@dynamic-labs-sdk/client 1.6.0 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (135) hide show
  1. package/android/build.gradle +231 -0
  2. package/android/gradle/wrapper/gradle-wrapper.jar +0 -0
  3. package/android/gradle/wrapper/gradle-wrapper.properties +7 -0
  4. package/android/gradle.properties +8 -0
  5. package/android/gradlew +251 -0
  6. package/android/gradlew.bat +94 -0
  7. package/android/settings.gradle +30 -0
  8. package/android/src/main/java/xyz/dynamic/client/DynamicClientPackage.kt +52 -0
  9. package/android/src/main/java/xyz/dynamic/client/keychain/KeyStoreKeyManager.kt +147 -0
  10. package/android/src/main/java/xyz/dynamic/client/keychain/KeychainModule.kt +85 -0
  11. package/android/src/main/java/xyz/dynamic/client/manifest/ReactNativeManifestModule.kt +25 -0
  12. package/android/src/main/java/xyz/dynamic/client/webview/DynamicWebViewClient.kt +83 -0
  13. package/android/src/main/java/xyz/dynamic/client/webview/DynamicWebViewHost.kt +518 -0
  14. package/android/src/main/java/xyz/dynamic/client/webview/DynamicWebViewModule.kt +147 -0
  15. package/android/src/test/java/xyz/dynamic/client/keychain/KeyStoreKeyManagerTest.kt +288 -0
  16. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewClientTest.kt +196 -0
  17. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewHostOpenTest.kt +347 -0
  18. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewHostTest.kt +171 -0
  19. package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewModuleTest.kt +191 -0
  20. package/dist/{InvalidParamError-BIptAjbC.native.esm.js → InvalidParamError-Bc6OZBog.native.esm.js} +91 -829
  21. package/dist/InvalidParamError-Bc6OZBog.native.esm.js.map +1 -0
  22. package/dist/{InvalidParamError-BZ0LHaml.esm.js → InvalidParamError-IHYLdzFd.esm.js} +108 -381
  23. package/dist/InvalidParamError-IHYLdzFd.esm.js.map +1 -0
  24. package/dist/{InvalidParamError-DyXEKMWn.cjs → InvalidParamError-S56rFFDP.cjs} +108 -450
  25. package/dist/InvalidParamError-S56rFFDP.cjs.map +1 -0
  26. package/dist/{NotWaasWalletAccountError-nT4jrLbp.esm.js → NotWaasWalletAccountError-BP-bODbJ.native.esm.js} +4 -4
  27. package/dist/NotWaasWalletAccountError-BP-bODbJ.native.esm.js.map +1 -0
  28. package/dist/{NotWaasWalletAccountError-BbOA5rPd.native.esm.js → NotWaasWalletAccountError-BYEL2l-W.esm.js} +4 -4
  29. package/dist/NotWaasWalletAccountError-BYEL2l-W.esm.js.map +1 -0
  30. package/dist/{NotWaasWalletAccountError-CElqwdQO.cjs → NotWaasWalletAccountError-CbhIKUDM.cjs} +4 -4
  31. package/dist/NotWaasWalletAccountError-CbhIKUDM.cjs.map +1 -0
  32. package/dist/core.cjs +11 -11
  33. package/dist/core.cjs.map +1 -1
  34. package/dist/core.esm.js +5 -5
  35. package/dist/core.native.esm.js +7 -7
  36. package/dist/core.native.esm.js.map +1 -1
  37. package/dist/errors/WebViewLoadFailedError.d.ts +1 -1
  38. package/dist/errors/WebViewLoadFailedError.d.ts.map +1 -1
  39. package/dist/exports/index.d.ts +2 -0
  40. package/dist/exports/index.d.ts.map +1 -1
  41. package/dist/{getNetworkProviderFromNetworkId-DbI5MZhq.cjs → getNetworkProviderFromNetworkId-BDdcpGHH.cjs} +56 -55
  42. package/dist/{getNetworkProviderFromNetworkId-DbI5MZhq.cjs.map → getNetworkProviderFromNetworkId-BDdcpGHH.cjs.map} +1 -1
  43. package/dist/{getNetworkProviderFromNetworkId-BkAPIdRC.esm.js → getNetworkProviderFromNetworkId-D8rWYXlT.esm.js} +54 -54
  44. package/dist/{getNetworkProviderFromNetworkId-BkAPIdRC.esm.js.map → getNetworkProviderFromNetworkId-D8rWYXlT.esm.js.map} +1 -1
  45. package/dist/{getNetworkProviderFromNetworkId-B7DIqT2T.native.esm.js → getNetworkProviderFromNetworkId-DVmF7pH2.native.esm.js} +312 -41
  46. package/dist/getNetworkProviderFromNetworkId-DVmF7pH2.native.esm.js.map +1 -0
  47. package/dist/{getSignedSessionId-BF6n8gve.cjs → getSignedSessionId-BBaBCi9S.cjs} +3 -3
  48. package/dist/{getSignedSessionId-BF6n8gve.cjs.map → getSignedSessionId-BBaBCi9S.cjs.map} +1 -1
  49. package/dist/{getSignedSessionId-y3YtxFHZ.esm.js → getSignedSessionId-CND07Eca.esm.js} +3 -3
