@crossmint/client-sdk-auth 0.2.2 → 1.0.0

package/dist/utils/jwt.js

@@ -0,0 +1,8 @@
+import {
+  getJWTExpiration
+} from "../chunk-MLMLBCSI.js";
+import "../chunk-JPRRZPBL.js";
+export {
+  getJWTExpiration
+};
+//# sourceMappingURL=jwt.js.map

package/dist/utils/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@crossmint/client-sdk-auth",
-  "version": "0.2.2",
+  "version": "1.0.0",
   "repository": "https://github.com/Crossmint/crossmint-sdk",
   "license": "Apache-2.0",
   "author": "Paella Labs Inc",
@@ -20,10 +20,14 @@
   ],
   "dependencies": {
     "jwt-decode": "4.0.0",
-    "@crossmint/common-sdk-auth": "0.2.2"
+    "@farcaster/auth-kit": "0.6.0",
+    "@crossmint/client-sdk-base": "1.3.2",
+    "@crossmint/common-sdk-auth": "1.0.0",
+    "@crossmint/common-sdk-base": "0.3.0"
   },
   "scripts": {
-    "build": "tsup src/index.ts --clean --format esm,cjs --outDir ./dist --minify --dts --sourcemap",
-    "dev": "tsup src/index.ts --clean --format esm,cjs --outDir ./dist --dts --sourcemap --watch"
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "test": "vitest run"
   }
 }

package/src/CrossmintAuthClient.test.ts

@@ -0,0 +1,406 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+import type { StatusAPIResponse } from "@farcaster/auth-kit";
+import { type Crossmint, CrossmintApiClient } from "@crossmint/common-sdk-base";
+import type { AuthMaterialWithUser } from "@crossmint/common-sdk-auth";
+import { CrossmintAuthClient } from "./CrossmintAuthClient";
+import * as cookiesUtils from "./utils/cookies";
+import { getJWTExpiration } from "./utils";
+import { queueTask } from "@crossmint/client-sdk-base";
+
+vi.mock("@crossmint/common-sdk-base");
+vi.mock("./utils/cookies");
+vi.mock("./utils/jwt");
+vi.mock("@crossmint/client-sdk-base");
+
+describe("CrossmintAuthClient", () => {
+    let crossmintAuthClient: CrossmintAuthClient;
+    const mockCrossmint = { projectId: "test-project-id" };
+    const mockApiClient = {
+        baseUrl: "https://api.crossmint.com",
+        get: vi.fn(),
+        post: vi.fn(),
+    };
+    const mockCallbacks = {
+        onLogout: vi.fn(),
+        onTokenRefresh: vi.fn(),
+    };
+    const mockConfig = {
+        callbacks: mockCallbacks,
+        refreshRoute: "http://example.com/custom/refresh",
+    };
+
+    beforeEach(() => {
+        vi.resetAllMocks();
+        vi.mocked(CrossmintApiClient).mockReturnValue(mockApiClient as unknown as CrossmintApiClient);
+        crossmintAuthClient = CrossmintAuthClient.from(mockCrossmint as unknown as Crossmint, mockConfig);
+    });
+
+    afterEach(() => {
+        vi.restoreAllMocks();
+    });
+
+    describe("from", () => {
+        it("should create a new CrossmintAuthClient instance with config", () => {
+            expect(crossmintAuthClient).toBeInstanceOf(CrossmintAuthClient);
+            expect(CrossmintApiClient).toHaveBeenCalledWith(mockCrossmint, expect.any(Object));
+            expect((crossmintAuthClient as any).callbacks).toEqual(mockConfig.callbacks);
+            expect((crossmintAuthClient as any).refreshRoute).toBe(mockConfig.refreshRoute);
+        });
+    });
+
+    describe("getUser", () => {
+        it("should fetch user data", async () => {
+            const mockUserData = { id: "user123", email: "user@example.com" };
+            mockApiClient.get.mockResolvedValue({
+                json: () => Promise.resolve(mockUserData),
+            });
+
+            const result = await crossmintAuthClient.getUser();
+
+            expect(result).toEqual(mockUserData);
+            expect(mockApiClient.get).toHaveBeenCalledWith("api/2024-09-26/sdk/auth/user", expect.any(Object));
+        });
+    });
+
+    describe("storeAuthMaterial", () => {
+        it("should store auth material in cookies", () => {
+            const mockAuthMaterial: AuthMaterialWithUser = {
+                jwt: "mock.jwt.token",
+                refreshToken: { secret: "refresh-token", expiresAt: "2023-12-31T23:59:59Z" },
