@coinbase/cdp-core 0.0.44 → 0.0.45

package/dist/native/index.native10.js

@@ -1,161 +1,219 @@
-import "ox";
+import { logOutEndUser as l, refreshAccessToken as c, registerTemporaryWalletSecret as o } from "@coinbase/cdp-api-client";
+import { SignJWT as u } from "./index.native25.js";
 import "viem";
-import "zustand";
-import "@coinbase/cdp-api-client";
-import { getCurrentUser as h } from "./index.native6.js";
-import "./index.native9.js";
-const n = {
-  rpc: {
-    invalidInput: -32e3,
-    resourceNotFound: -32001,
-    resourceUnavailable: -32002,
-    transactionRejected: -32003,
-    methodNotSupported: -32004,
-    limitExceeded: -32005,
-    parse: -32700,
-    invalidRequest: -32600,
-    methodNotFound: -32601,
-    invalidParams: -32602,
-    internal: -32603
-  },
-  provider: {
-    userRejectedRequest: 4001,
-    unauthorized: 4100,
-    unsupportedMethod: 4200,
-    disconnected: 4900,
-    chainDisconnected: 4901,
-    unsupportedChain: 4902
+import { toAuthState as f } from "./index.native17.js";
+import { getPlatformCrypto as n } from "./index.native5.js";
+import { sortKeys as S } from "./index.native21.js";
+const i = 60 * 1e3;
+class p {
+  projectId;
+  authState = null;
+  walletSecret = null;
+  authStateChangeCallbacks = [];
+  initPromise = null;
+  refreshTimeout = null;
+  /**
+   * Initializes the token manager.
+   *
+   * @param projectId - The project ID.
+   */
+  constructor(e) {
+    this.projectId = e, this.initPromise = this._doInitialize();
   }
-};
-class o extends Error {
   /**
-   * The error code from EIP1193ErrorCode enum.
+   * Gets the current user, or null if there is no user signed in.
+   *
+   * @returns The current user.
    */
-  code;
+  async getUser() {
+    return this.authState?.user ?? null;
+  }
   /**
-   * Creates a new EIP-1193 Provider error.
+   * Returns whether the user is signed in - i.e., whether there is an unexpired
+   * access token and user. Attempts to refresh the token if it's expired.
    *
-   * @param code - The error code from EIP1193ErrorCode enum.
-   * @param message - The error message.
+   * @returns True if the user is signed in, false otherwise.
    */
-  constructor(t, r) {
-    super(r), this.code = t;
+  async isSignedIn() {
+    if (!this.authState)
+      return !1;
+    if (this.authState.expiresAt > Date.now() + i)
+      return !0;
+    try {
+      return await this.getToken() !== null;
+    } catch {
+      return !1;
+    }
   }
-}
-class c extends Error {
   /**
-   * The error code from RPCErrorCode type.
+   * Signs out the user, clearing all authentication state.
    */
-  code;
+  async signOut() {
+    try {
+      await l(this.projectId);
+    } catch {
+    } finally {
+      await this.clearAuthState();
+    }
+  }
   /**
-   * Creates a new RPC Invalid Params error.
+   * Adds a callback to be called when the auth state changes.
    *
-   * @param code - The error code from RPCErrorCode type.
-   * @param message - The error message.
+   * @param callback - The function to call when the auth state changes.
    */
-  constructor(t, r) {
-    super(r), this.code = t;
+  addAuthStateChangeCallback(e) {
+    this.authStateChangeCallbacks.push(e), e(this.authState?.user ?? null);
   }
-}
-class p extends Error {
   /**
-   * Creates a new AccountTypeMismatchError.
+   * Gets the access token, refreshing it if it is expired. Returns null if the user is not
+   * signed in.
    *
-   * @param message - The error message.
+   * @returns The access token.
    */
-  constructor(t) {
-    super(t);
+  async getToken() {
+    return this.shouldRefreshToken() && await this.refreshAccessToken(), this.authState?.accessToken ?? null;
+  }
+  /**
