npm - @dynamic-labs-sdk/client - Versions diffs - 0.17.2 → 0.17.3 - Mend

@dynamic-labs-sdk/client 0.17.2 → 0.17.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (67) hide show

package/dist/index.cjs.js CHANGED Viewed

@@ -1,8 +1,8 @@
-const require_getNetworkProviderFromNetworkId = require('./getNetworkProviderFromNetworkId-CllkC31J.cjs.js');
-const require_InvalidParamError = require('./InvalidParamError-z_h8HyKL.cjs.js');
-const require_getVerifiedCredentialForWalletAccount = require('./getVerifiedCredentialForWalletAccount-BK4IBZlH.cjs.js');
-const require_NotWaasWalletAccountError = require('./NotWaasWalletAccountError-DsYkBFyx.cjs.js');
-const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-BS239c-s.cjs.js');
+const require_getNetworkProviderFromNetworkId = require('./getNetworkProviderFromNetworkId-DK9fnM_Y.cjs.js');
+const require_InvalidParamError = require('./InvalidParamError-DvFYOkxL.cjs.js');
+const require_getVerifiedCredentialForWalletAccount = require('./getVerifiedCredentialForWalletAccount-CyLnpS2G.cjs.js');
+const require_NotWaasWalletAccountError = require('./NotWaasWalletAccountError-CHSFUjd9.cjs.js');
+const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-BrRKwK_i.cjs.js');
 let _dynamic_labs_sdk_assert_package_version = require("@dynamic-labs-sdk/assert-package-version");
 let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
 let zod_mini = require("zod/mini");
@@ -703,6 +703,59 @@ const createWebFetch = () => {
 	return window.fetch.bind(window);
 };
+//#endregion
+//#region src/services/instrumentation/constants.ts
+const DEFAULT_PII_FIELDS = [
+	"password",
+	"token",
+	"secret",
+	"privateKey",
+	"mnemonic",
+	"seed",
+	"email",
+	"phone",
+	"ssn",
+	"address",
+	"authorization"
+];
+//#endregion
+//#region src/services/instrumentation/createInstrumentation/createInstrumentation.ts
+const buildPiiFields = (customFields = []) => {
+	const merged = [...DEFAULT_PII_FIELDS, ...customFields];
+	return [...new Set(merged)];
+};
+/**
+* Creates the instrumentation service that gates event emission behind an
+* enabled flag and delegates to a pluggable transport.
+*
+* The transport is intentionally optional at creation time — it is wired in
+* later via setTransport so the SDK can initialise without one. Events logged
+* before a transport is set are simply dropped.
+*
+* Custom piiFields are merged with and deduplicated against the defaults so
+* callers only need to list additional fields, not replicate the baseline.
+*/
+const createInstrumentation = ({ config: inputConfig } = {}) => {
+	let transport;
+	const config = {
+		enabled: inputConfig?.enabled ?? true,
+		piiFields: buildPiiFields(inputConfig?.piiFields)
+	};
+	return {
+		config,
+		log: (event) => {
+			if (config.enabled) transport?.log(event);
+		},
+		setEnabled: (value) => {
+			config.enabled = value;
+		},
+		setTransport: (t) => {
+			transport = t;
+		}
+	};
+};
 //#endregion
 //#region src/services/navigate/createNavigationHandler/createNavigationHandler.ts
 /**
@@ -918,6 +971,8 @@ const createCore = (config) => {
 	const debouncedMutex = createDebouncedMutex();
 	const eventEmitter = createEventEmitter();
 	const initTrack = createAsyncTrack();
+	const sdkSessionId = require_InvalidParamError.randomString({ length: 32 });
+	const instrumentation = createInstrumentation({ config: config.instrumentation });
 	const runtimeServices = createRuntimeServices();
 	const passkey = config.coreConfig?.passkey ?? createWebPasskeyService();
 	const realtime = config.coreConfig?.realtime ?? require_getNetworkProviderFromNetworkId.createRealtimeService();
@@ -934,6 +989,7 @@ const createCore = (config) => {
 		fetch,
 		getApiHeaders: config.coreConfig?.getApiHeaders ?? (() => ({})),
 		initTrack,
+		instrumentation,
 		keychain,
 		logger,
 		metadata: {
@@ -945,6 +1001,7 @@ const createCore = (config) => {
 		passkey,
 		realtime,
 		runtimeServices,
+		sdkSessionId,
 		state,
 		storage,
 		transformers: config.transformers,
@@ -1367,47 +1424,6 @@ const signInWithExternalJwt = async ({ externalJwt, sessionPublicKey } = {}, cli
 	return response;
 };
-//#endregion
-//#region src/modules/auth/getElevatedAccessToken/getElevatedAccessToken.ts
-/**
-* Gets an elevated access token by scope.
-*
-* This function retrieves an elevated access token that contains the specified scope.
-* Expired tokens are automatically filtered out.
-*
-* If the token has `singleUse: true`, it will be automatically
-* consumed (removed from state) after retrieval. Otherwise, it remains in state
-* for future use.
-*
-* @param params - The parameters object.
-* @param params.scope - The scope to match (e.g., 'wallet:export').
-* @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
-* @returns The elevated access token if found and not expired, or undefined if not found or expired.
-*
-* @example
-* ```typescript
-* const token = getElevatedAccessToken({ scope: 'wallet:export' });
-* if (token) {
-*   // Use the token
-*   // Token is automatically consumed if singleUse: true
-* }
-* ```
-*/
-const getElevatedAccessToken = ({ scope }, client = require_InvalidParamError.getDefaultClient()) => {
-	const core = require_InvalidParamError.getCore(client);