+                user: { id: "user123" },
+            };
+
+            crossmintAuthClient.storeAuthMaterial(mockAuthMaterial);
+
+            expect(cookiesUtils.setCookie).toHaveBeenCalledWith("crossmint-jwt", mockAuthMaterial.jwt);
+            expect(cookiesUtils.setCookie).toHaveBeenCalledWith(
+                "crossmint-refresh-token",
+                mockAuthMaterial.refreshToken.secret,
+                mockAuthMaterial.refreshToken.expiresAt
+            );
+        });
+    });
+
+    describe("logout", () => {
+        beforeEach(() => {
+            mockApiClient.post.mockReset();
+        });
+
+        it("should call logout endpoint, clear auth cookies and call onLogout callback", async () => {
+            const mockCallbacks = { onLogout: vi.fn() };
+            const mockRefreshToken = "mock-refresh-token";
+            vi.mocked(cookiesUtils.getCookie).mockReturnValue(mockRefreshToken);
+            crossmintAuthClient = CrossmintAuthClient.from(mockCrossmint as unknown as Crossmint, {
+                callbacks: mockCallbacks,
+            });
+
+            await crossmintAuthClient.logout();
+
+            expect(mockApiClient.post).toHaveBeenCalledWith(
+                "api/2024-09-26/session/sdk/auth/logout",
+                expect.objectContaining({
+                    headers: {
+                        "Content-Type": "application/json",
+                    },
+                    body: JSON.stringify({
+                        refresh: mockRefreshToken,
+                    }),
+                })
+            );
+            expect(cookiesUtils.deleteCookie).toHaveBeenCalledWith("crossmint-refresh-token");
+            expect(cookiesUtils.deleteCookie).toHaveBeenCalledWith("crossmint-jwt");
+            expect(mockCallbacks.onLogout).toHaveBeenCalled();
+        });
+
+        it("should call custom logout route when configured", async () => {
+            const mockCallbacks = { onLogout: vi.fn() };
+            const customLogoutRoute = "/custom/logout";
+            const fetchSpy = vi.spyOn(global, "fetch").mockResolvedValue(new Response());
+
+            crossmintAuthClient = CrossmintAuthClient.from(mockCrossmint as unknown as Crossmint, {
+                callbacks: mockCallbacks,
+                logoutRoute: customLogoutRoute,
+            });
+
+            await crossmintAuthClient.logout();
+
+            expect(fetchSpy).toHaveBeenCalledWith(customLogoutRoute, { method: "POST" });
+            expect(mockApiClient.post).not.toHaveBeenCalled();
+            expect(cookiesUtils.deleteCookie).toHaveBeenCalledWith("crossmint-refresh-token");
+            expect(cookiesUtils.deleteCookie).toHaveBeenCalledWith("crossmint-jwt");
+            expect(mockCallbacks.onLogout).toHaveBeenCalled();
+        });
+    });
+
+    describe("handleRefreshAuthMaterial", () => {
+        const mockRefreshToken = "mock-refresh-token";
+        const mockAuthMaterial = {
+            jwt: "new.jwt.token",
+            refreshToken: { secret: "new-refresh-token", expiresAt: "2023-12-31T23:59:59Z" },
+            user: { id: "user123" },
+        };
+
+        beforeEach(() => {
+            vi.spyOn(crossmintAuthClient as any, "refreshAuthMaterial").mockResolvedValue(mockAuthMaterial);
+            vi.spyOn(crossmintAuthClient as any, "storeAuthMaterial").mockImplementation(() => {});
+            vi.mocked(getJWTExpiration).mockReturnValue(Date.now() / 1000 + 3600); // 1 hour from now
+            vi.mocked(queueTask).mockReturnValue({ cancel: vi.fn() } as any);
+        });
+
+        it("should refresh auth material and schedule next refresh", async () => {
+            crossmintAuthClient = CrossmintAuthClient.from(mockCrossmint as unknown as Crossmint, {
+                callbacks: mockCallbacks,
+            });
+            vi.spyOn(crossmintAuthClient as any, "refreshAuthMaterial").mockResolvedValue(mockAuthMaterial);
