@dynamic-labs-sdk/client 0.27.0 → 0.27.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (136) hide show
  1. package/dist/{InvalidParamError-D_EzyxXy.native.esm.js → InvalidParamError-B8XO1W5c.native.esm.js} +2 -2
  2. package/dist/{InvalidParamError-D_EzyxXy.native.esm.js.map → InvalidParamError-B8XO1W5c.native.esm.js.map} +1 -1
  3. package/dist/{InvalidParamError-BHNFIR4K.cjs → InvalidParamError-Co6j4qll.cjs} +3 -3
  4. package/dist/{InvalidParamError-BHNFIR4K.cjs.map → InvalidParamError-Co6j4qll.cjs.map} +1 -1
  5. package/dist/{InvalidParamError-DJxqCxOB.esm.js → InvalidParamError-Di6crZca.esm.js} +2 -2
  6. package/dist/{InvalidParamError-DJxqCxOB.esm.js.map → InvalidParamError-Di6crZca.esm.js.map} +1 -1
  7. package/dist/{NotWaasWalletAccountError-CIUs1vxk.cjs → NotWaasWalletAccountError-BvN42V8M.cjs} +3 -3
  8. package/dist/{NotWaasWalletAccountError-CIUs1vxk.cjs.map → NotWaasWalletAccountError-BvN42V8M.cjs.map} +1 -1
  9. package/dist/{NotWaasWalletAccountError-BSon-4Ob.native.esm.js → NotWaasWalletAccountError-CUQFqBLS.native.esm.js} +3 -3
  10. package/dist/{NotWaasWalletAccountError-BSon-4Ob.native.esm.js.map → NotWaasWalletAccountError-CUQFqBLS.native.esm.js.map} +1 -1
  11. package/dist/{NotWaasWalletAccountError-DyqqJavQ.esm.js → NotWaasWalletAccountError-yLvN4JGj.esm.js} +3 -3
  12. package/dist/{NotWaasWalletAccountError-DyqqJavQ.esm.js.map → NotWaasWalletAccountError-yLvN4JGj.esm.js.map} +1 -1
  13. package/dist/client/core/createCore/createCore.d.ts.map +1 -1
  14. package/dist/client/core/types/DynamicCore.d.ts +8 -0
  15. package/dist/client/core/types/DynamicCore.d.ts.map +1 -1
  16. package/dist/client/core/types/DynamicCoreConfig.d.ts +1 -1
  17. package/dist/client/core/types/DynamicCoreConfig.d.ts.map +1 -1
  18. package/dist/core.cjs +19 -21
  19. package/dist/core.cjs.map +1 -1
  20. package/dist/core.esm.js +19 -22
  21. package/dist/core.esm.js.map +1 -1
  22. package/dist/core.native.esm.js +19 -8
  23. package/dist/core.native.esm.js.map +1 -1
  24. package/dist/errors/InvalidSocialCallbackOriginError.d.ts +10 -0
  25. package/dist/errors/InvalidSocialCallbackOriginError.d.ts.map +1 -0
  26. package/dist/errors/UserCancelledSocialPopUpError.d.ts +5 -0
  27. package/dist/errors/UserCancelledSocialPopUpError.d.ts.map +1 -0
  28. package/dist/exports/core.d.ts +2 -0
  29. package/dist/exports/core.d.ts.map +1 -1
  30. package/dist/exports/index.d.ts +9 -0
  31. package/dist/exports/index.d.ts.map +1 -1
  32. package/dist/{getNetworkProviderFromNetworkId-BN3NLh8u.native.esm.js → getNetworkProviderFromNetworkId-B55TeeB6.native.esm.js} +35 -41
  33. package/dist/getNetworkProviderFromNetworkId-B55TeeB6.native.esm.js.map +1 -0
  34. package/dist/{getNetworkProviderFromNetworkId-EbAuEVM-.esm.js → getNetworkProviderFromNetworkId-Cx5BbTRa.esm.js} +35 -27
  35. package/dist/getNetworkProviderFromNetworkId-Cx5BbTRa.esm.js.map +1 -0
  36. package/dist/{getNetworkProviderFromNetworkId-B5HGICoA.cjs → getNetworkProviderFromNetworkId-ctY-MguW.cjs} +36 -28
  37. package/dist/getNetworkProviderFromNetworkId-ctY-MguW.cjs.map +1 -0
  38. package/dist/{getSignedSessionId-BW4I7fDk.esm.js → getSignedSessionId-C-R1Tsh4.esm.js} +3 -3
  39. package/dist/{getSignedSessionId-BW4I7fDk.esm.js.map → getSignedSessionId-C-R1Tsh4.esm.js.map} +1 -1
  40. package/dist/{getSignedSessionId-DMMejcaD.cjs → getSignedSessionId-CEh6X6Uk.cjs} +3 -3
  41. package/dist/{getSignedSessionId-DMMejcaD.cjs.map → getSignedSessionId-CEh6X6Uk.cjs.map} +1 -1
  42. package/dist/{getSignedSessionId-B_a6CXGP.native.esm.js → getSignedSessionId-CqQEOYvq.native.esm.js} +3 -3
  43. package/dist/{getSignedSessionId-B_a6CXGP.native.esm.js.map → getSignedSessionId-CqQEOYvq.native.esm.js.map} +1 -1
  44. package/dist/{getVerifiedCredentialForWalletAccount-ChZvrEQJ.esm.js → getVerifiedCredentialForWalletAccount-Bb6xxqc5.esm.js} +2 -2
  45. package/dist/{getVerifiedCredentialForWalletAccount-ChZvrEQJ.esm.js.map → getVerifiedCredentialForWalletAccount-Bb6xxqc5.esm.js.map} +1 -1
  46. package/dist/{getVerifiedCredentialForWalletAccount-DMoMmbjK.native.esm.js → getVerifiedCredentialForWalletAccount-C3_d4Wfb.native.esm.js} +2 -2
  47. package/dist/{getVerifiedCredentialForWalletAccount-DMoMmbjK.native.esm.js.map → getVerifiedCredentialForWalletAccount-C3_d4Wfb.native.esm.js.map} +1 -1
  48. package/dist/{getVerifiedCredentialForWalletAccount-C7-3wtlJ.cjs → getVerifiedCredentialForWalletAccount-Cc41eb96.cjs} +3 -3
  49. package/dist/{getVerifiedCredentialForWalletAccount-C7-3wtlJ.cjs.map → getVerifiedCredentialForWalletAccount-Cc41eb96.cjs.map} +1 -1
  50. package/dist/index.cjs +304 -109
  51. package/dist/index.cjs.map +1 -1
  52. package/dist/index.esm.js +300 -113
  53. package/dist/index.esm.js.map +1 -1
  54. package/dist/index.native.esm.js +523 -116
  55. package/dist/index.native.esm.js.map +1 -1
  56. package/dist/{isMfaRequiredForAction-BUfcq6P2.esm.js → isMfaRequiredForAction-5fIZTsUT.esm.js} +2 -2
  57. package/dist/{isMfaRequiredForAction-BUfcq6P2.esm.js.map → isMfaRequiredForAction-5fIZTsUT.esm.js.map} +1 -1
  58. package/dist/{isMfaRequiredForAction-IhCAdScF.cjs → isMfaRequiredForAction-BgSJwZj8.cjs} +2 -2
