@moon-x/core 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +39 -0
- package/dist/chain-C9dvKXUY.d.mts +48 -0
- package/dist/chain-C9dvKXUY.d.ts +48 -0
- package/dist/chunk-264CEGDS.mjs +46 -0
- package/dist/chunk-CDT4MC7S.mjs +1532 -0
- package/dist/chunk-CMYR6AOY.mjs +0 -0
- package/dist/chunk-GQKIA37O.mjs +20 -0
- package/dist/chunk-IMLBIIJ4.mjs +36 -0
- package/dist/chunk-MOREUKOG.mjs +18 -0
- package/dist/chunk-SOKLPX7V.mjs +270 -0
- package/dist/index.d.mts +4 -0
- package/dist/index.d.ts +4 -0
- package/dist/index.js +402 -0
- package/dist/index.mjs +33 -0
- package/dist/interfaces-9k0eKCc4.d.ts +120 -0
- package/dist/interfaces-fNhwnCeY.d.mts +120 -0
- package/dist/lib/index.d.mts +410 -0
- package/dist/lib/index.d.ts +410 -0
- package/dist/lib/index.js +1622 -0
- package/dist/lib/index.mjs +89 -0
- package/dist/passkey-cache-B9PT3AWX.d.mts +47 -0
- package/dist/passkey-cache-B9PT3AWX.d.ts +47 -0
- package/dist/passkey-metadata-QqFF2SWQ.d.mts +25 -0
- package/dist/passkey-metadata-QqFF2SWQ.d.ts +25 -0
- package/dist/post-message-C_99BCBh.d.mts +70 -0
- package/dist/post-message-C_99BCBh.d.ts +70 -0
- package/dist/react/ethereum.d.mts +26 -0
- package/dist/react/ethereum.d.ts +26 -0
- package/dist/react/ethereum.js +99 -0
- package/dist/react/ethereum.mjs +56 -0
- package/dist/react/index.d.mts +182 -0
- package/dist/react/index.d.ts +182 -0
- package/dist/react/index.js +586 -0
- package/dist/react/index.mjs +328 -0
- package/dist/react/solana.d.mts +17 -0
- package/dist/react/solana.d.ts +17 -0
- package/dist/react/solana.js +75 -0
- package/dist/react/solana.mjs +35 -0
- package/dist/sdk/index.d.mts +126 -0
- package/dist/sdk/index.d.ts +126 -0
- package/dist/sdk/index.js +864 -0
- package/dist/sdk/index.mjs +579 -0
- package/dist/types/index.d.mts +1190 -0
- package/dist/types/index.d.ts +1190 -0
- package/dist/types/index.js +64 -0
- package/dist/types/index.mjs +10 -0
- package/dist/utils/index.d.mts +11 -0
- package/dist/utils/index.d.ts +11 -0
- package/dist/utils/index.js +365 -0
- package/dist/utils/index.mjs +25 -0
- package/dist/web/index.d.mts +20 -0
- package/dist/web/index.d.ts +20 -0
- package/dist/web/index.js +470 -0
- package/dist/web/index.mjs +155 -0
- package/package.json +111 -0
|
@@ -0,0 +1,579 @@
|
|
|
1
|
+
import {
|
|
2
|
+
PostMessageMethod,
|
|
3
|
+
PostMessageType
|
|
4
|
+
} from "../chunk-SOKLPX7V.mjs";
|
|
5
|
+
import {
|
|
6
|
+
arrayLikeToBytes,
|
|
7
|
+
authState,
|
|
8
|
+
broadcastEthereumRaw,
|
|
9
|
+
broadcastSolanaSigned,
|
|
10
|
+
bs58ToBytes,
|
|
11
|
+
clearParentAssertCache,
|
|
12
|
+
readParentAssertCache,
|
|
13
|
+
serializeEthereumTransaction,
|
|
14
|
+
toB64url,
|
|
15
|
+
withClearOnFailure,
|
|
16
|
+
writeParentAssertCache
|
|
17
|
+
} from "../chunk-CDT4MC7S.mjs";
|
|
18
|
+
import "../chunk-GQKIA37O.mjs";