  50. package/dist/{getSignedSessionId-y3YtxFHZ.esm.js.map → getSignedSessionId-CND07Eca.esm.js.map} +1 -1
  51. package/dist/{getSignedSessionId-1TV-x__C.native.esm.js → getSignedSessionId-RwV7JPn8.native.esm.js} +3 -3
  52. package/dist/{getSignedSessionId-1TV-x__C.native.esm.js.map → getSignedSessionId-RwV7JPn8.native.esm.js.map} +1 -1
  53. package/dist/getVerifiedCredentialForWalletAccount-BVrGV8qf.native.esm.js +701 -0
  54. package/dist/getVerifiedCredentialForWalletAccount-BVrGV8qf.native.esm.js.map +1 -0
  55. package/dist/{getVerifiedCredentialForWalletAccount-etV50QRH.esm.js → getVerifiedCredentialForWalletAccount-BiOS65Tk.esm.js} +2 -2
  56. package/dist/{getVerifiedCredentialForWalletAccount-etV50QRH.esm.js.map → getVerifiedCredentialForWalletAccount-BiOS65Tk.esm.js.map} +1 -1
  57. package/dist/{getVerifiedCredentialForWalletAccount-BfJ29erz.cjs → getVerifiedCredentialForWalletAccount-FrxYWSuD.cjs} +3 -2
  58. package/dist/{getVerifiedCredentialForWalletAccount-BfJ29erz.cjs.map → getVerifiedCredentialForWalletAccount-FrxYWSuD.cjs.map} +1 -1
  59. package/dist/index.cjs +35 -35
  60. package/dist/index.cjs.map +1 -1
  61. package/dist/index.esm.js +14 -14
  62. package/dist/index.esm.js.map +1 -1
  63. package/dist/index.native.esm.js +14 -14
  64. package/dist/index.native.esm.js.map +1 -1
  65. package/dist/isMfaRequiredForAction-BPL_dgIM.esm.js +318 -0
  66. package/dist/isMfaRequiredForAction-BPL_dgIM.esm.js.map +1 -0
  67. package/dist/isMfaRequiredForAction-BolTrtCO.cjs +405 -0
  68. package/dist/isMfaRequiredForAction-BolTrtCO.cjs.map +1 -0
  69. package/dist/{isMfaRequiredForAction-B2vKX31S.native.esm.js → isMfaRequiredForAction-DQDoPsi6.native.esm.js} +2 -2
  70. package/dist/{isMfaRequiredForAction-B2vKX31S.native.esm.js.map → isMfaRequiredForAction-DQDoPsi6.native.esm.js.map} +1 -1
  71. package/dist/modules/apiClient/apiClient.types.d.ts +0 -12
  72. package/dist/modules/apiClient/apiClient.types.d.ts.map +1 -1
  73. package/dist/modules/apiClient/createApiClient.d.ts.map +1 -1
  74. package/dist/modules/auth/logoutReason.d.ts +1 -1
  75. package/dist/modules/auth/logoutReason.d.ts.map +1 -1
  76. package/dist/modules/auth/logoutWithReason/logoutWithReason.d.ts.map +1 -1
  77. package/dist/modules/deviceRegistration/getRegisteredDevices/getRegisteredDevices.d.ts.map +1 -1
  78. package/dist/modules/user/refreshAuth/refreshAuth.d.ts.map +1 -1
  79. package/dist/modules/waas/backupWaasKeySharesToGoogleDrive/backupWaasKeySharesToGoogleDrive.d.ts +12 -1
  80. package/dist/modules/waas/backupWaasKeySharesToGoogleDrive/backupWaasKeySharesToGoogleDrive.d.ts.map +1 -1
  81. package/dist/modules/waas/createWaasClient/createWaasClient.d.ts.map +1 -1
  82. package/dist/modules/waas/createWaasClient/translateNativeOpenError.d.ts.map +1 -1
  83. package/dist/modules/waas/createWaasProvider/createWaasProvider.d.ts.map +1 -1
  84. package/dist/modules/waas/waas.types.d.ts +1 -0
  85. package/dist/modules/waas/waas.types.d.ts.map +1 -1
  86. package/dist/modules/wallets/walletProvider/events/onWalletProviderEvent/onWalletProviderEvent.d.ts +1 -2
  87. package/dist/modules/wallets/walletProvider/events/onWalletProviderEvent/onWalletProviderEvent.d.ts.map +1 -1
  88. package/dist/tsconfig.lib.tsbuildinfo +1 -1
  89. package/dist/waas.cjs +7 -4
  90. package/dist/waas.cjs.map +1 -1
  91. package/dist/waas.esm.js +6 -4
  92. package/dist/waas.esm.js.map +1 -1
  93. package/dist/waas.native.esm.js +6 -4
  94. package/dist/waas.native.esm.js.map +1 -1
  95. package/dist/waasCore.cjs +10 -5
  96. package/dist/waasCore.cjs.map +1 -1
  97. package/dist/waasCore.esm.js +10 -5
  98. package/dist/waasCore.esm.js.map +1 -1
  99. package/dist/waasCore.native.esm.js +10 -8
  100. package/dist/waasCore.native.esm.js.map +1 -1
  101. package/dynamic-labs-sdk-client.podspec +27 -0
  102. package/ios/DynamicClientKeychain.h +4 -0
  103. package/ios/DynamicClientKeychain.mm +101 -0
  104. package/ios/DynamicClientManifest.h +4 -0
  105. package/ios/DynamicClientManifest.mm +45 -0
  106. package/ios/DynamicClientWebView.h +5 -0