  59. package/dist/{isMfaRequiredForAction-IhCAdScF.cjs.map → isMfaRequiredForAction-BgSJwZj8.cjs.map} +1 -1
  60. package/dist/{isMfaRequiredForAction-iVSdynw1.native.esm.js → isMfaRequiredForAction-BvOa3tgh.native.esm.js} +2 -2
  61. package/dist/{isMfaRequiredForAction-iVSdynw1.native.esm.js.map → isMfaRequiredForAction-BvOa3tgh.native.esm.js.map} +1 -1
  62. package/dist/modules/auth/social/oauth/completeSocialRedirect/completeSocialRedirect.d.ts.map +1 -1
  63. package/dist/modules/auth/social/oauth/processSocialCallback/index.d.ts +2 -0
  64. package/dist/modules/auth/social/oauth/processSocialCallback/index.d.ts.map +1 -0
  65. package/dist/modules/auth/social/oauth/processSocialCallback/processSocialCallback.d.ts +29 -0
  66. package/dist/modules/auth/social/oauth/processSocialCallback/processSocialCallback.d.ts.map +1 -0
  67. package/dist/modules/auth/social/oauth/signInWithSocialPopUp/index.d.ts +2 -0
  68. package/dist/modules/auth/social/oauth/signInWithSocialPopUp/index.d.ts.map +1 -0
  69. package/dist/modules/auth/social/oauth/signInWithSocialPopUp/signInWithSocialPopUp.d.ts +16 -0
  70. package/dist/modules/auth/social/oauth/signInWithSocialPopUp/signInWithSocialPopUp.d.ts.map +1 -0
  71. package/dist/modules/auth/social/oauth/signInWithSocialPopUp/signInWithSocialPopUp.types.d.ts +5 -0
  72. package/dist/modules/auth/social/oauth/signInWithSocialPopUp/signInWithSocialPopUp.types.d.ts.map +1 -0
  73. package/dist/modules/checkout/createCheckoutTransaction/createCheckoutTransaction.d.ts.map +1 -1
  74. package/dist/modules/checkout/trackCheckoutTransaction/trackCheckoutTransaction.d.ts +6 -1
  75. package/dist/modules/checkout/trackCheckoutTransaction/trackCheckoutTransaction.d.ts.map +1 -1
  76. package/dist/modules/waas/createWaasClient/createWaasClient.d.ts.map +1 -1
  77. package/dist/modules/waas/createWaasProvider/createWaasProvider.d.ts.map +1 -1
  78. package/dist/modules/waas/waas.types.d.ts +3 -3
  79. package/dist/modules/waas/waas.types.d.ts.map +1 -1
  80. package/dist/modules/walletBackup/googleDrive/constants.d.ts +19 -0
  81. package/dist/modules/walletBackup/googleDrive/constants.d.ts.map +1 -0
  82. package/dist/modules/walletBackup/googleDrive/findMissingGoogleDriveBackupScopes/findMissingGoogleDriveBackupScopes.d.ts +11 -0
  83. package/dist/modules/walletBackup/googleDrive/findMissingGoogleDriveBackupScopes/findMissingGoogleDriveBackupScopes.d.ts.map +1 -0
  84. package/dist/modules/walletBackup/googleDrive/findMissingGoogleDriveBackupScopes/index.d.ts +2 -0
  85. package/dist/modules/walletBackup/googleDrive/findMissingGoogleDriveBackupScopes/index.d.ts.map +1 -0
  86. package/dist/modules/walletBackup/googleDrive/getGoogleDriveBackupReadiness/getGoogleDriveBackupReadiness.d.ts +35 -0
  87. package/dist/modules/walletBackup/googleDrive/getGoogleDriveBackupReadiness/getGoogleDriveBackupReadiness.d.ts.map +1 -0
  88. package/dist/modules/walletBackup/googleDrive/getGoogleDriveBackupReadiness/index.d.ts +2 -0
  89. package/dist/modules/walletBackup/googleDrive/getGoogleDriveBackupReadiness/index.d.ts.map +1 -0
  90. package/dist/modules/walletBackup/googleDrive/googleDrive.types.d.ts +30 -0
  91. package/dist/modules/walletBackup/googleDrive/googleDrive.types.d.ts.map +1 -0
  92. package/dist/modules/walletBackup/googleDrive/hasAllGoogleDriveBackupScopes/hasAllGoogleDriveBackupScopes.d.ts +10 -0
  93. package/dist/modules/walletBackup/googleDrive/hasAllGoogleDriveBackupScopes/hasAllGoogleDriveBackupScopes.d.ts.map +1 -0
  94. package/dist/modules/walletBackup/googleDrive/hasAllGoogleDriveBackupScopes/index.d.ts +2 -0
  95. package/dist/modules/walletBackup/googleDrive/hasAllGoogleDriveBackupScopes/index.d.ts.map +1 -0
  96. package/dist/modules/walletBackup/googleDrive/isInsufficientGoogleDriveScopesError/index.d.ts +2 -0
  97. package/dist/modules/walletBackup/googleDrive/isInsufficientGoogleDriveScopesError/index.d.ts.map +1 -0
  98. package/dist/modules/walletBackup/googleDrive/isInsufficientGoogleDriveScopesError/isInsufficientGoogleDriveScopesError.d.ts +15 -0
  99. package/dist/modules/walletBackup/googleDrive/isInsufficientGoogleDriveScopesError/isInsufficientGoogleDriveScopesError.d.ts.map +1 -0
  100. package/dist/modules/walletBackup/googleDrive/utils/fetchGoogleDriveOauthAccess/fetchGoogleDriveOauthAccess.d.ts +21 -0
  101. package/dist/modules/walletBackup/googleDrive/utils/fetchGoogleDriveOauthAccess/fetchGoogleDriveOauthAccess.d.ts.map +1 -0
  102. package/dist/modules/walletBackup/googleDrive/utils/fetchGoogleDriveOauthAccess/index.d.ts +2 -0
  103. package/dist/modules/walletBackup/googleDrive/utils/fetchGoogleDriveOauthAccess/index.d.ts.map +1 -0
  104. package/dist/modules/walletBackup/googleDrive/utils/findGoogleOauthAccountId/findGoogleOauthAccountId.d.ts +18 -0
  105. package/dist/modules/walletBackup/googleDrive/utils/findGoogleOauthAccountId/findGoogleOauthAccountId.d.ts.map +1 -0
  106. package/dist/modules/walletBackup/googleDrive/utils/findGoogleOauthAccountId/index.d.ts +2 -0
  107. package/dist/modules/walletBackup/googleDrive/utils/findGoogleOauthAccountId/index.d.ts.map +1 -0
  108. package/dist/modules/wallets/destroyWalletProviders/destroyWalletProviders.d.ts +15 -0
