@imtbl/auth 2.10.7-alpha.4 → 2.10.7-alpha.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/index.js +29 -29
- package/dist/node/index.cjs +34 -36
- package/dist/node/index.js +23 -23
- package/dist/types/Auth.d.ts +56 -26
- package/dist/types/index.d.ts +2 -3
- package/dist/types/types.d.ts +10 -17
- package/dist/types/utils/metrics.d.ts +2 -0
- package/package.json +4 -4
- package/src/Auth.ts +676 -98
- package/src/index.ts +1 -5
- package/src/types.ts +7 -17
- package/src/utils/metrics.ts +29 -0
- package/dist/types/authManager.d.ts +0 -61
- package/src/authManager.ts +0 -657
package/dist/node/index.js
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import { UserManager, User, ErrorTimeout, ErrorResponse, InMemoryWebStorage, WebStorageStateStore } from 'oidc-client-ts';
|
|
2
|
-
import
|
|
3
|
-
import
|
|
4
|
-
import
|
|
5
|
-
import
|
|
2
|
+
import Pe, { isAxiosError } from 'axios';
|
|
3
|
+
import J from 'jwt-decode';
|
|
4
|
+
import Ce from 'localforage';
|
|
5
|
+
import { track, getDetail, Detail, trackFlow, trackError, identify } from '@imtbl/metrics';
|
|
6
6
|
import { EventEmitter } from 'events';
|
|
7
7
|
|
|
8
|
-
var
|
|
8
|
+
var P=(s=>(s.AUTHENTICATION_ERROR="AUTHENTICATION_ERROR",s.INVALID_CONFIGURATION="INVALID_CONFIGURATION",s.WALLET_CONNECTION_ERROR="WALLET_CONNECTION_ERROR",s.NOT_LOGGED_IN_ERROR="NOT_LOGGED_IN_ERROR",s.SILENT_LOGIN_ERROR="SILENT_LOGIN_ERROR",s.REFRESH_TOKEN_ERROR="REFRESH_TOKEN_ERROR",s.USER_REGISTRATION_ERROR="USER_REGISTRATION_ERROR",s.USER_NOT_REGISTERED_ERROR="USER_NOT_REGISTERED_ERROR",s.LOGOUT_ERROR="LOGOUT_ERROR",s.TRANSFER_ERROR="TRANSFER_ERROR",s.CREATE_ORDER_ERROR="CREATE_ORDER_ERROR",s.CANCEL_ORDER_ERROR="CANCEL_ORDER_ERROR",s.EXCHANGE_TRANSFER_ERROR="EXCHANGE_TRANSFER_ERROR",s.CREATE_TRADE_ERROR="CREATE_TRADE_ERROR",s.OPERATION_NOT_SUPPORTED_ERROR="OPERATION_NOT_SUPPORTED_ERROR",s.LINK_WALLET_ALREADY_LINKED_ERROR="LINK_WALLET_ALREADY_LINKED_ERROR",s.LINK_WALLET_MAX_WALLETS_LINKED_ERROR="LINK_WALLET_MAX_WALLETS_LINKED_ERROR",s.LINK_WALLET_VALIDATION_ERROR="LINK_WALLET_VALIDATION_ERROR",s.LINK_WALLET_DUPLICATE_NONCE_ERROR="LINK_WALLET_DUPLICATE_NONCE_ERROR",s.LINK_WALLET_GENERIC_ERROR="LINK_WALLET_GENERIC_ERROR",s.SERVICE_UNAVAILABLE_ERROR="SERVICE_UNAVAILABLE_ERROR",s))(P||{});function te(n){return "code"in n&&"message"in n}var m=class extends Error{type;constructor(e,t){super(e),this.type=t;}},f=async(n,e)=>{try{return await n()}catch(t){let r;throw t instanceof m&&t.type==="SERVICE_UNAVAILABLE_ERROR"?new m(t.message,t.type):(isAxiosError(t)&&t.response?.data&&te(t.response.data)?r=t.response.data.message:r=t.message,new m(r,e))}};var re=(n,e,t)=>{let r=e.map(i=>!n[i]&&i).filter(i=>i).join(", ");if(r!==""){let i=`${r} cannot be null`;throw new m(i,"INVALID_CONFIGURATION")}},R=class{authenticationDomain;passportDomain;oidcConfiguration;crossSdkBridgeEnabled;popupOverlayOptions;constructor({authenticationDomain:e,passportDomain:t,crossSdkBridgeEnabled:r,popupOverlayOptions:i,...o}){re(o,["clientId","redirectUri"]),this.oidcConfiguration=o,this.crossSdkBridgeEnabled=r||!1,this.popupOverlayOptions=i,this.authenticationDomain=e||"https://auth.immutable.com",this.passportDomain=t||"https://passport.immutable.com";}};var S=(e=>(e.ZKEVM="zkEvm",e))(S||{}),U=n=>!!n.zkEvm,F=(t=>(t.OptedIn="opted_in",t.Unsubscribed="unsubscribed",t))(F||{}),b=(t=>(t.LOGGED_OUT="loggedOut",t.LOGGED_IN="loggedIn",t))(b||{});var H="im_passport_embedded_login_prompt";var h="passport-overlay",O="passport-overlay-contents",L=`${h}-close`,I=`${h}-try-again`,V=`
|
|
9
9
|
<svg
|
|
10
10
|
viewBox="0 0 20 20"
|
|
11
11
|
fill="none"
|
|
@@ -17,7 +17,7 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
17
17
|
fill="#F3F3F3"
|
|
18
18
|
/>
|
|
19
19
|
</svg>
|
|
20
|
-
|
|
20
|
+
`,G=`
|
|
21
21
|
<svg
|
|
22
22
|
viewBox="0 0 17 16"
|
|
23
23
|
fill="none"
|
|
@@ -214,9 +214,9 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
214
214
|
</clipPath>
|
|
215
215
|
</defs>
|
|
216
216
|
</svg>
|
|
217
|
-
`;var
|
|
217
|
+
`;var ie=()=>`
|
|
218
218
|
<button
|
|
219
|
-
id="${
|
|
219
|
+
id="${L}"
|
|
220
220
|
style="
|
|
221
221
|
background: #f3f3f326 !important;
|
|
222
222
|
border: none !important;
|
|
@@ -232,9 +232,9 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
232
232
|
justify-content: center !important;
|
|
233
233
|
"
|
|
234
234
|
>
|
|
235
|
-
${
|
|
235
|
+
${V}
|
|
236
236
|
</button>
|
|
237
|
-
`,
|
|
237
|
+
`,B=()=>`
|
|
238
238
|
<button
|
|
239
239
|
id="${I}"
|
|
240
240
|
style="
|
|
@@ -251,7 +251,7 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
251
251
|
>
|
|
252
252
|
Try again
|
|
253
253
|
</button>
|
|
254
|
-
`,
|
|
254
|
+
`,ne=()=>`
|
|
255
255
|
${x}
|
|
256
256
|
<div
|
|
257
257
|
style="
|
|
@@ -262,7 +262,7 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
262
262
|
margin-bottom: 10px !important;
|
|
263
263
|
"
|
|
264
264
|
>
|
|
265
|
-
${
|
|
265
|
+
${G}
|
|
266
266
|
Pop-up blocked
|
|
267
267
|
</div>
|
|
268
268
|
<p style="
|
|
@@ -275,8 +275,8 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
275
275
|
If the problem continues, adjust your<br />
|
|
276
276
|
browser settings.
