@lit-protocol/vincent-app-sdk 0.0.4-ea

package/dist/src/webAuthClient/internal/uriHelpers.js

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.removeSearchParam = exports.uriContainsVincentJWT = exports.decodeVincentJWTFromUri = void 0;
+exports.composeConnectUrl = composeConnectUrl;
+const validate_1 = require("../../jwt/core/validate");
+const constants_1 = require("../constants");
+const decodeVincentJWTFromUri = ({ uri, expectedAudience, requiredAppId, }) => {
+    const url = new URL(uri);
+    const jwt = url.searchParams.get(constants_1.JWT_URL_KEY);
+    if (!jwt) {
+        return null;
+    }
+    try {
+        return { decodedJWT: (0, validate_1.verify)({ jwt, expectedAudience, requiredAppId }), jwtStr: jwt };
+    }
+    catch (error) {
+        // Explicitly throw if the JWT doesn't contain the required appId
+        throw new Error(`Failed to decode JWT: ${error.message}`);
+    }
+};
+exports.decodeVincentJWTFromUri = decodeVincentJWTFromUri;
+const uriContainsVincentJWT = (uri) => {
+    const url = new URL(uri);
+    const connectJwt = url.searchParams.get(constants_1.JWT_URL_KEY);
+    return !!connectJwt;
+};
+exports.uriContainsVincentJWT = uriContainsVincentJWT;
+function composeConnectUrl(appId, redirectUri, connectPageUrl) {
+    return new URL(`/user/appId/${String(appId)}/connect?redirectUri=${redirectUri}`, connectPageUrl || constants_1.PRODUCTION_VINCENT_DASHBOARD_URL);
+}
+const removeSearchParam = ({ paramName, uri, }) => {
+    const url = new URL(uri);
+    url.searchParams.delete(paramName);
+    // Update the browser's history without reloading the page
+    return url.toString();
+};
+exports.removeSearchParam = removeSearchParam;
+//# sourceMappingURL=uriHelpers.js.map

package/dist/src/webAuthClient/internal/uriHelpers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"uriHelpers.js","sourceRoot":"","sources":["../../../../src/webAuthClient/internal/uriHelpers.ts"],"names":[],"mappings":";;;AAkCA,8CAKC;AAvCD,sDAAiD;AACjD,4CAA6E;AAEtE,MAAM,uBAAuB,GAAG,CAAC,EACtC,GAAG,EACH,gBAAgB,EAChB,aAAa,GAKd,EAAE,EAAE;IACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACzB,MAAM,GAAG,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAW,CAAC,CAAC;IAE9C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,OAAO,EAAE,UAAU,EAAE,IAAA,iBAAM,EAAC,EAAE,GAAG,EAAE,gBAAgB,EAAE,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;IACvF,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,iEAAiE;QACjE,MAAM,IAAI,KAAK,CAAC,yBAA0B,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;IACvE,CAAC;AACH,CAAC,CAAC;AAtBW,QAAA,uBAAuB,2BAsBlC;AAEK,MAAM,qBAAqB,GAAG,CAAC,GAAW,EAAE,EAAE;IACnD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACzB,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAW,CAAC,CAAC;IAErD,OAAO,CAAC,CAAC,UAAU,CAAC;AACtB,CAAC,CAAC;AALW,QAAA,qBAAqB,yBAKhC;AAEF,SAAgB,iBAAiB,CAAC,KAAa,EAAE,WAAmB,EAAE,cAAuB;IAC3F,OAAO,IAAI,GAAG,CACZ,eAAe,MAAM,CAAC,KAAK,CAAC,wBAAwB,WAAW,EAAE,EACjE,cAAc,IAAI,4CAAgC,CACnD,CAAC;AACJ,CAAC;AAEM,MAAM,iBAAiB,GAAG,CAAC,EAChC,SAAS,EACT,GAAG,GAIJ,EAAU,EAAE;IACX,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACzB,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACnC,0DAA0D;IAC1D,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC,CAAC;AAXW,QAAA,iBAAiB,qBAW5B"}