+            vi.spyOn(crossmintAuthClient as any, "storeAuthMaterial").mockImplementation(() => {});
+
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(crossmintAuthClient["refreshAuthMaterial"]).toHaveBeenCalledWith(mockRefreshToken);
+            expect(crossmintAuthClient["storeAuthMaterial"]).toHaveBeenCalledWith(mockAuthMaterial);
+            expect(queueTask).toHaveBeenCalledWith(expect.any(Function), expect.any(Number));
+        });
+
+        it("should not refresh if already refreshing", async () => {
+            (crossmintAuthClient as any).isRefreshing = true;
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(crossmintAuthClient["refreshAuthMaterial"]).not.toHaveBeenCalled();
+        });
+
+        it("should call onTokenRefresh callback if provided", async () => {
+            const mockCallback = vi.fn();
+            (crossmintAuthClient as any).callbacks.onTokenRefresh = mockCallback;
+
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(mockCallback).toHaveBeenCalledWith(mockAuthMaterial);
+        });
+
+        it("should handle errors and call logout", async () => {
+            const mockError = new Error("Refresh failed");
+            vi.spyOn(crossmintAuthClient as any, "refreshAuthMaterial").mockRejectedValue(mockError);
+            vi.spyOn(crossmintAuthClient, "logout").mockImplementation(() => Promise.resolve());
+            const consoleErrorSpy = vi.spyOn(console, "error").mockImplementation(() => {});
+
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(consoleErrorSpy).toHaveBeenCalledWith(mockError);
+            expect(crossmintAuthClient.logout).toHaveBeenCalled();
+        });
+
+        it("should use cookie if no refresh token is provided", async () => {
+            vi.mocked(cookiesUtils.getCookie).mockReturnValue(mockRefreshToken);
+
+            await crossmintAuthClient.handleRefreshAuthMaterial();
+
+            expect(crossmintAuthClient["refreshAuthMaterial"]).toHaveBeenCalledWith(mockRefreshToken);
+        });
+
+        it("should not refresh if no refresh token is available and no custom refresh route is set", async () => {
+            crossmintAuthClient = CrossmintAuthClient.from(mockCrossmint as unknown as Crossmint, {});
+            vi.spyOn(crossmintAuthClient as any, "refreshAuthMaterial").mockResolvedValue(mockAuthMaterial);
+            vi.mocked(cookiesUtils.getCookie).mockReturnValue(null as any);
+
+            await crossmintAuthClient.handleRefreshAuthMaterial();
+
+            expect(crossmintAuthClient["refreshAuthMaterial"]).not.toHaveBeenCalled();
+        });
+
+        it("should cancel previous refresh task before scheduling a new one", async () => {
+            const mockCancelTask = vi.fn();
+            (crossmintAuthClient as any).refreshTask = { cancel: mockCancelTask };
+
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(mockCancelTask).toHaveBeenCalled();
+            expect(queueTask).toHaveBeenCalled();
+        });
+
+        it("should not schedule refresh if JWT is invalid", async () => {
+            vi.mocked(getJWTExpiration).mockReturnValue(null as any);
+
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(queueTask).not.toHaveBeenCalled();
+        });
+
+        it("should not schedule refresh if time to expire is negative", async () => {
+            vi.mocked(getJWTExpiration).mockReturnValue(Date.now() / 1000 - 3600); // 1 hour ago
+
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(queueTask).not.toHaveBeenCalled();
+        });
+
+        it("should not store auth material if custom refresh route is set", async () => {
+            const spyStoreAuthMaterial = vi.spyOn(crossmintAuthClient, "storeAuthMaterial");
+
+            await crossmintAuthClient.handleRefreshAuthMaterial(mockRefreshToken);
+
+            expect(crossmintAuthClient["refreshAuthMaterial"]).toHaveBeenCalledWith(mockRefreshToken);
+            expect(spyStoreAuthMaterial).not.toHaveBeenCalled();
+        });
+    });
+
+    describe("getOAuthUrl", () => {