  109. package/dist/modules/wallets/destroyWalletProviders/destroyWalletProviders.d.ts.map +1 -0
  110. package/dist/modules/wallets/destroyWalletProviders/index.d.ts +2 -0
  111. package/dist/modules/wallets/destroyWalletProviders/index.d.ts.map +1 -0
  112. package/dist/modules/wallets/walletProvider/walletProvider.types.d.ts +9 -10
  113. package/dist/modules/wallets/walletProvider/walletProvider.types.d.ts.map +1 -1
  114. package/dist/services/openAuthSession/index.d.ts +2 -0
  115. package/dist/services/openAuthSession/index.d.ts.map +1 -0
  116. package/dist/services/openAuthSession/openAuthSession.types.d.ts +26 -0
  117. package/dist/services/openAuthSession/openAuthSession.types.d.ts.map +1 -0
  118. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  119. package/dist/utils/debouncedMutex/createDebouncedMutex/createDebouncedMutex.d.ts.map +1 -1
  120. package/dist/waas.cjs +4 -4
  121. package/dist/waas.esm.js +3 -3
  122. package/dist/waas.native.esm.js +3 -3
  123. package/dist/waasCore.cjs +17 -7
  124. package/dist/waasCore.cjs.map +1 -1
  125. package/dist/waasCore.esm.js +17 -7
  126. package/dist/waasCore.esm.js.map +1 -1
  127. package/dist/waasCore.native.esm.js +17 -7
  128. package/dist/waasCore.native.esm.js.map +1 -1
  129. package/package.json +39 -3
  130. package/dist/getNetworkProviderFromNetworkId-B5HGICoA.cjs.map +0 -1
  131. package/dist/getNetworkProviderFromNetworkId-BN3NLh8u.native.esm.js.map +0 -1
  132. package/dist/getNetworkProviderFromNetworkId-EbAuEVM-.esm.js.map +0 -1
  133. package/dist/modules/wallets/disconnectAndTerminateWalletProviders/disconnectAndTerminateWalletProviders.d.ts +0 -10
  134. package/dist/modules/wallets/disconnectAndTerminateWalletProviders/disconnectAndTerminateWalletProviders.d.ts.map +0 -1
  135. package/dist/modules/wallets/disconnectAndTerminateWalletProviders/index.d.ts +0 -2
  136. package/dist/modules/wallets/disconnectAndTerminateWalletProviders/index.d.ts.map +0 -1
package/dist/index.cjs CHANGED
@@ -1,8 +1,8 @@
1
- const require_getNetworkProviderFromNetworkId = require('./getNetworkProviderFromNetworkId-B5HGICoA.cjs');
2
- const require_InvalidParamError = require('./InvalidParamError-BHNFIR4K.cjs');
3
- const require_getVerifiedCredentialForWalletAccount = require('./getVerifiedCredentialForWalletAccount-C7-3wtlJ.cjs');
4
- const require_NotWaasWalletAccountError = require('./NotWaasWalletAccountError-CIUs1vxk.cjs');
5
- const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-IhCAdScF.cjs');
1
+ const require_getNetworkProviderFromNetworkId = require('./getNetworkProviderFromNetworkId-ctY-MguW.cjs');
2
+ const require_InvalidParamError = require('./InvalidParamError-Co6j4qll.cjs');
3
+ const require_getVerifiedCredentialForWalletAccount = require('./getVerifiedCredentialForWalletAccount-Cc41eb96.cjs');
4
+ const require_NotWaasWalletAccountError = require('./NotWaasWalletAccountError-BvN42V8M.cjs');
5
+ const require_isMfaRequiredForAction = require('./isMfaRequiredForAction-BgSJwZj8.cjs');
6
6
  let _dynamic_labs_sdk_assert_package_version = require("@dynamic-labs-sdk/assert-package-version");
7
7
  let _dynamic_labs_sdk_api_core = require("@dynamic-labs/sdk-api-core");
8
8
  let zod_mini = require("zod/mini");
@@ -949,6 +949,7 @@ const createCore = (config) => {
949
949
  });
950
950
  const fetch = config.coreConfig?.fetch ?? createWebFetch();
951
951
  const openDeeplink = config.coreConfig?.openDeeplink ?? createWebDeeplinkOpener();
952
+ const openAuthSession = config.coreConfig?.openAuthSession;
952
953
  const navigate = config.coreConfig?.navigate ?? createNavigationHandler();
953
954
  const state = createObservableState(getInitialState);
954
955
  const debouncedMutex = createDebouncedMutex();
@@ -995,6 +996,7 @@ const createCore = (config) => {
995
996
  logger,
996
997
  metadata,
997
998
  navigate,
999
+ openAuthSession,
998
1000
  openDeeplink,
999
1001
  passkey,
1000
1002
  realtime,
@@ -1151,6 +1153,34 @@ var InvalidRedirectStorageStateError = class extends require_InvalidParamError.B
1151
1153
  }
1152
1154
  };
1153
1155
 
1156
+ //#endregion
1157
+ //#region src/errors/InvalidSocialCallbackOriginError.ts
1158
+ var InvalidSocialCallbackOriginError = class extends require_InvalidParamError.BaseError {
1159
+ constructor({ actualOrigin, expectedOrigin }) {
1160
+ super({
1161
+ cause: null,
1162
+ code: "invalid_social_callback_origin_error",
1163
+ docsUrl: null,
1164
+ name: "InvalidSocialCallbackOriginError",
1165
+ shortMessage: `OAuth callback URL origin mismatch. Expected ${expectedOrigin}, got ${actualOrigin}. This may indicate a compromised auth session or misconfigured redirect URL.`
1166
+ });
1167
+ }
1168
+ };
1169
+
1170
+ //#endregion
1171
+ //#region src/errors/UserCancelledSocialPopUpError.ts
1172
+ var UserCancelledSocialPopUpError = class extends require_InvalidParamError.BaseError {
1173
+ constructor() {
1174
+ super({
1175
+ cause: null,
1176
+ code: "user_cancelled_social_popup_error",
1177
+ docsUrl: null,
1178
+ name: "UserCancelledSocialPopUpError",
1179
+ shortMessage: "The user cancelled (or dismissed) the social authentication pop-up."
