@coinbase/cdp-api-client 0.0.92 → 0.0.94

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/esm/index.js +136 -121
  2. package/dist/esm/index4.js +1 -1
  3. package/dist/esm/index5.js +21 -22
  4. package/dist/esm/index6.js +288 -232
  5. package/dist/esm/index7.js +114 -77
  6. package/dist/types/index.d.ts +271 -42
  7. package/package.json +1 -1
package/dist/esm/index7.js CHANGED
@@ -1,59 +1,93 @@
1
1
  import { Analytics as o } from "./index2.js";
2
2
  import "./index3.js";
3
- import h from "axios";
3
+ import l from "axios";
4
4
  import { ERROR_DOCS_PAGE_URL as c } from "./index9.js";
5
- import { UnknownApiError as v, HttpErrorType as u, isOpenAPIError as R, APIError as d, UnknownError as g } from "./index8.js";
6
- const l = () => typeof window < "u" && typeof document < "u";
7
- let n = h.create({
5
+ import { UnknownApiError as y, HttpErrorType as u, isOpenAPIError as g, APIError as d, UnknownError as k } from "./index8.js";
6
+ const w = () => typeof window < "u" && typeof document < "u";
7
+ let n = l.create({
8
8
  baseURL: "https://api.cdp.coinbase.com/platform"
9
9
  }), i = null;
10
- const x = (r) => {
11
- n = h.create({
12
- baseURL: r.basePath || "https://api.cdp.coinbase.com/platform",
10
+ const O = (t) => {
11
+ if (n = l.create({
12
+ baseURL: t.basePath || "https://api.cdp.coinbase.com/platform",
13
13
  // Only enable cookies in browser environments where they're supported
14
- withCredentials: l()
15
- }), n.interceptors.request.use(async (t) => {
16
- const e = T(t), s = p(t);
17
- if (!i || f(s.pathname) || m(s.pathname) && !await i.isSignedIn() || !S(s.pathname))
18
- return t;
14
+ withCredentials: w()
15
+ }), n.interceptors.request.use(async (r) => {
16
+ const e = U(r), s = f(r);
17
+ if (!i || v(s.pathname) || A(s.pathname) && !await i.isSignedIn() || !I(s.pathname))
18
+ return r;
19
19
  const a = await i.getXWalletAuth({
20
20
  requestMethod: e,
21
21
  requestHost: s.host,
22
22
  requestPath: s.pathname,
23
- requestData: t.data
23
+ requestData: r.data
24
24
  });
25
- return a && (t.headers["X-Wallet-Auth"] = a), t;
26
- }), n.interceptors.request.use(async (t) => {
27
- const e = p(t);
28
- if (!i || f(e.pathname) || m(e.pathname) && !await i.isSignedIn())
29
- return t;
25
+ return a && (r.headers["X-Wallet-Auth"] = a), r;
26
+ }), n.interceptors.request.use(async (r) => {
27
+ const e = f(r);
28
+ if (!i || v(e.pathname) || A(e.pathname) && !await i.isSignedIn())
29
+ return r;
30
30
  const s = await i.getToken();
31
- return s && s !== "" && (t.headers.Authorization = `Bearer ${s}`), t;
32
- }), l() || n.interceptors.request.use(async (t) => {
33
- let e = t.headers["User-Agent"];
34
- return e = e ? `${e} CDP/reactnative` : "CDP/reactnative", t.headers["User-Agent"] = e, t;
35
- }), r.refreshTokenStorage && _(r.refreshTokenStorage), r.debugging && (n.interceptors.request.use((t) => (console.log("Request:", t), t)), n.interceptors.response.use((t) => (console.log("Response:", t), t)));
36
- }, j = (r) => {
37
- i = r;
38
- }, k = (r, t) => ({
39
- ...r,
31
+ return s && s !== "" && (r.headers.Authorization = `Bearer ${s}`), r;
32
+ }), !w()) {
33
+ const r = t.platform ? `CDP/reactnative/${t.platform}` : "CDP/reactnative";
34
+ n.interceptors.request.use(async (e) => {
35
+ let s = e.headers["User-Agent"];
36
+ return s = s ? `${s} ${r}` : r, e.headers["User-Agent"] = s, e;
37
+ });
38
+ }
39
+ t.refreshTokenStorage && P(t.refreshTokenStorage), t.appAttestation && E(t.appAttestation, t.platform), t.debugging && (n.interceptors.request.use((r) => (console.log("Request:", r), r)), n.interceptors.response.use((r) => (console.log("Response:", r), r)));
40
+ }, D = (t) => {
41
+ i = t;
42
+ }, E = (t, r) => {
43
+ n.interceptors.request.use(async (e) => {
44
+ const s = f(e);
45
+ if (!q(s.pathname) || !t.isEnabled())
46
+ return e;
47
+ try {
48
+ if (r === "ios") {
49
+ const a = s.pathname.match(/\/projects\/([^/]+)\//);
50