+        it("should fetch OAuth URL for a given provider", async () => {
+            const mockProvider = "google";
+            const mockOAuthUrl = "https://oauth.example.com/auth";
+            mockApiClient.get.mockResolvedValue({
+                json: () => Promise.resolve({ oauthUrl: mockOAuthUrl }),
+            });
+
+            const result = await crossmintAuthClient.getOAuthUrl(mockProvider);
+
+            expect(result).toBe(mockOAuthUrl);
+            expect(mockApiClient.get).toHaveBeenCalledWith(
+                "api/2024-09-26/session/sdk/auth/social/google/start",
+                expect.any(Object)
+            );
+        });
+    });
+
+    describe("sendEmailOtp", () => {
+        it("should send email OTP", async () => {
+            const mockEmail = "user@example.com";
+            const mockResponse = { success: true };
+            mockApiClient.post.mockResolvedValue({
+                json: () => Promise.resolve(mockResponse),
+            });
+
+            const result = await crossmintAuthClient.sendEmailOtp(mockEmail);
+
+            expect(result).toEqual(mockResponse);
+            expect(mockApiClient.post).toHaveBeenCalledWith(
+                "api/2024-09-26/session/sdk/auth/otps/send",
+                expect.objectContaining({
+                    body: JSON.stringify({ email: mockEmail }),
+                })
+            );
+        });
+    });
+
+    describe("confirmEmailOtp", () => {
+        it("should confirm email OTP and return oneTimeSecret", async () => {
+            const mockEmail = "user@example.com";
+            const mockEmailId = "email-id-123";
+            const mockToken = "otp-token-456";
+            const mockOneTimeSecret = "one-time-secret-789";
+            mockApiClient.post.mockResolvedValue({
+                json: () => Promise.resolve({ callbackUrl: `https://example.com?oneTimeSecret=${mockOneTimeSecret}` }),
+            });
+
+            const result = await crossmintAuthClient.confirmEmailOtp(mockEmail, mockEmailId, mockToken);
+
+            expect(result).toBe(mockOneTimeSecret);
+            expect(mockApiClient.post).toHaveBeenCalledWith(
+                expect.stringContaining("api/2024-09-26/session/sdk/auth/authenticate"),
+                expect.any(Object)
+            );
+        });
+    });
+
+    describe("signInWithFarcaster", () => {
+        it("should sign in with Farcaster and return oneTimeSecret", async () => {
+            const mockFarcasterData = {
+                message: "mock-message",
+                signature: "mock-signature",
+                signatureParams: { domain: "example.com" },
+            };
+            const mockOneTimeSecret = "farcaster-one-time-secret-123";
+            mockApiClient.post.mockResolvedValue({
+                json: () => Promise.resolve({ callbackUrl: `https://example.com?oneTimeSecret=${mockOneTimeSecret}` }),
+            });
+
+            const result = await crossmintAuthClient.signInWithFarcaster(mockFarcasterData as StatusAPIResponse);
+
+            expect(result).toBe(mockOneTimeSecret);
+            const expectedCallbackUrl = `https://api.crossmint.com/api/2024-09-26/session/sdk/auth/callback?isPopup=false`;
+            const queryParams = new URLSearchParams({
+                signinAuthenticationMethod: "farcaster",
+                callbackUrl: expectedCallbackUrl,
+            });
+            expect(mockApiClient.post).toHaveBeenCalledWith(
+                expect.stringContaining(`api/2024-09-26/session/sdk/auth/authenticate?${queryParams}`),
+                expect.objectContaining({
+                    body: JSON.stringify({
+                        ...mockFarcasterData,
+                        domain: "example.com",
+                        redirect: true,
+                        callbackUrl: expectedCallbackUrl,
+                    }),
+                    headers: {
+                        "Content-Type": "application/json",
