@metamask-previews/profile-sync-controller 28.0.2-preview-af2c9f6c3 → 28.0.2-preview-02f91c63c
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/dist/controllers/authentication/AuthenticationController-method-action-types.cjs.map +1 -1
- package/dist/controllers/authentication/AuthenticationController-method-action-types.d.cts +36 -6
- package/dist/controllers/authentication/AuthenticationController-method-action-types.d.cts.map +1 -1
- package/dist/controllers/authentication/AuthenticationController-method-action-types.d.mts +36 -6
- package/dist/controllers/authentication/AuthenticationController-method-action-types.d.mts.map +1 -1
- package/dist/controllers/authentication/AuthenticationController-method-action-types.mjs.map +1 -1
- package/dist/controllers/authentication/AuthenticationController.cjs +101 -6
- package/dist/controllers/authentication/AuthenticationController.cjs.map +1 -1
- package/dist/controllers/authentication/AuthenticationController.d.cts +43 -7
- package/dist/controllers/authentication/AuthenticationController.d.cts.map +1 -1
- package/dist/controllers/authentication/AuthenticationController.d.mts +43 -7
- package/dist/controllers/authentication/AuthenticationController.d.mts.map +1 -1
- package/dist/controllers/authentication/AuthenticationController.mjs +101 -6
- package/dist/controllers/authentication/AuthenticationController.mjs.map +1 -1
- package/dist/controllers/authentication/index.cjs.map +1 -1
- package/dist/controllers/authentication/index.d.cts +1 -1
- package/dist/controllers/authentication/index.d.cts.map +1 -1
- package/dist/controllers/authentication/index.d.mts +1 -1
- package/dist/controllers/authentication/index.d.mts.map +1 -1
- package/dist/controllers/authentication/index.mjs.map +1 -1
- package/dist/controllers/authentication/mocks/mockResponses.d.cts +18 -0
- package/dist/controllers/authentication/mocks/mockResponses.d.cts.map +1 -1
- package/dist/controllers/authentication/mocks/mockResponses.d.mts +18 -0
- package/dist/controllers/authentication/mocks/mockResponses.d.mts.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/flow-srp.cjs +28 -1
- package/dist/sdk/authentication-jwt-bearer/flow-srp.cjs.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/flow-srp.d.cts +2 -0
- package/dist/sdk/authentication-jwt-bearer/flow-srp.d.cts.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/flow-srp.d.mts +2 -0
- package/dist/sdk/authentication-jwt-bearer/flow-srp.d.mts.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/flow-srp.mjs +29 -2
- package/dist/sdk/authentication-jwt-bearer/flow-srp.mjs.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/services.cjs +56 -1
- package/dist/sdk/authentication-jwt-bearer/services.cjs.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/services.d.cts +17 -1
- package/dist/sdk/authentication-jwt-bearer/services.d.cts.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/services.d.mts +17 -1
- package/dist/sdk/authentication-jwt-bearer/services.d.mts.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/services.mjs +53 -0
- package/dist/sdk/authentication-jwt-bearer/services.mjs.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/types.cjs.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/types.d.cts +20 -1
- package/dist/sdk/authentication-jwt-bearer/types.d.cts.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/types.d.mts +20 -1
- package/dist/sdk/authentication-jwt-bearer/types.d.mts.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/types.mjs.map +1 -1
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.cjs +27 -0
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.cjs.map +1 -0
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.d.cts +13 -0
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.d.cts.map +1 -0
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.d.mts +13 -0
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.d.mts.map +1 -0
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.mjs +23 -0
- package/dist/sdk/authentication-jwt-bearer/utils/identifier.mjs.map +1 -0
- package/dist/sdk/authentication.cjs +4 -0
- package/dist/sdk/authentication.cjs.map +1 -1
- package/dist/sdk/authentication.d.cts +2 -0
- package/dist/sdk/authentication.d.cts.map +1 -1
- package/dist/sdk/authentication.d.mts +2 -0
- package/dist/sdk/authentication.d.mts.map +1 -1
- package/dist/sdk/authentication.mjs +4 -0
- package/dist/sdk/authentication.mjs.map +1 -1
- package/dist/sdk/mocks/auth.cjs +11 -1
- package/dist/sdk/mocks/auth.cjs.map +1 -1
- package/dist/sdk/mocks/auth.d.cts +10 -0
- package/dist/sdk/mocks/auth.d.cts.map +1 -1
- package/dist/sdk/mocks/auth.d.mts +10 -0
- package/dist/sdk/mocks/auth.d.mts.map +1 -1
- package/dist/sdk/mocks/auth.mjs +11 -1
- package/dist/sdk/mocks/auth.mjs.map +1 -1
- package/dist/sdk/user-storage.cjs +11 -1
- package/dist/sdk/user-storage.cjs.map +1 -1
- package/dist/sdk/user-storage.d.cts.map +1 -1
- package/dist/sdk/user-storage.d.mts.map +1 -1
- package/dist/sdk/user-storage.mjs +11 -1
- package/dist/sdk/user-storage.mjs.map +1 -1
- package/package.json +1 -1
|
@@ -104,6 +104,7 @@ export const PAIR_IDENTIFIERS = (env) => `${getEnvUrls(env).authApiUrl}/api/v2/i
|
|
|
104
104
|
export const OIDC_TOKEN_URL = (env) => `${getEnvUrls(env).oidcApiUrl}/oauth2/token`;
|
|
105
105
|
export const SRP_LOGIN_URL = (env) => `${getEnvUrls(env).authApiUrl}/api/v2/srp/login`;
|
|
106
106
|
export const SIWE_LOGIN_URL = (env) => `${getEnvUrls(env).authApiUrl}/api/v2/siwe/login`;
|
|
107
|
+
export const PAIR_PROFILES_URL = (env) => `${getEnvUrls(env).authApiUrl}/api/v2/profile/pair`;
|
|
107
108
|
export const PROFILE_LINEAGE_URL = (env) => `${getEnvUrls(env).authApiUrl}/api/v2/profile/lineage`;
|
|
108
109
|
const getAuthenticationUrl = (authType, env) => {
|
|
109
110
|
switch (authType) {
|
|
@@ -116,6 +117,13 @@ const getAuthenticationUrl = (authType, env) => {
|
|
|
116
117
|
throw new ValidationError(`Invalid AuthType: ${authType} - unable to create Auth URL`);
|
|
117
118
|
}
|
|
118
119
|
};
|
|
120
|
+
const parseProfileAliases = (raw) => {
|
|
121
|
+
return raw.map((alias) => ({
|
|
122
|
+
aliasProfileId: alias.alias_profile_id,
|
|
123
|
+
canonicalProfileId: alias.canonical_profile_id,
|
|
124
|
+
identifierIds: alias.identifier_ids ?? [],
|
|
125
|
+
}));
|
|
126
|
+
};
|
|
119
127
|
/**
|
|
120
128
|
* Pair multiple identifiers under a single profile
|
|
121
129
|
*
|
|
@@ -148,6 +156,46 @@ export async function pairIdentifiers(nonce, logins, accessToken, env) {
|
|
|
148
156
|
return await throwServiceError(error, 'Failed to pair identifiers', PairError);
|
|
149
157
|
}
|
|
150
158
|
}
|
|
159
|
+
/**
|
|
160
|
+
* Pair multiple profiles using their OIDC access tokens.
|
|
161
|
+
* Idempotent — calling with already-paired tokens is a no-op.
|
|
162
|
+
*
|
|
163
|
+
* @param accessTokens - Two or more OIDC access tokens to pair
|
|
164
|
+
* @param authAccessToken - A valid access token for the Authorization header
|
|
165
|
+
* @param env - server environment
|
|
166
|
+
* @returns The pair response containing the canonical profile and aliases
|
|
167
|
+
*/
|
|
168
|
+
export async function pairProfiles(accessTokens, authAccessToken, env) {
|
|
169
|
+
const pairUrl = new URL(PAIR_PROFILES_URL(env));
|
|
170
|
+
try {
|
|
171
|
+
const response = await fetch(pairUrl, {
|
|
172
|
+
method: 'POST',
|
|
173
|
+
headers: {
|
|
174
|
+
'Content-Type': 'application/json',
|
|
175
|
+
Authorization: `Bearer ${authAccessToken}`,
|
|
176
|
+
},
|
|
177
|
+
body: JSON.stringify({
|
|
178
|
+
jwts: accessTokens,
|
|
179
|
+
}),
|
|
180
|
+
});
|
|
181
|
+
if (!response.ok) {
|
|
182
|
+
return await throwServiceError(response, 'Failed to pair profiles', PairError);
|
|
183
|
+
}
|
|
184
|
+
const pairResponse = await response.json();
|
|
185
|
+
return {
|
|
186
|
+
profile: {
|
|
187
|
+
identifierId: pairResponse.profile.identifier_id,
|
|
188
|
+
metaMetricsId: pairResponse.profile.metametrics_id ?? '',
|
|
189
|
+
profileId: pairResponse.profile.profile_id,
|
|
190
|
+
canonicalProfileId: pairResponse.profile.profile_id,
|
|
191
|
+
},
|
|
192
|
+
profileAliases: parseProfileAliases(pairResponse.profile_aliases ?? []),
|
|
193
|
+
};
|
|
194
|
+
}
|
|
195
|
+
catch (error) {
|
|
196
|
+
return await throwServiceError(error, 'Failed to pair profiles', PairError);
|
|
197
|
+
}
|
|
198
|
+
}
|
|
151
199
|
/**
|
|
152
200
|
* Service to Get Nonce for JWT Bearer Flow
|
|
153
201
|
*
|
|
@@ -228,6 +276,9 @@ export async function authenticate(rawMessage, signature, authType, env, metamet
|
|
|
228
276
|
method: 'POST',
|
|
229
277
|
headers: {
|
|
230
278
|
'Content-Type': 'application/json',
|
|
279
|
+
...(authType === AuthType.SRP
|
|
280
|
+
? { 'X-MetaMask-Profile-Pairing': 'enabled' }
|
|
281
|
+
: {}),
|
|
231
282
|
},
|
|
232
283
|
body: JSON.stringify({
|
|
233
284
|
signature,
|
|
@@ -253,7 +304,9 @@ export async function authenticate(rawMessage, signature, authType, env, metamet
|
|
|
253
304
|
identifierId: loginResponse.profile.identifier_id,
|
|
254
305
|
metaMetricsId: loginResponse.profile.metametrics_id,
|
|
255
306
|
profileId: loginResponse.profile.profile_id,
|
|
307
|
+
canonicalProfileId: loginResponse.profile.profile_id,
|
|
256
308
|
},
|
|
309
|
+
profileAliases: parseProfileAliases(loginResponse.profile_aliases ?? []),
|
|
257
310
|
};
|
|
258
311
|
}
|
|
259
312
|
catch (error) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"services.mjs","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/services.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,6BAAyB;AAE/D,OAAO,EAAE,iBAAiB,EAAE,yBAAqB;AACjD,OAAO,EACL,mBAAmB,EACnB,SAAS,EACT,WAAW,EACX,eAAe,EACf,gBAAgB,EACjB,sBAAkB;AAOnB,OAAO,EAAE,QAAQ,EAAE,oBAAgB;AAEnC;;;;;;GAMG;AACH,SAAS,eAAe,CAAC,gBAA+B;IACtD,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,OAAO,OAAO,GAAG,IAAI,CAAC;IACxB,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC/B,OAAO,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IAChC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,uBAAuB,CAAC,QAAkB;IACvD,MAAM,EAAE,MAAM,EAAE,GAAG,QAAQ,CAAC;IAC5B,MAAM,cAAc,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;IAExC,IAAI,OAAO,GAAG,eAAe,CAAC;IAC9B,IAAI,KAAK,GAAG,SAAS,CAAC;IAEtB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGK,CAAC;QAEjD,OAAO;YACL,SAAS,IAAI,YAAY;gBACvB,CAAC,CAAC,YAAY,CAAC,OAAO;gBACtB,CAAC,CAAC,YAAY,CAAC,iBAAiB,CAAC;QACrC,KAAK,GAAG,YAAY,CAAC,KAAK,IAAI,SAAS,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,CAAC;YAChD,OAAO,GAAG,WAAW;gBACnB,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;gBAC3B,CAAC,CAAC,yBAAyB,CAAC;YAC9B,KAAK,GAAG,mBAAmB,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,GAAG,gCAAgC,CAAC;YAC3C,KAAK,GAAG,sBAAsB,CAAC;QACjC,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,MAAM,MAAM,OAAO,YAAY,KAAK,GAAG,CAAC;AACzD,CAAC;AAED;;;;;GAKG;AACH,MAAM,eAAe,GAAG,CAAC,GAAY,EAAmB,EAAE,CACxD,OAAO,GAAG,KAAK,QAAQ;IACvB,GAAG,KAAK,IAAI;IACZ,QAAQ,IAAI,GAAG;IACf,SAAS,IAAI,GAAG,CAAC;AAEnB;;;;;;;;;GASG;AACH,KAAK,UAAU,iBAAiB,CAC9B,KAAc,EACd,WAAmB,EACnB,UAA0C;IAE1C,6EAA6E;IAC7E,IAAI,KAAK,YAAY,gBAAgB,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;QACrE,MAAM,KAAK,CAAC;IACd,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5E,MAAM,IAAI,UAAU,CAAC,GAAG,WAAW,KAAK,YAAY,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC;IACvB,MAAM,EAAE,MAAM,EAAE,GAAG,QAAQ,CAAC;IAC5B,MAAM,eAAe,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAEhE,IAAI,MAAM,KAAK,iBAAiB,CAAC,iBAAiB,EAAE,CAAC;QACnD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAC7D,MAAM,YAAY,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;QACvD,MAAM,IAAI,gBAAgB,CACxB,GAAG,WAAW,KAAK,eAAe,EAAE,EACpC,YAAY,IAAI,SAAS,CAC1B,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,UAAU,CAAC,GAAG,WAAW,KAAK,eAAe,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,GAAQ,EAAU,EAAE,CAC5C,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,eAAe,CAAC;AAE/C,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,GAAQ,EAAU,EAAE,CACnD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,0BAA0B,CAAC;AAE1D,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,GAAQ,EAAU,EAAE,CACjD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,eAAe,CAAC;AAE/C,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,GAAQ,EAAU,EAAE,CAChD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,mBAAmB,CAAC;AAEnD,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,GAAQ,EAAU,EAAE,CACjD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,oBAAoB,CAAC;AAEpD,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,GAAQ,EAAU,EAAE,CACtD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,yBAAyB,CAAC;AAEzD,MAAM,oBAAoB,GAAG,CAAC,QAAkB,EAAE,GAAQ,EAAU,EAAE;IACpE,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ,CAAC,GAAG;YACf,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;QAC5B,KAAK,QAAQ,CAAC,IAAI;YAChB,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC;QAC7B,0BAA0B;QAC1B;YACE,MAAM,IAAI,eAAe,CACvB,qBAAqB,QAAkB,8BAA8B,CACtE,CAAC;IACN,CAAC;AACH,CAAC,CAAC;AAkBF;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,KAAa,EACb,MAAqB,EACrB,WAAmB,EACnB,GAAQ;IAER,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAE/C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;YACpC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,WAAW,EAAE;aACvC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK;gBACL,MAAM;aACP,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,4BAA4B,EAC5B,SAAS,CACV,CAAC;QACJ,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,4BAA4B,EAC5B,SAAS,CACV,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,EAAU,EAAE,GAAQ;IACjD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;IACzC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IAE5C,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;QACvD,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC;YACtB,OAAO,MAAM,iBAAiB,CAC5B,aAAa,EACb,qBAAqB,EACrB,mBAAmB,CACpB,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,CAAC;QAC7C,OAAO;YACL,KAAK,EAAE,SAAS,CAAC,KAAK;YACtB,UAAU,EAAE,SAAS,CAAC,UAAU;YAChC,SAAS,EAAE,SAAS,CAAC,UAAU;SAChC,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,qBAAqB,EACrB,mBAAmB,CACpB,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,QAAgB,EAChB,GAAQ,EACR,QAAkB;IAElB,MAAM,SAAS,GAAG,6CAA6C,CAAC;IAChE,MAAM,OAAO,GAAG;QACd,cAAc,EAAE,mCAAmC;KACpD,CAAC;IAEF,MAAM,cAAc,GAAG,IAAI,eAAe,EAAE,CAAC;IAC7C,cAAc,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAC/C,cAAc,CAAC,MAAM,CAAC,WAAW,EAAE,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;IACnE,cAAc,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAE7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;YAChD,MAAM,EAAE,MAAM;YACd,OAAO;YACP,IAAI,EAAE,cAAc,CAAC,QAAQ,EAAE;SAChC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,4BAA4B,EAC5B,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAClD,OAAO;YACL,WAAW,EAAE,mBAAmB,CAAC,YAAY;YAC7C,SAAS,EAAE,mBAAmB,CAAC,UAAU;YACzC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;SACvB,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,4BAA4B,EAC5B,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC;AAOD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,UAAkB,EAClB,SAAiB,EACjB,QAAkB,EAClB,GAAQ,EACR,WAA6B;IAE7B,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAE9D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,iBAAiB,EAAE;YAC9C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,SAAS;gBACT,WAAW,EAAE,UAAU;gBACvB,GAAG,CAAC,WAAW;oBACb,CAAC,CAAC;wBACE,WAAW,EAAE;4BACX,cAAc,EAAE,MAAM,WAAW,CAAC,gBAAgB,EAAE;4BACpD,KAAK,EAAE,WAAW,CAAC,KAAK;yBACzB;qBACF;oBACH,CAAC,CAAC,EAAE,CAAC;aACR,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,wBAAwB,QAAQ,EAAE,EAClC,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC5C,OAAO;YACL,KAAK,EAAE,aAAa,CAAC,KAAK;YAC1B,SAAS,EAAE,aAAa,CAAC,UAAU;YACnC,OAAO,EAAE;gBACP,YAAY,EAAE,aAAa,CAAC,OAAO,CAAC,aAAa;gBACjD,aAAa,EAAE,aAAa,CAAC,OAAO,CAAC,cAAc;gBACnD,SAAS,EAAE,aAAa,CAAC,OAAO,CAAC,UAAU;aAC5C;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,wBAAwB,QAAQ,EAAE,EAClC,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,GAAQ,EACR,WAAmB;IAEnB,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC;IAE5D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,iBAAiB,EAAE;YAC9C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,WAAW,EAAE;aACvC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,+BAA+B,EAC/B,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAuB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC9D,OAAO,WAAW,CAAC;IACrB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,+BAA+B,EAC/B,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC","sourcesContent":["import type { Env, Platform } from '../../shared/env';\nimport { getEnvUrls, getOidcClientId } from '../../shared/env';\nimport type { MetaMetricsAuth } from '../../shared/types/services';\nimport { HTTP_STATUS_CODES } from '../constants';\nimport {\n NonceRetrievalError,\n PairError,\n SignInError,\n ValidationError,\n RateLimitedError,\n} from '../errors';\nimport type {\n AccessToken,\n ErrorMessage,\n UserProfile,\n UserProfileLineage,\n} from './types';\nimport { AuthType } from './types';\n\n/**\n * Parse Retry-After header into milliseconds if possible.\n * Supports seconds or HTTP-date formats.\n *\n * @param retryAfterHeader - The Retry-After header value (seconds or HTTP-date)\n * @returns The retry delay in milliseconds, or null if parsing fails\n */\nfunction parseRetryAfter(retryAfterHeader: string | null): number | null {\n if (!retryAfterHeader) {\n return null;\n }\n const seconds = Number(retryAfterHeader);\n if (!Number.isNaN(seconds)) {\n return seconds * 1000;\n }\n const date = Date.parse(retryAfterHeader);\n if (!Number.isNaN(date)) {\n const diff = date - Date.now();\n return diff > 0 ? diff : null;\n }\n return null;\n}\n\n/**\n * Extracts error details from a Response object.\n *\n * @param response - The HTTP response object\n * @returns Formatted error message with HTTP status and response body\n */\nasync function getResponseErrorMessage(response: Response): Promise<string> {\n const { status } = response;\n const clonedResponse = response.clone();\n\n let message = 'Unknown error';\n let error = 'unknown';\n\n try {\n const responseBody = (await response.json()) as\n | ErrorMessage\n // eslint-disable-next-line @typescript-eslint/naming-convention\n | { error_description: string; error: string };\n\n message =\n 'message' in responseBody\n ? responseBody.message\n : responseBody.error_description;\n error = responseBody.error ?? 'unknown';\n } catch {\n try {\n const textContent = await clonedResponse.text();\n message = textContent\n ? textContent.slice(0, 150)\n : 'Non-JSON error response';\n error = 'non_json_response';\n } catch {\n message = 'Unable to parse error response';\n error = 'unparseable_response';\n }\n }\n\n return `HTTP ${status} - ${message} (error: ${error})`;\n}\n\n/**\n * Type guard to check if an object is a Response-like object.\n *\n * @param obj - The object to check\n * @returns True if the object is a Response-like object, false otherwise\n */\nconst isErrorResponse = (obj: unknown): obj is Response =>\n typeof obj === 'object' &&\n obj !== null &&\n 'status' in obj &&\n 'headers' in obj;\n\n/**\n * Throws a domain-specific error for service failures.\n * Handles both HTTP error responses and regular errors (network failures, etc.).\n * For HTTP 429, throws RateLimitedError with Retry-After header parsing.\n *\n * @param error - The error (Response object or caught error)\n * @param errorPrefix - Context prefix for the error message\n * @param ErrorClass - The domain-specific error class to throw\n * @throws RateLimitedError for 429, otherwise ErrorClass\n */\nasync function throwServiceError(\n error: unknown,\n errorPrefix: string,\n ErrorClass: new (message: string) => Error,\n): Promise<never> {\n // Re-throw RateLimitedError or matching ErrorClass as-is (don't double-wrap)\n if (error instanceof RateLimitedError || error instanceof ErrorClass) {\n throw error;\n }\n\n // Not a Response-like object - handle as regular error\n if (!isErrorResponse(error)) {\n const errorMessage = error instanceof Error ? error.message : String(error);\n throw new ErrorClass(`${errorPrefix}: ${errorMessage}`);\n }\n\n // Handle HTTP error response\n const response = error;\n const { status } = response;\n const responseMessage = await getResponseErrorMessage(response);\n\n if (status === HTTP_STATUS_CODES.TOO_MANY_REQUESTS) {\n const retryAfterHeader = response.headers.get('Retry-After');\n const retryAfterMs = parseRetryAfter(retryAfterHeader);\n throw new RateLimitedError(\n `${errorPrefix}: ${responseMessage}`,\n retryAfterMs ?? undefined,\n );\n }\n\n throw new ErrorClass(`${errorPrefix}: ${responseMessage}`);\n}\n\nexport const NONCE_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/nonce`;\n\nexport const PAIR_IDENTIFIERS = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/identifiers/pair`;\n\nexport const OIDC_TOKEN_URL = (env: Env): string =>\n `${getEnvUrls(env).oidcApiUrl}/oauth2/token`;\n\nexport const SRP_LOGIN_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/srp/login`;\n\nexport const SIWE_LOGIN_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/siwe/login`;\n\nexport const PROFILE_LINEAGE_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/profile/lineage`;\n\nconst getAuthenticationUrl = (authType: AuthType, env: Env): string => {\n switch (authType) {\n case AuthType.SRP:\n return SRP_LOGIN_URL(env);\n case AuthType.SiWE:\n return SIWE_LOGIN_URL(env);\n /* istanbul ignore next */\n default:\n throw new ValidationError(\n `Invalid AuthType: ${authType as number} - unable to create Auth URL`,\n );\n }\n};\n\ntype NonceResponse = {\n nonce: string;\n identifier: string;\n expiresIn: number;\n};\n\ntype PairRequest = {\n signature: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n raw_message: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n encrypted_storage_key: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n identifier_type: 'SIWE' | 'SRP';\n};\n\n/**\n * Pair multiple identifiers under a single profile\n *\n * @param nonce - session nonce\n * @param logins - pairing request payload\n * @param accessToken - JWT access token used to access protected resources\n * @param env - server environment\n * @returns void.\n */\nexport async function pairIdentifiers(\n nonce: string,\n logins: PairRequest[],\n accessToken: string,\n env: Env,\n): Promise<void> {\n const pairUrl = new URL(PAIR_IDENTIFIERS(env));\n\n try {\n const response = await fetch(pairUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${accessToken}`,\n },\n body: JSON.stringify({\n nonce,\n logins,\n }),\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n 'Failed to pair identifiers',\n PairError,\n );\n }\n return undefined;\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to pair identifiers',\n PairError,\n );\n }\n}\n\n/**\n * Service to Get Nonce for JWT Bearer Flow\n *\n * @param id - identifier ID\n * @param env - server environment\n * @returns the nonce.\n */\nexport async function getNonce(id: string, env: Env): Promise<NonceResponse> {\n const nonceUrl = new URL(NONCE_URL(env));\n nonceUrl.searchParams.set('identifier', id);\n\n try {\n const nonceResponse = await fetch(nonceUrl.toString());\n if (!nonceResponse.ok) {\n return await throwServiceError(\n nonceResponse,\n 'Failed to get nonce',\n NonceRetrievalError,\n );\n }\n\n const nonceJson = await nonceResponse.json();\n return {\n nonce: nonceJson.nonce,\n identifier: nonceJson.identifier,\n expiresIn: nonceJson.expires_in,\n };\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to get nonce',\n NonceRetrievalError,\n );\n }\n}\n\n/**\n * Service to Authorize And perform OIDC Flow to get the Access Token\n *\n * @param jwtToken - The original token received from Authentication. This is traded for the Access Token. (the authentication token is single-use)\n * @param env - server environment\n * @param platform - SDK platform\n * @returns Access Token from Authorization server\n */\nexport async function authorizeOIDC(\n jwtToken: string,\n env: Env,\n platform: Platform,\n): Promise<AccessToken> {\n const grantType = 'urn:ietf:params:oauth:grant-type:jwt-bearer';\n const headers = {\n 'Content-Type': 'application/x-www-form-urlencoded',\n };\n\n const urlEncodedBody = new URLSearchParams();\n urlEncodedBody.append('grant_type', grantType);\n urlEncodedBody.append('client_id', getOidcClientId(env, platform));\n urlEncodedBody.append('assertion', jwtToken);\n\n try {\n const response = await fetch(OIDC_TOKEN_URL(env), {\n method: 'POST',\n headers,\n body: urlEncodedBody.toString(),\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n 'Failed to get access token',\n SignInError,\n );\n }\n\n const accessTokenResponse = await response.json();\n return {\n accessToken: accessTokenResponse.access_token,\n expiresIn: accessTokenResponse.expires_in,\n obtainedAt: Date.now(),\n };\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to get access token',\n SignInError,\n );\n }\n}\n\ntype Authentication = {\n token: string;\n expiresIn: number;\n profile: UserProfile;\n};\n/**\n * Service to Authenticate/Login a user via SIWE or SRP derived key.\n *\n * @param rawMessage - raw message for validation when authenticating\n * @param signature - signed raw message\n * @param authType - authentication type/flow used\n * @param env - server environment\n * @param metametrics - optional metametrics\n * @returns Authentication Token\n */\nexport async function authenticate(\n rawMessage: string,\n signature: string,\n authType: AuthType,\n env: Env,\n metametrics?: MetaMetricsAuth,\n): Promise<Authentication> {\n const authenticationUrl = getAuthenticationUrl(authType, env);\n\n try {\n const response = await fetch(authenticationUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({\n signature,\n raw_message: rawMessage,\n ...(metametrics\n ? {\n metametrics: {\n metametrics_id: await metametrics.getMetaMetricsId(),\n agent: metametrics.agent,\n },\n }\n : {}),\n }),\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n `Failed to login with ${authType}`,\n SignInError,\n );\n }\n\n const loginResponse = await response.json();\n return {\n token: loginResponse.token,\n expiresIn: loginResponse.expires_in,\n profile: {\n identifierId: loginResponse.profile.identifier_id,\n metaMetricsId: loginResponse.profile.metametrics_id,\n profileId: loginResponse.profile.profile_id,\n },\n };\n } catch (error) {\n return await throwServiceError(\n error,\n `Failed to login with ${authType}`,\n SignInError,\n );\n }\n}\n\n/**\n * Service to get the Profile Lineage\n *\n * @param env - server environment\n * @param accessToken - JWT access token used to access protected resources\n * @returns Profile Lineage information.