|
|
19
|
+
|
|
20
|
+
// src/sdk/parent-passkey-assert.ts
|
|
21
|
+
var assertPasskeyInParent = async ({
|
|
22
|
+
transport,
|
|
23
|
+
passkey,
|
|
24
|
+
publishableKey,
|
|
25
|
+
requireFreshAssertion = false
|
|
26
|
+
}) => {
|
|
27
|
+
if (!requireFreshAssertion) {
|
|
28
|
+
const cached = readParentAssertCache();
|
|
29
|
+
if (cached) return cached;
|
|
30
|
+
}
|
|
31
|
+
const dekInfo = await transport.send(
|
|
32
|
+
PostMessageType.AUTH,
|
|
33
|
+
PostMessageMethod.GET_DEK_INFO,
|
|
34
|
+
{ publishableKey }
|
|
35
|
+
);
|
|
36
|
+
const allowList = dekInfo.allow_credential_ids_b64url ?? [];
|
|
37
|
+
if (allowList.length === 0) {
|
|
38
|
+
throw new Error("passkey_required");
|
|
39
|
+
}
|
|
40
|
+
const rpId = dekInfo.rp_id;
|
|
41
|
+
if (!rpId) {
|
|
42
|
+
throw new Error("webauthn_rp_id_not_configured");
|
|
43
|
+
}
|
|
44
|
+
const challengeBytes = crypto.getRandomValues(new Uint8Array(32));
|
|
45
|
+
const challenge = toB64url(challengeBytes);
|
|
46
|
+
const credential = await passkey.assert({
|
|
47
|
+
rpId,
|
|
48
|
+
challenge,
|
|
49
|
+
allowCredentials: []
|
|
50
|
+
});
|
|
51
|
+
const result = {
|
|
52
|
+
userHandleB64url: credential.userHandleB64url,
|
|
53
|
+
credentialIdB64url: credential.rawIdB64url
|
|
54
|
+
};
|
|
55
|
+
writeParentAssertCache(result);
|
|
56
|
+
return result;
|
|
57
|
+
};
|
|
58
|
+
|
|
59
|
+
// src/sdk/headless-ethereum.ts
|
|
60
|
+
var getHeadlessEthereumMethods = ({
|
|
61
|
+
transport,
|
|
62
|
+
passkey,
|
|
63
|
+
publishableKey
|
|
64
|
+
}) => ({
|
|
65
|
+
signEthereumMessageHeadless: async (params) => withClearOnFailure(async () => {
|
|
66
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
67
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
68
|
+
transport,
|
|
69
|
+
passkey,
|
|
70
|
+
publishableKey,
|
|
71
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
72
|
+
});
|
|
73
|
+
return transport.send(
|
|
74
|
+
PostMessageType.WALLET,
|
|
75
|
+
PostMessageMethod.SIGN_MESSAGE,
|
|
76
|
+
{
|
|
77
|
+
message: params.message,
|
|
78
|
+
publishableKey,
|
|
79
|
+
wallet: params.wallet,
|
|
80
|
+
uiOptions: params.options?.uiOptions,
|
|
81
|
+
userHandleB64url,
|
|
82
|
+
credentialIdB64url
|
|
83
|
+
}
|
|
84
|
+
);
|
|
85
|
+
}),
|
|
86
|
+
signEthereumTransactionHeadless: async (params) => withClearOnFailure(async () => {
|
|
87
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
88
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
89
|
+
transport,
|
|
90
|
+
passkey,
|
|
91
|
+
publishableKey,
|
|
92
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
93
|
+
});
|
|
94
|
+
return transport.send(
|
|
95
|
+
PostMessageType.WALLET,
|
|
96
|
+
PostMessageMethod.SIGN_TRANSACTION,
|
|
97
|
+
{
|
|
98
|
+
// params.transaction is typed as a pre-serialized RLP string.
