@account-kit/signer 4.57.1 → 4.57.2-alpha.0

package/dist/esm/client/base.d.ts

@@ -2,7 +2,7 @@ import { type ConnectionConfig } from "@aa-sdk/core";
 import { TurnkeyClient, type TSignedRequest } from "@turnkey/http";
 import EventEmitter from "eventemitter3";
 import { type Address, type Hex } from "viem";
-import type { AlchemySignerClientEvent, AlchemySignerClientEvents, AuthenticatingEventMetadata, CreateAccountParams, RemoveMfaParams, EmailAuthParams, AddMfaParams, AddMfaResult, experimental_CreateApiKeyParams, GetOauthProviderUrlArgs, GetWebAuthnAttestationResult, MfaFactor, JwtParams, JwtResponse, OauthConfig, OauthParams, OtpParams, SignerBody, SignerResponse, SignerRoutes, SignupResponse, User, VerifyMfaParams, SubmitOtpCodeResponse, ValidateMultiFactorsParams, AuthLinkingPrompt, AddOauthProviderParams, CredentialCreationOptionOverrides, OauthProviderInfo, IdTokenOnly, AuthMethods, SmsAuthParams } from "./types.js";
+import type { AlchemySignerClientEvent, AlchemySignerClientEvents, AuthenticatingEventMetadata, CreateAccountParams, RemoveMfaParams, EmailAuthParams, AddMfaParams, AddMfaResult, experimental_CreateApiKeyParams, GetOauthProviderUrlArgs, GetWebAuthnAttestationResult, MfaFactor, JwtParams, JwtResponse, OauthConfig, OauthParams, OtpParams, SignerBody, SignerResponse, SignerRoutes, SignupResponse, User, VerifyMfaParams, SubmitOtpCodeResponse, ValidateMultiFactorsParams, AuthLinkingPrompt, AddOauthProviderParams, CredentialCreationOptionOverrides, OauthProviderInfo, IdTokenOnly, AuthMethods, SmsAuthParams, VerificationOtp } from "./types.js";
 export interface BaseSignerClientParams {
     stamper: TurnkeyClient["stamper"];
     connection: ConnectionConfig;
@@ -111,15 +111,26 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
      * Sets the email for the authenticated user, allowing them to login with that
      * email.
      *
-     * You must contact Alchemy to enable this feature for your team, as there are
-     * important security considerations. In particular, you must not call this
-     * without first validating that the user owns this email account.
+     * @deprecated You must contact Alchemy to enable this feature for your team,
+     * as there are important security considerations. In particular, you must not
+     * call this without first validating that the user owns this email account.
+     * Use setEmail(email, otp) instead.
      *
      * @param {string} email The email to set for the user
      * @returns {Promise<void>} A promise that resolves when the email is set
      * @throws {NotAuthenticatedError} If the user is not authenticated
      */
-    setEmail: (email: string) => Promise<void>;
+    setEmail(email: string): Promise<void>;
+    /**
+     * Sets the email for the authenticated user, allowing them to login with that
+     * email.
+     *
+     * @param {string} email The email to set for the user
+     * @param {VerificationOtp} otp The OTP verification object
+     * @returns {Promise<void>} A promise that resolves when the email is set
+     * @throws {NotAuthenticatedError} If the user is not authenticated
+     */
+    setEmail(email: string, otp: VerificationOtp): Promise<void>;
     /**
      * Removes the email for the authenticated user, disallowing them from login with that email.
      *
@@ -128,6 +139,35 @@ export declare abstract class BaseSignerClient<TExportWalletParams = unknown> {
      */
     removeEmail: () => Promise<void>;
     private updateEmail;
+    /**
+     * Sets the phone number for the authenticated user, allowing them to login with that
+     * phone number.
+     *
+     * @param {string} phone The phone number to set for the user
+     * @param {VerificationOtp} otp The OTP verification object
+     * @returns {Promise<void>} A promise that resolves when the phone number is set
+     * @throws {NotAuthenticatedError} If the user is not authenticated
+     */
+    setPhoneNumber: (phone: string, otp: VerificationOtp) => Promise<void>;
+    /**
+     * Removes the phone number for the authenticated user, disallowing them from login with that phone number.
+     *
+     * @returns {Promise<void>} A promise that resolves when the phone number is removed
+     * @throws {NotAuthenticatedError} If the user is not authenticated
+     */
+    removePhoneNumber: () => Promise<void>;
+    private updatePhoneNumber;
+    /**
+     * Initiates an OTP (One-Time Password) verification process for a user contact.
