@injectivelabs/wallet-turnkey 1.19.19 → 1.19.20

package/dist/cjs/index.cjs

@@ -155,9 +155,10 @@ function generateTwitterPkce() {
 		codeChallenge: sha256ToBase64Url(codeVerifier)
 	};
 }
-function generateTwitterUrl({ state, clientId, redirectUri, codeChallenge }) {
+function generateTwitterUrl({ state, nonce, clientId, redirectUri, codeChallenge }) {
 	const url = new URL("https://twitter.com/i/oauth2/authorize");
 	url.searchParams.set("state", state);
+	url.searchParams.set("nonce", nonce);
 	url.searchParams.set("client_id", clientId);
 	url.searchParams.set("response_type", "code");
 	url.searchParams.set("redirect_uri", redirectUri);
@@ -378,18 +379,20 @@ var TurnkeyWallet = class {
 		if (provider === __injectivelabs_wallet_base.TurnkeyProvider.Twitter) {
 			if (!this.metadata.twitterClientId || !this.metadata.twitterRedirectUri) throw new __injectivelabs_exceptions.WalletException(/* @__PURE__ */ new Error("twitterClientId and twitterRedirectUri are required"));
 			const indexedDbClient = await this.getIndexedDbClient();
-			await indexedDbClient.resetKeyPair();
+			const nonce = await TurnkeyOauthWallet.generateOAuthNonce(indexedDbClient);
 			const targetPublicKey = await indexedDbClient.getPublicKey();
 			if (!targetPublicKey) throw new __injectivelabs_exceptions.WalletException(/* @__PURE__ */ new Error("Target public key is missing. Please ensure your wallet is properly initialized."));
 			const { state, codeVerifier, codeChallenge } = generateTwitterPkce();
 			return {
 				pkce: {
+					nonce,
 					state,
 					codeVerifier,
 					targetPublicKey
 				},
 				url: generateTwitterUrl({
 					state,
+					nonce,
 					codeChallenge,
 					clientId: this.metadata.twitterClientId,
 					redirectUri: this.metadata.twitterRedirectUri
@@ -413,24 +416,22 @@ var TurnkeyWallet = class {
 		this.userOrganizationId = oauthResult.organizationId;
 		return oauthResult.credentialBundle;
 	}
-	async confirmOAuth2({ authCode, codeVerifier, providerName, targetPublicKey }) {
+	async confirmOAuth2({ nonce, authCode, codeVerifier, providerName, targetPublicKey }) {
 		var _response$data, _response$data2;
 		const indexedDbClient = await this.getIndexedDbClient();
 		const path = this.metadata.oauth2ExchangePath || "turnkey/oauth2";
 		const response = await this.client.post(path, {
+			nonce,
 			authCode,
 			codeVerifier,
 			targetPublicKey,
 			providerName
 		});
 		if (!(response === null || response === void 0 || (_response$data = response.data) === null || _response$data === void 0 ? void 0 : _response$data.credentialBundle) || !(response === null || response === void 0 || (_response$data2 = response.data) === null || _response$data2 === void 0 ? void 0 : _response$data2.organizationId)) throw new __injectivelabs_exceptions.WalletException(/* @__PURE__ */ new Error(`${providerName} OAuth2 exchange failed`));
-		const { credentialBundle, organizationId, email } = response.data;
+		const { credentialBundle, organizationId } = response.data;
 		await indexedDbClient.loginWithSession(credentialBundle);
 		this.userOrganizationId = organizationId;
-		return {
-			session: credentialBundle,
-			email
-		};
+		return credentialBundle;
 	}
 	async refreshSession() {
 		var _session$session;

