {\n headers.append(\"Authorization\", `Bearer ${this.connectionConfig.jwt}`);\n }\n\n const response = await fetch(`${url}${basePath}${route}`, {\n method: \"POST\",\n body: JSON.stringify(body),\n headers,\n });\n\n if (!response.ok) {\n throw new Error(await response.text());\n }\n\n const json = await response.json();\n\n return json as SignerResponse<R>;\n };\n\n /**\n * Retrieves the list of MFA factors configured for the current user.\n *\n * @returns {Promise<{ multiFactors: MfaFactor[] }>} A promise that resolves to an array of configured MFA factors\n * @throws {NotAuthenticatedError} If no user is authenticated\n */\n public getMfaFactors = async (): Promise<{\n multiFactors: MfaFactor[];\n }> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.LIST,\n signWith: this.user.address,\n },\n });\n\n return this.request(\"/v1/auth-list-multi-factors\", {\n stampedRequest,\n });\n };\n\n /**\n * Initiates the setup of a new MFA factor for the current user. Mfa will need to be verified before it is active.\n *\n * @param {AddMfaParams} params The parameters required to enable a new MFA factor\n * @returns {Promise<AddMfaResult>} A promise that resolves to the factor setup information\n * @throws {NotAuthenticatedError} If no user is authenticated\n * @throws {Error} If an unsupported factor type is provided\n */\n public addMfa = async (params: AddMfaParams): Promise<AddMfaResult> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.ADD,\n signWith: this.user.address,\n },\n });\n\n switch (params.multiFactorType) {\n case \"totp\":\n return this.request(\"/v1/auth-request-multi-factor\", {\n stampedRequest,\n multiFactorType: params.multiFactorType,\n });\n default:\n throw new Error(\n `Unsupported MFA factor type: ${params.multiFactorType}`\n );\n }\n };\n\n /**\n * Verifies a newly created MFA factor to complete the setup process.\n *\n * @param {VerifyMfaParams} params The parameters required to verify the MFA factor\n * @returns {Promise<{ multiFactors: MfaFactor[] }>} A promise that resolves to the updated list of MFA factors\n * @throws {NotAuthenticatedError} If no user is authenticated\n */\n public verifyMfa = async (\n params: VerifyMfaParams\n ): Promise<{ multiFactors: MfaFactor[] }> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.VERIFY,\n signWith: this.user.address,\n },\n });\n\n return this.request(\"/v1/auth-verify-multi-factor\", {\n stampedRequest,\n multiFactorId: params.multiFactorId,\n multiFactorCode: params.multiFactorCode,\n });\n };\n\n /**\n * Removes existing MFA factors by ID.\n *\n * @param {RemoveMfaParams} params The parameters specifying which factors to disable\n * @returns {Promise<{ multiFactors: MfaFactor[] }>} A promise that resolves to the updated list of MFA factors\n * @throws {NotAuthenticatedError} If no user is authenticated\n */\n public removeMfa = async (\n params: RemoveMfaParams\n ): Promise<{ multiFactors: MfaFactor[] }> => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const stampedRequest = await this.turnkeyClient.stampSignRawPayload({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2\",\n timestampMs: Date.now().toString(),\n parameters: {\n encoding: \"PAYLOAD_ENCODING_HEXADECIMAL\",\n hashFunction: \"HASH_FUNCTION_NO_OP\",\n payload: MFA_PAYLOAD.DELETE,\n signWith: this.user.address,\n },\n });\n\n return this.request(\"/v1/auth-delete-multi-factors\", {\n stampedRequest,\n multiFactorIds: params.multiFactorIds,\n });\n };\n\n /**\n * Validates multiple MFA factors using the provided encrypted payload and MFA codes.