@dynamic-labs/utils 3.0.0-alpha.3 → 3.0.0-alpha.30

package/src/services/Oauth2Service/createWindowOauth2Service/createWindowOauth2Service.cjs

@@ -0,0 +1,192 @@
+'use client'
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var _tslib = require('../../../../_virtual/_tslib.cjs');
+var types = require('@dynamic-labs/types');
+var sdkApiCore = require('@dynamic-labs/sdk-api-core');
+var logger = require('../../../logger/logger.cjs');
+
+const providersWithoutWindowOpenerReference = ['twitter'];
+let authWindowInterval;
+const createWindowOauth2Service = () => ({
+    getOauthCode: ({ apiProvider, provider, setIsProcessing, state, oauthLoginUrl, getOAuthResultFromApi, sessionTimeout, isMobile, onSettled, }) => new Promise((resolve, _reject) => {
+        // When we catch this error we assume it follows this type, so we must enforce it
+        // here to ensure the assumption is correct
+        const typedReject = (params) => _reject(params);
+        // Clear any potential pending timeouts and intervals
+        clearInterval(authWindowInterval);
+        const providersWaitingOauthMessage = {};
+        let shouldPool = false;
+        const authWindow = window.open('', '_blank', 'width=500,height=600');
+        const clearListeners = () => {
+            window.removeEventListener('message', handleWindowMessage);
+            providersWaitingOauthMessage[provider] = false;
+        };
+        const handleWindowMessage = (event) => _tslib.__awaiter(void 0, void 0, void 0, function* () {
+            const message = event.data;
+            const expectedOrigin = getExpectedOrigin(apiProvider, provider);
+            if (!expectedOrigin) {
+                return;
+            }
+            if ((message === null || message === void 0 ? void 0 : message.type) === 'origin_check' && authWindow) {
+                logger.logger.debug('Origin check message received. Sending response now.', {
+                    data: message,
+                    expectedOrigin,
+                });
+                authWindow.postMessage('origin_check_response', expectedOrigin);
+                return;
+            }
+            const isTelegramCompletedMessage = (message === null || message === void 0 ? void 0 : message.type) === 'telegram_completed';
+            const isAuthorizationMessage = (message === null || message === void 0 ? void 0 : message.type) === 'authorization_response';
+            if (isAuthorizationMessage || isTelegramCompletedMessage) {
+                logger.logger.debug('Message received', { data: message });
+            }
+            const isExpectedOrigin = event.origin === expectedOrigin;
+            const isValidMessage = ((isAuthorizationMessage && (message === null || message === void 0 ? void 0 : message.provider) === provider) ||
+                isTelegramCompletedMessage) &&
+                isExpectedOrigin;
+            // don't process invalid messages for provider
+            if (!isValidMessage) {
+                return;
+            }
+            setIsProcessing(true);
+            if (!providersWaitingOauthMessage[provider]) {
+                typedReject({
+                    code: types.SocialOAuthErrorCode.SESSION_TIMEOUT,
+                    message: `Connecting ${provider} account session timeout.`,
+                });
+                return;
+            }
+            clearListeners();
+            if (isTelegramCompletedMessage) {
+                handleTelegramCompletionMessage(message);
+                return;
+            }
+            handleAuthorizationMessage(message, provider, state);
+        });
+        const getExpectedOrigin = (apiProvider, provider) => {
+            if (!(apiProvider === null || apiProvider === void 0 ? void 0 : apiProvider.redirectUrl)) {
+                return;
+            }
+            let expectedOrigin = window.location.origin;
+            if (!providersWithoutWindowOpenerReference.includes(provider)) {
+                try {
+                    const redirectUri = new URL(apiProvider.redirectUrl);
+                    expectedOrigin = redirectUri.origin;
+                }
+                catch (e) {
+                    logger.logger.error('Failed to parse social provider redirect url', {
+                        error: e,
+                    });
+                    return;
+                }
+            }
+            return expectedOrigin;
+        };
+        const handleTelegramCompletionMessage = (message) => {
+            logger.logger.debug('Telegram completion message received', {
+                data: message,
+            });
+            resolve('telegram_completed');
+            setIsProcessing(false);
+        };
+        const handleAuthorizationMessage = (message, provider, state) => {
+            const { code, error, state: authState } = message;