  107. package/ios/DynamicClientWebView.mm +143 -0
  108. package/ios/DynamicWebViewImpl.swift +603 -0
  109. package/ios/LiveSecKeyAPI.swift +86 -0
  110. package/ios/ReactNativeManifestImpl.swift +20 -0
  111. package/ios/SecKeyAPI.swift +57 -0
  112. package/ios/SecureEnclaveKeyManager.swift +191 -0
  113. package/package.json +16 -5
  114. package/react-native.config.cjs +14 -0
  115. package/src/turboModules/NativeDynamicWebView.native.spec.ts +61 -0
  116. package/src/turboModules/NativeDynamicWebView.ts +40 -0
  117. package/src/turboModules/NativeKeychain.native.spec.ts +47 -0
  118. package/src/turboModules/NativeKeychain.ts +19 -0
  119. package/src/turboModules/NativeReactNativeManifest.native.spec.ts +55 -0
  120. package/src/turboModules/NativeReactNativeManifest.ts +28 -0
  121. package/dist/InvalidParamError-BIptAjbC.native.esm.js.map +0 -1
  122. package/dist/InvalidParamError-BZ0LHaml.esm.js.map +0 -1
  123. package/dist/InvalidParamError-DyXEKMWn.cjs.map +0 -1
  124. package/dist/NotWaasWalletAccountError-BbOA5rPd.native.esm.js.map +0 -1
  125. package/dist/NotWaasWalletAccountError-CElqwdQO.cjs.map +0 -1
  126. package/dist/NotWaasWalletAccountError-nT4jrLbp.esm.js.map +0 -1
  127. package/dist/getNetworkProviderFromNetworkId-B7DIqT2T.native.esm.js.map +0 -1
  128. package/dist/getVerifiedCredentialForWalletAccount-CLyC2nOl.native.esm.js +0 -269
  129. package/dist/getVerifiedCredentialForWalletAccount-CLyC2nOl.native.esm.js.map +0 -1
  130. package/dist/isMfaRequiredForAction-Dy4-S3mr.esm.js +0 -79
  131. package/dist/isMfaRequiredForAction-Dy4-S3mr.esm.js.map +0 -1
  132. package/dist/isMfaRequiredForAction-K2Jh-3-j.cjs +0 -96
  133. package/dist/isMfaRequiredForAction-K2Jh-3-j.cjs.map +0 -1
  134. package/dist/modules/apiClient/utils/sessionExpiryLogoutMiddleware/createSessionExpiryLogoutMiddleware.d.ts +0 -27
  135. package/dist/modules/apiClient/utils/sessionExpiryLogoutMiddleware/createSessionExpiryLogoutMiddleware.d.ts.map +0 -1
@@ -1,12 +1,11 @@
1
1
  import { AuthStorageEnum, Configuration, JwtVerifiedCredentialFormatEnum, SDKApi, WalletProviderEnum, isDeviceNonceSignatureRequiredForUrl } from "@dynamic-labs/sdk-api-core";
2
- import * as z from "zod/mini";
3
2
 
4
3
  //#region package.json
5
4
  var name = "@dynamic-labs-sdk/client";
6
- var version = "1.6.0";
5
+ var version = "1.8.0";
7
6
  var dependencies = {
8
7
  "@dynamic-labs-sdk/assert-package-version": "workspace:*",
9
- "@dynamic-labs-wallet/browser-wallet-client": "1.0.7",
8
+ "@dynamic-labs-wallet/browser-wallet-client": "1.0.16",
10
9
  "@dynamic-labs-wallet/forward-mpc-client": "0.10.1",
11
10
  "@dynamic-labs/sdk-api-core": "catalog:",
12
11
  "@simplewebauthn/browser": "13.1.0",
@@ -913,6 +912,110 @@ const createDeviceSignatureHeadersMiddleware = (client) => {
913
912
  } };
914
913
  };
915
914
 
915
+ //#endregion
916
+ //#region src/errors/UnauthorizedError.ts
917
+ var UnauthorizedError = class extends BaseError {
918
+ constructor({ cause }) {
919
+ super({
920
+ cause,
921
+ code: "unauthorized_error",
922
+ docsUrl: null,
923
+ name: "UnauthorizedError",
924
+ shortMessage: "Unauthorized"
925
+ });
926
+ }
927
+ };
928
+
929
+ //#endregion
930
+ //#region src/modules/apiClient/utils/unauthorizedMiddleware/createUnauthorizedMiddleware.ts
931
+ /** @not-instrumented */
932
+ const createUnauthorizedMiddleware = () => ({ post: async (context) => {
933
+ if (context.response.status === 401) {
934
+ let cause = null;
935
+ try {
936
+ const errorBody = await context.response.clone().json();
937
+ if (errorBody && "error" in errorBody && typeof errorBody.error === "string") cause = new Error(errorBody.error);
938
+ } catch {}
939
+ throw new UnauthorizedError({ cause });
940
+ }
941
+ return context.response;
942
+ } });
943
+
944
+ //#endregion
945
+ //#region src/modules/apiClient/createApiClient.ts
946
+ /**
947
+ * Returns a new instance of the SDK API client.
948
+ *
949
+ * This is not meant for storing, as it is very light we can create it whenever needed.