|
|
277
277
|
</p>
|
|
278
|
-
${
|
|
279
|
-
`,
|
|
278
|
+
${B()}
|
|
279
|
+
`,oe=()=>`
|
|
280
280
|
${x}
|
|
281
281
|
<p style="
|
|
282
282
|
color: #b6b6b6 !important;
|
|
@@ -286,8 +286,8 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
286
286
|
>
|
|
287
287
|
Secure pop-up not showing?<br />We'll help you re-launch
|
|
288
288
|
</p>
|
|
289
|
-
${
|
|
290
|
-
`,
|
|
289
|
+
${B()}
|
|
290
|
+
`,Z=n=>`
|
|
291
291
|
<div
|
|
292
292
|
id="${h}"
|
|
293
293
|
style="
|
|
@@ -312,7 +312,7 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
312
312
|
z-index: 2147483647 !important;
|
|
313
313
|
"
|
|
314
314
|
>
|
|
315
|
-
${
|
|
315
|
+
${ie()}
|
|
316
316
|
<div
|
|
317
317
|
id="${O}"
|
|
318
318
|
style="
|
|
@@ -322,10 +322,10 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
322
322
|
max-width: 400px !important;
|
|
323
323
|
"
|
|
324
324
|
>
|
|
325
|
-
${
|
|
325
|
+
${n??""}
|
|
326
326
|
</div>
|
|
327
327
|
</div>
|
|
328
|
-
`,
|
|
328
|
+
`,K=()=>`
|
|
329
329
|
<div
|
|
330
330
|
id="${h}"
|
|
331
331
|
style="
|
|
@@ -354,7 +354,7 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
354
354
|
"
|
|
355
355
|
/>
|
|
356
356
|
</div>
|
|
357
|
-
`;function A({id:o,href:e,rel:t,crossOrigin:r}){let i=`${h}-${o}`;if(!document.getElementById(i)){let n=document.createElement("link");n.id=i,n.href=e,t&&(n.rel=t),r&&(n.crossOrigin=r),document.head.appendChild(n);}}var X=()=>Y(de()),j=()=>Y(le());var y=class{disableGenericPopupOverlay;disableBlockedPopupOverlay;overlay;isBlockedOverlay;tryAgainListener;onCloseListener;constructor(e,t=!1){this.disableBlockedPopupOverlay=e.disableBlockedPopupOverlay||!1,this.disableGenericPopupOverlay=e.disableGenericPopupOverlay||!1,this.isBlockedOverlay=t;}append(e,t){this.shouldAppendOverlay()&&(this.appendOverlay(),this.updateTryAgainButton(e),this.updateCloseButton(t));}update(e){this.updateTryAgainButton(e);}remove(){this.overlay&&this.overlay.remove();}shouldAppendOverlay(){return !(this.disableGenericPopupOverlay&&this.disableBlockedPopupOverlay||this.disableGenericPopupOverlay&&!this.isBlockedOverlay||this.disableBlockedPopupOverlay&&this.isBlockedOverlay)}appendOverlay(){if(!this.overlay){A({id:"link-googleapis",href:"https://fonts.googleapis.com"}),A({id:"link-gstatic",href:"https://fonts.gstatic.com",crossOrigin:"anonymous"}),A({id:"link-roboto",href:"https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap",rel:"stylesheet"});let t=document.createElement("div");t.innerHTML=this.isBlockedOverlay?X():j(),document.body.insertAdjacentElement("beforeend",t),this.overlay=t;}}updateTryAgainButton(e){let t=document.getElementById(I);t&&(this.tryAgainListener&&t.removeEventListener("click",this.tryAgainListener),this.tryAgainListener=e,t.addEventListener("click",e));}updateCloseButton(e){let t=document.getElementById(P);t&&(this.onCloseListener&&t.removeEventListener("click",this.onCloseListener),this.onCloseListener=e,t.addEventListener("click",e));}};var b=class{storage;constructor(e,t){this.storage=pe.createInstance({name:e,driver:t});}get length(){return this.storage.length()}clear(){return this.storage.clear()}getItem(e){return this.storage.getItem(e)}key(e){return this.storage.key(e)}async removeItem(e){await this.storage.removeItem(e);}async setItem(e,t){await this.storage.setItem(e,t);}};var Oe=500,ye={headers:{"Content-Type":"application/x-www-form-urlencoded"}},ve="/v2/logout",Te="/im-logged-out",Le="/authorize",Pe=o=>o?Te:ve,Ie=o=>{let{authenticationDomain:e,oidcConfiguration:t}=o,r;o.crossSdkBridgeEnabled?r=new b("ImmutableSDKPassport",pe.INDEXEDDB):typeof window<"u"?r=window.localStorage:r=new InMemoryWebStorage;let i=new WebStorageStateStore({store:r}),n=new URL(Pe(o.crossSdkBridgeEnabled),e.replace(/^(?:https?:\/\/)?(.*)/,"https://$1"));return n.searchParams.set("client_id",t.clientId),t.logoutRedirectUri&&n.searchParams.set("returnTo",t.logoutRedirectUri),{authority:e,redirect_uri:t.redirectUri,popup_redirect_uri:t.popupRedirectUri||t.redirectUri,client_id:t.clientId,metadata:{authorization_endpoint:`${e}/authorize`,token_endpoint:`${e}/oauth/token`,userinfo_endpoint:`${e}/userinfo`,end_session_endpoint:n.toString(),revocation_endpoint:`${e}/oauth/revoke`},automaticSilentRenew:!1,scope:t.scope,userStore:i,revokeTokenTypes:["refresh_token"],extraQueryParams:{...t.audience?{audience:t.audience}:{}}}};function D(o){return btoa(String.fromCharCode(...new Uint8Array(o))).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}async function Ae(o){let t=new TextEncoder().encode(o);return await window.crypto.subtle.digest("SHA-256",t)}var E=class o{userManager;deviceCredentialsManager;config;embeddedLoginPrompt;logoutMode;refreshingPromise=null;constructor(e,t){this.config=e,this.userManager=new UserManager(Ie(e)),this.deviceCredentialsManager=new C,this.embeddedLoginPrompt=t,this.logoutMode=e.oidcConfiguration.logoutMode||"redirect";}static mapOidcUserToDomainModel=e=>{let t;e.id_token&&(t=q(e.id_token)?.passport);let r={expired:e.expired,idToken:e.id_token,accessToken:e.access_token,refreshToken:e.refresh_token,profile:{sub:e.profile.sub,email:e.profile.email,nickname:e.profile.nickname}};return t?.imx_eth_address&&(r.imx={ethAddress:t.imx_eth_address,starkAddress:t.imx_stark_address,userAdminAddress:t.imx_user_admin_address}),t?.zkevm_eth_address&&(r.zkEvm={ethAddress:t?.zkevm_eth_address,userAdminAddress:t?.zkevm_user_admin_address}),r};static mapDeviceTokenResponseToOidcUser=e=>{let t=q(e.id_token);return new User({id_token:e.id_token,access_token:e.access_token,refresh_token:e.refresh_token,token_type:e.token_type,profile:{sub:t.sub,iss:t.iss,aud:t.aud,exp:t.exp,iat:t.iat,email:t.email,nickname:t.nickname,passport:t.passport}})};buildExtraQueryParams(e,t){let r={...this.userManager.settings?.extraQueryParams??