\n */\nexport async function getUserProfileLineage(\n env: Env,\n accessToken: string,\n): Promise<UserProfileLineage> {\n const profileLineageUrl = new URL(PROFILE_LINEAGE_URL(env));\n\n try {\n const response = await fetch(profileLineageUrl, {\n method: 'GET',\n headers: {\n Authorization: `Bearer ${accessToken}`,\n },\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n 'Failed to get profile lineage',\n SignInError,\n );\n }\n\n const profileJson: UserProfileLineage = await response.json();\n return profileJson;\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to get profile lineage',\n SignInError,\n );\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"services.mjs","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/services.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,6BAAyB;AAE/D,OAAO,EAAE,iBAAiB,EAAE,yBAAqB;AACjD,OAAO,EACL,mBAAmB,EACnB,SAAS,EACT,WAAW,EACX,eAAe,EACf,gBAAgB,EACjB,sBAAkB;AAQnB,OAAO,EAAE,QAAQ,EAAE,oBAAgB;AAEnC;;;;;;GAMG;AACH,SAAS,eAAe,CAAC,gBAA+B;IACtD,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,OAAO,OAAO,GAAG,IAAI,CAAC;IACxB,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC/B,OAAO,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IAChC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,uBAAuB,CAAC,QAAkB;IACvD,MAAM,EAAE,MAAM,EAAE,GAAG,QAAQ,CAAC;IAC5B,MAAM,cAAc,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;IAExC,IAAI,OAAO,GAAG,eAAe,CAAC;IAC9B,IAAI,KAAK,GAAG,SAAS,CAAC;IAEtB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGK,CAAC;QAEjD,OAAO;YACL,SAAS,IAAI,YAAY;gBACvB,CAAC,CAAC,YAAY,CAAC,OAAO;gBACtB,CAAC,CAAC,YAAY,CAAC,iBAAiB,CAAC;QACrC,KAAK,GAAG,YAAY,CAAC,KAAK,IAAI,SAAS,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,CAAC;YAChD,OAAO,GAAG,WAAW;gBACnB,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;gBAC3B,CAAC,CAAC,yBAAyB,CAAC;YAC9B,KAAK,GAAG,mBAAmB,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,GAAG,gCAAgC,CAAC;YAC3C,KAAK,GAAG,sBAAsB,CAAC;QACjC,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,MAAM,MAAM,OAAO,YAAY,KAAK,GAAG,CAAC;AACzD,CAAC;AAED;;;;;GAKG;AACH,MAAM,eAAe,GAAG,CAAC,GAAY,EAAmB,EAAE,CACxD,OAAO,GAAG,KAAK,QAAQ;IACvB,GAAG,KAAK,IAAI;IACZ,QAAQ,IAAI,GAAG;IACf,SAAS,IAAI,GAAG,CAAC;AAEnB;;;;;;;;;GASG;AACH,KAAK,UAAU,iBAAiB,CAC9B,KAAc,EACd,WAAmB,EACnB,UAA0C;IAE1C,6EAA6E;IAC7E,IAAI,KAAK,YAAY,gBAAgB,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;QACrE,MAAM,KAAK,CAAC;IACd,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5E,MAAM,IAAI,UAAU,CAAC,GAAG,WAAW,KAAK,YAAY,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC;IACvB,MAAM,EAAE,MAAM,EAAE,GAAG,QAAQ,CAAC;IAC5B,MAAM,eAAe,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAEhE,IAAI,MAAM,KAAK,iBAAiB,CAAC,iBAAiB,EAAE,CAAC;QACnD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAC7D,MAAM,YAAY,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;QACvD,MAAM,IAAI,gBAAgB,CACxB,GAAG,WAAW,KAAK,eAAe,EAAE,EACpC,YAAY,IAAI,SAAS,CAC1B,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,UAAU,CAAC,GAAG,WAAW,KAAK,eAAe,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,GAAQ,EAAU,EAAE,CAC5C,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,eAAe,CAAC;AAE/C,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,GAAQ,EAAU,EAAE,CACnD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,0BAA0B,CAAC;AAE1D,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,GAAQ,EAAU,EAAE,CACjD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,eAAe,CAAC;AAE/C,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,GAAQ,EAAU,EAAE,CAChD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,mBAAmB,CAAC;AAEnD,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,GAAQ,EAAU,EAAE,CACjD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,oBAAoB,CAAC;AAEpD,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,GAAQ,EAAU,EAAE,CACpD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,sBAAsB,CAAC;AAEtD,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,GAAQ,EAAU,EAAE,CACtD,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,UAAU,yBAAyB,CAAC;AAEzD,MAAM,oBAAoB,GAAG,CAAC,QAAkB,EAAE,GAAQ,EAAU,EAAE;IACpE,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ,CAAC,GAAG;YACf,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;QAC5B,KAAK,QAAQ,CAAC,IAAI;YAChB,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC;QAC7B,0BAA0B;QAC1B;YACE,MAAM,IAAI,eAAe,CACvB,qBAAqB,QAAkB,8BAA8B,CACtE,CAAC;IACN,CAAC;AACH,CAAC,CAAC;AAiBF,MAAM,mBAAmB,GAAG,CAAC,GAAsB,EAAkB,EAAE;IACrE,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACzB,cAAc,EAAE,KAAK,CAAC,gBAAgB;QACtC,kBAAkB,EAAE,KAAK,CAAC,oBAAoB;QAC9C,aAAa,EAAE,KAAK,CAAC,cAAc,IAAI,EAAE;KAC1C,CAAC,CAAC,CAAC;AACN,CAAC,CAAC;AAYF;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,KAAa,EACb,MAAqB,EACrB,WAAmB,EACnB,GAAQ;IAER,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAE/C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;YACpC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,WAAW,EAAE;aACvC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK;gBACL,MAAM;aACP,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,4BAA4B,EAC5B,SAAS,CACV,CAAC;QACJ,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,4BAA4B,EAC5B,SAAS,CACV,CAAC;IACJ,CAAC;AACH,CAAC;AAOD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,YAAsB,EACtB,eAAuB,EACvB,GAAQ;IAER,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC;IAEhD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;YACpC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,eAAe,EAAE;aAC3C;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,IAAI,EAAE,YAAY;aACnB,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,yBAAyB,EACzB,SAAS,CACV,CAAC;QACJ,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAE3C,OAAO;YACL,OAAO,EAAE;gBACP,YAAY,EAAE,YAAY,CAAC,OAAO,CAAC,aAAa;gBAChD,aAAa,EAAE,YAAY,CAAC,OAAO,CAAC,cAAc,IAAI,EAAE;gBACxD,SAAS,EAAE,YAAY,CAAC,OAAO,CAAC,UAAU;gBAC1C,kBAAkB,EAAE,YAAY,CAAC,OAAO,CAAC,UAAU;aACpD;YACD,cAAc,EAAE,mBAAmB,CAAC,YAAY,CAAC,eAAe,IAAI,EAAE,CAAC;SACxE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAAC,KAAK,EAAE,yBAAyB,EAAE,SAAS,CAAC,CAAC;IAC9E,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,EAAU,EAAE,GAAQ;IACjD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;IACzC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IAE5C,IAAI,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;QACvD,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,CAAC;YACtB,OAAO,MAAM,iBAAiB,CAC5B,aAAa,EACb,qBAAqB,EACrB,mBAAmB,CACpB,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,CAAC;QAC7C,OAAO;YACL,KAAK,EAAE,SAAS,CAAC,KAAK;YACtB,UAAU,EAAE,SAAS,CAAC,UAAU;YAChC,SAAS,EAAE,SAAS,CAAC,UAAU;SAChC,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,qBAAqB,EACrB,mBAAmB,CACpB,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,QAAgB,EAChB,GAAQ,EACR,QAAkB;IAElB,MAAM,SAAS,GAAG,6CAA6C,CAAC;IAChE,MAAM,OAAO,GAAG;QACd,cAAc,EAAE,mCAAmC;KACpD,CAAC;IAEF,MAAM,cAAc,GAAG,IAAI,eAAe,EAAE,CAAC;IAC7C,cAAc,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAC/C,cAAc,CAAC,MAAM,CAAC,WAAW,EAAE,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;IACnE,cAAc,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAE7C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;YAChD,MAAM,EAAE,MAAM;YACd,OAAO;YACP,IAAI,EAAE,cAAc,CAAC,QAAQ,EAAE;SAChC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,4BAA4B,EAC5B,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAClD,OAAO;YACL,WAAW,EAAE,mBAAmB,CAAC,YAAY;YAC7C,SAAS,EAAE,mBAAmB,CAAC,UAAU;YACzC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;SACvB,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,4BAA4B,EAC5B,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC;AAQD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,UAAkB,EAClB,SAAiB,EACjB,QAAkB,EAClB,GAAQ,EACR,WAA6B;IAE7B,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAE9D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,iBAAiB,EAAE;YAC9C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,GAAG;oBAC3B,CAAC,CAAC,EAAE,4BAA4B,EAAE,SAAS,EAAE;oBAC7C,CAAC,CAAC,EAAE,CAAC;aACR;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,SAAS;gBACT,WAAW,EAAE,UAAU;gBACvB,GAAG,CAAC,WAAW;oBACb,CAAC,CAAC;wBACE,WAAW,EAAE;4BACX,cAAc,EAAE,MAAM,WAAW,CAAC,gBAAgB,EAAE;4BACpD,KAAK,EAAE,WAAW,CAAC,KAAK;yBACzB;qBACF;oBACH,CAAC,CAAC,EAAE,CAAC;aACR,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,wBAAwB,QAAQ,EAAE,EAClC,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAE5C,OAAO;YACL,KAAK,EAAE,aAAa,CAAC,KAAK;YAC1B,SAAS,EAAE,aAAa,CAAC,UAAU;YACnC,OAAO,EAAE;gBACP,YAAY,EAAE,aAAa,CAAC,OAAO,CAAC,aAAa;gBACjD,aAAa,EAAE,aAAa,CAAC,OAAO,CAAC,cAAc;gBACnD,SAAS,EAAE,aAAa,CAAC,OAAO,CAAC,UAAU;gBAC3C,kBAAkB,EAAE,aAAa,CAAC,OAAO,CAAC,UAAU;aACrD;YACD,cAAc,EAAE,mBAAmB,CAAC,aAAa,CAAC,eAAe,IAAI,EAAE,CAAC;SACzE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,wBAAwB,QAAQ,EAAE,EAClC,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,GAAQ,EACR,WAAmB;IAEnB,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC;IAE5D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,iBAAiB,EAAE;YAC9C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,WAAW,EAAE;aACvC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,MAAM,iBAAiB,CAC5B,QAAQ,EACR,+BAA+B,EAC/B,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAuB,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC9D,OAAO,WAAW,CAAC;IACrB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,MAAM,iBAAiB,CAC5B,KAAK,EACL,+BAA+B,EAC/B,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC","sourcesContent":["import type { Env, Platform } from '../../shared/env';\nimport { getEnvUrls, getOidcClientId } from '../../shared/env';\nimport type { MetaMetricsAuth } from '../../shared/types/services';\nimport { HTTP_STATUS_CODES } from '../constants';\nimport {\n NonceRetrievalError,\n PairError,\n SignInError,\n ValidationError,\n RateLimitedError,\n} from '../errors';\nimport type {\n AccessToken,\n ErrorMessage,\n ProfileAlias,\n UserProfile,\n UserProfileLineage,\n} from './types';\nimport { AuthType } from './types';\n\n/**\n * Parse Retry-After header into milliseconds if possible.\n * Supports seconds or HTTP-date formats.\n *\n * @param retryAfterHeader - The Retry-After header value (seconds or HTTP-date)\n * @returns The retry delay in milliseconds, or null if parsing fails\n */\nfunction parseRetryAfter(retryAfterHeader: string | null): number | null {\n if (!retryAfterHeader) {\n return null;\n }\n const seconds = Number(retryAfterHeader);\n if (!Number.isNaN(seconds)) {\n return seconds * 1000;\n }\n const date = Date.parse(retryAfterHeader);\n if (!Number.isNaN(date)) {\n const diff = date - Date.now();\n return diff > 0 ? diff : null;\n }\n return null;\n}\n\n/**\n * Extracts error details from a Response object.\n *\n * @param response - The HTTP response object\n * @returns Formatted error message with HTTP status and response body\n */\nasync function getResponseErrorMessage(response: Response): Promise<string> {\n const { status } = response;\n const clonedResponse = response.clone();\n\n let message = 'Unknown error';\n let error = 'unknown';\n\n try {\n const responseBody = (await response.json()) as\n | ErrorMessage\n // eslint-disable-next-line @typescript-eslint/naming-convention\n | { error_description: string; error: string };\n\n message =\n 'message' in responseBody\n ? responseBody.message\n : responseBody.error_description;\n error = responseBody.error ?? 'unknown';\n } catch {\n try {\n const textContent = await clonedResponse.text();\n message = textContent\n ? textContent.slice(0, 150)\n : 'Non-JSON error response';\n error = 'non_json_response';\n } catch {\n message = 'Unable to parse error response';\n error = 'unparseable_response';\n }\n }\n\n return `HTTP ${status} - ${message} (error: ${error})`;\n}\n\n/**\n * Type guard to check if an object is a Response-like object.\n *\n * @param obj - The object to check\n * @returns True if the object is a Response-like object, false otherwise\n */\nconst isErrorResponse = (obj: unknown): obj is Response =>\n typeof obj === 'object' &&\n obj !== null &&\n 'status' in obj &&\n 'headers' in obj;\n\n/**\n * Throws a domain-specific error for service failures.\n * Handles both HTTP error responses and regular errors (network failures, etc.).\n * For HTTP 429, throws RateLimitedError with Retry-After header parsing.