|
|
99
|
+
serializedTransaction: params.transaction,
|
|
100
|
+
publishableKey,
|
|
101
|
+
wallet: params.wallet,
|
|
102
|
+
options: params.options,
|
|
103
|
+
userHandleB64url,
|
|
104
|
+
credentialIdB64url
|
|
105
|
+
}
|
|
106
|
+
);
|
|
107
|
+
}),
|
|
108
|
+
signEthereumTypedDataHeadless: async (params) => withClearOnFailure(async () => {
|
|
109
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
110
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
111
|
+
transport,
|
|
112
|
+
passkey,
|
|
113
|
+
publishableKey,
|
|
114
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
115
|
+
});
|
|
116
|
+
return transport.send(
|
|
117
|
+
PostMessageType.WALLET,
|
|
118
|
+
PostMessageMethod.SIGN_TYPED_DATA,
|
|
119
|
+
{
|
|
120
|
+
domain: params.domain,
|
|
121
|
+
types: params.types,
|
|
122
|
+
primaryType: params.primaryType,
|
|
123
|
+
message: params.message,
|
|
124
|
+
publishableKey,
|
|
125
|
+
wallet: params.wallet,
|
|
126
|
+
options: params.options,
|
|
127
|
+
userHandleB64url,
|
|
128
|
+
credentialIdB64url
|
|
129
|
+
}
|
|
130
|
+
);
|
|
131
|
+
}),
|
|
132
|
+
signEthereumHashHeadless: async (params) => withClearOnFailure(async () => {
|
|
133
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
134
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
135
|
+
transport,
|
|
136
|
+
passkey,
|
|
137
|
+
publishableKey,
|
|
138
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
139
|
+
});
|
|
140
|
+
return transport.send(
|
|
141
|
+
PostMessageType.WALLET,
|
|
142
|
+
PostMessageMethod.SIGN_HASH,
|
|
143
|
+
{
|
|
144
|
+
hash: params.hash,
|
|
145
|
+
publishableKey,
|
|
146
|
+
wallet: params.wallet,
|
|
147
|
+
options: params.options,
|
|
148
|
+
userHandleB64url,
|
|
149
|
+
credentialIdB64url
|
|
150
|
+
}
|
|
151
|
+
);
|
|
152
|
+
}),
|
|
153
|
+
signEthereum7702AuthorizationHeadless: async (params) => withClearOnFailure(async () => {
|
|
154
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
155
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
156
|
+
transport,
|
|
157
|
+
passkey,
|
|
158
|
+
publishableKey,
|
|
159
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
160
|
+
});
|
|
161
|
+
return transport.send(
|
|
162
|
+
PostMessageType.WALLET,
|
|
163
|
+
PostMessageMethod.SIGN_7702_AUTHORIZATION,
|
|
164
|
+
{
|
|
165
|
+
contractAddress: params.contractAddress,
|
|
166
|
+
chainId: params.chainId,
|
|
167
|
+
nonce: params.nonce,
|
|
168
|
+
executor: params.executor,
|
|
169
|
+
publishableKey,
|
|
170
|
+
wallet: params.wallet,
|
|
171
|
+
options: params.options,
|
|
172
|
+
userHandleB64url,
|
|
173
|
+
credentialIdB64url
|
|
174
|
+
}
|
|
175
|
+
);
|
|
176
|
+
}),
|
|
177
|
+
sendEthereumTransactionHeadless: async (params) => withClearOnFailure(async () => {
|
|
178
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
179
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
180
|
+
transport,
|
|
181
|
+
passkey,
|
|
182
|
+
publishableKey,
|
|
183
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
184
|
+
});
|
|
185
|
+
const serializedTransaction = await serializeEthereumTransaction(
|
|
186
|
+
params.transaction
|
|
187
|
+
);
|
|
188
|
+
const signed = await transport.send(
|
|
189
|
+