1180
+ });
1181
+ }
1182
+ };
1183
+
1154
1184
  //#endregion
1155
1185
  //#region src/errors/MissingRedirectStorageStateError.ts
1156
1186
  var MissingRedirectStorageStateError = class extends require_InvalidParamError.BaseError {
@@ -1984,6 +2014,35 @@ const __signInWithSocialRedirect_wrapped = require_InvalidParamError.instrumentF
1984
2014
  }
1985
2015
  });
1986
2016
 
2017
+ //#endregion
2018
+ //#region src/modules/auth/social/oauth/signInWithSocialPopUp/signInWithSocialPopUp.ts
2019
+ /**
2020
+ * Sign in with a social provider via an in-app popup (ASWebAuthenticationSession
2021
+ * on iOS, Chrome Custom Tabs on Android).
2022
+ *
2023
+ * This method is **only available on React Native**. On web, use
2024
+ * {@link signInWithSocialRedirect} + {@link completeSocialRedirect} instead —
2025
+ * the browser already owns the tab so there is no popup to open.
2026
+ *
2027
+ * @throws MethodNotImplementedError Always on web.
2028
+ * @instrumented
2029
+ */
2030
+ const signInWithSocialPopUp = async ({ provider }, client = require_InvalidParamError.getDefaultClient()) => {
2031
+ throw new require_getNetworkProviderFromNetworkId.MethodNotImplementedError("signInWithSocialPopUp (only available on React Native — use signInWithSocialRedirect on web)");
2032
+ };
2033
+ const __signInWithSocialPopUp_impl = signInWithSocialPopUp;
2034
+ const __signInWithSocialPopUp_wrapped = require_InvalidParamError.instrumentFunction({
2035
+ fn: __signInWithSocialPopUp_impl,
2036
+ functionName: "signInWithSocialPopUp",
2037
+ getCore: () => {
2038
+ try {
2039
+ return require_InvalidParamError.getCore(require_InvalidParamError.getDefaultClient());
2040
+ } catch {
2041
+ return;
2042
+ }
2043
+ }
2044
+ });
2045
+
1987
2046
  //#endregion
1988
2047
  //#region src/modules/auth/social/oauth/detectSocialRedirectUrl/detectSocialRedirectUrl.ts
1989
2048
  /**
@@ -2008,23 +2067,27 @@ const detectSocialRedirectUrl = async ({ url }, client = require_InvalidParamErr
2008
2067
  };
2009
2068
 
2010
2069
  //#endregion
2011
- //#region src/modules/auth/social/oauth/completeSocialRedirect/completeSocialRedirect.ts
2070
+ //#region src/modules/auth/social/oauth/processSocialCallback/processSocialCallback.ts
2012
2071
  /**
2013
- * Completes the social authentication flow after the OAuth redirect.
2072
+ * Platform-agnostic OAuth callback processor used by both the web redirect
2073
+ * flow (`completeSocialRedirect`) and the native pop-up flow
2074
+ * (`signInWithSocialPopUp`). Intentionally has no `.native.ts` variant — the
2075
+ * logic (parse URL, validate state, call oauthSignIn/oauthVerify, update auth)
2076
+ * works identically on every platform.
2014
2077
  *
2015
- * Processes the OAuth callback URL with the authorization code and finishes
2016
- * authenticating (or linking) the user with the social provider. This is the
2017
- * final step after `signInWithSocialRedirect` + `detectSocialRedirectUrl`.
2078
+ * Not exported from the public SDK surface; public callers go through
2079
+ * `completeSocialRedirect` or `signInWithSocialPopUp` instead.
2018
2080
  *
2019
2081
  * @param params.url - The callback URL containing OAuth response parameters.
2020
2082
  * @param [params.requestedScopes] - Optional scopes to request an elevated access token when verifying (linking) a social account.
2021
- * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
2022
- * @returns A promise that resolves to the authenticated user or null.
2083
+ * @param client - The Dynamic client instance.
2084
+ * @returns The authenticated user, or null if the verify response had none.
2023
2085
  * @throws MissingSocialUrlParamError If required OAuth parameters are missing.
2024
- * @throws InvalidRedirectStorageStateError If the stored state doesn't match.
2086
+ * @throws MissingRedirectStorageStateError If no stored redirect state exists.
2087
+ * @throws InvalidRedirectStorageStateError If the stored state doesn't match the URL state.