950
+ * @not-instrumented
951
+ */
952
+ const createApiClient = (options = {}, client) => {
953
+ const core = getCore(client);
954
+ const coreState = core.state.get();
955
+ const settings = {
956
+ basePath: core.apiBaseUrl,
957
+ headers: {
958
+ "Content-Type": "application/json",
959
+ [DYNAMIC_API_VERSION_HEADER]: `API/${DYNAMIC_SDK_API_VERSION}`,
960
+ [DYNAMIC_REQUEST_ID_HEADER]: randomString({ length: 50 }),
961
+ [DYNAMIC_SDK_SESSION_ID_HEADER]: core.sdkSessionId,
962
+ [DYNAMIC_SDK_VERSION_HEADER]: `${CLIENT_SDK_NAME}/${version}`,
963
+ ...core.getApiHeaders(),
964
+ ...options.headers
965
+ }
966
+ };
967
+ if (core.metadata?.universalLink) settings.headers["Origin"] = core.metadata.universalLink;
968
+ if (client.token) settings.headers.Authorization = `Bearer ${client.token}`;
969
+ if (client.projectSettings && isCookieEnabled(client)) settings.credentials = "include";
970
+ if (options.includeMfaToken && coreState.mfaToken) settings.headers[MFA_TOKEN_HEADER] = coreState.mfaToken;
971
+ if (options.elevatedAccessTokenScope) {
972
+ const elevatedToken = __getElevatedAccessToken_wrapped({ scope: options.elevatedAccessTokenScope }, client);
973
+ if (elevatedToken) settings.headers[ELEVATED_ACCESS_TOKEN_HEADER] = elevatedToken;
974
+ }
975
+ const sessionPublicKey = getSessionKeys(client)?.publicKey;
976
+ const isSessionPublicKeyHeaderPresent = settings.headers[SESSION_PUBLIC_KEY_HEADER] !== void 0;
977
+ if (sessionPublicKey && !isSessionPublicKeyHeaderPresent) settings.headers[SESSION_PUBLIC_KEY_HEADER] = sessionPublicKey;
978
+ return new SDKApi(new Configuration({
979
+ ...settings,
980
+ fetchApi: core.fetch,
981
+ middleware: [
982
+ createDeviceSignatureHeadersMiddleware(client),
983
+ createConvertToApiErrorMiddleware({ errorMappers: [...options.errorMappers || [], clientErrorMapper] }),
984
+ createUnauthorizedMiddleware()
985
+ ]
986
+ }));
987
+ };
988
+
989
+ //#endregion
990
+ //#region src/utils/getNonce/fetchAndStoreNonces/fetchAndStoreNonces.ts
991
+ /**
992
+ * Fetches a batch of nonces from the API.
993
+ *
994
+ * Prefetching is critical for iOS deep link wallet providers (e.g. Phantom
995
+ * redirect). On iOS, a network request (like fetching a nonce) between a user
996
+ * action and a deeplink call will break the gesture chain, causing iOS to
997
+ * silently ignore the deeplink. By prefetching nonces ahead of time,
998
+ * `getNonce` can return synchronously from cache and the deeplink fires
999
+ * without an interrupting network round-trip.
1000
+ *
1001
+ * New nonces are **appended** to the existing pool so that unconsumed entries
1002
+ * are not discarded by a background refetch.
1003
+ * @not-instrumented
1004
+ */
1005
+ const fetchAndStoreNonces = async (client) => {
1006
+ const core = getCore(client);
1007
+ const { environmentId } = core;
1008
+ const { nonces } = await createApiClient({}, client).getNonces({
1009
+ count: NONCE_POOL_SIZE,
1010
+ environmentId
1011
+ });
1012
+ const existing = core.state.get().prefetchedNonces;
1013
+ core.state.set({
1014
+ prefetchedNonces: [...existing, ...nonces],
1015
+ prefetchedNoncesExpiration: Date.now() + NONCE_POOL_EXPIRATION_TIME
1016
+ });
1017
+ };
1018
+
916
1019
  //#endregion
917
1020
  //#region src/utils/setCookie/setCookie.ts
918
1021
  /**
@@ -994,41 +1097,6 @@ const emitEvent = ({ event, args }, client) => {
994
1097
  eventEmitter.emit(event, args);
995
1098
  };
996
1099
 
997
- //#endregion
998
- //#region src/utils/retryOnFail/InvalidRetryOnFailCallError.ts
999
- /**
1000
- * This error is thrown when the `retryOnFail` function is called with an invalid
1001
- * number of retries (i.e. less than 0).
1002
- */
1003
- var InvalidRetryOnFailCallError = class extends BaseError {
1004
- constructor(maxRetries) {
1005
- super({
1006
- cause: null,
1007
- code: "invalid_retry_on_fail_call_error",
1008
- docsUrl: null,
1009
- name: "InvalidRetryOnFailCallError",
1010
- shortMessage: `Invalid retries parameter for retryOnFail call: ${maxRetries}`
1011
- });
1012
- }
1013
- };
1014
-
1015
- //#endregion
1016
- //#region src/utils/retryOnFail/retryOnFail.ts
1017
- /** @not-instrumented */
1018
- const retryOnFail = async ({ delay = 0, fn, maxRetries }) => {
1019
- for (let retry = 0; retry <= maxRetries; retry++) try {
1020
- return await fn();
1021
- } catch (error) {
1022
- if (retry >= maxRetries) throw error;
1023
- if (delay > 0) await new Promise((resolve) => setTimeout(resolve, delay));
1024
- }
1025
- /**
1026
- * Reaching this point should never happen and this
1027
- * error is thrown to help us debug the issue.
1028
- */
1029
- throw new InvalidRetryOnFailCallError(maxRetries);
1030
- };
1031
-
1032
1100
  //#endregion
1033
1101
  //#region src/errors/InvalidWalletProviderKeyError.ts
1034
1102
  var InvalidWalletProviderKeyError = class extends BaseError {
@@ -1324,95 +1392,6 @@ const getWalletAccounts = (client = getDefaultClient()) => {
1324
1392
  }, client);
1325
1393
  };
1326
1394
 
1327
- //#endregion
1328
- //#region src/modules/auth/isSignedIn/isSignedIn.ts
1329
- /**
1330
- * Checks if the user is currently signed in to the Dynamic client.