+   * Gets the currently registered wallet secret ID. Rejects if the user is not signed in.
+   *
+   * @returns The wallet secret ID.
+   */
+  async getWalletSecretId() {
+    if (!await this.isSignedIn())
+      throw new Error("Cannot get wallet secret ID if the user is not signed in");
+    return this.shouldRefreshWalletSecret() && await this.refreshWalletSecret(), this.walletSecret.walletSecretId;
+  }
+  /**
+   * Gets the X-Wallet-Auth header. Rejects if the user is not signed in.
+   *
+   * @param options - The options for the request.
+   * @param options.requestMethod - The HTTP method of the request.
+   * @param options.requestHost - The host of the request.
+   * @param options.requestPath - The path of the request.
+   * @param options.requestData - The data of the request.
+   * @returns The X-Wallet-Auth header.
+   */
+  async getXWalletAuth(e) {
+    if (!await this.isSignedIn())
+      throw new Error("Cannot get X-Wallet-Auth header if the user is not signed in");
+    this.shouldRefreshWalletSecret() && await this.refreshWalletSecret();
+    const t = `${e.requestMethod} ${e.requestHost}${e.requestPath}`, r = Math.floor(Date.now() / 1e3), s = n(), a = {
+      uris: [t]
+    };
+    if (e.requestData && Object.keys(e.requestData).length > 0) {
+      const h = S(e.requestData);
+      a.reqHash = await s.hash(new TextEncoder().encode(JSON.stringify(h)));
+    }
+    return await new u(a).setProtectedHeader({ alg: "ES256", typ: "JWT" }).setIssuedAt(r).setNotBefore(r).setJti(s.generateRandomId()).sign(this.walletSecret.keyPair.privateKey);
+  }
+  /**
+   * Sets the authentication state.
+   *
+   * @param authState - The authentication state.
+   */
+  async setAuthState(e) {
+    this.authState = e, this.authStateChangeCallbacks.forEach((t) => t(this.authState?.user ?? null)), this.scheduleTokenRefresh();
+  }
+  /**
+   * Clears the authentication state.
+   */
+  async clearAuthState() {
+    this.authState = null, this.walletSecret = null, this.cancelTokenRefresh(), this.authStateChangeCallbacks.forEach((e) => e(null));
+  }
+  /**
+   * Ensures the AuthManager is initialized before proceeding.
+   * If initialization is already in progress, waits for it to complete.
+   */
+  async ensureInitialized() {
+    if (this.initPromise) {
+      await this.initPromise;
+      return;
+    }
+    throw new Error("AuthManager not initialized");
+  }
+  /**
+   * Internal async initialization logic.
+   */
+  async _doInitialize() {
+    try {
+      await this.refreshAccessToken();
+    } catch (e) {
+      console.warn("Failed to refresh access token during initialization:", e);
+    }
+  }
+  /**
+   * Returns whether the token should be refreshed.
+   *
+   * @returns True if the token should be refreshed, false otherwise.
+   */
+  shouldRefreshToken() {
+    return !(this.authState && this.authState.expiresAt > Date.now() + i);
+  }
+  /**
+   * Refreshes the access token and transitions the auth state accordingly.
+   * If a refresh is already in progress, it will wait for that refresh to complete.
+   *
+   * @returns The new access token.
+   */
+  async refreshAccessToken() {
+    try {
+      const e = await c(this.projectId, {
+        grantType: "refresh_token"
+      }), t = f(
+        e.accessToken,
+        e.validUntil,
+        e.endUser
+      );
+      await this.setAuthState(t);
+    } catch {
+      await this.signOut();
+    }
+  }
+  /**
+   * Returns whether the wallet secret should be refreshed.
+   *
+   * @returns True if the wallet secret should be refreshed, false otherwise.
+   */
+  shouldRefreshWalletSecret() {
+    return !(this.walletSecret && this.walletSecret.expiresAt > Date.now() + i);
+  }
+  /**