\n *\n * @param error - The error (Response object or caught error)\n * @param errorPrefix - Context prefix for the error message\n * @param ErrorClass - The domain-specific error class to throw\n * @throws RateLimitedError for 429, otherwise ErrorClass\n */\nasync function throwServiceError(\n error: unknown,\n errorPrefix: string,\n ErrorClass: new (message: string) => Error,\n): Promise<never> {\n // Re-throw RateLimitedError or matching ErrorClass as-is (don't double-wrap)\n if (error instanceof RateLimitedError || error instanceof ErrorClass) {\n throw error;\n }\n\n // Not a Response-like object - handle as regular error\n if (!isErrorResponse(error)) {\n const errorMessage = error instanceof Error ? error.message : String(error);\n throw new ErrorClass(`${errorPrefix}: ${errorMessage}`);\n }\n\n // Handle HTTP error response\n const response = error;\n const { status } = response;\n const responseMessage = await getResponseErrorMessage(response);\n\n if (status === HTTP_STATUS_CODES.TOO_MANY_REQUESTS) {\n const retryAfterHeader = response.headers.get('Retry-After');\n const retryAfterMs = parseRetryAfter(retryAfterHeader);\n throw new RateLimitedError(\n `${errorPrefix}: ${responseMessage}`,\n retryAfterMs ?? undefined,\n );\n }\n\n throw new ErrorClass(`${errorPrefix}: ${responseMessage}`);\n}\n\nexport const NONCE_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/nonce`;\n\nexport const PAIR_IDENTIFIERS = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/identifiers/pair`;\n\nexport const OIDC_TOKEN_URL = (env: Env): string =>\n `${getEnvUrls(env).oidcApiUrl}/oauth2/token`;\n\nexport const SRP_LOGIN_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/srp/login`;\n\nexport const SIWE_LOGIN_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/siwe/login`;\n\nexport const PAIR_PROFILES_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/profile/pair`;\n\nexport const PROFILE_LINEAGE_URL = (env: Env): string =>\n `${getEnvUrls(env).authApiUrl}/api/v2/profile/lineage`;\n\nconst getAuthenticationUrl = (authType: AuthType, env: Env): string => {\n switch (authType) {\n case AuthType.SRP:\n return SRP_LOGIN_URL(env);\n case AuthType.SiWE:\n return SIWE_LOGIN_URL(env);\n /* istanbul ignore next */\n default:\n throw new ValidationError(\n `Invalid AuthType: ${authType as number} - unable to create Auth URL`,\n );\n }\n};\n\ntype NonceResponse = {\n nonce: string;\n identifier: string;\n expiresIn: number;\n};\n\ntype RawProfileAlias = {\n // eslint-disable-next-line @typescript-eslint/naming-convention\n alias_profile_id: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n canonical_profile_id: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n identifier_ids: { id: string; type: string }[];\n};\n\nconst parseProfileAliases = (raw: RawProfileAlias[]): ProfileAlias[] => {\n return raw.map((alias) => ({\n aliasProfileId: alias.alias_profile_id,\n canonicalProfileId: alias.canonical_profile_id,\n identifierIds: alias.identifier_ids ?? [],\n }));\n};\n\ntype PairRequest = {\n signature: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n raw_message: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n encrypted_storage_key: string;\n // eslint-disable-next-line @typescript-eslint/naming-convention\n identifier_type: 'SIWE' | 'SRP';\n};\n\n/**\n * Pair multiple identifiers under a single profile\n *\n * @param nonce - session nonce\n * @param logins - pairing request payload\n * @param accessToken - JWT access token used to access protected resources\n * @param env - server environment\n * @returns void.\n */\nexport async function pairIdentifiers(\n nonce: string,\n logins: PairRequest[],\n accessToken: string,\n env: Env,\n): Promise<void> {\n const pairUrl = new URL(PAIR_IDENTIFIERS(env));\n\n try {\n const response = await fetch(pairUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${accessToken}`,\n },\n body: JSON.stringify({\n nonce,\n logins,\n }),\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n 'Failed to pair identifiers',\n PairError,\n );\n }\n return undefined;\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to pair identifiers',\n PairError,\n );\n }\n}\n\nexport type PairProfilesResponse = {\n profile: UserProfile;\n profileAliases: ProfileAlias[];\n};\n\n/**\n * Pair multiple profiles using their OIDC access tokens.\n * Idempotent — calling with already-paired tokens is a no-op.\n *\n * @param accessTokens - Two or more OIDC access tokens to pair\n * @param authAccessToken - A valid access token for the Authorization header\n * @param env - server environment\n * @returns The pair response containing the canonical profile and aliases\n */\nexport async function pairProfiles(\n accessTokens: string[],\n authAccessToken: string,\n env: Env,\n): Promise<PairProfilesResponse> {\n const pairUrl = new URL(PAIR_PROFILES_URL(env));\n\n try {\n const response = await fetch(pairUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n Authorization: `Bearer ${authAccessToken}`,\n },\n body: JSON.stringify({\n jwts: accessTokens,\n }),\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n 'Failed to pair profiles',\n PairError,\n );\n }\n\n const pairResponse = await response.json();\n\n return {\n profile: {\n identifierId: pairResponse.profile.identifier_id,\n metaMetricsId: pairResponse.profile.metametrics_id ?? '',\n profileId: pairResponse.profile.profile_id,\n canonicalProfileId: pairResponse.profile.profile_id,\n },\n profileAliases: parseProfileAliases(pairResponse.profile_aliases ?? []),\n };\n } catch (error) {\n return await throwServiceError(error, 'Failed to pair profiles', PairError);\n }\n}\n\n/**\n * Service to Get Nonce for JWT Bearer Flow\n *\n * @param id - identifier ID\n * @param env - server environment\n * @returns the nonce.\n */\nexport async function getNonce(id: string, env: Env): Promise<NonceResponse> {\n const nonceUrl = new URL(NONCE_URL(env));\n nonceUrl.searchParams.set('identifier', id);\n\n try {\n const nonceResponse = await fetch(nonceUrl.toString());\n if (!nonceResponse.ok) {\n return await throwServiceError(\n nonceResponse,\n 'Failed to get nonce',\n NonceRetrievalError,\n );\n }\n\n const nonceJson = await nonceResponse.json();\n return {\n nonce: nonceJson.nonce,\n identifier: nonceJson.identifier,\n expiresIn: nonceJson.expires_in,\n };\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to get nonce',\n NonceRetrievalError,\n );\n }\n}\n\n/**\n * Service to Authorize And perform OIDC Flow to get the Access Token\n *\n * @param jwtToken - The original token received from Authentication. This is traded for the Access Token. (the authentication token is single-use)\n * @param env - server environment\n * @param platform - SDK platform\n * @returns Access Token from Authorization server\n */\nexport async function authorizeOIDC(\n jwtToken: string,\n env: Env,\n platform: Platform,\n): Promise<AccessToken> {\n const grantType = 'urn:ietf:params:oauth:grant-type:jwt-bearer';\n const headers = {\n 'Content-Type': 'application/x-www-form-urlencoded',\n };\n\n const urlEncodedBody = new URLSearchParams();\n urlEncodedBody.append('grant_type', grantType);\n urlEncodedBody.append('client_id', getOidcClientId(env, platform));\n urlEncodedBody.append('assertion', jwtToken);\n\n try {\n const response = await fetch(OIDC_TOKEN_URL(env), {\n method: 'POST',\n headers,\n body: urlEncodedBody.toString(),\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n 'Failed to get access token',\n SignInError,\n );\n }\n\n const accessTokenResponse = await response.json();\n return {\n accessToken: accessTokenResponse.access_token,\n expiresIn: accessTokenResponse.expires_in,\n obtainedAt: Date.now(),\n };\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to get access token',\n SignInError,\n );\n }\n}\n\ntype Authentication = {\n token: string;\n expiresIn: number;\n profile: UserProfile;\n profileAliases: ProfileAlias[];\n};\n/**\n * Service to Authenticate/Login a user via SIWE or SRP derived key.\n *\n * @param rawMessage - raw message for validation when authenticating\n * @param signature - signed raw message\n * @param authType - authentication type/flow used\n * @param env - server environment\n * @param metametrics - optional metametrics\n * @returns Authentication Token\n */\nexport async function authenticate(\n rawMessage: string,\n signature: string,\n authType: AuthType,\n env: Env,\n metametrics?: MetaMetricsAuth,\n): Promise<Authentication> {\n const authenticationUrl = getAuthenticationUrl(authType, env);\n\n try {\n const response = await fetch(authenticationUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n ...(authType === AuthType.SRP\n ? { 'X-MetaMask-Profile-Pairing': 'enabled' }\n : {}),\n },\n body: JSON.stringify({\n signature,\n raw_message: rawMessage,\n ...(metametrics\n ? {\n metametrics: {\n metametrics_id: await metametrics.getMetaMetricsId(),\n agent: metametrics.agent,\n },\n }\n : {}),\n }),\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n `Failed to login with ${authType}`,\n SignInError,\n );\n }\n\n const loginResponse = await response.json();\n\n return {\n token: loginResponse.token,\n expiresIn: loginResponse.expires_in,\n profile: {\n identifierId: loginResponse.profile.identifier_id,\n metaMetricsId: loginResponse.profile.metametrics_id,\n profileId: loginResponse.profile.profile_id,\n canonicalProfileId: loginResponse.profile.profile_id,\n },\n profileAliases: parseProfileAliases(loginResponse.profile_aliases ?? []),\n };\n } catch (error) {\n return await throwServiceError(\n error,\n `Failed to login with ${authType}`,\n SignInError,\n );\n }\n}\n\n/**\n * Service to get the Profile Lineage\n *\n * @param env - server environment\n * @param accessToken - JWT access token used to access protected resources\n * @returns Profile Lineage information.\n */\nexport async function getUserProfileLineage(\n env: Env,\n accessToken: string,\n): Promise<UserProfileLineage> {\n const profileLineageUrl = new URL(PROFILE_LINEAGE_URL(env));\n\n try {\n const response = await fetch(profileLineageUrl, {\n method: 'GET',\n headers: {\n Authorization: `Bearer ${accessToken}`,\n },\n });\n\n if (!response.ok) {\n return await throwServiceError(\n response,\n 'Failed to get profile lineage',\n SignInError,\n );\n }\n\n const profileJson: UserProfileLineage = await response.json();\n return profileJson;\n } catch (error) {\n return await throwServiceError(\n error,\n 'Failed to get profile lineage',\n SignInError,\n );\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.cjs","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":";;;AAEA,IAAY,QAOX;AAPD,WAAY,QAAQ;IAClB;+DAC2D;IAC3D,uBAAW,CAAA;IAEX,2BAA2B;IAC3B,yBAAa,CAAA;AACf,CAAC,EAPW,QAAQ,wBAAR,QAAQ,QAOnB","sourcesContent":["import type { Env, Platform } from '../../shared/env';\n\nexport enum AuthType {\n /* sign in using a private key derived from your secret recovery phrase (SRP).\n Uses message signing snap to perform this operation */\n SRP = 'SRP',\n\n /* sign in with Ethereum */\n SiWE = 'SiWE',\n}\n\nexport type AuthConfig = {\n env: Env;\n platform: Platform;\n type: AuthType;\n};\n\nexport type AccessToken = {\n /**\n * The JWT Access Token\n */\n accessToken: string;\n /**\n * Expiration in seconds\n */\n expiresIn: number;\n /**\n * Date in milliseconds\n */\n obtainedAt: number;\n};\n\nexport type UserProfile = {\n /**\n * The \"Identifier\" used to log in with.\n */\n identifierId: string;\n /**\n * The
|
|
1
|
+
{"version":3,"file":"types.cjs","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":";;;AAEA,IAAY,QAOX;AAPD,WAAY,QAAQ;IAClB;+DAC2D;IAC3D,uBAAW,CAAA;IAEX,2BAA2B;IAC3B,yBAAa,CAAA;AACf,CAAC,EAPW,QAAQ,wBAAR,QAAQ,QAOnB","sourcesContent":["import type { Env, Platform } from '../../shared/env';\n\nexport enum AuthType {\n /* sign in using a private key derived from your secret recovery phrase (SRP).\n Uses message signing snap to perform this operation */\n SRP = 'SRP',\n\n /* sign in with Ethereum */\n SiWE = 'SiWE',\n}\n\nexport type AuthConfig = {\n env: Env;\n platform: Platform;\n type: AuthType;\n};\n\nexport type AccessToken = {\n /**\n * The JWT Access Token\n */\n accessToken: string;\n /**\n * Expiration in seconds\n */\n expiresIn: number;\n /**\n * Date in milliseconds\n */\n obtainedAt: number;\n};\n\nexport type UserProfile = {\n /**\n * The \"Identifier\" used to log in with.\n */\n identifierId: string;\n /**\n * The original per-SRP profile ID. Immutable after first login.\n * Used for user storage key derivation — MUST NOT be replaced with the canonical.\n */\n profileId: string;\n /**\n * The unified canonical profile ID across all paired SRPs.\n * Set from the server response and updated after pairing via canonical propagation.\n * For pre-upgrade state, defaults to profileId.\n */\n canonicalProfileId: string;\n /**\n * Server MetaMetrics ID. Allows grouping of user events cross platform.\n */\n metaMetricsId: string;\n};\n\n/**\n * Represents a profile alias returned by the server in profile_aliases.\n * Transient — this is not persisted in LoginResponse or srpSessionData.\n */\nexport type ProfileAlias = {\n aliasProfileId: string;\n canonicalProfileId: string;\n identifierIds: { id: string; type: string }[];\n};\n\nexport type LoginResponse = {\n token: AccessToken;\n profile: UserProfile;\n};\n\nexport type IBaseAuth = {\n // TODO: figure out if these need the entropy source id param or if that can be abstracted on another layer\n getAccessToken: (entropySourceId?: string) => Promise<string>;\n getUserProfile: (entropySourceId?: string) => Promise<UserProfile>;\n getIdentifier: (entropySourceId?: string) => Promise<string>;\n signMessage: (message: string, entropySourceId?: string) => Promise<string>;\n};\n\nexport type AuthStorageOptions = {\n // TODO: figure out if these need the entropy source id param or if that can be abstracted on another layer\n getLoginResponse: (entropySourceId?: string) => Promise<LoginResponse | null>;\n setLoginResponse: (\n val: LoginResponse,\n entropySourceId?: string,\n ) => Promise<void>;\n};\n\nexport type AuthSigningOptions = {\n // TODO: figure out if these need the entropy source id param or if that can be abstracted on another layer\n signMessage: (message: string, entropySourceId?: string) => Promise<string>;\n getIdentifier: (entropySourceId?: string) => Promise<string>;\n};\n\nexport type ErrorMessage = {\n message: string;\n error: string;\n};\n\nexport type Pair = {\n identifier: string;\n encryptedStorageKey: string;\n identifierType: 'SIWE' | 'SRP';\n signMessage: (message: string) => Promise<string>;\n};\n\nexport type UserProfileLineage = {\n profile_id: string;\n created_at: string;\n lineage: {\n metametrics_id: string;\n agent: Platform;\n created_at: string;\n updated_at: string;\n counter: number;\n }[];\n};\n"]}
|
|
@@ -28,14 +28,33 @@ export type UserProfile = {
|
|
|
28
28
|
*/
|
|
29
29
|
identifierId: string;
|
|
30
30
|
/**
|
|
31
|
-
* The
|
|
31
|
+
* The original per-SRP profile ID. Immutable after first login.