1331
- *
1332
- * The client is considered to be in a signed in state if a user has
1333
- * authenticated or if the client has at least one wallet connected.
1334
- *
1335
- * @deprecated What counts as "signed in" is your app's business logic, not the
1336
- * SDK's. This helper bakes in one opinion (a user OR any connected wallet),
1337
- * which rarely matches every app and forces a dependency on us for every
1338
- * variation. Compose your own check from the underlying primitives instead —
1339
- * e.g. `Boolean(client.user) || isAnyWalletAccountConnected(client)` — and
1340
- * layer in whatever your app requires (device registration, completed
1341
- * onboarding, satisfied MFA, a required embedded wallet, …). See the
1342
- * "Check if signed in" guide:
1343
- * https://www.dynamic.xyz/docs/javascript/user-session-management
1344
- *
1345
- * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
1346
- * @returns True if the user is signed in, false otherwise.
1347
- * @not-instrumented
1348
- */
1349
- const isSignedIn = (client = getDefaultClient()) => Boolean(client.user || getWalletAccounts(client).length > 0);
1350
-
1351
- //#endregion
1352
- //#region src/services/storage/createStorageKeySchema/createStorageKeySchema.ts
1353
- /** @not-instrumented */
1354
- const createStorageKeySchema = (params) => {
1355
- return params;
1356
- };
1357
-
1358
- //#endregion
1359
- //#region src/modules/projectSettings/fetchProjectSettings/projectSettingsExpirationScheme.ts
1360
- /**
1361
- * The schema to track the expiration time of the project settings.
1362
- */
1363
- const projectSettingsExpirationStorageKeySchema = createStorageKeySchema({
1364
- key: "projectSettingsExpiration",
1365
- schema: z.number()
1366
- });
1367
-
1368
- //#endregion
1369
- //#region src/modules/projectSettings/fetchProjectSettings/fetchProjectSettings.ts
1370
- /**
1371
- * Expiration time of the project settings in milliseconds.
1372
- */
1373
- const PROJECT_SETTINGS_EXPIRATION_TIME = 1e3 * 60 * 5;
1374
- /**
1375
- * Fetches and updates the project settings from the API.
1376
- *
1377
- * This function retrieves the latest project configuration settings
1378
- * from Dynamic's servers, including authentication options, enabled chains,
1379
- * and security configurations. The settings are cached for performance.
1380
- *
1381
- * @param [client] - The Dynamic client instance. Only required when using multiple Dynamic clients.
1382
- * @returns A promise that resolves to the updated project settings.
1383
- * @not-instrumented
1384
- */
1385
- const fetchProjectSettings = async (client = getDefaultClient()) => {
1386
- const core = getCore(client);
1387
- const currentExpiration = await core.storage.getItem(projectSettingsExpirationStorageKeySchema);
1388
- if (Boolean(client.projectSettings) && !(currentExpiration && currentExpiration < Date.now()) && isSignedIn(client)) return client.projectSettings;
1389
- const apiClient = createApiClient({}, client);
1390
- core.logger.debug("[fetchProjectSettings] Fetching project settings...");
1391
- const doFetch = async () => apiClient.getEnvironmentSettings({
1392
- environmentId: core.environmentId,
1393
- sdkVersion: `${CLIENT_SDK_NAME}/${core.version}`
1394
- }, { credentials: "omit" });
1395
- const projectSettings = await retryOnFail({
1396
- fn: doFetch,
1397
- maxRetries: 2
1398
- });
1399
- core.state.set({ projectSettings: projectSettings ?? null });
1400
- await core.storage.setItem(projectSettingsExpirationStorageKeySchema, Date.now() + PROJECT_SETTINGS_EXPIRATION_TIME);
1401
- return projectSettings;
1402
- };
1403
-
1404
- //#endregion
1405
- //#region src/modules/sessionKeys/generateSessionKeys/generateSessionKeys.ts
1406
- /** @not-instrumented */
1407
- const generateSessionKeys = async (client) => {
1408
- const core = getCore(client);
1409
- await core.keychain.removeKey("session");
1410
- const publicKey = await core.keychain.generateKey("session");
1411
- assertDefined(publicKey, "Public key not found");
1412
- core.state.set({ sessionKeys: publicKey });
1413
- return { publicKey };
1414
- };
1415
-
1416
1395
  //#endregion
1417
1396
  //#region src/errors/NoWalletProviderFoundError.ts
1418
1397
  var NoWalletProviderFoundError = class extends BaseError {
@@ -1568,262 +1547,10 @@ const getWalletProviderFromWalletAccount = ({ walletAccount }, client) => {
1568
1547
  return walletProvider;
1569
1548
  };
1570
1549
 
1571
- //#endregion
1572
- //#region src/modules/wallets/utils/getAvailableWalletProvidersFromWalletAccounts/getAvailableWalletProvidersFromWalletAccounts.ts
1573
- /** @not-instrumented */
1574
- const getAvailableWalletProvidersFromWalletAccounts = (client) => {
1575
- const core = getCore(client);
1576
- const walletProvidersMap = /* @__PURE__ */ new Map();
1577
- getWalletAccounts(client).forEach((walletAccount) => {
1578
- if (walletProvidersMap.has(walletAccount.walletProviderKey)) return;
1579
- try {
1580
- const walletProvider = getWalletProviderFromWalletAccount({ walletAccount }, client);
1581
- walletProvidersMap.set(walletAccount.walletProviderKey, walletProvider);
1582
- } catch (error) {
1583
- core.logger.debug("Wallet provider not found for wallet account", {
1584
- error,
1585
- walletAccount: walletAccount.address
1586
- });
1587
- }
1588
- });
1589
- return Array.from(walletProvidersMap.values());
1590
- };
1591
-
1592
- //#endregion
1593
- //#region src/modules/wallets/destroyWalletProviders/destroyWalletProviders.ts
1594
- /**
1595
- * Tear down every wallet provider on the client.