PostMessageType.WALLET,
|
|
190
|
+
PostMessageMethod.SIGN_TRANSACTION,
|
|
191
|
+
{
|
|
192
|
+
serializedTransaction,
|
|
193
|
+
publishableKey,
|
|
194
|
+
wallet: params.wallet,
|
|
195
|
+
options: params.options,
|
|
196
|
+
userHandleB64url,
|
|
197
|
+
credentialIdB64url
|
|
198
|
+
}
|
|
199
|
+
);
|
|
200
|
+
if (!signed.serializedSigned) {
|
|
201
|
+
throw new Error(
|
|
202
|
+
"iframe returned no serializedSigned for SIGN_TRANSACTION"
|
|
203
|
+
);
|
|
204
|
+
}
|
|
205
|
+
const hash = await broadcastEthereumRaw(
|
|
206
|
+
params.rpcUrl,
|
|
207
|
+
signed.serializedSigned
|
|
208
|
+
);
|
|
209
|
+
return { hash };
|
|
210
|
+
}),
|
|
211
|
+
getEthereumBalance: async (params) => {
|
|
212
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
213
|
+
return transport.send(
|
|
214
|
+
PostMessageType.WALLET,
|
|
215
|
+
PostMessageMethod.GET_BALANCE,
|
|
216
|
+
{ publishableKey, ...params }
|
|
217
|
+
);
|
|
218
|
+
},
|
|
219
|
+
getEthereumTokenAccountsByOwner: async (params) => {
|
|
220
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
221
|
+
return transport.send(
|
|
222
|
+
PostMessageType.WALLET,
|
|
223
|
+
PostMessageMethod.GET_TOKEN_ACCOUNTS_BY_OWNER,
|
|
224
|
+
{ publishableKey, ...params }
|
|
225
|
+
);
|
|
226
|
+
},
|
|
227
|
+
getEthereumConfirmTransaction: async (params) => {
|
|
228
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
229
|
+
const serializedTransaction = typeof params.transaction === "string" ? params.transaction : await serializeEthereumTransaction(
|
|
230
|
+
params.transaction
|
|
231
|
+
);
|
|
232
|
+
return transport.send(
|
|
233
|
+
PostMessageType.WALLET,
|
|
234
|
+
PostMessageMethod.GET_CONFIRM_ETHEREUM_TRANSACTION,
|
|
235
|
+
{
|
|
236
|
+
transaction: serializedTransaction,
|
|
237
|
+
walletAddress: params.walletAddress,
|
|
238
|
+
rpcUrl: params.rpcUrl,
|
|
239
|
+
network: params.network
|
|
240
|
+
}
|
|
241
|
+
);
|
|
242
|
+
}
|
|
243
|
+
});
|
|
244
|
+
|
|
245
|
+
// src/sdk/headless-solana.ts
|
|
246
|
+
var getHeadlessSolanaMethods = ({
|
|
247
|
+
transport,
|
|
248
|
+
passkey,
|
|
249
|
+
publishableKey
|
|
250
|
+
}) => ({
|
|
251
|
+
signSolanaMessageHeadless: async (params) => withClearOnFailure(async () => {
|
|
252
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
253
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
254
|
+
transport,
|
|
255
|
+
passkey,
|
|
256
|
+
publishableKey,
|
|
257
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
258
|
+
});
|
|
259
|
+
const { signature } = await transport.send(
|
|
260
|
+
PostMessageType.WALLET,
|
|
261
|
+
PostMessageMethod.SIGN_MESSAGE,
|
|
262
|
+
{
|
|
263
|
+
message: params.message,
|
|
264
|
+
publishableKey,
|
|
265
|
+
wallet: params.wallet,
|
|
266
|
+
uiOptions: params.options?.uiOptions,
|
|
267
|
+
userHandleB64url,
|
|
268
|
+
credentialIdB64url
|
|
269
|
+
}
|
|
270
|
+
);
|
|
271
|
+
return { signature: arrayLikeToBytes(signature) };
|
|
272
|
+
}),
|
|
273
|
+
signSolanaTransactionHeadless: async (params) => withClearOnFailure(async () => {
|
|
274
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
275
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
276
|
+
transport,
|
|
277
|
+
passkey,