2025
2088
  * @instrumented
2026
2089
  */
2027
- const completeSocialRedirect = async ({ url, requestedScopes }, client = require_InvalidParamError.getDefaultClient()) => {
2090
+ const processSocialCallback = async ({ url, requestedScopes }, client) => {
2028
2091
  const core = require_InvalidParamError.getCore(client);
2029
2092
  const apiClient = require_InvalidParamError.createApiClient({}, client);
2030
2093
  await core.initTrack.waitForAll();
@@ -2061,6 +2124,40 @@ const completeSocialRedirect = async ({ url, requestedScopes }, client = require
2061
2124
  require_getVerifiedCredentialForWalletAccount.updateAuthFromVerifyResponse({ response }, client);
2062
2125
  return response.user;
2063
2126
  };
2127
+ const __processSocialCallback_impl = processSocialCallback;
2128
+ const __processSocialCallback_wrapped = require_InvalidParamError.instrumentFunction({
2129
+ fn: __processSocialCallback_impl,
2130
+ functionName: "processSocialCallback",
2131
+ getCore: () => {
2132
+ try {
2133
+ return require_InvalidParamError.getCore(require_InvalidParamError.getDefaultClient());
2134
+ } catch {
2135
+ return;
2136
+ }
2137
+ }
2138
+ });
2139
+
2140
+ //#endregion
2141
+ //#region src/modules/auth/social/oauth/completeSocialRedirect/completeSocialRedirect.ts
2142
+ /**
2143
+ * Completes the social authentication flow after the OAuth redirect.
2144
+ *
2145
+ * Processes the OAuth callback URL with the authorization code and finishes
2146
+ * authenticating (or linking) the user with the social provider. This is the
2147
+ * final step after `signInWithSocialRedirect` + `detectSocialRedirectUrl`.
2148
+ *
2149
+ * @param params.url - The callback URL containing OAuth response parameters.
2150
+ * @param [params.requestedScopes] - Optional scopes to request an elevated access token when verifying (linking) a social account.
2151
+ * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
2152
+ * @returns A promise that resolves to the authenticated user or null.
2153
+ * @throws MissingSocialUrlParamError If required OAuth parameters are missing.
2154
+ * @throws InvalidRedirectStorageStateError If the stored state doesn't match.
2155
+ * @instrumented
2156
+ */
2157
+ const completeSocialRedirect = ({ url, requestedScopes }, client = require_InvalidParamError.getDefaultClient()) => __processSocialCallback_wrapped({
2158
+ requestedScopes,
2159
+ url
2160
+ }, client);
2064
2161
  const __completeSocialRedirect_impl = completeSocialRedirect;
2065
2162
  const __completeSocialRedirect_wrapped = require_InvalidParamError.instrumentFunction({
2066
2163
  fn: __completeSocialRedirect_impl,
@@ -2381,97 +2478,6 @@ const getCheckouts = async (client) => {
2381
2478
  return projectSettings.checkouts ?? [];
2382
2479
  };
2383
2480
 
2384
- //#endregion
2385
- //#region src/modules/checkout/utils/createCheckoutTransactionChannelSchema/createCheckoutTransactionChannelSchema.ts
2386
- /**
2387
- * Zod schema for realtime events published to a checkout transaction's channel.
2388
- * Uses z.string() for axis and state fields to remain valid when new states are
2389
- * added to the backend without requiring a SDK update.
2390
- */
2391
- const checkoutTransactionEventSchema = zod_mini.object({
2392
- axis: zod_mini.string(),
2393
- newState: zod_mini.string(),
2394
- previousState: zod_mini.string(),
2395
- timestamp: zod_mini.string(),
2396
- transactionId: zod_mini.string()
2397
- });
2398
- /**
2399
- * Creates a typed realtime channel schema for a given checkout transaction.
2400
- * Channel name follows the backend convention: `transaction:{transactionId}`.
2401
- * @not-instrumented
2402
- */
2403
- const createCheckoutTransactionChannelSchema = (transactionId) => require_getNetworkProviderFromNetworkId.createRealtimeChannelSchema({
2404
- channel: `transaction:${transactionId}`,
2405
- schema: checkoutTransactionEventSchema
2406
- });
2407
-
2408
- //#endregion
2409
- //#region src/modules/checkout/utils/subscribeToCheckoutTransaction/subscribeToCheckoutTransaction.ts
2410
- const TERMINAL_EXECUTION_STATES = new Set([
2411
- "cancelled",
2412
- "expired",
2413
- "failed"
2414
- ]);
2415
- const TERMINAL_SETTLEMENT_STATES = new Set(["completed", "failed"]);
2416
- const isTerminalEvent = (data) => {
2417
- if (data.axis === "execution") return TERMINAL_EXECUTION_STATES.has(data.newState);
2418
- if (data.axis === "settlement") return TERMINAL_SETTLEMENT_STATES.has(data.newState);
2419
- return false;
2420
- };
2421
- /**
2422
- * Connects to the realtime service if not already connected and subscribes to
2423
- * all state transition events for the given checkout transaction.
2424
- *
2425
- * Settlement and execution axis events are forwarded as public SDK events.
2426
- * The subscription is torn down automatically when a terminal event is received.