+            if (error && error !== 'undefined') {
+                typedReject({
+                    code: types.SocialOAuthErrorCode.OAUTH_ERROR,
+                    message: `Failed to connect ${provider} social account: ${error}`,
+                });
+                return;
+            }
+            // check that the state we receive from message is the same state we calculated earlier
+            // this could be an attack
+            // this state check is used only by providers with an open window opener reference (eg, not twitter)
+            if (!providersWithoutWindowOpenerReference.includes(provider) &&
+                state !== authState) {
+                typedReject({
+                    code: types.SocialOAuthErrorCode.OAUTH_ERROR,
+                    message: `Failed to connect ${provider} social account: Invalid random state`,
+                });
+                return;
+            }
+            if (!code) {
+                typedReject({
+                    code: types.SocialOAuthErrorCode.NO_AUTH_CODE,
+                    message: `Failed to connect ${provider} social account: no authorization code`,
+                });
+                return;
+            }
+            resolve(code);
+            setIsProcessing(false);
+        };
+        if (!providersWaitingOauthMessage[provider]) {
+            window.addEventListener('message', handleWindowMessage);
+            providersWaitingOauthMessage[provider] = true;
+        }
+        authWindow === null || authWindow === void 0 ? void 0 : authWindow.location.assign(oauthLoginUrl);
+        if (!providersWithoutWindowOpenerReference.includes(provider)) {
+            // For provider that support window.opener, we need to clear all states/listeners when the window is closed
+            authWindowInterval = setInterval(() => {
+                if (!(authWindow === null || authWindow === void 0 ? void 0 : authWindow.closed))
+                    return;
+                clearInterval(authWindowInterval);
+                setIsProcessing(false);
+                // user didn't complete oauth
+                if (providersWaitingOauthMessage[provider])
+                    typedReject('user-cancelled');
+            }, 2000);
+        }
+        else {
+            // For provider that don't support window.opener, we need to use a timeout to pool the oauth result
+            // If we don't get a valid result in {async sessionTimeout} ms, we'll assume the user closed the window
+            // and we'll clear all states/listeners
+            const poolOauthResult = () => _tslib.__awaiter(void 0, void 0, void 0, function* () {
+                if (!shouldPool)
+                    return;
+                const result = yield getOAuthResultFromApi();
+                if (!shouldPool)
+                    return;
+                if ((result === null || result === void 0 ? void 0 : result.status) !== sdkApiCore.OauthResultStatus.Completed) {
+                    authWindowInterval = setTimeout(() => {
+                        poolOauthResult();
+                    }, 1000);
+                    return;
+                }
+                shouldPool = false;
+                const authMessage = {
+                    code: result === null || result === void 0 ? void 0 : result.code,
+                    error: result === null || result === void 0 ? void 0 : result.error,
+                    provider,
+                    type: 'authorization_response',
+                };
+                window.postMessage(authMessage, '*');
+            });
+            // start pooling oauth result
+            shouldPool = true;
+            poolOauthResult();
+            // if this is mobile, set a longer timeout to allow the user to login to the provider in the browser
+            let authWindowTimeout = sessionTimeout;
+            if (isMobile) {
+                authWindowTimeout = authWindowTimeout * 3;
+            }
+            authWindowInterval = setTimeout(() => _tslib.__awaiter(void 0, void 0, void 0, function* () {
+                shouldPool = false;
+                // clear all states/listeners, assuming user closed the window before completing oauth
+                if (providersWaitingOauthMessage[provider]) {
+                    clearListeners();
+                    typedReject({
+                        code: types.SocialOAuthErrorCode.OAUTH_WINDOW_TIMEOUT,
+                        message: `Connecting ${provider} account window timeout.`,
+                    });
+                }
+                setIsProcessing(false);
+                onSettled === null || onSettled === void 0 ? void 0 : onSettled();
+            }), authWindowTimeout);
+        }
+    }),
+});
+
+exports.createWindowOauth2Service = createWindowOauth2Service;