|
|
278
|
+
publishableKey,
|
|
279
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
280
|
+
});
|
|
281
|
+
const { signedTransaction } = await transport.send(
|
|
282
|
+
PostMessageType.WALLET,
|
|
283
|
+
PostMessageMethod.SIGN_TRANSACTION,
|
|
284
|
+
{
|
|
285
|
+
serializedTransaction: params.transaction,
|
|
286
|
+
publishableKey,
|
|
287
|
+
wallet: params.wallet,
|
|
288
|
+
options: params.options,
|
|
289
|
+
userHandleB64url,
|
|
290
|
+
credentialIdB64url
|
|
291
|
+
}
|
|
292
|
+
);
|
|
293
|
+
return { signedTransaction: await bs58ToBytes(signedTransaction) };
|
|
294
|
+
}),
|
|
295
|
+
sendSolanaTransactionHeadless: async (params) => withClearOnFailure(async () => {
|
|
296
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
297
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
298
|
+
transport,
|
|
299
|
+
passkey,
|
|
300
|
+
publishableKey,
|
|
301
|
+
requireFreshAssertion: params.requireFreshAssertion
|
|
302
|
+
});
|
|
303
|
+
const { signedTransaction } = await transport.send(
|
|
304
|
+
PostMessageType.WALLET,
|
|
305
|
+
PostMessageMethod.SIGN_TRANSACTION,
|
|
306
|
+
{
|
|
307
|
+
serializedTransaction: params.transaction,
|
|
308
|
+
publishableKey,
|
|
309
|
+
wallet: params.wallet,
|
|
310
|
+
options: params.options,
|
|
311
|
+
userHandleB64url,
|
|
312
|
+
credentialIdB64url
|
|
313
|
+
}
|
|
314
|
+
);
|
|
315
|
+
const broadcastSignature = await broadcastSolanaSigned(
|
|
316
|
+
params.rpcUrl,
|
|
317
|
+
signedTransaction
|
|
318
|
+
);
|
|
319
|
+
return { signature: await bs58ToBytes(broadcastSignature) };
|
|
320
|
+
}),
|
|
321
|
+
getSolanaBalance: async (params) => {
|
|
322
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
323
|
+
return transport.send(
|
|
324
|
+
PostMessageType.WALLET,
|
|
325
|
+
PostMessageMethod.GET_BALANCE,
|
|
326
|
+
{ publishableKey, ...params }
|
|
327
|
+
);
|
|
328
|
+
},
|
|
329
|
+
getSolanaTokenAccountsByOwner: async (params) => {
|
|
330
|
+
if (!transport.isReady()) throw new Error("SDK not ready");
|
|
331
|
+
return transport.send(
|
|
332
|
+
PostMessageType.WALLET,
|
|
333
|
+
PostMessageMethod.GET_TOKEN_ACCOUNTS_BY_OWNER,
|
|
334
|
+
{ publishableKey, ...params }
|
|
335
|
+
);
|
|
336
|
+
}
|
|
337
|
+
});
|
|
338
|
+
|
|
339
|
+
// src/sdk/headless-authentication.ts
|
|
340
|
+
var getHeadlessAuthenticationMethods = ({
|
|
341
|
+
transport,
|
|
342
|
+
publishableKey,
|
|
343
|
+
emailConfig,
|
|
344
|
+
setIsAuthenticated,
|
|
345
|
+
setUser
|
|
346
|
+
}) => ({
|
|
347
|
+
/** Send a one-time passcode to the user's email address. */
|
|
348
|
+
sendCode: async (params) => {
|
|
349
|
+
await transport.send(
|
|
350
|
+
PostMessageType.AUTH,
|
|
351
|
+
PostMessageMethod.LOGIN_CREATE,
|
|
352
|
+
{
|
|
353
|
+
email: params.email,
|
|
354
|
+
publishableKey,
|
|
355
|
+
disableSignup: params.disableSignup
|
|
356
|
+
}
|
|
357
|
+
);
|
|
358
|
+
authState.clearEmail();
|
|
359
|
+
authState.setEmail(params.email);
|
|
360
|
+
},
|
|
361
|
+
/**
|
|
362
|
+
* Verify the OTP and complete the login. The iframe-app handles
|
|
363
|
+
* session persistence; on success the SDK flips isAuthenticated and
|
|
364
|
+
* fetches the real user object to populate provider state.
