@fourt/sdk 1.0.0 → 1.1.1

package/dist/index.js

@@ -1,57 +1,3 @@
-// src/signer/web.ts
-import { WebauthnStamper } from "@turnkey/webauthn-stamper";
-import { IframeStamper } from "@turnkey/iframe-stamper";
-
-// src/signer/index.ts
-import { TurnkeyClient } from "@turnkey/http";
-
-// src/errors/SDKError.ts
-var SDKError = class extends Error {
-  _props;
-  constructor(message, props) {
-    super(message);
-    this._props = props;
-  }
-  get message() {
-    return this._props.message;
-  }
-};
-
-// src/errors/UnauthorizedError.ts
-var UnauthorizedError = class _UnauthorizedError extends SDKError {
-  constructor(props) {
-    super(_UnauthorizedError.name, props);
-  }
-};
-
-// src/errors/NotFoundError.ts
-var NotFoundError = class _NotFoundError extends SDKError {
-  constructor(props) {
-    super(_NotFoundError.name, props);
-  }
-};
-
-// src/errors/GenericError.ts
-var GenericError = class _GenericError extends SDKError {
-  constructor(props) {
-    super(_GenericError.name, props);
-  }
-};
-
-// src/errors/UnauthenticatedError.ts
-var UnauthenticatedError = class _UnauthenticatedError extends SDKError {
-  constructor(props) {
-    super(_UnauthenticatedError.name, props);
-  }
-};
-
-// src/errors/BadRequestError.ts
-var BadRequestError = class _BadRequestError extends SDKError {
-  constructor(props) {
-    super(_BadRequestError.name, props);
-  }
-};
-
 // src/session/index.ts
 import { createStore } from "zustand";
 import { createJSONStorage, persist } from "zustand/middleware";
@@ -175,6 +121,358 @@ var SessionStore = class {
   }
 };
 
+// src/modules/auth/email.ts
+var EmailModule = class {
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+  }
+  /**
+   * Initialize user authentication process using email.
+   *
+   * @param params {EmailInitializeAuthParams} params to initialize the user authentication process.
+   * @returns {Promise<void>} promise that resolves to the result of the authentication process.
+   */
+  async initialize(params) {
+    return this._webSignerClient.emailAuth(params);
+  }
+  /**
+   * Completes authentication with bundle after user receives the bundle and subOrgId as URL params.
+   *
+   * @param params {CompleteAuthWithBundleParams} params received as URL params necessary to complete authentication process.
+   * @returns {Promise<void>} promise that completes the authentication process.
+   */
+  async complete(params) {
+    return this._webSignerClient.completeAuthWithBundle({
+      ...params,
+      sessionType: "email" /* Email */
+    });
+  }
+};
+
+// src/modules/auth/passkeys.ts
+var PasskeysModule = class {
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+  }
+  /**
+   * Signs in a user using Passkeys.
+   *
+   * @param params {WebauthnSignInParams} params for the sign-in process.
+   * @returns {Promise<void>} promise that resolves to the result of the sign-in process.