1596
- *
1597
- * Each provider's `destroy` is responsible for its own local + remote
1598
- * cleanup. We swallow errors so a failing destroy on one provider does not
1599
- * block teardown of the others (e.g. during logout).
1600
- *
1601
- * @not-instrumented
1602
- */
1603
- const destroyWalletProviders = async ({ reason }, client) => {
1604
- const core = getCore(client);
1605
- const walletProviders = getAvailableWalletProvidersFromWalletAccounts(client);
1606
- await Promise.all(walletProviders.map(async (walletProvider) => {
1607
- if (!walletProvider.destroy) return;
1608
- try {
1609
- await walletProvider.destroy({ reason });
1610
- } catch (err) {
1611
- core.logger.error(`Error destroying wallet provider ${walletProvider.key}`, err);
1612
- }
1613
- }));
1614
- };
1615
-
1616
1550
  //#endregion
1617
1551
  //#region src/modules/auth/consts.ts
1618
1552
  const DYNAMIC_AUTH_COOKIE_NAME = "DYNAMIC_JWT_TOKEN";
1619
1553
 
1620
- //#endregion
1621
- //#region src/modules/auth/logoutWithReason/logoutWithReason.ts
1622
- /**
1623
- * Logs the user out with an explicit reason.
1624
- *
1625
- * Revokes the session, clears auth state, terminates wallet providers, and
1626
- * emits the `logout` client event with the given reason. The reason is also
1627
- * captured as an argument on the function-instrumentation event, which is
1628
- * how Datadog distinguishes between different logout causes.
1629
- *
1630
- * Use this instead of the public `logout` when triggering a logout from
1631
- * internal or extension code — the caller owns the reason string, so the
1632
- * telemetry correctly attributes *why* the logout happened.
1633
- *
1634
- * @param params - The logout params.
1635
- * @param params.reason - Why the logout is being triggered. Extension authors
1636
- * needing a reason outside the SDK catalog can cast with `as LogoutReason`.
1637
- * @param client - The Dynamic client instance.
1638
- * @instrumented
1639
- */
1640
- const logoutWithReason = async ({ reason }, client) => {
1641
- const core = getCore(client);
1642
- core.logger.debug("[logoutWithReason] Logging out...", { reason });
1643
- await destroyWalletProviders({ reason }, client);
1644
- if (client.user !== null) {
1645
- const apiClient = createApiClient({ skipSessionExpiryLogout: true }, client);
1646
- try {
1647
- await apiClient.revokeSession({ environmentId: core.environmentId });
1648
- } catch (error) {
1649
- core.logger.error("Failed to revoke session", error);
1650
- }
1651
- /**
1652
- * This deletes the auth cookie if it exists.
1653
- * If the cookie doesn't exist, this sets a new cookie that expires immediately.
1654
- */
1655
- if (isCookieEnabled(client)) setCookie(`${DYNAMIC_AUTH_COOKIE_NAME}=; Max-Age=-99999999; path=/; SameSite=Lax`);
1656
- }
1657
- await core.keychain.removeKey("session");
1658
- core.state.set({
1659
- captchaToken: null,
1660
- elevatedAccessTokens: [],
1661
- legacyToken: null,
1662
- mfaToken: null,
1663
- sessionExpiresAt: null,
1664
- sessionKeys: null,
1665
- token: null,
1666
- unverifiedWalletAccounts: [],
1667
- user: null
1668
- });
1669
- emitEvent({
1670
- args: { reason },
1671
- event: "logout"
1672
- }, client);
1673
- fetchProjectSettings(client);
1674
- generateSessionKeys(client);
1675
- };
1676
- const __logoutWithReason_impl = logoutWithReason;
1677
- const __logoutWithReason_wrapped = instrumentFunction({
1678
- fn: __logoutWithReason_impl,
1679
- functionName: "logoutWithReason",
1680
- getCore: () => {
1681
- try {
1682
- return getCore(getDefaultClient());
1683
- } catch {
1684
- return;
1685
- }
1686
- }
1687
- });
1688
-
1689
- //#endregion
1690
- //#region src/modules/apiClient/utils/sessionExpiryLogoutMiddleware/createSessionExpiryLogoutMiddleware.ts
1691
- const UNAUTHORIZED_STATUS = 401;
1692
- /**
1693
- * Creates middleware that ends the local session when an *authenticated*
1694
- * request is rejected with a 401.
1695
- *
1696
- * A 401 on a request that carried an authenticated session means the backend
1697
- * rejected our credentials, so the local session is stale and must be cleared.
1698
- * The check is purely local (`client.user`) — we deliberately do not
1699
- * re-validate over the network, because the 401 itself is the rejection signal
1700
- * and re-validating would route back through this same middleware.
1701
- *
1702
- * Requests made without an authenticated session (e.g. pre-auth probes) are
1703
- * ignored — there is no session to invalidate. Endpoints that legitimately
1704
- * return 401 for non-session reasons opt out of this behavior by omitting the
1705
- * middleware (see `skipSessionExpiryLogout` on `createApiClient`).