|
|
365
|
+
*/
|
|
366
|
+
loginWithCode: async (params) => {
|
|
367
|
+
const email = authState.getEmail();
|
|
368
|
+
if (!email) throw new Error("no_pending_email_otp");
|
|
369
|
+
const result = await transport.send(
|
|
370
|
+
PostMessageType.AUTH,
|
|
371
|
+
PostMessageMethod.VERIFY_EMAIL_OTP,
|
|
372
|
+
{
|
|
373
|
+
email,
|
|
374
|
+
code: params.code,
|
|
375
|
+
publishableKey,
|
|
376
|
+
expiresIn: emailConfig?.expiresIn
|
|
377
|
+
}
|
|
378
|
+
);
|
|
379
|
+
authState.clearEmail();
|
|
380
|
+
if (setIsAuthenticated) setIsAuthenticated(true);
|
|
381
|
+
if (setUser) {
|
|
382
|
+
try {
|
|
383
|
+
const user = await transport.send(
|
|
384
|
+
PostMessageType.AUTH,
|
|
385
|
+
PostMessageMethod.GET_USER,
|
|
386
|
+
{ publishableKey }
|
|
387
|
+
);
|
|
388
|
+
setUser(user ?? null);
|
|
389
|
+
} catch {
|
|
390
|
+
}
|
|
391
|
+
}
|
|
392
|
+
return result;
|
|
393
|
+
},
|
|
394
|
+
/**
|
|
395
|
+
* Commit an OAuth code/token for a session. The deep-link / popup
|
|
396
|
+
* round-trip lives in the platform-specific OAuth hook; this method
|
|
397
|
+
* is the tail-end commit step the hook calls.
|
|
398
|
+
*/
|
|
399
|
+
verifyOAuth: async (params) => {
|
|
400
|
+
const result = await transport.send(
|
|
401
|
+
PostMessageType.AUTH,
|
|
402
|
+
PostMessageMethod.VERIFY_OAUTH,
|
|
403
|
+
{
|
|
404
|
+
publishableKey,
|
|
405
|
+
provider: params.provider,
|
|
406
|
+
code: params.code,
|
|
407
|
+
token: params.token,
|
|
408
|
+
state: params.state
|
|
409
|
+
}
|
|
410
|
+
);
|
|
411
|
+
if (setIsAuthenticated) setIsAuthenticated(true);
|
|
412
|
+
if (setUser) {
|
|
413
|
+
try {
|
|
414
|
+
const user = await transport.send(
|
|
415
|
+
PostMessageType.AUTH,
|
|
416
|
+
PostMessageMethod.GET_USER,
|
|
417
|
+
{ publishableKey }
|
|
418
|
+
);
|
|
419
|
+
setUser(user ?? null);
|
|
420
|
+
} catch {
|
|
421
|
+
}
|
|
422
|
+
}
|
|
423
|
+
return result;
|
|
424
|
+
}
|
|
425
|
+
});
|
|
426
|
+
|
|
427
|
+
// src/sdk/headless-general.ts
|
|
428
|
+
var getHeadlessGeneralMethods = ({
|
|
429
|
+
transport,
|
|
430
|
+
passkey,
|
|
431
|
+
storage,
|
|
432
|
+
publishableKey,
|
|
433
|
+
setIsAuthenticated,
|
|
434
|
+
setUser
|
|
435
|
+
}) => ({
|
|
436
|
+
getPasskeyStatus: async () => transport.send(
|
|
437
|
+
PostMessageType.AUTH,
|
|
438
|
+
PostMessageMethod.GET_PASSKEY_STATUS,
|
|
439
|
+
