@dynamic-labs/embedded-wallet 3.0.0-alpha.8

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Dynamic Labs, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,7 @@
+# @dynamic-labs/embedded-wallet
+
+Contains logic for Dynamic Embedded Wallets
+
+## Exported
+
+- TurnkeyWalletConnectorBase

package/_virtual/_tslib.cjs

@@ -0,0 +1,36 @@
+'use client'
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+/******************************************************************************
+Copyright (c) Microsoft Corporation.
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.
+***************************************************************************** */
+
+function __awaiter(thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+}
+
+typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
+    var e = new Error(message);
+    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
+};
+
+exports.__awaiter = __awaiter;

package/_virtual/_tslib.js

@@ -0,0 +1,32 @@
+'use client'
+/******************************************************************************
+Copyright (c) Microsoft Corporation.
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.
+***************************************************************************** */
+
+function __awaiter(thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+}
+
+typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
+    var e = new Error(message);
+    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
+};
+
+export { __awaiter };

package/package.json

@@ -0,0 +1,39 @@
+{
+  "name": "@dynamic-labs/embedded-wallet",
+  "version": "3.0.0-alpha.8",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/dynamic-labs/dynamic-auth.git",
+    "directory": "packages/embedded-wallet"
+  },
+  "description": "A React SDK for implementing wallet web3 authentication and authorization to your website.",
+  "bugs": {
+    "url": "https://github.com/dynamic-labs/DynamicAuth/issues"
+  },
+  "homepage": "https://github.com/dynamic-labs/DynamicAuth#readme",
+  "author": "Dynamic Labs, Inc.",
+  "license": "MIT",
+  "main": "./src/index.cjs",
+  "module": "./src/index.js",
+  "types": "./src/index.d.ts",
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./src/index.d.ts",
+      "import": "./src/index.js",
+      "require": "./src/index.cjs"
+    },
+    "./package.json": "./package.json"
+  },
+  "dependencies": {
+    "@dynamic-labs/sdk-api-core": "0.0.470",
+    "@turnkey/api-key-stamper": "0.4.0",
+    "@turnkey/http": "2.7.1",
+    "@turnkey/iframe-stamper": "2.0.0",
+    "@turnkey/webauthn-stamper": "0.5.0",
+    "@dynamic-labs/utils": "3.0.0-alpha.8",
+    "@dynamic-labs/wallet-book": "3.0.0-alpha.8",
+    "@dynamic-labs/wallet-connector-core": "3.0.0-alpha.8"
+  },
+  "peerDependencies": {}
+}

package/src/index.cjs

@@ -0,0 +1,23 @@
+'use client'
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var TurnkeyWalletConnectorBase = require('./lib/TurnkeyWalletConnectorBase/TurnkeyWalletConnectorBase.cjs');
+var types = require('./types.cjs');
+var PasskeyService = require('./lib/utils/PasskeyService/PasskeyService.cjs');
+var findTurnkeyVerifiedCredential = require('./lib/utils/findTurnkeyVerifiedCredential/findTurnkeyVerifiedCredential.cjs');
+require('./lib/utils/convertAttestationTransports/convertAttestationTransports.cjs');
+var TurnkeyAuthenticatorRecoveryHandler = require('./lib/AuthenticatorHandler/TurnkeyAuthenticatorRecoveryHandler.cjs');
+var ExportHandler = require('./lib/ExportHandler/ExportHandler.cjs');
+var constants = require('./lib/constants.cjs');
+
+
+
+exports.TurnkeyWalletConnectorBase = TurnkeyWalletConnectorBase.TurnkeyWalletConnectorBase;
+exports.TurnkeyWalletConnectorInfo = types.TurnkeyWalletConnectorInfo;
+exports.PasskeyService = PasskeyService.PasskeyService;
+exports.findTurnkeyVerifiedCredential = findTurnkeyVerifiedCredential.findTurnkeyVerifiedCredential;
+exports.turnkeyAuthenticatorRecoveryHandler = TurnkeyAuthenticatorRecoveryHandler.turnkeyAuthenticatorRecoveryHandler;
+exports.ExportHandler = ExportHandler.ExportHandler;
+exports.TURNKEY_API_BASE_URL = constants.TURNKEY_API_BASE_URL;

package/src/index.d.ts

@@ -0,0 +1,7 @@
+export { TurnkeyWalletConnectorBase, type SessionKeys, } from './lib/TurnkeyWalletConnectorBase';
+export * from './types';
+export * from './lib/utils/PasskeyService';
+export { findTurnkeyVerifiedCredential } from './lib/utils';
+export * from './lib/AuthenticatorHandler';
+export { ExportHandler } from './lib/ExportHandler';
+export { TURNKEY_API_BASE_URL } from './lib/constants';