+   */
+  async signIn(params) {
+    return this._webSignerClient.webauthnSignIn(params);
+  }
+};
+
+// src/modules/auth/oauth/google.ts
+import * as jose from "jose";
+import { sha256 } from "sha.js";
+
+// src/errors/SDKError.ts
+var SDKError = class extends Error {
+  _props;
+  constructor(message, props) {
+    super(message);
+    this._props = props;
+  }
+  get message() {
+    return this._props.message;
+  }
+};
+
+// src/errors/BadRequestError.ts
+var BadRequestError = class _BadRequestError extends SDKError {
+  constructor(props) {
+    super(_BadRequestError.name, props);
+  }
+};
+
+// src/modules/auth/oauth/google.ts
+var GoogleModule = class {
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+  }
+  /**
+   *
+   * @returns
+   */
+  async init() {
+    if (!this._webSignerClient.oauthConfiguration?.google) {
+      throw new BadRequestError({ message: "Google OAuth is not configured" });
+    }
+    const url = new URL("https://accounts.google.com/o/oauth2/v2/auth");
+    url.searchParams.set(
+      "client_id",
+      this._webSignerClient.oauthConfiguration.google.id
+    );
+    url.searchParams.set("response_type", "code");
+    url.searchParams.set("scope", "openid email");
+    const internalUrl = new URL(
+      "v1/oauth",
+      this._webSignerClient.configuration.apiUrl
+    ).href;
+    url.searchParams.set("redirect_uri", internalUrl);
+    const publicKey = await this._webSignerClient.getIframePublicKey();
+    const nonce = new sha256().update(publicKey).digest("hex");
+    url.searchParams.set("nonce", nonce);
+    const state = new jose.UnsecuredJWT({
+      apiKey: this._webSignerClient.configuration.apiKey,
+      redirectUrl: this._webSignerClient.oauthConfiguration.common.redirectUrl,
+      targetPublicKey: publicKey,
+      internalUrl,
+      origin: window.location.origin,
+      provider: "google"
+    }).encode();
+    url.searchParams.set("state", state);
+    return url.toString();
+  }
+};
+
+// src/modules/auth/oauth/facebook.ts
+import * as jose2 from "jose";
+var FacebookModule = class {
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+  }
+  async init() {
+    if (!this._webSignerClient.oauthConfiguration?.facebook) {
+      throw new BadRequestError({ message: "Facebook OAuth is not configured" });
+    }
+    const publicKey = await this._webSignerClient.getIframePublicKey();
+    const internalUrl = new URL(
+      "v1/oauth",
+      this._webSignerClient.configuration.apiUrl
+    ).href;
+    const jwt = new jose2.UnsecuredJWT({
+      apiKey: this._webSignerClient.configuration.apiKey,
+      redirectUrl: this._webSignerClient.oauthConfiguration.common.redirectUrl,
+      targetPublicKey: publicKey,
+      internalUrl,
+      origin: window.location.origin,
+      provider: "facebook"
+    }).encode();
+    const response = await fetch(internalUrl, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        state: jwt
+      })
+    });
+    if (!response.ok) {
+      throw new BadRequestError({
+        message: `Failed to create OAuth state. Error: ${response.statusText}`
+      });
+    }
+    const { authUrl } = await response.json();
+    if (!authUrl) {
+      throw new BadRequestError({
+        message: response.statusText
+      });
+    }
+    return authUrl;
+  }
+};
+
+// src/modules/auth/oauth/apple.ts
+import * as jose3 from "jose";
+import { sha256 as sha2562 } from "sha.js";
+var AppleModule = class {
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+  }
+  /**
+   *
+   * @returns
+   */
+  async init() {
+    if (!this._webSignerClient.oauthConfiguration?.apple) {
+      throw new BadRequestError({ message: "Apple OAuth is not configured" });
+    }
+    const url = new URL("https://appleid.apple.com/auth/authorize");
+    url.searchParams.set(
+      "client_id",
+      this._webSignerClient.oauthConfiguration.apple.id
+    );
+    url.searchParams.set("response_type", "code");
+    url.searchParams.set("response_mode", "form_post");
+    url.searchParams.set("scope", "email");
+    console.log(
+      "Apple OAuth initialization started",
+      this._webSignerClient.oauthConfiguration.common.redirectUrl
+    );
+    const internalUrl = new URL(
+      "v1/oauth/apple",
+      this._webSignerClient.configuration.apiUrl
+    ).href;
+    url.searchParams.set("redirect_uri", internalUrl);
+    const publicKey = await this._webSignerClient.getIframePublicKey();
+    const nonce = new sha2562().update(publicKey).digest("hex");
+    url.searchParams.set("nonce", nonce);
+    const state = new jose3.UnsecuredJWT({
+      apiKey: this._webSignerClient.configuration.apiKey,
+      redirectUrl: this._webSignerClient.oauthConfiguration.common.redirectUrl,
+      targetPublicKey: publicKey,
+      internalUrl,
+      origin: window.location.origin
+    }).encode();
+    url.searchParams.set("state", state);
+    return url.toString();
+  }
+};
+
+// src/modules/auth/oauth.ts
+var OAuthModule = class {
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+    this._googleModule = new GoogleModule(this._webSignerClient);
+    this._facebookModule = new FacebookModule(this._webSignerClient);
+    this._appleModule = new AppleModule(this._webSignerClient);
+  }
+  _googleModule;
+  _facebookModule;
+  _appleModule;
+  get google() {
+    return this._googleModule;
+  }
+  get facebook() {
+    return this._facebookModule;
+  }
+  get apple() {
+    return this._appleModule;
+  }
+  async complete({ bundle, subOrgId }) {
+    await this._webSignerClient.completeAuthWithBundle({
+      bundle,
+      subOrgId,
+      sessionType: "oauth" /* OAuth */
+    });
+  }
+};
+
+// src/modules/auth/index.ts
+var AuthModule = class {
+  /**
+   * Initializes a new instance of the `AuthModule` class.