{ publishableKey }
|
|
440
|
+
),
|
|
441
|
+
removePasskey: async (credentialIdB64url) => {
|
|
442
|
+
await transport.send(
|
|
443
|
+
PostMessageType.AUTH,
|
|
444
|
+
PostMessageMethod.REMOVE_PASSKEY,
|
|
445
|
+
{ publishableKey, credentialIdB64url }
|
|
446
|
+
);
|
|
447
|
+
},
|
|
448
|
+
createWallet: (walletType, options) => withClearOnFailure(async () => {
|
|
449
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
450
|
+
transport,
|
|
451
|
+
passkey,
|
|
452
|
+
publishableKey,
|
|
453
|
+
requireFreshAssertion: options?.requireFreshAssertion
|
|
454
|
+
});
|
|
455
|
+
const wallet = await transport.send(
|
|
456
|
+
PostMessageType.WALLET,
|
|
457
|
+
PostMessageMethod.CREATE_WALLET,
|
|
458
|
+
{
|
|
459
|
+
walletType,
|
|
460
|
+
publishableKey,
|
|
461
|
+
options,
|
|
462
|
+
userHandleB64url,
|
|
463
|
+
credentialIdB64url
|
|
464
|
+
}
|
|
465
|
+
);
|
|
466
|
+
return { wallet };
|
|
467
|
+
}),
|
|
468
|
+
importKey: (walletType, key, options) => withClearOnFailure(async () => {
|
|
469
|
+
const { userHandleB64url, credentialIdB64url } = await assertPasskeyInParent({
|
|
470
|
+
transport,
|
|
471
|
+
passkey,
|
|
472
|
+
publishableKey,
|
|
473
|
+
requireFreshAssertion: options?.requireFreshAssertion
|
|
474
|
+
});
|
|
475
|
+
const wallet = await transport.send(
|
|
476
|
+
PostMessageType.WALLET,
|
|
477
|
+
PostMessageMethod.IMPORT_KEY,
|
|
478
|
+
{
|
|
479
|
+
walletType,
|
|
480
|
+
publishableKey,
|
|
481
|
+
key,
|
|
482
|
+
userHandleB64url,
|
|
483
|
+
credentialIdB64url
|
|
484
|
+
}
|
|
485
|
+
);
|
|
486
|
+
return { wallet };
|
|
487
|
+
}),
|
|
488
|
+
getWallets: async (walletType) => {
|
|
489
|
+
const { wallets } = await transport.send(
|
|
490
|
+
PostMessageType.WALLET,
|
|
491
|
+
PostMessageMethod.GET_WALLETS,
|
|
492
|
+
{ walletType, publishableKey }
|
|
493
|
+
);
|
|
494
|
+
return { wallets, walletType };
|
|
495
|
+
},
|
|
496
|
+
// getSessionTokens returns only the tokens that may safely cross the
|
|
497
|
+
// iframe -> parent-page boundary: access + identity. The refresh token
|
|
498
|
+
// is the session's primary credential and stays inside the iframe's
|
|
499
|
+
// origin (held in IndexedDB, used internally for /auth/refresh). An
|
|
500
|
+
// XSS in the host page would otherwise be able to exfiltrate it and
|
|
501
|
+
// silently extend session lifetime.