package/dist/src/webAuthClient/types.d.ts

@@ -0,0 +1,109 @@
+import type { VincentJWTAppSpecific } from '../jwt/types';
+export interface WebAuthClientConfig {
+    appId: number;
+}
+export interface RedirectToVincentDelegationPageParams {
+    redirectUri: string;
+    /** This only needs to be provided for local development with the entire stack
+     * @hidden
+     * */
+    connectPageUrl?: string;
+}
+/**
+ * The Vincent Web Application Client is used in web apps to handle interactions with the Vincent app portal.
+ *
+ * - Connect page redirection
+ * - Authentication helpers that are browser specific
+ *
+ */
+export interface WebAuthClient {
+    /**
+     * Redirects the user to the Vincent Connect page.
+     *
+     * If the user approves your app permissions, they will be redirected back to the `redirectUri`.
+     *
+     * Use {@link WebAuthClient.uriContainsVincentJWT} to detect if a user has just opened your app via the Connect page
+     *
+     * Use {@link WebAuthClient.decodeVincentJWT} to decode and verify the {@link VincentJWT} from the page URI, and store it for later usage
+     *
+     * NOTE: You must register the `redirectUri` on your Vincent app for it to be considered a valid redirect target
+     *
+     * @example
+     * ```typescript
+     * import { getWebAuthClient } from '@lit-protocol/vincent-app-sdk/webAuthClient';
+     *
+     * const vincentAppClient = getWebAuthClient({ appId: MY_APP_ID });
+     * // ... In your app logic:
+     * if(vincentAppClient.uriContainsVincentJWT()) {
+     *   // Handle app logic for the user has just logged in
+     *   const { decoded, jwtStr } = vincentAppClient.decodeVincentJWT(EXPECTED_AUDIENCE);
+     *   // Store `jwtStr` for later usage; the user is now logged in.
+     * } else {
+     *   // Handle app logic for the user is already logged in (check for stored & unexpired JWT)
+     *   // ...
+     *    *   // Handle app logic for the user is not yet logged in
+     *  vincentAppClient.redirectToConnectPage({ redirectUri: window.location.href });
+     * }
+     * ```
+     * @function
+     * @inline
+     */
+    redirectToConnectPage: (redirectConfig: RedirectToVincentDelegationPageParams) => void;
+    /**
+     * Determines whether the current window location contains a Vincent JWT
+  
+     * You can use this to detect if a user is loading your app as a result of approving permissions
+     * on the Vincent Connect page -- e.g. they just logged in
+     *
+     * See: {@link WebAuthClient.redirectToConnectPage} for example usage
+     *
+     * @function
+     * @inline
+     * @returns `true` if the current window URI contains a Vincent JWT, otherwise `false`.
+     */
+    uriContainsVincentJWT: () => boolean;
+    /**
+     * Extracts a decoded/parsed Vincent JWT (JSON Web Token) from the current window location
+     *
+     * The token is verified as part of this process; if the token is invalid or expired, this method will throw.
+     *
+     * See: {@link WebAuthClient.redirectToConnectPage} for example usage
+     *
+     * @param expectedAudience Provide a valid `redirectUri` for your app; this is typically your app's origin
+     * @function
+     * @inline
+     * @returns {decodedJWT: VincentJWTAppSpecific; jwtStr: string | null} `null` if no JWT is found, otherwise both the decoded jwt and the original JWT string is returned
+     * @throws {Error} If there was a JWT in the page URL, but it was invalid / could not be verified
+     */
+    decodeVincentJWT: (expectedAudience: string) => {
+        decodedJWT: VincentJWTAppSpecific;
+        jwtStr: string;
+    } | null;
+    /**
+     * Removes the Vincent connect JWT from the current window URI.
+     *
+     * This is useful for cleaning up the URL after decoding and storing the JWT,
+     * ensuring the redirect URL looks clean for the user and no sensitive information
+     * is exposed in the URI.
+     *
+     * @example
+     * ```typescript
+     * import { getWebAuthClient } from '@lit-protocol/vincent-app-sdk/webAuthClient';
+     *
+     * const vincentAppClient = getWebAuthClient({ appId: MY_APP_ID });
+     *
+     * if (vincentAppClient.uriContainsVincentJWT()) {
+     *   const { decodedJWT, jwtStr } = vincentAppClient.decodeVincentJWT();
+     *   // Store the JWT and use it for authentication
+     *
+     *   // Now we can remove the JWT from the URL searchParams
+     *   vincentAppClient.removeVincentJWTFromURI();
+     * }
+     * ```
+     *
+     * @function
+     * @inline
+     */
+    removeVincentJWTFromURI: () => void;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/webAuthClient/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/webAuthClient/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAc,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAEtE,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,qCAAqC;IACpD,WAAW,EAAE,MAAM,CAAC;IACpB;;SAEK;IACL,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;;;;;GAMG;AACH,MAAM,WAAW,aAAa;IAC5B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8BG;IACH,qBAAqB,EAAE,CAAC,cAAc,EAAE,qCAAqC,KAAK,IAAI,CAAC;IAEvF;;;;;;;;;;;OAWG;IACH,qBAAqB,EAAE,MAAM,OAAO,CAAC;IAErC;;;;;;;;;;;;OAYG;IACH,gBAAgB,EAAE,CAChB,gBAAgB,EAAE,MAAM,KACrB;QAAE,UAAU,EAAE,qBAAqB,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;IAElE;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,uBAAuB,EAAE,MAAM,IAAI,CAAC;CACrC"}