+   * Refreshes the wallet secret. Assumes the user is signed in.
+   *
+   * @returns The wallet secret.
+   */
+  async refreshWalletSecret() {
+    const e = n(), t = this.walletSecret?.walletSecretId ?? e.generateRandomId(), r = this.walletSecret?.keyPair ?? await e.createKeyPair(), s = this.authState.expiresAt, a = new Date(s).toISOString();
+    this.walletSecret = { walletSecretId: t, keyPair: r, expiresAt: s };
+    try {
+      await o(this.projectId, this.authState.user.userId, {
+        walletSecretId: t,
+        publicKey: r.publicKeyBase64,
+        validUntil: a
+      });
+    } catch (h) {
+      throw this.walletSecret = null, h;
+    }
+  }
+  /**
+   * Schedules a token refresh to occur exactly when shouldRefreshToken() would return true.
+   * Uses the same REFRESH_CREDENTIALS_BUFFER_MS timing as the rest of the auth system.
+   */
+  scheduleTokenRefresh() {
+    if (this.cancelTokenRefresh(), !this.authState)
+      return;
+    const t = this.authState.expiresAt - i - Date.now();
+    t <= 0 || (this.refreshTimeout = setTimeout(async () => {
+      await this.refreshAccessToken(), this.scheduleTokenRefresh();
+    }, t));
+  }
+  /**
+   * Cancels any scheduled token refresh.
+   */
+  cancelTokenRefresh() {
+    this.refreshTimeout && (clearTimeout(this.refreshTimeout), this.refreshTimeout = null);
   }
-}
-const l = /* @__PURE__ */ new Set([
-  "eth_accounts",
-  "eth_requestAccounts",
-  "personal_sign",
-  "eth_sendTransaction",
-  "eth_signTypedData_v4",
-  "eth_chainId",
-  "eth_sign",
-  "wallet_disconnect",
-  "wallet_switchEthereumChain",
-  "wallet_sendCalls",
-  "wallet_getCallsStatus",
-  "wallet_getCapabilities"
-]);
-function _(e, { chains: t }) {
-  const { method: r, params: s } = e;
-  if (typeof r != "string" || r.length === 0)
-    throw new c(
-      n.rpc.invalidParams,
-      "'method' must be a non-empty string."
-    );
-  const a = (s ?? [])[0]?.chainId;
-  if (typeof a == "string" && !t.some((d) => d.id === Number.parseInt(a, 16)))
-    throw new o(
-      n.provider.unsupportedChain,
-      `Chain ${a} not supported - make sure the provider is configured with the correct chains.`
-    );
-  if (s !== void 0 && !Array.isArray(s))
-    throw new c(
-      n.rpc.invalidParams,
-      "'params' must be an array if provided."
-    );
-  if (!l.has(r))
-    throw new o(
-      n.provider.unsupportedMethod,
-      `Method ${e.method} not supported`
-    );
-}
-async function i() {
-  const e = await h();
-  if (!e)
-    throw new o(
-      n.provider.unauthorized,
-      "User not connected"
-    );
-  return e;
-}
-async function y(e) {
-  const t = await i();
-  if (!t.evmAccounts?.includes(e) && !t.evmSmartAccounts?.includes(e))
-    throw new o(
-      n.provider.unauthorized,
-      "Address not owned by user"
-    );
-  return t;
-}
-async function u() {
-  const e = await i();
-  if (!e.evmAccounts?.[0])
-    throw new o(
-      n.provider.unauthorized,
-      "No EVM accounts available"
-    );
-  return e;
-}
-async function g() {
-  const e = await i();
-  if (!e.evmSmartAccounts?.[0])
-    throw new o(
-      n.provider.unauthorized,
-      "No EVM smart accounts available"
-    );
-  return e;
-}
-async function S({ errorMessage: e } = {}) {
-  const t = await u();
-  if (await u(), !!t.evmSmartAccounts?.length)
-    throw new p(e ?? "Method unsupported.");
-  return t;
 }
 export {
-  p as AccountTypeMismatchError,
-  o as EIP1193ProviderError,
-  c as RPCRequestError,
-  n as STANDARD_ERROR_CODES,
-  S as validateIsUsingEOA,
-  _ as validateRequest,
-  i as validateUserConnected,
-  u as validateUserHasEvmAccount,
-  g as validateUserHasEvmSmartAccount,
-  y as validateUserOwnsAddress
+  p as AuthManager
 };