package/src/services/Oauth2Service/createWindowOauth2Service/createWindowOauth2Service.d.ts

@@ -0,0 +1,2 @@
+import { IOauth2Service } from '../Oauth2Service';
+export declare const createWindowOauth2Service: () => IOauth2Service;

package/src/services/Oauth2Service/createWindowOauth2Service/createWindowOauth2Service.js

@@ -0,0 +1,188 @@
+'use client'
+import { __awaiter } from '../../../../_virtual/_tslib.js';
+import { SocialOAuthErrorCode } from '@dynamic-labs/types';
+import { OauthResultStatus } from '@dynamic-labs/sdk-api-core';
+import { logger } from '../../../logger/logger.js';
+
+const providersWithoutWindowOpenerReference = ['twitter'];
+let authWindowInterval;
+const createWindowOauth2Service = () => ({
+    getOauthCode: ({ apiProvider, provider, setIsProcessing, state, oauthLoginUrl, getOAuthResultFromApi, sessionTimeout, isMobile, onSettled, }) => new Promise((resolve, _reject) => {
+        // When we catch this error we assume it follows this type, so we must enforce it
+        // here to ensure the assumption is correct
+        const typedReject = (params) => _reject(params);
+        // Clear any potential pending timeouts and intervals
+        clearInterval(authWindowInterval);
+        const providersWaitingOauthMessage = {};
+        let shouldPool = false;
+        const authWindow = window.open('', '_blank', 'width=500,height=600');
+        const clearListeners = () => {
+            window.removeEventListener('message', handleWindowMessage);
+            providersWaitingOauthMessage[provider] = false;
+        };
+        const handleWindowMessage = (event) => __awaiter(void 0, void 0, void 0, function* () {
+            const message = event.data;
+            const expectedOrigin = getExpectedOrigin(apiProvider, provider);
+            if (!expectedOrigin) {
+                return;
+            }
+            if ((message === null || message === void 0 ? void 0 : message.type) === 'origin_check' && authWindow) {
+                logger.debug('Origin check message received. Sending response now.', {
+                    data: message,
+                    expectedOrigin,
+                });
+                authWindow.postMessage('origin_check_response', expectedOrigin);
+                return;
+            }
+            const isTelegramCompletedMessage = (message === null || message === void 0 ? void 0 : message.type) === 'telegram_completed';
+            const isAuthorizationMessage = (message === null || message === void 0 ? void 0 : message.type) === 'authorization_response';
+            if (isAuthorizationMessage || isTelegramCompletedMessage) {
+                logger.debug('Message received', { data: message });
+            }
+            const isExpectedOrigin = event.origin === expectedOrigin;
+            const isValidMessage = ((isAuthorizationMessage && (message === null || message === void 0 ? void 0 : message.provider) === provider) ||
+                isTelegramCompletedMessage) &&
+                isExpectedOrigin;
+            // don't process invalid messages for provider
+            if (!isValidMessage) {
+                return;
+            }
+            setIsProcessing(true);
+            if (!providersWaitingOauthMessage[provider]) {
+                typedReject({
+                    code: SocialOAuthErrorCode.SESSION_TIMEOUT,
+                    message: `Connecting ${provider} account session timeout.`,
+                });
+                return;
+            }
+            clearListeners();
+            if (isTelegramCompletedMessage) {
+                handleTelegramCompletionMessage(message);
+                return;
+            }
+            handleAuthorizationMessage(message, provider, state);
+        });
+        const getExpectedOrigin = (apiProvider, provider) => {
+            if (!(apiProvider === null || apiProvider === void 0 ? void 0 : apiProvider.redirectUrl)) {
+                return;
+            }
+            let expectedOrigin = window.location.origin;
+            if (!providersWithoutWindowOpenerReference.includes(provider)) {
+                try {
+                    const redirectUri = new URL(apiProvider.redirectUrl);
+                    expectedOrigin = redirectUri.origin;
+                }
+                catch (e) {
+                    logger.error('Failed to parse social provider redirect url', {
+                        error: e,
+                    });
+                    return;
+                }
+            }
+            return expectedOrigin;
+        };
+        const handleTelegramCompletionMessage = (message) => {
+            logger.debug('Telegram completion message received', {
+                data: message,
+            });
+            resolve('telegram_completed');
+            setIsProcessing(false);
+        };