{},rid:getDetail(Detail.RUNTIME_ID)||"",third_party_a_id:""};if(e){if(e.directLoginMethod==="email"){let i=e.email;i&&(r.direct=e.directLoginMethod,r.email=i);}else r.direct=e.directLoginMethod;e.marketingConsentStatus&&(r.marketingConsent=e.marketingConsentStatus);}return t&&(r.im_passport_trace_id=t),r}async loginWithRedirect(e){return await this.userManager.clearStaleState(),g(async()=>{let t=this.buildExtraQueryParams(e);await this.userManager.signinRedirect({extraQueryParams:t});},"AUTHENTICATION_ERROR")}async login(e){return g(async()=>{let t,r;if(e)t=e;else if(!this.config.popupOverlayOptions?.disableHeadlessLoginPromptOverlay){let{imPassportTraceId:l,...d}=await this.embeddedLoginPrompt.displayEmbeddedLoginPrompt();t=d,r=l;}let i=window.crypto.randomUUID(),n=async()=>{let l=this.buildExtraQueryParams(t,r),d=this.userManager.signinPopup({extraQueryParams:l,popupWindowFeatures:{width:410,height:450},popupWindowTarget:i}),p=window.open("",i);if(p){let f=new Promise((a,u)=>{let S=setInterval(()=>{p.closed&&(clearInterval(S),u(new Error("Popup closed by user")));},Oe);d.finally(()=>{clearInterval(S),p.close();});});return Promise.race([d,f])}return d};return new Promise((l,d)=>{n().then(p=>{l(o.mapOidcUserToDomainModel(p));}).catch(p=>{if(!(p instanceof Error)||p.message!=="Attempted to navigate on a disposed window"){d(p);return}let f=!1,a=new y(this.config.popupOverlayOptions||{},!0);a.append(async()=>{try{if(f)window.open("",i);else {f=!0;let u=await n();a.remove(),l(o.mapOidcUserToDomainModel(u));}}catch(u){a.remove(),d(u);}},()=>{a.remove(),d(new Error("Popup closed by user"));});});})},"AUTHENTICATION_ERROR")}async getUserOrLogin(){let e=null;try{e=await this.getUser();}catch(t){R.warn("Failed to retrieve a cached user session",t);}return e||this.login()}static shouldUseSigninPopupCallback(){try{let r=`oidc.${new URLSearchParams(window.location.search).get("state")}`,i=localStorage.getItem(r);return JSON.parse(i||"{}")?.request_type==="si:p"}catch{return !1}}async loginCallback(){return g(async()=>{if(o.shouldUseSigninPopupCallback()){await this.userManager.signinPopupCallback(void 0,!0);return}let e=await this.userManager.signinCallback();if(e)return o.mapOidcUserToDomainModel(e)},"AUTHENTICATION_ERROR")}async getPKCEAuthorizationUrl(e,t){let r=D(window.crypto.getRandomValues(new Uint8Array(32))),i=D(await Ae(r)),n=D(window.crypto.getRandomValues(new Uint8Array(32))),{redirectUri:l,scope:d,audience:p,clientId:f}=this.config.oidcConfiguration;this.deviceCredentialsManager.savePKCEData({state:n,verifier:r});let a=new URL(Le,this.config.authenticationDomain);if(a.searchParams.set("response_type","code"),a.searchParams.set("code_challenge",i),a.searchParams.set("code_challenge_method","S256"),a.searchParams.set("client_id",f),a.searchParams.set("redirect_uri",l),a.searchParams.set("state",n),d&&a.searchParams.set("scope",d),p&&a.searchParams.set("audience",p),e){if(e.directLoginMethod==="email"){let u=e.email;u&&(a.searchParams.set("direct",e.directLoginMethod),a.searchParams.set("email",u));}else a.searchParams.set("direct",e.directLoginMethod);e.marketingConsentStatus&&a.searchParams.set("marketingConsent",e.marketingConsentStatus);}return t&&a.searchParams.set("im_passport_trace_id",t),a.toString()}async loginWithPKCEFlowCallback(e,t){return g(async()=>{let r=this.deviceCredentialsManager.getPKCEData();if(!r)throw new Error("No code verifier or state for PKCE");if(t!==r.state)throw new Error("Provided state does not match stored state");let i=await this.getPKCEToken(e,r.verifier),n=o.mapDeviceTokenResponseToOidcUser(i),l=o.mapOidcUserToDomainModel(n);return await this.userManager.storeUser(n),l},"AUTHENTICATION_ERROR")}async getPKCEToken(e,t){return (await Ee.post(`${this.config.authenticationDomain}/oauth/token`,{client_id:this.config.oidcConfiguration.clientId,grant_type:"authorization_code",code_verifier:t,code:e,redirect_uri:this.config.oidcConfiguration.redirectUri},ye)).data}async storeTokens(e){return g(async()=>{let t=o.mapDeviceTokenResponseToOidcUser(e),r=o.mapOidcUserToDomainModel(t);return await this.userManager.storeUser(t),r},"AUTHENTICATION_ERROR")}async logout(){return g(async()=>{await this.userManager.revokeTokens(["refresh_token"]),this.logoutMode==="silent"?await this.userManager.signoutSilent():await this.userManager.signoutRedirect();},"LOGOUT_ERROR")}async logoutSilentCallback(e){return this.userManager.signoutSilentCallback(e)}async removeUser(){return this.userManager.removeUser()}async getLogoutUrl(){let e=this.userManager.settings?.metadata?.end_session_endpoint;return e||(R.warn("Failed to get logout URL"),null)}forceUserRefreshInBackground(){this.refreshTokenAndUpdatePromise().catch(e=>{R.warn("Failed to refresh user token",e);});}async forceUserRefresh(){return this.refreshTokenAndUpdatePromise().catch(e=>(R.warn("Failed to refresh user token",e),null))}async refreshTokenAndUpdatePromise(){return this.refreshingPromise?this.refreshingPromise:(this.refreshingPromise=new Promise(async(e,t)=>{try{let r=await this.userManager.signinSilent();if(r){e(o.mapOidcUserToDomainModel(r));return}e(null);}catch(r){let i="AUTHENTICATION_ERROR",n="Failed to refresh token",l=!0;if(r instanceof ErrorTimeout?(i="SILENT_LOGIN_ERROR",n=`${n}: ${r.message}`,l=!1):r instanceof ErrorResponse?(i="NOT_LOGGED_IN_ERROR",n=`${n}: ${r.message||r.error_description}`):r instanceof Error?n=`${n}: ${r.message}`:typeof r=="string"&&(n=`${n}: ${r}`),l)try{await this.userManager.removeUser();}catch(d){d instanceof Error&&(n=`${n}: Failed to remove user: ${d.message}`);}t(new c(n,i));}finally{this.refreshingPromise=null;}}),this.refreshingPromise)}async getUser(e=t=>!0){if(this.refreshingPromise){let r=await this.refreshingPromise;return r&&e(r)?r:null}let t=await this.userManager.getUser();if(!t)return null;if(!G(t)){let r=o.mapOidcUserToDomainModel(t);if(r&&e(r))return r}if(t.refresh_token){let r=await this.refreshTokenAndUpdatePromise();if(r&&e(r))return r}return null}async getUserZkEvm(){let e=await this.getUser(w);if(!e)throw new Error("Failed to obtain a User with the required ZkEvm attributes");return e}async getUserImx(){let e=await this.getUser(U);if(!e)throw new Error("Failed to obtain a User with the required IMX attributes");return e}};var be=(o,e,t)=>{let r=e.map(i=>!o[i]&&i).filter(i=>i).join(", ");if(r!==""){let i=`${r} cannot be null`;throw new c(i,"INVALID_CONFIGURATION")}},v=class{authenticationDomain;passportDomain;oidcConfiguration;crossSdkBridgeEnabled;popupOverlayOptions;constructor({authenticationDomain:e,passportDomain:t,crossSdkBridgeEnabled:r,popupOverlayOptions:i,...n}){be(n,["clientId","redirectUri"]),this.oidcConfiguration=n,this.crossSdkBridgeEnabled=r||!1,this.popupOverlayOptions=i,this.authenticationDomain=e||"https://auth.immutable.com",this.passportDomain=t||"https://passport.immutable.com";}};var Q="im_passport_embedded_login_prompt";var m=class{static overlay;static onCloseListener;static closeButton;static remove(){this.onCloseListener&&this.closeButton?.removeEventListener?.("click",this.onCloseListener),this.overlay?.remove(),this.closeButton=void 0,this.onCloseListener=void 0,this.overlay=void 0;}static appendOverlay(e,t){if(!this.overlay){let r=document.createElement("div");r.innerHTML=z(),document.body.insertAdjacentElement("beforeend",r);let i=document.querySelector(`#${O}`);i&&i.appendChild(e),r.addEventListener("click",t),this.overlay=r;}}};var Ue=660,Me=440,xe="16px",J="passport-embedded-login-keyframes",ee="passport-embedded-login-iframe",T=class o{config;constructor(e){this.config=e;}getHref=()=>`${this.config.authenticationDomain}/im-embedded-login-prompt?client_id=${this.config.oidcConfiguration.clientId}&rid=${getDetail(Detail.RUNTIME_ID)}`;static appendIFrameStylesIfNeeded=()=>{if(document.getElementById(J))return;let e=document.createElement("style");e.id=J,e.textContent=`
