@lombard.finance/sdk-common 4.0.0 → 4.1.0-canary.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/modules.ts +8 -4
- package/src/services/auth.ts +84 -0
- package/src/services/index.ts +1 -0
package/package.json
CHANGED
package/src/modules.ts
CHANGED
|
@@ -72,8 +72,10 @@ export interface SdkModule<TId extends string = string, TService = unknown> {
|
|
|
72
72
|
* }
|
|
73
73
|
* ```
|
|
74
74
|
*/
|
|
75
|
-
export interface ChainModule<
|
|
76
|
-
extends
|
|
75
|
+
export interface ChainModule<
|
|
76
|
+
TChain extends string = string,
|
|
77
|
+
TService = unknown,
|
|
78
|
+
> extends SdkModule<TChain, TService> {
|
|
77
79
|
/** Chain type this module provides services for */
|
|
78
80
|
chain: TChain;
|
|
79
81
|
}
|
|
@@ -94,8 +96,10 @@ export type ModuleId<TModule> =
|
|
|
94
96
|
/**
|
|
95
97
|
* Extract service type from a module by ID
|
|
96
98
|
*/
|
|
97
|
-
export type ServiceOf<
|
|
98
|
-
TModule extends SdkModule<
|
|
99
|
+
export type ServiceOf<
|
|
100
|
+
TModule extends SdkModule<string, unknown>,
|
|
101
|
+
TId extends string,
|
|
102
|
+
> = TModule extends SdkModule<TId, infer TService> ? TService : never;
|
|
99
103
|
|
|
100
104
|
/**
|
|
101
105
|
* @deprecated Use ServiceOf instead
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Wallet Auth Service
|
|
3
|
+
*
|
|
4
|
+
* Contract for the wallet-based authentication flow used by the Lombard
|
|
5
|
+
* backend (v2):
|
|
6
|
+
*
|
|
7
|
+
* 1. `requestChallenge` — server returns a payload the wallet must sign.
|
|
8
|
+
* 2. `verifySignature` — server validates the signature and issues a JWT.
|
|
9
|
+
* 3. `revokeToken` — invalidates a JWT server-side (e.g. on disconnect).
|
|
10
|
+
*
|
|
11
|
+
* Signing the challenge with the user's wallet is intentionally NOT part of
|
|
12
|
+
* this contract — signing primitives are chain-specific and live in the
|
|
13
|
+
* corresponding chain SDK packages.
|
|
14
|
+
*/
|
|
15
|
+
|
|
16
|
+
/**
|
|
17
|
+
* Supported chain identifiers accepted by the auth API.
|
|
18
|
+
*
|
|
19
|
+
* Free-form string to stay open to chains added on the backend before the
|
|
20
|
+
* SDK is updated. Common values: `'ethereum'`, `'solana'`, `'sui'`,
|
|
21
|
+
* `'starknet'`, `'cosmos'`.
|
|
22
|
+
*/
|
|
23
|
+
export type WalletAuthChain = string;
|
|
24
|
+
|
|
25
|
+
export interface WalletChallengeRequest {
|
|
26
|
+
/** Wallet address performing the auth flow. */
|
|
27
|
+
address: string;
|
|
28
|
+
/** Chain the address belongs to. */
|
|
29
|
+
chain: WalletAuthChain;
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
export interface WalletChallengeResponse {
|
|
33
|
+
/** Random nonce embedded in the payload. */
|
|
34
|
+
nonce: string;
|
|
35
|
+
/** Chain-specific payload the user must sign with their wallet. */
|
|
36
|
+
payload: string;
|
|
37
|
+
/** ISO-8601 timestamp when this challenge expires. */
|
|
38
|
+
expiresAt: string;
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
export interface WalletVerifyRequest {
|
|
42
|
+
address: string;
|
|
43
|
+
/** The payload returned by `requestChallenge`. */
|
|
44
|
+
payload: string;
|
|
45
|
+
/** Signature produced by the wallet over `payload`. */
|
|
46
|
+
signature: string;
|
|
47
|
+
chain: WalletAuthChain;
|
|
48
|
+
/**
|
|
49
|
+
* Required for chains where the public key cannot be recovered from the
|
|
50
|
+
* signature (Starknet, Cosmos). Ignored elsewhere.
|
|
51
|
+
*/
|
|
52
|
+
publicKey?: string;
|
|
53
|
+
}
|
|
54
|
+
|
|
55
|
+
export interface WalletVerifyResponse {
|
|
56
|
+
/** JWT bound to the verified wallet address. */
|
|
57
|
+
jwt: string;
|
|
58
|
+
/** ISO-8601 timestamp when the JWT expires. */
|
|
59
|
+
expiresAt: string;
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
export interface RevokeWalletTokenRequest {
|
|
63
|
+
/** JWT to invalidate server-side. */
|
|
64
|
+
jwt: string;
|
|
65
|
+
}
|
|
66
|
+
|
|
67
|
+
/**
|
|
68
|
+
* Wallet auth service contract. Implementations live in `@lombard.finance/sdk`.
|
|
69
|
+
*/
|
|
70
|
+
export interface WalletAuthService {
|
|
71
|
+
/** Request a challenge payload for the given wallet. */
|
|
72
|
+
requestChallenge(
|
|
73
|
+
params: WalletChallengeRequest,
|
|
74
|
+
): Promise<WalletChallengeResponse>;
|
|
75
|
+
|
|
76
|
+
/** Submit a signed challenge and receive a JWT. */
|
|
77
|
+
verifySignature(params: WalletVerifyRequest): Promise<WalletVerifyResponse>;
|
|
78
|
+
|
|
79
|
+
/**
|
|
80
|
+
* Invalidate a JWT server-side. Best-effort: implementations may swallow
|
|
81
|
+
* network errors so callers can always clear local state.
|
|
82
|
+
*/
|
|
83
|
+
revokeToken(params: RevokeWalletTokenRequest): Promise<void>;
|
|
84
|
+
}
|