+        const handleAuthorizationMessage = (message, provider, state) => {
+            const { code, error, state: authState } = message;
+            if (error && error !== 'undefined') {
+                typedReject({
+                    code: SocialOAuthErrorCode.OAUTH_ERROR,
+                    message: `Failed to connect ${provider} social account: ${error}`,
+                });
+                return;
+            }
+            // check that the state we receive from message is the same state we calculated earlier
+            // this could be an attack
+            // this state check is used only by providers with an open window opener reference (eg, not twitter)
+            if (!providersWithoutWindowOpenerReference.includes(provider) &&
+                state !== authState) {
+                typedReject({
+                    code: SocialOAuthErrorCode.OAUTH_ERROR,
+                    message: `Failed to connect ${provider} social account: Invalid random state`,
+                });
+                return;
+            }
+            if (!code) {
+                typedReject({
+                    code: SocialOAuthErrorCode.NO_AUTH_CODE,
+                    message: `Failed to connect ${provider} social account: no authorization code`,
+                });
+                return;
+            }
+            resolve(code);
+            setIsProcessing(false);
+        };
+        if (!providersWaitingOauthMessage[provider]) {
+            window.addEventListener('message', handleWindowMessage);
+            providersWaitingOauthMessage[provider] = true;
+        }
+        authWindow === null || authWindow === void 0 ? void 0 : authWindow.location.assign(oauthLoginUrl);
+        if (!providersWithoutWindowOpenerReference.includes(provider)) {
+            // For provider that support window.opener, we need to clear all states/listeners when the window is closed
+            authWindowInterval = setInterval(() => {
+                if (!(authWindow === null || authWindow === void 0 ? void 0 : authWindow.closed))
+                    return;
+                clearInterval(authWindowInterval);
+                setIsProcessing(false);
+                // user didn't complete oauth
+                if (providersWaitingOauthMessage[provider])
+                    typedReject('user-cancelled');
+            }, 2000);
+        }
+        else {
+            // For provider that don't support window.opener, we need to use a timeout to pool the oauth result
+            // If we don't get a valid result in {async sessionTimeout} ms, we'll assume the user closed the window
+            // and we'll clear all states/listeners
+            const poolOauthResult = () => __awaiter(void 0, void 0, void 0, function* () {
+                if (!shouldPool)
+                    return;
+                const result = yield getOAuthResultFromApi();
+                if (!shouldPool)
+                    return;
+                if ((result === null || result === void 0 ? void 0 : result.status) !== OauthResultStatus.Completed) {
+                    authWindowInterval = setTimeout(() => {
+                        poolOauthResult();
+                    }, 1000);
+                    return;
+                }
+                shouldPool = false;
+                const authMessage = {
+                    code: result === null || result === void 0 ? void 0 : result.code,
+                    error: result === null || result === void 0 ? void 0 : result.error,
+                    provider,
+                    type: 'authorization_response',
+                };
+                window.postMessage(authMessage, '*');
+            });
+            // start pooling oauth result
+            shouldPool = true;
+            poolOauthResult();
+            // if this is mobile, set a longer timeout to allow the user to login to the provider in the browser
+            let authWindowTimeout = sessionTimeout;
+            if (isMobile) {
+                authWindowTimeout = authWindowTimeout * 3;
+            }
+            authWindowInterval = setTimeout(() => __awaiter(void 0, void 0, void 0, function* () {
+                shouldPool = false;
+                // clear all states/listeners, assuming user closed the window before completing oauth
+                if (providersWaitingOauthMessage[provider]) {
+                    clearListeners();
+                    typedReject({
+                        code: SocialOAuthErrorCode.OAUTH_WINDOW_TIMEOUT,
+                        message: `Connecting ${provider} account window timeout.`,
+                    });
+                }
+                setIsProcessing(false);
+                onSettled === null || onSettled === void 0 ? void 0 : onSettled();
+            }), authWindowTimeout);
+        }
+    }),
+});
+
+export { createWindowOauth2Service };