package/dist/cjs/index.d.cts

@@ -1,5 +1,5 @@
 import { HttpRestClient } from "@injectivelabs/utils";
-import { BaseConcreteStrategy, ConcreteEvmWalletStrategyArgs, ConcreteWalletStrategy, Eip1193Provider, SendTransactionOptions, StdSignDoc, TurnkeyMetadata, TurnkeyOAuthProvider, WalletDeviceType, WalletMetadata, WalletStrategyEvmOptions } from "@injectivelabs/wallet-base";
+import { BaseConcreteStrategy, ConcreteEvmWalletStrategyArgs, ConcreteWalletStrategy, Eip1193Provider, SendTransactionOptions, StdSignDoc, TurnkeyMetadata, TurnkeyOAuthProvider, TurnkeyProvider, WalletDeviceType, WalletMetadata, WalletStrategyEvmOptions } from "@injectivelabs/wallet-base";
 import { AccountAddress, EvmChainId } from "@injectivelabs/ts-types";
 import * as _turnkey_sdk_browser0 from "@turnkey/sdk-browser";
 import { Turnkey, TurnkeyIndexedDbClient } from "@turnkey/sdk-browser";
@@ -89,9 +89,10 @@ declare class TurnkeyWallet {
   initOTP(email: string): Promise<TurnkeyOTPCredentialsResponse>;
   initSms(phone: string): Promise<TurnkeyOTPCredentialsResponse>;
   confirmOTP(otpCode: string): Promise<TurnkeyConfirmEmailOTPResponse>;
-  initOAuth(provider: TurnkeyOAuthProvider): Promise<string>;
+  initOAuth(provider: TurnkeyProvider): Promise<string>;
   initOAuth2(provider: TurnkeyOAuthProvider): Promise<{
     pkce: {
+      nonce: string;
       state: string;
       codeVerifier: string;
       targetPublicKey: string;
@@ -100,19 +101,18 @@ declare class TurnkeyWallet {
   }>;
   confirmOAuth(provider: TurnkeyOAuthProvider, oidcToken: string): Promise<string>;
   confirmOAuth2({
+    nonce,
     authCode,
     codeVerifier,
     providerName,
     targetPublicKey
   }: {
+    nonce: string;
     authCode: string;
     codeVerifier: string;
     targetPublicKey: string;
     providerName: TurnkeyOAuthProvider;
-  }): Promise<{
-    session: string;
-    email: string | undefined;
-  }>;
+  }): Promise<string>;
   refreshSession(): Promise<string>;
   private initClient;
 }

package/dist/esm/index.d.ts

@@ -1,5 +1,5 @@
 import { HttpRestClient } from "@injectivelabs/utils";
-import { BaseConcreteStrategy, ConcreteEvmWalletStrategyArgs, ConcreteWalletStrategy, Eip1193Provider, SendTransactionOptions, StdSignDoc, TurnkeyMetadata, TurnkeyOAuthProvider, WalletDeviceType, WalletMetadata, WalletStrategyEvmOptions } from "@injectivelabs/wallet-base";
+import { BaseConcreteStrategy, ConcreteEvmWalletStrategyArgs, ConcreteWalletStrategy, Eip1193Provider, SendTransactionOptions, StdSignDoc, TurnkeyMetadata, TurnkeyOAuthProvider, TurnkeyProvider, WalletDeviceType, WalletMetadata, WalletStrategyEvmOptions } from "@injectivelabs/wallet-base";
 import { createAccount } from "@turnkey/viem";
 import * as _turnkey_sdk_browser0 from "@turnkey/sdk-browser";
 import { Turnkey, TurnkeyIndexedDbClient } from "@turnkey/sdk-browser";
@@ -89,9 +89,10 @@ declare class TurnkeyWallet {
   initOTP(email: string): Promise<TurnkeyOTPCredentialsResponse>;
   initSms(phone: string): Promise<TurnkeyOTPCredentialsResponse>;
   confirmOTP(otpCode: string): Promise<TurnkeyConfirmEmailOTPResponse>;
-  initOAuth(provider: TurnkeyOAuthProvider): Promise<string>;
+  initOAuth(provider: TurnkeyProvider): Promise<string>;
   initOAuth2(provider: TurnkeyOAuthProvider): Promise<{
     pkce: {
+      nonce: string;
       state: string;
       codeVerifier: string;
       targetPublicKey: string;
@@ -100,19 +101,18 @@ declare class TurnkeyWallet {
   }>;
   confirmOAuth(provider: TurnkeyOAuthProvider, oidcToken: string): Promise<string>;
   confirmOAuth2({
+    nonce,
     authCode,
     codeVerifier,
     providerName,
     targetPublicKey
   }: {
+    nonce: string;
     authCode: string;
     codeVerifier: string;
     targetPublicKey: string;
     providerName: TurnkeyOAuthProvider;
-  }): Promise<{
-    session: string;
-    email: string | undefined;
-  }>;
+  }): Promise<string>;
   refreshSession(): Promise<string>;
   private initClient;
 }