2427
- * @not-instrumented
2428
- */
2429
- const subscribeToCheckoutTransaction = async ({ transactionId }, client) => {
2430
- const core = require_InvalidParamError.getCore(client);
2431
- const { realtime } = core;
2432
- if (realtime.getConnectionState() === "idle") {
2433
- const sessionToken = await core.storage.getItem(createCheckoutSessionTokenStorageKey(transactionId));
2434
- const headers = {};
2435
- if (sessionToken) {
2436
- headers["x-dynamic-checkout-session-token"] = sessionToken;
2437
- headers["x-dynamic-checkout-transaction-id"] = transactionId;
2438
- }
2439
- await realtime.connect({
2440
- client,
2441
- headers
2442
- });
2443
- }
2444
- const channelSchema = createCheckoutTransactionChannelSchema(transactionId);
2445
- const handler = ({ data }) => {
2446
- if (data.axis === "execution") require_getVerifiedCredentialForWalletAccount.emitEvent({
2447
- args: {
2448
- newState: data.newState,
2449
- previousState: data.previousState,
2450
- timestamp: data.timestamp,
2451
- transactionId: data.transactionId
2452
- },
2453
- event: "checkoutTransactionExecutionStateChanged"
2454
- }, client);
2455
- if (data.axis === "settlement") require_getVerifiedCredentialForWalletAccount.emitEvent({
2456
- args: {
2457
- newState: data.newState,
2458
- previousState: data.previousState,
2459
- timestamp: data.timestamp,
2460
- transactionId: data.transactionId
2461
- },
2462
- event: "checkoutTransactionSettlementStateChanged"
2463
- }, client);
2464
- if (isTerminalEvent(data)) realtime.unsubscribe({
2465
- callback: handler,
2466
- channelSchema
2467
- });
2468
- };
2469
- await realtime.subscribe({
2470
- callback: handler,
2471
- channelSchema
2472
- });
2473
- };
2474
-
2475
2481
  //#endregion
2476
2482
  //#region src/modules/checkout/createCheckoutTransaction/createCheckoutTransaction.ts
2477
2483
  /**
@@ -2503,9 +2509,6 @@ const createCheckoutTransaction = async (params, client = require_InvalidParamEr
2503
2509
  environmentId: core.environmentId
2504
2510
  });
2505
2511
  await core.storage.setItem(createCheckoutSessionTokenStorageKey(result.transaction.id), result.sessionToken);
2506
- subscribeToCheckoutTransaction({ transactionId: result.transaction.id }, client).catch((error) => {
2507
- core.logger.error("Failed to subscribe to checkout transaction realtime channel", error);
2508
- });
2509
2512
  return result;
2510
2513
  };
2511
2514
  const __createCheckoutTransaction_impl = createCheckoutTransaction;
@@ -2731,11 +2734,17 @@ const __submitCheckoutTransaction_wrapped = require_InvalidParamError.instrument
2731
2734
  * subscribed — calling this again for those is unnecessary unless the page
2732
2735
  * has been reloaded.
2733
2736
  *
2737
+ * NOTE: Temporarily a no-op while the Ably API key is being provisioned for
2738
+ * the realtime checkout transaction channel. Will be re-enabled once the
2739
+ * dashboard-api environment has the Ably wiring in place.
2740
+ *
2734
2741
  * @param params.transactionId - The ID of the checkout transaction to track.
2735
2742
  * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
2736
2743
  * @not-instrumented
2737
2744
  */
2738
- const trackCheckoutTransaction = ({ transactionId }, client = require_InvalidParamError.getDefaultClient()) => subscribeToCheckoutTransaction({ transactionId }, client);
2745
+ const trackCheckoutTransaction = (_params, client = require_InvalidParamError.getDefaultClient()) => {
2746
+ return Promise.resolve();
2747
+ };
2739
2748
 
2740
2749
  //#endregion
2741
2750
  //#region src/modules/checkout/utils/requiresConversion/requiresConversion.ts
@@ -5313,6 +5322,184 @@ const isUserOnboardingComplete = (client = require_InvalidParamError.getDefaultC
5313
5322
  return !hasMissingKycFields && !hasPendingMfaAuth && !hasPendingRecoveryCodes;
5314
5323
  };
5315
5324
 
5325
+ //#endregion
5326
+ //#region src/modules/walletBackup/googleDrive/constants.ts
5327
+ /**
5328
+ * OAuth scopes that must be granted on the user's Google account in order
5329
+ * for the keyshare backup upload to Google Drive to succeed.
5330
+ *
5331
+ * Exported so host apps can pre-flight check or display these in their own
5332
+ * UX. Kept as a `readonly` tuple to discourage mutation.
5333
+ */
5334
+ const GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES = ["https://www.googleapis.com/auth/drive.appdata", "https://www.googleapis.com/auth/drive.file"];
5335
+ /**
5336
+ * Stable phrase the WaaS layer includes in Google Drive 401 / scope-insufficient
5337
+ * upload failure messages. Match by `.includes(...)` rather than equality
5338
+ * because the iframe message-handler fallback path rewraps the original error
5339
+ * as `new Error(String(response.error))`, which prefixes the message with
5340
+ * "Error: ". The phrase remains unique to the auth/scope case across all the
5341
+ * Drive failure reasons (rate-limit, storage-full, 5xx, network all use
5342
+ * distinct prefixes), so message-only matching is sufficient to discriminate.
5343
+ */
5344
+ const ACCESS_DENIED_PHRASE = "Google Drive access denied";
5345
+
5346
+ //#endregion
5347
+ //#region src/modules/walletBackup/googleDrive/findMissingGoogleDriveBackupScopes/findMissingGoogleDriveBackupScopes.ts
5348
+ /**
5349
+ * Returns the Google OAuth scopes from `GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES`
5350
+ * that are NOT present in `grantedScopes`. An empty array means all required
5351
+ * scopes have been granted.
5352
+ *
5353
+ * @param grantedScopes - Scopes the user has granted to their Google account.
5354
+ * @returns The subset of required scopes that are still missing.
5355
+ * @not-instrumented
5356
+ */
5357
+ const findMissingGoogleDriveBackupScopes = (grantedScopes) => GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES.filter((required) => !grantedScopes.includes(required));
5358
+
5359
+ //#endregion
5360
+ //#region src/modules/walletBackup/googleDrive/utils/fetchGoogleDriveOauthAccess/fetchGoogleDriveOauthAccess.ts
5361
+ /**
5362
+ * Fetches the user's stored Google OAuth access token together with the
5363
+ * scopes that were granted when the token was issued.
5364
+ *
5365
+ * Internal to the Google Drive backup readiness check — not exported as a
5366
+ * public API. The returned `scopes` array can be empty for legacy tokens
5367
+ * captured before the API began tracking granted scopes.
5368
+ *
5369
+ * @param params.oauthAccountId - The verified-credential id of the linked
5370
+ * Google account (see `findGoogleOauthAccountId`).
5371
+ * @param client - The Dynamic client instance.
5372
+ * @returns The OAuth access token and granted scopes.
5373
+ * @not-instrumented
5374
+ */
5375
+ const fetchGoogleDriveOauthAccess = async ({ oauthAccountId }, client) => {
5376
+ const core = require_InvalidParamError.getCore(client);
5377
+ return require_InvalidParamError.createApiClient({}, client).getEndUserOauthAccessToken({
5378
+ environmentId: core.environmentId,
5379
+ oauthAccountId
5380
+ });
5381
+ };
5382
+
5383
+ //#endregion
5384
+ //#region src/modules/walletBackup/googleDrive/utils/findGoogleOauthAccountId/findGoogleOauthAccountId.ts
5385
+ /**
5386
+ * Returns the verified-credential `id` (UUID of the user_oauth_accounts row)
5387
+ * for the user's linked Google account, or `undefined` if no Google account
5388
+ * is linked.