\n *\n * @param {ValidateMultiFactorsParams} params The validation parameters\n * @returns {Promise<{ bundle: string }>} A promise that resolves to an object containing the credential bundle\n * @throws {Error} If no credential bundle is returned from the server\n */\n public validateMultiFactors = async (\n params: ValidateMultiFactorsParams\n ): Promise<{ bundle: string }> => {\n // Send the encryptedPayload plus TOTP codes, etc:\n const response = await this.request(\"/v1/auth-validate-multi-factors\", {\n encryptedPayload: params.encryptedPayload,\n multiFactors: params.multiFactors,\n });\n\n // The server is expected to return the *decrypted* payload in `response.payload.credentialBundle`\n if (!response.payload || !response.payload.credentialBundle) {\n throw new Error(\n \"Request to validateMultiFactors did not return a credential bundle\"\n );\n }\n\n return {\n bundle: response.payload.credentialBundle,\n };\n };\n\n // #endregion\n\n // #region PRIVATE METHODS\n private exportAsSeedPhrase = async (stamper: ExportWalletStamper) => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const { wallets } = await this.turnkeyClient.getWallets({\n organizationId: this.user.orgId,\n });\n\n const walletAccounts = await Promise.all(\n wallets.map(({ walletId }) =>\n this.turnkeyClient.getWalletAccounts({\n organizationId: this.user!.orgId,\n walletId,\n })\n )\n ).then((x) => x.flatMap((x) => x.accounts));\n\n const walletAccount = walletAccounts.find(\n (x) => x.address === this.user!.address\n );\n\n if (!walletAccount) {\n throw new Error(\n `Could not find wallet associated with ${this.user.address}`\n );\n }\n\n const { activity } = await this.turnkeyClient.exportWallet({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_EXPORT_WALLET\",\n timestampMs: Date.now().toString(),\n parameters: {\n walletId: walletAccount!.walletId,\n targetPublicKey: stamper.publicKey()!,\n },\n });\n\n const { exportBundle } = await this.pollActivityCompletion(\n activity,\n this.user.orgId,\n \"exportWalletResult\"\n );\n\n const result = await stamper.injectWalletExportBundle(exportBundle);\n\n if (!result) {\n throw new Error(\"Failed to inject wallet export bundle\");\n }\n\n return result;\n };\n\n private exportAsPrivateKey = async (stamper: ExportWalletStamper) => {\n if (!this.user) {\n throw new NotAuthenticatedError();\n }\n\n const { activity } = await this.turnkeyClient.exportWalletAccount({\n organizationId: this.user.orgId,\n type: \"ACTIVITY_TYPE_EXPORT_WALLET_ACCOUNT\",\n timestampMs: Date.now().toString(),\n parameters: {\n address: this.user.address,\n targetPublicKey: stamper.publicKey()!,\n },\n });\n\n const { exportBundle } = await this.pollActivityCompletion(\n activity,\n this.user.orgId,\n \"exportWalletAccountResult\"\n );\n\n const result = await stamper.injectKeyExportBundle(exportBundle);\n\n if (!result) {\n throw new Error(\"Failed to inject wallet export bundle\");\n }\n\n return result;\n };\n\n /**\n * Returns the authentication url for the selected OAuth Proivder\n *\n * @example\n * ```ts\n *\n * cosnt oauthParams = {\n * authProviderId: \"google\",\n * isCustomProvider: false,\n * auth0Connection: undefined,\n * scope: undefined,\n * claims: undefined,\n * mode: \"redirect\",\n * redirectUrl: \"https://your-url-path/oauth-return\",\n * expirationSeconds: 3000\n * };\n *\n * const turnkeyPublicKey = await this.initIframeStamper();\n * const oauthCallbackUrl = this.oauthCallbackUrl;\n * const oauthConfig = this.getOauthConfig() // Optional value for OauthConfig()\n * const usesRelativeUrl = true // Optional value to determine if we use a relative (or absolute) url for the `redirect_url`\n *\n * const oauthProviderUrl = getOauthProviderUrl({\n * oauthParams,\n * turnkeyPublicKey,\n * oauthCallbackUrl\n * })\n *\n * ```\n * @param {GetOauthProviderUrlArgs} args Required. The Oauth provider's auth parameters\n *\n * @returns {Promise<string>} returns the Oauth provider's url\n */\n protected getOauthProviderUrl = async (\n args: GetOauthProviderUrlArgs\n ): Promise<string> => {\n const {\n oauthParams,\n turnkeyPublicKey,\n oauthCallbackUrl,\n oauthConfig,\n usesRelativeUrl = true,\n } = args;\n\n const {\n authProviderId,\n isCustomProvider,\n auth0Connection,\n scope: providedScope,\n claims: providedClaims,\n otherParameters: providedOtherParameters,\n mode,\n redirectUrl,\n expirationSeconds,\n } = oauthParams;\n\n const { codeChallenge, requestKey, authProviders } =\n oauthConfig ?? (await this.getOauthConfigForMode(mode));\n\n if (!authProviders) {\n throw new OAuthProvidersError();\n }\n\n const authProvider = authProviders.find(\n (provider) =>\n provider.id === authProviderId &&\n !!provider.isCustomProvider === !!isCustomProvider\n );\n\n if (!authProvider) {\n throw new Error(`No auth provider found with id ${authProviderId}`);\n }\n\n let scope: string | undefined = providedScope;\n let claims: string | undefined = providedClaims;\n let otherParameters: Record<string, string> | undefined =\n providedOtherParameters;\n\n if (!isCustomProvider) {\n const defaultCustomization =\n getDefaultProviderCustomization(authProviderId);\n scope ??