|
|
357
|
+
`;function k({id:n,href:e,rel:t,crossOrigin:r}){let i=`${h}-${n}`;if(!document.getElementById(i)){let o=document.createElement("link");o.id=i,o.href=e,t&&(o.rel=t),r&&(o.crossOrigin=r),document.head.appendChild(o);}}var $=()=>Z(ne()),W=()=>Z(oe());var u=class{static overlay;static onCloseListener;static closeButton;static remove(){this.onCloseListener&&this.closeButton?.removeEventListener?.("click",this.onCloseListener),this.overlay?.remove(),this.closeButton=void 0,this.onCloseListener=void 0,this.overlay=void 0;}static appendOverlay(e,t){if(!this.overlay){let r=document.createElement("div");r.innerHTML=K(),document.body.insertAdjacentElement("beforeend",r);let i=document.querySelector(`#${O}`);i&&i.appendChild(e),r.addEventListener("click",t),this.overlay=r;}}};var le=660,de=440,ce="16px",Y="passport-embedded-login-keyframes",z="passport-embedded-login-iframe",y=class n{config;constructor(e){this.config=e;}getHref=()=>`${this.config.authenticationDomain}/im-embedded-login-prompt?client_id=${this.config.oidcConfiguration.clientId}&rid=${getDetail(Detail.RUNTIME_ID)}`;static appendIFrameStylesIfNeeded=()=>{if(document.getElementById(Y))return;let e=document.createElement("style");e.id=Y,e.textContent=`
|
|
358
358
|
@keyframes passportEmbeddedLoginPromptPopBounceIn {
|
|
359
359
|
0% {
|
|
360
360
|
opacity: 0.5;
|
|
@@ -373,7 +373,7 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
373
373
|
}
|
|
374
374
|
|
|
375
375
|
@media (max-height: 400px) {
|
|
376
|
-
#${
|
|
376
|
+
#${z} {
|
|
377
377
|
width: 100% !important;
|
|
378
378
|
max-width: none !important;
|
|
379
379
|
}
|
|
@@ -387,6 +387,6 @@ var H="pkce_state",F="pkce_verifier",re=3600,C=class{isTokenValid(e){try{let r=q
|
|
|
387
387
|
opacity: 1;
|
|
388
388
|
}
|
|
389
389
|
}
|
|
390
|
-
`,document.head.appendChild(e);};getEmbeddedLoginIFrame=()=>{let e=document.createElement("iframe");return e.id=ee,e.src=this.getHref(),e.style.height="100vh",e.style.width="100vw",e.style.maxHeight=`${Ue}px`,e.style.maxWidth=`${Me}px`,e.style.borderRadius=xe,e.style.opacity="0",e.style.transform="scale(0.6)",e.style.animation="passportEmbeddedLoginPromptPopBounceIn 1s ease forwards",o.appendIFrameStylesIfNeeded(),e};displayEmbeddedLoginPrompt(){return new Promise((e,t)=>{let r=this.getEmbeddedLoginIFrame(),i=({data:n,origin:l})=>{if(!(l!==this.config.authenticationDomain||n.eventType!==Q))switch(n.messageType){case"login_method_selected":{let d=n.payload;window.removeEventListener("message",i),m.remove(),e(d);break}case"login_prompt_error":{window.removeEventListener("message",i),m.remove(),t(new Error("Error during embedded login prompt",{cause:n.payload}));break}case"login_prompt_closed":{window.removeEventListener("message",i),m.remove(),t(new Error("Popup closed by user"));break}default:window.removeEventListener("message",i),m.remove(),t(new Error(`Unsupported message type: ${n.messageType}`));break}};window.addEventListener("message",i),m.appendOverlay(r,()=>{window.removeEventListener("message",i),m.remove(),t(new Error("Popup closed by user"));});})}};var _=class{emitter=new EventEmitter;emit(e,...t){this.emitter.emit(e,...t);}on(e,t){this.emitter.on(e,t);}removeListener(e,t){this.emitter.removeListener(e,t);}};var N=class{authManager;config;eventEmitter;constructor(e){this.config=new v(e);let t=new T(this.config);this.authManager=new E(this.config,t),this.eventEmitter=new _,track("passport","initialise");}async login(e){return this.authManager.login(e)}async loginWithRedirect(e){await this.authManager.loginWithRedirect(e);}async loginWithOptions(e){let{useCachedSession:t=!1,useSilentLogin:r}=e||{},i=null;try{i=await this.authManager.getUser();}catch(n){if(t)throw n}if(!i&&r&&(i=await this.authManager.forceUserRefresh()),!i&&!t){if(e?.useRedirectFlow)return await this.authManager.loginWithRedirect(e?.directLoginOptions),null;i=await this.authManager.login(e?.directLoginOptions);}return i&&(this.eventEmitter.emit("loggedIn",i),identify({passportId:i.profile.sub})),i}async loginCallback(){let e=await this.authManager.loginCallback();if(!e)throw new Error("Login callback failed - no user returned");return this.eventEmitter.emit("loggedIn",e),identify({passportId:e.profile.sub}),e}async logout(){await this.authManager.logout(),this.eventEmitter.emit("loggedOut");}async getUser(){return this.authManager.getUser()}async getIdToken(){return (await this.authManager.getUser())?.idToken}async getAccessToken(){return (await this.authManager.getUser())?.accessToken}async isLoggedIn(){return await this.getUser()!==null}async forceUserRefresh(){return this.authManager.forceUserRefresh()}async loginWithPKCEFlow(e,t){return this.authManager.getPKCEAuthorizationUrl(e,t)}async loginWithPKCEFlowCallback(e,t){let r=await this.authManager.loginWithPKCEFlowCallback(e,t);return this.eventEmitter.emit("loggedIn",r),identify({passportId:r.profile.sub}),r}async storeTokens(e){let t=await this.authManager.storeTokens(e);return this.eventEmitter.emit("loggedIn",t),identify({passportId:t.profile.sub}),t}async getLogoutUrl(){return await this.authManager.removeUser(),this.eventEmitter.emit("loggedOut"),await this.authManager.getLogoutUrl()||void 0}async logoutSilentCallback(e){return this.authManager.logoutSilentCallback(e)}getAuthManager(){return this.authManager}getConfig(){return this.config}};
|
|
390
|
+