+     *
+     * @param {("email" | "sms")} type - The type of OTP to send, either "email" or "sms"
+     * @param {string} contact - The email address or phone number to send the OTP to
+     * @returns {Promise<{ otpId: string }>} A promise that resolves to an object containing the OTP ID
+     * @throws {NotAuthenticatedError} When no user is currently authenticated
+     */
+    initOtp: (type: "email" | "sms", contact: string) => Promise<{
+        otpId: string;
+    }>;
     /**
      * Handles the creation of authenticators using WebAuthn attestation and the provided options. Requires the user to be authenticated.
      *

package/dist/esm/client/base.js

@@ -98,66 +98,143 @@ export class BaseSignerClient {
             }
         });
         /**
-         * Sets the email for the authenticated user, allowing them to login with that
-         * email.
+         * Removes the email for the authenticated user, disallowing them from login with that email.
          *
-         * You must contact Alchemy to enable this feature for your team, as there are
-         * important security considerations. In particular, you must not call this
-         * without first validating that the user owns this email account.
+         * @returns {Promise<void>} A promise that resolves when the email is removed
+         * @throws {NotAuthenticatedError} If the user is not authenticated
+         */
+        Object.defineProperty(this, "removeEmail", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async () => {
+                await this.updateEmail("");
+            }
+        });
+        Object.defineProperty(this, "updateEmail", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async (email, verificationToken) => {
+                if (!this.user) {
+                    throw new NotAuthenticatedError();
+                }
+                // Unverified use is legacy & requires team flag.
+                const isUnverified = email && !verificationToken;
+                const stampedRequest = isUnverified
+                    ? await this.turnkeyClient.stampUpdateUser({
+                        type: "ACTIVITY_TYPE_UPDATE_USER",
+                        timestampMs: Date.now().toString(),
+                        organizationId: this.user.orgId,
+                        parameters: {
+                            userId: this.user.userId,
+                            userEmail: email,
+                        },
+                    })
+                    : await this.turnkeyClient.stampUpdateUserEmail({
+                        type: "ACTIVITY_TYPE_UPDATE_USER_EMAIL",
+                        timestampMs: Date.now().toString(),
+                        organizationId: this.user.orgId,
+                        parameters: {
+                            userId: this.user.userId,
+                            userEmail: email,
+                            verificationToken,
+                        },
+                    });
+                await this.request("/v1/update-email-auth", {
+                    stampedRequest,
+                });
+                this.user = {
+                    ...this.user,
+                    email: email || undefined,
+                };
+            }
+        });
+        /**
+         * Sets the phone number for the authenticated user, allowing them to login with that
+         * phone number.
          *
-         * @param {string} email The email to set for the user
-         * @returns {Promise<void>} A promise that resolves when the email is set
+         * @param {string} phone The phone number to set for the user
+         * @param {VerificationOtp} otp The OTP verification object
+         * @returns {Promise<void>} A promise that resolves when the phone number is set
          * @throws {NotAuthenticatedError} If the user is not authenticated
          */
-        Object.defineProperty(this, "setEmail", {
+        Object.defineProperty(this, "setPhoneNumber", {
             enumerable: true,
             configurable: true,
             writable: true,
-            value: async (email) => {
-                if (!email) {
-                    throw new Error("Email must not be empty. Use removeEmail() to remove email auth.");
+            value: async (phone, otp) => {
+                if (!phone) {
+                    throw new Error("Phone number must not be empty. Use removePhoneNumber() to remove phone auth.");
                 }
-                await this.updateEmail(email);
+                const { verificationToken } = await this.request("/v1/verify-otp", {
+                    otpId: otp.id,
+                    otpCode: otp.code,
+                });
+                await this.updatePhoneNumber(phone, verificationToken);
             }
         });
         /**
-         * Removes the email for the authenticated user, disallowing them from login with that email.
+         * Removes the phone number for the authenticated user, disallowing them from login with that phone number.
          *
-         * @returns {Promise<void>} A promise that resolves when the email is removed
+         * @returns {Promise<void>} A promise that resolves when the phone number is removed
          * @throws {NotAuthenticatedError} If the user is not authenticated
          */
-        Object.defineProperty(this, "removeEmail", {
+        Object.defineProperty(this, "removePhoneNumber", {
             enumerable: true,
             configurable: true,
             writable: true,
             value: async () => {
-                // This is a hack to remove the email for the user. Turnkey does not
-                // support clearing the email once set, so we set it to a known
-                // inaccessible address instead.