package/src/services/Oauth2Service/createWindowOauth2Service/index.d.ts

@@ -0,0 +1 @@
+export * from './createWindowOauth2Service';

package/src/services/Oauth2Service/index.d.ts

@@ -0,0 +1,2 @@
+export * from './Oauth2Service';
+export * from './createWindowOauth2Service';

package/src/services/PlatformService/PlatformService.cjs

@@ -3,37 +3,38 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
+var _tslib = require('../../../_virtual/_tslib.cjs');
 var createBrowserPlatformService = require('./createBrowserPlatformService/createBrowserPlatformService.cjs');
 
+var _a, _PlatformService_implementation;
 class PlatformService {
     static get implementation() {
-        if (!PlatformService._implementation) {
+        if (!_tslib.__classPrivateFieldGet(_a, _a, "f", _PlatformService_implementation)) {
             return createBrowserPlatformService.createBrowserPlatformService(window);
         }
-        return PlatformService._implementation;
+        return _tslib.__classPrivateFieldGet(_a, _a, "f", _PlatformService_implementation);
     }
-    static setImplementation(implementation) {
-        PlatformService._implementation = implementation;
+    static set implementation(implementation) {
+        _tslib.__classPrivateFieldSet(_a, _a, implementation, "f", _PlatformService_implementation);
     }
     static get getOrigin() {
-        return PlatformService.implementation.getOrigin;
+        return _a.implementation.getOrigin;
     }
     static get getHost() {
-        return PlatformService.implementation.getHost;
+        return _a.implementation.getHost;
     }
     static get getHostname() {
-        return PlatformService.implementation.getHostname;
+        return _a.implementation.getHostname;
     }
     static get getTLD() {
-        return PlatformService.implementation.getTLD;
+        return _a.implementation.getTLD;
     }
     // Deeplink handling
     static get openURL() {
-        return PlatformService.implementation.openURL;
-    }
-    static get openNewWindow() {
-        return PlatformService.implementation.openNewWindow;
+        return _a.implementation.openURL;
     }
 }
+_a = PlatformService;
+_PlatformService_implementation = { value: void 0 };
 
 exports.PlatformService = PlatformService;

package/src/services/PlatformService/PlatformService.d.ts

@@ -1,12 +1,11 @@
 import { IPlatformService } from './types';
 export declare class PlatformService {
-    static _implementation: IPlatformService;
+    #private;
     static get implementation(): IPlatformService;
-    static setImplementation(implementation: IPlatformService): void;
+    static set implementation(implementation: IPlatformService);
     static get getOrigin(): () => string;
     static get getHost(): () => string;
     static get getHostname(): () => string;
     static get getTLD(): () => string | undefined;
     static get openURL(): (url: string) => Promise<void>;
-    static get openNewWindow(): (url: string) => Promise<void>;
 }

package/src/services/PlatformService/PlatformService.js

@@ -1,35 +1,36 @@
 'use client'
+import { __classPrivateFieldGet, __classPrivateFieldSet } from '../../../_virtual/_tslib.js';
 import { createBrowserPlatformService } from './createBrowserPlatformService/createBrowserPlatformService.js';
 
+var _a, _PlatformService_implementation;
 class PlatformService {
     static get implementation() {
-        if (!PlatformService._implementation) {
+        if (!__classPrivateFieldGet(_a, _a, "f", _PlatformService_implementation)) {
             return createBrowserPlatformService(window);
         }
-        return PlatformService._implementation;
+        return __classPrivateFieldGet(_a, _a, "f", _PlatformService_implementation);
     }
-    static setImplementation(implementation) {
-        PlatformService._implementation = implementation;
+    static set implementation(implementation) {
+        __classPrivateFieldSet(_a, _a, implementation, "f", _PlatformService_implementation);
     }
     static get getOrigin() {
-        return PlatformService.implementation.getOrigin;
+        return _a.implementation.getOrigin;
     }
     static get getHost() {
-        return PlatformService.implementation.getHost;
+        return _a.implementation.getHost;
     }
     static get getHostname() {
-        return PlatformService.implementation.getHostname;
+        return _a.implementation.getHostname;
     }
     static get getTLD() {
-        return PlatformService.implementation.getTLD;
+        return _a.implementation.getTLD;
     }
     // Deeplink handling
     static get openURL() {
-        return PlatformService.implementation.openURL;
-    }
-    static get openNewWindow() {
-        return PlatformService.implementation.openNewWindow;
+        return _a.implementation.openURL;
     }
 }
+_a = PlatformService;
+_PlatformService_implementation = { value: void 0 };
 
 export { PlatformService };

package/src/services/PlatformService/createBrowserPlatformService/createBrowserPlatformService.cjs