`,document.head.appendChild(e);};getEmbeddedLoginIFrame=()=>{let e=document.createElement("iframe");return e.id=z,e.src=this.getHref(),e.style.height="100vh",e.style.width="100vw",e.style.maxHeight=`${le}px`,e.style.maxWidth=`${de}px`,e.style.borderRadius=ce,e.style.opacity="0",e.style.transform="scale(0.6)",e.style.animation="passportEmbeddedLoginPromptPopBounceIn 1s ease forwards",n.appendIFrameStylesIfNeeded(),e};displayEmbeddedLoginPrompt(){return new Promise((e,t)=>{let r=this.getEmbeddedLoginIFrame(),i=({data:o,origin:d})=>{if(!(d!==this.config.authenticationDomain||o.eventType!==H))switch(o.messageType){case"login_method_selected":{let l=o.payload;window.removeEventListener("message",i),u.remove(),e(l);break}case"login_prompt_error":{window.removeEventListener("message",i),u.remove(),t(new Error("Error during embedded login prompt",{cause:o.payload}));break}case"login_prompt_closed":{window.removeEventListener("message",i),u.remove(),t(new Error("Popup closed by user"));break}default:window.removeEventListener("message",i),u.remove(),t(new Error(`Unsupported message type: ${o.messageType}`));break}};window.addEventListener("message",i),u.appendOverlay(r,()=>{window.removeEventListener("message",i),u.remove(),t(new Error("Popup closed by user"));});})}};var C=class{emitter=new EventEmitter;emit(e,...t){this.emitter.emit(e,...t);}on(e,t){this.emitter.on(e,t);}removeListener(e,t){this.emitter.removeListener(e,t);}};var p=async(n,e,t=!0,r=!0)=>{let i=trackFlow("passport",e,t);try{return await n(i)}catch(o){throw o instanceof Error?trackError("passport",e,o,{flowId:i.details.flowId}):i.addEvent("errored"),o}finally{r&&i.addEvent("End");}};var j="pkce_state",Q="pkce_verifier",fe=3600,v=class{isTokenValid(e){try{let r=J(e).exp??0,i=Date.now()/1e3+fe;return r>i}catch{return !1}}savePKCEData(e){localStorage.setItem(j,e.state),localStorage.setItem(Q,e.verifier);}getPKCEData(){let e=localStorage.getItem(j),t=localStorage.getItem(Q);return e&&t?{state:e,verifier:t}:null}};var Ee=(...n)=>{if(typeof process>"u")return;process?.env?.JEST_WORKER_ID===void 0&&console.warn(...n);},_={warn:Ee};function q(n){try{let e=J(n),t=Math.floor(Date.now()/1e3);return e.exp?e.exp<=t+30:!0}catch{return !0}}function X(n){let{id_token:e,access_token:t}=n;return !t||!e?!0:q(t)||q(e)}var T=class{disableGenericPopupOverlay;disableBlockedPopupOverlay;overlay;isBlockedOverlay;tryAgainListener;onCloseListener;constructor(e,t=!1){this.disableBlockedPopupOverlay=e.disableBlockedPopupOverlay||!1,this.disableGenericPopupOverlay=e.disableGenericPopupOverlay||!1,this.isBlockedOverlay=t;}append(e,t){this.shouldAppendOverlay()&&(this.appendOverlay(),this.updateTryAgainButton(e),this.updateCloseButton(t));}update(e){this.updateTryAgainButton(e);}remove(){this.overlay&&this.overlay.remove();}shouldAppendOverlay(){return !(this.disableGenericPopupOverlay&&this.disableBlockedPopupOverlay||this.disableGenericPopupOverlay&&!this.isBlockedOverlay||this.disableBlockedPopupOverlay&&this.isBlockedOverlay)}appendOverlay(){if(!this.overlay){k({id:"link-googleapis",href:"https://fonts.googleapis.com"}),k({id:"link-gstatic",href:"https://fonts.gstatic.com",crossOrigin:"anonymous"}),k({id:"link-roboto",href:"https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap",rel:"stylesheet"});let t=document.createElement("div");t.innerHTML=this.isBlockedOverlay?$():W(),document.body.insertAdjacentElement("beforeend",t),this.overlay=t;}}updateTryAgainButton(e){let t=document.getElementById(I);t&&(this.tryAgainListener&&t.removeEventListener("click",this.tryAgainListener),this.tryAgainListener=e,t.addEventListener("click",e));}updateCloseButton(e){let t=document.getElementById(L);t&&(this.onCloseListener&&t.removeEventListener("click",this.onCloseListener),this.onCloseListener=e,t.addEventListener("click",e));}};var w=class{storage;constructor(e,t){this.storage=Ce.createInstance({name:e,driver:t});}get length(){return this.storage.length()}clear(){return this.storage.clear()}getItem(e){return this.storage.getItem(e)}key(e){return this.storage.key(e)}async removeItem(e){await this.storage.removeItem(e);}async setItem(e,t){await this.storage.setItem(e,t);}};var Ue=500,be={headers:{"Content-Type":"application/x-www-form-urlencoded"}},xe="/v2/logout",Me="/im-logged-out",De="/authorize",Ne=n=>n?Me:xe,Se=n=>{let{authenticationDomain:e,oidcConfiguration:t}=n,r;n.crossSdkBridgeEnabled?r=new w("ImmutableSDKPassport",Ce.INDEXEDDB):typeof window<"u"?r=window.localStorage:r=new InMemoryWebStorage;let i=new WebStorageStateStore({store:r}),o=new URL(Ne(n.crossSdkBridgeEnabled),e.replace(/^(?:https?:\/\/)?(.*)/,"https://$1"));return o.searchParams.set("client_id",t.clientId),t.logoutRedirectUri&&o.searchParams.set("returnTo",t.logoutRedirectUri),{authority:e,redirect_uri:t.redirectUri,popup_redirect_uri:t.popupRedirectUri||t.redirectUri,client_id:t.clientId,metadata:{authorization_endpoint:`${e}/authorize`,token_endpoint:`${e}/oauth/token`,userinfo_endpoint:`${e}/userinfo`,end_session_endpoint:o.toString(),revocation_endpoint:`${e}/oauth/revoke`},automaticSilentRenew:!1,scope:t.scope,userStore:i,revokeTokenTypes:["refresh_token"],extraQueryParams:{...t.audience?{audience:t.audience}:{}}}};function M(n){return btoa(String.fromCharCode(...new Uint8Array(n))).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}async function Fe(n){let t=new TextEncoder().encode(n);return window.crypto.subtle.digest("SHA-256",t)}var D=class n{config;userManager;deviceCredentialsManager;embeddedLoginPrompt;logoutMode;refreshingPromise=null;eventEmitter;constructor(e){this.config=new R(e),this.embeddedLoginPrompt=new y(this.config),this.userManager=new UserManager(Se(this.config)),this.deviceCredentialsManager=new v,this.logoutMode=this.config.oidcConfiguration.logoutMode||"redirect",this.eventEmitter=new C,track("passport","initialise");}async login(e){return p(async()=>{let{useCachedSession:t=!1,useSilentLogin:r}=e||{},i=null;try{i=await this.getUserInternal();}catch(o){if(o instanceof Error&&!o.message.includes("Unknown or invalid refresh token")&&trackError("passport","login",o),t)throw o;_.warn("Failed to retrieve a cached user session",o);}if(!i&&r)i=await this.forceUserRefreshInternal();else if(!i&&!t){if(e?.useRedirectFlow)return await this.loginWithRedirectInternal(e?.directLoginOptions),null;i=await this.loginWithPopup(e?.directLoginOptions);}return i&&(this.eventEmitter.emit("loggedIn",i),identify({passportId:i.profile.sub})),i},"login")}async loginWithRedirect(e){await this.loginWithRedirectInternal(e);}async loginCallback(){return p(async()=>{let e=await this.loginCallbackInternal();return e&&(this.eventEmitter.emit("loggedIn",e),identify({passportId:e.profile.sub})),e},"loginCallback")}async logout(){await p(async()=>{await this.logoutInternal(),this.eventEmitter.emit("loggedOut");},"logout");}async getUser(){return p(async()=>this.getUserInternal(),"getUserInfo",!1)}async getUserOrLogin(){let e=null;try{e=await this.getUserInternal();}catch(t){_.warn("Failed to retrieve a cached user session",t);}return e||this.loginWithPopup()}async getUserZkEvm(){return this.getUserZkEvmInternal()}async getIdToken(){return p(async()=>(await this.getUserInternal())?.idToken,"getIdToken",!1)}async getAccessToken(){return p(async()=>(await this.getUserInternal())?.accessToken,"getAccessToken",!1,!1)}async isLoggedIn(){return await this.getUser()!