|
|
32
|
+
* Used for user storage key derivation — MUST NOT be replaced with the canonical.
|
|
32
33
|
*/
|
|
33
34
|
profileId: string;
|
|
35
|
+
/**
|
|
36
|
+
* The unified canonical profile ID across all paired SRPs.
|
|
37
|
+
* Set from the server response and updated after pairing via canonical propagation.
|
|
38
|
+
* For pre-upgrade state, defaults to profileId.
|
|
39
|
+
*/
|
|
40
|
+
canonicalProfileId: string;
|
|
34
41
|
/**
|
|
35
42
|
* Server MetaMetrics ID. Allows grouping of user events cross platform.
|
|
36
43
|
*/
|
|
37
44
|
metaMetricsId: string;
|
|
38
45
|
};
|
|
46
|
+
/**
|
|
47
|
+
* Represents a profile alias returned by the server in profile_aliases.
|
|
48
|
+
* Transient — this is not persisted in LoginResponse or srpSessionData.
|
|
49
|
+
*/
|
|
50
|
+
export type ProfileAlias = {
|
|
51
|
+
aliasProfileId: string;
|
|
52
|
+
canonicalProfileId: string;
|
|
53
|
+
identifierIds: {
|
|
54
|
+
id: string;
|
|
55
|
+
type: string;
|
|
56
|
+
}[];
|
|
57
|
+
};
|
|
39
58
|
export type LoginResponse = {
|
|
40
59
|
token: AccessToken;
|
|
41
60
|
profile: UserProfile;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.cts","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,6BAAyB;AAEtD,oBAAY,QAAQ;IAGlB,GAAG,QAAQ;IAGX,IAAI,SAAS;CACd;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,GAAG,EAAE,GAAG,CAAC;IACT,QAAQ,EAAE,QAAQ,CAAC;IACnB,IAAI,EAAE,QAAQ,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB
|
|
1
|
+
{"version":3,"file":"types.d.cts","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,6BAAyB;AAEtD,oBAAY,QAAQ;IAGlB,GAAG,QAAQ;IAGX,IAAI,SAAS;CACd;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,GAAG,EAAE,GAAG,CAAC;IACT,QAAQ,EAAE,QAAQ,CAAC;IACnB,IAAI,EAAE,QAAQ,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB;;;;OAIG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;CAC/C,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,KAAK,EAAE,WAAW,CAAC;IACnB,OAAO,EAAE,WAAW,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IAEtB,cAAc,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC9D,cAAc,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;IACnE,aAAa,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7D,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CAC7E,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAE/B,gBAAgB,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IAC9E,gBAAgB,EAAE,CAChB,GAAG,EAAE,aAAa,EAClB,eAAe,CAAC,EAAE,MAAM,KACrB,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAE/B,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5E,aAAa,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CAC9D,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,IAAI,GAAG;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,cAAc,EAAE,MAAM,GAAG,KAAK,CAAC;IAC/B,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CACnD,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE;QACP,cAAc,EAAE,MAAM,CAAC;QACvB,KAAK,EAAE,QAAQ,CAAC;QAChB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC;KACjB,EAAE,CAAC;CACL,CAAC"}
|
|
@@ -28,14 +28,33 @@ export type UserProfile = {
|
|
|
28
28
|
*/
|
|
29
29
|
identifierId: string;
|
|
30
30
|
/**
|
|
31
|
-
* The
|
|
31
|
+
* The original per-SRP profile ID. Immutable after first login.
|
|
32
|
+
* Used for user storage key derivation — MUST NOT be replaced with the canonical.
|
|
32
33
|
*/
|
|
33
34
|
profileId: string;
|
|
35
|
+
/**
|
|
36
|
+
* The unified canonical profile ID across all paired SRPs.
|
|
37
|
+
* Set from the server response and updated after pairing via canonical propagation.
|
|
38
|
+
* For pre-upgrade state, defaults to profileId.
|
|
39
|
+
*/
|
|
40
|
+
canonicalProfileId: string;
|
|
34
41
|
/**
|
|
35
42
|
* Server MetaMetrics ID. Allows grouping of user events cross platform.
|
|
36
43
|
*/
|
|
37
44
|
metaMetricsId: string;
|
|
38
45
|
};
|
|
46
|
+
/**
|
|
47
|
+
* Represents a profile alias returned by the server in profile_aliases.
|
|
48
|
+
* Transient — this is not persisted in LoginResponse or srpSessionData.
|
|
49
|
+
*/
|
|
50
|
+
export type ProfileAlias = {
|
|
51
|
+
aliasProfileId: string;
|
|
52
|
+
canonicalProfileId: string;
|
|
53
|
+
identifierIds: {
|
|
54
|
+
id: string;
|
|
55
|
+
type: string;
|
|
56
|
+
}[];
|
|
57
|
+
};
|
|
39
58
|
export type LoginResponse = {
|
|
40
59
|
token: AccessToken;
|
|
41
60
|
profile: UserProfile;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.mts","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,6BAAyB;AAEtD,oBAAY,QAAQ;IAGlB,GAAG,QAAQ;IAGX,IAAI,SAAS;CACd;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,GAAG,EAAE,GAAG,CAAC;IACT,QAAQ,EAAE,QAAQ,CAAC;IACnB,IAAI,EAAE,QAAQ,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB
|
|
1
|
+
{"version":3,"file":"types.d.mts","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,6BAAyB;AAEtD,oBAAY,QAAQ;IAGlB,GAAG,QAAQ;IAGX,IAAI,SAAS;CACd;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,GAAG,EAAE,GAAG,CAAC;IACT,QAAQ,EAAE,QAAQ,CAAC;IACnB,IAAI,EAAE,QAAQ,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB;;;;OAIG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAC3B;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;CAC/C,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,KAAK,EAAE,WAAW,CAAC;IACnB,OAAO,EAAE,WAAW,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IAEtB,cAAc,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC9D,cAAc,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;IACnE,aAAa,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7D,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CAC7E,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAE/B,gBAAgB,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC;IAC9E,gBAAgB,EAAE,CAChB,GAAG,EAAE,aAAa,EAClB,eAAe,CAAC,EAAE,MAAM,KACrB,OAAO,CAAC,IAAI,CAAC,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAE/B,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5E,aAAa,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CAC9D,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,IAAI,GAAG;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,cAAc,EAAE,MAAM,GAAG,KAAK,CAAC;IAC/B,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CACnD,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE;QACP,cAAc,EAAE,MAAM,CAAC;QACvB,KAAK,EAAE,QAAQ,CAAC;QAChB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC;KACjB,EAAE,CAAC;CACL,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.mjs","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":"AAEA,MAAM,CAAN,IAAY,QAOX;AAPD,WAAY,QAAQ;IAClB;+DAC2D;IAC3D,uBAAW,CAAA;IAEX,2BAA2B;IAC3B,yBAAa,CAAA;AACf,CAAC,EAPW,QAAQ,KAAR,QAAQ,QAOnB","sourcesContent":["import type { Env, Platform } from '../../shared/env';\n\nexport enum AuthType {\n /* sign in using a private key derived from your secret recovery phrase (SRP).\n Uses message signing snap to perform this operation */\n SRP = 'SRP',\n\n /* sign in with Ethereum */\n SiWE = 'SiWE',\n}\n\nexport type AuthConfig = {\n env: Env;\n platform: Platform;\n type: AuthType;\n};\n\nexport type AccessToken = {\n /**\n * The JWT Access Token\n */\n accessToken: string;\n /**\n * Expiration in seconds\n */\n expiresIn: number;\n /**\n * Date in milliseconds\n */\n obtainedAt: number;\n};\n\nexport type UserProfile = {\n /**\n * The \"Identifier\" used to log in with.\n */\n identifierId: string;\n /**\n * The
|
|
1
|
+
{"version":3,"file":"types.mjs","sourceRoot":"","sources":["../../../src/sdk/authentication-jwt-bearer/types.ts"],"names":[],"mappings":"AAEA,MAAM,CAAN,IAAY,QAOX;AAPD,WAAY,QAAQ;IAClB;+DAC2D;IAC3D,uBAAW,CAAA;IAEX,2BAA2B;IAC3B,yBAAa,CAAA;AACf,CAAC,EAPW,QAAQ,KAAR,QAAQ,QAOnB","sourcesContent":["import type { Env, Platform } from '../../shared/env';\n\nexport enum AuthType {\n /* sign in using a private key derived from your secret recovery phrase (SRP).\n Uses message signing snap to perform this operation */\n SRP = 'SRP',\n\n /* sign in with Ethereum */\n SiWE = 'SiWE',\n}\n\nexport type AuthConfig = {\n env: Env;\n platform: Platform;\n type: AuthType;\n};\n\nexport type AccessToken = {\n /**\n * The JWT Access Token\n */\n accessToken: string;\n /**\n * Expiration in seconds\n */\n expiresIn: number;\n /**\n * Date in milliseconds\n */\n obtainedAt: number;\n};\n\nexport type UserProfile = {\n /**\n * The \"Identifier\" used to log in with.\n */\n identifierId: string;\n /**\n * The original per-SRP profile ID. Immutable after first login.\n * Used for user storage key derivation — MUST NOT be replaced with the canonical.\n */\n profileId: string;\n /**\n * The unified canonical profile ID across all paired SRPs.\n * Set from the server response and updated after pairing via canonical propagation.\n * For pre-upgrade state, defaults to profileId.\n */\n canonicalProfileId: string;\n /**\n * Server MetaMetrics ID. Allows grouping of user events cross platform.\n */\n metaMetricsId: string;\n};\n\n/**\n * Represents a profile alias returned by the server in profile_aliases.\n * Transient — this is not persisted in LoginResponse or srpSessionData.\n */\nexport type ProfileAlias = {\n aliasProfileId: string;\n canonicalProfileId: string;\n identifierIds: { id: string; type: string }[];\n};\n\nexport type LoginResponse = {\n token: AccessToken;\n profile: UserProfile;\n};\n\nexport type IBaseAuth = {\n // TODO: figure out if these need the entropy source id param or if that can be abstracted on another layer\n getAccessToken: (entropySourceId?: string) => Promise<string>;\n getUserProfile: (entropySourceId?: string) => Promise<UserProfile>;\n getIdentifier: (entropySourceId?: string) => Promise<string>;\n signMessage: (message: string, entropySourceId?: string) => Promise<string>;\n};\n\nexport type AuthStorageOptions = {\n // TODO: figure out if these need the entropy source id param or if that can be abstracted on another layer\n getLoginResponse: (entropySourceId?: string) => Promise<LoginResponse | null>;\n setLoginResponse: (\n val: LoginResponse,\n entropySourceId?: string,\n ) => Promise<void>;\n};\n\nexport type AuthSigningOptions = {\n // TODO: figure out if these need the entropy source id param or if that can be abstracted on another layer\n signMessage: (message: string, entropySourceId?: string) => Promise<string>;\n getIdentifier: (entropySourceId?: string) => Promise<string>;\n};\n\nexport type ErrorMessage = {\n message: string;\n error: string;\n};\n\nexport type Pair = {\n identifier: string;\n encryptedStorageKey: string;\n identifierType: 'SIWE' | 'SRP';\n signMessage: (message: string) => Promise<string>;\n};\n\nexport type UserProfileLineage = {\n profile_id: string;\n created_at: string;\n lineage: {\n metametrics_id: string;\n agent: Platform;\n created_at: string;\n updated_at: string;\n counter: number;\n }[];\n};\n"]}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.computeIdentifierId = exports.IDENTIFIER_SALT = void 0;
|
|
4
|
+
const encryption_1 = require("../../../shared/encryption/index.cjs");
|
|
5
|
+
exports.IDENTIFIER_SALT = {
|
|
6
|
+
dev: 'Baiche1eu8Oa2een5ieReul0Phooph4e',
|
|
7
|
+
uat: 'wooG2Nahd4juviiw7cooxa7ekaeNgeik',
|
|
8
|
+
prd: 'oCheThi4lohv5choGhuosh1aiT2phioF',
|
|
9
|
+
};
|
|
10
|
+
/**
|
|
11
|
+
* Computes a deterministic identifier ID by hashing a public key with an
|
|
12
|
+
* environment-specific salt. Matches the server-side formula:
|
|
13
|
+
* SHA256(publicKey + salt).