+   *
+   * @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.
+   */
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+    this._passkeys = new PasskeysModule(this._webSignerClient);
+    this._email = new EmailModule(this._webSignerClient);
+    this._oauth = new OAuthModule(this._webSignerClient);
+  }
+  _passkeys;
+  _email;
+  _oauth;
+  /**
+   * A module for interacting with the Passkeys authentication methods.
+   */
+  get passkeys() {
+    return this._passkeys;
+  }
+  /**
+   * A module for interacting with the Passkeys authentication methods.
+   */
+  get email() {
+    return this._email;
+  }
+  get oauth() {
+    return this._oauth;
+  }
+};
+
+// src/modules/user/index.ts
+var UserModule = class {
+  /**
+   * Initializes a new instance of the `UserModule` class.
+   *
+   * @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.
+   */
+  constructor(_webSignerClient) {
+    this._webSignerClient = _webSignerClient;
+  }
+  /**
+   * Gets the user information.
+   *
+   * @returns {User | undefined} user information.
+   */
+  get info() {
+    return this._webSignerClient.user;
+  }
+  /**
+   * Logs out the user.
+   *
+   * @returns {void}
+   */
+  logout() {
+    return this._webSignerClient.logout();
+  }
+};
+
+// src/signer/web.ts
+import { getWebAuthnAttestation } from "@turnkey/http";
+import { IframeStamper } from "@turnkey/iframe-stamper";
+import { WebauthnStamper } from "@turnkey/webauthn-stamper";
+
+// src/lib/base64.ts
+import { Buffer } from "buffer";
+var LibBase64 = class {
+  static fromBuffer(buffer) {
+    return Buffer.from(buffer).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+  }
+  static toBuffer(base64) {
+    return Buffer.from(base64, "base64");
+  }
+};
+
+// src/lib/bytes.ts
+var LibBytes = class {
+  static generateRandomBuffer = () => {
+    const arr = new Uint8Array(32);
+    crypto.getRandomValues(arr);
+    return arr.buffer;
+  };
+  static takeBytes = (bytes, params = {}) => {
+    const { offset, count } = params;
+    const start = (offset ? offset * 2 : 0) + 2;
+    const end = count ? start + count * 2 : void 0;
+    return `0x${bytes.slice(start, end)}`;
+  };
+};
+
+// src/signer/index.ts
+import { TurnkeyClient } from "@turnkey/http";
+
+// src/errors/UnauthorizedError.ts
+var UnauthorizedError = class _UnauthorizedError extends SDKError {
+  constructor(props) {
+    super(_UnauthorizedError.name, props);
+  }
+};
+
+// src/errors/NotFoundError.ts
+var NotFoundError = class _NotFoundError extends SDKError {
+  constructor(props) {
+    super(_NotFoundError.name, props);
+  }
+};
+
+// src/errors/GenericError.ts
+var GenericError = class _GenericError extends SDKError {
+  constructor(props) {
+    super(_GenericError.name, props);
+  }
+};
+
+// src/errors/UnauthenticatedError.ts
+var UnauthenticatedError = class _UnauthenticatedError extends SDKError {
+  constructor(props) {
+    super(_UnauthenticatedError.name, props);
+  }
+};
+
 // src/types/Routes.ts
 var ROUTE_METHOD_MAP = {
   "/v1/signup": "POST",
@@ -202,8 +500,8 @@ var SignerClient = class {
     );
     this._configuration = {
       ...requiredConfiguration,
-      apiUrl: apiUrl ?? "https://auth.api.dev.fourt.io/",
-      paymasterRpcUrl: paymasterRpcUrl ?? "https://management.api.dev.fourt.io/"
+      apiUrl: apiUrl ?? "https://auth.api.fourt.io/",
+      paymasterRpcUrl: paymasterRpcUrl ?? "https://management.api.fourt.io/"
     };
     this._sessionStore = new SessionStore();
   }
@@ -340,36 +638,10 @@ var SignerClient = class {
   }
 };
 
-// src/lib/base64.ts
-import { Buffer } from "buffer";
-var LibBase64 = class {
-  static fromBuffer(buffer) {
-    return Buffer.from(buffer).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
-  }
-  static toBuffer(base64) {
-    return Buffer.from(base64, "base64");
-  }
-};
-
-// src/lib/bytes.ts
-var LibBytes = class {
-  static generateRandomBuffer = () => {
-    const arr = new Uint8Array(32);
-    crypto.getRandomValues(arr);
-    return arr.buffer;
-  };
-  static takeBytes = (bytes, params = {}) => {
-    const { offset, count } = params;
-    const start = (offset ? offset * 2 : 0) + 2;
-    const end = count ? start + count * 2 : void 0;
-    return `0x${bytes.slice(start, end)}`;
-  };
-};
-
 // src/signer/web.ts
-import { getWebAuthnAttestation } from "@turnkey/http";
 var WebSignerClient = class extends SignerClient {
   _stampers;
+  oauthConfiguration;
   /**
    * Initializes a new instance of the `WebSignerClient` class.