+ if (!a || !a[1])
51
+ return e;
52
+ const R = `/v2/embedded-wallet-api/projects/${a[1]}/attestation/challenge`, h = (await n.post(R)).data.challenge;
53
+ if (!h)
54
+ return console.warn("Failed to fetch assertion challenge"), e;
55
+ const p = await t.generateAssertion(h);
56
+ if (!p)
57
+ return e;
58
+ e.headers["X-App-Attestation-Assertion"] = p.assertion, e.headers["X-App-Attestation-Key-ID"] = p.keyId, e.headers["X-App-Attestation-Challenge"] = h;
59
+ } else {
60
+ const a = await t.generateAssertion(JSON.stringify(e.data));
61
+ if (!a)
62
+ return e;
63
+ e.headers["X-Integrity-Token"] = a.assertion, e.headers["X-Package-Name"] = t.appIdentifier;
64
+ }
65
+ return e;
66
+ } catch (a) {
67
+ throw new Error(
68
+ `App attestation required but assertion generation failed: ${a instanceof Error ? a.message : String(a)}`
69
+ );
70
+ }
71
+ });
72
+ }, _ = (t, r) => ({
73
+ ...t,
40
74
  headers: {
41
- ...r.headers || {},
42
- "X-Idempotency-Key": t
75
+ ...t.headers || {},
76
+ "X-Idempotency-Key": r
43
77
  }
44
- }), I = async (r, t) => {
45
- P(r), t && t !== "" && (r = k(r, t));
78
+ }), z = async (t, r) => {
79
+ S(t), r && r !== "" && (t = _(t, r));
46
80
  try {
47
- return (await n(r)).data;
81
+ return (await n(t)).data;
48
82
  } catch (e) {
49
- if (h.isAxiosError(e) && !e.response)
50
- throw new v(
83
+ if (l.isAxiosError(e) && !e.response)
84
+ throw new y(
51
85
  u.unknown,
52
86
  e.cause instanceof Error ? e.cause.message : e.message,
53
87
  e.cause
54
88
  );
55
- if (h.isAxiosError(e) && e.response) {
56
- if (R(e.response.data))
89
+ if (l.isAxiosError(e) && e.response) {
90
+ if (g(e.response.data))
57
91
  throw new d(
58
92
  e.response.status,
59
93
  e.response.data.errorType,
@@ -109,11 +143,11 @@ const x = (r) => {
109
143
  } catch {
110
144
  a = String(e.response.data);
111
145
  }
112
- const w = a ? `An unexpected error occurred: ${a}` : "An unexpected error occurred.";
146
+ const m = a ? `An unexpected error occurred: ${a}` : "An unexpected error occurred.";
113
147
  throw new d(
114
148
  s,
115
149
  u.unexpected_error,
116
- w,
150
+ m,
117
151
  void 0,
118
152
  `${c}`,
119
153
  e.cause
@@ -122,24 +156,21 @@ const x = (r) => {
122
156
  }
123
157
  }
124
158
  }
125
- throw new g(
126
- "Something went wrong. Please reach out at https://discord.com/channels/1220414409550336183/1271495764580896789 for help.",
127
- e instanceof Error ? e : void 0
128
- );
159
+ throw new k("Something went wrong.", e instanceof Error ? e : void 0);
129
160
  }
130
- }, _ = (r) => {
161
+ }, P = (t) => {
131
162
  n.interceptors.response.use(
132
- async (t) => {
163
+ async (r) => {
133
164
  try {
134
- if (E(t)) {
165
+ if ($(r)) {
135
166
  o.sendSessionRefreshEvent({
136
167
  name: "refresh_token_response"
137
168
  });
138
- const e = t.data?.refreshToken;
169
+ const e = r.data?.refreshToken;
139
170
  e && (o.sendSessionRefreshEvent({
140
171
  name: "refresh_token_received"
141
172
  }), await Promise.race([
142
- r.setRefreshToken(e),
173
+ t.setRefreshToken(e),
143
174
  new Promise(
144
175
  (s, a) => setTimeout(() => a(new Error("setRefreshToken timed out after 5000ms")), 5e3)
145
176
  )
@@ -154,23 +185,23 @@ const x = (r) => {
154
185
  error_message: s
155
186
  }), console.warn("Failed to store refresh token:", e);
156
187
  }
157
- return t;
188
+ return r;
158
189
  },
159
- (t) => Promise.reject(t)
160
- ), n.interceptors.request.use(async (t) => {
190
+ (r) => Promise.reject(r)
191
+ ), n.interceptors.request.use(async (r) => {
161
192
  try {
162
- if (A(t.url)) {
163
- const e = await r.getRefreshToken();
193
+ if (T(r.url)) {
194
+ const e = await t.getRefreshToken();
164
195
  e ? (o.sendSessionRefreshEvent({
165
196
  name: "refresh_token_retrieved"
166
- }), t.data = {
167
- ...t.data,
197
+ }), r.data = {
198
+ ...r.data,
168
199
  refreshToken: e
169
200
  }) : o.sendSessionRefreshEvent({
170
201