-	const now = /* @__PURE__ */ new Date();
-	const elevatedAccessTokens = core.state.get().elevatedAccessTokens || [];
-	const validTokens = elevatedAccessTokens.filter((token$1) => !token$1.expiresAt || token$1.expiresAt > now);
-	if (validTokens.length !== elevatedAccessTokens.length) core.state.set({ elevatedAccessTokens: validTokens });
-	const token = validTokens.find((token$1) => token$1.scopes.includes(scope));
-	if (!token) return;
-	if (token.singleUse) {
-		const updatedTokens = validTokens.filter((t) => t !== token);
-		core.state.set({ elevatedAccessTokens: updatedTokens });
-	}
-	return token.token;
-};
 //#endregion
 //#region src/modules/auth/passkeys/deletePasskey/deletePasskey.ts
 /**
@@ -1419,7 +1435,10 @@ const getElevatedAccessToken = ({ scope }, client = require_InvalidParamError.ge
 */
 const deletePasskey = async ({ passkeyId }, client = require_InvalidParamError.getDefaultClient()) => {
 	const core = require_InvalidParamError.getCore(client);
-	await require_InvalidParamError.createApiClient({ includeMfaToken: true }, client).deletePasskey({
+	await require_InvalidParamError.createApiClient({
+		elevatedAccessTokenScope: _dynamic_labs_sdk_api_core.TokenScope.Credentialunlink,
+		includeMfaToken: true
+	}, client).deletePasskey({
 		deleteUserPasskeyRequest: { passkeyId },
 		environmentId: core.environmentId
 	});
@@ -1452,7 +1471,7 @@ const getPasskeyRegistrationOptions = async (client) => {
 //#region src/modules/auth/passkeys/serverRegisterPasskey/serverRegisterPasskey.ts
 const serverRegisterPasskey = async ({ registration, createMfaToken }, client) => {
 	const core = require_InvalidParamError.getCore(client);
-	return await require_InvalidParamError.createApiClient({}, client).registerPasskey({
+	return await require_InvalidParamError.createApiClient({ elevatedAccessTokenScope: _dynamic_labs_sdk_api_core.TokenScope.Credentiallink }, client).registerPasskey({
 		environmentId: core.environmentId,
 		passkeyRegisterRequest: {
 			...registration,
@@ -3121,23 +3140,27 @@ const createNewMfaRecoveryCodes = async (client = require_InvalidParamError.getD
 /**
 * Deletes a specific MFA device from the user's account.
 *
-* This function removes a multi-factor authentication device such as
-* a TOTP authenticator from the user's registered devices.
+* When an elevated access token for `credential:unlink` is available,
+* it is sent via the `x-dyn-elevated-access-token` header and the
+* MFA auth token is not required. Otherwise, `mfaAuthToken` must be
+* provided for backward compatibility with the legacy MFA flow.
 *
 * @param params.deviceId - The unique identifier of the MFA device to delete.
-* @param params.mfaAuthToken - The MFA authentication token required for device deletion.
+* @param params.mfaAuthToken - The MFA authentication token. Optional when using elevated access tokens.
 * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
 * @returns A promise that resolves when the MFA device is successfully deleted.
 */
 const deleteMfaDevice = async ({ deviceId, mfaAuthToken }, client = require_InvalidParamError.getDefaultClient()) => {
 	const core = require_InvalidParamError.getCore(client);
-	const apiClient = require_InvalidParamError.createApiClient({}, client);
 	require_InvalidParamError.assertDefined(deviceId, "deviceId is required");
-	require_InvalidParamError.assertDefined(mfaAuthToken, "mfaAuthToken is required");
-	return apiClient.deleteMfaDevice({
+	if (!require_InvalidParamError.getElevatedAccessToken({
+		consume: false,
+		scope: _dynamic_labs_sdk_api_core.TokenScope.Credentialunlink
+	}, client)) require_InvalidParamError.assertDefined(mfaAuthToken, "mfaAuthToken is required");
+	return require_InvalidParamError.createApiClient({ elevatedAccessTokenScope: _dynamic_labs_sdk_api_core.TokenScope.Credentialunlink }, client).deleteMfaDevice({
 		environmentId: core.environmentId,
 		mfaDeviceId: deviceId,
-		xMfaAuthToken: mfaAuthToken
+		xMfaAuthToken: mfaAuthToken ?? ""
 	});
 };
@@ -3224,7 +3247,7 @@ const isUserMissingMfaAuth = (client = require_InvalidParamError.getDefaultClien
 */
 const registerTotpMfaDevice = async (client = require_InvalidParamError.getDefaultClient()) => {
 	const core = require_InvalidParamError.getCore(client);
-	return require_InvalidParamError.createApiClient({}, client).registerTotpMfaDevice({ environmentId: core.environmentId });
+	return require_InvalidParamError.createApiClient({ elevatedAccessTokenScope: _dynamic_labs_sdk_api_core.TokenScope.Credentiallink }, client).registerTotpMfaDevice({ environmentId: core.environmentId });
 };
 //#endregion
@@ -5281,7 +5304,7 @@ exports.getCoinbaseBuyUrl = getCoinbaseBuyUrl;
 exports.getConnectedAddresses = getConnectedAddresses;
 exports.getDefaultClient = require_InvalidParamError.getDefaultClient;
 exports.getDeviceRegistrationTokenFromUrl = getDeviceRegistrationTokenFromUrl;
-exports.getElevatedAccessToken = getElevatedAccessToken;
+exports.getElevatedAccessToken = require_InvalidParamError.getElevatedAccessToken;
 exports.getKrakenAccounts = getKrakenAccounts;
 exports.getKrakenWhitelistedAddresses = getKrakenWhitelistedAddresses;
 exports.getMfaDevices = getMfaDevices;