5389
+ *
5390
+ * The `getEndUserOauthAccessToken` API path parameter expects this UUID, NOT
5391
+ * the third-party `oauthAccountId` (Google's numeric profile ID) — those are
5392
+ * stored in the same credential under different fields.
5393
+ *
5394
+ * @param credentials - The user's verified credentials, typically from
5395
+ * `client.user?.verifiedCredentials`.
5396
+ * @returns The credential id of the linked Google oauth account, or
5397
+ * `undefined`.
5398
+ * @not-instrumented
5399
+ */
5400
+ const findGoogleOauthAccountId = (credentials) => credentials?.find((cred) => cred.format === _dynamic_labs_sdk_api_core.JwtVerifiedCredentialFormatEnum.Oauth && cred.oauthProvider === _dynamic_labs_sdk_api_core.ProviderEnum.Google)?.id;
5401
+
5402
+ //#endregion
5403
+ //#region src/modules/walletBackup/googleDrive/getGoogleDriveBackupReadiness/getGoogleDriveBackupReadiness.ts
5404
+ /**
5405
+ * Pre-flight readiness check for backing up MPC keyshares to Google Drive.
5406
+ *
5407
+ * Call this before initiating the keyshare backup ceremony. When the result
5408
+ * is `'needs-access'`, have the user re-link their Google account so the
5409
+ * required Drive scopes are granted, then call this again before retrying
5410
+ * the backup. This avoids spending an MPC reshare ceremony on a backup that
5411
+ * will predictably fail.
5412
+ *
5413
+ * Status values:
5414
+ * - `'ready'`: stored scopes include both required Drive scopes; backup
5415
+ * should succeed (barring transient errors).
5416
+ * - `'needs-access'`: backup likely won't succeed without user intervention.
5417
+ * Three sub-cases, distinguished by `missingScopes`:
5418
+ * - No Google account linked → `missingScopes` is the full required set.
5419
+ * - Some scopes granted but not all → `missingScopes` lists the gap.
5420
+ * - Legacy token captured before scope tracking shipped (`scopes: []` from
5421
+ * the API) → `missingScopes` is empty. Forcing a fresh consent will
5422
+ * populate the scopes column for subsequent calls.
5423
+ *
5424
+ * Failures of the underlying access-token fetch propagate as Promise
5425
+ * rejections — the caller is expected to surface or retry them.
5426
+ *
5427
+ * Pair with `isInsufficientGoogleDriveScopesError` to detect post-flight
5428
+ * scope failures (e.g. for the legacy "unknown scopes" case where pre-flight
5429
+ * cannot prove failure).
5430
+ *
5431
+ * @param [client] - The Dynamic client instance. Only required when using
5432
+ * multiple Dynamic clients.
5433
+ * @returns The readiness result.
5434
+ * @instrumented
5435
+ */
5436
+ const getGoogleDriveBackupReadiness = async (client = require_InvalidParamError.getDefaultClient()) => {
5437
+ const { user } = client;
5438
+ const oauthAccountId = findGoogleOauthAccountId(user?.verifiedCredentials);
5439
+ if (!oauthAccountId) return {
5440
+ missingScopes: GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES,
5441
+ status: "needs-access"
5442
+ };
5443
+ const { accessToken, scopes } = await fetchGoogleDriveOauthAccess({ oauthAccountId }, client);
5444
+ if (scopes.length === 0) return {
5445
+ accessToken,
5446
+ missingScopes: [],
5447
+ status: "needs-access"
5448
+ };
5449
+ const missing = findMissingGoogleDriveBackupScopes(scopes);
5450
+ if (missing.length === 0) return {
5451
+ accessToken,
5452
+ missingScopes: [],
5453
+ status: "ready"
5454
+ };
5455
+ return {
5456
+ accessToken,
5457
+ missingScopes: missing,
5458
+ status: "needs-access"
5459
+ };
5460
+ };
5461
+ const __getGoogleDriveBackupReadiness_impl = getGoogleDriveBackupReadiness;
5462
+ const __getGoogleDriveBackupReadiness_wrapped = require_InvalidParamError.instrumentFunction({
5463
+ fn: __getGoogleDriveBackupReadiness_impl,
5464
+ functionName: "getGoogleDriveBackupReadiness",
5465
+ getCore: () => {
5466
+ try {
5467
+ return require_InvalidParamError.getCore(require_InvalidParamError.getDefaultClient());
5468
+ } catch {
5469
+ return;
5470
+ }
5471
+ }
5472
+ });
5473
+
5474
+ //#endregion
5475
+ //#region src/modules/walletBackup/googleDrive/hasAllGoogleDriveBackupScopes/hasAllGoogleDriveBackupScopes.ts
5476
+ /**
5477
+ * Returns whether `grantedScopes` covers every Google OAuth scope required
5478
+ * to upload a keyshare backup to Google Drive.
5479
+ *
5480
+ * @param grantedScopes - Scopes the user has granted to their Google account.
5481
+ * @returns `true` when every required scope is granted, otherwise `false`.
5482
+ * @not-instrumented
5483
+ */
5484
+ const hasAllGoogleDriveBackupScopes = (grantedScopes) => findMissingGoogleDriveBackupScopes(grantedScopes).length === 0;
5485
+
5486
+ //#endregion
5487
+ //#region src/modules/walletBackup/googleDrive/isInsufficientGoogleDriveScopesError/isInsufficientGoogleDriveScopesError.ts
5488
+ /**
5489
+ * Type-guard for Google Drive backup failures caused by missing or
5490
+ * insufficient OAuth scopes (or otherwise denied access).
5491
+ *
5492
+ * Recover by having the user re-link their Google account and retrying the
5493
+ * backup once the granted scopes include
5494
+ * `GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES`.
5495
+ *
5496
+ * @param err - The unknown value to check.
5497
+ * @returns `true` when `err` is an `Error` whose message indicates Google
5498
+ * Drive access was denied.