==null}async forceUserRefresh(){return this.forceUserRefreshInternal()}forceUserRefreshInBackground(){this.forceUserRefreshInBackgroundInternal();}async loginWithPKCEFlow(e,t){return p(async()=>this.getPKCEAuthorizationUrl(e,t),"loginWithPKCEFlow")}async loginWithPKCEFlowCallback(e,t){return p(async()=>{let r=await this.loginWithPKCEFlowCallbackInternal(e,t);return this.eventEmitter.emit("loggedIn",r),identify({passportId:r.profile.sub}),r},"loginWithPKCEFlowCallback")}async storeTokens(e){return p(async()=>{let t=await this.storeTokensInternal(e);return this.eventEmitter.emit("loggedIn",t),identify({passportId:t.profile.sub}),t},"storeTokens")}async getLogoutUrl(){return p(async()=>(await this.userManager.removeUser(),this.eventEmitter.emit("loggedOut"),await this.getLogoutUrlInternal()||void 0),"getLogoutUrl")}async logoutSilentCallback(e){return p(()=>this.userManager.signoutSilentCallback(e),"logoutSilentCallback")}getConfig(){return this.config}async getClientId(){return this.config.oidcConfiguration.clientId}buildExtraQueryParams(e,t){let r={...this.userManager.settings?.extraQueryParams??{},rid:getDetail(Detail.RUNTIME_ID)||"",third_party_a_id:""};if(e){if(e.directLoginMethod==="email"){let i=e.email;i&&(r.direct=e.directLoginMethod,r.email=i);}else r.direct=e.directLoginMethod;e.marketingConsentStatus&&(r.marketingConsent=e.marketingConsentStatus);}return t&&(r.im_passport_trace_id=t),r}async loginWithRedirectInternal(e){await this.userManager.clearStaleState(),await f(async()=>{let t=this.buildExtraQueryParams(e);await this.userManager.signinRedirect({extraQueryParams:t});},"AUTHENTICATION_ERROR");}async loginWithPopup(e){return f(async()=>{let t,r;if(e)t=e;else if(!this.config.popupOverlayOptions?.disableHeadlessLoginPromptOverlay){let{imPassportTraceId:d,...l}=await this.embeddedLoginPrompt.displayEmbeddedLoginPrompt();t=l,r=d;}let i=window.crypto.randomUUID(),o=async()=>{let d=this.buildExtraQueryParams(t,r),l=this.userManager.signinPopup({extraQueryParams:d,popupWindowFeatures:{width:410,height:450},popupWindowTarget:i}),c=window.open("",i);if(c){let E=new Promise((a,g)=>{let N=setInterval(()=>{c.closed&&(clearInterval(N),g(new Error("Popup closed by user")));},Ue);l.finally(()=>{clearInterval(N),c.close();});});return Promise.race([l,E])}return l};return new Promise((d,l)=>{o().then(c=>d(n.mapOidcUserToDomainModel(c))).catch(c=>{if(!(c instanceof Error)||c.message!=="Attempted to navigate on a disposed window"){l(c);return}let E=!1,a=new T(this.config.popupOverlayOptions||{},!0);a.append(async()=>{try{if(E)window.open("",i);else {E=!0;let g=await o();a.remove(),d(n.mapOidcUserToDomainModel(g));}}catch(g){a.remove(),l(g);}},()=>{a.remove(),l(new Error("Popup closed by user"));});});})},"AUTHENTICATION_ERROR")}static mapOidcUserToDomainModel=e=>{let t;e.id_token&&(t=J(e.id_token)?.passport);let r={expired:e.expired,idToken:e.id_token,accessToken:e.access_token,refreshToken:e.refresh_token,profile:{sub:e.profile.sub,email:e.profile.email,nickname:e.profile.nickname}};return t?.zkevm_eth_address&&t?.zkevm_user_admin_address&&(r.zkEvm={ethAddress:t.zkevm_eth_address,userAdminAddress:t.zkevm_user_admin_address}),r};static mapDeviceTokenResponseToOidcUser=e=>{let t=J(e.id_token);return new User({id_token:e.id_token,access_token:e.access_token,refresh_token:e.refresh_token,token_type:e.token_type,profile:{sub:t.sub,iss:t.iss,aud:t.aud,exp:t.exp,iat:t.iat,email:t.email,nickname:t.nickname,passport:t.passport}})};static shouldUseSigninPopupCallback(){try{let r=`oidc.${new URLSearchParams(window.location.search).get("state")}`,i=localStorage.getItem(r);return JSON.parse(i||"{}")?.request_type==="si:p"}catch{return !1}}async loginCallbackInternal(){return f(async()=>{if(n.shouldUseSigninPopupCallback()){await this.userManager.signinPopupCallback(void 0,!0);return}let e=await this.userManager.signinCallback();if(e)return n.mapOidcUserToDomainModel(e)},"AUTHENTICATION_ERROR")}async getPKCEAuthorizationUrl(e,t){let r=M(window.crypto.getRandomValues(new Uint8Array(32))),i=M(await Fe(r)),o=M(window.crypto.getRandomValues(new Uint8Array(32))),{redirectUri:d,scope:l,audience:c,clientId:E}=this.config.oidcConfiguration;this.deviceCredentialsManager.savePKCEData({state:o,verifier:r});let a=new URL(De,this.config.authenticationDomain);if(a.searchParams.set("response_type","code"),a.searchParams.set("code_challenge",i),a.searchParams.set("code_challenge_method","S256"),a.searchParams.set("client_id",E),a.searchParams.set("redirect_uri",d),a.searchParams.set("state",o),l&&a.searchParams.set("scope",l),c&&a.searchParams.set("audience",c),e){if(e.directLoginMethod==="email"){let g=e.email;g&&(a.searchParams.set("direct",e.directLoginMethod),a.searchParams.set("email",g));}else a.searchParams.set("direct",e.directLoginMethod);e.marketingConsentStatus&&a.searchParams.set("marketingConsent",e.marketingConsentStatus);}return t&&a.searchParams.set("im_passport_trace_id",t),a.toString()}async loginWithPKCEFlowCallbackInternal(e,t){return f(async()=>{let r=this.deviceCredentialsManager.getPKCEData();if(!r)throw new Error("No code verifier or state for PKCE");if(t!