|
|
502
|
+
getSessionTokens: async () => {
|
|
503
|
+
try {
|
|
504
|
+
const session = await transport.send(
|
|
505
|
+
PostMessageType.AUTH,
|
|
506
|
+
PostMessageMethod.GET_CURRENT_SESSION,
|
|
507
|
+
{ publishableKey }
|
|
508
|
+
);
|
|
509
|
+
return session ? {
|
|
510
|
+
accessToken: session.accessToken,
|
|
511
|
+
identityToken: session.identityToken,
|
|
512
|
+
expiresAt: session.expiresAt
|
|
513
|
+
} : null;
|
|
514
|
+
} catch (error) {
|
|
515
|
+
console.error(
|
|
516
|
+
"Failed to get session tokens:",
|
|
517
|
+
error instanceof Error ? error.message : String(error)
|
|
518
|
+
);
|
|
519
|
+
return null;
|
|
520
|
+
}
|
|
521
|
+
},
|
|
522
|
+
logout: async () => {
|
|
523
|
+
try {
|
|
524
|
+
await transport.send(PostMessageType.AUTH, PostMessageMethod.LOGOUT, {
|
|
525
|
+
publishableKey
|
|
526
|
+
});
|
|
527
|
+
clearParentAssertCache();
|
|
528
|
+
await storage.remove("id_token");
|
|
529
|
+
if (setIsAuthenticated) setIsAuthenticated(false);
|
|
530
|
+
if (setUser) setUser(null);
|
|
531
|
+
return { success: true, message: "Successfully logged out" };
|
|
532
|
+
} catch (error) {
|
|
533
|
+
console.error(
|
|
534
|
+
"Logout failed:",
|
|
535
|
+
error instanceof Error ? error.message : String(error)
|
|
536
|
+
);
|
|
537
|
+
return { success: false, message: "Logout failed" };
|
|
538
|
+
}
|
|
539
|
+
},
|
|
540
|
+
getCurrentSession: async () => {
|
|
541
|
+
try {
|
|
542
|
+
return await transport.send(
|
|
543
|
+
PostMessageType.AUTH,
|
|
544
|
+
PostMessageMethod.GET_CURRENT_SESSION,
|
|
545
|
+
{ publishableKey }
|
|
546
|
+
);
|
|
547
|
+
} catch (error) {
|
|
548
|
+
console.error(
|
|
549
|
+
"Get session failed:",
|
|
550
|
+
error instanceof Error ? error.message : String(error)
|
|
551
|
+
);
|
|
552
|
+
return null;
|
|
553
|
+
}
|
|
554
|
+
},
|
|
555
|
+
getUser: async () => {
|
|
556
|
+
try {
|
|
557
|
+
const user = await transport.send(
|
|
558
|
+
PostMessageType.AUTH,
|
|
559
|
+
PostMessageMethod.GET_USER,
|
|
560
|
+
{ publishableKey }
|
|
561
|
+
);
|
|
562
|
+
if (setUser) setUser(user);
|
|
563
|
+
return user;
|
|
564
|
+
} catch (error) {
|
|
565
|
+
console.error(
|
|
566
|
+
"Get user failed:",
|
|
567
|
+
error instanceof Error ? error.message : String(error)
|
|
568
|
+
);
|
|
569
|
+
return null;
|
|
570
|
+
}
|
|
571
|
+
}
|
|
572
|
+
});
|
|
573
|
+
export {
|
|
574
|
+
assertPasskeyInParent,
|
|
575
|
+
getHeadlessAuthenticationMethods,
|
|
576
|
+
getHeadlessEthereumMethods,
|
|
577
|
+
getHeadlessGeneralMethods,
|
|
578
|
+
getHeadlessSolanaMethods
|
|
579
|
+
};
|