|
|
14
|
+
*
|
|
15
|
+
* @param publicKey - The raw SRP public key
|
|
16
|
+
* @param env - The environment whose salt to use
|
|
17
|
+
* @returns The hex-encoded SHA256 hash used as identifier_id
|
|
18
|
+
*/
|
|
19
|
+
function computeIdentifierId(publicKey, env) {
|
|
20
|
+
const salt = exports.IDENTIFIER_SALT[env];
|
|
21
|
+
if (!salt) {
|
|
22
|
+
throw new Error('Cannot compute identifier ID: invalid environment');
|
|
23
|
+
}
|
|
24
|
+
return (0, encryption_1.createSHA256Hash)(publicKey + salt);
|
|
25
|
+
}
|
|
26
|
+
exports.computeIdentifierId = computeIdentifierId;
|
|
27
|
+
//# sourceMappingURL=identifier.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identifier.cjs","sourceRoot":"","sources":["../../../../src/sdk/authentication-jwt-bearer/utils/identifier.ts"],"names":[],"mappings":";;;AAAA,qEAA8D;AAGjD,QAAA,eAAe,GAAwB;IAClD,GAAG,EAAE,kCAAkC;IACvC,GAAG,EAAE,kCAAkC;IACvC,GAAG,EAAE,kCAAkC;CACxC,CAAC;AAEF;;;;;;;;GAQG;AACH,SAAgB,mBAAmB,CAAC,SAAiB,EAAE,GAAQ;IAC7D,MAAM,IAAI,GAAG,uBAAe,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,IAAA,6BAAgB,EAAC,SAAS,GAAG,IAAI,CAAC,CAAC;AAC5C,CAAC;AAND,kDAMC","sourcesContent":["import { createSHA256Hash } from '../../../shared/encryption';\nimport type { Env } from '../../../shared/env';\n\nexport const IDENTIFIER_SALT: Record<Env, string> = {\n dev: 'Baiche1eu8Oa2een5ieReul0Phooph4e',\n uat: 'wooG2Nahd4juviiw7cooxa7ekaeNgeik',\n prd: 'oCheThi4lohv5choGhuosh1aiT2phioF',\n};\n\n/**\n * Computes a deterministic identifier ID by hashing a public key with an\n * environment-specific salt. Matches the server-side formula:\n * SHA256(publicKey + salt).\n *\n * @param publicKey - The raw SRP public key\n * @param env - The environment whose salt to use\n * @returns The hex-encoded SHA256 hash used as identifier_id\n */\nexport function computeIdentifierId(publicKey: string, env: Env): string {\n const salt = IDENTIFIER_SALT[env];\n if (!salt) {\n throw new Error('Cannot compute identifier ID: invalid environment');\n }\n return createSHA256Hash(publicKey + salt);\n}\n"]}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { Env } from "../../../shared/env.cjs";
|
|
2
|
+
export declare const IDENTIFIER_SALT: Record<Env, string>;
|
|
3
|
+
/**
|
|
4
|
+
* Computes a deterministic identifier ID by hashing a public key with an
|
|
5
|
+
* environment-specific salt. Matches the server-side formula:
|
|
6
|
+
* SHA256(publicKey + salt).
|
|
7
|
+
*
|
|
8
|
+
* @param publicKey - The raw SRP public key
|
|
9
|
+
* @param env - The environment whose salt to use
|
|
10
|
+
* @returns The hex-encoded SHA256 hash used as identifier_id
|
|
11
|
+
*/
|
|
12
|
+
export declare function computeIdentifierId(publicKey: string, env: Env): string;
|
|
13
|
+
//# sourceMappingURL=identifier.d.cts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identifier.d.cts","sourceRoot":"","sources":["../../../../src/sdk/authentication-jwt-bearer/utils/identifier.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,GAAG,EAAE,gCAA4B;AAE/C,eAAO,MAAM,eAAe,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAI/C,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,MAAM,CAMvE"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { Env } from "../../../shared/env.mjs";
|
|
2
|
+
export declare const IDENTIFIER_SALT: Record<Env, string>;
|
|
3
|
+
/**
|
|
4
|
+
* Computes a deterministic identifier ID by hashing a public key with an
|
|
5
|
+
* environment-specific salt. Matches the server-side formula:
|
|
6
|
+
* SHA256(publicKey + salt).
|
|
7
|
+
*
|
|
8
|
+
* @param publicKey - The raw SRP public key
|
|
9
|
+
* @param env - The environment whose salt to use
|
|
10
|
+
* @returns The hex-encoded SHA256 hash used as identifier_id
|
|
11
|
+
*/
|
|
12
|
+
export declare function computeIdentifierId(publicKey: string, env: Env): string;
|
|
13
|
+
//# sourceMappingURL=identifier.d.mts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identifier.d.mts","sourceRoot":"","sources":["../../../../src/sdk/authentication-jwt-bearer/utils/identifier.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,GAAG,EAAE,gCAA4B;AAE/C,eAAO,MAAM,eAAe,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAI/C,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,MAAM,CAMvE"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { createSHA256Hash } from "../../../shared/encryption/index.mjs";
|
|
2
|
+
export const IDENTIFIER_SALT = {
|
|
3
|
+
dev: 'Baiche1eu8Oa2een5ieReul0Phooph4e',
|
|
4
|
+
uat: 'wooG2Nahd4juviiw7cooxa7ekaeNgeik',
|
|
5
|
+
prd: 'oCheThi4lohv5choGhuosh1aiT2phioF',
|
|
6
|
+
};
|
|
7
|
+
/**
|
|
8
|
+
* Computes a deterministic identifier ID by hashing a public key with an
|
|
9
|
+
* environment-specific salt. Matches the server-side formula:
|
|
10
|
+
* SHA256(publicKey + salt).
|
|
11
|
+
*
|
|
12
|
+
* @param publicKey - The raw SRP public key
|
|
13
|
+
* @param env - The environment whose salt to use
|
|
14
|
+
* @returns The hex-encoded SHA256 hash used as identifier_id
|
|
15
|
+
*/
|
|
16
|
+
export function computeIdentifierId(publicKey, env) {
|
|
17
|
+
const salt = IDENTIFIER_SALT[env];
|
|
18
|
+
if (!salt) {
|
|
19
|
+
throw new Error('Cannot compute identifier ID: invalid environment');
|
|
20
|
+
}
|
|
21
|
+
return createSHA256Hash(publicKey + salt);
|
|
22
|
+
}
|
|
23
|
+
//# sourceMappingURL=identifier.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identifier.mjs","sourceRoot":"","sources":["../../../../src/sdk/authentication-jwt-bearer/utils/identifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,6CAAmC;AAG9D,MAAM,CAAC,MAAM,eAAe,GAAwB;IAClD,GAAG,EAAE,kCAAkC;IACvC,GAAG,EAAE,kCAAkC;IACvC,GAAG,EAAE,kCAAkC;CACxC,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,SAAiB,EAAE,GAAQ;IAC7D,MAAM,IAAI,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,gBAAgB,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;AAC5C,CAAC","sourcesContent":["import { createSHA256Hash } from '../../../shared/encryption';\nimport type { Env } from '../../../shared/env';\n\nexport const IDENTIFIER_SALT: Record<Env, string> = {\n dev: 'Baiche1eu8Oa2een5ieReul0Phooph4e',\n uat: 'wooG2Nahd4juviiw7cooxa7ekaeNgeik',\n prd: 'oCheThi4lohv5choGhuosh1aiT2phioF',\n};\n\n/**\n * Computes a deterministic identifier ID by hashing a public key with an\n * environment-specific salt. Matches the server-side formula:\n * SHA256(publicKey + salt).\n *\n * @param publicKey - The raw SRP public key\n * @param env - The environment whose salt to use\n * @returns The hex-encoded SHA256 hash used as identifier_id\n */\nexport function computeIdentifierId(publicKey: string, env: Env): string {\n const salt = IDENTIFIER_SALT[env];\n if (!salt) {\n throw new Error('Cannot compute identifier ID: invalid environment');\n }\n return createSHA256Hash(publicKey + salt);\n}\n"]}
|
|
@@ -74,6 +74,10 @@ class JwtBearerAuth {
|
|
|
74
74
|
async getUserProfileLineage(entropySourceId) {
|
|
75
75
|
return await __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f").getUserProfileLineage(entropySourceId);
|
|
76
76
|
}
|
|
77
|
+
async pairSrpProfiles(accessTokens, authAccessToken) {
|
|
78
|
+
__classPrivateFieldGet(this, _JwtBearerAuth_instances, "m", _JwtBearerAuth_assertSRP).call(this, __classPrivateFieldGet(this, _JwtBearerAuth_type, "f"), __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f"));
|
|
79
|
+
return await __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f").pairSrpProfiles(accessTokens, authAccessToken);
|
|
80
|
+
}
|
|
77
81
|
async signMessage(message, entropySourceId) {
|
|
78
82
|
return await __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f").signMessage(message, entropySourceId);
|
|
79
83
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.cjs","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,yEAA0E;AAC1E,uEAAwE;AACxE,uEAG8C;
|
|
1
|
+
{"version":3,"file":"authentication.cjs","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,yEAA0E;AAC1E,uEAAwE;AACxE,uEAG8C;AAO9C,iEAA6D;AAC7D,yCAA+D;AAY/D,MAAa,aAAa;IAOxB,YAAY,GAAG,IAAyB;;QAN/B,sCAAgB;QAEhB,qCAAU;QAEV,qCAA2C;QAGlD,uBAAA,IAAI,uBAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,MAAA,CAAC;QAC1B,uBAAA,IAAI,sBAAQ,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,MAAA,CAAC;QAExB,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAQ,CAAC,GAAG,EAAE,CAAC;YAClC,uBAAA,IAAI,sBAAQ,IAAI,2BAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,MAAA,CAAC;YACnD,OAAO;QACT,CAAC;QAED,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,uBAAA,IAAI,sBAAQ,IAAI,6BAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,MAAA,CAAC;YACpD,OAAO;QACT,CAAC;QAED,MAAM,IAAI,iCAAwB,CAAC,uBAAuB,CAAC,CAAC;IAC9D,CAAC;IAED,iBAAiB,CAAC,QAAyB;QACzC,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,uBAAA,IAAI,0BAAK,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,eAAwB;QAC3C,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,WAAW;QACf,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,OAAO,uBAAA,IAAI,0BAAK,CAAC,WAAW,EAAE,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,OAAO,uBAAA,IAAI,0BAAK,CAAC,eAAe,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,eAAwB;QAC3C,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAwB;QAC1C,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,eAAwB;QAExB,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC;IAChE,CAAC;IAED,KAAK,CAAC,eAAe,CACnB,YAAsB,EACtB,eAAuB;QAEvB,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,eAAe,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;IACxE,CAAC;IAED,KAAK,CAAC,WAAW,CACf,OAAe,EACf,eAAwB;QAExB,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,WAAW,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAC/D,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,OAAe;QACnC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5C,MAAM,CAAC,GAAG,MAAM,IAAA,mBAAQ,EAAC,OAAO,CAAC,SAAS,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QAEvD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YACtB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,YAAY,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;gBAClD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;gBACrC,OAAO;oBACL,SAAS,EAAE,GAAG;oBACd,WAAW,EAAE,GAAG;oBAChB,qBAAqB,EAAE,CAAC,CAAC,mBAAmB;oBAC5C,eAAe,EAAE,CAAC,CAAC,cAAc;iBAClC,CAAC;YACJ,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,0BAA0B;gBAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC3D,MAAM,IAAI,kBAAS,CACjB,mCAAmC,YAAY,EAAE,CAClD,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAChD,MAAM,IAAA,0BAAe,EAAC,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,CAAC,MAKP;QACC,uBAAA,IAAI,2DAAY,MAAhB,IAAI,EAAa,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACxC,uBAAA,IAAI,0BAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5B,CAAC;CA2BF;AAzID,sCAyIC;sNAxBG,IAAc,EACd,IAA0C;IAE1C,IAAI,IAAI,KAAK,gBAAQ,CAAC,IAAI,EAAE,CAAC;QAC3B,OAAO;IACT,CAAC;IAED,MAAM,IAAI,iCAAwB,CAChC,kDAAkD,CACnD,CAAC;AACJ,CAAC,+DAGC,IAAc,EACd,IAA0C;IAE1C,IAAI,IAAI,KAAK,gBAAQ,CAAC,GAAG,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IAED,MAAM,IAAI,iCAAwB,CAChC,iDAAiD,CAClD,CAAC;AACJ,CAAC;AAGH,uEAA0E;AAAjE,8GAAA,iBAAiB,OAAA;AAC1B,qEAAwE;AAA/D,4GAAA,gBAAgB,OAAA;AACzB,wEAAkD","sourcesContent":["import type { Eip1193Provider } from 'ethers';\n\nimport type { Env } from '../shared/env';\nimport { SIWEJwtBearerAuth } from './authentication-jwt-bearer/flow-siwe';\nimport { SRPJwtBearerAuth } from './authentication-jwt-bearer/flow-srp';\nimport {\n getNonce,\n pairIdentifiers,\n} from './authentication-jwt-bearer/services';\nimport type { PairProfilesResponse } from './authentication-jwt-bearer/services';\nimport type {\n UserProfile,\n Pair,\n UserProfileLineage,\n} from './authentication-jwt-bearer/types';\nimport { AuthType } from './authentication-jwt-bearer/types';\nimport { PairError, UnsupportedAuthTypeError } from './errors';\n\n// Computing the Classes, so we only get back the public methods for the interface.