+                    },
+                })
+            );
+        });
+    });
+
+    describe("signInWithSmartWallet", () => {
+        it("should initiate smart wallet sign in", async () => {
+            const mockAddress = "0x1234567890abcdef";
+            const mockResponse = {
+                message: "Please sign this message",
+                nonce: "123456",
+            };
+            mockApiClient.post.mockResolvedValue({
+                json: () => Promise.resolve(mockResponse),
+            });
+
+            const result = await crossmintAuthClient.signInWithSmartWallet(mockAddress);
+
+            expect(result).toEqual(mockResponse);
+            const queryParams = new URLSearchParams({
+                signinAuthenticationMethod: "evm",
+            });
+            expect(mockApiClient.post).toHaveBeenCalledWith(
+                `https://api.crossmint.com/api/2024-09-26/session/sdk/auth/crypto_wallets/authenticate/start?${queryParams}`,
+                expect.objectContaining({
+                    body: JSON.stringify({ walletAddress: mockAddress }),
+                    headers: {
+                        "Content-Type": "application/json",
+                    },
+                })
+            );
+        });
+    });
+
+    describe("authenticateSmartWallet", () => {
+        it("should complete smart wallet authentication", async () => {
+            const mockAddress = "0x1234567890abcdef";
+            const mockSignature = "0xsignature123";
+            const mockResponse = {
+                success: true,
+                authMaterial: {
+                    jwt: "mock.jwt.token",
+                    refreshToken: { secret: "refresh-token" },
+                },
+            };
+            mockApiClient.post.mockResolvedValue({
+                json: () => Promise.resolve(mockResponse),
+            });
+
+            const result = await crossmintAuthClient.authenticateSmartWallet(mockAddress, mockSignature);
+
+            expect(result).toEqual(mockResponse);
+            const queryParams = new URLSearchParams({
+                signinAuthenticationMethod: "evm",
+                callbackUrl: `https://api.crossmint.com/api/2024-09-26/session/sdk/auth/we-dont-actually-use-this-anymore`,
+            });
+            expect(mockApiClient.post).toHaveBeenCalledWith(
+                `api/2024-09-26/session/sdk/auth/crypto_wallets/authenticate?${queryParams}`,
+                expect.objectContaining({
+                    body: JSON.stringify({
+                        walletAddress: mockAddress,
+                        signature: mockSignature,
+                    }),
+                    headers: {
+                        "Content-Type": "application/json",
+                    },
+                })
+            );
+        });
+    });
+});

package/src/CrossmintAuthClient.ts

@@ -0,0 +1,241 @@
+import type { UseSignInData } from "@farcaster/auth-kit";
+import {
+    AUTH_SDK_ROOT_ENDPOINT,
+    type AuthMaterialWithUser,
+    CROSSMINT_API_VERSION,
+    CrossmintAuth,
+    type CrossmintAuthOptions,
+    type OAuthProvider,
+    REFRESH_TOKEN_PREFIX,
+    SESSION_PREFIX,
+} from "@crossmint/common-sdk-auth";
+import type { Crossmint, CrossmintApiClient } from "@crossmint/common-sdk-base";
+import { type CancellableTask, queueTask } from "@crossmint/client-sdk-base";
+import { deleteCookie, getCookie, getJWTExpiration, setCookie, TIME_BEFORE_EXPIRING_JWT_IN_SECONDS } from "./utils";
+
+type CrossmintAuthClientConfig = CrossmintAuthOptions & {
+    callbacks?: CrossmintAuthClientCallbacks;
+    logoutRoute?: string;
+};
+
+export class CrossmintAuthClient extends CrossmintAuth {
+    private callbacks: CrossmintAuthClientCallbacks;
+    private refreshTask: CancellableTask | null = null;
+    private isRefreshing = false;
+    private logoutRoute: string | null;
+
+    private constructor(crossmint: Crossmint, apiClient: CrossmintApiClient, config: CrossmintAuthClientConfig = {}) {