package/dist/esm/index.js

@@ -155,9 +155,10 @@ function generateTwitterPkce() {
 		codeChallenge: sha256ToBase64Url(codeVerifier)
 	};
 }
-function generateTwitterUrl({ state, clientId, redirectUri, codeChallenge }) {
+function generateTwitterUrl({ state, nonce, clientId, redirectUri, codeChallenge }) {
 	const url = new URL("https://twitter.com/i/oauth2/authorize");
 	url.searchParams.set("state", state);
+	url.searchParams.set("nonce", nonce);
 	url.searchParams.set("client_id", clientId);
 	url.searchParams.set("response_type", "code");
 	url.searchParams.set("redirect_uri", redirectUri);
@@ -378,18 +379,20 @@ var TurnkeyWallet = class {
 		if (provider === TurnkeyProvider.Twitter) {
 			if (!this.metadata.twitterClientId || !this.metadata.twitterRedirectUri) throw new WalletException(/* @__PURE__ */ new Error("twitterClientId and twitterRedirectUri are required"));
 			const indexedDbClient = await this.getIndexedDbClient();
-			await indexedDbClient.resetKeyPair();
+			const nonce = await TurnkeyOauthWallet.generateOAuthNonce(indexedDbClient);
 			const targetPublicKey = await indexedDbClient.getPublicKey();
 			if (!targetPublicKey) throw new WalletException(/* @__PURE__ */ new Error("Target public key is missing. Please ensure your wallet is properly initialized."));
 			const { state, codeVerifier, codeChallenge } = generateTwitterPkce();
 			return {
 				pkce: {
+					nonce,
 					state,
 					codeVerifier,
 					targetPublicKey
 				},
 				url: generateTwitterUrl({
 					state,
+					nonce,
 					codeChallenge,
 					clientId: this.metadata.twitterClientId,
 					redirectUri: this.metadata.twitterRedirectUri
@@ -413,24 +416,22 @@ var TurnkeyWallet = class {
 		this.userOrganizationId = oauthResult.organizationId;
 		return oauthResult.credentialBundle;
 	}
-	async confirmOAuth2({ authCode, codeVerifier, providerName, targetPublicKey }) {
+	async confirmOAuth2({ nonce, authCode, codeVerifier, providerName, targetPublicKey }) {
 		var _response$data, _response$data2;
 		const indexedDbClient = await this.getIndexedDbClient();
 		const path = this.metadata.oauth2ExchangePath || "turnkey/oauth2";
 		const response = await this.client.post(path, {
+			nonce,
 			authCode,
 			codeVerifier,
 			targetPublicKey,
 			providerName
 		});
 		if (!(response === null || response === void 0 || (_response$data = response.data) === null || _response$data === void 0 ? void 0 : _response$data.credentialBundle) || !(response === null || response === void 0 || (_response$data2 = response.data) === null || _response$data2 === void 0 ? void 0 : _response$data2.organizationId)) throw new WalletException(/* @__PURE__ */ new Error(`${providerName} OAuth2 exchange failed`));
-		const { credentialBundle, organizationId, email } = response.data;
+		const { credentialBundle, organizationId } = response.data;
 		await indexedDbClient.loginWithSession(credentialBundle);
 		this.userOrganizationId = organizationId;
-		return {
-			session: credentialBundle,
-			email
-		};
+		return credentialBundle;
 	}
 	async refreshSession() {
 		var _session$session;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@injectivelabs/wallet-turnkey",
-  "version": "1.19.19",
+  "version": "1.19.20",
   "description": "Turnkey wallet strategy for use with @injectivelabs/wallet-core.",
   "license": "Apache-2.0",
   "author": {
@@ -45,11 +45,11 @@
     "@turnkey/sdk-browser": "5.16.1",
     "@turnkey/viem": "0.13.1",
     "viem": "^2.41.2",
-    "@injectivelabs/exceptions": "1.19.19",
-    "@injectivelabs/sdk-ts": "1.19.19",
-    "@injectivelabs/ts-types": "1.19.19",
-    "@injectivelabs/utils": "1.19.19",
-    "@injectivelabs/wallet-base": "1.19.19"
+    "@injectivelabs/exceptions": "1.19.20",
+    "@injectivelabs/sdk-ts": "1.19.20",
+    "@injectivelabs/ts-types": "1.19.20",
+    "@injectivelabs/utils": "1.19.20",
+    "@injectivelabs/wallet-base": "1.19.20"
   },
   "publishConfig": {
     "access": "public"