package/src/index.js

@@ -0,0 +1,9 @@
+'use client'
+export { TurnkeyWalletConnectorBase } from './lib/TurnkeyWalletConnectorBase/TurnkeyWalletConnectorBase.js';
+export { TurnkeyWalletConnectorInfo } from './types.js';
+export { PasskeyService } from './lib/utils/PasskeyService/PasskeyService.js';
+export { findTurnkeyVerifiedCredential } from './lib/utils/findTurnkeyVerifiedCredential/findTurnkeyVerifiedCredential.js';
+import './lib/utils/convertAttestationTransports/convertAttestationTransports.js';
+export { turnkeyAuthenticatorRecoveryHandler } from './lib/AuthenticatorHandler/TurnkeyAuthenticatorRecoveryHandler.js';
+export { ExportHandler } from './lib/ExportHandler/ExportHandler.js';
+export { TURNKEY_API_BASE_URL } from './lib/constants.js';

package/src/lib/AuthenticatorHandler/TurnkeyAuthenticatorRecoveryHandler.cjs

@@ -0,0 +1,226 @@
+'use client'
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var _tslib = require('../../../_virtual/_tslib.cjs');
+var iframeStamper = require('@turnkey/iframe-stamper');
+var http = require('@turnkey/http');
+var utils = require('@dynamic-labs/utils');
+var walletConnectorCore = require('@dynamic-labs/wallet-connector-core');
+var PasskeyService = require('../utils/PasskeyService/PasskeyService.cjs');
+
+const turnkeyBaseUrl = 'https://api.turnkey.com';
+const turnkeyPasskeyRecoveryUrl = 'https://recovery.turnkey.com';
+const turnkeyEmailRecoveryUrl = 'https://auth.turnkey.com';
+const TURNKEY_RECOVERY_CREDENTIAL_EXPIRATION_SECONDS = 900; // 15 seconds
+const TURNKEY_SESSION_EXPIRATION_SECONDS = 1800; //30 seconds
+const EMAIL_AUTH_CREDENTIAL_TYPE = 'CREDENTIAL_TYPE_API_KEY_P256';
+const PASSKEY_RECOVERY_CREDENTIAL_TYPE = 'CREDENTIAL_TYPE_RECOVER_USER_KEY_P256';
+class TurnkeyAuthenticatorRecoveryHandler {
+    constructor() {
+        this.isSessionActive = () => {
+            // it's only used for email auth session
+            if (!this.__createdAt || this.__recoveryType !== 'email') {
+                return false;
+            }
+            const isExpired = this.isExpired(this.__createdAt, this.__sessionExpiration || TURNKEY_SESSION_EXPIRATION_SECONDS);
+            if (isExpired) {
+                this.clear();
+                return false;
+            }
+            return true;
+        };
+        this.isValidCode = (organizationId) => _tslib.__awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c, _d;
+            if (!organizationId || !this.__turnkeyRecoveryUserId) {
+                throw new utils.DynamicError('Cannot proceed with your request');
+            }
+            const userResponse = yield ((_a = this.__client) === null || _a === void 0 ? void 0 : _a.getUser({
+                organizationId,
+                userId: this.__turnkeyRecoveryUserId,
+            }));
+            const credentialTypeMap = {
+                email: EMAIL_AUTH_CREDENTIAL_TYPE,
+                passkey: PASSKEY_RECOVERY_CREDENTIAL_TYPE,
+            };
+            const recoveryCredential = (_d = (_c = (_b = userResponse === null || userResponse === void 0 ? void 0 : userResponse.user) === null || _b === void 0 ? void 0 : _b.apiKeys) === null || _c === void 0 ? void 0 : _c.filter((k) => k.credential.type === credentialTypeMap[this.__recoveryType])) === null || _d === void 0 ? void 0 : _d.pop();
+            if (!recoveryCredential) {
+                return false;
+            }
+            const isExpired = this.isExpired(parseInt(recoveryCredential.createdAt.seconds, 10), TURNKEY_RECOVERY_CREDENTIAL_EXPIRATION_SECONDS);
+            if (isExpired) {
+                return false;
+            }
+            this.__createdAt = parseInt(recoveryCredential.createdAt.seconds, 10);
+            return true;
+        });
+        this.isExpired = (createdAtSeconds, expirationTimeSeconds) => {
+            const recoveryExpirationSeconds = createdAtSeconds + expirationTimeSeconds;
+            const expirationTime = new Date(recoveryExpirationSeconds * 1000);
+            if (new Date() >= expirationTime) {
+                return true;
+            }
+            return false;
+        };
+    }
+    get publicKey() {
+        return this.__publicKey;
+    }
+    get client() {
+        return this.__client;
+    }
+    get recoveryType() {
+        return this.__recoveryType;
+    }
+    get recoveryUserId() {
+        return this.__turnkeyRecoveryUserId || '';
+    }
+    set recoveryUserId(turnkeyRecoveryUserId) {
+        this.__turnkeyRecoveryUserId = turnkeyRecoveryUserId;
+    }
+    clear() {
+        var _a;
+        (_a = this.__iframeStamper) === null || _a === void 0 ? void 0 : _a.clear();
+        this.__recoveryType = undefined;
+        this.__iframeStamper = undefined;
+        this.__publicKey = undefined;
+        this.__client = undefined;
+        this.__turnkeyRecoveryUserId = undefined;
+        this.__createdAt = undefined;
+    }
+    initRecovery(authType, iframeContainer, iframeElementId, sessionExpiration) {
+        return _tslib.__awaiter(this, void 0, void 0, function* () {
+            if (this.__recoveryType) {
+                this.clear();
+            }
+            this.__sessionExpiration = sessionExpiration;
+            this.__recoveryType = authType;
+            const iframeUrl = authType === 'passkey'
+                ? turnkeyPasskeyRecoveryUrl
+                : turnkeyEmailRecoveryUrl;