\n\ntype Compute<T> = T extends infer U ? { [K in keyof U]: U[K] } : never;\ntype SIWEInterface = Compute<SIWEJwtBearerAuth>;\nexport type SRPInterface = Compute<SRPJwtBearerAuth>;\n\ntype SiweParams = ConstructorParameters<typeof SIWEJwtBearerAuth>;\ntype SRPParams = ConstructorParameters<typeof SRPJwtBearerAuth>;\ntype JwtBearerAuthParams = SiweParams | SRPParams;\n\nexport class JwtBearerAuth implements SIWEInterface, SRPInterface {\n readonly #type: AuthType;\n\n readonly #env: Env;\n\n readonly #sdk: SIWEJwtBearerAuth | SRPJwtBearerAuth;\n\n constructor(...args: JwtBearerAuthParams) {\n this.#type = args[0].type;\n this.#env = args[0].env;\n\n if (args[0].type === AuthType.SRP) {\n this.#sdk = new SRPJwtBearerAuth(args[0], args[1]);\n return;\n }\n\n if (args[0].type === AuthType.SiWE) {\n this.#sdk = new SIWEJwtBearerAuth(args[0], args[1]);\n return;\n }\n\n throw new UnsupportedAuthTypeError('unsupported auth type');\n }\n\n setCustomProvider(provider: Eip1193Provider) {\n this.#assertSRP(this.#type, this.#sdk);\n this.#sdk.setCustomProvider(provider);\n }\n\n async getAccessToken(entropySourceId?: string): Promise<string> {\n return await this.#sdk.getAccessToken(entropySourceId);\n }\n\n async connectSnap(): Promise<string> {\n this.#assertSRP(this.#type, this.#sdk);\n return this.#sdk.connectSnap();\n }\n\n async isSnapConnected(): Promise<boolean> {\n this.#assertSRP(this.#type, this.#sdk);\n return this.#sdk.isSnapConnected();\n }\n\n async getUserProfile(entropySourceId?: string): Promise<UserProfile> {\n return await this.#sdk.getUserProfile(entropySourceId);\n }\n\n async getIdentifier(entropySourceId?: string): Promise<string> {\n return await this.#sdk.getIdentifier(entropySourceId);\n }\n\n async getUserProfileLineage(\n entropySourceId?: string,\n ): Promise<UserProfileLineage> {\n return await this.#sdk.getUserProfileLineage(entropySourceId);\n }\n\n async pairSrpProfiles(\n accessTokens: string[],\n authAccessToken: string,\n ): Promise<PairProfilesResponse> {\n this.#assertSRP(this.#type, this.#sdk);\n return await this.#sdk.pairSrpProfiles(accessTokens, authAccessToken);\n }\n\n async signMessage(\n message: string,\n entropySourceId?: string,\n ): Promise<string> {\n return await this.#sdk.signMessage(message, entropySourceId);\n }\n\n async pairIdentifiers(pairing: Pair[]): Promise<void> {\n const profile = await this.getUserProfile();\n const n = await getNonce(profile.profileId, this.#env);\n\n const logins = await Promise.all(\n pairing.map(async (p) => {\n try {\n const raw = `metamask:${n.nonce}:${p.identifier}`;\n const sig = await p.signMessage(raw);\n return {\n signature: sig,\n raw_message: raw,\n encrypted_storage_key: p.encryptedStorageKey,\n identifier_type: p.identifierType,\n };\n } catch (e) {\n /* istanbul ignore next */\n const errorMessage =\n e instanceof Error ? e.message : JSON.stringify(e ?? '');\n throw new PairError(\n `failed to sign pairing message: ${errorMessage}`,\n );\n }\n }),\n );\n\n const accessToken = await this.getAccessToken();\n await pairIdentifiers(n.nonce, logins, accessToken, this.#env);\n }\n\n prepare(signer: {\n address: string;\n chainId: number;\n signMessage: (message: string) => Promise<string>;\n domain: string;\n }): void {\n this.#assertSIWE(this.#type, this.#sdk);\n this.#sdk.prepare(signer);\n }\n\n #assertSIWE(\n type: AuthType,\n _sdk: SIWEJwtBearerAuth | SRPJwtBearerAuth,\n ): asserts _sdk is SIWEJwtBearerAuth {\n if (type === AuthType.SiWE) {\n return;\n }\n\n throw new UnsupportedAuthTypeError(\n 'This method is only available via SIWE auth type',\n );\n }\n\n #assertSRP(\n type: AuthType,\n _sdk: SIWEJwtBearerAuth | SRPJwtBearerAuth,\n ): asserts _sdk is SRPJwtBearerAuth {\n if (type === AuthType.SRP) {\n return;\n }\n\n throw new UnsupportedAuthTypeError(\n 'This method is only available via SRP auth type',\n );\n }\n}\n\nexport { SIWEJwtBearerAuth } from './authentication-jwt-bearer/flow-siwe';\nexport { SRPJwtBearerAuth } from './authentication-jwt-bearer/flow-srp';\nexport * from './authentication-jwt-bearer/types';\n"]}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import type { Eip1193Provider } from "ethers";
|
|
2
2
|
import { SIWEJwtBearerAuth } from "./authentication-jwt-bearer/flow-siwe.cjs";
|
|
3
3
|
import { SRPJwtBearerAuth } from "./authentication-jwt-bearer/flow-srp.cjs";
|
|
4
|
+
import type { PairProfilesResponse } from "./authentication-jwt-bearer/services.cjs";
|
|
4
5
|
import type { UserProfile, Pair, UserProfileLineage } from "./authentication-jwt-bearer/types.cjs";
|
|
5
6
|
type Compute<T> = T extends infer U ? {
|
|
6
7
|
[K in keyof U]: U[K];
|
|
@@ -20,6 +21,7 @@ export declare class JwtBearerAuth implements SIWEInterface, SRPInterface {
|
|
|
20
21
|
getUserProfile(entropySourceId?: string): Promise<UserProfile>;
|
|
21
22
|
getIdentifier(entropySourceId?: string): Promise<string>;
|
|
22
23
|
getUserProfileLineage(entropySourceId?: string): Promise<UserProfileLineage>;
|
|
24
|
+
pairSrpProfiles(accessTokens: string[], authAccessToken: string): Promise<PairProfilesResponse>;
|
|
23
25
|
signMessage(message: string, entropySourceId?: string): Promise<string>;
|
|
24
26
|
pairIdentifiers(pairing: Pair[]): Promise<void>;
|
|
25
27
|
prepare(signer: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.d.cts","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,eAAe;AAG9C,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AAKxE,OAAO,KAAK,EACV,WAAW,EACX,IAAI,EACJ,kBAAkB,EACnB,8CAA0C;AAM3C,KAAK,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,GAAG;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,KAAK,CAAC;AACvE,KAAK,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAChD,MAAM,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAErD,KAAK,UAAU,GAAG,qBAAqB,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAClE,KAAK,SAAS,GAAG,qBAAqB,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAChE,KAAK,mBAAmB,GAAG,UAAU,GAAG,SAAS,CAAC;AAElD,qBAAa,aAAc,YAAW,aAAa,EAAE,YAAY;;gBAOnD,GAAG,IAAI,EAAE,mBAAmB;IAiBxC,iBAAiB,CAAC,QAAQ,EAAE,eAAe;IAKrC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIzD,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC;IAK9B,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAKnC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAI9D,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIxD,qBAAqB,CACzB,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAIxB,WAAW,CACf,OAAO,EAAE,MAAM,EACf,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IAIZ,eAAe,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA8BrD,OAAO,CAAC,MAAM,EAAE;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,IAAI;CA8BT;AAED,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AACxE,sDAAkD"}
|
|
1
|
+
{"version":3,"file":"authentication.d.cts","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,eAAe;AAG9C,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AAKxE,OAAO,KAAK,EAAE,oBAAoB,EAAE,iDAA6C;AACjF,OAAO,KAAK,EACV,WAAW,EACX,IAAI,EACJ,kBAAkB,EACnB,8CAA0C;AAM3C,KAAK,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,GAAG;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,KAAK,CAAC;AACvE,KAAK,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAChD,MAAM,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAErD,KAAK,UAAU,GAAG,qBAAqB,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAClE,KAAK,SAAS,GAAG,qBAAqB,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAChE,KAAK,mBAAmB,GAAG,UAAU,GAAG,SAAS,CAAC;AAElD,qBAAa,aAAc,YAAW,aAAa,EAAE,YAAY;;gBAOnD,GAAG,IAAI,EAAE,mBAAmB;IAiBxC,iBAAiB,CAAC,QAAQ,EAAE,eAAe;IAKrC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIzD,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC;IAK9B,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAKnC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAI9D,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIxD,qBAAqB,CACzB,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAIxB,eAAe,CACnB,YAAY,EAAE,MAAM,EAAE,EACtB,eAAe,EAAE,MAAM,GACtB,OAAO,CAAC,oBAAoB,CAAC;IAK1B,WAAW,CACf,OAAO,EAAE,MAAM,EACf,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IAIZ,eAAe,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA8BrD,OAAO,CAAC,MAAM,EAAE;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,IAAI;CA8BT;AAED,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AACxE,sDAAkD"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import type { Eip1193Provider } from "ethers";
|
|
2
2
|
import { SIWEJwtBearerAuth } from "./authentication-jwt-bearer/flow-siwe.mjs";
|
|
3
3
|
import { SRPJwtBearerAuth } from "./authentication-jwt-bearer/flow-srp.mjs";
|
|
4
|
+
import type { PairProfilesResponse } from "./authentication-jwt-bearer/services.mjs";
|
|
4
5
|
import type { UserProfile, Pair, UserProfileLineage } from "./authentication-jwt-bearer/types.mjs";
|
|
5
6
|
type Compute<T> = T extends infer U ? {
|
|
6
7
|
[K in keyof U]: U[K];
|
|
@@ -20,6 +21,7 @@ export declare class JwtBearerAuth implements SIWEInterface, SRPInterface {
|
|
|
20
21
|
getUserProfile(entropySourceId?: string): Promise<UserProfile>;
|
|
21
22
|
getIdentifier(entropySourceId?: string): Promise<string>;
|
|
22
23
|
getUserProfileLineage(entropySourceId?: string): Promise<UserProfileLineage>;
|
|
24
|
+
pairSrpProfiles(accessTokens: string[], authAccessToken: string): Promise<PairProfilesResponse>;
|
|
23
25
|
signMessage(message: string, entropySourceId?: string): Promise<string>;
|
|
24
26
|
pairIdentifiers(pairing: Pair[]): Promise<void>;
|
|
25
27
|
prepare(signer: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.d.mts","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,eAAe;AAG9C,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AAKxE,OAAO,KAAK,EACV,WAAW,EACX,IAAI,EACJ,kBAAkB,EACnB,8CAA0C;AAM3C,KAAK,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,GAAG;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,KAAK,CAAC;AACvE,KAAK,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAChD,MAAM,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAErD,KAAK,UAAU,GAAG,qBAAqB,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAClE,KAAK,SAAS,GAAG,qBAAqB,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAChE,KAAK,mBAAmB,GAAG,UAAU,GAAG,SAAS,CAAC;AAElD,qBAAa,aAAc,YAAW,aAAa,EAAE,YAAY;;gBAOnD,GAAG,IAAI,EAAE,mBAAmB;IAiBxC,iBAAiB,CAAC,QAAQ,EAAE,eAAe;IAKrC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIzD,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC;IAK9B,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAKnC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAI9D,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIxD,qBAAqB,CACzB,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAIxB,WAAW,CACf,OAAO,EAAE,MAAM,EACf,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IAIZ,eAAe,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA8BrD,OAAO,CAAC,MAAM,EAAE;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,IAAI;CA8BT;AAED,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AACxE,sDAAkD"}