    *
@@ -378,7 +650,8 @@ var WebSignerClient = class extends SignerClient {
   constructor({
     configuration,
     webauthn,
-    iframe
+    iframe,
+    oauth
   }) {
     const iframeContainerId = iframe?.iframeContainerId ?? "fourt-signer-iframe-container";
     const iframeContainer = document.createElement("div");
@@ -400,6 +673,7 @@ var WebSignerClient = class extends SignerClient {
       webauthn: webauthnStamper,
       iframe: iframeStamper
     };
+    this.oauthConfiguration = oauth;
   }
   async signRawMessage(msg) {
     await this.updateStamper();
@@ -415,7 +689,7 @@ var WebSignerClient = class extends SignerClient {
    *
    */
   async updateStamper() {
-    if (this._sessionStore.type === void 0 || this._sessionStore.bundle === void 0 || this._sessionStore.token === void 0)
+    if (this._sessionStore.type === void 0 && (this._sessionStore.bundle === void 0 || this._sessionStore.token === void 0))
       return;
     if (this._sessionStore.type === "passkeys" /* Passkeys */) {
       this.stamper = this._stampers.webauthn;
@@ -423,7 +697,8 @@ var WebSignerClient = class extends SignerClient {
       this.stamper = this._stampers.iframe;
       await this.completeAuthWithBundle({
         bundle: this._sessionStore.bundle,
-        subOrgId: this.user?.subOrgId
+        subOrgId: this.user?.subOrgId,
+        sessionType: this._sessionStore.type
       });
     }
   }
@@ -465,6 +740,9 @@ var WebSignerClient = class extends SignerClient {
       await this._signInWithEmail(params);
     }
   }
+  async getIframePublicKey() {
+    return await this._initIframeStamper();
+  }
   /**
    * Signs in a user with email.
    *
@@ -475,10 +753,9 @@ var WebSignerClient = class extends SignerClient {
     expirationSeconds,
     redirectUrl
   }) {
-    const publicKey = await this._initIframeStamper();
     return this.request("/v1/email-auth", {
       email,
-      targetPublicKey: publicKey,
+      targetPublicKey: await this.getIframePublicKey(),
       expirationSeconds,
       redirectUrl: redirectUrl.toString()
     });
@@ -486,11 +763,12 @@ var WebSignerClient = class extends SignerClient {
   /**
    * Completes the authentication process with a credential bundle.