+        super(crossmint, apiClient, config);
+        this.callbacks = config.callbacks ?? {};
+        this.logoutRoute = config.logoutRoute ?? null;
+    }
+
+    public static from(crossmint: Crossmint, config: CrossmintAuthClientConfig = {}): CrossmintAuthClient {
+        const authClient = new CrossmintAuthClient(crossmint, CrossmintAuth.defaultApiClient(crossmint), config);
+        // In case an instance is created on the server, we can't refresh as this stores cookies
+        if (typeof window !== "undefined") {
+            authClient.handleRefreshAuthMaterial();
+        }
+        return authClient;
+    }
+
+    public async getUser() {
+        const result = await this.apiClient.get(`api/${CROSSMINT_API_VERSION}/sdk/auth/user`, {
+            headers: {
+                "Content-Type": "application/json",
+            },
+        });
+
+        const user = await result.json();
+        return user;
+    }
+
+    public storeAuthMaterial(authMaterial: AuthMaterialWithUser) {
+        setCookie(SESSION_PREFIX, authMaterial.jwt);
+        setCookie(REFRESH_TOKEN_PREFIX, authMaterial.refreshToken.secret, authMaterial.refreshToken.expiresAt);
+    }
+
+    public async logout() {
+        // Even if there's a server error, we want to clear the cookies
+        try {
+            if (this.logoutRoute != null) {
+                await this.logoutFromCustomRoute();
+            } else {
+                await this.logoutFromDefaultRoute(getCookie(REFRESH_TOKEN_PREFIX));
+            }
+        } catch (error) {
+            console.error(error);
+        } finally {
+            deleteCookie(REFRESH_TOKEN_PREFIX);
+            deleteCookie(SESSION_PREFIX);
+            this.callbacks.onLogout?.();
+        }
+    }
+
+    public async handleRefreshAuthMaterial(refreshTokenSecret?: string): Promise<void> {
+        const refreshToken = refreshTokenSecret ?? getCookie(REFRESH_TOKEN_PREFIX);
+        // If there is a custom refresh route, that endpoint will fetch the cookies itself
+        if ((refreshToken == null && this.refreshRoute == null) || this.isRefreshing) {
+            return;
+        }
+
+        try {
+            this.isRefreshing = true;
+            const authMaterial = await this.refreshAuthMaterial(refreshToken);
+
+            // If a custom refresh route is set, storing in cookies is handled in the server
+            if (this.refreshRoute == null) {
+                this.storeAuthMaterial(authMaterial);
+            }
+
+            this.callbacks.onTokenRefresh?.(authMaterial);
+
+            this.scheduleNextRefresh(authMaterial.jwt);
+        } catch (error) {
+            console.error(error);
+            this.logout();
+        } finally {
+            this.isRefreshing = false;
+        }
+    }
+
+    public async getOAuthUrl(provider: OAuthProvider) {
+        const result = await this.apiClient.get(`${AUTH_SDK_ROOT_ENDPOINT}/social/${provider}/start`, {
+            headers: {
+                "Content-Type": "application/json",
+            },
+        });
+
+        const data = (await result.json()) as { oauthUrl: string };
+        return data.oauthUrl;
+    }
+
+    public async sendEmailOtp(email: string) {
+        const result = await this.apiClient.post(`${AUTH_SDK_ROOT_ENDPOINT}/otps/send`, {
+            headers: {
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({ email }),
+        });
+
+        return await result.json();
+    }
+
+    public async confirmEmailOtp(email: string, emailId: string, token: string) {
+        const queryParams = new URLSearchParams({
+            email,
+            signinAuthenticationMethod: "email",
+            token,
+            locale: "en",
+            state: emailId,
+            callbackUrl: `${this.apiClient.baseUrl}/${AUTH_SDK_ROOT_ENDPOINT}/we-dont-actually-use-this-anymore`,
+        });
+        const result = await this.apiClient.post(`${AUTH_SDK_ROOT_ENDPOINT}/authenticate?${queryParams}`, {