|
|
1
|
+
{"version":3,"file":"authentication.d.mts","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,eAAe;AAG9C,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AAKxE,OAAO,KAAK,EAAE,oBAAoB,EAAE,iDAA6C;AACjF,OAAO,KAAK,EACV,WAAW,EACX,IAAI,EACJ,kBAAkB,EACnB,8CAA0C;AAM3C,KAAK,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,GAAG;KAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;CAAE,GAAG,KAAK,CAAC;AACvE,KAAK,aAAa,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAChD,MAAM,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAErD,KAAK,UAAU,GAAG,qBAAqB,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAClE,KAAK,SAAS,GAAG,qBAAqB,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAChE,KAAK,mBAAmB,GAAG,UAAU,GAAG,SAAS,CAAC;AAElD,qBAAa,aAAc,YAAW,aAAa,EAAE,YAAY;;gBAOnD,GAAG,IAAI,EAAE,mBAAmB;IAiBxC,iBAAiB,CAAC,QAAQ,EAAE,eAAe;IAKrC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIzD,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC;IAK9B,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAKnC,cAAc,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAI9D,aAAa,CAAC,eAAe,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAIxD,qBAAqB,CACzB,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAIxB,eAAe,CACnB,YAAY,EAAE,MAAM,EAAE,EACtB,eAAe,EAAE,MAAM,GACtB,OAAO,CAAC,oBAAoB,CAAC;IAK1B,WAAW,CACf,OAAO,EAAE,MAAM,EACf,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IAIZ,eAAe,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA8BrD,OAAO,CAAC,MAAM,EAAE;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,IAAI;CA8BT;AAED,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AACxE,sDAAkD"}
|
|
@@ -57,6 +57,10 @@ export class JwtBearerAuth {
|
|
|
57
57
|
async getUserProfileLineage(entropySourceId) {
|
|
58
58
|
return await __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f").getUserProfileLineage(entropySourceId);
|
|
59
59
|
}
|
|
60
|
+
async pairSrpProfiles(accessTokens, authAccessToken) {
|
|
61
|
+
__classPrivateFieldGet(this, _JwtBearerAuth_instances, "m", _JwtBearerAuth_assertSRP).call(this, __classPrivateFieldGet(this, _JwtBearerAuth_type, "f"), __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f"));
|
|
62
|
+
return await __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f").pairSrpProfiles(accessTokens, authAccessToken);
|
|
63
|
+
}
|
|
60
64
|
async signMessage(message, entropySourceId) {
|
|
61
65
|
return await __classPrivateFieldGet(this, _JwtBearerAuth_sdk, "f").signMessage(message, entropySourceId);
|
|
62
66
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.mjs","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":";;;;;;;;;;;;AAGA,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AACxE,OAAO,EACL,QAAQ,EACR,eAAe,EAChB,iDAA6C;
|
|
1
|
+
{"version":3,"file":"authentication.mjs","sourceRoot":"","sources":["../../src/sdk/authentication.ts"],"names":[],"mappings":";;;;;;;;;;;;AAGA,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AACxE,OAAO,EACL,QAAQ,EACR,eAAe,EAChB,iDAA6C;AAO9C,OAAO,EAAE,QAAQ,EAAE,8CAA0C;AAC7D,OAAO,EAAE,SAAS,EAAE,wBAAwB,EAAE,qBAAiB;AAY/D,MAAM,OAAO,aAAa;IAOxB,YAAY,GAAG,IAAyB;;QAN/B,sCAAgB;QAEhB,qCAAU;QAEV,qCAA2C;QAGlD,uBAAA,IAAI,uBAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,MAAA,CAAC;QAC1B,uBAAA,IAAI,sBAAQ,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,MAAA,CAAC;QAExB,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;YAClC,uBAAA,IAAI,sBAAQ,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,MAAA,CAAC;YACnD,OAAO;QACT,CAAC;QAED,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,uBAAA,IAAI,sBAAQ,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,MAAA,CAAC;YACpD,OAAO;QACT,CAAC;QAED,MAAM,IAAI,wBAAwB,CAAC,uBAAuB,CAAC,CAAC;IAC9D,CAAC;IAED,iBAAiB,CAAC,QAAyB;QACzC,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,uBAAA,IAAI,0BAAK,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,eAAwB;QAC3C,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,WAAW;QACf,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,OAAO,uBAAA,IAAI,0BAAK,CAAC,WAAW,EAAE,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,OAAO,uBAAA,IAAI,0BAAK,CAAC,eAAe,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,eAAwB;QAC3C,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAwB;QAC1C,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,qBAAqB,CACzB,eAAwB;QAExB,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC;IAChE,CAAC;IAED,KAAK,CAAC,eAAe,CACnB,YAAsB,EACtB,eAAuB;QAEvB,uBAAA,IAAI,0DAAW,MAAf,IAAI,EAAY,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACvC,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,eAAe,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;IACxE,CAAC;IAED,KAAK,CAAC,WAAW,CACf,OAAe,EACf,eAAwB;QAExB,OAAO,MAAM,uBAAA,IAAI,0BAAK,CAAC,WAAW,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAC/D,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,OAAe;QACnC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5C,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QAEvD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YACtB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,YAAY,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;gBAClD,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;gBACrC,OAAO;oBACL,SAAS,EAAE,GAAG;oBACd,WAAW,EAAE,GAAG;oBAChB,qBAAqB,EAAE,CAAC,CAAC,mBAAmB;oBAC5C,eAAe,EAAE,CAAC,CAAC,cAAc;iBAClC,CAAC;YACJ,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,0BAA0B;gBAC1B,MAAM,YAAY,GAChB,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC3D,MAAM,IAAI,SAAS,CACjB,mCAAmC,YAAY,EAAE,CAClD,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAChD,MAAM,eAAe,CAAC,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,CAAC,MAKP;QACC,uBAAA,IAAI,2DAAY,MAAhB,IAAI,EAAa,uBAAA,IAAI,2BAAM,EAAE,uBAAA,IAAI,0BAAK,CAAC,CAAC;QACxC,uBAAA,IAAI,0BAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5B,CAAC;CA2BF;sNAxBG,IAAc,EACd,IAA0C;IAE1C,IAAI,IAAI,KAAK,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC3B,OAAO;IACT,CAAC;IAED,MAAM,IAAI,wBAAwB,CAChC,kDAAkD,CACnD,CAAC;AACJ,CAAC,+DAGC,IAAc,EACd,IAA0C;IAE1C,IAAI,IAAI,KAAK,QAAQ,CAAC,GAAG,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IAED,MAAM,IAAI,wBAAwB,CAChC,iDAAiD,CAClD,CAAC;AACJ,CAAC;AAGH,OAAO,EAAE,iBAAiB,EAAE,kDAA8C;AAC1E,OAAO,EAAE,gBAAgB,EAAE,iDAA6C;AACxE,sDAAkD","sourcesContent":["import type { Eip1193Provider } from 'ethers';\n\nimport type { Env } from '../shared/env';\nimport { SIWEJwtBearerAuth } from './authentication-jwt-bearer/flow-siwe';\nimport { SRPJwtBearerAuth } from './authentication-jwt-bearer/flow-srp';\nimport {\n getNonce,\n pairIdentifiers,\n} from './authentication-jwt-bearer/services';\nimport type { PairProfilesResponse } from './authentication-jwt-bearer/services';\nimport type {\n UserProfile,\n Pair,\n UserProfileLineage,\n} from './authentication-jwt-bearer/types';\nimport { AuthType } from './authentication-jwt-bearer/types';\nimport { PairError, UnsupportedAuthTypeError } from './errors';\n\n// Computing the Classes, so we only get back the public methods for the interface.\n\ntype Compute<T> = T extends infer U ? { [K in keyof U]: U[K] } : never;\ntype SIWEInterface = Compute<SIWEJwtBearerAuth>;\nexport type SRPInterface = Compute<SRPJwtBearerAuth>;\n\ntype SiweParams = ConstructorParameters<typeof SIWEJwtBearerAuth>;\ntype SRPParams = ConstructorParameters<typeof SRPJwtBearerAuth>;\ntype JwtBearerAuthParams = SiweParams | SRPParams;\n\nexport class JwtBearerAuth implements SIWEInterface, SRPInterface {\n readonly #type: AuthType;\n\n readonly #env: Env;\n\n readonly #sdk: SIWEJwtBearerAuth | SRPJwtBearerAuth;\n\n constructor(...args: JwtBearerAuthParams) {\n this.#type = args[0].type;\n this.#env = args[0].env;\n\n if (args[0].type === AuthType.SRP) {\n this.#sdk = new SRPJwtBearerAuth(args[0], args[1]);\n return;\n }\n\n if (args[0].type === AuthType.SiWE) {\n this.#sdk = new SIWEJwtBearerAuth(args[0], args[1]);\n return;\n }\n\n throw new UnsupportedAuthTypeError('unsupported auth type');\n }\n\n setCustomProvider(provider: Eip1193Provider) {\n this.#assertSRP(this.#type, this.#sdk);\n this.#sdk.setCustomProvider(provider);\n }\n\n async getAccessToken(entropySourceId?: string): Promise<string> {\n return await this.#sdk.getAccessToken(entropySourceId);\n }\n\n async connectSnap(): Promise<string> {\n this.#assertSRP(this.#type, this.#sdk);\n return this.#sdk.connectSnap();\n }\n\n async isSnapConnected(): Promise<boolean> {\n this.#assertSRP(this.#type, this.#sdk);\n return this.#sdk.isSnapConnected();\n }\n\n async getUserProfile(entropySourceId?: string): Promise<UserProfile> {\n return await this.#sdk.getUserProfile(entropySourceId);\n }\n\n async getIdentifier(entropySourceId?: string): Promise<string> {\n return await this.#sdk.getIdentifier(entropySourceId);\n }\n\n async getUserProfileLineage(\n entropySourceId?: string,\n ): Promise<UserProfileLineage> {\n return await this.#sdk.getUserProfileLineage(entropySourceId);\n }\n\n async pairSrpProfiles(\n accessTokens: string[],\n authAccessToken: string,\n ): Promise<PairProfilesResponse> {\n this.#assertSRP(this.#type, this.#sdk);\n return await this.#sdk.pairSrpProfiles(accessTokens, authAccessToken);\n }\n\n async signMessage(\n message: string,\n entropySourceId?: string,\n ): Promise<string> {\n return await this.#sdk.signMessage(message, entropySourceId);\n }\n\n async pairIdentifiers(pairing: Pair[]): Promise<void> {\n const profile = await this.getUserProfile();\n const n = await getNonce(profile.profileId, this.#env);\n\n const logins = await Promise.all(\n pairing.map(async (p) => {\n try {\n const raw = `metamask:${n.nonce}:${p.identifier}`;\n const sig = await p.signMessage(raw);\n return {\n signature: sig,\n raw_message: raw,\n encrypted_storage_key: p.encryptedStorageKey,\n identifier_type: p.identifierType,\n };\n } catch (e) {\n /* istanbul ignore next */\n const errorMessage =\n e instanceof Error ? e.message : JSON.stringify(e ?? '');\n throw new PairError(\n `failed to sign pairing message: ${errorMessage}`,\n );\n }\n }),\n );\n\n const accessToken = await this.getAccessToken();\n await pairIdentifiers(n.nonce, logins, accessToken, this.#env);\n }\n\n prepare(signer: {\n address: string;\n chainId: number;\n signMessage: (message: string) => Promise<string>;\n domain: string;\n }): void {\n this.#assertSIWE(this.#type, this.#sdk);\n this.#sdk.prepare(signer);\n }\n\n #assertSIWE(\n type: AuthType,\n _sdk: SIWEJwtBearerAuth | SRPJwtBearerAuth,\n ): asserts _sdk is SIWEJwtBearerAuth {\n if (type === AuthType.SiWE) {\n return;\n }\n\n throw new UnsupportedAuthTypeError(\n 'This method is only available via SIWE auth type',\n );\n }\n\n #assertSRP(\n type: AuthType,\n _sdk: SIWEJwtBearerAuth | SRPJwtBearerAuth,\n ): asserts _sdk is SRPJwtBearerAuth {\n if (type === AuthType.SRP) {\n return;\n }\n\n throw new UnsupportedAuthTypeError(\n 'This method is only available via SRP auth type',\n );\n }\n}\n\nexport { SIWEJwtBearerAuth } from './authentication-jwt-bearer/flow-siwe';\nexport { SRPJwtBearerAuth } from './authentication-jwt-bearer/flow-srp';\nexport * from './authentication-jwt-bearer/types';\n"]}
|