5499
+ * @not-instrumented
5500
+ */
5501
+ const isInsufficientGoogleDriveScopesError = (err) => err instanceof Error && err.message.includes(ACCESS_DENIED_PHRASE);
5502
+
5316
5503
  //#endregion
5317
5504
  //#region src/modules/wallets/assertWalletAccountSigningAvailability/assertWalletAccountSigningAvailability.ts
5318
5505
  /**
@@ -6391,10 +6578,12 @@ exports.CheckoutSessionTokenMissingError = CheckoutSessionTokenMissingError;
6391
6578
  exports.ClientAlreadyInitializedError = ClientAlreadyInitializedError;
6392
6579
  exports.DeeplinkConnectAndVerifyUnsupportedError = DeeplinkConnectAndVerifyUnsupportedError;
6393
6580
  exports.FeeEstimationFailedError = FeeEstimationFailedError;
6581
+ exports.GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES = GOOGLE_DRIVE_BACKUP_REQUIRED_SCOPES;
6394
6582
  exports.InvalidDeviceRegistrationRedirectError = InvalidDeviceRegistrationRedirectError;
6395
6583
  exports.InvalidExternalAuthError = require_InvalidParamError.InvalidExternalAuthError;
6396
6584
  exports.InvalidParamError = require_InvalidParamError.InvalidParamError;
6397
6585
  exports.InvalidRedirectStorageStateError = InvalidRedirectStorageStateError;
6586
+ exports.InvalidSocialCallbackOriginError = InvalidSocialCallbackOriginError;
6398
6587
  exports.LinkCredentialError = require_InvalidParamError.LinkCredentialError;
6399
6588
  Object.defineProperty(exports, 'MFAAction', {
6400
6589
  enumerable: true,
@@ -6422,6 +6611,7 @@ exports.TokenSwapError = TokenSwapError;
6422
6611
  exports.UnauthorizedError = require_InvalidParamError.UnauthorizedError;
6423
6612
  exports.UnavailableInServerSideError = UnavailableInServerSideError;
6424
6613
  exports.UnrecognizedNetworkError = UnrecognizedNetworkError;
6614
+ exports.UserCancelledSocialPopUpError = UserCancelledSocialPopUpError;
6425
6615
  exports.UserNotAuthenticatedError = UserNotAuthenticatedError;
6426
6616
  exports.UserRejectedError = UserRejectedError;
6427
6617
  exports.WalletAccountAlreadyVerifiedError = WalletAccountAlreadyVerifiedError;
@@ -6463,6 +6653,7 @@ exports.detectOAuthRedirect = detectOAuthRedirect;
6463
6653
  exports.detectSocialRedirectUrl = detectSocialRedirectUrl;
6464
6654
  exports.executeSwapTransaction = __executeSwapTransaction_wrapped;
6465
6655
  exports.fetchProjectSettings = require_getNetworkProviderFromNetworkId.fetchProjectSettings;
6656
+ exports.findMissingGoogleDriveBackupScopes = findMissingGoogleDriveBackupScopes;
6466
6657
  exports.getActiveNetworkData = getActiveNetworkData;
6467
6658
  exports.getActiveNetworkId = getActiveNetworkId;
6468
6659
  exports.getAvailableWalletProvidersData = getAvailableWalletProvidersData;
@@ -6476,6 +6667,7 @@ exports.getConnectedAddresses = getConnectedAddresses;
6476
6667
  exports.getDefaultClient = require_InvalidParamError.getDefaultClient;
6477
6668
  exports.getDeviceRegistrationTokenFromUrl = getDeviceRegistrationTokenFromUrl;
6478
6669
  exports.getElevatedAccessToken = require_InvalidParamError.__getElevatedAccessToken_wrapped;
6670
+ exports.getGoogleDriveBackupReadiness = __getGoogleDriveBackupReadiness_wrapped;
6479
6671
  exports.getKrakenAccounts = getKrakenAccounts;
6480
6672
  exports.getKrakenWhitelistedAddresses = getKrakenWhitelistedAddresses;
6481
6673
  exports.getMfaDevices = getMfaDevices;
@@ -6498,12 +6690,14 @@ exports.getWalletAccounts = require_getVerifiedCredentialForWalletAccount.getWal
6498
6690
  exports.getWalletConnectCatalog = getWalletConnectCatalog;
6499
6691
  exports.getWalletConnectCatalogWalletByWalletProviderKey = getWalletConnectCatalogWalletByWalletProviderKey;
6500
6692
  exports.getWalletProviderDataByKey = getWalletProviderDataByKey;
6693
+ exports.hasAllGoogleDriveBackupScopes = hasAllGoogleDriveBackupScopes;
6501
6694
  exports.hasExtension = require_getNetworkProviderFromNetworkId.hasExtension;
6502
6695
  exports.initializeClient = __initializeClient_wrapped;
6503
6696
  exports.isCaptchaRequired = require_getNetworkProviderFromNetworkId.isCaptchaRequired;
6504
6697
  exports.isDeeplinkWalletProvider = isDeeplinkWalletProvider;
6505
6698
  exports.isDeviceRegistrationRequired = isDeviceRegistrationRequired;
6506
6699
  exports.isHardwareWalletAccount = isHardwareWalletAccount;
6700
+ exports.isInsufficientGoogleDriveScopesError = isInsufficientGoogleDriveScopesError;
6507
6701
  exports.isMfaRequiredForAction = require_isMfaRequiredForAction.isMfaRequiredForAction;
6508
6702
  exports.isMobile = isMobile;
6509
6703
  exports.isPendingRecoveryCodesAcknowledgment = isPendingRecoveryCodesAcknowledgment;
@@ -6538,6 +6732,7 @@ exports.setDefaultMfaDevice = __setDefaultMfaDevice_wrapped;
6538
6732
  exports.setInstrumentationEnabled = __setInstrumentationEnabled_wrapped;
6539
6733
  exports.signInWithExternalJwt = __signInWithExternalJwt_wrapped;
6540
6734
  exports.signInWithPasskey = __signInWithPasskey_wrapped;
6735
+ exports.signInWithSocialPopUp = __signInWithSocialPopUp_wrapped;
6541
6736
  exports.signInWithSocialRedirect = __signInWithSocialRedirect_wrapped;
6542
6737
  exports.signMessage = __signMessage_wrapped;
6543
6738
  exports.submitCheckoutTransaction = __submitCheckoutTransaction_wrapped;