==r.state)throw new Error("Provided state does not match stored state");let i=await this.getPKCEToken(e,r.verifier),o=n.mapDeviceTokenResponseToOidcUser(i),d=n.mapOidcUserToDomainModel(o);return await this.userManager.storeUser(o),d},"AUTHENTICATION_ERROR")}async getPKCEToken(e,t){return (await Pe.post(`${this.config.authenticationDomain}/oauth/token`,{client_id:this.config.oidcConfiguration.clientId,grant_type:"authorization_code",code_verifier:t,code:e,redirect_uri:this.config.oidcConfiguration.redirectUri},be)).data}async storeTokensInternal(e){return f(async()=>{let t=n.mapDeviceTokenResponseToOidcUser(e),r=n.mapOidcUserToDomainModel(t);return await this.userManager.storeUser(t),r},"AUTHENTICATION_ERROR")}async logoutInternal(){await f(async()=>{await this.userManager.revokeTokens(["refresh_token"]),this.logoutMode==="silent"?await this.userManager.signoutSilent():await this.userManager.signoutRedirect();},"LOGOUT_ERROR");}async getLogoutUrlInternal(){let e=this.userManager.settings?.metadata?.end_session_endpoint;return e||(_.warn("Failed to get logout URL"),null)}forceUserRefreshInBackgroundInternal(){this.refreshTokenAndUpdatePromise().catch(e=>{_.warn("Failed to refresh user token",e);});}async forceUserRefreshInternal(){return this.refreshTokenAndUpdatePromise().catch(e=>(_.warn("Failed to refresh user token",e),null))}async refreshTokenAndUpdatePromise(){return this.refreshingPromise?this.refreshingPromise:(this.refreshingPromise=new Promise((e,t)=>{(async()=>{try{let r=await this.userManager.signinSilent();if(r){e(n.mapOidcUserToDomainModel(r));return}e(null);}catch(r){let i="AUTHENTICATION_ERROR",o="Failed to refresh token",d=!0;if(r instanceof ErrorTimeout?(i="SILENT_LOGIN_ERROR",o=`${o}: ${r.message}`,d=!1):r instanceof ErrorResponse?(i="NOT_LOGGED_IN_ERROR",o=`${o}: ${r.message||r.error_description}`):r instanceof Error?o=`${o}: ${r.message}`:typeof r=="string"&&(o=`${o}: ${r}`),d)try{await this.userManager.removeUser();}catch(l){l instanceof Error&&(o=`${o}: Failed to remove user: ${l.message}`);}t(new m(o,i));}finally{this.refreshingPromise=null;}})();}),this.refreshingPromise)}async getUserInternal(e=t=>!0){if(this.refreshingPromise){let r=await this.refreshingPromise;return r&&e(r)?r:null}let t=await this.userManager.getUser();if(!t)return null;if(!X(t)){let r=n.mapOidcUserToDomainModel(t);if(r&&e(r))return r}if(t.refresh_token){let r=await this.refreshTokenAndUpdatePromise();if(r&&e(r))return r}return null}async getUserZkEvmInternal(){let e=await this.getUserInternal(U);if(!e)throw new Error("Failed to obtain a User with the required ZkEvm attributes");return e}};
|
|
391
391
|
|
|
392
|
-
export {
|
|
392
|
+
export { D as Auth, R as AuthConfiguration, b as AuthEvents, F as MarketingConsentStatus, m as PassportError, P as PassportErrorType, S as RollupType, C as TypedEventEmitter, U as isUserZkEvm, f as withPassportError };
|
package/dist/types/Auth.d.ts
CHANGED
|
@@ -1,14 +1,20 @@
|
|
|
1
|
-
import AuthManager from './authManager';
|
|
2
1
|
import { IAuthConfiguration } from './config';
|
|
3
|
-
import { AuthModuleConfiguration, User, DirectLoginOptions, DeviceTokenResponse, LoginOptions, AuthEventMap } from './types';
|
|
2
|
+
import { AuthModuleConfiguration, User, DirectLoginOptions, DeviceTokenResponse, LoginOptions, AuthEventMap, UserZkEvm } from './types';
|
|
4
3
|
import TypedEventEmitter from './utils/typedEventEmitter';
|
|
5
4
|
/**
|
|
6
5
|
* Public-facing Auth class for authentication
|
|
7
|
-
*
|
|
6
|
+
* Provides login/logout helpers and exposes auth state events
|
|
8
7
|
*/
|
|
9
8
|
export declare class Auth {
|
|
10
|
-
private
|
|
11
|
-
private
|
|
9
|
+
private readonly config;
|
|
10
|
+
private readonly userManager;
|
|
11
|
+
private readonly deviceCredentialsManager;
|
|
12
|
+
private readonly embeddedLoginPrompt;
|
|
13
|
+
private readonly logoutMode;
|
|
14
|
+
/**
|
|
15
|
+
* Promise that is used to prevent multiple concurrent calls to the refresh token endpoint.
|
|
16
|
+
*/
|
|
17
|
+
private refreshingPromise;
|
|
12
18
|
/**
|
|
13
19
|
* Event emitter for authentication events (LOGGED_IN, LOGGED_OUT)
|
|
14
20
|
* Exposed for wallet and passport packages to subscribe to auth state changes
|
|
@@ -34,12 +40,12 @@ export declare class Auth {
|
|
|
34
40
|
*/
|
|
35
41
|
constructor(config: AuthModuleConfiguration);
|
|
36
42
|
/**
|
|
37
|
-
* Login with
|
|
38
|
-
*
|
|
39
|
-
* @param
|
|
40
|
-
* @returns Promise that resolves with the
|
|
43
|
+
* Login the user with extended options
|
|
44
|
+
* Supports cached sessions, silent login, redirect flow, and direct login
|
|
45
|
+
* @param options - Extended login options
|
|
46
|
+
* @returns Promise that resolves with the user or null
|
|
41
47
|
*/
|
|
42
|
-
login(
|
|
48
|
+
login(options?: LoginOptions): Promise<User | null>;
|
|
43
49
|
/**
|
|
44
50
|
* Login with redirect
|
|
45
51
|
* Redirects the page for authentication
|
|
@@ -47,19 +53,12 @@ export declare class Auth {
|
|
|
47
53
|
* @returns Promise that resolves when redirect is initiated
|
|
48
54
|
*/
|
|
49
55
|
loginWithRedirect(directLoginOptions?: DirectLoginOptions): Promise<void>;
|
|
50
|
-
/**
|
|
51
|
-
* Enhanced login method with extended options
|
|
52
|
-
* Supports cached sessions, silent login, and redirect flow
|
|
53
|
-
* @param options - Extended login options
|
|
54
|
-
* @returns Promise that resolves with the user or null
|
|
55
|
-
*/
|
|
56
|
-
loginWithOptions(options?: LoginOptions): Promise<User | null>;
|
|
57
56
|
/**
|
|
58
57
|
* Login callback handler
|
|
59
|
-
* Call this in your redirect
|
|
60
|
-
* @returns Promise that resolves with the authenticated user
|
|
58
|
+
* Call this in your redirect or popup callback page
|
|
59
|
+
* @returns Promise that resolves with the authenticated user or undefined (for popup flows)
|
|
61
60
|
*/
|
|
62
|
-
loginCallback(): Promise<User>;
|
|
61
|
+
loginCallback(): Promise<User | undefined>;
|
|
63
62
|
/**
|
|
64
63
|
* Logout the current user
|
|
65
64
|
* @returns Promise that resolves when logout is complete
|
|
@@ -70,6 +69,16 @@ export declare class Auth {
|
|
|
70
69
|
* @returns Promise that resolves with the user or null if not authenticated
|
|
71
70
|
*/
|
|
72
71
|
getUser(): Promise<User | null>;
|
|
72
|
+
/**
|
|
73
|
+
* Get the current authenticated user or initiate login if needed
|
|
74
|
+
* @returns Promise that resolves with an authenticated user
|
|
75
|
+
*/
|
|
76
|
+
getUserOrLogin(): Promise<User>;
|
|
77
|
+
/**
|
|
78
|
+
* Get the current authenticated zkEVM user
|
|
79
|
+
* @returns Promise that resolves with a zkEVM-capable user
|
|
80
|
+
*/
|
|
81
|
+
getUserZkEvm(): Promise<UserZkEvm>;
|
|
73
82
|
/**
|
|
74
83
|
* Get the ID token for the current user
|
|
75
84
|
* @returns Promise that resolves with the ID token or undefined