+            headers: {
+                "Content-Type": "application/json",
+            },
+        });
+
+        const resData = await result.json();
+        const callbackUrl = new URL(resData.callbackUrl);
+
+        // parse the oneTimeSecret from the callbackUrl response
+        return callbackUrl.searchParams.get("oneTimeSecret");
+    }
+
+    public async signInWithFarcaster(data: UseSignInData) {
+        const queryParams = new URLSearchParams({
+            signinAuthenticationMethod: "farcaster",
+            callbackUrl: `${this.apiClient.baseUrl}/${AUTH_SDK_ROOT_ENDPOINT}/callback?isPopup=false`,
+        });
+
+        const result = await this.apiClient.post(`${AUTH_SDK_ROOT_ENDPOINT}/authenticate?${queryParams}`, {
+            headers: {
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                ...data,
+                domain: data.signatureParams.domain,
+                redirect: true,
+                callbackUrl: `${this.apiClient.baseUrl}/${AUTH_SDK_ROOT_ENDPOINT}/callback?isPopup=false`,
+            }),
+        });
+
+        const resData = await result.json();
+        const callbackUrl = new URL(resData.callbackUrl);
+
+        // parse the oneTimeSecret from the callbackUrl response
+        return callbackUrl.searchParams.get("oneTimeSecret");
+    }
+
+    public async signInWithSmartWallet(address: string) {
+        const queryParams = new URLSearchParams({
+            signinAuthenticationMethod: "evm",
+        });
+
+        const result = await this.apiClient.post(
+            `${AUTH_SDK_ROOT_ENDPOINT}/crypto_wallets/authenticate/start?${queryParams}`,
+            {
+                headers: {
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify({ walletAddress: address }),
+            }
+        );
+        return await result.json();
+    }
+
+    public async authenticateSmartWallet(address: string, signature: string) {
+        const queryParams = new URLSearchParams({
+            signinAuthenticationMethod: "evm",
+            callbackUrl: `${this.apiClient.baseUrl}/${AUTH_SDK_ROOT_ENDPOINT}/we-dont-actually-use-this-anymore`,
+        });
+
+        const result = await this.apiClient.post(
+            `${AUTH_SDK_ROOT_ENDPOINT}/crypto_wallets/authenticate?${queryParams}`,
+            {
+                headers: {
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify({ walletAddress: address, signature }),
+            }
+        );
+        return await result.json();
+    }
+
+    private async logoutFromCustomRoute(): Promise<Response> {
+        if (!this.logoutRoute) {
+            throw new Error("Custom logout route is not set");
+        }
+
+        return await fetch(this.logoutRoute, { method: "POST" });
+    }
+
+    private scheduleNextRefresh(jwt: string): void {
+        const jwtExpiration = getJWTExpiration(jwt);
+        if (!jwtExpiration) {
+            throw new Error("Invalid JWT");
+        }
+
+        const currentTime = Date.now() / 1000;
+        const timeToExpire = jwtExpiration - currentTime - TIME_BEFORE_EXPIRING_JWT_IN_SECONDS;
+
+        if (timeToExpire > 0) {
+            const endTime = Date.now() + timeToExpire * 1000;
+            this.cancelScheduledRefresh();
+            this.refreshTask = queueTask(() => this.handleRefreshAuthMaterial(), endTime);
+        }
+    }
+
+    private cancelScheduledRefresh(): void {
+        if (this.refreshTask) {
+            this.refreshTask.cancel();
+            this.refreshTask = null;
+        }
+    }
+}
+
+type CrossmintAuthClientCallbacks = {
+    onTokenRefresh?: (authMaterial: AuthMaterialWithUser) => void;
+    onLogout?: () => void;
+};

package/src/index.ts

@@ -1,2 +1,3 @@
-export { CrossmintAuthService } from "@crossmint/common-sdk-auth";
+export { createCrossmint } from "@crossmint/common-sdk-base";
+export { CrossmintAuthClient as CrossmintAuth } from "./CrossmintAuthClient";
 export * from "./utils";