+            this.__iframeStamper = new iframeStamper.IframeStamper({
+                iframeContainer,
+                iframeElementId,
+                iframeUrl,
+            });
+            yield this.__iframeStamper.init();
+            this.__publicKey = this.__iframeStamper.publicKey();
+            return this.__publicKey;
+        });
+    }
+    verifyRecoveryCode(recoveryBundle, organizationId) {
+        return _tslib.__awaiter(this, void 0, void 0, function* () {
+            if (!this.__iframeStamper) {
+                throw new utils.DynamicError('Cannot proceed with your request');
+            }
+            try {
+                yield this.__iframeStamper.injectCredentialBundle(recoveryBundle);
+                this.__client = new http.TurnkeyClient({
+                    baseUrl: turnkeyBaseUrl,
+                }, this.__iframeStamper);
+                if (!organizationId || !this.__turnkeyRecoveryUserId) {
+                    throw new utils.DynamicError('Cannot proceed with your request');
+                }
+                if (!(yield this.isValidCode(organizationId))) {
+                    throw new utils.DynamicError('The code is invalid or expired.');
+                }
+            }
+            catch (err) {
+                walletConnectorCore.logger.error('Error while verifying recovery code', err);
+                if (err instanceof utils.DynamicError) {
+                    throw err;
+                }
+                throw new utils.DynamicError('The code is invalid or expired.');
+            }
+        });
+    }
+    completeRecovery(_a) {
+        return _tslib.__awaiter(this, arguments, void 0, function* ({ attestation, challenge, turnkeySubOrganizationId, }) {
+            if (!this.__client || !this.__turnkeyRecoveryUserId) {
+                throw new utils.DynamicError('Cannot proceed with your request');
+            }
+            try {
+                return this.__client.recoverUser({
+                    organizationId: turnkeySubOrganizationId,
+                    parameters: {
+                        authenticator: {
+                            attestation: attestation,
+                            authenticatorName: 'Passkey',
+                            challenge,
+                        },
+                        userId: this.__turnkeyRecoveryUserId,
+                    },
+                    timestampMs: String(Date.now()),
+                    type: 'ACTIVITY_TYPE_RECOVER_USER',
+                });
+            }
+            catch (err) {
+                walletConnectorCore.logger.error('Error while completing recovery process', err);
+                throw err;
+            }
+        });
+    }
+    addPasskeyAuthenticator(_a) {
+        return _tslib.__awaiter(this, arguments, void 0, function* ({ attestation, challenge, turnkeySubOrganizationId, }) {
+            if (!this.__client || !this.__turnkeyRecoveryUserId) {
+                throw new utils.DynamicError('Cannot proceed with your request');
+            }
+            try {
+                return this.__client.createAuthenticators({
+                    organizationId: turnkeySubOrganizationId,
+                    parameters: {
+                        authenticators: [
+                            {
+                                attestation: attestation,
+                                authenticatorName: 'Passkey',
+                                challenge,
+                            },
+                        ],
+                        userId: this.__turnkeyRecoveryUserId,
+                    },
+                    timestampMs: String(Date.now()),
+                    type: 'ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2',
+                });
+            }
+            catch (err) {
+                walletConnectorCore.logger.error('Error while creating new authenticator', err);
+                throw err;
+            }
+        });
+    }
+    addEmailRecovery(_a) {
+        return _tslib.__awaiter(this, arguments, void 0, function* ({ organizationId, email, turnkeyUserId, }) {
+            let rpId = utils.getTLD();
+            if (!rpId) {
+                rpId = utils.PlatformService.getHostname();
+            }
+            const stamper = PasskeyService.PasskeyService.createWebauthnStamper({
+                rpId,
+            });
+            const client = new http.TurnkeyClient({
+                baseUrl: turnkeyBaseUrl,
+            }, stamper);
+            try {
+                const signedRequest = yield client.stampUpdateUser({
+                    organizationId,
+                    parameters: {
+                        userEmail: email,
+                        userId: turnkeyUserId,
+                        userTagIds: [],
+                    },
+                    timestampMs: String(Date.now()),
+                    type: 'ACTIVITY_TYPE_UPDATE_USER',
+                });
+                return { signedRequest, userId: turnkeyUserId };
+            }
+            catch (err) {
+                walletConnectorCore.logger.error('Error while adding email recovery', err);
+                throw err;
+            }
+        });
+    }
+}
+const turnkeyAuthenticatorRecoveryHandler = new TurnkeyAuthenticatorRecoveryHandler();
+
+exports.turnkeyAuthenticatorRecoveryHandler = turnkeyAuthenticatorRecoveryHandler;