package/dist/native/index.native100.js

@@ -1,12 +1,12 @@
-import n from "./index.native110.js";
-import s from "./index.native111.js";
-import a from "./index.native112.js";
-const y = async (t, o, e) => {
-  const r = await a(t, o, "sign");
-  s(t, r);
-  const i = await crypto.subtle.sign(n(t, r.algorithm), r, e);
-  return new Uint8Array(i);
+import { contracts as o } from "./index.native108.js";
+import { formatters as r } from "./index.native109.js";
+import { serializers as t } from "./index.native110.js";
+const e = {
+  blockTime: 2e3,
+  contracts: o,
+  formatters: r,
+  serializers: t
 };
 export {
-  y as default
+  e as chainConfig
 };

package/dist/native/index.native101.js

@@ -1,22 +1,23 @@
-const a = (...o) => {
-  const t = o.filter(Boolean);
-  if (t.length === 0 || t.length === 1)
-    return !0;
-  let e;
-  for (const s of t) {
-    const r = Object.keys(s);
-    if (!e || e.size === 0) {
-      e = new Set(r);
-      continue;
-    }
-    for (const n of r) {
-      if (e.has(n))
-        return !1;
-      e.add(n);
-    }
+import { encoder as t, decoder as o } from "./index.native88.js";
+import { encodeBase64 as c, decodeBase64 as a } from "./index.native111.js";
+function i(r) {
+  if (Uint8Array.fromBase64)
+    return Uint8Array.fromBase64(typeof r == "string" ? r : o.decode(r), {
+      alphabet: "base64url"
+    });
+  let e = r;
+  e instanceof Uint8Array && (e = o.decode(e)), e = e.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  try {
+    return a(e);
+  } catch {
+    throw new TypeError("The input to be decoded is not correctly encoded.");
   }
-  return !0;
-};
+}
+function p(r) {
+  let e = r;
+  return typeof e == "string" && (e = t.encode(e)), Uint8Array.prototype.toBase64 ? e.toBase64({ alphabet: "base64url", omitPadding: !0 }) : c(e).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+}
 export {
-  a as default
+  i as decode,
+  p as encode
 };