|
|
@@ -90,6 +99,10 @@ export declare class Auth {
|
|
|
90
99
|
* @returns Promise that resolves with the user or null if refresh fails
|
|
91
100
|
*/
|
|
92
101
|
forceUserRefresh(): Promise<User | null>;
|
|
102
|
+
/**
|
|
103
|
+
* Trigger a background user refresh without awaiting the result
|
|
104
|
+
*/
|
|
105
|
+
forceUserRefreshInBackground(): void;
|
|
93
106
|
/**
|
|
94
107
|
* Get the PKCE authorization URL for login flow
|
|
95
108
|
* @param directLoginOptions - Optional direct login options
|
|
@@ -121,16 +134,33 @@ export declare class Auth {
|
|
|
121
134
|
* @returns Promise that resolves when callback is handled
|
|
122
135
|
*/
|
|
123
136
|
logoutSilentCallback(url: string): Promise<void>;
|
|
124
|
-
/**
|
|
125
|
-
* Get internal AuthManager instance
|
|
126
|
-
* @internal
|
|
127
|
-
* @returns AuthManager instance for advanced use cases
|
|
128
|
-
*/
|
|
129
|
-
getAuthManager(): AuthManager;
|
|
130
137
|
/**
|
|
131
138
|
* Get auth configuration
|
|
132
139
|
* @internal
|
|
133
140
|
* @returns IAuthConfiguration instance
|
|
134
141
|
*/
|
|
135
142
|
getConfig(): IAuthConfiguration;
|
|
143
|
+
/**
|
|
144
|
+
* Get the configured OIDC client ID
|
|
145
|
+
* @returns Promise that resolves with the client ID string
|
|
146
|
+
*/
|
|
147
|
+
getClientId(): Promise<string>;
|
|
148
|
+
private buildExtraQueryParams;
|
|
149
|
+
private loginWithRedirectInternal;
|
|
150
|
+
private loginWithPopup;
|
|
151
|
+
private static mapOidcUserToDomainModel;
|
|
152
|
+
private static mapDeviceTokenResponseToOidcUser;
|
|
153
|
+
private static shouldUseSigninPopupCallback;
|
|
154
|
+
private loginCallbackInternal;
|
|
155
|
+
private getPKCEAuthorizationUrl;
|
|
156
|
+
private loginWithPKCEFlowCallbackInternal;
|
|
157
|
+
private getPKCEToken;
|
|
158
|
+
private storeTokensInternal;
|
|
159
|
+
private logoutInternal;
|
|
160
|
+
private getLogoutUrlInternal;
|
|
161
|
+
private forceUserRefreshInBackgroundInternal;
|
|
162
|
+
private forceUserRefreshInternal;
|
|
163
|
+
private refreshTokenAndUpdatePromise;
|
|
164
|
+
private getUserInternal;
|
|
165
|
+
private getUserZkEvmInternal;
|
|
136
166
|
}
|
package/dist/types/index.d.ts
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
export { Auth } from './Auth';
|
|
2
|
-
export { default as AuthManager } from './authManager';
|
|
3
2
|
export { AuthConfiguration, type IAuthConfiguration } from './config';
|
|
4
|
-
export type { User, UserProfile,
|
|
5
|
-
export { isUserZkEvm,
|
|
3
|
+
export type { User, UserProfile, UserZkEvm, DirectLoginMethod, DirectLoginOptions, LoginOptions, DeviceTokenResponse, OidcConfiguration, AuthModuleConfiguration, PopupOverlayOptions, PassportMetadata, IdTokenPayload, PKCEData, AuthEventMap, } from './types';
|
|
4
|
+
export { isUserZkEvm, RollupType, MarketingConsentStatus, AuthEvents, } from './types';
|
|
6
5
|
export { default as TypedEventEmitter } from './utils/typedEventEmitter';
|
|
7
6
|
export { PassportError, PassportErrorType, withPassportError } from './errors';
|
package/dist/types/types.d.ts
CHANGED
|
@@ -10,7 +10,6 @@ export type UserProfile = {
|
|
|
10
10
|
sub: string;
|
|
11
11
|
};
|
|
12
12
|
export declare enum RollupType {
|
|
13
|
-
IMX = "imx",
|
|
14
13
|
ZKEVM = "zkEvm"
|
|
15
14
|
}
|
|
16
15
|
export type User = {
|
|
@@ -19,22 +18,14 @@ export type User = {
|
|
|
19
18
|
refreshToken?: string;
|
|
20
19
|
profile: UserProfile;
|
|
21
20
|
expired?: boolean;
|
|
22
|
-
[RollupType.IMX]?: {
|
|
23
|
-
ethAddress: string;
|
|
24
|
-
starkAddress: string;
|
|
25
|
-
userAdminAddress: string;
|
|
26
|
-
};
|
|
27
21
|
[RollupType.ZKEVM]?: {
|
|
28
22
|
ethAddress: string;
|
|
29
23
|
userAdminAddress: string;
|
|
30
24
|
};
|
|
31
25
|
};
|
|
32
26
|
export type PassportMetadata = {
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
imx_user_admin_address: string;
|
|
36
|
-
zkevm_eth_address: string;
|
|
37
|
-
zkevm_user_admin_address: string;
|
|
27
|
+
zkevm_eth_address?: string;
|
|
28
|
+
zkevm_user_admin_address?: string;
|
|
38
29
|
};
|
|
39
30
|
export interface OidcConfiguration {
|
|
40
31
|
clientId: string;
|
|
@@ -72,10 +63,8 @@ export interface AuthModuleConfiguration extends OidcConfiguration {
|
|
|
72
63
|
type WithRequired<T, K extends keyof T> = T & {
|
|
73
64
|
[P in K]-?: T[P];
|
|
74
65
|
};
|
|
75
|
-
export type UserImx = WithRequired<User, RollupType.IMX>;
|
|
76
66
|
export type UserZkEvm = WithRequired<User, RollupType.ZKEVM>;
|
|
77
67
|
export declare const isUserZkEvm: (user: User) => user is UserZkEvm;
|
|
78
|
-
export declare const isUserImx: (user: User) => user is UserImx;
|
|
79
68
|
export type DeviceTokenResponse = {
|
|
80
69
|
access_token: string;
|
|
81
70
|
refresh_token?: string;
|
|
@@ -105,10 +94,14 @@ export declare enum MarketingConsentStatus {
|
|
|
105
94
|
Unsubscribed = "unsubscribed"
|
|
106
95
|
}
|
|
107
96
|
export type DirectLoginOptions = {
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
email
|
|
111
|
-
|
|
97
|
+
marketingConsentStatus: MarketingConsentStatus;
|
|
98
|
+
} & ({
|
|
99
|
+
directLoginMethod: 'email';
|
|
100
|
+
email: string;
|
|
101
|
+
} | {
|
|
102
|
+
directLoginMethod: Exclude<DirectLoginMethod, 'email'>;
|
|
103
|
+
email?: never;
|
|
104
|
+
});
|
|
112
105
|
/**
|
|
113
106
|
* Extended login options with caching and silent login support
|
|
114
107
|
*/
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@imtbl/auth",
|
|
3
|
-
"version": "2.10.7-alpha.
|
|
3
|
+
"version": "2.10.7-alpha.6",
|
|
4
4
|
"description": "Authentication SDK for Immutable",
|
|
5
5
|
"author": "Immutable",
|
|
6
6
|
"bugs": "https://github.com/immutable/ts-immutable-sdk/issues",
|
|
@@ -25,8 +25,8 @@
|
|
|
25
25
|
}
|
|
26
26
|
},
|
|
27
27
|
"dependencies": {
|
|
28
|
-
"@imtbl/config": "2.10.7-alpha.
|
|
29
|
-
"@imtbl/metrics": "2.10.7-alpha.
|
|
28
|
+
"@imtbl/config": "2.10.7-alpha.6",
|
|
29
|
+
"@imtbl/metrics": "2.10.7-alpha.6",
|
|
30
30
|
"axios": "^1.6.5",
|
|
31
31
|
"jwt-decode": "^3.1.2",
|
|
32
32
|
"localforage": "^1.10.0",
|
|
@@ -34,7 +34,7 @@
|
|
|
34
34
|
"uuid": "^9.0.1"
|
|
35
35
|
},
|
|
36
36
|
"devDependencies": {
|
|
37
|
-
"@imtbl/toolkit": "2.10.7-alpha.
|
|
37
|
+
"@imtbl/toolkit": "2.10.7-alpha.6",
|
|
38
38
|
"@types/node": "^18.14.2",
|
|
39
39
|
"tsup": "^8.3.0",
|
|
40
40
|
"typescript": "^5.6.2"
|