1706
- *
1707
- * This middleware runs before the error-conversion middleware so it observes
1708
- * every 401 regardless of response body. The logout is fired as a side effect
1709
- * and the response is returned unchanged, so the downstream error middleware
1710
- * still throws the typed error to the caller.
1711
- *
1712
- * @param client - The Dynamic client instance.
1713
- * @not-instrumented
1714
- */
1715
- const createSessionExpiryLogoutMiddleware = (client) => ({ post: async (context) => {
1716
- if (context.response.status === UNAUTHORIZED_STATUS && client.user !== null) __logoutWithReason_wrapped({ reason: "session-revoked" }, client).catch((error) => {
1717
- getCore(client).logger.error("Failed to log out after unauthorized response", error);
1718
- });
1719
- return context.response;
1720
- } });
1721
-
1722
- //#endregion
1723
- //#region src/errors/UnauthorizedError.ts
1724
- var UnauthorizedError = class extends BaseError {
1725
- constructor({ cause }) {
1726
- super({
1727
- cause,
1728
- code: "unauthorized_error",
1729
- docsUrl: null,
1730
- name: "UnauthorizedError",
1731
- shortMessage: "Unauthorized"
1732
- });
1733
- }
1734
- };
1735
-
1736
- //#endregion
1737
- //#region src/modules/apiClient/utils/unauthorizedMiddleware/createUnauthorizedMiddleware.ts
1738
- /** @not-instrumented */
1739
- const createUnauthorizedMiddleware = () => ({ post: async (context) => {
1740
- if (context.response.status === 401) {
1741
- let cause = null;
1742
- try {
1743
- const errorBody = await context.response.clone().json();
1744
- if (errorBody && "error" in errorBody && typeof errorBody.error === "string") cause = new Error(errorBody.error);
1745
- } catch {}
1746
- throw new UnauthorizedError({ cause });
1747
- }
1748
- return context.response;
1749
- } });
1750
-
1751
- //#endregion
1752
- //#region src/modules/apiClient/createApiClient.ts
1753
- /**
1754
- * Returns a new instance of the SDK API client.
1755
- *
1756
- * This is not meant for storing, as it is very light we can create it whenever needed.
1757
- * @not-instrumented
1758
- */
1759
- const createApiClient = (options = {}, client) => {
1760
- const core = getCore(client);
1761
- const coreState = core.state.get();
1762
- const settings = {
1763
- basePath: core.apiBaseUrl,
1764
- headers: {
1765
- "Content-Type": "application/json",
1766
- [DYNAMIC_API_VERSION_HEADER]: `API/${DYNAMIC_SDK_API_VERSION}`,
1767
- [DYNAMIC_REQUEST_ID_HEADER]: randomString({ length: 50 }),
1768
- [DYNAMIC_SDK_SESSION_ID_HEADER]: core.sdkSessionId,
1769
- [DYNAMIC_SDK_VERSION_HEADER]: `${CLIENT_SDK_NAME}/${version}`,
1770
- ...core.getApiHeaders(),
1771
- ...options.headers
1772
- }
1773
- };
1774
- if (core.metadata?.universalLink) settings.headers["Origin"] = core.metadata.universalLink;
1775
- if (client.token) settings.headers.Authorization = `Bearer ${client.token}`;
1776
- if (client.projectSettings && isCookieEnabled(client)) settings.credentials = "include";
1777
- if (options.includeMfaToken && coreState.mfaToken) settings.headers[MFA_TOKEN_HEADER] = coreState.mfaToken;
1778
- if (options.elevatedAccessTokenScope) {
1779
- const elevatedToken = __getElevatedAccessToken_wrapped({ scope: options.elevatedAccessTokenScope }, client);
1780
- if (elevatedToken) settings.headers[ELEVATED_ACCESS_TOKEN_HEADER] = elevatedToken;
1781
- }
1782
- const sessionPublicKey = getSessionKeys(client)?.publicKey;
1783
- const isSessionPublicKeyHeaderPresent = settings.headers[SESSION_PUBLIC_KEY_HEADER] !== void 0;
1784
- if (sessionPublicKey && !isSessionPublicKeyHeaderPresent) settings.headers[SESSION_PUBLIC_KEY_HEADER] = sessionPublicKey;
1785
- return new SDKApi(new Configuration({
1786
- ...settings,
1787
- fetchApi: core.fetch,
1788
- middleware: [
1789
- createDeviceSignatureHeadersMiddleware(client),
1790
- ...options.skipSessionExpiryLogout ? [] : [createSessionExpiryLogoutMiddleware(client)],
1791
- createConvertToApiErrorMiddleware({ errorMappers: [...options.errorMappers || [], clientErrorMapper] }),
1792
- createUnauthorizedMiddleware()
1793
- ]
1794
- }));
1795
- };
1796
-
1797
- //#endregion
1798
- //#region src/utils/getNonce/fetchAndStoreNonces/fetchAndStoreNonces.ts
1799
- /**
1800
- * Fetches a batch of nonces from the API.
1801
- *
1802
- * Prefetching is critical for iOS deep link wallet providers (e.g. Phantom
1803
- * redirect). On iOS, a network request (like fetching a nonce) between a user
1804
- * action and a deeplink call will break the gesture chain, causing iOS to
1805
- * silently ignore the deeplink. By prefetching nonces ahead of time,
1806
- * `getNonce` can return synchronously from cache and the deeplink fires
1807
- * without an interrupting network round-trip.
1808
- *
1809
- * New nonces are **appended** to the existing pool so that unconsumed entries
1810
- * are not discarded by a background refetch.