package/dist/src/webAuthClient/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/src/webAuthClient/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/webAuthClient/types.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,82 @@
+{
+  "name": "@lit-protocol/vincent-app-sdk",
+  "version": "0.0.4-ea",
+  "description": "Vincent SDK for browser and backend",
+  "author": "Lit Protocol",
+  "license": "ISC",
+  "access": "public",
+  "publishConfig": {
+    "access": "public"
+  },
+  "engines": {
+    "node": "^20.11.1",
+    "pnpm": "10.7.0"
+  },
+  "exports": {
+    "./package.json": "./package.json",
+    "./jwt": {
+      "import": "./dist/src/jwt/index.js",
+      "require": "./dist/src/jwt/index.js",
+      "types": "./dist/src/jwt/index.d.ts"
+    },
+    "./abilityClient": {
+      "import": "./dist/src/abilityClient/index.js",
+      "require": "./dist/src/abilityClient/index.js",
+      "types": "./dist/src/abilityClient/index.d.ts"
+    },
+    "./webAuthClient": {
+      "import": "./dist/src/webAuthClient/index.js",
+      "require": "./dist/src/webAuthClient/index.js",
+      "types": "./dist/src/webAuthClient/index.d.ts"
+    },
+    "./expressMiddleware": {
+      "import": "./dist/src/expressMiddleware/index.js",
+      "require": "./dist/src/expressMiddleware/index.js",
+      "types": "./dist/src/expressMiddleware/index.d.ts"
+    },
+    "./utils": {
+      "import": "./dist/src/utils/index.js",
+      "require": "./dist/src/utils/index.js",
+      "types": "./dist/src/utils/index.d.ts"
+    }
+  },
+  "keywords": [
+    "jwt",
+    "authentication",
+    "sdk"
+  ],
+  "dependencies": {
+    "@lit-protocol/auth-helpers": "^7.0.9",
+    "@lit-protocol/constants": "^7.0.8",
+    "@lit-protocol/lit-node-client": "^7.0.8",
+    "@lit-protocol/vincent-contracts-sdk": "0.0.4-ea",
+    "@lit-protocol/vincent-ability-sdk": "0.0.4-ea",
+    "@noble/secp256k1": "^2.2.3",
+    "did-jwt": "^8.0.8",
+    "ethers": "5.8.0",
+    "tslib": "^2.8.1",
+    "zod": "3.25.64"
+  },
+  "sideEffects": false,
+  "files": [
+    "dist/**/*",
+    "*.md"
+  ],
+  "devDependencies": {
+    "@lit-protocol/pkp-ethers": "^7.2.0",
+    "@lit-protocol/types": "^7.0.8",
+    "@types/express": "^5.0.1",
+    "chokidar-cli": "^3.0.0",
+    "live-server": "^1.2.2",
+    "typedoc": "0.27.9",
+    "typedoc-material-theme": "1.3.0",
+    "typedoc-plugin-extras": "^4.0.0",
+    "typedoc-plugin-zod": "^1.4.1",
+    "vercel": "^41.6.2"
+  },
+  "scripts": {
+    "type-tests": "./scripts/run-typecheck.sh",
+    "watch:type-tests": "chokidar 'src/**/*' --initial --await-write-finish --delay 100 --silent -c './scripts/run-typecheck.sh'",
+    "typecheck": "./scripts/precommit-check.sh"
+  }
+}