package/dist/native/index.native102.js

@@ -1,96 +1,12 @@
-import { withAlg as n } from "./index.native113.js";
-import c from "./index.native114.js";
-import { isJWK as p, isSecretJWK as a, isPublicJWK as y, isPrivateJWK as f } from "./index.native115.js";
-const s = (r) => r?.[Symbol.toStringTag], o = (r, e, t) => {
-  if (e.use !== void 0) {
-    let i;
-    switch (t) {
-      case "sign":
-      case "verify":
-        i = "sig";
-        break;
-      case "encrypt":
-      case "decrypt":
-        i = "enc";
-        break;
-    }
-    if (e.use !== i)
-      throw new TypeError(`Invalid key for this operation, its "use" must be "${i}" when present`);
-  }
-  if (e.alg !== void 0 && e.alg !== r)
-    throw new TypeError(`Invalid key for this operation, its "alg" must be "${r}" when present`);
-  if (Array.isArray(e.key_ops)) {
-    let i;
-    switch (!0) {
-      case t === "sign":
-      case r === "dir":
-      case r.includes("CBC-HS"):
-        i = t;
-        break;
-      case r.startsWith("PBES2"):
-        i = "deriveBits";
-        break;
-      case /^A\d{3}(?:GCM)?(?:KW)?$/.test(r):
-        !r.includes("GCM") && r.endsWith("KW") ? i = "unwrapKey" : i = t;
-        break;
-      case t === "encrypt":
-        i = "wrapKey";
-        break;
-      case t === "decrypt":
-        i = r.startsWith("RSA") ? "unwrapKey" : "deriveBits";
-        break;
-    }
-    if (i && e.key_ops?.includes?.(i) === !1)
-      throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${i}" when present`);
-  }
-  return !0;
-}, h = (r, e, t) => {
-  if (!(e instanceof Uint8Array)) {
-    if (p(e)) {
-      if (a(e) && o(r, e, t))
-        return;
-      throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present');
-    }
-    if (!c(e))
-      throw new TypeError(n(r, e, "CryptoKey", "KeyObject", "JSON Web Key", "Uint8Array"));
-    if (e.type !== "secret")
-      throw new TypeError(`${s(e)} instances for symmetric algorithms must be of type "secret"`);
-  }
-}, m = (r, e, t) => {
-  if (p(e))
-    switch (t) {
-      case "decrypt":
-      case "sign":
-        if (f(e) && o(r, e, t))
-          return;
-        throw new TypeError("JSON Web Key for this operation be a private JWK");
-      case "encrypt":
-      case "verify":
-        if (y(e) && o(r, e, t))
-          return;
-        throw new TypeError("JSON Web Key for this operation be a public JWK");
-    }
-  if (!c(e))
-    throw new TypeError(n(r, e, "CryptoKey", "KeyObject", "JSON Web Key"));
-  if (e.type === "secret")
-    throw new TypeError(`${s(e)} instances for asymmetric algorithms must not be of type "secret"`);
-  if (e.type === "public")
-    switch (t) {
-      case "sign":
-        throw new TypeError(`${s(e)} instances for asymmetric algorithm signing must be of type "private"`);
-      case "decrypt":
-        throw new TypeError(`${s(e)} instances for asymmetric algorithm decryption must be of type "private"`);
-    }
-  if (e.type === "private")
-    switch (t) {
-      case "verify":
-        throw new TypeError(`${s(e)} instances for asymmetric algorithm verifying must be of type "public"`);
-      case "encrypt":
-        throw new TypeError(`${s(e)} instances for asymmetric algorithm encryption must be of type "public"`);
-    }
-}, d = (r, e, t) => {
-  r.startsWith("HS") || r === "dir" || r.startsWith("PBES2") || /^A(?:128|192|256)(?:GCM)?(?:KW)?$/.test(r) || /^A(?:128|192|256)CBC-HS(?:256|384|512)$/.test(r) ? h(r, e, t) : m(r, e, t);
+import n from "./index.native112.js";
+import s from "./index.native113.js";
+import a from "./index.native114.js";
+const y = async (t, o, e) => {
+  const r = await a(t, o, "sign");
+  s(t, r);
+  const i = await crypto.subtle.sign(n(t, r.algorithm), r, e);
+  return new Uint8Array(i);
 };
 export {
-  d as default
+  y as default
 };

package/dist/native/index.native103.js

@@ -1,23 +1,22 @@
-import { JOSENotSupported as f } from "./index.native36.js";
-const w = (n, r, a, e, s) => {
-  if (s.crit !== void 0 && e?.crit === void 0)
-    throw new n('"crit" (Critical) Header Parameter MUST be integrity protected');
-  if (!e || e.crit === void 0)
-    return /* @__PURE__ */ new Set();
-  if (!Array.isArray(e.crit) || e.crit.length === 0 || e.crit.some((i) => typeof i != "string" || i.length === 0))
-    throw new n('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
-  let t;
-  a !== void 0 ? t = new Map([...Object.entries(a), ...r.entries()]) : t = r;
-  for (const i of e.crit) {
-    if (!t.has(i))
-      throw new f(`Extension Header Parameter "${i}" is not recognized`);
-    if (s[i] === void 0)
-      throw new n(`Extension Header Parameter "${i}" is missing`);
-    if (t.get(i) && e[i] === void 0)
-      throw new n(`Extension Header Parameter "${i}" MUST be integrity protected`);
+const a = (...o) => {
+  const t = o.filter(Boolean);
+  if (t.length === 0 || t.length === 1)
+    return !0;
+  let e;
+  for (const s of t) {
+    const r = Object.keys(s);
+    if (!e || e.size === 0) {
+      e = new Set(r);
+      continue;
+    }
+    for (const n of r) {
+      if (e.has(n))
+        return !1;
+      e.add(n);
+    }
   }
-  return new Set(e.crit);
+  return !0;
 };
 export {
-  w as default
+  a as default
 };