-                await this.updateEmail("not.enabled@example.invalid");
+                await this.updatePhoneNumber("");
             }
         });
-        Object.defineProperty(this, "updateEmail", {
+        Object.defineProperty(this, "updatePhoneNumber", {
             enumerable: true,
             configurable: true,
             writable: true,
-            value: async (email) => {
+            value: async (phone, verificationToken) => {
                 if (!this.user) {
                     throw new NotAuthenticatedError();
                 }
-                const stampedRequest = await this.turnkeyClient.stampUpdateUser({
-                    type: "ACTIVITY_TYPE_UPDATE_USER",
+                if (phone.trim() && !verificationToken) {
+                    throw new Error("Verification token is required to change phone number.");
+                }
+                const stampedRequest = await this.turnkeyClient.stampUpdateUserPhoneNumber({
+                    type: "ACTIVITY_TYPE_UPDATE_USER_PHONE_NUMBER",
                     timestampMs: Date.now().toString(),
                     organizationId: this.user.orgId,
                     parameters: {
                         userId: this.user.userId,
-                        userEmail: email,
-                        userTagIds: [],
+                        userPhoneNumber: phone,
+                        verificationToken,
                     },
                 });
-                await this.request("/v1/update-email-auth", {
+                await this.request("/v1/update-phone-auth", {
                     stampedRequest,
                 });
+                this.user = {
+                    ...this.user,
+                    phone: phone || undefined,
+                };
+            }
+        });
+        /**
+         * Initiates an OTP (One-Time Password) verification process for a user contact.
+         *
+         * @param {("email" | "sms")} type - The type of OTP to send, either "email" or "sms"
+         * @param {string} contact - The email address or phone number to send the OTP to
+         * @returns {Promise<{ otpId: string }>} A promise that resolves to an object containing the OTP ID
+         * @throws {NotAuthenticatedError} When no user is currently authenticated
+         */
+        Object.defineProperty(this, "initOtp", {
+            enumerable: true,
+            configurable: true,
+            writable: true,
+            value: async (type, contact) => {
+                return await this.request("/v1/init-otp", {
+                    otpType: type === "email" ? "OTP_TYPE_EMAIL" : "OTP_TYPE_SMS",
+                    contact,
+                });
             }
         });
         /**
@@ -583,7 +660,7 @@ export class BaseSignerClient {
                     };
                     return {
                         stampHeaderName: "X-Stamp",
-                        stampHeaderValue: base64UrlEncode(Buffer.from(JSON.stringify(stamp))),
+                        stampHeaderValue: base64UrlEncode(Buffer.from(JSON.stringify(stamp)).buffer),
                     };
                 },
             })
@@ -1057,7 +1134,7 @@ export class BaseSignerClient {
                     openerOrigin: mode === "popup" ? window.location.origin : undefined,
                     fetchIdTokenOnly: oauthParams.fetchIdTokenOnly,
                 };
-                const state = base64UrlEncode(new TextEncoder().encode(JSON.stringify(stateObject)));
+                const state = base64UrlEncode(new TextEncoder().encode(JSON.stringify(stateObject)).buffer);
                 const authUrl = new URL(authEndpoint);
                 const params = {
                     redirect_uri: oauthCallbackUrl,
@@ -1239,5 +1316,27 @@ export class BaseSignerClient {
         this.eventEmitter.emit("connectedPasskey", this.user);
         return result;
     }
+    /**
+     * Implementation for setEmail method with optional OTP verification.
+     *
+     * @param {string} email The email to set for the user
+     * @param {VerificationOtp} [otp] The OTP verification object (optional for legacy usage)
+     * @returns {Promise<void>} A promise that resolves when the email is set
+     */
+    async setEmail(email, otp) {
+        if (!email) {
+            throw new Error("Email must not be empty. Use removeEmail() to remove email auth.");
+        }
+        if (!otp) {
+            // Legacy use, requires team flag.
+            await this.updateEmail(email);
+            return;
+        }
+        const { verificationToken } = await this.request("/v1/verify-otp", {
+            otpId: otp.id,
+            otpCode: otp.code,
+        });
+        await this.updateEmail(email, verificationToken);
+    }
 }
 //# sourceMappingURL=base.js.map