    *
-   * @param {EmailCompleteAuthWithBundleParams} params params for the completion of the auth process
+   * @param {CompleteAuthWithBundleParams} params params for the completion of the auth process
    */
   async completeAuthWithBundle({
     bundle,
-    subOrgId
+    subOrgId,
+    sessionType
   }) {
     await this._initIframeStamper();
     const result = await this._stampers.iframe.injectCredentialBundle(bundle);
@@ -498,7 +776,7 @@ var WebSignerClient = class extends SignerClient {
       throw new Error("Failed to inject credential bundle");
     }
     await this.whoAmI(subOrgId);
-    this._sessionStore.type = "email" /* Email */;
+    this._sessionStore.type = sessionType;
     this._sessionStore.bundle = bundle;
   }
   /**
@@ -529,6 +807,7 @@ var WebSignerClient = class extends SignerClient {
       smartAccountAddress,
       credentialId: attestation.credentialId
     };
+    this._sessionStore.user = this.user;
     this._sessionStore.type = "passkeys" /* Passkeys */;
     this._sessionStore.token = token;
   }
@@ -539,11 +818,10 @@ var WebSignerClient = class extends SignerClient {
    */
   async _createEmailAccount(params) {
     const { email, expirationSeconds, redirectUrl } = params;
-    const publicKey = await this._initIframeStamper();
     const response = await this.request("/v1/signup", {
       email,
       iframe: {
-        targetPublicKey: publicKey,
+        targetPublicKey: await this.getIframePublicKey(),
         expirationSeconds,
         redirectUrl: redirectUrl.toString()
       }
@@ -694,103 +972,6 @@ var ViemModule = class {
   }
 };
 
-// src/modules/auth/email.ts
-var EmailModule = class {
-  constructor(_webSignerClient) {
-    this._webSignerClient = _webSignerClient;
-  }
-  /**
-   * Initialize user authentication process using email.
-   *
-   * @param params {EmailInitializeAuthParams} params to initialize the user authentication process.
-   * @returns {Promise<void>} promise that resolves to the result of the authentication process.
-   */
-  async initialize(params) {
-    return this._webSignerClient.emailAuth(params);
-  }
-  /**
-   * Completes authentication with bundle after user receives the bundle and subOrgId as URL params.
-   *
-   * @param params {EmailCompleteAuthWithBundleParams} params received as URL params necessary to complete authentication process.
-   * @returns {Promise<void>} promise that completes the authentication process.
-   */
-  async complete(params) {
-    return this._webSignerClient.completeAuthWithBundle(params);
-  }
-};
-
-// src/modules/auth/passkeys.ts
-var PasskeysModule = class {
-  constructor(_webSignerClient) {
-    this._webSignerClient = _webSignerClient;
-  }
-  /**
-   * Signs in a user using Passkeys.
-   *
-   * @param params {WebauthnSignInParams} params for the sign-in process.
-   * @returns {Promise<void>} promise that resolves to the result of the sign-in process.
-   */
-  async signIn(params) {
-    return this._webSignerClient.webauthnSignIn(params);
-  }
-};
-
-// src/modules/auth/index.ts
-var AuthModule = class {
-  /**
-   * Initializes a new instance of the `AuthModule` class.
-   *
-   * @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.
-   */
-  constructor(_webSignerClient) {
-    this._webSignerClient = _webSignerClient;
-    this._passkeys = new PasskeysModule(this._webSignerClient);
-    this._email = new EmailModule(this._webSignerClient);
-  }
-  _passkeys;
-  _email;
-  /**
-   * A module for interacting with the Passkeys authentication methods.
-   */
-  get passkeys() {
-    return this._passkeys;
-  }
-  /**
-   * A module for interacting with the Passkeys authentication methods.
-   */
-  get email() {
-    return this._email;
-  }
-};
-
-// src/modules/user/index.ts
-var UserModule = class {
-  /**
-   * Initializes a new instance of the `UserModule` class.
-   *
-   * @param {WebSignerClient} _webSignerClient underlying WebSigner client instance.
-   */
-  constructor(_webSignerClient) {
-    this._webSignerClient = _webSignerClient;
-  }
-  /**
-   * Gets the user information.
-   *
-   * @returns {User | undefined} user information.
-   */
-  get info() {
-    return this._webSignerClient.user;
-  }
-  /**
-   * Logs out the user.
-   *
-   * @returns {void}
-   */
-  logout() {
-    return this._webSignerClient.logout();
-  }
-};
-
 // src/index.ts
 var FourtWebSigner = class {
   _webSignerClient;
@@ -818,12 +999,13 @@ var FourtWebSigner = class {
    */
   constructor({
     configuration,
-    auth: { webauthn, iframe }
+    auth: { webauthn, iframe, oauth }
   }) {
     this._webSignerClient = new WebSignerClient({
       configuration,
       webauthn,
-      iframe
+      iframe,
+      oauth
     });
     this._modules = {
       viem: new ViemModule(this._webSignerClient),