  name: "refresh_token_missing"
171
202
  });
172
203
  }
173
- y(t.url) && await r.removeRefreshToken();
204
+ b(r.url) && await t.removeRefreshToken();
174
205
  } catch (e) {
175
206
  const s = e instanceof Error ? e.message : String(e);
176
207
  o.sendSessionRefreshEvent({
@@ -178,34 +209,40 @@ const x = (r) => {
178
209
  error_message: s
179
210
  }), console.warn("Failed to retrieve refresh token:", e);
180
211
  }
181
- return t;
212
+ return r;
182
213
  });
183
- }, y = (r) => r ? /^\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/logout$/.test(r) : !1, A = (r) => r ? /^\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(refresh|logout)$/.test(r) : !1, E = (r) => {
184
- const t = r.config.url;
185
- return t ? /^\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(verify\/(email|sms|oauth\/.*)|refresh)$/.test(
186
- t
214
+ }, b = (t) => t ? /^\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/logout$/.test(t) : !1, T = (t) => t ? /^\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(refresh|logout)$/.test(t) : !1, $ = (t) => {
215
+ const r = t.config.url;
216
+ return r ? /^\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(verify\/(email|sms|oauth\/.*)|refresh)$/.test(
217
+ r
187
218
  ) : !1;
188
- }, P = (r) => {
219
+ }, S = (t) => {
189
220
  if (!n.getUri() || n.getUri() === "")
190
221
  throw new Error("CDP client URI not configured. Call configure() first.");
191
- if (!r.url || r.url === "")
222
+ if (!t.url || t.url === "")
192
223
  throw new Error("AxiosRequestConfig URL is empty. This should never happen.");
193
- if (!r.method || r.method === "")
224
+ if (!t.method || t.method === "")
194
225
  throw new Error("AxiosRequestConfig method is empty. This should never happen.");
195
- }, T = (r) => r.method?.toString().toUpperCase() || "GET", p = (r) => {
196
- if (!r.url)
226
+ }, U = (t) => t.method?.toString().toUpperCase() || "GET", f = (t) => {
227
+ if (!t.url)
197
228
  throw new Error("URL is required for authentication");
198
- const t = n.getUri() + r.url;
199
- return new URL(t);
200
- }, f = (r) => {
201
- const t = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(refresh|logout)$/, e = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(mfa)$/, s = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/config$/;
202
- return t.test(r) || e.test(r) || s.test(r);
203
- }, S = (r) => !/^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/custom\/authenticate$/.test(r), m = (r) => {
204
- const t = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(init)$/, e = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/verify\//;
205
- return t.test(r) || e.test(r);
206
- };
229
+ const r = n.getUri() + t.url;
230
+ return new URL(r);
231
+ }, v = (t) => {
232
+ const r = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(refresh|logout)$/, e = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(mfa)$/, s = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/config$/, a = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/attestation\/(challenge|register)$/;
233
+ return r.test(t) || e.test(t) || s.test(t) || a.test(t);
234
+ }, I = (t) => !/^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/custom\/authenticate$/.test(t), A = (t) => {
235
+ const r = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/(init)$/, e = /^\/platform\/v2\/embedded-wallet-api\/projects\/[^/]+\/auth\/verify\//;
236
+ return r.test(t) || e.test(t);
237
+ }, q = (t) => [
238
+ // Auth flows: prevent account takeover on mobile clients
239
+ /\/auth\/verify\//,
240
+ // VerifyEmailAuthentication, VerifySmsAuthentication, VerifyOAuthCode, VerifyOAuthEndUserIdentity
241
+ /\/auth\/refresh$/
242
+ // RefreshAccessToken
243
+ ].some((e) => e.test(t));
207
244
  export {
208
- I as cdpApiClient,
209
- x as configureCdpApiClient,
210
- j as setAuthManager
245
+ z as cdpApiClient,
246
+ O as configureCdpApiClient,
247
+ D as setAuthManager
211
248
  };