= defaultCustomization?.scope;\n claims ??= defaultCustomization?.claims;\n otherParameters ??= defaultCustomization?.otherParameters;\n }\n if (!scope) {\n throw new Error(`Default scope not known for provider ${authProviderId}`);\n }\n const { authEndpoint, clientId } = authProvider;\n\n const nonce = this.getOauthNonce(turnkeyPublicKey);\n const stateObject: OauthState = {\n authProviderId,\n isCustomProvider,\n requestKey,\n turnkeyPublicKey,\n expirationSeconds,\n redirectUrl:\n mode === \"redirect\"\n ? usesRelativeUrl\n ? resolveRelativeUrl(redirectUrl)\n : redirectUrl\n : undefined,\n openerOrigin: mode === \"popup\" ? window.location.origin : undefined,\n };\n const state = base64UrlEncode(\n new TextEncoder().encode(JSON.stringify(stateObject))\n );\n const authUrl = new URL(authEndpoint);\n const params: Record<string, string> = {\n redirect_uri: oauthCallbackUrl,\n response_type: \"code\",\n scope,\n state,\n code_challenge: codeChallenge,\n code_challenge_method: \"S256\",\n prompt: \"select_account\",\n client_id: clientId,\n nonce,\n ...otherParameters,\n };\n if (claims) {\n params.claims = claims;\n }\n if (auth0Connection) {\n params.connection = auth0Connection;\n }\n\n Object.keys(params).forEach((param) => {\n params[param] && authUrl.searchParams.append(param, params[param]);\n });\n\n const [urlPath, searchParams] = authUrl.href.split(\"?\");\n\n return `${urlPath?.replace(/\\/$/, \"\")}?${searchParams}`;\n };\n\n private getOauthConfigForMode = async (\n mode: OauthMode\n ): Promise<OauthConfig> => {\n if (this.oauthConfig) {\n return this.oauthConfig;\n } else if (mode === \"redirect\") {\n return this.initOauth();\n } else {\n throw new Error(\n \"enablePopupOauth must be set in configuration or signer.preparePopupOauth must be called before using popup-based OAuth login\"\n );\n }\n };\n\n // eslint-disable-next-line eslint-rules/require-jsdoc-on-reexported-functions\n protected pollActivityCompletion = async <\n T extends keyof Awaited<\n ReturnType<(typeof this.turnkeyClient)[\"getActivity\"]>\n >[\"activity\"][\"result\"]\n >(\n activity: Awaited<\n ReturnType<(typeof this.turnkeyClient)[\"getActivity\"]>\n >[\"activity\"],\n organizationId: string,\n resultKey: T\n ): Promise<\n NonNullable<\n Awaited<\n ReturnType<(typeof this.turnkeyClient)[\"getActivity\"]>\n >[\"activity\"][\"result\"][T]\n >\n > => {\n if (activity.status === \"ACTIVITY_STATUS_COMPLETED\") {\n return activity.result[resultKey]!;\n }\n\n const {\n activity: { status, id, result },\n } = await this.turnkeyClient.getActivity({\n activityId: activity.id,\n organizationId,\n });\n\n if (status === \"ACTIVITY_STATUS_COMPLETED\") {\n return result[resultKey]!;\n }\n\n if (\n status === \"ACTIVITY_STATUS_FAILED\" ||\n status === \"ACTIVITY_STATUS_REJECTED\" ||\n status === \"ACTIVITY_STATUS_CONSENSUS_NEEDED\"\n ) {\n throw new Error(\n `Failed to get activity with with id ${id} (status: ${status})`\n );\n }\n\n // TODO: add ability to configure this + add exponential backoff\n await new Promise((resolve) => setTimeout(resolve, 500));\n\n return this.pollActivityCompletion(activity, organizationId, resultKey);\n };\n // #endregion\n\n /**\n * Turnkey requires the nonce in the id token to be in this format.\n *\n * @param {string} turnkeyPublicKey key from a Turnkey iframe\n * @returns {string} nonce to be used in OIDC\n */\n protected getOauthNonce = (turnkeyPublicKey: string): string => {\n return sha256(new TextEncoder().encode(turnkeyPublicKey)).slice(2);\n };\n}\n"]}
|