1811
- * @not-instrumented
1812
- */
1813
- const fetchAndStoreNonces = async (client) => {
1814
- const core = getCore(client);
1815
- const { environmentId } = core;
1816
- const { nonces } = await createApiClient({}, client).getNonces({
1817
- count: NONCE_POOL_SIZE,
1818
- environmentId
1819
- });
1820
- const existing = core.state.get().prefetchedNonces;
1821
- core.state.set({
1822
- prefetchedNonces: [...existing, ...nonces],
1823
- prefetchedNoncesExpiration: Date.now() + NONCE_POOL_EXPIRATION_TIME
1824
- });
1825
- };
1826
-
1827
1554
  //#endregion
1828
1555
  //#region src/constants.ts
1829
1556
  const SDK_API_CORE_VERSION = dependencies["@dynamic-labs/sdk-api-core"];
@@ -1854,5 +1581,5 @@ var InvalidParamError = class extends BaseError {
1854
1581
  };
1855
1582
 
1856
1583
  //#endregion
1857
- export { scrubParameters as $, InvalidWalletProviderKeyError as A, getNonce as B, formatWalletProviderKey as C, formatWalletAccountId as D, CHAINS_INFO_MAP as E, onceEvent as F, InvalidExternalAuthError as G, MfaRateLimitedError as H, setCookie as I, isCookieEnabled as J, APIError as K, createDeviceSignatureHeadersMiddleware as L, emitEvent as M, offEvent as N, normalizeAddress as O, onEvent as P, instrumentFunction as Q, getHeadersForNonceSignedByDeviceSigners as R, getWalletAccountsFromState as S, getChainFromVerifiedCredentialChain as T, MfaInvalidOtpError as U, SandboxMaximumThresholdReachedError as V, LinkCredentialError as W, ValueMustBeDefinedError as X, assertDefined as Y, __getElevatedAccessToken_wrapped as Z, generateSessionKeys as _, DYNAMIC_ICONIC_SPRITE_URL as a, DYNAMIC_SDK_API_VERSION as at, isSignedIn as b, createApiClient as c, setDefaultClient as ct, DYNAMIC_AUTH_COOKIE_NAME as d, getCore as dt, DEFAULT_PII_FIELDS as et, getWalletProviderFromWalletAccount as f, name as ft, NoWalletProviderFoundError as g, createRuntimeServiceAccessKey as h, DYNAMIC_WAAS_METADATA as i, CLIENT_SDK_NAME as it, retryOnFail as j, splitWalletProviderKey as k, UnauthorizedError as l, ClientNotFoundError as lt, getWalletProviderRegistry as m, DEFAULT_WAAS_BASE_API_URL as n, extractSessionId as nt, SDK_API_CORE_VERSION as o, NONCE_POOL_SIZE as ot, WalletProviderPriority as p, version as pt, getSessionKeys as q, DEFAULT_WAAS_BASE_MPC_RELAY_API_URL as r, randomString as rt, fetchAndStoreNonces as s, getDefaultClient as st, InvalidParamError as t, getUserAgent as tt, __logoutWithReason_wrapped as u, BaseError as ut, fetchProjectSettings as v, normalizeWalletNameWithChain as w, getWalletAccounts as x, createStorageKeySchema as y, getDeviceSigner as z };
1858
- //# sourceMappingURL=InvalidParamError-BZ0LHaml.esm.js.map
1584
+ export { DYNAMIC_SDK_API_VERSION as $, UnauthorizedError as A, APIError as B, emitEvent as C, setCookie as D, onceEvent as E, SandboxMaximumThresholdReachedError as F, __getElevatedAccessToken_wrapped as G, isCookieEnabled as H, MfaRateLimitedError as I, DEFAULT_PII_FIELDS as J, instrumentFunction as K, MfaInvalidOtpError as L, getHeadersForNonceSignedByDeviceSigners as M, getDeviceSigner as N, fetchAndStoreNonces as O, getNonce as P, CLIENT_SDK_NAME as Q, LinkCredentialError as R, InvalidWalletProviderKeyError as S, onEvent as T, assertDefined as U, getSessionKeys as V, ValueMustBeDefinedError as W, extractSessionId as X, getUserAgent as Y, randomString as Z, getChainFromVerifiedCredentialChain as _, DYNAMIC_ICONIC_SPRITE_URL as a, getCore as at, normalizeAddress as b, getWalletProviderFromWalletAccount as c, createRuntimeServiceAccessKey as d, NONCE_POOL_SIZE as et, NoWalletProviderFoundError as f, normalizeWalletNameWithChain as g, formatWalletProviderKey as h, DYNAMIC_WAAS_METADATA as i, BaseError as it, createDeviceSignatureHeadersMiddleware as j, createApiClient as k, WalletProviderPriority as l, getWalletAccountsFromState as m, DEFAULT_WAAS_BASE_API_URL as n, setDefaultClient as nt, SDK_API_CORE_VERSION as o, name as ot, getWalletAccounts as p, scrubParameters as q, DEFAULT_WAAS_BASE_MPC_RELAY_API_URL as r, ClientNotFoundError as rt, DYNAMIC_AUTH_COOKIE_NAME as s, version as st, InvalidParamError as t, getDefaultClient as tt, getWalletProviderRegistry as u, CHAINS_INFO_MAP as v, offEvent as w, splitWalletProviderKey as x, formatWalletAccountId as y, InvalidExternalAuthError as z };
1585
+ //# sourceMappingURL=InvalidParamError-IHYLdzFd.esm.js.map