@@ -22,9 +22,6 @@ const createBrowserPlatformService = (window) => ({
         });
         return data.domain || undefined;
     },
-    openNewWindow: (url) => _tslib.__awaiter(void 0, void 0, void 0, function* () {
-        window.open(url);
-    }),
     openURL: (url) => _tslib.__awaiter(void 0, void 0, void 0, function* () {
         window.location.assign(url);
     }),

package/src/services/PlatformService/createBrowserPlatformService/createBrowserPlatformService.js

@@ -18,9 +18,6 @@ const createBrowserPlatformService = (window) => ({
         });
         return data.domain || undefined;
     },
-    openNewWindow: (url) => __awaiter(void 0, void 0, void 0, function* () {
-        window.open(url);
-    }),
     openURL: (url) => __awaiter(void 0, void 0, void 0, function* () {
         window.location.assign(url);
     }),

package/src/services/PlatformService/types.d.ts

@@ -22,8 +22,4 @@ export interface IPlatformService {
      * Opens a URL. If possible, should avoid new windows.
      */
     openURL(url: string): Promise<void>;
-    /**
-     * Opens a given URL in a new window.
-     */
-    openNewWindow(url: string): Promise<void>;
 }

package/src/getOrMapViemChain.cjs

@@ -1,77 +0,0 @@
-'use client'
-'use strict';
-
-Object.defineProperty(exports, '__esModule', { value: true });
-
-var chains = require('viem/chains');
-
-function _interopNamespace(e) {
-  if (e && e.__esModule) return e;
-  var n = Object.create(null);
-  if (e) {
-    Object.keys(e).forEach(function (k) {
-      if (k !== 'default') {
-        var d = Object.getOwnPropertyDescriptor(e, k);
-        Object.defineProperty(n, k, d.get ? d : {
-          enumerable: true,
-          get: function () { return e[k]; }
-        });
-      }
-    });
-  }
-  n["default"] = e;
-  return Object.freeze(n);
-}
-
-var chains__namespace = /*#__PURE__*/_interopNamespace(chains);
-
-// eslint-disable-next-line import/no-namespace
-/**
- * Gets the chain object for the given chain id.
- * @param chainId - Chain id of the target EVM chain.
- * @returns Viem's chain object.
- */
-const getChain = (chainId) => {
-    for (const chain of Object.values(chains__namespace)) {
-        if ('id' in chain) {
-            if (chain.id === chainId) {
-                return chain;
-            }
-        }
-    }
-    throw new Error(`Chain with id ${chainId} not found`);
-};
-const mapChain = (network) => {
-    var _a;
-    return ({
-        blockExplorers: ((_a = network.blockExplorerUrls) === null || _a === void 0 ? void 0 : _a[0])
-            ? {
-                default: {
-                    name: network.blockExplorerUrls[0],
-                    url: network.blockExplorerUrls[0],
-                },
-            }
-            : undefined,
-        id: network.chainId,
-        name: network.vanityName || network.name || network.chainName,
-        nativeCurrency: network.nativeCurrency,
-        rpcUrls: {
-            default: { http: network.rpcUrls },
-            public: { http: network.rpcUrls },
-        },
-    });
-};
-const getOrMapViemChain = (network) => {
-    let chain;
-    try {
-        chain = getChain(network.chainId);
-    }
-    catch (_a) {
-        chain = mapChain(network);
-    }
-    return chain;
-};
-
-exports.getChain = getChain;
-exports.getOrMapViemChain = getOrMapViemChain;
-exports.mapChain = mapChain;

package/src/getOrMapViemChain.d.ts

@@ -1,11 +0,0 @@
-import { Chain } from 'viem';
-import * as chains from 'viem/chains';
-import { EvmNetwork } from '@dynamic-labs/types';
-/**
- * Gets the chain object for the given chain id.
- * @param chainId - Chain id of the target EVM chain.
- * @returns Viem's chain object.
- */
-export declare const getChain: (chainId: number) => chains.Chain;
-export declare const mapChain: (network: EvmNetwork) => Chain;
-export declare const getOrMapViemChain: (network: EvmNetwork) => Chain;